Hi,
so I’m new to the world of docker and also new to the unifi networking, actually I’m new to all sys-stuff / selfhosting (I’m a php developer). But I’m trying to learn.
A week ago i succesfully deployed the unifi-controller docker, and everything was going ok. Today I decided to format my pc (centos 7) and install centos 8.
So after that i just installed docker and tried to deploy with the same docker file (and the config folder that i copied before formatting ).
the docker was sucessfully deployed and i can access from a pc in the same lan ( on port 8443 ) but I’ve seen in the log that the controller doesn’t have access to the web, so for example SSO is not working and i can’t use my ipad with the unifi app to control my unifi network.
I’ve tryed to log in the controller bash with this command:
docker exec -it unifi-controller /bin/bash
and i’ve tryed to wget google.com and it didn’t worked.
so, can someone help me?
Thanks to all
driz
10 March 2020 02:32
2
share your docker run command or docker compose.
however, the issue is probably centos, docker relies on iptables, and RHEL derivs use firewalld which causes some issues, iirc.
my compose file:
version: "2"
services:
unifi-controller:
image: linuxserver/unifi-controller
container_name: unifi-controller
environment:
- PUID=983
- PGID=976
- MEM_LIMIT=1024M #optional
volumes:
- /mnt/sdb1/unifi:/config
ports:
- 3478:3478/udp
- 10001:10001/udp
- 8083:8083
- 8081:8081
- 8443:8443
- 8843:8843
- 8880:8880
- 6789:6789
restart: unless-stopped
I’ve tried to open the port with firewall-cmd (i think it wasn’t necessary):
sudo firewall-cmd --zone=public --add-port=3478/udp --permanent
sudo firewall-cmd --zone=public --add-port=10001/udp --permanent
sudo firewall-cmd --zone=public --add-port=8081/tcp --permanent
sudo firewall-cmd --zone=public --add-port=8443/tcp --permanent
sudo firewall-cmd --zone=public --add-port=8880/tcp --permanent
sudo firewall-cmd --zone=public --add-port=6789/tcp --permanent
And i have disabled (not permanently) the SELinux
Edit:
My /etc/resolv.conf:
search lan local
nameserver 127.0.0.11
options ndots:0
I think it’s wrong, but if I edit this fil in the next reboot I will lose my modifications??
The resolv file in the host was correct with my gateway ip (192.168.1.254)
My host ifconig:
br-7779e4c8b7fe:
flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.25.0.1 netmask 255.255.0.0 broadcast 172.25.255.255
inet6 fe80::42:1dff:fece:6581 prefixlen 64 scopeid 0x20<link>
ether 02:42:1d:ce:65:81 txqueuelen 0 (Ethernet)
RX packets 466470 bytes 438809912 (418.4 MiB)
RX errors 0 dropped 7 overruns 0 frame 0
TX packets 110988 bytes 18830882 (17.9 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
inet6 fe80::42:ccff:fe74:4a35 prefixlen 64 scopeid 0x20<link>
ether 02:42:cc:74:4a:35 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 12 bytes 1056 (1.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
enp1s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.220 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 2001:b07:5d26:3c94:f38a:1a83:cbb4:6233 prefixlen 64 scopeid 0x0<global>
inet6 fe80::cb74:495:bcc9:8a1 prefixlen 64 scopeid 0x20<link>
ether 00:e0:4c:68:70:02 txqueuelen 1000 (Ethernet)
RX packets 466470 bytes 438809912 (418.4 MiB)
RX errors 0 dropped 7 overruns 0 frame 0
TX packets 110989 bytes 18831508 (17.9 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
Edit 2:
With the following code I resolved my problem
firewall-cmd --zone=public --add-masquerade --permanent
driz
10 March 2020 20:51
4
great work, i was going to say you’re missing the nat table rules and you knocked it out!
system
Closed
15 March 2020 20:51
5
This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.