diff --git a/services/unifi.hcl b/services/unifi.hcl new file mode 100644 index 0000000..ef13181 --- /dev/null +++ b/services/unifi.hcl @@ -0,0 +1,81 @@ +job "unifi" { + datacenters = ["alo"] + + group "net" { + network { + port "p8443" { static = 8443 } + port "p3478" { static = 3478 } + port "p10001" { static = 10001 } + port "p8080" { static = 8080 } + port "p1900" { static = 1900 } + port "p8843" { static = 8843 } + port "p8880" { static = 8880 } + port "p6789" { static = 6789 } + port "p5514" { static = 5514 } + } + + task "controller" { + driver = "docker" + + config { + image = "ghcr.io/linuxserver/unifi-controller" + network_mode = "host" + ports = [ + "p8443", + "p3478", + "p10001", + "p8080", + "p1900", + "p8843", + "p8880", + "p6789", + "p5514", + ] + volumes = [ + "/data/compute/appdata/unifi:/config", + ] + } + + env { + PUID = 1001 + PGID = 1001 + } + + service { + name = "unifi" + port = "p8443" + + tags = [ + "traefik.enable=true", + "traefik.http.routers.unifi.entryPoints=websecure", + "traefik.http.routers.unifi.middlewares=authentik@file", + "traefik.http.services.unifi.loadbalancer.server.scheme=https", + ] + } + + resources { + cpu = 512 + memory = 1500 + } + } + + task "keepalived" { + driver = "docker" + env { + KEEPALIVED_INTERFACE = "eno1" + # To change this go to Settings > System > Advanced in unifi and set the Inform Host + KEEPALIVED_VIRTUAL_IPS = "192.168.1.101/24" + KEEPALIVED_UNICAST_PEERS = "" + KEEPALIVED_STATE = "MASTER" + KEEPALIVED_VIRTUAL_ROUTES = "" + } + config { + # 2.2.8 wasn't starting, reason unknown + image = "visibilityspots/keepalived:2.2.7" + network_mode = "host" + privileged = true + cap_add = ["NET_ADMIN", "NET_BROADCAST", "NET_RAW"] + } + } + } +}