UniFi OS - Dream Machines 2.x

[StiviiK]

Ubiquiti recently annouced in the latest update notes for the UniFi OS - Dream Machines, they will migrate to 2.x soon. https://community.ui.com/releases/UniFi-OS-Dream-Machines-1-12-30/a4f85653-7bc6-461a-8715-94298cb69164

If I am not mistaken, that means they will align the firmware with the firmware of the UDM SE. Do you know what are the effects of that and how the work of this awesome project will be affected? I am only aware that this will drop Podman?

[SamErde]

I've been wondering the same thing.

[boostchicken]

So this means a couple things I believe. You will have to install podman via our udm-se builds probably. Beyond that the baseOS will have systemd now and if I remember correctly they let you customize. I think it will get rid of the need for the deb install and we will just have to update all instructions here to take 2.0 into account.

[Slychocobo]

That's good to hear, I've been holding off upgrading because quite used to using Pihole :)

[dvcrn]

Curious if anyone had success with recent versions and installing podman from udm-se? My UDM is stuck on 1.11.4 (with podman 1.x) because of trauma from updating firmwares in the past

[user45876]

Version 2.4 is now live for UDM (base, pro): https://community.ui.com/releases/UniFi-OS-Dream-Machines-2-4-23/aebbba64-9e7e-4151-bcca-34ed08761f08 Thanks a lot for your work so far! I am badly wanting to get DNS-Requests redirected :)

[OfficialHoSay]

Has anyone performed the migration to 2.4.23?

Did any data related to _onboot remain on disk?

Does the migration nuke everything?

I'm hesitant to upgrade this early as I do need my DNS redirect and cloudflared services to remain running.

[aniolpages]

All erased on my UDMB, no data folder in mnt

[bananaman2020]

Has anyone performed the migration to 2.4.23?

Did any data related to _onboot remain on disk?

Does the migration nuke everything?

I'm hesitant to upgrade this early as I do need my DNS redirect and cloudflared services to remain running.

For me it got rid of the on_boot.d folder and any podman containers I had it also completely got rid of podman. It leaves Unifi OS related configs such as network but anything custom is gone.

[mabunixda]

Yes, everything was purged from this partition

[mabunixda]

root@udmp:/persistent# dpkg -i udm-boot_1.0.5_all.deb 
Selecting previously unselected package udm-boot.
(Reading database ... 50954 files and directories currently installed.)
Preparing to unpack udm-boot_1.0.5_all.deb ...
/var/lib/dpkg/tmp.ci/preinst: 19: /var/lib/dpkg/tmp.ci/preinst: /sbin/ssh-proxy: not found
dpkg: error processing archive udm-boot_1.0.5_all.deb (--install):
 subprocess new pre-installation script returned error exit status 127
/var/lib/dpkg/tmp.ci/postrm: 24: /var/lib/dpkg/tmp.ci/postrm: /sbin/ssh-proxy: not found

Well the current installation does not run, cleaning it with

root@udmp:~# dpkg --purge --force-all udm-boot

But with this update tools like ansible are working fine now

[bennettp123]

All erased on my UDMB, no data folder in mnt

• For me, /mnt/data/ is missing, but /mnt/.rwfs/data exists. However, it looks like it's been cleared out.
• unifi-os shell results in -bash: unifi-os: command not found
• The install script fails with Missing dependencie(s): `podman`

Not sure why /mnt/data is missing—the overlayfs is mounted

overlayfs-root on / type overlay (rw,noatime,nodiratime,lowerdir=/mnt/.rofs,upperdir=/mnt/.rwfs/data,workdir=/mnt/.rwfs/.workdir)

Edit: derp, it's mounted at /data, I guess that's the new location in 2.x.

How are people installing podman?

Edit 2: Got it working. I downloaded the install script, and modified the case "$(udm_model)" statement to run the udr|udmse case for udm:

From b368017f4f3e83161549e36c93ada2dede7d6ffc Mon Sep 17 00:00:00 2001
From: Bennett Perkins <bennettperkins@gmail.com>
Date: Fri, 16 Dec 2022 07:49:03 +0800
Subject: [PATCH] got remote_install.sh working on UDM 2.4.23

---
 on-boot-script/remote_install.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/on-boot-script/remote_install.sh b/on-boot-script/remote_install.sh
index 62de92c..87ce59e 100755
--- a/on-boot-script/remote_install.sh
+++ b/on-boot-script/remote_install.sh
@@ -160,7 +160,7 @@ depends_on curl
 ON_BOOT_D_PATH="$DATA_DIR/on_boot.d"

 case "$(udm_model)" in
-  udm|udmpro)
+  udmpro)
     echo "UDM/Pro detected, installing on-boot script..."
     depends_on podman

@@ -172,7 +172,7 @@ case "$(udm_model)" in

     echo "UDM Boot Script installed"
     ;;
-  udr|udmse)
+  udr|udmse|udm)
     echo "UDR/UDMSE detected, installing on-boot script..."
     depends_on systemctl

-- 
2.37.1 (Apple Git-137.1)

[timrettop]

• The install script fails with Missing dependencie(s): `podman`

You will have to install podman via our udm-se builds probably.

In README.md All artifacts can be found on IPFS https://unifi.boostchicken.io/

Extract the zip to the root of your device! Look at the assets on the Podman workflow.

[timrettop]

Using @bennetp123's advice, I was also able to install after updating my UDM base using the modified remote_install.sh I tested the https://github.com/fire1ce/UDM-Persistent-SSH-Keys script and made two modifications to 99-ssh-keys.sh to use the /data path and to test for the existence of and make the /root/.ssh folder if necessary.

After that I'm able to ssh in with my key after reboot!

[dvcrn]

In README.md All artifacts can be found on IPFS https://unifi.boostchicken.io/ Extract the zip to the root of your device! Look at the assets on the Podman workflow.

can someone confirm this working on UDM? Last upgrade I had to leave podman at 1.0 since the updated variants didn't work for me. Do those SE builds work on normal UDM as well?

Also how is the unifi-shell now executed? Previously that was a podman container, but that is no longer the case I presume?

[jinkang23]

This worked for me but my testing is limited. If you're willing to test it, you can use this:

curl -fsL "https://raw.githubusercontent.com/jinkang23/unifios-utilities/main/on-boot-script/remote_install.sh" | /bin/sh

I just submitted PR to add this change: https://github.com/unifi-utilities/unifios-utilities/pull/451

[user45876]

Thanks, @jinkang23 , I tested it and it seems to be working. One question: The CNI Bridge is not needed if I only want to execute a startup script. Is it needed anyway, as there are no more containers on UDM FW2.x onwards?

[bennettp123]

In README.md All artifacts can be found on IPFS https://unifi.boostchicken.io/ Extract the zip to the root of your device! Look at the assets on the Podman workflow.

can someone confirm this working on UDM? Last upgrade I had to leave podman at 1.0 since the updated variants didn't work for me. Do those SE builds work on normal UDM as well?

I can confirm it's working, at least enough to get podman run --rm -it busybox working (edit: I got pihole up and running too, so I'd say it's thoroughly working)—though I needed to create some missing files manually, as outlined in #384:

• /etc/containers/registries.conf
• /etc/containers/policy.json
• /etc/containers/storage.json

I used udmpro-podman-install.zip from https://unifi.boostchicken.io/ —not sure if that's the right version, or if there is even a difference between them (udmse-podman-install.zip seems to work fine too, though I didn't try to run any containers).

Also how is the unifi-shell now executed? Previously that was a podman container, but that is no longer the case I presume?

No idea—podman ps can't see it so I guess it doesn't exist 🙃

[jinkang23]

Thanks, @jinkang23 , I tested it and it seems to be working. One question: The CNI Bridge is not needed if I only want to execute a startup script. Is it needed anyway, as there are no more containers on UDM FW2.x onwards?

Yea, I'm not sure about that. I figured it was there because you can still technically install podman. I suppose you could remove them afterwards if you don't plan on using it.

[user45876]

I would suppose so as well. I just deleted the install (05...) and startup (06...) script and be fine with it. I can also confirm that it is working well and also surviving reboots.

Thanks again for your efforts, very much appreciated, happy camper here :)

[dvcrn]

Thanks for the comments all! I know what my evening project will be, fingers crossed it goes equally smooth. I only have 2 podman containers to migrate but let's see...

Did upgrading the firmware wipe everything that was previously persisted in /mnt/data or did data files stay / got migrated to /data?

[jfroy]

Did upgrading the firmware wipe everything that was previously persisted in /mnt/data or did data files stay / got migrated to /data?

The migration will delete all data.

[zlangbert]

For anyone looking to install Podman I put together a build here. It's distributed through a Debian package so easy to install and remove (setup could done easily as an on_boot script). It uses current versions of Podman and its dependencies. So far working well for me on my UDMP on 2.4 and I plan to maintain this going forward.

Heavily inspired by the work done in this repo and the comments here about getting podman running. Wanted to share as it seemed it might save some people headache getting it working.

[georgeboot]

Does the configuration of Podman also get lost?

As in, if I install podman again after the update, will all my previously running containers be running in the state they were before the update? Or do I have to re-create / restore everything by hand?

[gatesry]

Does the configuration of Podman also get lost?

As in, if I install podman again after the update, will all my previously running containers be running in the state they were before the update? Or do I have to re-create / restore everything by hand?

The migration will delete all data.

[henessy31]

For anyone looking to install Podman I put together a build here. It's distributed through a Debian package so easy to install and remove (setup could done easily as an on_boot script). It uses current versions of Podman and its dependencies. So far working well for me on my UDMP on 2.4 and I plan to maintain this going forward.

Heavily inspired by the work done in this repo and the comments here about getting podman running. Wanted to share as it seemed it might save some people headache getting it working.

Thank you so much! My UDM-PRO auto-updated over night to the 2.4 Firmware and everything was gone. With your Podman build I managed to bring back up my multicast-relay on my UDM-PRO.

[dvcrn]

Looks like they pulled the 2.x upgrade for UDM again. Anyone happen to have the firmware upgrade downloaded?

[tscheckenbach]

@dvcrn It's in early access: https://community.ui.com/releases/UniFi-OS-Dream-Machines-2-4-23

[dvcrn]

@tscheckenbach I'm enrolled in EA, but that link you sent is 404ing for me

Glenn posted a week ago that they pulled the 2.x firmware: https://community.ui.com/releases/UniFi-OS-Dream-Machines-2-4-23/aebbba64-9e7e-4151-bcca-34ed08761f08#comment/5cc499c9-0744-4cc2-a448-d9f2ac8c98dd

[pshirshov]

curl -fsL "https://raw.githubusercontent.com/jinkang23/unifios-utilities/main/on-boot-script/remote_install.sh" |

This worked for me, thanks.

[foxcris]

Why are you using a special podman package to install podman? On my udm se podman is available via apt:

podman/stable 3.0.1+dfsg1-3+deb11u1 arm64

Can't i just install podman via apt?

[apedroheringer]

For anyone looking to install Podman I put together a build here. It's distributed through a Debian package so easy to install and remove (setup could done easily as an on_boot script). It uses current versions of Podman and its dependencies. So far working well for me on my UDMP on 2.4 and I plan to maintain this going forward.

Heavily inspired by the work done in this repo and the comments here about getting podman running. Wanted to share as it seemed it might save some people headache getting it working.

I was getting this error

gpg --no-default-keyring \

--keyring /usr/share/keyrings/unifi-blueberry.gpg \ --keyserver keyserver.ubuntu.com \ --recv-keys C320FD3D3BF10DA7415B29F700CCEE392D0CA761 gpg: failed to create temporary file '/root/.gnupg/.#lk0x00000055821f3c30.UDM-Zinho.26885': No such file or directory gpg: connecting dirmngr at '/root/.gnupg/S.dirmngr' failed: No such file or directory gpg: keyserver receive failed: No dirmngr

Fixed running gpg -k

[bennettp123]

Can't i just install podman via apt?

Erm. You know that's a good question—I never even tried, to be honest 😂

It doesn't seem to be available on my UDM (Unifi OS 2.4.x)—I get E: Unable to locate package podman. I'm guessing your UDMSE is using Unifi OS 3.x, not 2.x? The version number 3.0.1+dfsg1-3+deb11u1 suggests you're running Debian 11, while my UDM seems to be based on Debian 9.

That said, it's probably a good idea to try the Debian-provided package, if it's available. Easier to keep up-to-date with security patches, etc.

[foxcris]

Your are right. UDMSE is on v3.0.13. It is using debian 11.5. Installation of podman via apt is running through seamlessly. I haven't tried to run any containers yet.

[jiriteach]

Been slowly following this as I've used unfios-utilities for a long while now.

Anyone know how how to create the following persistant route on a UDM Pro running 2.4x and have it stay after reboot? Up until now I have been using unifios-utilities to achieve this. More to ensure the route is persistant after reboots.

ip rule add pref 32001 from 192.168.188.6 lookup 210
ip route add default via 192.168.189.254 dev eth8 table 210

This bascially tells machine 192.168.188.6 to use a default gateway of 192.168.189.254 via eth8 on the UDM Pro which is WAN2.

UDM Pro firmware 2.4.23

I can create this route easily via SSH but it wont stay after reboots anymore. Previous to the latest 2.4x firmware, unifios- utilities was required to keep persisting the route as it would be flushed after several seconds. On the new 2.4x firmware and the new archtecture, the routes seem to persist until reboot which is an improvement.

[SamErde]

Been slowly following this as I've used unfios-utilities for a long while now.

Anyone know how how to create the following persistant route on a UDM Pro running 2.4x and have it stay after reboot? Up until now I have been using unifios-utilities to achieve this. More to ensure the route is persistant after reboots.

ip rule add pref 32001 from 192.168.188.6 lookup 210
ip route add default via 192.168.189.254 dev eth8 table 210

This bascially tells machine 192.168.188.6 to use a default gateway of 192.168.189.254 via eth8 on the UDM Pro which is WAN2.

UDM Pro firmware 2.4.23

I can create this route easily via SSH but it wont stay after reboots anymore. Previous to the latest 2.4x firmware, unifios- utilities was required to keep persisting the route as it would be flushed after several seconds. On the new 2.4x firmware and the new archtecture, the routes seem to persist until reboot which is an improvement.

Have you tried adding this in a boot script?

[jiriteach]

Have you tried adding this in a boot script?

Not using 2.4x firmware for the UDM Pro. I see above a few updates which provide an update of unifios-utilities for the 2.4x firmware. Would this be the simplest approach?

[jadedeane]

Been slowly following this as I've used unfios-utilities for a long while now.

Anyone know how how to create the following persistant route on a UDM Pro running 2.4x and have it stay after reboot? Up until now I have been using unifios-utilities to achieve this. More to ensure the route is persistant after reboots.

ip rule add pref 32001 from 192.168.188.6 lookup 210
ip route add default via 192.168.189.254 dev eth8 table 210

This bascially tells machine 192.168.188.6 to use a default gateway of 192.168.189.254 via eth8 on the UDM Pro which is WAN2.

UDM Pro firmware 2.4.23

I can create this route easily via SSH but it wont stay after reboots anymore. Previous to the latest 2.4x firmware, unifios- utilities was required to keep persisting the route as it would be flushed after several seconds. On the new 2.4x firmware and the new archtecture, the routes seem to persist until reboot which is an improvement.

Have a look here for one possible solution. Replacing script contents w/your commands, obviously.

[cbenien]

Anyone know how how to create the following persistant route on a UDM Pro running 2.4x and have it stay after reboot? Up until now I have been using unifios-utilities to achieve this. More to ensure the route is persistant after reboots.

ip rule add pref 32001 from 192.168.188.6 lookup 210
ip route add default via 192.168.189.254 dev eth8 table 210

This bascially tells machine 192.168.188.6 to use a default gateway of 192.168.189.254 via eth8 on the UDM Pro which is WAN2.

Isn't this now possible in the default network app on the UI? Look for Settings / Traffic Management / Routes and create a route, select your device with IP 192.168.188.6 and select WAN2 as interface. I'm using it to send test traffic down my LTE failover while the main WAN is active.

[jiriteach]

Anyone know how how to create the following persistant route on a UDM Pro running 2.4x and have it stay after reboot? Up until now I have been using unifios-utilities to achieve this. More to ensure the route is persistant after reboots.

ip rule add pref 32001 from 192.168.188.6 lookup 210
ip route add default via 192.168.189.254 dev eth8 table 210

This bascially tells machine 192.168.188.6 to use a default gateway of 192.168.189.254 via eth8 on the UDM Pro which is WAN2.

Isn't this now possible in the default network app on the UI? Look for Settings / Traffic Management / Routes and create a route, select your device with IP 192.168.188.6 and select WAN2 as interface. I'm using it to send test traffic down my LTE failover while the main WAN is active.

Yes and no. I can create select the device and select WAN2 but I need to change the default gateway of my specific device to use an upstream device which it doesnt allow. At least I have tried this and doesnt work.

[boostchicken]

OK, everyone. I have merged all the changes that became of this. The remote_install.sh should work for 1.x and 2.x branches. Podman installs seem to work as well. Can anyone tell me different?

[ghost]

Will there be a guide on how to install Podman and make on-boot script load with 2.4.X/2.5.X firmware offline? With current 1.12.X firmwsare it is easy because it simply requires uploading UDM-Boot.deb file to UniFi-OS shell and executing: dpkg -i 4-UDM-Boot.deb systemctl enable udm-boot

Can the same be done with UDM 2.4.X/2.5.X? Maybe downloadable Podman.deb + UDM-Boot.deb + some other commands to active bootable scripts?

[dvcrn]

FIY - The upgrade to 2.x has been made available again - https://community.ui.com/releases/UniFi-OS-Dream-Machines-2-4-26/6a9dc748-180b-4724-b6cf-0082554554fa

/edit: whoops, 2.4.26 has been pulled again due to issues some people experienced upgrading from 2.4.23 to 2.4.26 - https://community.ui.com/releases/UniFi-OS-Dream-Machines-2-4-26/6a9dc748-180b-4724-b6cf-0082554554fa#comment/2e39aa03-c77b-486f-b1a6-9a9b098e71ef

As of now that means there is still no upgrade path from 1.x to 2.x for us folks that haven't upgraded yet

[boostchicken]

Will there be a guide on how to install Podman and make on-boot script load with 2.4.X/2.5.X firmware offline? With current 1.12.X firmwsare it is easy because it simply requires uploading UDM-Boot.deb file to UniFi-OS shell and executing: dpkg -i 4-UDM-Boot.deb systemctl enable udm-boot

Can the same be done with UDM 2.4.X/2.5.X? Maybe downloadable Podman.deb + UDM-Boot.deb + some other commands to active bootable scripts?

https://github.com/unifi-utilities/unifios-utilities/pull/452

[spali]

Some findings....

There is a partition:

/dev/disk/by-partlabel/persistent  2.0G  200M  1.6G  11% /persistent

And content:

root@udmp:~# find /persistent/
/persistent/
/persistent/system
/persistent/dpkg
/persistent/dpkg/stretch
/persistent/dpkg/stretch/actions
/persistent/dpkg/stretch/actions/uid-agent
/persistent/dpkg/stretch/actions/libsigsegv2
/persistent/dpkg/stretch/actions/unifi-access
/persistent/dpkg/stretch/actions/unifi-pion-gw
/persistent/dpkg/stretch/actions/gawk
/persistent/dpkg/stretch/actions/unifi-base-ucore
/persistent/dpkg/stretch/actions/unifi-protect
/persistent/dpkg/stretch/actions/unifi
/persistent/dpkg/stretch/actions/unifi-talk
/persistent/dpkg/stretch/actions/udm-boot
/persistent/dpkg/stretch/actions/libmpfr4
/persistent/dpkg/stretch/packages
/persistent/dpkg/stretch/packages/unifi-pion-gw_1.0.26_arm64.deb
/persistent/dpkg/stretch/packages/libasound2-data_1.1.3-5_all.deb
/persistent/dpkg/stretch/packages/gawk_1:4.1.4+dfsg-1_arm64.deb
/persistent/dpkg/stretch/packages/libmpfr4_3.1.5-1_arm64.deb
/persistent/dpkg/stretch/packages/openjdk-11-jre-headless_11.0.6+10-1~bpo9+1_arm64.deb
/persistent/dpkg/stretch/packages/unifi-base-ucore_1.18.0_arm64.deb
/persistent/dpkg/stretch/packages/libasound2_1.1.3-5_arm64.deb
/persistent/dpkg/stretch/packages/unifi_7.3.83-19645-1_all.deb
/persistent/dpkg/stretch/packages/libsigsegv2_2.10-5_arm64.deb
/persistent/dpkg/stretch/status
/persistent/dpkg/stretch/status/unifi
/persistent/dpkg/stretch/status/ulp-go
/persistent/lost+found
/persistent/unifi-core
/persistent/unifi-core/setup.id
/persistent/report
/persistent/report/trace-1674558920-xdmg

Maybe as in 1.x releases, this can be used to reinstall packages automatically on at least minor firmware updates. At least from the partition name and structure it could be interpreted as such functionality.

unifi_7.3.83-19645-1_all.deb represents my network version and was upgraded after the firmware 2.4.26 upgrade. Also the files in actions contains kind of commands what to do with the packages... i.e. /persistent/dpkg/stretch/actions/unifi contains:

unpack

/persistent/dpkg/stretch/actions/unifi-protect and /persistent/dpkg/stretch/actions/unifi-access contains:

remove

If my interpretation is right, this makes sense, as I only have network (unifi) installed.

/persistent/dpkg/stretch/status/unifi may be related to services, as they contain enable. Maybe usable to start a service with the same name as the file.

[ghost]

Will there be a guide on how to install Podman and make on-boot script load with 2.4.X/2.5.X firmware offline? With current 1.12.X firmwsare it is easy because it simply requires uploading UDM-Boot.deb file to UniFi-OS shell and executing: dpkg -i 4-UDM-Boot.deb systemctl enable udm-boot Can the same be done with UDM 2.4.X/2.5.X? Maybe downloadable Podman.deb + UDM-Boot.deb + some other commands to active bootable scripts?

452

Great - thank you! Now if only someone could PM me with a link to privately uploaded UDM FW 2.4.6. That would be awesome and I would beging experimentation.

[SchallerJe]

2.4.27 came out today (https://community.ui.com/releases/UniFi-OS-Dream-Machines-2-4-27/353e9672-ce67-4ed4-9b8f-4ebfcd92e90e). Migrated from 1.12.38.

• Install script for udm tools ran without errors
• No podman available after install
• Installed podman from https://unifi.boostchicken.io
• podman ps throws error: "ERRO[0000] Failed to built-in GetDriver graph btrfs /var/lib/containers/storage"
• even after reboot

[waffles0042]

2.4.27 came out today (https://community.ui.com/releases/UniFi-OS-Dream-Machines-2-4-27/353e9672-ce67-4ed4-9b8f-4ebfcd92e90e). Migrated from 1.12.38.

* Install script for udm tools ran without errors

* No podman available after install

*> Installed podman from https://unifi.boostchicken.io**

* podman ps throws error: "ERRO[0000] Failed to built-in GetDriver graph btrfs /var/lib/containers/storage"

* even after reboot

I upgraded my UDM-Pro from 1.12.33 to 2.2.27 (via 1.12.38) today. As announced it broke my PiHole install. Trying to get it back. My initial install was about 2 years ago. Since then I only had to upgrade the Pihole image whenever a new version came out.

It seems quite a bit has changed/evolved on the 'boostchicken' side, so I am trying to get my bearings back (not that there was much to begin with... ).

I am now the point where unifi complains that I do not have podman installed. I tried "https://unifi.boostchicken.io" but this site does not seem to be available.

Any help would be greatly appreciated!

[pedropombeiro]

@waffles0042 did you try https://github.com/unifi-blueberry/addon-podman as mentioned above?

I just tried that address and was able to access it:

[waffles0042]

@waffles0042 did you try https://github.com/unifi-blueberry/addon-podman as mentioned above?

I just tried that address and was able to access it:

Thank you very much @pedropombeiro ; no I had not seen it. With that I was able to get podman to work. I also got the last part done: pihole is running again. Looks I am back in business again! Thanks much!

[octavia75]

on 2.4.27 on the udm pro podman works fine (https://github.com/unifi-utilities/unifios-utilities/tree/main/podman-install) perfect for the udm pro is that you can outsource the storage to volume1. so now homeassistant works well without the memory being full from time to time. just a namespace error popped up every now and then, but doesn't seem to get in the way of execution