Docker Deployment

Docker Deployment

For production environments, we recommend deploying the UniFi Dashboard using Docker. Our containerized version uses a lightweight Alpine-based Node.js image, optimized for security and performance.

Quick Start with Docker Run

The fastest way to get the dashboard running is to use the docker run command. Ensure you have your UniFi API credentials ready.

docker run -d \
  --name unifi-dashboard \
  -p 3000:3000 \
  -e UNIFI_API_KEY="your-api-key" \
  -e UNIFI_API_URL="https://your-unifi-host.com/proxy/network/integration/v1" \
  suddenelfilio/unifi-dashboard:latest

Deployment with Docker Compose

Using Docker Compose is the preferred method for managing persistent deployments. It allows you to manage configuration through a YAML file and easily restart services.

1. Create a docker-compose.yml file:

version: '3.8'

services:
  unifi-dashboard:
    image: suddenelfilio/unifi-dashboard:latest
    container_name: unifi-dashboard
    restart: unless-stopped
    ports:
      - "3000:3000"
    environment:
      - UNIFI_API_KEY=${UNIFI_API_KEY}
      - UNIFI_API_URL=${UNIFI_API_URL}
      - PORT=3000
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:3000/"]
      interval: 30s
      timeout: 10s
      retries: 3

1. Create a .env file in the same directory:

UNIFI_API_KEY=your-actual-api-key
UNIFI_API_URL=https://your-unifi-host.com/proxy/network/integration/v1

1. Start the container:

docker-compose up -d

Configuration Variables

The container is configured using environment variables. These are essential for connecting the dashboard to your UniFi controller.

| Variable | Description | Required | | :--- | :--- | :--- | | UNIFI_API_KEY | Your UniFi API integration key. | Yes | | UNIFI_API_URL | The full base URL for your UniFi Network API (including the proxy path). | Yes | | PORT | The internal port the server listens on (Default: 3000). | No |

Security and Optimization

Our Docker implementation follows industry best practices to ensure your network monitoring remains secure:

• Non-Root Execution: The application runs under a dedicated node user rather than root to minimize security risks.
• BFF Proxy Architecture: The container acts as a "Backend-for-Frontend" (BFF), securely handling your API keys on the server side so they are never exposed to the client's browser.
• Health Checks: The image includes built-in health checks to ensure the service is responsive, allowing orchestrators like Docker Compose or Kubernetes to restart the container if the API proxy becomes unreachable.
• Alpine Linux Base: We use a minimal footprint image to reduce the attack surface and download size.