tl;dr The code for the complete Unifi setup is available in the niels-s/unifi-terraform-example repo
This post is part of a small series, go and read the previous post to setup the nginx proxy
We can finally start by setting up our Unifi controller service using systemd. I’m using the jacobalberty/unifi-docker docker image, which packages the Unifi controller together with the MongoDB database, which is used by the controller to save their data.
We continue with the same concepts we used before when setting up Nginx service,
so I’ll highlight only a few things from the ExecStart
directive.
data "ignition_systemd_unit" "unifi_unit" {
name = "unifi.service"
enabled = true
content = <<-CONFIG
...
ExecStart=/usr/bin/docker run \
--name unifi \
--network unifi-network \
--restart=no \
-e TZ='${var.timezone}' \
--init \
-v /mnt/unifi_controller_data/unifi:/unifi:rw \
jacobalberty/unifi:5.12
...
CONFIG
}
First of all, you notice we didn’t specify any ports to be exposed. In the
Nginx post,
I explained this is one of the benefits of using a user-defined docker
network instead of the default docker network. Because we attach both our Nginx
and Unifi container to the unifi-network
, they can freely communicate over all
the ports.
Pay attention to the name of the Docker container, since that’s the DNS name Nginx uses to proxy the traffic.
We specify the init
option, which was entirely new for me.
The init
option starts your docker cmd or entrypoint with Tini.
Tini helps to reap zombies and performs
signal forwarding. For more information on Zombie processes, I found these
excellent posts:
To store the data of the Unifi Controller, we configure a Docker volume mount to our Digital Ocean Block Storage mount so we can start a new Droplet without losing data.
And luckily the jacobalberty/unifi-docker docker images are appropriately tagged according to the Unifi Controller version, so we specify a particular version for the image. It gives you more control over your container then the Nginx image we use.
Migration tip: If you like me are migrating your sites from a local Unifi Controller to a hosted solution, make sure to read the Site Export Wizard documentation.
The code for the complete Unifi setup is available in the niels-s/unifi-terraform-example repo, the changes of this post can be found in this commit
This post is part of a small series, go and read the next post to configure Digital Ocean Firewall