diff -Nur --no-dereference smeserver-unifi-5.6.30.old/createlinks smeserver-unifi-5.6.30/createlinks --- smeserver-unifi-5.6.30.old/createlinks 2018-03-09 02:15:53.000000000 -0500 +++ smeserver-unifi-5.6.30/createlinks 2022-08-03 21:49:45.091000000 -0400 @@ -3,7 +3,7 @@ use esmith::Build::CreateLinks qw(:all); -service_link_enhanced("unifi", "S85", "7"); +#service_link_enhanced("unifi", "S85", "7"); foreach $event (qw(remoteaccess-update)) @@ -17,13 +17,28 @@ } -# add link to +my $pkg= "smeserver-unifi"; +my $event = "${pkg}-update"; +event_actions($event, qw( + upgrade_unifi_controller.sh 20 + systemd-default 88 + systemd-reload 89 +)); + +#event_templates($event, qw( +#/etc/httpd/conf/httpd.conf +#)); + +event_services($event, qw( + unifi restart +)); + +use esmith::Build::Backup qw(:all); +backup_includes($pkg, qw( +/opt/Unifi +/opt/UniFi_bak +)); -#foreach $file ( -# qw(/var/lib/denyhosts/allowed-hosts /etc/hosts.allow /etc/denyhosts.conf)) -#{ -# templates2events($file, qw(bootstrap-console-save conf-denyhosts)); -#} exit 0; diff -Nur --no-dereference smeserver-unifi-5.6.30.old/root/etc/e-smith/db/configuration/defaults/unifi/TCPPort smeserver-unifi-5.6.30/root/etc/e-smith/db/configuration/defaults/unifi/TCPPort --- smeserver-unifi-5.6.30.old/root/etc/e-smith/db/configuration/defaults/unifi/TCPPort 2018-03-09 00:22:01.000000000 -0500 +++ smeserver-unifi-5.6.30/root/etc/e-smith/db/configuration/defaults/unifi/TCPPort 1969-12-31 19:00:00.000000000 -0500 @@ -1 +0,0 @@ -8080,8443,8880,8843 diff -Nur --no-dereference smeserver-unifi-5.6.30.old/root/etc/e-smith/db/configuration/defaults/unifi/TCPPorts smeserver-unifi-5.6.30/root/etc/e-smith/db/configuration/defaults/unifi/TCPPorts --- smeserver-unifi-5.6.30.old/root/etc/e-smith/db/configuration/defaults/unifi/TCPPorts 1969-12-31 19:00:00.000000000 -0500 +++ smeserver-unifi-5.6.30/root/etc/e-smith/db/configuration/defaults/unifi/TCPPorts 2022-08-03 22:13:26.349000000 -0400 @@ -0,0 +1 @@ +8080,8443,8880,8843 diff -Nur --no-dereference smeserver-unifi-5.6.30.old/root/etc/e-smith/db/configuration/defaults/unifi/UDPPorts smeserver-unifi-5.6.30/root/etc/e-smith/db/configuration/defaults/unifi/UDPPorts --- smeserver-unifi-5.6.30.old/root/etc/e-smith/db/configuration/defaults/unifi/UDPPorts 1969-12-31 19:00:00.000000000 -0500 +++ smeserver-unifi-5.6.30/root/etc/e-smith/db/configuration/defaults/unifi/UDPPorts 2022-08-03 22:06:10.159000000 -0400 @@ -0,0 +1 @@ +3478,10001 diff -Nur --no-dereference smeserver-unifi-5.6.30.old/root/etc/e-smith/db/configuration/migrate/unifi smeserver-unifi-5.6.30/root/etc/e-smith/db/configuration/migrate/unifi --- smeserver-unifi-5.6.30.old/root/etc/e-smith/db/configuration/migrate/unifi 1969-12-31 19:00:00.000000000 -0500 +++ smeserver-unifi-5.6.30/root/etc/e-smith/db/configuration/migrate/unifi 2022-08-03 22:18:07.024000000 -0400 @@ -0,0 +1,6 @@ +{ + + my $unifi = $DB->get('unifi') || $DB->new_record("unifi",{type=>'service'}); + $unifi->delete_prop('TCPPort') if ( defined( $unifi->prop('TCPPort') ) and $unifi->prop('TCPPort') eq "8080,8443,8880,8843"); + +} diff -Nur --no-dereference smeserver-unifi-5.6.30.old/root/etc/e-smith/events/actions/upgrade_unifi_controller.sh smeserver-unifi-5.6.30/root/etc/e-smith/events/actions/upgrade_unifi_controller.sh --- smeserver-unifi-5.6.30.old/root/etc/e-smith/events/actions/upgrade_unifi_controller.sh 2021-11-01 21:56:56.066000000 -0400 +++ smeserver-unifi-5.6.30/root/etc/e-smith/events/actions/upgrade_unifi_controller.sh 2022-08-03 22:46:48.835000000 -0400 @@ -64,7 +64,7 @@ # Stop the local UniFi Controller service printf "\n" - service $UNIFI_SERVICE stop + /usr/bin/systemctl stop $UNIFI_SERVICE # Remove previous backup directory (if it exists) # if [ -d "$UNIFI_BACKUP_DIR" ]; then @@ -101,7 +101,7 @@ # Restart the local UniFi Controller service printf "\n" - service $UNIFI_SERVICE start + /usr/bin/systemctl start $UNIFI_SERVICE # All done! printf "\nUpgrade of UniFi Controller complete!\n" diff -Nur --no-dereference smeserver-unifi-5.6.30.old/root/etc/e-smith/templates/usr/bin/hook-script.sh/30unifi smeserver-unifi-5.6.30/root/etc/e-smith/templates/usr/bin/hook-script.sh/30unifi --- smeserver-unifi-5.6.30.old/root/etc/e-smith/templates/usr/bin/hook-script.sh/30unifi 1969-12-31 19:00:00.000000000 -0500 +++ smeserver-unifi-5.6.30/root/etc/e-smith/templates/usr/bin/hook-script.sh/30unifi 2022-08-03 22:03:07.459000000 -0400 @@ -0,0 +1,26 @@ +if [ $1 = "deploy_cert" ]; then + # and now deploy our LE cert to Unifi controller ! +{ # in case we rely on scl again + #. /opt/rh/rh-mongodb34/service-environment + #. scl_source enable \$RH_MONGODB34_SCLS_ENABLED +} + # To automatically detect DOMAIN (thanks to @SprockTech): + DOMAIN=$(mongo --quiet --port 27117 --eval 'db.getSiblingDB("ace").setting.find(\{"key": "super_identity"\}).forEach(function(document)\{ print(document.hostname) \})') + + # Backup previous keystore + cp /opt/UniFi/data/keystore /opt/UniFi/data/keystore.backup.$(date +%F_%R) + + # Convert cert to PKCS12 format + # Ignore warnings + #openssl pkcs12 -export -inkey /etc/letsencrypt/live/${DOMAIN}/privkey.pem -in /etc/letsencrypt/live/${DOMAIN}/fullchain.pem -out /etc/letsencrypt/live/${DOMAIN}/fullchain.p12 -name unifi -password pass:unifi + openssl pkcs12 -export -inkey `/sbin/e-smith/config getprop modSSL key` -in `/sbin/e-smith/config getprop modSSL crt` -out /opt/UniFi/data/fullchain.p12 -name unifi -password pass:unifi 2>/dev/null + + # Install certificate + # Ignore warnings + #keytool -importkeystore -deststorepass aircontrolenterprise -destkeypass aircontrolenterprise -destkeystore /var/lib/unifi/keystore -srckeystore /etc/letsencrypt/live/${DOMAIN}/fullchain.p12 -srcstoretype PKCS12 -srcstorepass unifi -alias unifi -noprompt + keytool -importkeystore -deststorepass aircontrolenterprise -destkeypass aircontrolenterprise -destkeystore /opt/UniFi/data/keystore -srckeystore /opt/UniFi/data/fullchain.p12 -srcstoretype PKCS12 -srcstorepass unifi -alias unifi -noprompt + + #Restart UniFi controller + /usr/bin/systemctl restart unifi.service +fi + diff -Nur --no-dereference smeserver-unifi-5.6.30.old/root/sbin/e-smith/systemd/unifi smeserver-unifi-5.6.30/root/sbin/e-smith/systemd/unifi --- smeserver-unifi-5.6.30.old/root/sbin/e-smith/systemd/unifi 1969-12-31 19:00:00.000000000 -0500 +++ smeserver-unifi-5.6.30/root/sbin/e-smith/systemd/unifi 2022-08-03 23:28:58.649000000 -0400 @@ -0,0 +1,28 @@ +#!/bin/bash + +# check if squid is using 8080, if yes, then move to 8081 +intercept=$(/usr/sbin/e-smith/config getprop squid InterceptPort||echo "8080") +squidstatus=$(/usr/sbin/e-smith/config getprop squid status||echo "disabled") + +if [[ "$intercept" == "8080" && "$squidstatus" == "enabled" ]]; then + echo "we set squid Intercept port to 8081.. to avoid conflict with unifi " + /usr/sbin/e-smith/config setprop squid InterceptPort 8081 + /usr/sbin/e-smith/expand-template /etc/squid/squid.conf + /usr/sbin/e-smith/expand-template /etc/rc.d/init.d/masq + /usr/bin/systemctl restart squid + /usr/bin/systemctl restart masq + +fi + +# now deal with dansguardian +dport=$(/usr/sbin/e-smith/config getprop dansguardian port ||echo "8080") +dstatus=$(/usr/sbin/e-smith/config getprop dansguardian status||echo "disabled") +if [[ "$dport" == "8080" && "$dsatus" == "enabled" ]]; then + echo "we set dansguardian port to 8081.. to avoid conflict with unifi " + /usr/sbin/e-smith/config setprop dansguardian port 8081 + /usr/sbin/e-smith/expand-template /etc/dansguardian/dansguardian.conf + /usr/bin/systemctl restart dansguardian +fi + +# nothing to do with with squidguard + diff -Nur --no-dereference smeserver-unifi-5.6.30.old/root/usr/lib/systemd/system/unifi.service smeserver-unifi-5.6.30/root/usr/lib/systemd/system/unifi.service --- smeserver-unifi-5.6.30.old/root/usr/lib/systemd/system/unifi.service 1969-12-31 19:00:00.000000000 -0500 +++ smeserver-unifi-5.6.30/root/usr/lib/systemd/system/unifi.service 2022-08-03 23:28:58.424000000 -0400 @@ -0,0 +1,22 @@ +# UniFi Controller systemd Service File +# by Steve Jenkins +# Last updated January 8, 2017 +# adapted for Koozali SME Server 10 +[Unit] +Description=Ubiquiti UniFi Controller +After=syslog.target network.target + +[Service] +ExecStartPre=-/usr/sbin/e-smith/service-status unifi +ExecStartPre=/usr//sbin/e-smith/systemd/unifi +ExecStart=/usr/bin/java -Xmx1024M -jar /opt/UniFi/lib/ace.jar start +ExecStop=/usr/bin/java -jar /opt/UniFi/lib/ace.jar stop +Type=simple +User=ubnt +PermissionsStartOnly=true +WorkingDirectory=/opt/UniFi +SuccessExitStatus=143 + +[Install] +WantedBy=multi-user.target +WantedBy=sme-server.target