nixos-config/modules/services/unifi.nix

{ pkgs, lib, ... }:

{
  services.unifi = {
    enable = true;
    unifiPackage = pkgs.unifi8;
    mongodbPackage = pkgs.mongodb-7_0;
  };
  # services.nginx = {
  #   enable = true;
  #   recommendedProxySettings = true;

  #   virtualHosts."unifi.local" = {
  #     forceSSL = true;
  #     useACMEHost = "unifi.local";
  #     locations."/" = {
  #       proxyPass = "https://127.0.0.1:8443";
  #       proxyWebsockets = true;
  #     };
  #   };
  # };
  #   virtualisation.oci-containers.containers."unifi" = {
  #     image = "lscr.io/linuxserver/unifi-network-application:latest";
  #     autoStart = true;
  #     environmentFiles = [ /run/unifi/container-vars.env ];
  #     volumes = [
  #       "/etc/localtime:/etc/localtime:ro"
  #       "/run/unifi/data:/config"
  #     ];
  #     ports = [
  #       "8443:8443" # web admin UI
  #       "3478:3478/udp" # STUN
  #       "10001:10001/udp" # AP discovery
  #       "8080:8080" # device communication
  #       "6789:6789/udp" # mobile throughput test (assumption: wifiman)
  #       "5514:5514/udp" # remote syslog (optional)
  #     ];
  #     dependsOn = [
  #       "unifi-mongo"
  #     ];
  #     log-driver = "journald";
  #   };
  #   virtualisation.oci-containers.containers."unifi-mongo" = {
  #     image = "mongo:latest";
  #     autoStart = true;
  #     volumes = [
  #       "/etc/localtime:/etc/localtime:ro"
  #       "/run/unifi/mongo/db:/data/db"
  #       "/run/unifi/mongo/init-mongo.js:/docker-entrypoint-initdb.d/init-mongo.js:ro"
  #     ];
  #     log-driver = "journald";
  #   };

  networking.firewall.interfaces."lan0" = {
    allowedTCPPorts = [
      8443 # web admin UI
      8080 # device communication
    ];
    allowedUDPPorts = [
      6789 # mobile throughput test (assumption: wifiman)
      5514 # remote syslog (optional)
      3478 # STUN
      10001 # AP discovery
    ];
  };
}
feat: adds unifi service so that lily can host that 2025-05-18 14:09:08 +02:00			`{ pkgs, lib, ... }:`

			`{`
			`services.unifi = {`
			`enable = true;`
			`unifiPackage = pkgs.unifi8;`
			`mongodbPackage = pkgs.mongodb-7_0;`
			`};`
			`# services.nginx = {`
			`# enable = true;`
			`# recommendedProxySettings = true;`

			`# virtualHosts."unifi.local" = {`
			`# forceSSL = true;`
			`# useACMEHost = "unifi.local";`
			`# locations."/" = {`
			`# proxyPass = "https://127.0.0.1:8443";`
			`# proxyWebsockets = true;`
			`# };`
			`# };`
			`# };`
			`# virtualisation.oci-containers.containers."unifi" = {`
			`# image = "lscr.io/linuxserver/unifi-network-application:latest";`
			`# autoStart = true;`
			`# environmentFiles = [ /run/unifi/container-vars.env ];`
			`# volumes = [`
			`# "/etc/localtime:/etc/localtime:ro"`
			`# "/run/unifi/data:/config"`
			`# ];`
			`# ports = [`
			`# "8443:8443" # web admin UI`
			`# "3478:3478/udp" # STUN`
			`# "10001:10001/udp" # AP discovery`
			`# "8080:8080" # device communication`
			`# "6789:6789/udp" # mobile throughput test (assumption: wifiman)`
			`# "5514:5514/udp" # remote syslog (optional)`
			`# ];`
			`# dependsOn = [`
			`# "unifi-mongo"`
			`# ];`
			`# log-driver = "journald";`
			`# };`
			`# virtualisation.oci-containers.containers."unifi-mongo" = {`
			`# image = "mongo:latest";`
			`# autoStart = true;`
			`# volumes = [`
			`# "/etc/localtime:/etc/localtime:ro"`
			`# "/run/unifi/mongo/db:/data/db"`
			`# "/run/unifi/mongo/init-mongo.js:/docker-entrypoint-initdb.d/init-mongo.js:ro"`
			`# ];`
			`# log-driver = "journald";`
			`# };`

			`networking.firewall.interfaces."lan0" = {`
			`allowedTCPPorts = [`
			`8443 # web admin UI`
			`8080 # device communication`
			`];`
			`allowedUDPPorts = [`
			`6789 # mobile throughput test (assumption: wifiman)`
			`5514 # remote syslog (optional)`
			`3478 # STUN`
			`10001 # AP discovery`
			`];`
			`};`
			`}`