Docker unifi controller
We’re not using these files here, but they might come in handy some time. The –fullchainpath and –keypath parameters copy the certificate and key files to the specified paths. The acme.sh script saves the CSR, certificate and key files under /usr/local/share/acme.sh//, so you can always retrieve them. In this case it will create a backup of the Unifi configuration backups and the keystore. The –pre-hook command will run each time the certificate is renewed. The command below will request the first certificate and create a configuration file for acme.sh. Run the command to issue the certificate for the first time. Keytool -importkeystore -deststorepass aircontrolenterprise -destkeypass aircontrolenterprise -destkeystore keystore -srckeystore unifi.p12 -srcstoretype PKCS12 -srcstorepass aircontrolenterprise -alias unifi -noprompt
Openssl pkcs12 -export -in /usr/local/share/acme.sh// -inkey /usr/local/share/acme.sh// -out unifi.p12 -name unifi -password pass:aircontrolenterprise Use your favorite text editor to create and edit /usr/local/share/acme.sh/unifi-renew-hook.sh, then enter the following: #!/bin/bashĮcho "** Configuring new Let's Encrypt certs" If you have all that, it’s time to enable the SSH service to your Synology NAS and start a root session (you can’t log in as root, you’ll have to login as an admin user and sudo su – to root). The Unifi container has mapped paths like this: I have created a folder in File Station called “docker”, which contains various docker container paths. The path to the keystore in my examples, /volume1/docker/Unifi/Data, is also an example and should be replaced with the correct path.
#Docker unifi controller code#
In this post I’m using as an example, replace it in code snippets and commands with your FQDN.I’m assuming you have acme.sh already installed on your Synology NAS.Without it, you can skip reading the rest of this post. It contains the important keytool command.
#Docker unifi controller install#
You need to install the Java8 package on your Synology.These instructions might work with other images, just make sure the path to the keystore is correct. I’m running the latest jacobalberty/unifi image.Ok, first we need to establish a few facts/prerequisites. Secondly, hopefully this info helps you out too, in case you want to have a valid SSL certificate for your Unifi Controller. I guess the topic perfectly describes what this post is about.įirst and foremost, this whole blog idea is just a way for me to easily find this info again, in case I need it.