* Install Debian with 1GB RAM, 2 VCPU, 8GB+ Disk
* Choose "Graphical Expert Install" Installer
* Set static IP, enable NTP, use 1 parition and install base system, choose HTTP mirror
==Remove DVD repo==
vi /etc/apt/sources.list
Remove the line that references the cdrom installer.
==Install SSH Server, VIM and sudo==
apt-get install openssh-server vim sudo wget gnupg software-properties-common apt-transport-https
==Create sudo User==
adduser username
usermod -aG sudo username
Logout of root and in using your sudo user. Root via ssh appears disabled by default.
====Setup Firewall and Network Interface====
* Configure Firewall
sudo vim /etc/network/firewall-rules
then add
*filter
# Flush any existing rules
-F
# Default policy: drop all inbound and allow all outbound
-P FORWARD DROP
-P INPUT DROP
-P OUTPUT ACCEPT
# Accepts all established inbound connections
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# Allow local programs that use loopback (Unix sockets)
-A INPUT -s 127.0.0.0/8 -d 127.0.0.0/8 -i lo -j ACCEPT
# Allow ICMP pings
-A INPUT -i enp1s0 -p icmp --icmp-type echo-request -j ACCEPT
# Allow SSH from anywhere
-A INPUT -i enp1s0 -p tcp --dport 22 -j ACCEPT
# Allow all the UniFi ports from anywhere
-A INPUT -i enp1s0 -p tcp --dport 8080 -j ACCEPT
-A INPUT -i enp1s0 -p tcp --dport 8081 -j ACCEPT
-A INPUT -i enp1s0 -p tcp --dport 8443 -j ACCEPT
-A INPUT -i enp1s0 -p tcp --dport 8880 -j ACCEPT
-A INPUT -i enp1s0 -p tcp --dport 8843 -j ACCEPT
-A INPUT -i enp1s0 -p udp --dport 3478 -j ACCEPT
-A INPUT -i enp1s0 -p udp --dport 10001 -j ACCEPT
-A INPUT -i enp1s0 -p udp --dport 1900 -j ACCEPT
COMMIT
* Configure Network Interface
sudo vim /etc/network/interfaces
then put in something like
# The primary network interface
allow-hotplug eth0
iface eth0 inet static
address 172.21.21.145
netmask 255.255.255.0
gateway 172.21.21.1
network 172.21.21.0
broadcast 172.21.21.255
post-up iptables-restore < /etc/network/firewall-rules
* Configure DNS
sudo vim /etc/resolv.conf
then put in something like
nameserver 8.8.8.8
nameserver 208.67.220.220
* Set Hostname
sudo vim /etc/hostname
Then put in the name you want
unifi.yourdomainname.com
Now reboot.
====Update & Install Unifi Controller====
Update OS
sudo apt-get update && sudo apt-get upgrade -y
Install Java & MongoDB
wget -qO - https://adoptopenjdk.jfrog.io/adoptopenjdk/api/gpg/key/public | sudo apt-key add -
sudo add-apt-repository --yes https://adoptopenjdk.jfrog.io/adoptopenjdk/deb/
sudo apt-get update && sudo apt-get install adoptopenjdk-8-hotspot
wget -qO - https://www.mongodb.org/static/pgp/server-3.6.asc | sudo apt-key add -
echo "deb http://repo.mongodb.org/apt/debian stretch/mongodb-org/3.6 main" | sudo tee /etc/apt/sources.list.d/mongodb-org-3.6.list
sudo apt-get update
sudo apt-get install -y mongodb-org
* Add Ubiquiti Repo
sudo echo 'deb http://www.ubnt.com/downloads/unifi/debian stable ubiquiti' | sudo tee /etc/apt/sources.list.d/100-ubnt-unifi.list
* Add repo key
sudo wget -O /etc/apt/trusted.gpg.d/unifi-repo.gpg https://dl.ubnt.com/unifi/unifi-repo.gpg
* Install Unifi Controller
sudo apt-get update
sudo apt-get install unifi -y
Reboot
sudo shutdown -r now
After it comes back up go to https://your.ip.address:8443 and start the initial setup.