Editing Introduction to a Self Managed Life: a 13 hour & 28 minute presentation by FUTO software (section)

== Step 4: TP-Link Omada Controller SDN Installation Guide ==

<span id="optional-note-for-the-paranoidskip-ahead-if-not-paranoid"></span>
==== 4.0 Optional note for the paranoid(skip ahead if not paranoid) ====

'''To be clear, if you’re at this level of paranoia, just find a router that has meshing with openwrt and deal with the lower level of performance with switching you’ll get with it. I have yet to find an open source access point + open source firmware that is even close to closed source ones with regards to seamless roaming across multiple access points without dropoffs or slowdowns'''

If you have a problem with running closed source software from a company headquartered in Shenzhen on your computer - I don’t blame you. Rather than install this onto your host system, you can install it onto a virtual machine you do not allow to access the internet, that runs nothing but this software. You would install the virtual machine for omada the same way you would install the virtual machine for mailcow. We have done this many times - simply follow the instructions we’ve already followed, with the following changes:

<ul>
<li><p>When installing Ubuntu server, choose minimal install in the installer.</p></li>
<li><p>Set the IP to 192.168.5.7 instead of 192.168.5.3 we chose for mailcow</p></li>
<li><p>Set the hostname &amp; name of the computer to '''wifitool'''</p></li>
<li><p>Set the static mapping in pfsense with hostname '''wifitool'''</p></li>
<li><p>Make a pfSense firewall rule blocking all traffic '''to''' and '''from''' <code>192.168.5.7</code> on the LAN interface for any protocol, so it looks like this:</p>
<div class="figure">

<gallery mode="packed-hover" heights=250 widths=400 perrow=2>
File:image-20241114175555928.png
</gallery>

</div></li></ul>

<div class="figure">

<gallery mode="packed-hover" heights=250 widths=400 perrow=2>
File:image-20241114175638119.png
</gallery>

</div>
<div class="figure">

<gallery mode="packed-hover" heights=250 widths=400 perrow=2>
File:image-20241114175738722.png
</gallery>

</div>
<div class="figure">

<gallery mode="packed-hover" heights=250 widths=400 perrow=2>
File:image-20241114175818156.png
</gallery>

</div>
Lastly, if you want a level of paranoia that matches [https://www.reuters.com/world/us/us-lawmakers-urge-probe-wifi-router-maker-tp-link-over-fears-chinese-cyber-2024-08-15/ congress], you can set up temporary pfSense firewall rules that block the computer you use to access the tp-link omada controller in your web browser from connecting as well - and toggle them on each time you run the tp-link omada controller software in your browser, and make a rule blocking the IP address of each individual access point from going online as well.

<span id="prepare-the-system"></span>
==== 4.1 Prepare the System ====

Before installation, remove any conflicting packages like older MongoDB versions, Java, or remnants of previous Omada installations to avoid conflicts. '''We never installed these packages onto our server, so they should not be there. Just in case they are. To be clear, you should not have any use for these packages at this point if you’ve been following this guide. '''

<pre>sudo apt purge -y mongodb-org* openjdk-11-* openjdk-8-* jsvc
sudo apt autoremove -y
sudo apt clean</pre>
<span id="install-java-8-and-mongodb"></span>
==== 4.2 Install Java 8 and MongoDB ====

Install Java 8, as the Omada Controller requires it, and install MongoDB (v7.0 is recommended here). It wants old Java. Not version 11.

<pre>sudo apt update

# Some of this software you may already have. No big deal, it doesn't hurt to make sure. 
sudo apt install -y openjdk-8-jre-headless jsvc curl gnupg lsb-release

curl -fsSL https://pgp.mongodb.com/server-7.0.asc | sudo gpg -o /usr/share/keyrings/mongodb-server-7.0.gpg --dearmor
echo &quot;deb [arch=amd64,arm64 signed-by=/usr/share/keyrings/mongodb-server-7.0.gpg] https://repo.mongodb.org/apt/ubuntu $(lsb_release -sc)/mongodb-org/7.0 multiverse&quot; | sudo tee /etc/apt/sources.list.d/mongodb-org-7.0.list

sudo apt update

sudo apt install -y mongodb-org</pre>
<pre>sudo systemctl enable mongod --now
sudo systemctl status mongod</pre>
<blockquote>'''IMPORTANT NOTE:''' mongodb is expecting you to be using an older version of Ubuntu Linux(22.04, codename “jammy”) for this to work. We are using Ubuntu Server (24.04, code name “noble”). There is nothing wrong with this''(besides the fact that I subjected you to ubuntu in the first place, but that’s a conversation for another time)''. 24.04 is the latest stable, long term release. However, mongodb still thinks that jammy is the latest long term/stable release.

If mongodb does not have a repository for ubuntu 24.04 jammy by the time this guide is released, you will have to make the following edit for apt to let you install mongdo from this repository:
</blockquote>
<pre># Open source list file for mongodb for editing
sudo nano -w /etc/apt/sources.list.d/mongodb-org-7.0.list</pre>
<pre># Find the following line:
deb [arch=amd64,arm64 signed-by=/usr/share/keyrings/mongodb-server-7.0.gpg] https://repo.mongodb.org/apt/ubuntu noble/mongodb-org/7.0 multiverse</pre>
<pre># Replace the word `noble` with `jammy`
deb [arch=amd64,arm64 signed-by=/usr/share/keyrings/mongodb-server-7.0.gpg] https://repo.mongodb.org/apt/ubuntu jammy/mongodb-org/7.0 multiverse</pre>
'''The steps in the three grey code boxes above are only necessary if you received an error while trying to install mongodb'''

<span id="find-omada-sdn-controller-software-on-tp-links-website-to-download"></span>
==== 4.3 Find Omada SDN Controller Software on tp-link’s website to download ====

Download the latest .deb package from [https://www.tp-link.com/us/support/download/omada-software-controller/ TP-Link’s Download section]. Right click the download button, click '''copy link''' in your browser, and paste it into the command below:

<pre># Make subdirectory for storing programs if it isn't already there in our home directory

mkdir -p ~/Downloads/programs
cd ~/Downloads/programs

# Check TP-Link's website for the latest version of this sfotware, it should be a .deb file with a filename that looks something like what you see below, just with a newer version

wget https://static.tp-link.com/upload/software/2024/202411/20241101/Omada_SDN_Controller_v5.14.32.3_linux_x64.deb</pre>
<span id="install-the-omada-controller"></span>
==== 4.4 Install the Omada Controller ====

Install the Omada Controller SDN package. If dependencies are flagged, ignore them to proceed with the installation.

<pre>sudo dpkg --ignore-depends=jsvc -i Omada_SDN_Controller.deb
# Just in case anything funny happened while installing an ancient version of java
sudo apt --fix-broken install</pre>
<span id="verify-it-installed-start-the-controller"></span>
==== 4.5 Verify it installed &amp; Start the Controller ====

The Omada Controller should now be running. Access the Omada interface by navigating to <code>https://192.168.5.2:8043</code>.

<blockquote>'''NOTE:''' If it gets stuck on “Starting Omada Controller. Please wait….” and keeps outputting dots, and never starts, and it gives you a bs error about java virtual machine not being available, you followed TP-Link’s documentation instead of mine. Do not pass go, do not collect $200, go directly to jail. That is your punishment for expecting GNU/Linux documentation for a piece of software to work; and you deserve it.
</blockquote>

-----

To enable it on boot, type <code>systemctl enable tpeap</code> , but it should already be starting on boot.

<span id="step-4.5-vlan-tags"></span>