Run UniFi OS Server directly in Docker or Kubernetes.
The UniFi OS Server is the new standard for self-hosting UniFi, replacing the legacy UniFi Network Server. While the Network Server provided basic hosting functionality, it lacked support for key UniFi OS features like Organizations, IdP Integration, or Site Magic SD-WAN. With a fully unified operating system, UniFi OS Server now delivers the same management experience as UniFi-native–including CloudKeys, Cloud Gateways, and Official UniFi Hosting–and is fully compatible with Site Manager for centralized, multi-site control.
https://help.ui.com/hc/en-us/articles/34210126298775-Self-Hosting-UniFi
See kubernetes
Deployment example uses ingress-nginx for the ingress and longhorn for storage.
Your ingress controller must be modified to accept extra ports. For example, ingress-nginx Helm values:
tcp:
5005: "unifi/unifi-os-server-rtp-svc:5005" # Optional
9543: "unifi/unifi-os-server-id-hub-svc:9543" # Optional
6789: "unifi/unifi-os-server-mobile-speedtest-svc:6789" # Optional
8080: "unifi/unifi-os-server-communication-svc:8080"
8443: "unifi/unifi-os-server-network-app-svc:8443" # Optional
8444: "unifi/unifi-os-server-hotspot-secured-svc:8444" # Optional
11084: "unifi/unifi-os-server-site-supervisor-svc:11084" # Optional
5671: "unifi/unifi-os-server-aqmps-svc:5671" # Optional
8880: "unifi/unifi-os-server-hotspot-redirect-0-svc:8880" # Optional
8881: "unifi/unifi-os-server-hotspot-redirect-1-svc:8881" # Optional
8882: "unifi/unifi-os-server-hotspot-redirect-2-svc:8882" # Optional
udp:
3478: "unifi/unifi-os-server-stun-svc:3478"
5514: "unifi/unifi-os-server-syslog-svc:5514" # Optional
10003: "unifi/unifi-os-server-discovery-svc:10003"| Environment | Description |
|---|---|
| UOS_SYSTEM_IP | Hostname or IP for UniFi OS Server |
| HARDWARE_PLATFORM | Manually set hardware platform |
Set UniFi OS Server hostname (recommended) or IP address for inform. To adopt device:
-
SSH into device with username/password:
ubnt/ubnt -
Set inform address:
set-inform http://$UOS_SYSTEM_IP:8080/inform
Overrides your detected hardware platform. Accepted values are: synology.
| Protocol | Port | Direction | Usage |
|---|---|---|---|
| TCP | 11443 | Ingress | UniFi OS Server GUI/API |
| TCP | 5005 | Ingress | RTP (Real-time Transport Protocol) control protocol |
| TCP | 9543 | Ingress | UniFi Identity Hub |
| TCP | 6789 | Ingress | UniFi mobile speed test |
| TCP | 8080 | Ingress | Device and application communication |
| TCP | 8443 | Ingress | UniFi Network Application GUI/API |
| TCP | 8444 | Ingress | Secure Portal for Hotspot |
| UDP | 3478 | Both | STUN for device adoption and communication (also required for Remote Management) |
| UDP | 5514 | Ingress | Remote syslog capture |
| UDP | 10003 | Ingress | Device discovery during adoption |
| TCP | 11084 | Ingress | UniFi Site Supervisor |
| TCP | 5671 | Ingress | AQMPS |
| TCP | 8880 | Ingress | Hotspot portal redirection (HTTP) |
| TCP | 8881 | Ingress | Hotspot portal redirection (HTTP) |
| TCP | 8882 | Ingress | Hotspot portal redirection (HTTP) |
The uosserver image is provided by UniFi, extracted from the installation binary. The unifi-os-server image provides better compatibility for Docker and Kubernetes with directory fixes and configuration through environment variables.
The underlying structure of UniFi OS Server runs every component as systemd services which requires access to the host cgroup.