Skip to content

Instantly share code, notes, and snippets.

View stevejenkins's full-sized avatar

Steve Jenkins stevejenkins

View GitHub Profile
@stevejenkins
stevejenkins / Pi-hole on UC-CK 0.13.6
Last active March 4, 2024 17:30
Pi-hole on UC-CK 0.13.6
# Instructions for installing Pi-hole 4.2 on UniFi CloudKey Gen 1 (UC-CK) running firmware 0.13.6
# Pi-hole will need to be completely re-installed after every FW update or if CloudKey is reset to defaults.
# Verify UC-CK is running firmware v0.13.6 (or later) before installing Pi-hole. If not, do:
ubnt-systool fwupdate https://dl.ubnt.com/unifi/stage/cloudkey/firmware/UCK/UCK.mtk7623.v0.13.6.7ad551e.190225.0939.bin
# UC-CK firmware v0.13.6 downgrades UniFi Controller to 5.10.17. Upgrade to 5.10.19 with:
cd /tmp
wget https://dl.ubnt.com/unifi/5.10.19/unifi_sysvinit_all.deb
dpkg -i unifi_sysvinit_all.deb
@stevejenkins
stevejenkins / ERL GF Commands
Created August 15, 2017 16:42
Basic configuration commands to set up an ERL for Google Fiber
set firewall all-ping enable
set firewall broadcast-ping disable
set firewall ipv6-name WANv6_IN default-action drop
set firewall ipv6-name WANv6_IN description 'WAN inbound traffic forwarded to LAN'
set firewall ipv6-name WANv6_IN rule 10 action accept
set firewall ipv6-name WANv6_IN rule 10 description 'Allow established/related'
set firewall ipv6-name WANv6_IN rule 10 state established enable
set firewall ipv6-name WANv6_IN rule 10 state related enable
set firewall ipv6-name WANv6_IN rule 20 action drop
set firewall ipv6-name WANv6_IN rule 20 description 'Drop invalid state'
@stevejenkins
stevejenkins / Pi-hole whitelist.txt
Created March 17, 2017 16:53
Pi-hole Whitelist
raw.githubusercontent.com
mirror1.malwaredomains.com
sysctl.org
zeustracker.abuse.ch
s3.amazonaws.com
hosts-file.net
clients4.google.com
clients2.google.com
s.youtube.com
video-stats.l.google.com
@stevejenkins
stevejenkins / config.worky
Last active March 29, 2020 15:29
ER-POE Config where remote HTTPS / SSH work
firewall {
all-ping enable
broadcast-ping disable
ipv6-receive-redirects disable
ipv6-src-route disable
ip-src-route disable
log-martians enable
name WAN_IN {
default-action drop
description "WAN to Internal"
@stevejenkins
stevejenkins / config.noworky
Last active January 9, 2017 23:12
ER-Lite config where remote HTTPS / SSH does not work
firewall {
all-ping enable
broadcast-ping disable
ipv6-name WAN6_IN {
default-action drop
rule 10 {
action accept
description "Allow established/related"
state {
established enable
Moved to: https://github.com/stevejenkins/Google-Fiber-EdgeRouter-Configs
@stevejenkins
stevejenkins / unifi_ssl_import.sh
Last active August 30, 2021 03:57
Import and use SSL certificates (including Let's Encrypt) with the Ubiquiti UniFi Controller on Unix/Linux Systems
# MOVED TO https://github.com/stevejenkins/unifi-linux-utils
@stevejenkins
stevejenkins / upgrade_unifi.sh
Last active February 10, 2019 19:33
Easy UniFi Controller Upgrade Script for Unix/Linux Systems
# MOVED TO: https://github.com/stevejenkins/unifi-linux-utils
@stevejenkins
stevejenkins / UniFi.service
Last active August 3, 2017 08:11
systemd service file for starting, stopping, and restarting the Ubiquiti (UBNT) UniFi Controller systemd systems
# MOVED TO: https://github.com/stevejenkins/unifi-linux-utils
@stevejenkins
stevejenkins / UniFi
Last active November 27, 2016 15:53
SysV Init script for starting, stopping, and restarting the Ubiquiti (UBNT) UniFi Controller on non-Debian Linux systems
# MOVED TO: https://github.com/stevejenkins/unifi-linux-utils