pducharme / unifi-video-controller Goto Github PK
View Code? Open in Web Editor NEWDocker for Unifi-Video Controller (Ubiquiti Networks)
Docker for Unifi-Video Controller (Ubiquiti Networks)
Since upgrade from 3.9.2 to 3.9.3 I cannot neither access my recordings nor create new ones, possibly user permissions? AFAIK all Unraid dockers are run as root, which logfile shall I tail to provide more info?
I'm pretty new to docker, but wanted to test this to try to run unifi-video on a CentOS system. I installed on CentOS 7.4 with a fresh docker install from the distro repo, following instructions, and I got the following:
[root@resolve02 data_4]# docker run --name unifi-video --cap-add SYS_ADMIN --cap-add DAC_READ_SEARCH -p 7442:7442 -p 7443:7443 -p 7445:7445 -p 7446:7446 -p 7447:7447 -p 7080:7080 -p 6666:6666 -v /data_4/tmp/unifi-video:/var/lib/unifi-video -v /data_4/tmp/unifi-video/data/videos:/usr/lib/unifi-video/data/videos -v /var/log/unifi-video:/var/log/unifi-video -e TZ=America/Mexico_City -e PUID=500 -e PGID=500 -e DEBUG=1 pducharme/unifi-video-controller
2017-11-08 00:58:35.939700 [info] PUID defined as '500'
2017-11-08 00:58:36.117944 [info] PGID defined as '500'
2017-11-08 00:58:36.287130 [info] Setting permissions recursively on volume mappings...
[debug] Running unifi-video service with --debug.
Starting unifi-video... Java Runtime: /usr/lib/jvm/java-8-openjdk-amd64/jre
JSVC: /usr/bin/jsvc
JVM options: -Dav.tempdir=/var/cache/unifi-video -Djava.security.egd=file:/dev/./urandom -Xmx25086M -Djava.library.path=/usr/lib/unifi-video/lib -Djava.awt.headless=true -Djavax.net.ssl.trustStore=/usr/lib/unifi-video/data/ufv-truststore -Dfile.encoding=UTF-8 -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.port=7654 -Djava.rmi.server.hostname=172.17.0.2
JSVC options: -cwd /usr/lib/unifi-video -debug -user unifi-video -home /usr/lib/jvm/java-8-openjdk-amd64/jre -cp /usr/share/java/commons-daemon.jar:/usr/lib/unifi-video/lib/airvision.jar -pidfile /var/run/unifi-video/unifi-video.pid -procname unifi-video -Dav.tempdir=/var/cache/unifi-video -Djava.security.egd=file:/dev/./urandom -Xmx25086M -Djava.library.path=/usr/lib/unifi-video/lib -Djava.awt.headless=true -Djavax.net.ssl.trustStore=/usr/lib/unifi-video/data/ufv-truststore -Dfile.encoding=UTF-8 -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.port=7654 -Djava.rmi.server.hostname=172.17.0.2
+-- DUMPING PARSED COMMAND LINE ARGUMENTS --------------
| Detach: True
| Show Version: No
| Show Help: No
| Check Only: Disabled
| Stop: False
| Wait: 0
| Run as service: No
| Install service: No
| Remove service: No
| JVM Name: "null"
| Java Home: "/usr/lib/jvm/java-8-openjdk-amd64/jre"
| PID File: "/var/run/unifi-video/unifi-video.pid"
| User Name: "unifi-video"
| Extra Options: 13
| "-Djava.class.path=/usr/share/java/commons-daemon.jar:/usr/lib/unifi-video/lib/airvision.jar"
| "-Dav.tempdir=/var/cache/unifi-video"
| "-Djava.security.egd=file:/dev/./urandom"
| "-Xmx25086M"
| "-Djava.library.path=/usr/lib/unifi-video/lib"
| "-Djava.awt.headless=true"
| "-Djavax.net.ssl.trustStore=/usr/lib/unifi-video/data/ufv-truststore"
| "-Dfile.encoding=UTF-8"
| "-Dcom.sun.management.jmxremote"
| "-Dcom.sun.management.jmxremote.ssl=false"
| "-Dcom.sun.management.jmxremote.authenticate=false"
| "-Dcom.sun.management.jmxremote.port=7654"
| "-Djava.rmi.server.hostname=172.17.0.2"
| Class Invoked: "com.ubnt.airvision.Main"
| Class Arguments: 1
| "start"
+-------------------------------------------------------
user changed to 'unifi-video'
User 'unifi-video' validated
Attempting to locate Java Home in /usr/lib/jvm/java-8-openjdk-amd64/jre
Attempting to locate VM configuration file /usr/lib/jvm/java-8-openjdk-amd64/jre/jre/lib/jvm.cfg
Attempting to locate VM configuration file /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/jvm.cfg
Attempting to locate VM configuration file /usr/lib/jvm/java-8-openjdk-amd64/jre/jre/lib/amd64/jvm.cfg
Attempting to locate VM configuration file /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/amd64/jvm.cfg
Found VM configuration file at /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/amd64/jvm.cfg
Found VM server definition in configuration
Checking library /usr/lib/jvm/java-8-openjdk-amd64/jre/jre/lib/amd64/server/libjvm.so
Checking library /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/amd64/server/libjvm.so
Found VM client definition in configuration
Checking library /usr/lib/jvm/java-8-openjdk-amd64/jre/jre/lib/amd64/client/libjvm.so
Checking library /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/amd64/client/libjvm.so
Cannot locate library for VM client (skipping)
Found VM zero definition in configuration
Checking library /usr/lib/jvm/java-8-openjdk-amd64/jre/jre/lib/amd64/zero/libjvm.so
Checking library /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/amd64/zero/libjvm.so
Cannot locate library for VM zero (skipping)
Found VM jamvm definition in configuration
Checking library /usr/lib/jvm/java-8-openjdk-amd64/jre/jre/lib/amd64/jamvm/libjvm.so
Checking library /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/amd64/jamvm/libjvm.so
Cannot locate library for VM jamvm (skipping)
Found VM dcevm definition in configuration
Checking library /usr/lib/jvm/java-8-openjdk-amd64/jre/jre/lib/amd64/dcevm/libjvm.so
Checking library /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/amd64/dcevm/libjvm.so
Cannot locate library for VM dcevm (skipping)
Java Home located in /usr/lib/jvm/java-8-openjdk-amd64/jre
+-- DUMPING JAVA HOME STRUCTURE ------------------------
| Java Home: "/usr/lib/jvm/java-8-openjdk-amd64/jre"
| Java VM Config.: "/usr/lib/jvm/java-8-openjdk-amd64/jre/lib/amd64/jvm.cfg"
| Found JVMs: 1
| JVM Name: "server"
| "/usr/lib/jvm/java-8-openjdk-amd64/jre/lib/amd64/server/libjvm.so"
+-------------------------------------------------------
Using default JVM in /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/amd64/server/libjvm.so
Invoking w/ LD_LIBRARY_PATH=/usr/lib/jvm/java-8-openjdk-amd64/jre/lib/amd64/server:/usr/lib/jvm/java-8-openjdk-amd64/jre/lib/amd64
+-- DUMPING PARSED COMMAND LINE ARGUMENTS --------------
| Detach: True
| Show Version: No
| Show Help: No
| Check Only: Disabled
| Stop: False
| Wait: 0
| Run as service: No
| Install service: No
| Remove service: No
| JVM Name: "null"
| Java Home: "/usr/lib/jvm/java-8-openjdk-amd64/jre"
| PID File: "/var/run/unifi-video/unifi-video.pid"
| User Name: "unifi-video"
| Extra Options: 13
| "-Djava.class.path=/usr/share/java/commons-daemon.jar:/usr/lib/unifi-video/lib/airvision.jar"
| "-Dav.tempdir=/var/cache/unifi-video"
| "-Djava.security.egd=file:/dev/./urandom"
| "-Xmx25086M"
| "-Djava.library.path=/usr/lib/unifi-video/lib"
| "-Djava.awt.headless=true"
| "-Djavax.net.ssl.trustStore=/usr/lib/unifi-video/data/ufv-truststore"
| "-Dfile.encoding=UTF-8"
| "-Dcom.sun.management.jmxremote"
| "-Dcom.sun.management.jmxremote.ssl=false"
| "-Dcom.sun.management.jmxremote.authenticate=false"
| "-Dcom.sun.management.jmxremote.port=7654"
| "-Djava.rmi.server.hostname=172.17.0.2"
| Class Invoked: "com.ubnt.airvision.Main"
| Class Arguments: 1
| "start"
+-------------------------------------------------------
user changed to 'unifi-video'
User 'unifi-video' validated
Attempting to locate Java Home in /usr/lib/jvm/java-8-openjdk-amd64/jre
Attempting to locate VM configuration file /usr/lib/jvm/java-8-openjdk-amd64/jre/jre/lib/jvm.cfg
Attempting to locate VM configuration file /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/jvm.cfg
Attempting to locate VM configuration file /usr/lib/jvm/java-8-openjdk-amd64/jre/jre/lib/amd64/jvm.cfg
Attempting to locate VM configuration file /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/amd64/jvm.cfg
Found VM configuration file at /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/amd64/jvm.cfg
Found VM server definition in configuration
Checking library /usr/lib/jvm/java-8-openjdk-amd64/jre/jre/lib/amd64/server/libjvm.so
Checking library /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/amd64/server/libjvm.so
Found VM client definition in configuration
Checking library /usr/lib/jvm/java-8-openjdk-amd64/jre/jre/lib/amd64/client/libjvm.so
Checking library /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/amd64/client/libjvm.so
Cannot locate library for VM client (skipping)
Found VM zero definition in configuration
Checking library /usr/lib/jvm/java-8-openjdk-amd64/jre/jre/lib/amd64/zero/libjvm.so
Checking library /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/amd64/zero/libjvm.so
Cannot locate library for VM zero (skipping)
Found VM jamvm definition in configuration
Checking library /usr/lib/jvm/java-8-openjdk-amd64/jre/jre/lib/amd64/jamvm/libjvm.so
Checking library /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/amd64/jamvm/libjvm.so
Cannot locate library for VM jamvm (skipping)
Found VM dcevm definition in configuration
Checking library /usr/lib/jvm/java-8-openjdk-amd64/jre/jre/lib/amd64/dcevm/libjvm.so
Checking library /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/amd64/dcevm/libjvm.so
Cannot locate library for VM dcevm (skipping)
Java Home located in /usr/lib/jvm/java-8-openjdk-amd64/jre
+-- DUMPING JAVA HOME STRUCTURE ------------------------
| Java Home: "/usr/lib/jvm/java-8-openjdk-amd64/jre"
| Java VM Config.: "/usr/lib/jvm/java-8-openjdk-amd64/jre/lib/amd64/jvm.cfg"
| Found JVMs: 1
| JVM Name: "server"
| "/usr/lib/jvm/java-8-openjdk-amd64/jre/lib/amd64/server/libjvm.so"
+-------------------------------------------------------
Running w/ LD_LIBRARY_PATH=/usr/lib/jvm/java-8-openjdk-amd64/jre/lib/amd64/server:/usr/lib/jvm/java-8-openjdk-amd64/jre/lib/amd64
redirecting stdout to /dev/null and stderr to /dev/null
Switching umask back to 022 from 077
done.
Attemtping to load library /lib64/libcap.so.2
Attemtping to load library /lib64/libcap.so.1
Attemtping to load library /lib64/libcap.so
Attemtping to load library /usr/lib64/libcap.so.2
Attemtping to load library /usr/lib64/libcap.so.1
Attemtping to load library /usr/lib64/libcap.so
Attemtping to load library /lib/libcap.so.2
Attemtping to load library /lib/libcap.so.1
Attemtping to load library /lib/libcap.so
Attemtping to load library /usr/lib/libcap.so.2
Attemtping to load library /usr/lib/libcap.so.1
Attemtping to load library /usr/lib/libcap.so
Attemtping to load library libcap.so.2
loaded cap_free from libcap.
loaded cap_init from libcap.
loaded cap_clear from libcap.
loaded cap_get_flag from libcap.
loaded cap_set_flag from libcap.
loaded cap_set_proc from libcap.
increased capability set.
user changed to 'unifi-video'
decreased capability set to min required.
Using default JVM in /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/amd64/server/libjvm.so
Attemtping to load library /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/amd64/server/libjvm.so
JVM library /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/amd64/server/libjvm.so loaded
JVM library entry point found (0xFE1841C0)
+-- DUMPING JAVA VM CREATION ARGUMENTS -----------------
| Version: 0x010004
| Ignore Unrecognized Arguments: True
| Extra options: 13
| "-Djava.class.path=/usr/share/java/commons-daemon.jar:/usr/lib/unifi-video/lib/airvision.jar" (0x00000000)
| "-Dav.tempdir=/var/cache/unifi-video" (0x00000000)
| "-Djava.security.egd=file:/dev/./urandom" (0x00000000)
| "-Xmx25086M" (0x00000000)
| "-Djava.library.path=/usr/lib/unifi-video/lib" (0x00000000)
| "-Djava.awt.headless=true" (0x00000000)
| "-Djavax.net.ssl.trustStore=/usr/lib/unifi-video/data/ufv-truststore" (0x00000000)
| "-Dfile.encoding=UTF-8" (0x00000000)
| "-Dcom.sun.management.jmxremote" (0x00000000)
| "-Dcom.sun.management.jmxremote.ssl=false" (0x00000000)
| "-Dcom.sun.management.jmxremote.authenticate=false" (0x00000000)
| "-Dcom.sun.management.jmxremote.port=7654" (0x00000000)
| "-Djava.rmi.server.hostname=172.17.0.2" (0x00000000)
+-------------------------------------------------------
| Internal options: 4
| "-Dcommons.daemon.process.id=114" (0x00000000)
| "-Dcommons.daemon.process.parent=113" (0x00000000)
| "-Dcommons.daemon.version=1.0.15-dev" (0x00000000)
| "abort" (0x00405af0)
+-------------------------------------------------------
#
# A fatal error has been detected by the Java Runtime Environment:
#
# SIGBUS (0x7) at pc=0x00007f67ed7ffbfc, pid=114, tid=0x00007f67ffe85700
#
# JRE version: (8.0_131-b11) (build )
# Java VM: OpenJDK 64-Bit Server VM (25.131-b11 mixed mode linux-amd64 compressed oops)
# Problematic frame:
# j java.lang.Object.<clinit>()V+0
#
# Core dump written. Default location: /usr/lib/unifi-video/core or core.114
#
# An error report file with more information is saved as:
# /usr/lib/unifi-video/hs_err_pid114.log
#
# If you would like to submit a bug report, please visit:
# http://bugreport.java.com/bugreport/crash.jsp
#
Reloading service
Waiting 60 s to prevent looping
The "error report file" it mentions is attached:
hs_err_pid1587.log
This is the error i get:
I tried mapping the videos path inside or outside the data folder, without any difference. The data volume is mapped correctly with r/w capabilities, on the very same NFS share, but when I try to change the recording settings i get
ERROR rejectIfPathInvalid - ERROR: Incorrect Ownership /usr/lib/unifi-video/data/videos:nobody in tomcat-HTTP-exec-4
This is the run command:
docker run -d --name unifi-video --restart="always" --net=homenet --ip=192.168.1.5 --cap-add SYS_ADMIN --cap-add DAC_READ_SEARCH -v /mnt/import/unifi-video/config:/var/lib/unifi-video -v /mnt/import/unifi-video/videos:/var/lib/unifi-video/videos -e TZ=Europe/Rome -e PUID=65534 -e PGID=65534 -e DEBUG=1 pducharme/unifi-video-controller:latest
Because of the NFS share, mounted with the squash option, I'm trying to run unifi video as nobody, and this is what I see as running processes:
Is it normal to have two unifi-video commands, one owned my root and one owned by nobody?
Thanks
I am seeing a problem after updating to the latest version of the docker image from 2018-02-23.
I posted on the unifi-video forum about it and it seems a few others are having a similar issue and are also running your docker image.
From the logs ems seems to be dying pretty much immediately on startup with a segfult.
1519448206.754 2018-02-23 23:56:46.754/EST: ERROR ems has quit with rc=139 in ems-service 1519448207.921 2018-02-23 23:56:47.921/EST: ERROR ems has quit with rc=139 in ems-service
This makes unifi-video unable to connect to the cameras and fully function properly.
There is a post with full logs from one of the other users on that forum topic.
Oh another issue I think evil-dog and I both noticed... They moved /var/log/unifi-video under /var/lib/unifi-video/logs instead, and created a symlink between the two. If you have a volume setup to mount that log folder, in 3.9.2 you'd need to remove that so it would write to the new location...
However, they also seem to CREATE that symlink owned by root. As the app runs as the unifi-video user, it doesn't actually seem to have access to traverse this symlink. Not sure if this is your issue, or theirs? But "chown -h unifi-video:unifi-video /var/log/unifi-video" seemed to restore logs writing. This also presents as initial startup getting stuck on "Upgrading" screens, presumably because it fails to start writing logs.
Hi,
I've successfully been using this docker image on my Synology NAS for the past months. However, I recently saw the 3.6 update to the unifi video controller and wanted to update my docker container. I noticed that since 1 month ago, the automated build for this docker container has been failing.
Is there any plant to update the docker image to the latest 3.6 controller?
Thanks for maintaining this.
I see the Dockerfile on here has been updated, but the version on Dockerhub used for a pull is still showing a beta version.
Whats the trigger ?
Sorry if this is a newbie docker question... I'm getting a Please correct permissions or ownership and try again.
error when trying to save any settings under Settings -> System Configuration -> Configure. All I want to do is set time-based purging but I keep getting this error.
I'm running on Fedora Server Edition, using the PUID and PGID settings which translate to nobody
and users
group. I have confirmed that my recording path indeed has the proper permissions, I see new recording and can delete them from the Recordings tab but when I try and save these settings I get an error.
I'm also seeing this in my error log:
1516556256.660 2018-01-21 09:37:36.660/PST: ERROR rejectIfPathInvalid - ERROR: Incorrect Ownership /usr/lib/unifi-video/data/videos:root in tomcat-HTTP-exec-3
I have also tried changing these to another user but docker errors when trying to run with a different user, even with root!
Any suggestions on how to resolve this?
Here is my complete docker command:
docker run --name unifi-video --cap-add SYS_ADMIN --cap-add DAC_READ_SEARCH -p 7442:7442 -p 7443:7443 -p 7445:7445 -p 7446:7446 -p 7447:7447 -p 7080:7080 -p 6666:6666 -v /var/lib/unifi-video:/var/lib/unifi-video -v /mnt/security/unifi-video/data/videos:/usr/lib/unifi-video/data/videos -v /var/log/unifi-video:/var/log/unifi-video -e TZ=America/Los_Angeles -e PUID=99 -e PGID=100 -e DEBUG=1 --restart unless-stopped pducharme/unifi-video-controller
As I was looking into why 3.9.2 was messed up, I noticed a few other things in the Dockerfile:
Also, there are actual several other ports that are OPTIONAL to expose... not sure if these belong in a Dockerfile because of that, but mentioning that the following need to be exposed if you are using those features might be a good idea, and that they'd need to change if someone remaps them in Unifi Video:
In the docker run command it looks like external storage is being mapped to /var/lib/unifi-video (and videos). But when opening the system configuration in the Unifi Video webgui, the default recording location is /usr/lib/unifi-video/videos. Should the mapping be changed?
Any idea how to get around the tmpfs error on a Synology NAS via the GUI?
mount: tmpfs is write-protected, mounting read-only mount: cannot mount tmpfs read-only
Any reason why this has not been bumped up to 3.9.8 ? Currently shows as beta....
The current build on the beta channel has an RTSP error that breaks the raspbian-lite omxplayer monitoring solution.
Per the patch notes for b2 build the RTSP error has been resolved. Can we get an updated beta build here for those of us having issues with beta 1 but want to test the beta builds for our synology-based systems?
Switch /usr/lib/unifi-video/data/videos
volume to /var/lib/unifi-video/videos
. At some point, "they" made /usr/lib/unifi-video/data
a symlink to /var/lib/unifi-video
. So we may as well put the volume in the right place, instead of traversing the symlink.
It'd be great to figure out which capability it depends on...
My testing shows it starts up w/ --cap-add DAC_READ_SEARCH, but it didn't show up in video cloud.
See jacobalberty/unifi-docker#44 for similar implementation for Unifi network controller if that helps.
Hi,
sorry but can you say me how i can update the server from 3.9.7 to 3.9.9 with your script? :-) Thank you very much
I believe something changed in the recording path with this version. Since updating today, all of my recordings have disappeared from the GUI (they all still exist in their respective folders).
My container path for "Recording Path" has been set to "/var/lib/unifi-video/videos", but in the System Configuration GUI, it is now appearing as "/usr/lib/unifi-video/data/videos" (which is not listed in the dockerfile). If I try to change this path in the GUI, I get an error:
Validation Failed
/var/lib/unifi-video/videos path is not accessible.
Please correct permissions or ownership and try again.
In the logs, I see lots of errors referencing this path:
java.io.FileNotFoundException: /usr/lib/unifi-video/data/videos/9d23058c-3d53-3b5e-b07d-f290f5fe136e/2018/01/29/1517254547165_1517254549165_1517252347798_6166117.mp4 (No such file or directory)
As dependencies start to change or mounts change, etc, it would be great to have a CHANGELOG
that starts to capture the significant differences between version and what you'll need to do (if anything between them).
You could even go so far as to version this independently of Unifi Video controller to allow for semver.
I am no expert to anything NFS, Dockers. Since this is run from openmediavault4 gui, I get the following errors. The thing is that I set the guests allowed to the volume.
2018-05-06 14:36:11.892752 [info] PUID defined as '1000'
2018-05-06 14:36:13.475376 [info] PGID defined as '100'
2018-05-06 14:36:13.548727 [info] Setting permissions recursively on volume mappings...
mount: permission denied
Starting unifi-video... failed.
I have openSuse Leap running in 64 bit mode on my Raspberry Pi. I have docker running. Can the code be compiled to run here? I want to setup a single camera and use my NAS.
TIA
Client:
Version: 17.09.1-ce
API version: 1.32
Go version: go1.8.7
Git commit: f4ffd2511ce9
Built: Thu Apr 19 12:00:00 2018
OS/Arch: linux/arm64
Server:
Version: 17.09.1-ce
API version: 1.32 (minimum version 1.12)
Go version: go1.8.7
Git commit: f4ffd2511ce9
Built: Thu Apr 19 12:00:00 2018
OS/Arch: linux/arm64
Experimental: false
despite several days of research I can't find a configuration that allows the swarm compose to allow writing to the tmpfs cache.
I have tried the different recommended configurations but swarm denies them:
security_opt:
- apparmor:unconfined
cap_add:
- SYS_ADMIN
- DAC_READ_SEARCH
in the end, I have the following error when the java application starts the binary:
=> mount: /var/cache/unifi-video: permission denied.
I also added a mount tmpfs but that doesn't change anything
It would be fantastic if UID and GID could be passed in so that the service it runs as inside the container could be something besides root.
I'm exploring how to do this, but haven't quite figured it out yet.
Newbie here and looking for guidance, very new to docker file and container station.
Purpose to is to run unifi-video on a QNAP TS 453a NAS through container Station.
I have successfully install a unifi controller and is working.
Issue i have created the docker, when it tries to start i get permission denied.
See image below
any guidance what I'm not doing will be great...
Hi, could you please also push tags to git and dockerhub? like :3.6.1
for 3.6.1 unifi-video?
If I don't use the net=host
option, the streaming URLs for RSTP etc use the docker IP and do not work with the host IP regardless of whether the correct ports are mapped. Changing it to net=host
and everything works perfectly. Is there any way to tell the UniFi Video controller about it's external IP?
unifi-video_3.7.1~Ubuntu16.04_amd64.deb is not removed after installing as part of the package install step, causing ~80 MB of waste in the image
Due to the large number of ports, and for easier management I wanted to have my Unifi Video Server to have its own IP address and domain name. I tried adding
--net [mcvlan network I defined] /
--ip [IP address in the range of the network] /
--hostname [hostname of choice] /
and the server is not visible at the assigned IP address. Also, the docker container ls
command doesn't show any of the ports that were assigned.
I assume I am doing something wrong, as I am fairly new to docker, but I think I am doing things according to the manual
When rebuilding the container or simply restarting it (docker rm && docker run) I am sent through the setup wizard and prompted to load a backup.
I don't change anything between runs, the container is managed as a systemd unit. The same dir is mounted for the data volume each time and it contains what you would expect but the system.properties file is written fresh each time with the following (uuid and date change of course):
# unifi-video v3.6.1
#Tue Apr 25 02:44:15 UTC 2017
is_default=true
uuid=a8350f0f-a5d1-49a4-9774-a944a0b65d07
# app.http.port = 7080
# app.https.port = 7443
# ems.liveflv.port = 6666
# ems.livews.port = 7445
# ems.livewss.port = 7446
# ems.rtmp.port = 1935
# ems.rtsp.port = 7447
Why does this happen? It makes restarting a pain if I have to dig out a backup from the data dir and reload it each time.
Hi Folks,
Newly installed Win10 Pro, newly installed Docker
docker pull pducharme/unifi-video-controller
docker run --name unifi-video --cap-add SYS_ADMIN --cap-add DAC_READ_SEARCH -p 22:22 -p 1935:1935 -p 6666:6666 -p 7004:7004/udp -p 7080:7080 -p 7442:7442 -p 7443:7443 -p 7444:7444 -p 7445:7445 -p 7446:7446 -p 7447:7447 -p 10001:10001/udp -v /c/UVC/Data:/var/lib/unifi-video -v /c/UVC/Video:/var/lib/unifi-video/videos -e TZ=Europe/Budapest -e PUID=99 -e PGID=100 -e DEBUG=1 pducharme/unifi-video-controller
On the consol coms the logs
"...
Daemon loaded successfully
java_load done
dropped capabilities."
And from here nothing more. On the website "UPGRADING" is only shown.
If i leave the -v /c/UVC/Data:/var/lib/unifi-video parameter it starting fine. In this form i tried to do some recordings. They are on my disk, so its not a disk accessibility problem.
What is the problem? What should I change?
Hello,
I've been testing your Dockerfile (pducharme/unifi-video-controller) at DockerHub to build up my Unifi-nvr controller. But im seeing the logs point at the problem of setting PUID and GUID as follows:
[warn] PUID not defined (via -e PUID), defaulting to '99'
[warn] PGID not defined (via -e PGID), defaulting to '100'
[info] Permissions already set for volume mappings
mount: permission denied
Starting unifi-video... failed.
Then I have added securityContext: specification to the yaml file that builds pod in kubernetes as:
securityContext:
runAsUser: 1000
fsGroup: 2000
the the logs show:
[warn] PUID not defined (via -e PUID), defaulting to '99'
I have tried to set the same parameters that you have set within your shell:
PUID="99" , PGID="100" by
securityContext:
runAsUser: 99
fsGroup: 100
but the same result has been yielded and pod gets crashed back off.
Is there any hint about it?
bests,
Looks like c498ddd didn't trigger an automated build?
I am at a complete loss as to what I am doing wrong. I had a container running with the camera a week ago to test and it worked perfectly. This week I upgraded to 3.9.8 and set the folder paths for a secondary hard drive I had purchased for the recordings and now I'm having the issues in the title and Unifi Video doesn't show anything of use in the logs other than some connection stuff. I changed the paths back to where they were before, changed the folder permissions to 777, redownloaded 3.9.7, every single time I got the same issue. The camera seems to be working just fine it gets added just fine but when you go to live view theres a message at the top saying "Unable to load UVC G3 livestream." The last recording for the camera is "n/a" but when you set the recording to full time it doesn't record and if I refresh the page it goes back to none instead of full time.
Does anyone have any idea what I could be doing wrong? I'm completely lost...
This is my docker run line:
docker run -d --restart always --name unifi-video --cap-add SYS_ADMIN --cap-add DAC_READ_SEARCH -p 10001:10001 -p 1935:1935 -p 6666:6666 -p 7080:7080 -p 7442:7442 -p 7443:7443 -p 7444:7444 -p 7445:7445 -p 7446:7446 -p 7447:7447 -v /mnt/storage/Videos/unifi-video:/var/lib/unifi-video -v /mnt/storage/Videos/videos:/var/lib/unifi-video/videos -e TZ=America/New_York -e PUID=99 -e PGID=100 -e DEBUG=1 pducharme/unifi-video-controller
Please add a 3.9.12 tag to the image on dockerhub.
Thanks!
With the 3.9.2 issues, it would be nice if the docker images were tagged by version add well so we have a rollback strategy on issues with new containers.
The Docker Hub image is stuck on 3.9.11 when 3.9.12 is latest on GitHub
I prefer to manage my containers as systemd units (I haven't figured out yet how to manage the build/upgrade piece). Attached is my unit file for this container. Consider including it in the repo as a sample others can build off of.
For reference, I build this container using this command when in the repo dir docker build -t unifi-video .
and I name the running container unifi-video-live
.
/etc/systemd/system/unifi-video.service
[Unit]
Description=UniFi Video Controller (Docker)
Requires=docker.service
After=docker.service
[Service]
Restart=always
ExecStart=/usr/bin/docker run -v /data/docker/unifi-video/data:/var/lib/unifi-video \
-v /data/docker/unifi-video/logs:/var/log/unifi-video \
-v /data/docker/unifi-video/videos:/usr/lib/unifi-video/data/videos \
-p 7080:7080 -p 7443:7443 -p 7445:7445 -p 7446:7446 -p 7447:7447 -p 6666:6666 \
--cap-add SYS_ADMIN --cap-add DAC_READ_SEARCH \
--name=unifi-video-live unifi-video
ExecStop=/usr/bin/docker stop -t 2 unifi-video-live
ExecStopPost=/usr/bin/docker rm -f unifi-video-live
[Install]
WantedBy=multi-user.target
Thanks for maintaining this project! Much appreciated ๐
Since 3.10.1 is out, could you possibly update?
https://community.ubnt.com/t5/UniFi-Video-Blog/UniFi-Video-3-10-1-Soft-Release/ba-p/2658279
Hello,
Yesterday Ubiquiti launched a new update, could you update the repository?
Thank you very much for your great work.
Antoni.
Hello,
I'm following the instructions for setting up the unifi video controller and connect 2 G3 video cameras and I'm unable to get cameras recognized by the controller. I'm running on a mac mini connected in the same network as the cameras. Tried to generate access token and nothing happens. Apparently, the cameras are unable to connect to my video controller.
Previous versions were working fine but since firmware upgrade I'm not able to make it work. Both controller and cameras have the last version of their softwares and firmwares.
I have set up a new machine and installed Docker. I then installed unifi-video-controller image and started the container. The problem that I am getting is that unifi video is reporting that it is on a 172.x.x.x network instead of the 192.168.x.x network.
With this if I try to connect unifi video to my unifi login it then fails, and tries to connect to the 172.x.x.x network instead of to the docker host, and also it is not finding my camera that I have connect to my network (192.168.x.x)
I am new to docker and I am pretty sure I do not have something set up in my network correctly.
I have done a lot of searching for information on this but it doesn't seem very popular to their software with docker.
Any help will be very much appreciated.
Gordon.
can you push the latest beta to docker hub?
At first run, it would be pretty cool if this file with this line were plunked down so the wizard would run when everyone expects it to.
I'm thinking a little tester that runs at first start and looks for proof it hasn't been setup, then adds the line at the start of the file and spews something about having done that.
Hi,
I struggle to fix permission issues. I read the various issues already raised but can't fix it.
I am running the docker container on Ubuntu and my NFS shares are on Synology.
On the first build I get this message:
ERROR: for nvr Cannot start service unifi-video-controller: error while creating mount source path '/nfs/Multimedia/Cam/data': chown /nfs/Multimedia/Cam/data: invalid argument
On the second run, the error is on /videos.
And on the third run, no error but container is constantly restarting and the error logs is the one below.
Here is my docker-compose:
image: "pducharme/unifi-video-controller"
container_name: "nvr"
ports:
- 1935:1935
- 6666:6666
- 7004:7004
- 7080:7080
- 7442:7442
- 7443:7443
- 7444:7444
- 7445:7445
- 7446:7446
- 7447:7447
volumes:
- /nfs/Multimedia/Cam/data:/var/lib/unifi-video
- /nfs/Multimedia/Cam/videos:/var/lib/unifi-video/videos
environment:
- TZ=${TZ}
- DEBUG=1
- PUID=${PUID}
- PGID=${PGID}
cap_add:
- SYS_ADMIN
- DAC_READ_SEARCH
restart: unless-stopped
networks:
- traefik_proxy
labels:
- "traefik.enable=true"
- "traefik.backend=nvr"
- "traefik.frontend.rule=Host:nvr.${DOMAINNAME}"
- "traefik.docker.network=traefik_proxy"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=DOMAIN.COM"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=false"
security_opt:
- apparmor:unconfined
and here is the log:
2018-12-30 17:22:49.738588 [info] PUID defined as '1000'
2018-12-30 17:22:49.771793 [info] PGID defined as '999'
2018-12-30 17:22:49.816549 [info] Permissions already set for volume mappings
[debug] Running unifi-video service with --debug.
Starting unifi-video... (unifi-video) Java Runtime: /usr/lib/jvm/java-8-openjdk-amd64/jre
(unifi-video) JSVC: /usr/bin/jsvc
(unifi-video)
JVM options: -Dav.tempdir=/var/cache/unifi-video -Djava.security.egd=file:/dev/./urandom -Xmx2047M -Djava.library.path=/usr/lib/unifi-video/lib -Djava.awt.headless=true -Djavax.net.ssl.trustStore=/usr/lib/unifi-video/data/ufv-truststore -Dfile.encoding=UTF-8 -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.port=7654 -Djava.rmi.server.hostname=172.18.0.13
(unifi-video)
JSVC options: -cwd /usr/lib/unifi-video -debug -user unifi-video -home /usr/lib/jvm/java-8-openjdk-amd64/jre -cp /usr/share/java/commons-daemon.jar:/usr/lib/unifi-video/lib/airvision.jar -pidfile /var/run/unifi-video/unifi-video.pid -procname unifi-video -Dav.tempdir=/var/cache/unifi-video -Djava.security.egd=file:/dev/./urandom -Xmx2047M -Djava.library.path=/usr/lib/unifi-video/lib -Djava.awt.headless=true -Djavax.net.ssl.trustStore=/usr/lib/unifi-video/data/ufv-truststore -Dfile.encoding=UTF-8 -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.port=7654 -Djava.rmi.server.hostname=172.18.0.13
(unifi-video) checking for system.properties and truststore files...
chown: changing ownership of '/usr/lib/unifi-video/data/system.properties': Invalid argument
chown: changing ownership of '/usr/lib/unifi-video/data/ufv-truststore': Invalid argument
failed.
Any ideas?
I am running into this
tmpfs mount error
mount: tmpfs is write-protected, mounting read-only
mount: cannot mount tmpfs read-only
If you get this tmpfs mount error, add --security-opt apparmor:unconfined \ to your list of run options. This error has been seen on Ubuntu, but may occur on other platforms as well.
my deployment file
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: unifi-video
annotations:
container.apparmor.security.beta.kubernetes.io/unifi-video: "unconfined"
spec:
replicas: 1
template:
metadata:
labels:
app: unifi-video
spec:
hostname: unifi-video
nodeSelector:
kubernetes.io/hostname: mira-b.home
volumes:
- name: dockerdata
persistentVolumeClaim:
claimName: dockerdata-nas
- name: cameradata
persistentVolumeClaim:
claimName: cameras-nas
containers:
- name: unifi-video
image: pducharme/unifi-video-controller:3.9.7
securityContext:
capabilities:
add:
- SYS_ADMIN
- DAC_READ_SEARCH
volumeMounts:
- name: dockerdata
subPath: unifi-video
mountPath: /var/lib/unifi-video
- name: cameradata
mountPath: /nfs/cameras
env:
- name: PUID
value: '1001'
- name: PGID
value: '1001'
- name: TZ
value: 'America/Los_Angeles'
- name: DEBUG
value: '1'
ports:
- name: ems-liveflv
containerPort: 6666
- name: ems-rtmp
containerPort: 1935
- name: uvcmicro-talk
containerPort: 7004
protocol: UDP
- name: app-http
containerPort: 7080
- name: camera-mgmt
containerPort: 7442
- name: app-https
containerPort: 7443
- name: nvr-client
containerPort: 7444
- name: ems-livews
containerPort: 7445
- name: ems-livewss
containerPort: 7446
- name: ems-rtsp
containerPort: 7447
- name: video-discovery
containerPort: 10001
protocol: UDP
readinessProbe:
tcpSocket:
port: app-https
initialDelaySeconds: 20
periodSeconds: 10
livenessProbe:
tcpSocket:
port: app-https
initialDelaySeconds: 40
periodSeconds: 20
despite all of this, i continually get a tmpfs readonly error. Someone else had a kubernetes deployment but never resolved their issue. Would really love to figure this out.
Thanks for maintaining this container!
One minor tweak - while the new port is on this repo's README, it took me a while to figure out because I assumed the Docker Hub description was identical.
It looks like Ubiquity is going to finally support MongoDB 3.6 in 3.10.0 w/ Ubuntu 18.04. We've been ignoring featureCompatibilityVersion for awhile, since 3.4 is fine w/ a 3.2 db.
I'm adding a check and set to the run.sh to get to 3.4. At some point, we'll be able to go to 3.6.
My plan for allowing that is to maintain a mongo-3.4 tag so that anyone w/ the issue can use that one which will set featureCompatibilityVersion to 3.4, then they can go to 3.6 w/o issue.
I also plan on leaving it at 3.4 for a long time, so that hopefully everyone will update naturally and just not have issues.
The unifi-docker project does a good job of supporting custom TLS certs, notably ones issued by LetsEncrypt.
It'd be great to have the same functionality here. If the NVR software is built similar to the Unifi Controller, perhaps jacobalberty's implementation can be poached.
Just wondering if it would be possible to fix this image so that settings and data persist when you update the docker to the latest version ?
I acknowledge that the image containing 3.9.8 is tagged 'beta,' but I thought I'd give it a try. After restarting my container with the new image, all of my cameras became disconnected. It seems to be related to an ems service failure noted in the system log (DEBUG=1
):
1535477171.640 2018-08-28 13:26:11.640/EDT: ERROR ems has quit with rc=139 in ems-service
1535477172.861 2018-08-28 13:26:12.861/EDT: ERROR ems has quit with rc=139 in ems-service
1535477172.884 2018-08-28 13:26:12.884/EDT: ERROR [EmsApiWebsocketClient] connect - FAILED connection to uri:wss://127.0.0.1:7440/ - DeploymentException - The HTTP request to initiate the WebSocket connection failed in EmsApiWebsocketClient-Connection
1535477174.888 2018-08-28 13:26:14.888/EDT: ERROR [EmsApiWebsocketClient] connect - FAILED connection to uri:wss://127.0.0.1:7440/ - DeploymentException - The HTTP request to initiate the WebSocket connection failed in EmsApiWebsocketClient-Connection
1535477180.891 2018-08-28 13:26:20.891/EDT: ERROR [EmsApiWebsocketClient] connect - FAILED connection to uri:wss://127.0.0.1:7440/ - DeploymentException - The HTTP request to initiate the WebSocket connection failed in EmsApiWebsocketClient-Connection
1535477182.864 2018-08-28 13:26:22.864/EDT: ERROR Last-chance exception in ems-service
com.ubnt.airvision.service.ems.O0OO: Timeout executing request: 1
at com.ubnt.airvision.service.ems.request.EmsRequest.getResponseDataAs(Unknown Source) ~[airvision.jar:?]
at com.ubnt.airvision.service.ems.request.ShutdownServer.getResponse(Unknown Source) ~[airvision.jar:?]
at com.ubnt.airvision.service.ems.o0OOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOO.void(Unknown Source) ~[airvision.jar:?]
at com.ubnt.airvision.service.ems.C.run(Unknown Source) [airvision.jar:?]
at java.lang.Thread.run(Thread.java:748) [?:1.8.0_181]
Caused by: java.util.concurrent.TimeoutException: Timeout waiting for task.
at com.google.common.util.concurrent.AbstractFuture$Sync.get(AbstractFuture.java:276) ~[guava-14.0.1.jar:?]
at com.google.common.util.concurrent.AbstractFuture.get(AbstractFuture.java:96) ~[guava-14.0.1.jar:?]
... 5 more
1535477198.895 2018-08-28 13:26:38.895/EDT: ERROR [EmsApiWebsocketClient] connect - FAILED connection to uri:wss://127.0.0.1:7440/ - DeploymentException - The HTTP request to initiate the WebSocket connection failed in EmsApiWebsocketClient-Connection
1535477202.872 2018-08-28 13:26:42.872/EDT: ERROR Cannot send EMS CLI Request {"command":"shutdownServer","parameters":{"_messageId":1}}: Unable to establish websocket connection to send message in EmsCliApi-Executor
1535477241.387 2018-08-28 13:27:21.387/EDT: ERROR HouseKeepingTask Error: Timeout executing request: 2 in StreamManagementService-HouseKeeper
1535477252.899 2018-08-28 13:27:32.899/EDT: ERROR [EmsApiWebsocketClient] connect - FAILED connection to uri:wss://127.0.0.1:7440/ - DeploymentException - The HTTP request to initiate the WebSocket connection failed in EmsApiWebsocketClient-Connection
1535477261.389 2018-08-28 13:27:41.389/EDT: ERROR Cannot send EMS CLI Request {"command":"listConfig","parameters":{"_messageId":2}}: Unable to establish websocket connection to send message in EmsCliApi-Executor
1535477271.386 2018-08-28 13:27:51.386/EDT: ERROR HouseKeepingTask Error: Timeout executing request: 3 in StreamManagementService-HouseKeeper
1535477291.390 2018-08-28 13:28:11.390/EDT: ERROR Cannot send EMS CLI Request {"command":"listConfig","parameters":{"_messageId":3}}: Unable to establish websocket connection to send message in EmsCliApi-Executor
1535477301.387 2018-08-28 13:28:21.387/EDT: ERROR HouseKeepingTask Error: Timeout executing request: 4 in StreamManagementService-HouseKeeper
Indeed, the service is not running:
root@52d54376c6d7:/# ps -ef
UID PID PPID C STIME TTY TIME CMD
root 1 0 0 13:25 ? 00:00:00 /bin/bash /run.sh
root 98 1 0 13:25 ? 00:00:00 unifi-video -cwd /usr/lib/unifi-
unifi-v+ 99 98 29 13:25 ? 00:00:38 unifi-video -cwd /usr/lib/unifi-
root 208 0 0 13:26 pts/0 00:00:00 /bin/bash
unifi-v+ 255 99 1 13:26 ? 00:00:02 bin/mongod --nohttpinterface --b
root 498 1 0 13:27 ? 00:00:00 sleep 1
root 499 208 0 13:28 pts/0 00:00:00 ps -ef
I am able to roll back to a snapshot of my data and video volumes and launch the container using the 3.9.7 image to restore operation. I did not test a straight downgrade. The 3.9.7 container shows the extra "evostreamms" process that died on the new version:
root@dce1d00fdde5:/# ps -ef
UID PID PPID C STIME TTY TIME CMD
root 1 0 0 13:32 ? 00:00:00 /bin/bash /run.sh
root 95 1 0 13:32 ? 00:00:00 unifi-video -cwd /usr/lib/unifi-
unifi-v+ 96 95 20 13:32 ? 00:00:47 unifi-video -cwd /usr/lib/unifi-
root 194 0 0 13:32 pts/0 00:00:00 /bin/bash
unifi-v+ 256 96 1 13:32 ? 00:00:02 bin/mongod --nohttpinterface --b
unifi-v+ 288 96 1 13:32 ? 00:00:03 bin/evostreamms /usr/lib/unifi-v
root 681 1 0 13:36 ? 00:00:00 sleep 1
root 682 194 0 13:36 pts/0 00:00:00 ps -ef
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.