* Install Debian with 1GB RAM, 2 VCPU, 8GB+ Disk * Choose "Graphical Expert Install" Installer * Set static IP, enable NTP, use 1 parition and install base system, choose HTTP mirror ==Remove DVD repo== vi /etc/apt/sources.list Remove the line that references the cdrom installer. ==Install SSH Server, VIM and sudo== apt-get install openssh-server vim sudo wget gnupg software-properties-common apt-transport-https ==Create sudo User== adduser username usermod -aG sudo username Logout of root and in using your sudo user. Root via ssh appears disabled by default. ====Setup Firewall and Network Interface==== * Configure Firewall sudo vim /etc/network/firewall-rules then add *filter # Flush any existing rules -F # Default policy: drop all inbound and allow all outbound -P FORWARD DROP -P INPUT DROP -P OUTPUT ACCEPT # Accepts all established inbound connections -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT # Allow local programs that use loopback (Unix sockets) -A INPUT -s 127.0.0.0/8 -d 127.0.0.0/8 -i lo -j ACCEPT # Allow ICMP pings -A INPUT -i enp1s0 -p icmp --icmp-type echo-request -j ACCEPT # Allow SSH from anywhere -A INPUT -i enp1s0 -p tcp --dport 22 -j ACCEPT # Allow all the UniFi ports from anywhere -A INPUT -i enp1s0 -p tcp --dport 8080 -j ACCEPT -A INPUT -i enp1s0 -p tcp --dport 8081 -j ACCEPT -A INPUT -i enp1s0 -p tcp --dport 8443 -j ACCEPT -A INPUT -i enp1s0 -p tcp --dport 8880 -j ACCEPT -A INPUT -i enp1s0 -p tcp --dport 8843 -j ACCEPT -A INPUT -i enp1s0 -p udp --dport 3478 -j ACCEPT -A INPUT -i enp1s0 -p udp --dport 10001 -j ACCEPT -A INPUT -i enp1s0 -p udp --dport 1900 -j ACCEPT COMMIT * Configure Network Interface sudo vim /etc/network/interfaces then put in something like # The primary network interface allow-hotplug eth0 iface eth0 inet static address 172.21.21.145 netmask 255.255.255.0 gateway 172.21.21.1 network 172.21.21.0 broadcast 172.21.21.255 post-up iptables-restore < /etc/network/firewall-rules * Configure DNS sudo vim /etc/resolv.conf then put in something like nameserver 8.8.8.8 nameserver 208.67.220.220 * Set Hostname sudo vim /etc/hostname Then put in the name you want unifi.yourdomainname.com Now reboot. ====Update & Install Unifi Controller==== Update OS sudo apt-get update && sudo apt-get upgrade -y Install Java & MongoDB wget -qO - https://adoptopenjdk.jfrog.io/adoptopenjdk/api/gpg/key/public | sudo apt-key add - sudo add-apt-repository --yes https://adoptopenjdk.jfrog.io/adoptopenjdk/deb/ sudo apt-get update && sudo apt-get install adoptopenjdk-8-hotspot wget -qO - https://www.mongodb.org/static/pgp/server-3.6.asc | sudo apt-key add - echo "deb http://repo.mongodb.org/apt/debian stretch/mongodb-org/3.6 main" | sudo tee /etc/apt/sources.list.d/mongodb-org-3.6.list sudo apt-get update sudo apt-get install -y mongodb-org * Add Ubiquiti Repo sudo echo 'deb http://www.ubnt.com/downloads/unifi/debian stable ubiquiti' | sudo tee /etc/apt/sources.list.d/100-ubnt-unifi.list * Add repo key sudo wget -O /etc/apt/trusted.gpg.d/unifi-repo.gpg https://dl.ubnt.com/unifi/unifi-repo.gpg * Install Unifi Controller sudo apt-get update sudo apt-get install unifi -y Reboot sudo shutdown -r now After it comes back up go to https://your.ip.address:8443 and start the initial setup.