OPNsense Forum
English Forums => General Discussion => Topic started by: mimugmail on October 26, 2023, 01:17:03 pm
-
EDIT: This only affects you if you have enabled my comunity repo: https://www.routerperformance.net/opnsense-repo/
Hi,
for a couple of months there were no updates on the community repo, cause of the fact that FreeBSD updated the unifi7 port with v7.4 that it get's bundled with mongodb4.4 instead of mongodb3.6 (which is EoL). The problem is, that there is no upgrade path between 3.6 to 4.4 and Unifi solved this in Windows/Linux a different way than the FreeBSD guys :)
So, in my tests I failed 100% of all upgrade from 7.3 to 7.4 or 7.5, which means, after upgrade you can use your wifi but can't login into the controller. To fix this, you need download a backup of Unifi and head over to CLI:
service unifi stop
pkg remove os-unifi7-maxit unifi7
rm -rf /usr/local/share/java/unifi/*
pkg install os-unifi7-maxit
Browse to your controller and restore from backup.
If you know a better way, I'm happy for any help.
Right now I need to do this cause of the openssl111 trouble beginning with 23.7.7 (where FreeBSD is responsible, not OPNsense).
-
Is the transition already active? I am asking because I did not have the plugin installed as of yet and wanted to try as a fresh install. Neither of the two plugins os-unifi7-maxit and os-unifi-maxinit can be installed because of missing dependencies on openssl:
pkg: libevent has a missing dependency: openssl
pkg: mongodb36 has a missing dependency: openssl
Also, I was surprised to see a mongodb36 dependency on both packages, I should have expected mongodb44 in os-unifi7-maxit?
-
As I said, "upcoming", it's a warning everyone using it should take a backup before I push the release.
-
Thanks mimugmail. Patiently waiting for release.
Hi,
for a couple of months there were no updates on the community repo, cause of the fact that FreeBSD updated the unifi7 port with v7.4 that it get's bundled with mongodb4.4 instead of mongodb3.6 (which is EoL). The problem is, that there is no upgrade path between 3.6 to 4.4 and Unifi solved this in Windows/Linux a different way than the FreeBSD guys :)
So, in my tests I failed 100% of all upgrade from 7.3 to 7.4 or 7.5, which means, after upgrade you can use your wifi but can't login into the controller. To fix this, you need download a backup of Unifi and head over to CLI:
service unifi stop
pkg remote os-unifi7-maxit unifi7
rm -rf /usr/local/share/java/unifi/*
pkg install os-unifi7-maxit
Browse to your controller and restore from backup.
If you know a better way, I'm happy for any help.
Right now I need to do this cause of the openssl111 trouble beginning with 23.7.7 (where FreeBSD is responsible, not OPNsense).
-
Just updated the repo ... be prepared:
https://www.reddit.com/r/opnsense/comments/17hl1ge/opnsense_community_repo_updated_fixes_openssl111/
-
which unifi plugin are you talking about exactly.
I am not seeing anything in the system > firmware > plugins about unifi
I have a separate cloud key controller. is doing an open sense update going to break my Vlans? or what exactly is this
-
will only appear if you have enabled his repository.
-
will only appear if you have enabled his repository.
I figured this was the case. but this is a very vague post under General.
either way the heads up is appreciated. and glad I do not have to worry about this issue..
thank you for what you do @ mimugmail
-
Yeah I agree, we should clarify in the subject of the first post that this is about the mimugmail repo?
Cheers,
Franco
-
I edited the main post :)
As there are around 1000 activations of the repo per month I thought it might be of broader use and posting in general is fine :)
-
Perhaps there needs to be either a separate Plugin (or even mimugmail :) ) forum section like there is for Zenarmor.
This could help with people better understanding what capabilities are part of the core OPNSense and what aren't.
-
Thank you mimugmail. I'm up and running.
Just updated the repo ... be prepared:
https://www.reddit.com/r/opnsense/comments/17hl1ge/opnsense_community_repo_updated_fixes_openssl111/
-
For me, it does not work. It is acting strange, like for example it installs both OpenJDK8 and OpenJDK17.
When I enable the daemon, expecting to have a Web GUI on port 8080 for initial configuration, the process starts (can see it with ps) but exits after a few seconds with no log messages.
I added this to fstab and mounted like it is said in the log messages:
fdesc /dev/fd fdescfs rw 0 0
proc /proc procfs rw 0 0
unifi user and group has been added as well.
When I start the process as shown in ps manually, it runs and does not stop:
# cd /usr/local/share/java/unifi/
# /usr/local/openjdk17/bin/java -Djava.awt.headless=true -Xmx1024M --add-opens java.base/java.lang=ALL-UNNAMED --add-opens java.base/java.time=ALL-UNNAMED --add-opens java.base/sun.security.util=ALL-UNNAMED --add-opens java.base/java.io=ALL-UNNAMED --add-opens java.rmi/sun.rmi.transport=ALL-UNNAMED -jar lib/ace.jar start
However, unifi controller did not listen to port 8080.
Later, I found that it collides with crowdsec already running on port 8080 (there should be a warning about that). But even after I disabled crowdsec, uninstalled unifi, deleted /usr/local/share/java/unifi, reinstalled unifi and started over, I now only get "HTTP Status 404 – Not Found" on either https://opnsense:8443 or http://opnsense:8080.
I can see no obvious errors in the unifi log files, mongodb seems to run as well.
P.S.: After just a while of waiting, it suddenly shows a Web GUI now, so what is left is:
1. Crowdsec port 8080 collides with unifi.
2. Both OpenDSK8 and OpenJDK17 are installed - as far as I can see, only OpenJDK17 is used.
3. There should be a hint to delete /usr/local/share/java/unifi and re-install unifi if something goes wrong.
4. The Help page should warn about the slow startup.
-
The colliding port message is already there when you enable the Service, isnt there a yellow warning Box?
-
No, none that I was aware of. It is easy to have Crowdsec on another LAPI port, just that 8080 is the default.
I wanted to test only anyway, I usually have Unifi Controller running under Proxmox.
-
Hi MimuGmail!
Thank you for all the hardwork. I just started using OPBsense as I'm a switcher from the other side. I'm currently checking out unifi plugin as I am also using its APs. Crowdsec is also a very good alternative to pfblocker as it is not available yet in OPNsense.
I noticed the default port of 8080 of Crowdsec conflicts with Unifi. The Unifi daemon keeps on stopping. Turning Croedec off solves this.
As a solution, which port would you advise in liu of 8080 in Crowdsec? Tried port 9999 and I'm getting firewall "bouncer unknown"
-
Actually I never played around with crowdsec, sorry
-
This is what worked for me:
System: Diagnostics: Services: Unifi: Stop
System: Diagnostics: Services: Crowdsec: Stop
Services: Crowdsec: Settings: LAPI listen port: 8088
Router shell:
pkg remote os-unifi7-maxit unifi7
rm -rf /usr/local/share/java/unifi/*
pkg install os-unifi7-maxit
Waited for like 3-4 minutes (if you dont wait you will get the 404 page until all services are up!)
Browser: <router IP>:8080 and configure your unifi (I restored it from a back up I had)
System: Diagnostics: Services: Crowdsec: Start
Crowdsec and Unifi work like a charm.
-
Thanks will definetly try that
-
I use the unifi plugin on opnsense and I was not able to login.
I had the follow the steps mentioned for reinstalling unifi. But since I was not able to take a backup from the UI, these are the steps that I followed for backup
ssh <username>@<ip of opnsense>
cd /usr/local/share/java/unifi/data/db/backup/autobackup
# for finding the recent backup .unf file
ls -la
#on your local
scp <username>@<ip of opnsense>:/usr/local/share/java/unifi/data/db/backup/autobackup/<latest file> .
use that .unf file when restoring
-
Thx 8)
-
Hi!
Do u have a script or guide on upgrading unfi to the next version?
-
Hi,
do you plan to upgrade to version 8.x soon?
-
I will build a new plugin when I find the time, yes
-
It looks like we can use this sooner rather than later. Dependencies are now broken with OPNSense 24.1x :-(
-
Yeah. I hope mimugmail finds the time to update it together with the latest version
-
It updated now .. :)
-
Thank you for letting us know. However, There's still no updated plugin in the repository and still no access to the controller.
-
Can you remove the plugin and install again?
-
Thank you. Removing then Installing fixed the problem.
However, there's a new app version 8. Can we also expect an upgrade to this version anytime soon?
-
First I'll buil a new plugin to get others fixed, thx for the report.
Next will be unifi8 but I have some build errors .. takes a bit
-
Ok. Thanks a lot! Looking forward to it
-
https://forum.opnsense.org/index.php?topic=38558.0
-
https://www.reddit.com/r/opnsense/comments/1ahba0z/announce_osunifimaxit_replaces_osunifi7maxit_with/
-
mimugmail
Can u help troubleshoot? I did a clean install with opnsense and it seems I'm stucked at fetching unifi9 for a very long time
***GOT REQUEST TO INSTALL***
Currently running OPNsense 24.1.2_1 at Tue Feb 27 02:48:42 PST 2024
Updating OPNsense repository catalogue...
OPNsense repository is up to date.
Updating mimugmail repository catalogue...
mimugmail repository is up to date.
All repositories are up to date.
The following 44 package(s) will be affected (of 0 checked):
New packages to be INSTALLED:
alsa-lib: 1.2.10 [mimugmail]
brotli: 1.1.0,1 [OPNsense]
dejavu: 2.37_3 [mimugmail]
encodings: 1.0.5,1 [mimugmail]
font-bh-ttf: 1.0.3_5 [mimugmail]
font-misc-ethiopic: 1.0.4 [mimugmail]
font-misc-meltho: 1.0.3_5 [mimugmail]
fontconfig: 2.15.0_2,1 [OPNsense]
freetype2: 2.13.2 [OPNsense]
giflib: 5.2.1_1 [OPNsense]
graphite2: 1.3.14 [mimugmail]
harfbuzz: 8.3.0 [OPNsense]
javavmwrapper: 2.7.9_1 [mimugmail]
jbigkit: 2.1_2 [OPNsense]
jpeg-turbo: 3.0.2 [OPNsense]
lcms2: 2.16 [mimugmail]
libICE: 1.1.0_2,1 [mimugmail]
libSM: 1.2.3_1,1 [mimugmail]
libX11: 1.8.7,1 [mimugmail]
libXau: 1.0.9_1 [mimugmail]
libXdmcp: 1.1.3 [mimugmail]
libXext: 1.3.4,1 [mimugmail]
libXfixes: 6.0.0 [mimugmail]
libXi: 1.8,1 [mimugmail]
libXrandr: 1.5.2 [mimugmail]
libXrender: 0.9.10_2 [mimugmail]
libXt: 1.2.1,1 [mimugmail]
libXtst: 1.2.3_2 [mimugmail]
libdeflate: 1.19 [OPNsense]
libfontenc: 1.1.7 [OPNsense]
libxcb: 1.15_2 [mimugmail]
mkfontscale: 1.2.1_1 [mimugmail]
mongodb44: 4.4.28 [mimugmail]
openjdk17: 17.0.9+9.1 [mimugmail]
os-unifi-maxit: 1.3 [mimugmail]
pcre: 8.45_4 [OPNsense]
png: 1.6.42 [OPNsense]
snappy: 1.1.10 [mimugmail]
snappyjava: 1.1.10.5 [mimugmail]
tiff: 4.4.0_3 [OPNsense]
unifi8: 8.0.26_1 [mimugmail]
xorg-fonts-truetype: 7.7_1 [mimugmail]
xorgproto: 2023.2 [mimugmail]
zstd: 1.5.5_1 [OPNsense]
Number of packages to be installed: 44
The process will require 725 MiB more space.
127 MiB to be downloaded.
[1/1] Fetching unifi8-8.0.26_1.pkg: . done
-
Found the problem. Needs to increase memmory and disk allocation.
Working fine now
-
Any plans to update your Repo to a newer version ?
-
Latest Update has this error:
***GOT REQUEST TO INSTALL***
Currently running OPNsense 24.1.5_3 at Tue Apr 9 03:50:36 PST 2024
Updating OPNsense repository catalogue...
OPNsense repository is up to date.
Updating mimugmail repository catalogue...
mimugmail repository is up to date.
All repositories are up to date.
pkg: unifi8 has a missing dependency: mongodb50
Checking integrity... done (0 conflicting)
Nothing to do.
***DONE***
-
Slipped through, currently building the pkg.
-
Updated now ...
-
We got a new Error:
***GOT REQUEST TO INSTALL***
Currently running OPNsense 24.1.5_3 at Tue Apr 9 16:47:50 PST 2024
Updating OPNsense repository catalogue...
OPNsense repository is up to date.
Updating mimugmail repository catalogue...
mimugmail repository is up to date.
All repositories are up to date.
pkg: mongodb50 has a missing dependency: snowballstemmer
Checking integrity... done (0 conflicting)
Nothing to do.
***DONE***
-
mimugmail
Any update?
-
I'm also getting missing dependencies:
mongodb50 has a missing dependency: snowballstemmer
mongodb50 has a missing dependency: yaml-cpp
mongodb50 has a missing dependency: libunwind
mongodb50 is missing a required shared library: libyaml-cpp.so.0
mongodb50 is missing a required shared library: libunwind.so.8
mongodb50 is missing a required shared library: libstemmer.so.0
>>> Missing package dependencies were detected.
>>> Found 3 issue(s) in the package database.
-
sorry guys, please try again :)
-
Thank You. That did it
-
Posting for visibility if others run into this with latest Unifi pkg, not expecting a fix.
Latest version requires MongoDB 5.0 which requires AVX instructions to be supported on your CPU. This actually rules out my custom router running OPNSense on an Intel N5105, a relatively popular fanless box CPU from 2021. For whatever reason Intel left AVX off this series of chips unless it's I3/I5/I7 badged.
This presents as MongoDB immediately crashing out on start, and Unifi can't function without a working mongodb.
Supposedly online folks have gotten docker images working with Mongo 5 and AVX disabled, but that's a bit beyond my technical ability.
-
No update waiting, so the service wont start, what is the fix ? I have tried to install the os-unifi-maxit from the command line, but it says it the most recent version so wont re-install ? What have I missed ?
-
Maybe clean up the folder via cli?
-
If your CPU does not support AVX, the service won't start. The FreeBSD default compile options build MongoDB with AVX enabled. Only solution: build your own package from ports.
-
I started a build with:
databases_mongodb50_SET= NOAVX
Will need a couple of hours, thx Patrick for the hint :)
-
where do I find the log for the Unifi plugin, as the page on 8443 constantly displays:
"UniFi Network Application is starting up...!"
I've just removed and re-installed the plugin, and the status has not altered.
-
@dustymiller does your CPU support AVX or not?
-
Yes its an i3-n305:
https://www.intel.com/content/www/us/en/products/sku/231805/intel-core-i3n305-processor-6m-cache-up-to-3-80-ghz/specifications.html
Instruction Set Extensions Intel® SSE4.1, Intel® SSE4.2, Intel® AVX2
-
I replaced the mongodb50, just reinstall the pkg, maybe this will fix it
-
root@core-router:/ # grep Features /var/run/dmesg.boot | grep --colour -e AVX
Features2=0xfffa3203<SSE3,PCLMULQDQ,SSSE3,FMA,CX16,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,TSCDLT,AESNI,XSAVE,OSXSAVE,AVX,F16C,RDRAND,HV>
Structured Extended Features=0x219c27eb<FSGSBASE,TSCADJ,BMI1,AVX2,FDPEXC,SMEP,BMI2,ERMS,INVPCID,NFPUSG,RDSEED,ADX,SMAP,CLFLUSHOPT,CLWB,SHA>
Features2=0xfffa3203<SSE3,PCLMULQDQ,SSSE3,FMA,CX16,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,TSCDLT,AESNI,XSAVE,OSXSAVE,AVX,F16C,RDRAND,HV>
Structured Extended Features=0x219c27eb<FSGSBASE,TSCADJ,BMI1,AVX2,FDPEXC,SMEP,BMI2,ERMS,INVPCID,NFPUSG,RDSEED,ADX,SMAP,CLFLUSHOPT,CLWB,SHA>
-
ran the update, no luck,
Restarted the Unifi Service - No Luck
Restarted the Router - No luck,
Still stuck showing - "UniFi Network Application is starting up..."
-
service unifi stop
pkg remove os-unifi8-maxit unifi8
rm -rf /usr/local/share/java/unifi/*
pkg install os-unifi8-maxit
-
pkg: No packages available to install matching 'os-unifi8-maxit' have been found in the repositories
-
pkg install os-unifi-maxit - Worked. Restoring from old backup now
-
Didnt lkike the old backup, creating networks again
-
Thank you for the help getting the plugin working.