Photo by @thomasjsn / Unsplash.com

Replacing an Unifi Cloud Key (Gen 1) with a Docker container-based self-hosted solution

At home, I run most of my network based on the Ubiquiti Networks’ Unifi products. I’ve previously written a few times about different solutions that rely on these products, such as expanding my wireless network with a Mesh solution.

Since I started venturing into the world of Unifi, the first thing I purchased was their Cloud Key. It’s a physical gadget that you plug into your switch, allowing you to locally (or remotely) manage and configure your network.

UniFi Cloud Key – Ubiquiti Inc.

It’s an interesting approach but also something that is very error-prone. I’ve lost count of how many times the Cloud Key has acted up, and upon reboot, it won’t resume. Restoring from backups is often a trial and error, and reconfiguring your network is typically faster.

The new Cloud Key generation (Gen 2) is said to be much, much better:

UniFi Cloud Key Plus – Ubiquiti Inc.

It’s $199, so while certainly not free, I guess the value in the long term is there. The problem is, my Cloud Key still works – so buying a newer version makes very little sense to me.

Also, due to the very recent controversial security issues with Ubiquiti, I felt I’d like to look at an alternative approach.

I patched my Cloud Key just recently, and you usually patch the software and the firmware separately. And again, this time, it didn’t recover after a reboot. This got me looking for an alternative – while I conspicuously added the Gen 2 Cloud Key in a shopping cart.

Hello, Docker

It turns out you can run the software-based Cloud Key (sans the hardware) in a Docker-based container. And with my recent upgrade to a Synology DS1821+ NAS device, it’s time to try it out!

I found a pre-made container at linuxserver/unifi-controller. Running containers is simple on the Synology device, as I found out when I set up the Teslamate solution. This time, I could get the Unifi controller to run in a container, but it failed to store configuration data outside the container. Despite me following the guidance.

Another version of the Unifi controller is jacobalberty/unifi. It works without a hassle! I mapped the /unifi folder within the container to one of my volumes on the Synology. This way it’s easy to backup, also.

Upon initial run, it takes about 30 seconds to start serving the Unifi Controller services. After a week, it’s been very robust, and takes about 1 GB of RAM.

I was now able to disconnect the physical Unifi Cloud Key, and re-adopt all of my devices with the Docker-based solution. It’s also much, much faster – the AMD Ryzen CPU on the Synology is certainly swift, and it shows. I run the Synology with 32 GB of RAM, so giving 1 GB away for something as useful as the Cloud Key is a valid decision here.

Backing up the configuration data is easy: I utilize Synology’s built-in file replication and backup features, and push the config data 4 times a day to four different destinations OneDrive for Business, a dedicated USB 3-connected hard drive, another (remote) Synology, and Azure Storage.

Should this approach fail, I still have the (legacy) Cloud Key, that can be used after a full reset. Perhaps I will go to a newer generation solution in the future, but right now the Docker-based solution seems like a great alternative.