Closed fermulator closed 1 year ago
Looks similar to #53 (but different)
I am having the same issues. My Unifi OS is running on a UCKV2 v1.1.19 , OS is 7.1.61 . I was trying to add an extra user but can't as SMTP is not working, neither is cloud email. Cannot re-enable remote access to enable cloud email again .
Tried again today same issues. How can we diagnose this issue? @johenkel why /how did you conclude it is related to not having SMTP? (I don't see why SMTP would be required to login to Unifi's online cloud account services)
The server logs are QUITE helpful, check this out:
[2022-04-15T14:45:27,050] <model-lifecycle-cache-refresh> WARN dev - failed to retrieve EOL stats from - I/O error on GET request for "https://static.ubnt.com/network/devices/lifecycle.json": static.ubnt.com; nested exception is java.net.UnknownHostException: static.ubnt.com
[2022-04-15T14:46:26,964] <autoupdate-check> WARN system - update site - cannot resolve the host
[2022-04-15T14:46:35,732] <webapi-2> WARN api - failed to authenticate to SSO: sso.ui.com
[2022-04-15T14:46:46,993] <autoupdate-check> WARN fwupdate - unable to get update info for channel RELEASE: java.net.UnknownHostException: fw-update.ubnt.com
[2022-04-15T14:49:30,508] <webapi-1> WARN api - failed to authenticate to SSO: sso.ui.com
[2022-04-15T14:50:06,855] <webapi-2> WARN api - failed to authenticate to SSO: sso.ui.com
[2022-04-15T14:50:26,957] <check-iot-certificate> WARN sdn - failed to get connectivity details: config.ubnt.com
[2022-04-15T14:51:33,620] <webapi-1> WARN api - failed to authenticate to SSO: sso.ui.com
[2022-04-15T14:51:43,487] <webapi-1> WARN api - failed to authenticate to SSO: sso.ui.com
[2022-04-15T14:52:05,076] <webapi-2> WARN api - failed to authenticate to SSO: sso.ui.com
[2022-04-15T14:54:31,850] <webapi-2> WARN api - failed to authenticate to SSO: sso.ui.com
unifi_controller_ERROR_logs.txt
There are all sorts of errors like this. I can confirm that my host is able to access (ping, resolve) all of these URLs, it is as though the docker container itself doesn't haven external route capability? or are we blocking unifi online access?
I can also not access even apt repositories .. (went to go install ping/dig utils)
root@2bae1318f021:/usr/lib/unifi# apt update
0% [Connecting to archive.ubuntu.com]
Err:1 http://archive.ubuntu.com/ubuntu focal InRelease
Temporary failure resolving 'archive.ubuntu.com'
currently looking into https://docs.docker.com/network/bridge/ I suspect the default network/bridge settings here are not setup correctly (NOTE: my DNS is on pihole docker container, accessible via host subnet)
OK it wasn't DNS. After I switched from the default bridge mode, to host mode (for networking) then i was able to egress out of the container (tested with 'apt update').
network_mode: "host"
dns:
- 10.0.0.60
root@docker:/usr/lib/unifi# apt update
Hit:1 http://archive.ubuntu.com/ubuntu focal InRelease
Get:2 http://archive.ubuntu.com/ubuntu focal-updates InRelease [114 kB]
Get:3 http://archive.ubuntu.com/ubuntu focal-security InRelease [114 kB]
Fetched 228 kB in 1s (212 kB/s)
Reading package lists... Done
Building dependency tree
Reading state information... Done
21 packages can be upgraded. Run 'apt list --upgradable' to see them.
And then was able to enable remote access
[2022-05-18T07:30:47,443] <webapi-5> INFO productinfo - Using controller channel=RELEASE, firmware channel=RELEASE. Available controller channels=[RELEASE, RELEASE_CANDIDATE, BETA], available firmware channels=[RELEASE, RELEASE_CANDIDATE, BETA]. SSO is enabled.
Maintainers how do we want to tackle fixing this in the README? I can't quite put my finger on why docker bridge networking isn't working out of the box.
@johenkel fyi SMTP cloud also didn't work for me - had to manually enter valid SMTP server/auth from my mail provider.
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
@github-actions go away
(I don't see why SMTP would be required to login to Unifi's online cloud account services)
When one ads a new user, the system is trying to e-mail that user an invite. But it cannot send the email as there isn't a smtp set up.
If you're using pihole in a container, that's most likely the issue. One of the reasons we don't recommend or support dns/dhcp in a container.
Unifi SSO works just fine here.
This is the first time I've ever run into a networking issue like this from a container application (all others work; home-assistant, nextcloud, etc), and yes I'm running pihole in a container. This shouldn't affect anything because it is exposed host-networking mode to the local subnet. The router doles out DHCP, and with this instructs clients to request DNS from a local subnet IP address.
And therein lies the problem. If this container doesn't have access to the local subnet by default (and it didn't until I requested it to move to host networking mode), then it cannot access the pihole. (regardless whether it is in a container or not...)
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
I've actually had the exact same issue on jacobalberty/unifi too.
I have Pi-Hole running by itself not in docker as I'm trying to move everything into docker and learn about it all but once I went from bridge to host network everything worked fine for me too.
I'll keep an eye on it but it doesn't seem isolated to this image I guess.
go away bot
I tested today and was able to enable unifi sso (though I immediately turned it off because I'm not an idiot). Unless someone can provide some data indicating that this issue isn't self inflicted, I plan to close this.
(for me can confirm my docker host default bridge docker0 is a bit fub'ard - my other containers were running host or macvlan mode so this was the first one; user error on my part!)
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
Expected Behavior
Current Behavior
Neither works.
(fill in credentials) - 100% confirmed they're right (password manager)
-- the error message during wizard is slightly less helpful.
Steps to Reproduce
(A)
(B)
Environment
x86/64-bit
Command used to create docker container (run/create/compose/screenshot)
same as #137
Docker logs
same as #137
There are no useful logs from the appliance side. How can we debug this failure?
Other Notes
137 is actually the INITIAL reason/issue I figured was to blame here, but since now the docker container is running with current timezone + datetime, this is no longer the case.