UniFi Remove Role¶
Destructively removes the UniFi Network Application plus the supporting MongoDB/Java packages from the macmini host. The role mirrors the operational flow of the legacy teardown script but adds confirmation gates, optional backups, and granular preserve_* toggles so day‑2 cleanup stays deterministic.
Features¶
Optional pre-removal
local.ops_library.unifi_backupexecution to capture the last known-good snapshot.Graceful stop/disable of UniFi + MongoDB services, systemd unit removal, and Traefik/ufw cleanup.
Package purge blocks for UniFi, MongoDB, and OpenJDK (toggle via
unifi_remove_packages).Fine-grained directory cleanup flags (cache, logs, data, home) and optional MongoDB database/user drop commands.
Human-readable summary at the end so you know exactly which destructive toggles fired.
Key Variables¶
Variable |
Default |
Purpose |
|---|---|---|
|
|
Hard guard. Set to |
|
|
When true, runs |
|
|
Purges UniFi, MongoDB, and Java packages. |
|
|
Delete |
|
|
Remove the |
|
|
Delete ufw rules matching the standard UniFi ports. |
|
|
Drop the |
Refer to defaults/main.yml for additional knobs (service list, directories, Mongo credentials, Traefik paths).
Example Usage¶
- hosts: macmini
become: true
roles:
- role: local.ops_library.unifi_remove
vars:
unifi_remove_confirm: true
unifi_remove_trigger_backup: true
unifi_backup_root: "/srv/backups/unifi"
unifi_backup_create_archive: true
unifi_remove_delete_data: true
unifi_remove_delete_home: true
unifi_remove_drop_mongodb_database: true
unifi_mongodb_password: "{{ sops_unifi_mongodb_password }}"
Notes¶
Dropping the MongoDB database/user requires valid credentials; the tasks stay skipped (and safe) until
unifi_mongodb_passwordis set.Keep
unifi_remove_delete_data/homeset tofalsefor dry-runs—once flipped the directories are removed permanently.If
ufwis not installed the firewall cleanup step is quietly skipped.