From a490e4ad92c4461ac914b051a623fe71c2da786a Mon Sep 17 00:00:00 2001
From: = <=>
Date: Mon, 30 Dec 2024 22:35:25 -0500
Subject: [PATCH] unifi nearly done

---
 compose/truenas-apps.yaml | 41 ++++++++++++++++++++++++++++-----------
 distribution/config.yml   |  4 ++--
 nginx/truenas.conf        | 21 +++++++++++++-------
 3 files changed, 46 insertions(+), 20 deletions(-)

diff --git a/compose/truenas-apps.yaml b/compose/truenas-apps.yaml
index ca0d170..2b48421 100644
--- a/compose/truenas-apps.yaml
+++ b/compose/truenas-apps.yaml
@@ -159,15 +159,34 @@ services:
       - /mnt/hdd/apps/nginx/default.conf:/etc/nginx/conf.d/default.conf
       - /mnt/hdd/apps/certbot/etc:/etc/letsencrypt
 
-  # unifi:
-  #   container_name: unifi
-  #   image: goofball222/unifi:8.6.9
-  #   pull_policy: always
-  #   restart: unless-stopped
-  #   networks: 
-  #     apps:
-  #       ipv4_address: 10.96.10.17
-  #       link_local_ips: []
-  #   volumes:
-  #     - /mnt/hdd/apps/unifi:/usr/lib/unifi/data
+  unifi:
+    container_name: unifi
+    image: goofball222/unifi:8.6.9
+    pull_policy: always
+    environment:
+      READENV: 'true'
+      DB_MONGO_LOCAL: 'false'
+      TZ: America/New_York
+      RUN_CHOWN: 'false'
+      DEBIAN_FRONTEND: noninteractive
+      DB_MONGO_URI: mongodb://10.96.10.18:27017/unifi
+      STATDB_MONGO_URI: mongodb://10.96.10.18:27017/unifi_stat
+      UNIFI_DB_NAME: unifi
+    restart: unless-stopped
+    networks: 
+      apps:
+        ipv4_address: 10.96.10.17
+        link_local_ips: []
+    volumes:
+      - /mnt/hdd/apps/unifi:/usr/lib/unifi/data
 
+  mongodb:
+    image: mongo:5.0
+    container_name: mongodb
+    restart: unless-stopped
+    networks: 
+      apps:
+        ipv4_address: 10.96.10.18
+        link_local_ips: []
+    volumes:
+      - /mnt/hdd/apps/mongodb:/data/db
\ No newline at end of file
diff --git a/distribution/config.yml b/distribution/config.yml
index 217a331..6b2b083 100644
--- a/distribution/config.yml
+++ b/distribution/config.yml
@@ -38,8 +38,8 @@ http:
   relativeurls: false
   draintimeout: 30s
   tls:
-    certificate: /etc/letsencrypt/live/adguard.balsillie.house/fullchain.pem
-    key: /etc/letsencrypt/live/adguard.balsillie.house/privkey.pem
+    certificate: /etc/letsencrypt/live/adguard.balsillie.house-0002/fullchain.pem
+    key: /etc/letsencrypt/live/adguard.balsillie.house-0002/privkey.pem
     minimumtls: tls1.2
   prometheus:
     enabled: false
diff --git a/nginx/truenas.conf b/nginx/truenas.conf
index b1fa2cb..2bf3a9c 100644
--- a/nginx/truenas.conf
+++ b/nginx/truenas.conf
@@ -27,13 +27,20 @@ server {
     listen 443 ssl;
     server_name unifi.balsillie.house;
     http2 on;
+    proxy_ssl_verify off;
+    location /wss/ {
+            proxy_pass https://10.96.10.17:8443;
+            proxy_http_version 1.1;
+            proxy_buffering off;
+            proxy_set_header Upgrade $http_upgrade;
+            proxy_set_header Connection "Upgrade";
+            proxy_read_timeout 86400;
+    }
+
     location / {
-        proxy_set_header        Host $host;
-        proxy_set_header        X-Real-IP $remote_addr;
-        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_set_header        X-Forwarded-Proto $scheme;
-        proxy_pass              http://10.96.10.17:8080/;
-        proxy_read_timeout      600s;
-        proxy_send_timeout      600s;
+            proxy_pass https://10.96.10.17:8443/; # The Unifi Controller Port
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;
     }
 }
\ No newline at end of file