UniFi behind HAProxy

aaf1205 · October 21, 2020, 11:43am

Hi Tom and team,

First of all, I want to thank you for your informative videos!! They have been very inspiring to me!!

I have successfully setup some servers behind HA, but now comes the problem.

When I put he UniFi controller behind HA, my UniFI devices loses it’s connection with the controller and keeps on typing to adopt with the controller.
I tried several things:

Adding a additional DNS A record on my internal DNS server to reflect directly to the UC.
Changing the hostname of the UC
SSH into the AP and changed the UC url with 'set-inform http://hostname-of-unifi-controller:8080/set-inform

The only thing that worked for me was, deleting the HA backend for UniFi and keep on using it with it’s self-singed cert.

Any help or advice would be appreciated.

LTS_Tom · October 21, 2020, 2:36pm

Only use HA Proxy for the web interface 8443 and not for 8080 or any of the other control ports.

aaf1205 · October 21, 2020, 3:44pm

I only use HA for port 8443.
But, when I turn it on. My devices are trying to adopt like a mad man without any luck…

I can send you the specs of the UniFi controller, devices and HA package if you want.

LTS_Tom · October 21, 2020, 4:46pm

If the devices are external then you should be using port forwards for the other ports and only 8443 for HA Proxy.

aaf1205 · October 21, 2020, 4:51pm

The UniFi devices are on the same subnet as the UniFi controller.
I’m aware of the port forwards when you want adopt external devices but, that’s not the case.

I’m wrapping my head arround this issue, since al the other servers that I’ve put behind HA work flawlessly.

I don’t think that you have to re adopt the devices, since you’re only changing the way you approach the UniFi controller.

LTS_Tom · October 21, 2020, 4:54pm

Then you need two different DNS entries, one for the web interface and one for the set inform and other UniFi devices communications. That is how ours is configured with HA Proxy, the 8443 is one DNS entry pointing at pfsense and the controller DNS points at the controller.

aaf1205 · October 21, 2020, 4:59pm

Thank you very much Tom!!! I’m gonna try that.
Do I need to change one of those values to something else?

Or, just two different records, one pointing to pfsense and the other one toUniFI controller?

garethw · October 22, 2020, 7:42am

two dns entries on pfSense, one pointing straight to the IP of the server (for inform address) the other to HA for web interface.

formatall · October 5, 2022, 3:17am

Hey, so I have web interface working behind HA proxy, but I don’t know where I put DNS entry for inform? Can I create another HA proxy entry for inform address and port as well?

I want to use domain name as inform address so in case if my ip changes, I can see devices as my unifi devices are at different location than my controller.

bb77 · October 5, 2022, 7:47am

No, as Tom already said. The devices must talk directly to the Unifi controller, at least that’s how I understand it.

Not sure if that is possible, but if so you would use a separate subdomain and DNS entry like inform.yourdomain.com that points to the IP of the Unifi controller and then use another subdomain and DNS entry like unifiwebui.yourdomain.com that points to the IP on which HA Proxy is listening.