infra/roles/unifi/tasks/unifi.yml

---

- name: install certs
  copy:
    src: "/usr/local/etc/letsencrypt/live/{{ item }}"
    dest: "/usr/local/etc/certs/"
    owner: root
    group: root
    mode: 0755
  tags:
    - letsencrypt
    - letsencrypt-certs
  notify: reload nginx
  vars:
    prediff_cmd: echo
  with_items:
    - "{{ unifi_url }}"

- name: template nginx vhost
  template:
    src: 02-unifi.conf.j2
    dest: /etc/nginx/sites-enabled/01-unifi
    owner: root
    group: root
    mode: 0644
  tags:
    - nginx
    - unifi-nginx
  notify: reload nginx

- name: create dir structure
  file:
    path: "{{ unifi_root }}"
    state: directory
    mode: 0750
    owner: unifi
    group: unifi
    recurse: no

# to adopt
# ssh unifi-ap
# mca-cli
# set-inform http://<controller_ip>:8080/inform
#
#
# if that hangs:
#  mca-cli-op set-inform http://<controller_ip>:8080/inform
#
# somtimes:
#  set-inform http://<controller_ip>:8080/inform
#
# check with this (sometimes it trie the docker container ip f.ex):
# unifi-ap$ info
# ...
#   status:      Unknown[11] (http://172.17.0.2:8080/inform)
#
# use tag 'arm32v7' for raspbian
#
# list of ports: https://help.ui.com/hc/en-us/articles/218506997-UniFi-Ports-Used

# v6.5.55
# v6.0.45
# v5.14.23
- name: start docker container
  docker_container:
    name: "unifi"
    image: "jacobalberty/unifi:v5.14.23"
    auto_remove: false
    detach: true
    restart_policy: "unless-stopped"
    state: started
    init: true
    pull: true
    #user: "{{ systemuserlist['unifi']['uid'] }}:{{ systemuserlist['unifi']['gid'] }}"
    env:
      TZ: "Europe/Berlin"
      RUNAS_UID0: "false"
      UNIFI_UID: "{{ systemuserlist['unifi']['uid'] }}"
      UNIFI_GID: "{{ systemuserlist['unifi']['gid'] }}"
    container_default_behavior: compatibility
    volumes:
      - "{{ unifi_root }}:/unifi"
    ports:
      - "3478:3478/udp"           # STUN
      - "6789:6789/tcp"           # Speed test
      - "8080:8080/tcp"           # Device/ controller comm.
      - "127.0.0.1:8443:8443/tcp" # Controller GUI/API as seen in a web browser
      - "10001:10001/udp"         # AP discovery
    dns_servers:
      - "{{ ansible_docker0.ipv4.address }}"


- name: wait for controller to be responsive
  wait_for:
    port: 8443
    host: localhost
    sleep: 2
  tags:
    - docker