Looks like you can get the above error sometimes if you close out your tab too quickly, or there is some sort of plugin problem. Looks like you can resolve it by deleting the “.maintenance”
More info here
Setting up the SSL cert for UniFi service when running in docker is fairly easy to do. All you have to do is modify the UniFi SSL renew script to use the UniFi Docker directory and change the start and stop service to start and stop the Docker container. The script below should be ready to go.
Download, chmod +x it, and run, drop it in cron to auto renew.
In the below script, change (unifiDir=”/docker/unifi”) to your UniFi directory.
Note: this triggers calling the teams.sh script that will send an update to Microsoft Teams to let you know that the certs should be renewed. Check here for more info.
#!/usr/bin/env bash
# Added support to do UniFi and UniFi controllers at the same time using the same cert.
# Original script from https://git.sosdg.org/brielle/lets-encrypt-scripts/raw/branch/master/gen-unifi-cert.sh
# More info here https://www.reddit.com/r/Ubiquiti/comments/43v23u/using_letsencrypt_with_the_unifi_controller/
# And here https://www.reddit.com/r/Ubiquiti/comments/43v23u/using_letsencrypt_with_the_unifi_controller/
# Modified script from here: https://github.com/FarsetLabs/letsencrypt-helper-scripts/blob/master/letsencrypt-unifi.sh
# Modified by: Brielle Bruns <bruns@2mbit.com>
# Download URL: https://source.sosdg.org/brielle/lets-encrypt-scripts
# Version: 1.7
# Last Changed: 04/10/2020
# 04/10/2020: Changed directories and commands to work with a UniFi Docker install
# 02/02/2016: Fixed some errors with key export/import, removed lame docker requirements
# 02/27/2016: More verbose progress report
# 03/08/2016: Add renew option, reformat code, command line options
# 03/24/2016: More sanity checking, embedding cert
# 10/23/2017: Apparently don't need the ace.jar parts, so disable them
# 02/04/2018: LE disabled tls-sni-01, so switch to just tls-sni, as certbot 0.22 and later automatically fall back to http/80 for auth
# 05/29/2018: Integrate patch from Donald Webster <fryfrog[at]gmail.com> to cleanup and improve tests
# 09/26/2018: Change from TLS to HTTP authenticator
# Location of LetsEncrypt binary we use. Leave unset if you want to let it find automatically
# LEBINARY="/usr/src/letsencrypt/certbot-auto"
# Change to your UniFi Docker directory
unifiDir="/docker/unifi"
PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
function usage() {
echo "Usage: $0 -d <domain> [-e <email>] [-r] [-i]"
echo " -d <domain>: The domain name to use."
echo " -e <email>: Email address to use for certificate."
echo " -r: Renew domain."
echo " -i: Insert only, use to force insertion of certificate."
}
while getopts "hird:e:" opt; do
case $opt in
i) onlyinsert="yes";;
r) renew="yes";;
d) domains+=("$OPTARG");;
e) email="$OPTARG";;
h) usage
exit;;
esac
done
DEFAULTLEBINARY="/usr/bin/certbot /usr/bin/letsencrypt /usr/sbin/certbot
/usr/sbin/letsencrypt /usr/local/bin/certbot /usr/local/sbin/certbot
/usr/local/bin/letsencrypt /usr/local/sbin/letsencrypt
/usr/src/letsencrypt/certbot-auto /usr/src/letsencrypt/letsencrypt-auto
/usr/src/certbot/certbot-auto /usr/src/certbot/letsencrypt-auto
/usr/src/certbot-master/certbot-auto /usr/src/certbot-master/letsencrypt-auto"
if [[ ! -v LEBINARY ]]; then
for i in ${DEFAULTLEBINARY}; do
if [[ -x ${i} ]]; then
LEBINARY=${i}
echo "Found LetsEncrypt/Certbot binary at ${LEBINARY}"
break
fi
done
fi
# Command line options depending on New or Renew.
NEWCERT="--renew-by-default certonly"
RENEWCERT="-n renew"
# Check for required binaries
if [[ ! -x ${LEBINARY} ]]; then
echo "Error: LetsEncrypt binary not found in ${LEBINARY} !"
echo "You'll need to do one of the following:"
echo "1) Change LEBINARY variable in this script"
echo "2) Install LE manually or via your package manager and do #1"
echo "3) Use the included get-letsencrypt.sh script to install it"
exit 1
fi
if [[ ! -x $( which keytool ) ]]; then
echo "Error: Java keytool binary not found."
exit 1
fi
if [[ ! -x $( which openssl ) ]]; then
echo "Error: OpenSSL binary not found."
exit 1
fi
if [[ ! -z ${email} ]]; then
email="--email ${email}"
else
email=""
fi
shift $((OPTIND -1))
for val in "${domains[@]}"; do
DOMAINS="${DOMAINS} -d ${val} "
done
MAINDOMAIN=${domains[0]}
if [[ -z ${MAINDOMAIN} ]]; then
echo "Error: At least one -d argument is required"
usage
exit 1
fi
if [[ ${renew} == "yes" ]]; then
LEOPTIONS="${RENEWCERT}"
else
LEOPTIONS="${email} ${DOMAINS} ${NEWCERT}"
fi
if [[ ${onlyinsert} != "yes" ]]; then
echo "Firing up standalone authenticator on TCP port 80 and requesting cert..."
${LEBINARY} --server https://acme-v01.api.letsencrypt.org/directory \
--agree-tos --standalone --preferred-challenges http ${LEOPTIONS}
fi
if [[ ${onlyinsert} != "yes" ]] && md5sum -c "/etc/letsencrypt/live/${MAINDOMAIN}/cert.pem.md5" &>/dev/null; then
echo "Cert has not changed, not updating controller."
exit 0
else
echo "Cert has changed or -i option was used, updating controller..."
TEMPFILE=$(mktemp)
CATEMPFILE=$(mktemp)
# Identrust cross-signed CA cert needed by the java keystore for import.
# Can get original here: https://www.identrust.com/certificates/trustid/root-download-x3.html
cat > "${CATEMPFILE}" <<'_EOF'
-----BEGIN CERTIFICATE-----
MIIDSjCCAjKgAwIBAgIQRK+wgNajJ7qJMDmGLvhAazANBgkqhkiG9w0BAQUFADA/
MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
DkRTVCBSb290IENBIFgzMB4XDTAwMDkzMDIxMTIxOVoXDTIxMDkzMDE0MDExNVow
PzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRcwFQYDVQQD
Ew5EU1QgUm9vdCBDQSBYMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AN+v6ZdQCINXtMxiZfaQguzH0yxrMMpb7NnDfcdAwRgUi+DoM3ZJKuM/IUmTrE4O
rz5Iy2Xu/NMhD2XSKtkyj4zl93ewEnu1lcCJo6m67XMuegwGMoOifooUMM0RoOEq
OLl5CjH9UL2AZd+3UWODyOKIYepLYYHsUmu5ouJLGiifSKOeDNoJjj4XLh7dIN9b
xiqKqy69cK3FCxolkHRyxXtqqzTWMIn/5WgTe1QLyNau7Fqckh49ZLOMxt+/yUFw
7BZy1SbsOFU5Q9D8/RhcQPGX69Wam40dutolucbY38EVAjqr2m7xPi71XAicPNaD
aeQQmxkqtilX4+U9m5/wAl0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNV
HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFMSnsaR7LHH62+FLkHX/xBVghYkQMA0GCSqG
SIb3DQEBBQUAA4IBAQCjGiybFwBcqR7uKGY3Or+Dxz9LwwmglSBd49lZRNI+DT69
ikugdB/OEIKcdBodfpga3csTS7MgROSR6cz8faXbauX+5v3gTt23ADq1cEmv8uXr
AvHRAosZy5Q6XkjEGB5YGV8eAlrwDPGxrancWYaLbumR9YbK+rlmM6pZW87ipxZz
R8srzJmwN0jP41ZL9c8PDHIyh8bwRLtTcm1D9SZImlJnt1ir/md2cXjbDaJWFBM5
JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubSfZGL+T0yjWW06XyxV3bqxbYo
Ob8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ
-----END CERTIFICATE-----
_EOF
md5sum "/etc/letsencrypt/live/${MAINDOMAIN}/cert.pem" > "/etc/letsencrypt/live/${MAINDOMAIN}/cert.pem.md5"
echo "Using openssl to prepare certificate..."
cat "/etc/letsencrypt/live/${MAINDOMAIN}/chain.pem" >> "${CATEMPFILE}"
openssl pkcs12 -export -passout pass:aircontrolenterprise \
-in "/etc/letsencrypt/live/${MAINDOMAIN}/cert.pem" \
-inkey "/etc/letsencrypt/live/${MAINDOMAIN}/privkey.pem" \
-out "${TEMPFILE}" -name unifi \
-CAfile "${CATEMPFILE}" -caname root
docker container stop ${dockerContainerId}
sleep 10
dockerContainerId=$(sudo docker container list | grep unifi-controller | awk '{print $1}')
echo "Removing existing certificate from Unifi protected keystore..."
keytool -delete -alias unifi -keystore ${unifiDir}/keystore -deststorepass aircontrolenterprise
echo "Inserting certificate into Unifi keystore..."
keytool -trustcacerts -importkeystore \
-deststorepass aircontrolenterprise \
-destkeypass aircontrolenterprise \
-destkeystore ${unifiDir}/keystore \
-srckeystore "${TEMPFILE}" -srcstoretype PKCS12 \
-srcstorepass aircontrolenterprise \
-alias unifi
sleep 2
echo "Starting Unifi controllers..."
docker container start ${dockerContainerId}
./teams.sh -b "$(hostname) - UniFi service is restarting, ssl cert should be renewed."
echo "Done!"
fi
https://github.com/SonarSoftware/poller
Had some problems where the Sonar Poller Stopped working. Think some packages got removed so trying to run
sudo php /opt/poller/bin/checkForUpgrades.php
Returned a php error that it was not installed. Installed it with all the other dependencies to fix the problem.
Note that php version is different then it is on the github page. php7.2-cli is installed instead of php7.0-cli.
sudo apt-get install php7.2-cli php-zip php-snmp php-sqlite3 php-bcmath php-mbstring php-dom git fping snmp redis-server monit ntp snmp-mibs-downloader
Warning: Be extremely careful when making changes to partitions and disk as it can lead to broken systems and lost data. Make sure you have a backup.
This scenario is done on a basic Ubuntu install. No fancy LVM stuff going on. If you need that, refer to here
Disk /dev/sda: 64 GiB, 68719476736 bytes, 134217728 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disklabel type: dos Disk identifier: 0x2062ec28 Device Boot Start End Sectors Size Id Type /dev/sda1 * 2048 65011711 65009664 31G 83 Linux /dev/sda2 65013758 67106815 2093058 1022M 5 Extended /dev/sda5 65013760 67106815 2093056 1022M 82 Linux swap / Solaris
From the above output of fdisk -l, we see that the disk has 64GiB available, but the primary partition is only 31G. To make the primary partition larger we need to
You may need to boot up in recovery to get this command working. Also if you boot up in recovery, you’ll need to remount the root / partition read/write. More info here.
resize2fs /dev/sda1Helpful Links
https://access.redhat.com/articles/1190213
https://access.redhat.com/articles/1196353
Commands taken from here
https://www.digitalocean.com/community/tutorials/how-to-upgrade-to-ubuntu-16-04-lts
Install the update manager
sudo apt-get install update-manager-coreThen run the upgrade
sudo do-release-upgradeAccept all the prompts and should be good to go.
Apparently if you do
apt purge ubuntu*
You’ll end up deleting apt. Which is a bummer, because you can’t install anything else, or fix the problem. But not to worry, the resolution is fairly easy.
You can go download the apt deb from Ubuntu’s website and install it with dpkg.
Go to the following link and find the packages for your Ubuntu version
You’ll need to show “All packages” at the bottom of the page.
https://packages.ubuntu.com/xenial/allpackages
Download and install ubuntu-keyring, apt-transport-https, and apt packages. Example below
wget security.ubuntu.com/ubuntu/pool/main/a/apt/apt_1.6.6ubuntu0.1_amd64.deb wget security.ubuntu.com/ubuntu/pool/main/a/apt/apt-transport-https_1.2.29ubuntu0.1_amd64.deb wget mirrors.kernel.org/ubuntu/pool/main/u/ubuntu-keyring/ubuntu-keyring_2012.05.19_all.deb
Install Packages
sudo dpkg -i ubuntu-keyring_2012.05.19_all.deb
sudo dpkg -i apt-transport-https_1.2.29ubuntu0.1_amd64.deb
sudo dpkg -i apt_1.6.6ubuntu0.1_amd64.deb
Run apt and make sure it is all working
sudo apt update && sudo apt upgrade
Had a problem with resize2fs not resizing the root partition of Ubuntu. Was giving the following error
resize2fs: Read-only file system While checking for on-line resizing support
The problem is the root partition I was trying to resize was mounted read only. Remounting as read/write fixed the problem
mount -o remount /
Then rerun the resize command to fill up the rest of the free space
resize2fs /dev/sda1
In the following commands, 367c7a1465ec = Docker container ID
systemctl start docker systemctl stop docker
systemctl enable docker
sudo docker container list
sudo docker container list 367c7a1465ec jacobalberty/unifi:latest "/usr/loca/bin/dock…" 15 minutes ago Up 14 minutes (healthy) unifi-controller
The bold part is your Docker container ID
sudo docker images
sudo docker images
jacobalberty/unifi latest baebbe301633 9 days ago 711MB
sudo docker stop 367c7a1465ec
sudo docker stop 367c7a1465ec
Need to stop the container first.
sudo docker rmi 367c7a1465ec
We can connect to a Docker container with the following, replace DockerContainerName with the Docker container name.
docker exec -it DockerContainerName sh
Instructions followed from here. Some changes were made
Commands work on Ubuntu 16.04
sudo apt install -y docker docker.io systemctl enable docker systemctl start docker
sudo docker pull jacobalberty/unifi:latest
The following command sets up a container which we can later manipulate to start and stop the “service”
You can specify where you want the UniFi files to reside if desired.
sudo docker run -d --init --restart=unless-stopped --name=unifi-controller --net=host --volume=/docker/unifi:/var/lib/unifi -p 8080:8080/tcp -p 8081:8081/tcp -p 8443:8443/tcp -p 8843:8843/tcp -p 8880:8880/tcp -p 8883:8883/tcp -p 3478:3478/udp jacobalberty/unifi:latest
List docker containers
sudo docker container list 367c7a1465ec jacobalberty/unifi:latest "/usr/loca/bin/dock…" 15 minutes ago Up 14 minutes (healthy) unifi-controller
List docker images on system
sudo docker images
jacobalberty/unifi latest baebbe301633 9 days ago 711MB
Stop container. Also stops the UniFi service. Change the ID to your container ID.
sudo docker stop 367c7a1465ec
When setting up the Docker image, the directory specified was “/docker/unifi” so all the UniFi files are in there and it looks like if you manipulate the files, it makes the changes fine. At least for setting up the SSL certificates.
Looks like the issue is that the UniFi server can’t be installed with a version of MongoDB newer then 3.6.0
Fix the issue by installing an older version of MongoDB
wget -qO - https://www.mongodb.org/static/pgp/server-3.4.asc | sudo apt-key add - echo "deb https://repo.mongodb.org/apt/ubuntu xenial/mongodb-org/3.4 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-3.4.list sudo apt-get update
Then install MongoDB with
apt install mongodb-org-server
You may run into issues if you already have a version of Mongo installed. Uninstall it and then rerun the above install command.