This image is tested running on a Raspberry Pi 4 8GB model. To run it, use the docker-compose.yml
below or alternatively run with the docker run
example below. Persistent storage is under /storage
and can be any POSIX mountpoint, for example NFS.
Note: This image does not support migration from UNVR 2.x.
docker run -d --name unifi-unvr \
--privileged \
--tmpfs /run \
--tmpfs /run/lock \
--tmpfs /tmp \
--tmpfs /var/opt/unifi-protect/tmp \
-v /sys/fs/cgroup:/sys/fs/cgroup:ro \
-v /storage/srv:/srv \
-v /storage/data:/data \
-v /storage/persistent:/persistent \
--network host \
snowsnoot/unifi-unvr:latest
version: '3'
services:
unifi-protect:
container_name: unifi-unvr
privileged: true
tmpfs:
- '/run'
- '/run/lock'
- '/tmp'
- '/var/opt/unifi-protect/tmp'
volumes:
- '/sys/fs/cgroup:/sys/fs/cgroup:ro'
- '/storage/srv:/srv'
- '/storage/data:/data'
- '/storage/persistent:/persistent'
network_mode: 'host'
restart: unless-stopped
image: 'snowsnoot/unifi-unvr:latest'
This systemd unit file assumes the above docker-compose.yml
is placed in /root/docker/compose
. Install it in /etc/systemd/system/unifi-unvr.service
and then run systemctl daemon-reload
and systemctl enable unifi-unvr
[Unit]
Description=Unifi UNVR
Requires=docker.service
After=docker.service
RequiresMountsFor=/storage
[Service]
Type=oneshot
RemainAfterExit=yes
WorkingDirectory=/root/docker/compose
ExecStart=/usr/bin/docker compose -f docker-compose.yml up -d --remove-orphans
ExecStop=/usr/bin/docker compose -f docker-compose.yml down
TimeoutStartSec=0
[Install]
WantedBy=multi-user.target
There is a known issue that remote access to your UNVR (via the Ubnt cloud) will not work with the console unless the primary network interface is named enp0s2
. To achieve this on a Raspberry Pi 4, create the /etc/systemd/network/99-enp0s2.link
file with the below content, replacing xx:xx:xx:xx:xx:xx
with your actual MAC address, run sudo update-initramfs -u
and then reboot.
[Match]
MACAddress=xx:xx:xx:xx:xx:xx
[Link]
Name=enp0s2
[Network]
DHCP=yes
If you're getting the following error (or any systemd error):
Failed to create /init.scope control group: Read-only file system
Failed to allocate manager object: Read-only file system
[!!!!!!] Failed to allocate manager object.
Exiting PID 1...
Boot the system with kernel parameter systemd.unified_cgroup_hierarchy=0
See: moby/moby#42275
The image can be built from the GitHub repo https://github.com/snowsnoot/unifi-unvr-arm64
git clone https://github.com/snowsnoot/unifi-unvr-arm64
cd unifi-unvr-arm64
scripts/fwextract.sh {unvr_firmware_download_url}
docker build -t {tag_name} .
Note: The UNVR firmware bundled on UBNT's website contains an outdated Protect deb file. You can fetch the newer deb file by checking the JSON output of the command below and looking in it for the Protect deb file. Then you can replace the .deb file in the firmware
directory with the updated one before running docker build
.
curl https://fw-update.ubnt.com/api/firmware-latest | jq
curl -o firmware/unifi_protect_<version>.deb {updated_protect_deb_url}
rm firmware/unifi_protect_<old_unifi_protect_version>.deb
Disclaimer: This creators of this repo and associated container images are not affiliated with Ubiquiti Networks in any way and no license or warranty is provided or implied. This repo only uses data and files that can be freely found on the internet. Use at your own risk.
Credits: This repo and container image is a fork of https://github.com/markdegrootnl/unifi-protect-arm64