Note
July 3rd, 2024
Updated UniFi OS from v3.2.12 to v4.0.6 and re-install service worked as intended. No additional downtime outside of the reboot.
A script to setup the wpa_supplicant service on Ubiquiti hardware.
Important
This script has been confirmed working on the following hardware:
- Dream Machine (u/-BruceWayne-)
- Dream Machine Pro
- Dream Machine Special Edition
- Dream Machine Pro Max
- Cloud Gateway Ultra
- Cloud Gateway Express
If your device is not on this list, message me and we can modfiy the script for compatibility.
DO NOT RUN THIS SCRIPT IF YOUR DEVICE IS IN BRIDGE MODE!
IT DOES NOT CURRENTLY CHECK FOR BRIDGE MODE AND WILL BREAK YOUR SETUP!
Tip
You need to update the variables in wtf-wpa.sh to match your configuration!
## USER VARIABLES ##
# FULL PATH to "backup" folder
backupPath="/root/config"
# Names of install deb files
libpcspkg="libpcsclite1_1.9.1-1_arm64.deb"
wpapkg="wpasupplicant_2.9.0-21_arm64.deb"
# Internet (ONT) interface MAC address (Pulled from cert extraction process)
inetONTmac="00:00:00:00:00:00"
# Certficate variables
CA_filename="CA.pem"
Client_filename="Client.pem"
PrivateKey_filename="PrivateKey.pem"
# FULL PATH for wpa_supplicant.conf
confPath="/etc/wpa_supplicant/conf"
# FULL PATH for cert storage
certPath="/etc/wpa_supplicant/conf"
# FULL PATH for deb package storage
debPath="/etc/wpa_supplicant/packages"
I created a folder called "config" that contains the following:
CA.pem
Client.pem
PrivateKey.pem
libpcsclite1_1.9.1-1_arm64.deb
wpasupplicant_2.9.0-21_arm64.deb
wtf-wpa.sh
You will need to provide your own certificates, but the deb files and script are available here.
I like to use SSH private keys instead of passwords and install them using the ssh-copy-id
command.
I've created a hostname entry on my internal dns called "udmpro", but you can use your IP address.
scp -r config root@udmpro:~/
Once that is done, ssh into your device and navigate to the directory you just copied over.
DEMO:~ shaun$ ssh root@udmpro
root@UDMPRO:~# cd config/
root@UDMPRO:~/config# ./wtf-wpa.sh
WTF wpa [ install/repair | check ]
Syntax: wtf-wpa.sh [-i|c]
options:
-i Install/repair & configure the wpa_supplicant service
Example: wtf-wpa.sh -i
-c Does a quick status check of the wpa_supplicant service
Example: wtf-wpa.sh -c
<none> Print this Help
root@UDMPRO:~#
Log Output Example
[2024-08-16 16:36:35] - *** Logging to: wtf-wpa.log ***
[2024-08-16 16:36:35] - *** Verification Mode ***
[2024-08-16 16:36:35] - *** Checking Hardware Version ***
[2024-08-16 16:36:35] - INFO: Hardware - UniFi Dream Machine Pro
[2024-08-16 16:36:35] - INFO: WAN Interface: eth8
[2024-08-16 16:36:35] - *** Checking for required directories ***
[2024-08-16 16:36:35] - INFO: Found - Backup Path: /root/config
[2024-08-16 16:36:35] - INFO: Found - debPath: /etc/wpa_supplicant/packages
[2024-08-16 16:36:35] - INFO: Found - certPath: /etc/wpa_supplicant/conf
[2024-08-16 16:36:35] - INFO: Found - confPath: /etc/wpa_supplicant/conf
[2024-08-16 16:36:35] - INFO: Found - override: /etc/systemd/system/wpa_supplicant.service.d
[2024-08-16 16:36:35] - *** Checking for required deb packages ***
[2024-08-16 16:36:35] - INFO: Found - deb_pkg: /etc/wpa_supplicant/packages/libpcsclite1_1.9.1-1_arm64.deb
[2024-08-16 16:36:35] - INFO: Found - deb_pkg: /etc/wpa_supplicant/packages/wpasupplicant_2.9.0-21_arm64.deb
[2024-08-16 16:36:35] - *** Checking for required certificates ***
[2024-08-16 16:36:35] - INFO: Found - CA: /etc/wpa_supplicant/conf/CA.pem
[2024-08-16 16:36:35] - INFO: Found - Client: /etc/wpa_supplicant/conf/Client.pem
[2024-08-16 16:36:35] - INFO: Found - PrivateKey: /etc/wpa_supplicant/conf/PrivateKey.pem
[2024-08-16 16:36:35] - *** Checking for wpa_supplicant conf files ***
[2024-08-16 16:36:35] - INFO: Found - wpa_conf: /etc/wpa_supplicant/conf/wpa_supplicant.conf
[2024-08-16 16:36:35] - INFO: Found - override: /etc/systemd/system/wpa_supplicant.service.d/override.conf
[2024-08-16 16:36:35] - *** Checking wpa_supplicant service ***
[2024-08-16 16:36:35] - INFO: wpa_supplicant installed: 2:2.9.0-21
[2024-08-16 16:36:35] - INFO: wpa_supplicant is active
[2024-08-16 16:36:35] - INFO: wpa_supplicant is enabled
[2024-08-16 16:36:35] - *** Checking recovery service ***
[2024-08-16 16:36:35] - INFO: wtf-wpa.service is enabled
[2024-08-16 16:36:35] - *** Testing connection to google.com:80 ***
[2024-08-16 16:36:36] - INFO: Attemp 1/3: netcat google.com:80 SUCCESSFUL
[2024-08-16 16:36:36] - *** Process complete ***
wpasupplicant_2.9.0-21_arm64.deb
- wpasupplicant install filelibpcsclite1_1.9.1-1_arm64.deb
- Dependancy for wpasupplicant_2.9.0-21_arm64.deb; All others should be in place on UniFi OS 3.x+
Future Plans
-
wtf-wpa.sh
- Merge both scripts into a new script with combined functionality using switches - Add "auto recover" systemctl service to re-enable wpa_supplicant service after minor Unifi OS update(Major will most like wipe the volume)