Learn how to set up a UniFi Cloud Controller on Vultr. Our Vultr Support team is here to help you with your questions and concerns.

How to Set Up a UniFi Cloud Controller on Vultr

Did you know that a UniFi Cloud Controller offers a huge advantage by letting us u to scale our network beyond the limitations of the local UniFi console devices?

It also provides the convenience of managing multiple sites from a single controller, ensuring centralized control of our network.

Today, we will take a close look at setting up our own UniFi Cloud Controller on Vultr.

An Overview:

• Step 1: Create a Virtual Server on Vultr
• Step 2: Log into the Server via SSH
• Step 3: Enhance Security by Changing SSH Port and Disabling Root Login
• Step 4: Configure the Firewall
• Step 5: Set Timezone and Create a Swap File
• Step 6: Install the UniFi Controller
• Step 7: Access Your UniFi Controller
• Automate Backups for the UniFi Controllers
• Monitor the UniFi Cloud Controller

Step 1: Create a Virtual Server on Vultr

The first step is to create a virtual server that will host our UniFi Cloud Controller.

1. 1. First, log in to the Vultr account and go to the Products section.
   2. Then, click on Deploy Server and follow these configurations:
      • Choose Server: Cloud Compute
      • CPU & Storage Technology: Intel Regular Performance
      • Server Location: Choose a server location nearby for lower latency
      • Server Image: Debian 11 x64
      • Server Size: Select a size based on the requirements (minimum 1GB RAM)
      • Auto Backup: Enable Auto Backup
      • Additional Features: Disable IPv6 unless needed

Finally, add SSH keys and a server name. The SSH key allows secure server access, and the server name should be an FQDN, which will help later when setting up SSL certificates for secure HTTPS access.

Step 2: Log into the Server via SSH

After deploying the server, log in using an SSH client such as PuTTY:

1. Open PuTTY and connect to the server’s IP address on TCP port 22.
2. Accept the authentication prompt and log in as `root` using the credentials provided by Vultr.
3. Change the root password for security:

   passwd

   

   Create a strong password and confirm it.

 

Then, create a new user to increase security:

adduser [username]

After that, add the new user to the `sudo` group to grant administrative privileges:

gpasswd -a [username] sudo

Step 3: Enhance Security by Changing SSH Port and Disabling Root Login

For added security, we should change the default SSH port and disable root login:

1. Open the SSH configuration file:

   nano /etc/ssh/sshd_config
2. Then, change the SSH port from `22` to a custom port, such as `22222`:

   Port 22222
3. Next, disable root login by finding the line:

   PermitRootLogin yes

   And changing it to:

   PermitRootLogin no
4. Finally, save and exit the file (Ctrl+X, then Y), and restart SSH:

   service sshd restart

Reconnect using the new port and log in with the new user you created.

Step 4: Configure the Firewall

It’s essential to secure our server by only allowing necessary ports. Run the following commands to configure the firewall for UniFi:

sudo ufw allow 22222/tcp # Our custom SSH port
sudo ufw allow 8080/tcp # UniFi inform URL
sudo ufw allow 8443/tcp # UniFi Web interface
sudo ufw allow 8880/tcp # HTTP portal redirect
sudo ufw allow 8843/tcp # HTTPS portal redirect
sudo ufw allow 3478/udp # STUN for VoIP services


After verifying the rules, enable the firewall:

sudo ufw enable

Step 5: Set Timezone and Create a Swap File

Setting the correct timezone ensures that logs are accurate. Run this command:

sudo dpkg-reconfigure tzdata

and follow the prompts to set the timezone.

Next, create a swap file to extend the server’s memory:


sudo fallocate -l 4G /swapfile # Adjust size as needed
sudo chmod 600 /swapfile
sudo mkswap /swapfile
sudo swapon /swapfile
sudo sh -c 'echo "/swapfile none swap sw 0 0" >> /etc/fstab'


Step 6: Install the UniFi Controller

Now that the server is set up, we can install the UniFi Controller:

1. Add the UniFi repository:

   echo 'deb http://www.ui.com/downloads/unifi/debian stable ubiquiti' | sudo tee /etc/apt/sources.list.d/100-ubnt-unifi.list
sudo wget -O /etc/apt/trusted.gpg.d/unifi-repo.gpg https://dl.ubnt.com/unifi/unifi-repo.gpg

2. Add the MongoDB 3.6 repository (required for UniFi):

   echo "deb http://repo.mongodb.org/apt/debian stretch/mongodb-org/3.6 main" | sudo tee /etc/apt/sources.list.d/mongodb-org-3.6.list
sudo wget -qO - https://www.mongodb.org/static/pgp/server-3.6.asc | sudo apt-key add -

3. Update and install UniFi:

   sudo apt-get update
sudo apt-get install unifi -y

4. Enable UniFi services to start on boot:

   sudo systemctl enable unifi.service
sudo systemctl enable mongod.service


Step 7: Access Your UniFi Controller

Once installed, access the UniFi Controller by navigating to:

https://[your-server-ip]:8443

From there, we can complete the setup wizard and start managing our network from the cloud.

Automate Backups for the UniFi Controller

Backing up the UniFi Controller is key when it comes to data security. Automating this process ensures we are protected from potential issues.

1. Log in to the UniFi dashboard, go to Settings > Maintenance, and enable automatic backups, setting the frequency to daily or weekly.
2. We can set up cron jobs to automate backups. Create a backup script and schedule it with a cron job to run daily:

   0 2 * * * /path/to/backup_script.sh

   This ensures regular backups without manual intervention.
3. For additional security, store backups in cloud storage using tools like rclone. Configure the cloud provider and integrate it with your backup script to automate uploading to AWS S3 or Google Cloud.

Monitor the UniFi Cloud Controller

• Use tools like htop for CPU/memory usage and iostat for disk I/O. For long-term monitoring, consider using Prometheus and Grafana to collect and visualize performance data.
• From the UniFi dashboard, monitor connected devices, bandwidth usage, and network health. Set up alerts to receive notifications for issues like device disconnections.
• Use tools like Zabbix or Nagios to track server uptime and network latency. Installing monitoring agents can provide proactive notifications.
• Regularly check logs for troubleshooting. Use Logrotate to manage log size and prevent disk space issues.

[Need assistance with a different issue? Our team is available 24/7.]

Conclusion

In brief, our Support Experts demonstrated how to setup set up a UniFi Cloud Controller on Vultr.