![unifi controller synology unifi controller synology](https://www.high-wireless.com/wp-content/uploads/2020/06/usw-lite-16-poe-front.jpg)
- #Unifi controller synology install#
- #Unifi controller synology update#
- #Unifi controller synology code#
I got my inspiration from ‘s post about Securing Ubiquiti UniFi Cloud Key with Let’s Encrypt SSL. You might want to disable the SSH service when you’re done.
#Unifi controller synology update#
You only need 1 single Scheduled Task to update all Let’s Encrypt certificates on the same system. If you haven’t set this up yet, take a look at my previous post. dnssleep 20 Auto-renewing the certificate. reloadcmd "sh /usr/local/share/acme.sh/unifi-renew-hook.sh" \ fullchainpath /volume1/docker/Unifi/Data/unifi.crt -keypath /volume1/docker/Unifi/Data/unifi.key \ pre-hook "tar zcvf /usr/local/share/acme.sh/UnifiKeySSL_`date +%Y-%m-%d_%H.%M.%S`.tar.gz /volume1/docker/Unifi/Data/backup /volume1/docker/Unifi/Data/keystore" \ acme.sh -force -issue -dns dns_cf -d -home /usr/local/share/acme.sh \ We’re not using these files here, but they might come in handy some time.
![unifi controller synology unifi controller synology](https://www.tsentas.net/wp-content/uploads/2020/09/java8.png)
The –fullchainpath and –keypath parameters copy the certificate and key files to the specified paths.
![unifi controller synology unifi controller synology](https://lazyadmin.nl/wp-content/uploads/2018/11/Add-TCP-Ports-to-Firewall-750x565.jpg)
The acme.sh script saves the CSR, certificate and key files under /usr/local/share/acme.sh//, so you can always retrieve them. In this case it will create a backup of the Unifi configuration backups and the keystore. The –pre-hook command will run each time the certificate is renewed. The command below will request the first certificate and create a configuration file for acme.sh. Run the command to issue the certificate for the first time. Keytool -importkeystore -deststorepass aircontrolenterprise -destkeypass aircontrolenterprise -destkeystore keystore -srckeystore unifi.p12 -srcstoretype PKCS12 -srcstorepass aircontrolenterprise -alias unifi -noprompt Openssl pkcs12 -export -in /usr/local/share/acme.sh// -inkey /usr/local/share/acme.sh// -out unifi.p12 -name unifi -password pass:aircontrolenterprise Use your favorite text editor to create and edit /usr/local/share/acme.sh/unifi-renew-hook.sh, then enter the following: #!/bin/bashĮcho "** Configuring new Let's Encrypt certs" If you have all that, it’s time to enable the SSH service to your Synology NAS and start a root session (you can’t log in as root, you’ll have to login as an admin user and sudo su – to root). The Unifi container has mapped paths like this: I have created a folder in File Station called “docker”, which contains various docker container paths.
#Unifi controller synology code#
In this post I’m using as an example, replace it in code snippets and commands with your FQDN.I’m assuming you have acme.sh already installed on your Synology NAS.Without it, you can skip reading the rest of this post. It contains the important keytool command.
#Unifi controller synology install#
You need to install the Java8 package on your Synology.These instructions might work with other images, just make sure the path to the keystore is correct. I’m running the latest jacobalberty/unifi image.Ok, first we need to establish a few facts/prerequisites. Secondly, hopefully this info helps you out too, in case you want to have a valid SSL certificate for your Unifi Controller. I guess the topic perfectly describes what this post is about.įirst and foremost, this whole blog idea is just a way for me to easily find this info again, in case I need it.