UniFi Network

Description / name	Input element
Container Registry
Container Configuration Root Path
Timezone
User ID
Group ID
UniFi Network Host Port
UniFi Network /config Path

Ubiquiti UniFi Network Application for managing UniFi access points, switches, and gateways.


Port	8443
Registry	`ghcr.io/daemonless/unifi`
Source	https://ui.com/
Website	https://ui.com/

Version Tags

Tag	Description	Best For
`latest`	Upstream Binary. Built from official release.	Most users. Matches Linux Docker behavior.
`pkg`	FreeBSD Quarterly. Uses stable, tested packages.	Production stability.
`pkg-latest`	FreeBSD Latest. Rolling package updates.	Newest FreeBSD packages.

Root Privileges Required

Podman on FreeBSD currently requires root. All commands must be run as root (or via doas/sudo).

.NET Memory Locking (mlock)

This application requires --annotation 'org.freebsd.jail.allow.mlock=true' (Requires patched ocijail).

Before deploying, ensure your host environment is ready. See the Quick Start Guide for host setup instructions.

Deployment

Podman Compose AppJail Director Podman CLI Ansible

services:
  unifi:
    image: ghcr.io/daemonless/unifi:latest
    container_name: unifi
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=UTC
    volumes:
      - "/path/to/containers/unifi:/config"
    ports:
      - 8443:8443
      - 8080:8080
      - 8843:8843
      - 8880:8880
      - 6789:6789
      - 3478:3478
      - 10001:10001
    annotations:
      org.freebsd.jail.allow.mlock: "true"
    restart: unless-stopped

.env:

DIRECTOR_PROJECT=unifi
PUID=1000
PGID=1000
TZ=UTC

appjail-director.yml:

options:
  - virtualnet: ':<random> default'
  - nat:
services:
  unifi:
    name: unifi
    options:
      - container: 'boot args:--pull'
    oci:
      user: root
      environment:
        - PUID: !ENV '${PUID}'
        - PGID: !ENV '${PGID}'
        - TZ: !ENV '${TZ}'
    volumes:
      - UNIFI_CONFIG_PATH: /config
volumes:
  UNIFI_CONFIG_PATH:
    device: '/path/to/containers/unifi'

Makejail:

ARG tag=latest

OPTION overwrite=force
OPTION from=ghcr.io/daemonless/unifi:${tag}
SET allow.mlock=1

podman run -d --name unifi \
  -p 8443:8443 \
  -p 8080:8080 \
  -p 8843:8843 \
  -p 8880:8880 \
  -p 6789:6789 \
  -p 3478:3478 \
  -p 10001:10001 \
  --annotation 'org.freebsd.jail.allow.mlock=true' \
  -e PUID=1000 \
  -e PGID=1000 \
  -e TZ=UTC \
  -v /path/to/containers/unifi:/config \
  ghcr.io/daemonless/unifi:latest

- name: Deploy unifi
  containers.podman.podman_container:
    name: unifi
    image: ghcr.io/daemonless/unifi:latest
    state: started
    restart_policy: always
    env:
      PUID: "1000"
      PGID: "1000"
      TZ: "UTC"
    ports:
      - "8443:8443"
      - "8080:8080"
      - "8843:8843"
      - "8880:8880"
      - "6789:6789"
      - "3478:3478"
      - "10001:10001"
    volumes:
      - "/path/to/containers/unifi:/config"
    annotation:
      org.freebsd.jail.allow.mlock: "true"

Access at: http://localhost:8443

Interactive Configuration

Parameters

Environment Variables

Variable	Default	Description
`PUID`	`1000`	User ID for the application process
`PGID`	`1000`	Group ID for the application process
`TZ`	`UTC`	Timezone for the container

Volumes

Path	Description
`/config`	Configuration and database directory

Ports

Port	Protocol	Description
`8443`	TCP	Web UI (HTTPS)
`8080`	TCP	Device inform
`8843`	TCP	Guest portal HTTPS
`8880`	TCP	Guest portal HTTP
`6789`	TCP	Mobile throughput test
`3478`	UDP	STUN (UDP)
`10001`	UDP	Device discovery (UDP)

Implementation Details

Architectures: amd64
User: bsd (UID/GID set via PUID/PGID). Defaults to 1000:1000.
Base: Built on ghcr.io/daemonless/base (FreeBSD 15.0).

Need help? Join our Discord community.