Giter VIP home page Giter VIP logo

unifi-systemd-units's Introduction

unifi-systemd-units

build

Systemd units for unifi-systemd container

Usage

Install unifi-systemd

  • UniFi OS >=1.10.0 <2.0.0 is required.

Install unifi-systemd.

podman exec unifi-os sh -c "curl -fsSLo /tmp/unifi-systemd_1.0.0_all.deb https://github.com/ntkme/unifi-systemd/releases/download/v1.0.0/unifi-systemd_1.0.0_all.deb && dpkg -i /tmp/unifi-systemd_1.0.0_all.deb && rm /tmp/unifi-systemd_1.0.0_all.deb"

Install systemd Units

Install systemd units from this repository to /mnt/data/etc/systemd/system.

curl -fsSL https://github.com/ntkme/unifi-systemd-units/archive/HEAD.tar.gz | tar -vxzC /mnt/data --strip-components 1 --exclude '*/.github' --exclude '*/docs' --exclude '*/test' --exclude '*/*.md' --exclude '*/LICENSE' && unifi-systemd reload

Manage systemd Units

unifi-systemd is a container that runs systemd and nested podman containers.

Use unifi-systemd shell to enter the container shell to interact with systemctl and podman.

See the links below for documentation of services provided by this repository.

To create a new container service unit, see podman-generate-systemd(1).

Config and Data Directories

Backup

It is recommended to gracefully stop all services with unifi-systemd stop before create a backup. Services can be restarted with unifi-systemd start.

By default, the following directories are used to store config and data.

  • /mnt/data/etc
  • /mnt/data/var
Store Data on Hard Disk

To store data on hard disk instead of the eMMC, move the directories into /mnt/data_ext and create symlinks on /mnt/data.

unifi-systemd stop
mv /mnt/data/etc /mnt/data_ext/etc && ln -s /mnt/data_ext/etc /mnt/data/etc
mv /mnt/data/var /mnt/data_ext/var && ln -s /mnt/data_ext/var /mnt/data/var
unifi-systemd start

Migrating from udm-boot

To migrate from udm-boot, please install unifi-systemd and unifi-systemd-units first.

podman exec unifi-os dpkg -P udm-boot
podman exec unifi-systemd systemctl enable unifi-entrypoint@mnt-data-on_boot.d.service

unifi-systemd-units's People

Contributors

dependabot[bot] avatar ntkme avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar

unifi-systemd-units's Issues

[Question/Bug] OCI Runtime Error w/ systemd-podman, "bpf_prog_query(BPF_CGROUP_DEVICE) failed: function not implemented"

Have you encountered this issue before? I am currently on unifi OS v1.12.22 trying to run the wpa_supplicant container through unifi-systemd. I've never been able to get it to start these containers because of the following error:

Aug 27 21:36:17 unifi podman[908]: 2022-08-27 21:36:17.289840695 +0000 UTC m=+0.158163761 container create 3c7e707cad0388627dd65b6b5fc9ed526864403719a7920d3487c5886d9bdf70 (image=ghcr.io/ntkme/wpa_supplicant:edge, name=wpa_supplicant-eth8, org.opencontainers.image.description=:whale: Containerized wpa_supplicant., org.opencontainers.image.licenses=MIT, org.opencontainers.image.url=https://github.com/ntkme/wpa_supplicant, org.opencontainers.image.created=2022-06-01T06:44:34.598Z, org.opencontainers.image.title=wpa_supplicant, [email protected], org.opencontainers.image.version=edge, org.opencontainers.image.revision=989dccc310bd9db903670438040e59dd050a3e4c, org.opencontainers.image.source=https://github.com/ntkme/wpa_supplicant, io.containers.autoupdate=image)
Aug 27 21:36:17 unifi podman[908]: 2022-08-27 21:36:17.209294951 +0000 UTC m=+0.077617966 image pull  ghcr.io/ntkme/wpa_supplicant:edge
Aug 27 21:36:17 unifi podman[908]: Error: OCI runtime error: runc: runc create failed: unable to start container process: error during container init: error setting cgroup config for procHooks process: bpf_prog_query(BPF_CGROUP_DEVICE) failed: function not implemented
Aug 27 21:36:17 unifi systemd[1]: [email protected]: Main process exited, code=exited, status=126/n/a

Is there an undocumented dependency on a newer kernel than what is shipped by default? For reference, output of uname -a on my udm pro:

bash-5.1# uname -a
Linux unifi 4.19.152-al-linux-v10.2.0-v1.12.22.4309-4105ace #1 SMP Thu May 19 09:34:11 UTC 2022 aarch64 aarch64 aarch64 GNU/Linux

The systemd-podman container runs just fine with the original host-level podman so there's something wrong with the newer podman build that is not agreeing with my hardware.

host podman:

# podman version
Version:            1.6.1
RemoteAPI Version:  1
Go Version:         go1.12.10
OS/Arch:            linux/arm64
# podman ps -a
CONTAINER ID  IMAGE                                       COMMAND               CREATED         STATUS             PORTS  NAMES
edfec8278b4f  ghcr.io/ntkme/systemd-podman:edge           /sbin/init            16 minutes ago  Up 16 minutes ago         unifi-systemd

vs systemd-podman (via unifi-systemd shell):

# unifi-systemd shell
bash-5.1# podman version
Client:       Podman Engine
Version:      4.1.1
API Version:  4.1.1
Go Version:   go1.18.4
Built:        Fri Jul 22 19:06:49 2022
OS/Arch:      linux/arm64
bash-5.1# podman ps -a
CONTAINER ID  IMAGE       COMMAND     CREATED     STATUS      PORTS       NAMES
bash-5.1#

[Feature Request] Podman containers within macvlan

Currently, unifi-systemd-units runs the nested podman containers in a bridged network. For a more secure and flexible solution, I would like the podman containers to run within a completely isolated network stack using macvlan.

Similar functionality is provided by @boostchicken , such as for Adguard Home. However, I can’t seem to figure out how to achieve the same with unifi-systemd-units.

It would be great if this feature could be added to unifi-systemd-units.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.