Guessing here... but might this be due to the docker image having an internal nat layer? In other words, is the IP address that the UNA is actually using within the docker container the same as the docker address on the outside facing OpenWrt?
If the docker container is routing, you'll have to use L3 adoption methods to get your devices connected to UNA.
Docker with the option -p/ports default binds to all ips (0.0.0.0/0). With an Ip (as we did) we can tell docker to only bind to a specific ip. I guess ap/network discovery of the unifi controller only works when listening on all ips…
In my example I only bound the web interface to my Ip. If you use Unifi guest portal HTTPS and HTTP you probably also have to bind them to your ip.
That I have no idea about. My concern was that I'm lacking better understanding of the container differences (and yes, routing) between lxc/docker, that's why I asked for help.
Yes, I'm using the same address/name in the controller name and override inform host and that name resolves to 192.168.1.10. It works when using lxc container, not when using the docker container.
I'm currently using the lxc container as I need UAPs to work, when I want to test docker, I do:
stop/disable auto-start of lxc container
remove IP assignment for the mac address of lxc container
add .10 IP as an ipaddr to the LAN interface
reboot and bring up docker container.
I'll try your updated ports section as soon as I can and report back, thank you @Hudra !
PS. Just to confirm is this a correct ports section for guest portal/SSH?
I don't have any actual knowledge about this, either. But can you ssh into the linux CLI for the container itself? If so, run ifconfig or ip to find out what it's using internally.
I am using host mode on my unifi container and I have no issues. Most of the communication occurs on port 8080 tcp. I suppose you have checked firewall and you see hits.
It will not work if ifconfig or ip-utils are not built in the image. But there might by apt so you can add it.
@Hudra thank you, your suggestion worked for UAPs, however the dumb USW-Flex-Mini could still not be adopted with the settings you recommended (while working fine in lxc container). When I've tried to enable the host network_mode like @trendy has suggested, the USW-Flex-Mini was adopted, but I have to enter 2FA every time I login now and I can't ssh into the controller. Any ideas?
I don't know about the 2FA, I am using local login only with user/pass. Regarding SSH I'd say it is conflicting with 22 on OpenWrt. Since you are on host mode all ports are directly bound on OpenWrt. So maybe you could change the port to 2222.
you're mixing IP binding and all-binding things which in my experience will confuse unifi devices.
I suggest to use IP:port:port syntax for all ports. obviously IP should be set within unifi controller too as the inform ip to override the internal IP (i.e. the docker container's IP) by default unifi controller advertise.
Looks like @grrr2 is correct that all port bindings should have explicit IP. I've removed the host network mode and added the IP to all the bindings and everything works! Thanks to @Hudra, @psherman, @trendy and @grrr2 guiding this thread to a successful conclusion!