Create up.conf

main config file needed for unpoller to work correctly.

pi-hosted_template/configs/up.conf

@@ -0,0 +1,206 @@
+# UniFi Poller v2 primary configuration file. TOML FORMAT #
+###########################################################
+
+[poller]
+  # Turns on line numbers, microsecond logging, and a per-device log.
+  # The default is false, but I personally leave this on at home (four devices).
+  # This may be noisy if you have a lot of devices. It adds one line per device.
+  debug = false
+
+  # Turns off per-interval logs. Only startup and error logs will be emitted.
+  # Recommend enabling debug with this setting for better error logging.
+  quiet = false
+
+  # Load dynamic plugins. Advanced use; only sample mysql plugin provided by default.
+  plugins = []
+
+#### OUTPUTS
+
+    # If you don't use an output, you can disable it.
+
+[prometheus]
+  disable = true
+  # This controls on which ip and port /metrics is exported when mode is "prometheus".
+  # This has no effect in other modes. Must contain a colon and port.
+  http_listen = "0.0.0.0:9130"
+  # Adding an SSL Cert and Cert Key will make Poller listen with SSL/https.
+  ssl_cert_path = ""
+  ssl_key_path  = ""
+  # Errors are rare. Setting this to true will report them to Prometheus.
+  report_errors = false
+  ## Record data for disabled or down (unlinked) switch ports.
+  dead_ports = false
+
+[influxdb]
+  disable = false
+  # InfluxDB does not require auth by default, so the user/password are probably unimportant.
+  url  = "http://172.15.0.3:8086"
+  user = "unifipoller"
+  # Password for InfluxDB user (above).
+  # If the password provided here begins with file:// then the password is read in from
+  # the file path that follows the file:// prefix. ex: file:///etc/influxdb/passwd.file
+  pass = "unifipoller"
+  # Be sure to create this database. See the InfluxDB Wiki page for more info.
+  db = "unifi"
+  # If your InfluxDB uses a valid SSL cert, set this to true.
+  verify_ssl = false
+  # The UniFi Controller only updates traffic stats about every 30 seconds.
+  # Setting this to something lower may lead to "zeros" in your data.
+  # If you're getting zeros now, set this to "1m"
+  interval = "30s"
+  ## Record data for disabled or down (unlinked) switch ports.
+  dead_ports = false
+
+# To enable output of UniFi Events to Loki, add a URL; it's disabled otherwise.
+# User, pass and tenant_id are optional and most folks wont set them.
+# Pick which logs you want per-controller in the [unifi.controller] section.
+# This is a new feature. Feedback welcome!
+[loki]
+  url = ""
+  # The rest of this is advanced & optional. See wiki.
+  user       = ""
+  pass       = ""
+  verify_ssl = false
+  tenant_id  = ""
+  interval   = "2m"
+  timeout    = "10s"
+
+# Poller has an optional web server. To turn it on, set enable to true. If you
+# wish to use SSL, provide SSL cert and key paths. This interface is currently
+# read-only; it just displays information, like logs, devices and clients.
+# Notice: Enabling the web server with many sites will increase memory usage.
+# This is a new feature and lacks a UI, enabling only recommended for testing.
+[webserver]
+  enable = false
+  port   = 37288
+  # The HTML path is different on Windows and BSD/macOS.
+  html_path     = "/usr/lib/unifi-poller/web"
+  ssl_cert_path = ""
+  ssl_key_path  = ""
+  # How many events per event group to hold. 200-2000. Use fewer with many sites.
+  # With 1 site, you'll have a max total of 9 event groups; 1 per plugin, 4 per site.
+  # Each site adds 1 event group for each of these inputs that is enabled:
+  #   save_ids, save_events, save_anomalies, save_alarms.
+  max_events = 200
+
+# By default the web interface does not require authentication. You can change
+# that by adding a username and password hash (or multiple) below.
+# To create a hash, run unifi-poller with the -e CLI argument. See Wiki for more!
+[webserver.accounts]
+# username = "password-hash"
+# captain = "$2a$04$mxw6i0LKH6u46oaLK2cq5eCTAAFkfNiRpzNbz.EyvJZZWNa2FzIlS"
+
+#### INPUTS
+
+[unifi]
+  # Setting this to true and providing default credentials allows you to skip
+  # configuring controllers in this config file. Instead you configure them in
+  # your prometheus.yml config. Prometheus then sends the controller URL to
+  # unifi-poller when it performs the scrape. This is useful if you have many,
+  # or changing controllers. See wiki for more.
+  dynamic = false
+
+# The following section contains the default credentials/configuration for any
+# dynamic controller (see above section), or the primary controller if you do not
+# provide one and dynamic is disabled. In other words, you can just add your
+# controller here and delete the following section. The internal defaults are
+# shown below. Any missing values will assume these displayed defaults.
+
+[unifi.defaults]
+  # URL for the UniFi Controller. Do not add any paths after the host:port.
+  # Do not use port 8443 if you have a UDM; just use "https://ip".
+  url = "https://<YOUR_IP>:8443"
+
+  # Make a read-only user in the UniFi Admin Settings, allow it access to all sites.
+  user = "unifipoller"
+
+  # Password for UniFi controller user (above).
+  # If the password provided here begins with file:// then the password is read in from
+  # the file path that follows the file:// prefix. ex: file:///etc/unifi/password.file
+  # ex: file:///etc/unifi/passwd.file, windows: file://C:\\UserData\\Unifi\\Passwd.txt
+  pass = "unificontroller"
+
+  # If the controller has more than one site, specify which sites to poll here.
+  # Set this to ["default"] to poll only the first site on the controller.
+  # A setting of ["all"] will poll all sites; this works if you only have 1 site too.
+  sites = ["all"]
+
+  # Enable collection of site data. This data powers the Network Sites dashboard.
+  # It's not valuable to everyone and setting this to false will save resources.
+  save_sites = true
+
+  # Hash, with md5, client names and MAC addresses. This attempts to protect
+  # personally identifiable information. Most users won't want to enable this.
+  hash_pii = false
+
+  # Enable collection of Intrusion Detection System Data (InfluxDB/Loki only).
+  # Only useful if IDS or IPS are enabled on one of the sites. This may store
+  # a lot of information. Only recommended for testing and debugging. There
+  # may not be any dashboards to display this data. It can be used for annotations.
+  # Enable this only if using InfluxDB or Loki. This will leak PII data!
+  save_ids = false
+
+  # Enable collection of UniFi Events (InfluxDB/Loki only).
+  # This may store a lot of information. Only recommended for testing and debugging.
+  # There are no dashboards to display this data. It can be used for annotations.
+  # This is a new (June, 2020) feature. Please provide feedback if you try it out!
+  # Enable this only if using InfluxDB or Loki. This will leak PII data!
+  save_events = false
+
+  # Enable collection of UniFi Alarms (InfluxDB/Loki only).
+  # There are no dashboards to display this data. It can be used for annotations.
+  # This is a new (June, 2020) feature. Please provide feedback if you try it out!
+  # Enable this only if using InfluxDB or Loki. This will leak PII data!
+  save_alarms = false
+
+  # Enable collection of UniFi Anomalies (InfluxDB/Loki only).
+  # There are no dashboards to display this data. It can be used for annotations.
+  # This is a new (June, 2020) feature. Please provide feedback if you try it out!
+  # Enable this only if using InfluxDB or Loki.
+  save_anomalies = false
+
+  # Enable collection of Deep Packet Inspection data. This data breaks down traffic
+  # types for each client and site, it powers a dedicated DPI dashboard.
+  # Enabling this adds roughly 150 data points per client.  That's 6000 metrics for
+  # 40 clients.  This adds a little bit of poller run time per interval and causes
+  # more API requests to your controller(s). Don't let these "cons" sway you:
+  # it's cool data. Please provide feedback on your experience with this feature.
+  save_dpi = false
+
+  ## Enabling save_rogue stores even more data in your time series databases.
+  ## This saves neighboring access point metrics in a dedicated table or namespace.
+  save_rogue = false
+
+  # If your UniFi controller has a valid SSL certificate (like lets encrypt),
+  # you can enable this option to validate it. Otherwise, any SSL certificate is
+  # valid. If you don't know if you have a valid SSL cert, then you don't have one.
+  verify_ssl = false
+
+  ## You may provide a list of SSL cert files (PEM format) that you expect your
+  ## controller to use. As long as one of the certs you provide here shows up in
+  ## the cert trust chain the controller presents it will be accepted and allowed.
+  ## These files may be re-read while poller is running.
+  ## Example: ssl_cert_paths = ["/path/to/cert.pem", "/another/cert.pem"]
+  ssl_cert_paths = []
+
+# The following is optional and used for configurations with multiple UniFi controllers.
+
+# You may repeat the following [[unifi.controller]] section as many times as needed to
+# poll multiple controllers. Uncomment the entire section including [[unifi.controller]].
+# Omitted variables will have their values taken from the defaults, above.
+#
+#[[unifi.controller]]
+#  url         = "https://127.0.0.1:8443"
+#  user        = "unifipoller"
+#  pass        = "unifipoller"
+#  sites       = ["all"]
+#  save_sites  = true
+#  hash_pii    = false
+#  save_ids    = false
+#  save_events = false
+#  save_alarms = false
+#  save_anomalies = false
+#  save_dpi    = false
+#  save_rogue  = false
+#  verify_ssl  = false
+#  ssl_cert_paths = []