Learn how to set up a UniFi Cloud Controller on Vultr. Our Vultr Support team is here to help you with your questions and concerns.
How to Set Up a UniFi Cloud Controller on Vultr
Did you know that a UniFi Cloud Controller offers a huge advantage by letting us u to scale our network beyond the limitations of the local UniFi console devices?
It also provides the convenience of managing multiple sites from a single controller, ensuring centralized control of our network.
Today, we will take a close look at setting up our own UniFi Cloud Controller on Vultr.
An Overview:
- Step 1: Create a Virtual Server on Vultr
- Step 2: Log into the Server via SSH
- Step 3: Enhance Security by Changing SSH Port and Disabling Root Login
- Step 4: Configure the Firewall
- Step 5: Set Timezone and Create a Swap File
- Step 6: Install the UniFi Controller
- Step 7: Access Your UniFi Controller
- Automate Backups for the UniFi Controllers
- Monitor the UniFi Cloud Controller
Step 1: Create a Virtual Server on Vultr
The first step is to create a virtual server that will host our UniFi Cloud Controller.
-
- First, log in to the Vultr account and go to the Products section.
- Then, click on Deploy Server and follow these configurations:
- Choose Server: Cloud Compute
- CPU & Storage Technology: Intel Regular Performance
- Server Location: Choose a server location nearby for lower latency
- Server Image: Debian 11 x64
- Server Size: Select a size based on the requirements (minimum 1GB RAM)
- Auto Backup: Enable Auto Backup
- Additional Features: Disable IPv6 unless needed
Finally, add SSH keys and a server name. The SSH key allows secure server access, and the server name should be an FQDN, which will help later when setting up SSL certificates for secure HTTPS access.
Step 2: Log into the Server via SSH
After deploying the server, log in using an SSH client such as PuTTY:
- Open PuTTY and connect to the server’s IP address on TCP port 22.
- Accept the authentication prompt and log in as `root` using the credentials provided by Vultr.
- Change the root password for security:
passwdCopy Code
Create a strong password and confirm it.
Then, create a new user to increase security:
adduser [username]Copy CodeAfter that, add the new user to the `sudo` group to grant administrative privileges:
gpasswd -a [username] sudoCopy CodeStep 3: Enhance Security by Changing SSH Port and Disabling Root Login
For added security, we should change the default SSH port and disable root login:
- Open the SSH configuration file:
nano /etc/ssh/sshd_configCopy Code - Then, change the SSH port from `22` to a custom port, such as `22222`:
Port 22222Copy Code - Next, disable root login by finding the line:
PermitRootLogin yesCopy CodeAnd changing it to:
PermitRootLogin noCopy Code - Finally, save and exit the file (Ctrl+X, then Y), and restart SSH:
service sshd restartCopy Code
Reconnect using the new port and log in with the new user you created.
Step 4: Configure the Firewall
It’s essential to secure our server by only allowing necessary ports. Run the following commands to configure the firewall for UniFi:
sudo ufw allow 22222/tcp # Our custom SSH port
sudo ufw allow 8080/tcp # UniFi inform URL
sudo ufw allow 8443/tcp # UniFi Web interface
sudo ufw allow 8880/tcp # HTTP portal redirect
sudo ufw allow 8843/tcp # HTTPS portal redirect
sudo ufw allow 3478/udp # STUN for VoIP services
Copy CodeAfter verifying the rules, enable the firewall:
sudo ufw enableCopy CodeStep 5: Set Timezone and Create a Swap File
Setting the correct timezone ensures that logs are accurate. Run this command:
sudo dpkg-reconfigure tzdataCopy Codeand follow the prompts to set the timezone.
Next, create a swap file to extend the server’s memory:
sudo fallocate -l 4G /swapfile # Adjust size as needed
sudo chmod 600 /swapfile
sudo mkswap /swapfile
sudo swapon /swapfile
sudo sh -c 'echo "/swapfile none swap sw 0 0" >> /etc/fstab'
Copy CodeStep 6: Install the UniFi Controller
Now that the server is set up, we can install the UniFi Controller:
- Add the UniFi repository:
echo 'deb http://www.ui.com/downloads/unifi/debian stable ubiquiti' | sudo tee /etc/apt/sources.list.d/100-ubnt-unifi.list sudo wget -O /etc/apt/trusted.gpg.d/unifi-repo.gpg https://dl.ubnt.com/unifi/unifi-repo.gpgCopy Code - Add the MongoDB 3.6 repository (required for UniFi):
echo "deb http://repo.mongodb.org/apt/debian stretch/mongodb-org/3.6 main" | sudo tee /etc/apt/sources.list.d/mongodb-org-3.6.list sudo wget -qO - https://www.mongodb.org/static/pgp/server-3.6.asc | sudo apt-key add -Copy Code - Update and install UniFi:
sudo apt-get update sudo apt-get install unifi -yCopy Code - Enable UniFi services to start on boot:
sudo systemctl enable unifi.service sudo systemctl enable mongod.serviceCopy Code
Step 7: Access Your UniFi Controller
Once installed, access the UniFi Controller by navigating to:
https://[your-server-ip]:8443Copy CodeFrom there, we can complete the setup wizard and start managing our network from the cloud.
Automate Backups for the UniFi Controller
Backing up the UniFi Controller is key when it comes to data security. Automating this process ensures we are protected from potential issues.
- Log in to the UniFi dashboard, go to Settings > Maintenance, and enable automatic backups, setting the frequency to daily or weekly.
- We can set up cron jobs to automate backups. Create a backup script and schedule it with a cron job to run daily:
0 2 * * * /path/to/backup_script.shCopy CodeThis ensures regular backups without manual intervention.
- For additional security, store backups in cloud storage using tools like rclone. Configure the cloud provider and integrate it with your backup script to automate uploading to AWS S3 or Google Cloud.
Monitor the UniFi Cloud Controller
- Use tools like htop for CPU/memory usage and iostat for disk I/O. For long-term monitoring, consider using Prometheus and Grafana to collect and visualize performance data.
- From the UniFi dashboard, monitor connected devices, bandwidth usage, and network health. Set up alerts to receive notifications for issues like device disconnections.
- Use tools like Zabbix or Nagios to track server uptime and network latency. Installing monitoring agents can provide proactive notifications.
- Regularly check logs for troubleshooting. Use Logrotate to manage log size and prevent disk space issues.
[Need assistance with a different issue? Our team is available 24/7.]
Conclusion
In brief, our Support Experts demonstrated how to setup set up a UniFi Cloud Controller on Vultr.
0 Comments