Docker unifi and webserver questions

Discussion in 'Docker and Containers' started by TechMonkey, Oct 5, 2019.

  1. TechMonkey

    TechMonkey New Member

    Joined:
    Sep 22, 2019
    Messages:
    8
    Likes Received:
    0
    Hello everyone. Just got a new machine and decided to go with ubuntu after windows 1903 upgrade smashed my controller and nginx setup. Im new to docker and have only spent a couple hours getting familiar with it. I wanted to propose my setup to you folks and see if you think this is a good idea.


    So i need 4 (but possible up to 7 or docker containers. ) Unifi controller, pihole, next cloud, and nginix. (in the future i may move my email server to this machine as well. But that's complex so ill pass for now)

    • Are unifi certificates going to be a problem using the docker container?
    • Since i will be able to access my controller from the internet via the fqdn, is it a "good idea" to have all these services on the same machine
    • If 2 docker comtainers use the same ports, will nginix be ok in a container or does it need to run on the host?

    Basically im just wanting to know if using docker is a good path to go down. I really Just want to get all the "stuff" on one machine but i dont this machine could get much done with vm's.

    Thanks for your time
     
    #1
  2. Spartacus

    Spartacus Active Member

    Joined:
    May 27, 2019
    Messages:
    228
    Likes Received:
    52
    • No, I have unifi setup in docker it runs the same as it does as a standalone app certificates weren't an issue for me. If you're using a custom certificate you just have to access the docker bash so you can modify the controller files to accept the cert.
    • Docker containers can be isolated into separate networks if you're paranoid, however it should not matter if other containers are running on it. By FQDN do you mean the Cloud Access feature through UniFi Cloud Access Portal or are you actually port forwarding your unifi controller?
    • No, only one device can use the docker host's port at a time, docker will not start two containers utilizing the same ports. You can however redirect containers ports such as port 8443->80 for the unifi management page. Or vice versa 8443 ->8442 if you wanted to run two unifi
     
    #2
  3. TechMonkey

    TechMonkey New Member

    Joined:
    Sep 22, 2019
    Messages:
    8
    Likes Received:
    0
    • Ok so that at least points me down the correct Path. I an using ssl certs from comodo.
    • I am port forwarding and using addresses "controller.server.com; cloud.server.com; etc."
    • Ive actually been following a little tutorial on setting up a nginx dockerv with reverse proxy so ive sort of answered this already. I may be back when it comes time to actually fill in the config file. I used nginx before to only push non https traffic to https and Not as a reverse proxy so that will be new to me.
     
    #3
  4. PigLover

    PigLover Moderator

    Joined:
    Jan 26, 2011
    Messages:
    2,769
    Likes Received:
    1,111
    I use the unifi docker image from Jacob Alberty (jacobalbery/unfi). He’s made it dead simple to install certs. Follow the instructions on his page. His method is especially nice if you use certs that expire often and have to be reinstall (e.g., Acme/Lets Encrypt) because your procedure is basically drop the certs in the specified directory and then restart the container. Dead simple.

    He’s also pretty good about doing updates with current versions, which Unifi drops fairly frequently. Including release-candidate and some of the more interesting Betas.
     
    #4
    epicurean likes this.
  5. TechMonkey

    TechMonkey New Member

    Joined:
    Sep 22, 2019
    Messages:
    8
    Likes Received:
    0
    So i am using his image. Agree its simple to drop the certs in. However , every time i have done this, ive used a java command to generate a csr. That command doesn't work at all. Inside or outside the container. I dont know how to issue a cert without the csr? Do i just use the csr generator on namecheap or something?

    One other question... do i need to change the host name of the server? The server is "boss" and the containers are meant to be named "unifi, cloud, pi etc. @fqdn" on my windows install that only ran the controller the host machine was unifi@fqdn That doesnt seem like it would work here with different ceritificates for each container app
     
    #5
  6. PigLover

    PigLover Moderator

    Joined:
    Jan 26, 2011
    Messages:
    2,769
    Likes Received:
    1,111
    Unfortunately I'm not real sure how to answer here. I use Acme/Lets Encrypt on my pfSense router, using the pfSense Acme package to manage pulling the certs, which triggers a small shell script to distribute them and re-start any containers that need a kick (like the Unifi one).
     
    #6
  7. texteditor

    texteditor New Member

    Joined:
    Oct 8, 2019
    Messages:
    1
    Likes Received:
    0
    You'd probably have to Google a bit for the exact method as the docs and commands are weird, but the openssl tools can handle almost anything with certs
     
    #7
Similar Threads: Docker unifi
Forum Title Date
Docker and Containers Docker Swarm + Unifi Switch = Massive Packet Loss? May 11, 2017
Docker and Containers Docker Syncthing Oct 9, 2019
Docker and Containers Need help: Docker, ZFS & SAP HANA Oct 30, 2018
Docker and Containers DOCKER Swarm Advice Oct 30, 2018
Docker and Containers I am confused: Can someone summarize what linux docker is ? Feb 11, 2018

Share This Page