├── .gitignore ├── root └── etc │ ├── services.d │ ├── 01-postgres │ │ ├── finish │ │ └── run │ └── 02-unifi-protect │ │ ├── finish │ │ └── run │ ├── cont-finish.d │ └── 00-shutdown │ └── cont-init.d │ ├── 01-install-app │ ├── 00-start-container │ └── 02-fix-permissions ├── Dockerfile └── README.md /.gitignore: -------------------------------------------------------------------------------- 1 | run/ 2 | -------------------------------------------------------------------------------- /root/etc/services.d/01-postgres/finish: -------------------------------------------------------------------------------- 1 | #!/usr/bin/execlineb -S0 2 | 3 | #s6-svscanctl -t /var/run/s6/services/postgres 4 | -------------------------------------------------------------------------------- /root/etc/services.d/02-unifi-protect/finish: -------------------------------------------------------------------------------- 1 | #!/usr/bin/execlineb -S0 2 | 3 | #s6-svscanctl -t /var/run/s6/services/unifi-protect 4 | -------------------------------------------------------------------------------- /root/etc/cont-finish.d/00-shutdown: -------------------------------------------------------------------------------- 1 | #!/usr/bin/with-contenv bash 2 | # shellcheck shell=bash 3 | 4 | # Run unifi-protect post stop script 5 | /usr/share/unifi-protect/app/hooks/post-stop 6 | -------------------------------------------------------------------------------- /root/etc/cont-init.d/01-install-app: -------------------------------------------------------------------------------- 1 | #!/usr/bin/with-contenv bash 2 | # shellcheck shell=bash 3 | 4 | # Set the UID/PID for unifi-protect user, fix shell. 5 | usermod -o -u "${PUID}" unifi-protect 6 | usermod --shell /bin/bash unifi-protect 7 | groupmod -o -g "${PGID}" unifi-protect 8 | 9 | # Set the UID/PID for postgres user 10 | usermod -o -u "${PUID_POSTGRES}" postgres 11 | groupmod -o -g "${PGID_POSTGRES}" postgres 12 | -------------------------------------------------------------------------------- /root/etc/cont-init.d/00-start-container: -------------------------------------------------------------------------------- 1 | #!/usr/bin/with-contenv bash 2 | # shellcheck shell=bash 3 | 4 | umask "${UMASK}" 5 | 6 | echo " 7 | ---------------------------------------------------------------------- 8 | ENVIRONMENT 9 | ---------------------------------------------------------------------- 10 | PUID | ${PUID} 11 | PGID | ${PGID} 12 | PUID_POSTGRES | ${PUID_POSTGRES} 13 | PGID_POSTGRES | ${PGID_POSTGRES} 14 | UMASK | ${UMASK} 15 | TZ | ${TZ} 16 | ---------------------------------------------------------------------- 17 | " 18 | -------------------------------------------------------------------------------- /root/etc/services.d/01-postgres/run: -------------------------------------------------------------------------------- 1 | #!/usr/bin/with-contenv bash 2 | # shellcheck shell=bash 3 | 4 | umask "${UMASK}" 5 | 6 | # Create the stat folder in /var/run/postgresql 7 | su -c "mkdir -p /var/run/postgresql/10-main.pg_stat_tmp" postgres 8 | 9 | # If the postgresql config folder is *empty*, create it 10 | if ! [[ "$(ls -A /etc/postgresql/10/main )" ]]; then 11 | echo "The postgresql config folder is empty, populating..." 12 | pg_createcluster 10 main 13 | fi 14 | 15 | # Run postgresql 16 | exec s6-setuidgid postgres /usr/lib/postgresql/10/bin/postgres --config_file="/etc/postgresql/10/main/postgresql.conf" -D /var/lib/postgresql/10/main -s 17 | -------------------------------------------------------------------------------- /root/etc/services.d/02-unifi-protect/run: -------------------------------------------------------------------------------- 1 | #!/usr/bin/with-contenv bash 2 | # shellcheck shell=bash 3 | 4 | umask "${UMASK}" 5 | 6 | # Wait for postgres to come up... 7 | s6-svwait -t 60000 -u /var/run/s6/services/postgres 8 | 9 | # Environment variables 10 | export $(grep -v '^#' /etc/default/unifi-protect | xargs) 11 | 12 | NODE_ENV="production" 13 | UFP_SOCKETS_DIR=/var/run/unifi-protect 14 | UFP_BACKUPS_DIR=/etc/unifi-protect/backups 15 | UFP_BACKUPS_DIR_HD=/srv/unifi-protect/backups 16 | UFP_DATADIR=/srv/unifi-protect 17 | UFP_TMPFS_DIR=/srv/unifi-protect/temp 18 | UFP_CONFIG=/usr/share/unifi-protect/app/config/config.json 19 | UFP_TMPFS_SIZE=256m 20 | 21 | MALLOC_ARENA_MAX=1 22 | MALLOC_MMAP_THRESHOLD_=8192 23 | MALLOC_TRIM_THRESHOLD_=1 24 | 25 | # Pre-start from systemd service file 26 | /usr/share/unifi-protect/app/hooks/pre-start 27 | 28 | # WorkingDir is set in systemd service file 29 | cd /usr/share/unifi-protect 30 | 31 | exec s6-setuidgid unifi-protect /usr/bin/node --expose_gc --optimize_for_size --memory_reducer --max_old_space_size=512 /usr/share/unifi-protect/app/daemon.js 32 | -------------------------------------------------------------------------------- /root/etc/cont-init.d/02-fix-permissions: -------------------------------------------------------------------------------- 1 | #!/usr/bin/with-contenv bash 2 | # shellcheck shell=bash 3 | 4 | # postgres 5 | echo -n "Setting ownership of /etc/postgresql/10 and /var/lib/postgresql/10... " 6 | if chown -R postgres:postgres /etc/postgresql/10 /var/lib/postgresql/10; then 7 | echo "done." 8 | else 9 | echo "failed." 10 | fi 11 | 12 | echo -n "Setting permissions of /etc/postgresql/10 and /var/lib/postgresql/10... " 13 | if chmod -R a=,u+rwX /etc/postgresql/10 /var/lib/postgresql/10; then 14 | echo "done." 15 | else 16 | echo "failed." 17 | fi 18 | 19 | echo -n "Setting permissions of /var/run/postgresql... " 20 | if chmod 777 /var/run/postgresql; then 21 | echo "done." 22 | else 23 | echo "failed." 24 | fi 25 | 26 | # unifi-protect 27 | echo -n "Setting ownership of /srv/unifi-protect... " 28 | if chown -R unifi-protect:unifi-protect /srv/unifi-protect; then 29 | echo "done." 30 | else 31 | echo "failed." 32 | fi 33 | 34 | echo -n "Setting ownership of /srv/unifi-protect... " 35 | if chmod -R a=,a+rX,u+w,g+w /srv/unifi-protect; then 36 | echo "done." 37 | else 38 | echo "failed." 39 | fi 40 | -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ubuntu:18.04 2 | LABEL maintainer="fryfrog" 3 | 4 | ARG DEBIAN_FRONTEND="noninteractive" 5 | ARG ARCH_S6="amd64" 6 | 7 | # Set correct environment variables 8 | ENV version 1.12.5 9 | ENV APP_DIR="/srv/unifi-protect" CONFIG_DIR="/config" PUID="999" PGID="999" PUID_POSTGRES="102" PGID_POSTGRES="104" UMASK="002" VERSION="none" 10 | ENV LANG="en_US.UTF-8" LANGUAGE="en_US:en" LC_ALL="en_US.UTF-8" 11 | ENV S6_BEHAVIOUR_IF_STAGE2_FAILS 2 12 | 13 | # Ports 14 | EXPOSE 7080/tcp 7443/tcp 7444/tcp 7447/tcp 7550/tcp 7442/tcp 15 | 16 | # Video storage volume 17 | VOLUME ["/srv/unifi-protect"] 18 | 19 | # Setup the S6 overlay and update/install packages 20 | ADD https://github.com/just-containers/s6-overlay/releases/download/v1.22.1.0/s6-overlay-amd64.tar.gz /tmp/ 21 | RUN tar xzf /tmp/s6-overlay-amd64.tar.gz -C / && \ 22 | apt-get update && \ 23 | apt-get install -y apt-utils locales && \ 24 | locale-gen en_US.UTF-8 && \ 25 | apt-get upgrade -y -o Dpkg::Options::="--force-confold" && \ 26 | apt-get install -y \ 27 | curl \ 28 | dbus \ 29 | moreutils \ 30 | patch \ 31 | sudo \ 32 | tzdata \ 33 | moreutils \ 34 | nodejs \ 35 | psmisc \ 36 | sudo \ 37 | systemd \ 38 | wget && \ 39 | wget --quiet https://apt.ubnt.com/pool/beta/u/unifi-protect/unifi-protect.jessie~stretch~xenial~bionic_amd64.v${version}.deb && \ 40 | apt install -y ./unifi-protect.jessie~stretch~xenial~bionic_amd64.v${version}.deb 41 | 42 | # Add needed patches and scripts 43 | COPY root/ / 44 | 45 | # Run this potato 46 | ENTRYPOINT ["/init"] 47 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # This image does not have a future 2 | 3 | It looks like release of the 1.12.5 package was *not* intentional... again. And future versions won't be public, the installations won't be upgradable and may eventually only work on Ubiquity hardware. 4 | 5 | ![The .deb will be gone soon, and the upgrades around 1.14 wouldn't work on non-UI hardware anyway](https://i.imgur.com/dSlWvZY.png) 6 | 7 | # This image works w/ a macvlan network 8 | 9 | You'll need to run this image on your lan w/ a real IP, using Docker's [macvlan](https://docs.docker.com/network/macvlan/). It doesn't use dhcp and it doesn't watch for ip address conflicts, so be sure to account for that like the example below. 10 | 11 | ``` 12 | docker network create -d macvlan \ 13 | --subnet 192.168.1.1/24 \ 14 | --gateway 192.168.1.1 \ 15 | --ip-range 192.168.1.16/28 \ 16 | -o parent=eth0 lan 17 | ``` 18 | 19 | Note that you'll *need* to use the correct subnet, gateway, ip-range and network interface for *your* network and server. These example IPs may or may not be correct. 20 | 21 | # unifi-protect 22 | An Ubuntu based Docker image for Unifi Protect 23 | 24 | Visit http://:7080/ to start the Unifi Protect wizard. 25 | 26 | # Run it 27 | 28 | ``` 29 | docker run \ 30 | --name unifi-protect \ 31 | --cap-add SYS_ADMIN \ 32 | --cap-add DAC_READ_SEARCH \ 33 | -p 7080:7080 \ 34 | -p 7442:7442 \ 35 | -p 7443:7443 \ 36 | -p 7444:7444 \ 37 | -p 7447:7447 \ 38 | -p 7550:7550 \ 39 | -v :/srv/unifi-protect \ 40 | -v :/var/lib/postgresql/10/main \ 41 | -v :/etc/postgresql/10/main \ 42 | -e TZ=America/Los_Angeles \ 43 | -e PUID=999 \ 44 | -e PGID=999 \ 45 | -e PUID_POSTGRES=102 \ 46 | -e PGID_POSTGRES=104 \ 47 | fryfrog/unifi-protect 48 | ``` 49 | 50 | # Example folder structure for the data, db and db-config folders. 51 | 52 | ``` 53 | storage/unifi-protect 54 | ├ data 55 | ├ db 56 | └ db-config 57 | ``` 58 | 59 | # tmpfs mount error 60 | 61 | ``` 62 | mount: tmpfs is write-protected, mounting read-only 63 | mount: cannot mount tmpfs read-only 64 | ``` 65 | 66 | If you get this tmpfs mount error, add `--security-opt apparmor:unconfined \` to your list of run options. This error has been seen on Ubuntu, but may occur on other platforms as well. 67 | 68 | # Alternative Unifi Protect Images 69 | 70 | * iamjamestl's [iamjamestl/unifi-protect](https://hub.docker.com/r/iamjamestl/unifi-protect) on Docker Hub, [iamjamestl/docker-unifi-protect](https://github.com/iamjamestl/docker-unifi-protect) on [github]( 71 | ). 72 | --------------------------------------------------------------------------------