1 |
diff -Nur --no-dereference smeserver-unifi-5.6.30.old/createlinks smeserver-unifi-5.6.30/createlinks |
2 |
--- smeserver-unifi-5.6.30.old/createlinks 2018-03-09 02:15:53.000000000 -0500 |
3 |
+++ smeserver-unifi-5.6.30/createlinks 2022-08-03 21:49:45.091000000 -0400 |
4 |
@@ -3,7 +3,7 @@ |
5 |
use esmith::Build::CreateLinks qw(:all); |
6 |
|
7 |
|
8 |
-service_link_enhanced("unifi", "S85", "7"); |
9 |
+#service_link_enhanced("unifi", "S85", "7"); |
10 |
|
11 |
|
12 |
foreach $event (qw(remoteaccess-update)) |
13 |
@@ -17,13 +17,28 @@ |
14 |
} |
15 |
|
16 |
|
17 |
-# add link to |
18 |
+my $pkg= "smeserver-unifi"; |
19 |
+my $event = "${pkg}-update"; |
20 |
|
21 |
+event_actions($event, qw( |
22 |
+ upgrade_unifi_controller.sh 20 |
23 |
+ systemd-default 88 |
24 |
+ systemd-reload 89 |
25 |
+)); |
26 |
+ |
27 |
+#event_templates($event, qw( |
28 |
+#/etc/httpd/conf/httpd.conf |
29 |
+#)); |
30 |
+ |
31 |
+event_services($event, qw( |
32 |
+ unifi restart |
33 |
+)); |
34 |
+ |
35 |
+use esmith::Build::Backup qw(:all); |
36 |
+backup_includes($pkg, qw( |
37 |
+/opt/Unifi |
38 |
+/opt/UniFi_bak |
39 |
+)); |
40 |
|
41 |
-#foreach $file ( |
42 |
-# qw(/var/lib/denyhosts/allowed-hosts /etc/hosts.allow /etc/denyhosts.conf)) |
43 |
-#{ |
44 |
-# templates2events($file, qw(bootstrap-console-save conf-denyhosts)); |
45 |
-#} |
46 |
|
47 |
exit 0; |
48 |
diff -Nur --no-dereference smeserver-unifi-5.6.30.old/root/etc/e-smith/db/configuration/defaults/unifi/TCPPort smeserver-unifi-5.6.30/root/etc/e-smith/db/configuration/defaults/unifi/TCPPort |
49 |
--- smeserver-unifi-5.6.30.old/root/etc/e-smith/db/configuration/defaults/unifi/TCPPort 2018-03-09 00:22:01.000000000 -0500 |
50 |
+++ smeserver-unifi-5.6.30/root/etc/e-smith/db/configuration/defaults/unifi/TCPPort 1969-12-31 19:00:00.000000000 -0500 |
51 |
@@ -1 +0,0 @@ |
52 |
-8080,8443,8880,8843 |
53 |
diff -Nur --no-dereference smeserver-unifi-5.6.30.old/root/etc/e-smith/db/configuration/defaults/unifi/TCPPorts smeserver-unifi-5.6.30/root/etc/e-smith/db/configuration/defaults/unifi/TCPPorts |
54 |
--- smeserver-unifi-5.6.30.old/root/etc/e-smith/db/configuration/defaults/unifi/TCPPorts 1969-12-31 19:00:00.000000000 -0500 |
55 |
+++ smeserver-unifi-5.6.30/root/etc/e-smith/db/configuration/defaults/unifi/TCPPorts 2022-08-03 22:13:26.349000000 -0400 |
56 |
@@ -0,0 +1 @@ |
57 |
+8080,8443,8880,8843 |
58 |
diff -Nur --no-dereference smeserver-unifi-5.6.30.old/root/etc/e-smith/db/configuration/defaults/unifi/UDPPorts smeserver-unifi-5.6.30/root/etc/e-smith/db/configuration/defaults/unifi/UDPPorts |
59 |
--- smeserver-unifi-5.6.30.old/root/etc/e-smith/db/configuration/defaults/unifi/UDPPorts 1969-12-31 19:00:00.000000000 -0500 |
60 |
+++ smeserver-unifi-5.6.30/root/etc/e-smith/db/configuration/defaults/unifi/UDPPorts 2022-08-03 22:06:10.159000000 -0400 |
61 |
@@ -0,0 +1 @@ |
62 |
+3478,10001 |
63 |
diff -Nur --no-dereference smeserver-unifi-5.6.30.old/root/etc/e-smith/db/configuration/migrate/unifi smeserver-unifi-5.6.30/root/etc/e-smith/db/configuration/migrate/unifi |
64 |
--- smeserver-unifi-5.6.30.old/root/etc/e-smith/db/configuration/migrate/unifi 1969-12-31 19:00:00.000000000 -0500 |
65 |
+++ smeserver-unifi-5.6.30/root/etc/e-smith/db/configuration/migrate/unifi 2022-08-03 22:18:07.024000000 -0400 |
66 |
@@ -0,0 +1,6 @@ |
67 |
+{ |
68 |
+ |
69 |
+ my $unifi = $DB->get('unifi') || $DB->new_record("unifi",{type=>'service'}); |
70 |
+ $unifi->delete_prop('TCPPort') if ( defined( $unifi->prop('TCPPort') ) and $unifi->prop('TCPPort') eq "8080,8443,8880,8843"); |
71 |
+ |
72 |
+} |
73 |
diff -Nur --no-dereference smeserver-unifi-5.6.30.old/root/etc/e-smith/events/actions/upgrade_unifi_controller.sh smeserver-unifi-5.6.30/root/etc/e-smith/events/actions/upgrade_unifi_controller.sh |
74 |
--- smeserver-unifi-5.6.30.old/root/etc/e-smith/events/actions/upgrade_unifi_controller.sh 2021-11-01 21:56:56.066000000 -0400 |
75 |
+++ smeserver-unifi-5.6.30/root/etc/e-smith/events/actions/upgrade_unifi_controller.sh 2022-08-03 22:46:48.835000000 -0400 |
76 |
@@ -64,7 +64,7 @@ |
77 |
|
78 |
# Stop the local UniFi Controller service |
79 |
printf "\n" |
80 |
- service $UNIFI_SERVICE stop |
81 |
+ /usr/bin/systemctl stop $UNIFI_SERVICE |
82 |
|
83 |
# Remove previous backup directory (if it exists) |
84 |
# if [ -d "$UNIFI_BACKUP_DIR" ]; then |
85 |
@@ -101,7 +101,7 @@ |
86 |
|
87 |
# Restart the local UniFi Controller service |
88 |
printf "\n" |
89 |
- service $UNIFI_SERVICE start |
90 |
+ /usr/bin/systemctl start $UNIFI_SERVICE |
91 |
|
92 |
# All done! |
93 |
printf "\nUpgrade of UniFi Controller complete!\n" |
94 |
diff -Nur --no-dereference smeserver-unifi-5.6.30.old/root/etc/e-smith/templates/usr/bin/hook-script.sh/30unifi smeserver-unifi-5.6.30/root/etc/e-smith/templates/usr/bin/hook-script.sh/30unifi |
95 |
--- smeserver-unifi-5.6.30.old/root/etc/e-smith/templates/usr/bin/hook-script.sh/30unifi 1969-12-31 19:00:00.000000000 -0500 |
96 |
+++ smeserver-unifi-5.6.30/root/etc/e-smith/templates/usr/bin/hook-script.sh/30unifi 2022-08-03 22:03:07.459000000 -0400 |
97 |
@@ -0,0 +1,26 @@ |
98 |
+if [ $1 = "deploy_cert" ]; then |
99 |
+ # and now deploy our LE cert to Unifi controller ! |
100 |
+{ # in case we rely on scl again |
101 |
+ #. /opt/rh/rh-mongodb34/service-environment |
102 |
+ #. scl_source enable \$RH_MONGODB34_SCLS_ENABLED |
103 |
+} |
104 |
+ # To automatically detect DOMAIN (thanks to @SprockTech): |
105 |
+ DOMAIN=$(mongo --quiet --port 27117 --eval 'db.getSiblingDB("ace").setting.find(\{"key": "super_identity"\}).forEach(function(document)\{ print(document.hostname) \})') |
106 |
+ |
107 |
+ # Backup previous keystore |
108 |
+ cp /opt/UniFi/data/keystore /opt/UniFi/data/keystore.backup.$(date +%F_%R) |
109 |
+ |
110 |
+ # Convert cert to PKCS12 format |
111 |
+ # Ignore warnings |
112 |
+ #openssl pkcs12 -export -inkey /etc/letsencrypt/live/${DOMAIN}/privkey.pem -in /etc/letsencrypt/live/${DOMAIN}/fullchain.pem -out /etc/letsencrypt/live/${DOMAIN}/fullchain.p12 -name unifi -password pass:unifi |
113 |
+ openssl pkcs12 -export -inkey `/sbin/e-smith/config getprop modSSL key` -in `/sbin/e-smith/config getprop modSSL crt` -out /opt/UniFi/data/fullchain.p12 -name unifi -password pass:unifi 2>/dev/null |
114 |
+ |
115 |
+ # Install certificate |
116 |
+ # Ignore warnings |
117 |
+ #keytool -importkeystore -deststorepass aircontrolenterprise -destkeypass aircontrolenterprise -destkeystore /var/lib/unifi/keystore -srckeystore /etc/letsencrypt/live/${DOMAIN}/fullchain.p12 -srcstoretype PKCS12 -srcstorepass unifi -alias unifi -noprompt |
118 |
+ keytool -importkeystore -deststorepass aircontrolenterprise -destkeypass aircontrolenterprise -destkeystore /opt/UniFi/data/keystore -srckeystore /opt/UniFi/data/fullchain.p12 -srcstoretype PKCS12 -srcstorepass unifi -alias unifi -noprompt |
119 |
+ |
120 |
+ #Restart UniFi controller |
121 |
+ /usr/bin/systemctl restart unifi.service |
122 |
+fi |
123 |
+ |
124 |
diff -Nur --no-dereference smeserver-unifi-5.6.30.old/root/sbin/e-smith/systemd/unifi smeserver-unifi-5.6.30/root/sbin/e-smith/systemd/unifi |
125 |
--- smeserver-unifi-5.6.30.old/root/sbin/e-smith/systemd/unifi 1969-12-31 19:00:00.000000000 -0500 |
126 |
+++ smeserver-unifi-5.6.30/root/sbin/e-smith/systemd/unifi 2022-08-03 23:28:58.649000000 -0400 |
127 |
@@ -0,0 +1,28 @@ |
128 |
+#!/bin/bash |
129 |
+ |
130 |
+# check if squid is using 8080, if yes, then move to 8081 |
131 |
+intercept=$(/usr/sbin/e-smith/config getprop squid InterceptPort||echo "8080") |
132 |
+squidstatus=$(/usr/sbin/e-smith/config getprop squid status||echo "disabled") |
133 |
+ |
134 |
+if [[ "$intercept" == "8080" && "$squidstatus" == "enabled" ]]; then |
135 |
+ echo "we set squid Intercept port to 8081.. to avoid conflict with unifi " |
136 |
+ /usr/sbin/e-smith/config setprop squid InterceptPort 8081 |
137 |
+ /usr/sbin/e-smith/expand-template /etc/squid/squid.conf |
138 |
+ /usr/sbin/e-smith/expand-template /etc/rc.d/init.d/masq |
139 |
+ /usr/bin/systemctl restart squid |
140 |
+ /usr/bin/systemctl restart masq |
141 |
+ |
142 |
+fi |
143 |
+ |
144 |
+# now deal with dansguardian |
145 |
+dport=$(/usr/sbin/e-smith/config getprop dansguardian port ||echo "8080") |
146 |
+dstatus=$(/usr/sbin/e-smith/config getprop dansguardian status||echo "disabled") |
147 |
+if [[ "$dport" == "8080" && "$dsatus" == "enabled" ]]; then |
148 |
+ echo "we set dansguardian port to 8081.. to avoid conflict with unifi " |
149 |
+ /usr/sbin/e-smith/config setprop dansguardian port 8081 |
150 |
+ /usr/sbin/e-smith/expand-template /etc/dansguardian/dansguardian.conf |
151 |
+ /usr/bin/systemctl restart dansguardian |
152 |
+fi |
153 |
+ |
154 |
+# nothing to do with with squidguard |
155 |
+ |
156 |
diff -Nur --no-dereference smeserver-unifi-5.6.30.old/root/usr/lib/systemd/system/unifi.service smeserver-unifi-5.6.30/root/usr/lib/systemd/system/unifi.service |
157 |
--- smeserver-unifi-5.6.30.old/root/usr/lib/systemd/system/unifi.service 1969-12-31 19:00:00.000000000 -0500 |
158 |
+++ smeserver-unifi-5.6.30/root/usr/lib/systemd/system/unifi.service 2022-08-03 23:28:58.424000000 -0400 |
159 |
@@ -0,0 +1,22 @@ |
160 |
+# UniFi Controller systemd Service File |
161 |
+# by Steve Jenkins |
162 |
+# Last updated January 8, 2017 |
163 |
+# adapted for Koozali SME Server 10 |
164 |
+[Unit] |
165 |
+Description=Ubiquiti UniFi Controller |
166 |
+After=syslog.target network.target |
167 |
+ |
168 |
+[Service] |
169 |
+ExecStartPre=-/usr/sbin/e-smith/service-status unifi |
170 |
+ExecStartPre=/usr//sbin/e-smith/systemd/unifi |
171 |
+ExecStart=/usr/bin/java -Xmx1024M -jar /opt/UniFi/lib/ace.jar start |
172 |
+ExecStop=/usr/bin/java -jar /opt/UniFi/lib/ace.jar stop |
173 |
+Type=simple |
174 |
+User=ubnt |
175 |
+PermissionsStartOnly=true |
176 |
+WorkingDirectory=/opt/UniFi |
177 |
+SuccessExitStatus=143 |
178 |
+ |
179 |
+[Install] |
180 |
+WantedBy=multi-user.target |
181 |
+WantedBy=sme-server.target |