[Support] Linuxserver.io - Unifi-Controller


Recommended Posts

28 minutes ago, sota said:

current controller version shows up at 5.14.17

Most of us here have found that version 5.14.23 is the best and most stable while Ubiquiti figures out how to make the 6.x.x versions work and restore the missing features.

 

To install that version, the repository line should look like this:  linuxserver/unifi-controller:5.14.23-ls76

 

If you really want to stick with a different version, you can go to this page to see all the supported version tags.

Edited by Hoopster
Link to comment
25 minutes ago, Hoopster said:

Most of us here have found that version 5.14.23 is the best and most stable while Ubiquiti figures out how to make the 6.x.x versions work and restore the missing features.

 

To install that version, the repository line should look like this:  linuxserver/unifi-controller:5.14.23-ls76

 

If you really want to stick with a different version, you can go to this page to see all the supported version tags.

I am still on linuxserver/unifi-controller:5.12.72-ls61.  Any reason to upgrade to 5.14 from 5.12? 

Link to comment
11 hours ago, wayner said:

I am still on linuxserver/unifi-controller:5.12.72-ls61.  Any reason to upgrade to 5.14 from 5.12? 

5.14 is needed to support some of the WiFi 6 APs (some even require a 6.x.x version of the controller).  One of my access points, a U6 Lite, requires at least the 5.14.3 controller version.

 

If you have no problems with 5.12, there is no particular reason to upgrade unless you want to.  5.14.23 has been rock solid for me and many others.

Edited by Hoopster
Link to comment

Thanks, I would like to replace my old UAPs with the U6 Lite but they seem to be extremely hard to get right now and have been for months.  Whenever I search they are sold out.  I might have to break down and just go with the AC Lite rather than the Wifi6.

 

This is getting a bit off-topic, but is it worth the price differential and wait to go with Wifi6?  Or is the AC unit good enough?  This is just my house, but I need a bunch of APs as the house is large and the walls are not friendly to Wifi signals.  So I will have no more than 40 or some clients spread out over 5-6 APs.  As long as you can easily stream HD or 4K video to a phone/tablet/Roku isn't that good enough? 

Link to comment
2 hours ago, wayner said:

Or is the AC unit good enough?

Frankly, I think the AC APs are good enough for a home environment.  I have had no issues with mine and I have UAP-AC-LRs and UAP-AC-IW.  Both work great and provide good connection speed.  I am streaming to phones, tablets, TVs, Fire TV and computers in the house and the AC APs are more than capable of handling anything I throw at them.


I got the U6-Lite just to try it out for $99 directly from Ubiquiti.  I don't have a lot of clients that support WiFi 6 which also should be a consideration.  It's great that the AP supports it (also AC/N, etc.) but how many clients do you have that support WiFi 6?  For me. it was also a bit of future proofing.

Edited by Hoopster
Link to comment

I agree.  I will have iPhones and iPads that will support Wifi6, if not now then in the future, but that is a small minority of devices.  I have a bunch of devices like Amazon Echos, LED light controllers, etc that are low bandwidth and they will never need faster speeds.

 

And stuff like Rokus, FireTV sticks, etc, are fine on current AC wifi.

Link to comment

Just updated to 6.5.55 to apply the latest log4j patches. Mostly smooth update. For some reason I got a warning that my AP configurations weren't supported. Had to re-apply the authentication for my guest network. Looks like they have added other authentication methods besides "password". Not sure what version that was added.

 

FYI: I only use this for a few APs. If you have other Ubiquiti equipment your mileage may vary.

  • Like 1
Link to comment

I'm trying to modernize my install due to the recent vulnerability. Previously my approach was: if it works, don't break it.

 

I'm pulling linuxserver/unifi-controller:LTS and the controller software is version 5.6.42 (Build: atag_5.6.42_10376). This seems very old?

 

I can't upgrade my USG/APs because, presumably, the controller software predates the firmware releases. They are running firmwares circa summer 2019.

 

Can anyone confirm if the older controller version is my problem, and confirm if I need to modernize beyond long term stable to patch this vulnerability? (It looks like 5.14.23 is recommended and the method is  So, to summarize, to those who wish to move from LTS (5.6.42) to 5.14.23-ls76, you must first use 5.10.24-ls21 to upgrade the database.)

Edited by stultus
Link to comment

I startet yesterday recieving my very first Unifi AP AC Lite and spun up this Docker pretty quickly. Adopted the AP and everything is running fine.

While exploring the functionalitys of this glorious piece of hardware and software (sorry just had pretty shitty router and APs in the Past) i stumbled upon the "Traffic Stats" and at first i thought "no statistics data" is okay because there have to be some data generated at first.

But today, some hours later there are again no statistics to display. So what is going on? Did i miss something?

Tried to search a bit outside of this community and found out that there is some problem with messed up mongodb or something. But all i found out is misleading because it is not meant for the docker implementation.

Didn't find anything regarding my problem here also. 

Did nothing special to get the container running. Touched nothing, only changed the network from "Bridge" to "custom: br0" and gave the container an IP adress because i like my services on dedicated IPs.

Is there anything i forgot?

Edited by screwbox
Link to comment
4 minutes ago, screwbox said:

I startet yesterday recieving my very first Unifi AP AC Lite and spun up this Docker pretty quickly. Adopted the AP and everything is running fine.

While exploring the functionalitys of this glorious piece of hardware and software (sorry just had pretty shitty router and APs in the Past) i stumbled upon the "Traffic Stats" and at first i thought "no statistics data" is okay because there have to be some data generated at first.

But today, some hours later there are again no statistics to display. So what is going on? Did i miss something?

Tried to search a bit outside of this community and found out that there is some problem with messed up mongodb or something. But all i found out is misleading because it is not meant for the docker implementation.

Didn't find anything regarding my problem here also. 

Did nothing special to get the container running. Touched nothing, only changed the network from "Bridge" to "custom: br0" and gave the container an IP adress because i like my services on dedicated IPs.

Is there anything i forgot?

 

I believe traffic stats requires you to also be running a Unifi based router/gateway as well, not just a switch or access point.

Link to comment

I’ve seen a few complaints that the graphics are useless anyway since they don’t include a timeline. You can see that you had a spike but no info in what time it occurred.

 

The old dashboard included a screen saying that the stats required a USG router. Maybe they have removed that from the new display. I stayed with the old one.

Link to comment
On 12/18/2021 at 6:20 PM, stultus said:

I'm trying to modernize my install due to the recent vulnerability. Previously my approach was: if it works, don't break it.

 

I'm pulling linuxserver/unifi-controller:LTS and the controller software is version 5.6.42 (Build: atag_5.6.42_10376). This seems very old?

 

I can't upgrade my USG/APs because, presumably, the controller software predates the firmware releases. They are running firmwares circa summer 2019.

 

Can anyone confirm if the older controller version is my problem, and confirm if I need to modernize beyond long term stable to patch this vulnerability? (It looks like 5.14.23 is recommended and the method is  So, to summarize, to those who wish to move from LTS (5.6.42) to 5.14.23-ls76, you must first use 5.10.24-ls21 to upgrade the database.)

This post from Ubiquiti confirms that all versions earlier than Version 6.5.53 are vulnerable, so the only official fix is to upgrade to Version 6.5.54 (or better, Version 6.5.55, as there are additional fixes in that).

https://community.ui.com/releases/Security-Advisory-Bulletin-023-023/808a1db0-5f8e-4b91-9097-9822f3f90207

 

You are correct in thinking that the latest AP firmwares require new versions of the controller to work, too, so to have the latest firmware you should probably be on the latest version of the controller, too.

Looks like it's finally time for everyone to move to v6.

FWIW, I have no problems with it (though occasionally it resets my theme to light and tells me that my WiFi configs aren't supported. I don't have to change anything, though (except the theme back to dark), and everything seems to work fine.

 

You may have a fun time bumping across such a large number of versions, however, so it would be wise to follow the path up to 5.14 that you mentioned before jumping to v6 (I think I jumped from v5.14 to v6.x without major incident - I may have had to reset and readopt my APs, but I don't think I had to set up my network from scratch or anything like that).

Link to comment
38 minutes ago, axipher said:

 

I believe traffic stats requires you to also be running a Unifi based router/gateway as well, not just a switch or access point.

Ah, okay! I did'nt know that. Of course i don't have a Unifi Router and so i can not expect any data on traffic. Makes sense. 

So, one thing less to care about and nothing i need to fix. This is good news, because i was already making more work out of it as i should. Should have asked here sooner i think.

So thy anyway!

Link to comment
40 minutes ago, jademonkee said:

 I may have had to reset and readopt my APs, but I don't think I had to set up my network from scratch or anything like that).

Thanks for the response. I have managed to forget my AP and USG login/passwords and was rather hoping not to rebuild everything 😞

Link to comment
On 12/15/2021 at 11:22 PM, Hoopster said:

Most of us here have found that version 5.14.23 is the best and most stable while Ubiquiti figures out how to make the 6.x.x versions work and restore the missing features.

 

To install that version, the repository line should look like this:  linuxserver/unifi-controller:5.14.23-ls76

 

If you really want to stick with a different version, you can go to this page to see all the supported version tags.

But now 5.14 will be vulnerable to the log4j exploit, will it not?

Link to comment

I’m not in any way an expert regarding this, but it’s my understanding that this vulnerability only applies to the logging. I would think that as long as logging is done securely (not exposed to WAN) there wouldn’t be any vulnerability. The ubiquiti forums could probably help you more with this though.

Link to comment

There are some instructions about just updating the log4j jar files.  How does one do this on a docker?

 

On 6.4 and 6.5.x (likely on previous versions as well) Controller, just tried on both and it works fine, you can simply upgrade yourself the log4j jar files!
1) downloaded 2.15.0 log4j zip/tgz package from https://logging.apache.org/log4j/2.x/download.html
2) extracted the file
3) stopped the UniFi Controller
4) moved the newly extracted files
log4j-api-2.15.0.jar
log4j-core-2.15.0.jar
log4j-slf4j-impl-2.15.0.jar
to <unifi_root>/lib/ *BUT* renaming them to overwrite the existing 2.13.3 files. You can't get them with their 2.15.0 names there, you need to overwrite the existing 2.13.3 files with the newer ones.
5) once log4j*jar files are replaced, just restart the Controller, and you're good to go!

https://community.ui.com/questions/UniFi-Controller-security-concern-zero-day-Log4j-exploit/007103a6-823b-4316-ae76-17942539208c#answer/37bba54e-2145-415d-a43d-dd8fea70bbaf

Link to comment

PSA:  for those interested in the Unifi U6 Lite access point, they are back in stock again at Ubiquiti US store for $99.  These are great for home use if you want an access point with WiFi 6 (only in 5 GHz band) capabilities.  They have been out of stock for a while and tend to go fast.

 

This AP requires at least the 5.14.3 version of the controller.  It works great with 5.14.23 in my network.

Edited by Hoopster
Link to comment
11 minutes ago, CrashnBrn said:

Is anyone running 6.5.55 without any issues? The log4shell is a pretty massive exploit I'd like to keep patched on all of my applications. I've spent enough time patching it at work....

 

On 12/16/2021 at 8:10 PM, wgstarks said:

Just updated to 6.5.55 to apply the latest log4j patches. Mostly smooth update. For some reason I got a warning that my AP configurations weren't supported. Had to re-apply the authentication for my guest network. Looks like they have added other authentication methods besides "password". Not sure what version that was added.

 

FYI: I only use this for a few APs. If you have other Ubiquiti equipment your mileage may vary.


Still no issues.

  • Thanks 1
Link to comment
1 hour ago, Hoopster said:

PSA:  for those interested in the Unifi U6 Lite access point, they are back in stock again at Ubiquiti US store for $99.  These are great for home use if you want an access point with WiFi 6 (only in 5 GHz band) capabilities.  They have been out of stock for a while and tend to go fast.

 

This AP requires at least the 5.14.3 version of the controller.  It works great with 5.14.23 in my network.

Thanks for the info, unfortunately the Unifi Canada store still says sold out.  Hopefully that changes soon.

 

Did you manually apply the log4j patch?  If so how do you do that? Can you give step by step instructions as I am having issues figuring it out.

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.