Explaining the UniFi system.properties File

Note that this article is only applicable to advanced users with the self-hosted UniFi Network Servers installed on a Windows/macOS/Linux machine. We generally recommend using a UniFi Console for the best experience. Visit UI.com to learn more.

This article describes what the system.properties file is used for, and how to edit it.

Introduction

The system.properties file defines system-wide parameters for the UniFi Network Server. It is found within <unifi.base> in the data folder. Some advanced use-cases include:

  • Manual override of the Application IP Interface (the address to which Devices send inform packets).
  • Advanced Database adjustments.
  • Port Assignments, for purposes of the UniFi Network application communicating with Managed Devices, redirecting Guest Portal traffic, etc.

WARNING: Before editing the file, remember to create a backup of your system. It is also necessary to stop the application before performing any change in the file to avoid errors after changes are made.

The system.properties file can be edited directly via any text editor. Keep in mind that lines preceded by hash-tags (#) exist as comments and are non-operational. Make edits at the bottom of the file. After changing this file, you'll need to manually trigger provisioning on each site in order to make these effective.

Note: The file is created when UniFi Network runs successfully. If you cannot find the file within the <unifi_base>, create it by running UniFi Network.

Manually Specify the IP Interface for UniFi Network Application Communication

If a UniFi Console has multiple IP interfaces, the following configuration can manually set the exact IP interface that adopted APs should communicate to the Network application:
system_ip=a.b.c.d           # the IP devices should be talking to for inform

Advanced Database Configuration

Below are advanced database configurations that most users will never need. Note: We do not perform tests on these configurations, they are enabled for the convenience of database experts. One possible usage scenario is where few people run their application on a NAS, which has a smaller footprint than a normal server, hence there's a need to reduce the required resources.
unifi.db.nojournal=false    # disable mongodb journaling
unifi.db.extraargs         # extra mongod args

The configuration below is used to facilitate UniFi Network application installation. Again, most users will never need to set this. When the is_default is set to true, the application will start with factory default configuration. For normal, everyday users, an uninstallation and then fresh re-installation is recommended over this.

is_default=true

From the UniFi Network application you can configure the auto-backup frequency, amount of backups to store, time of backup, etc. At the time of writing this, you cannot change the storage location via the application. We do have a variable in the system.properties if you wish to change the storage location. Currently, the default points to:

1. For Cloud Key: /data/autobackup (where SD card is mounted as /data by default)
2. For software installs: {data.dir}/backup/autobackup

autobackup.dir=/some/path

HSTS can be enabled, but should only be done by advanced system administrators who are familiar with it. If you run into issues, you likely will need to clear your browser's cache after disabling this and restarting the service. To enable HSTS support add the following:

unifi.https.hsts=true
unifi.https.hsts.max_age=31536000
unifi.https.hsts.preload=false
unifi.https.hsts.subdomain=false 
NOTE: Currently no characters after the custom line(s) are allowed. This includes spaces, pound/sharp signs/comments, etc.

SMTP Related Settings

By default, SMTPS validates certificates and will reject self-signed or untrusted certificates. If your mail server uses an untrusted certificate, you must disable certificate verification with the following:

smtp.checkserveridentity=false

Starting with UniFi Network version 6.1, STARTTLS is opportunistically enabled by default; e.g. will be used if the server announces support for it, and will require a trusted certificate. If using a self-signed or untrusted certificate, you must disable STARTTLS by setting the following:

smtp.starttls_enabled=false

This only controls whether STARTTLS will be used if the server supports it. To force its use, see: starttls_required.

With UniFi Network version 6.1 and newer, STARTTLS is opportunistically enabled by default, but only required if using port 587. This behavior can be overridden by setting smtp.starttls_required=true to force the use of STARTTLS on ports other than 587, or to make STARTTLS optional on port 587, set it to false.

If smtp.starttls_enabled=false is set, the starttls_required value has no impact.

Was this article helpful?
94 out of 189 found this helpful