Skip to content

Instantly share code, notes, and snippets.

Avatar

Steve Jenkins stevejenkins

View GitHub Profile
@stevejenkins
stevejenkins / Pi-hole on UC-CK 0.13.6
Last active Sep 29, 2020
Pi-hole on UC-CK 0.13.6
View Pi-hole on UC-CK 0.13.6
# Instructions for installing Pi-hole 4.2 on UniFi CloudKey Gen 1 (UC-CK) running firmware 0.13.6
# Pi-hole will need to be completely re-installed after every FW update or if CloudKey is reset to defaults.
# Verify UC-CK is running firmware v0.13.6 (or later) before installing Pi-hole. If not, do:
ubnt-systool fwupdate https://dl.ubnt.com/unifi/stage/cloudkey/firmware/UCK/UCK.mtk7623.v0.13.6.7ad551e.190225.0939.bin
# UC-CK firmware v0.13.6 downgrades UniFi Controller to 5.10.17. Upgrade to 5.10.19 with:
cd /tmp
wget https://dl.ubnt.com/unifi/5.10.19/unifi_sysvinit_all.deb
dpkg -i unifi_sysvinit_all.deb
@stevejenkins
stevejenkins / ERL GF Commands
Created Aug 15, 2017
Basic configuration commands to set up an ERL for Google Fiber
View ERL GF Commands
set firewall all-ping enable
set firewall broadcast-ping disable
set firewall ipv6-name WANv6_IN default-action drop
set firewall ipv6-name WANv6_IN description 'WAN inbound traffic forwarded to LAN'
set firewall ipv6-name WANv6_IN rule 10 action accept
set firewall ipv6-name WANv6_IN rule 10 description 'Allow established/related'
set firewall ipv6-name WANv6_IN rule 10 state established enable
set firewall ipv6-name WANv6_IN rule 10 state related enable
set firewall ipv6-name WANv6_IN rule 20 action drop
set firewall ipv6-name WANv6_IN rule 20 description 'Drop invalid state'
View Pi-hole whitelist.txt
raw.githubusercontent.com
mirror1.malwaredomains.com
sysctl.org
zeustracker.abuse.ch
s3.amazonaws.com
hosts-file.net
clients4.google.com
clients2.google.com
s.youtube.com
video-stats.l.google.com
@stevejenkins
stevejenkins / config.worky
Last active Mar 29, 2020
ER-POE Config where remote HTTPS / SSH work
View config.worky
firewall {
all-ping enable
broadcast-ping disable
ipv6-receive-redirects disable
ipv6-src-route disable
ip-src-route disable
log-martians enable
name WAN_IN {
default-action drop
description "WAN to Internal"
@stevejenkins
stevejenkins / config.noworky
Last active Jan 9, 2017
ER-Lite config where remote HTTPS / SSH does not work
View config.noworky
firewall {
all-ping enable
broadcast-ping disable
ipv6-name WAN6_IN {
default-action drop
rule 10 {
action accept
description "Allow established/related"
state {
established enable
@stevejenkins
stevejenkins / unifi_ssl_import.sh
Last active Mar 31, 2020
Import and use SSL certificates (including Let's Encrypt) with the Ubiquiti UniFi Controller on Unix/Linux Systems
View unifi_ssl_import.sh
# MOVED TO https://github.com/stevejenkins/unifi-linux-utils
@stevejenkins
stevejenkins / upgrade_unifi.sh
Last active Feb 10, 2019
Easy UniFi Controller Upgrade Script for Unix/Linux Systems
View upgrade_unifi.sh
# MOVED TO: https://github.com/stevejenkins/unifi-linux-utils
@stevejenkins
stevejenkins / UniFi.service
Last active Aug 3, 2017
systemd service file for starting, stopping, and restarting the Ubiquiti (UBNT) UniFi Controller systemd systems
View UniFi.service
# MOVED TO: https://github.com/stevejenkins/unifi-linux-utils
@stevejenkins
stevejenkins / UniFi
Last active Nov 27, 2016
SysV Init script for starting, stopping, and restarting the Ubiquiti (UBNT) UniFi Controller on non-Debian Linux systems
View UniFi
# MOVED TO: https://github.com/stevejenkins/unifi-linux-utils
You can’t perform that action at this time.