From 89d14a1615caefc2935b2a03aebc5d5e31ed73f4 Mon Sep 17 00:00:00 2001
From: DerGrumpf <phil.keier@hotmail.com>
Date: Sat, 11 Apr 2026 12:50:47 +0200
Subject: [PATCH] Migrated Unifi Docker -> Nix

---
 hosts/cyper-node-2/configuration.nix |  1 +
 nixos/roles/unifi.nix                | 26 ++++++++++++++++++++++++++
 2 files changed, 27 insertions(+)
 create mode 100644 nixos/roles/unifi.nix

diff --git a/hosts/cyper-node-2/configuration.nix b/hosts/cyper-node-2/configuration.nix
index 5fe45e5..0256e07 100644
--- a/hosts/cyper-node-2/configuration.nix
+++ b/hosts/cyper-node-2/configuration.nix
@@ -2,6 +2,7 @@
   imports = [
     ./hardware-configuration.nix
     ../../nixos/roles/wyl.nix
+    ../../nixos/roles/unifi.nix
   ];
 
   networking = {
diff --git a/nixos/roles/unifi.nix b/nixos/roles/unifi.nix
new file mode 100644
index 0000000..779d74f
--- /dev/null
+++ b/nixos/roles/unifi.nix
@@ -0,0 +1,26 @@
+{ pkgs, ... }:
+
+{
+  nixpkgs.config.allowUnfree = true;
+
+  services.unifi = {
+    enable = true;
+    unifiPackage = pkgs.unifi;
+    mongodbPackage = pkgs.mongodb-7_0;
+    openFirewall = true; # opens 3478/udp, 10001/udp, 8080, 8443, 8843, 8880, 6789
+  };
+
+  networking.firewall = {
+    allowedTCPPorts = [
+      8443
+      8080
+      8880
+      8843
+      6789
+    ];
+    allowedUDPPorts = [
+      3478
+      10001
+    ];
+  };
+}