A comprehensive suite of tools for UniFi network management and monitoring.
Note: This project is not affiliated with, endorsed by, or sponsored by Ubiquiti Inc. UniFi is a trademark of Ubiquiti Inc.
Real-time system status including: - Gateway Info - Model, firmware, uptime - Resource Usage - CPU and RAM utilization - Network Health - WAN, LAN, WLAN, VPN status with diagnostic reasons - Connected Clients - Wired and wireless counts - WAN Status - IP, ISP, latency, uptime (supports multi-WAN)
Track specific Wi-Fi client devices through your UniFi infrastructure. - Device tracking by MAC address - Roaming detection between access points - Connection history with timestamps - Block/unblock devices directly from the UI - Blocked device indicator in device list - Webhook alerts (Slack, Discord, n8n) for connect, disconnect, roam, block, and unblock events
Monitor IDS/IPS security events from your UniFi gateway. - Real-time event monitoring - Threat categorization and analysis - Top attackers and targets - Webhook alerts (Slack, Discord, n8n)
Real-time network monitoring dashboard. - Gateway status (model, firmware, uptime, WAN) - Device counts (total clients, wired, wireless, APs, switches) - Chart.js visualizations (clients by band, clients by SSID, top bandwidth) - Clickable AP cards with detailed client views - WebSocket-powered live updates
Build the perfect UniFi network at uiproductselector.com
No authentication, access via http://localhost:8000
Prerequisites: Install Docker first - see docs/INSTALLATION.md
# Clone and setup
git clone https://github.com/Crosstalk-Solutions/unifi-toolkit.git
cd unifi-toolkit
./setup.sh # Select 1 for Local
# Start
docker compose up -d
Access at http://localhost:8000
Authentication enabled, HTTPS with Let's Encrypt via Caddy
Prerequisites: Install Docker first - see docs/INSTALLATION.md
# Clone and setup
git clone https://github.com/Crosstalk-Solutions/unifi-toolkit.git
cd unifi-toolkit
./setup.sh # Select 2 for Production
# Enter: domain name, admin username, password
# Open firewall ports
sudo ufw allow 80/tcp && sudo ufw allow 443/tcp
# Start with HTTPS
docker compose --profile production up -d
Access at https://your-domain.com
| Guide | Description |
|---|---|
| INSTALLATION.md | Complete installation guide with troubleshooting |
| SYNOLOGY.md | Synology NAS Container Manager setup |
| QNAP Guide | QNAP Container Station setup (community) |
| Unraid Guide | Unraid Community apps Setup |
| QUICKSTART.md | 5-minute quick start reference |
| Action | Command |
|---|---|
| Start (local) | docker compose up -d |
| Start (production) | docker compose --profile production up -d |
| Stop | docker compose down |
| View logs | docker compose logs -f |
| Restart | docker compose restart |
| Reset password | ./reset_password.sh |
| Update | ./upgrade.sh |
Run the interactive setup wizard:
./setup.sh
The wizard will:
- Generate encryption key
- Configure deployment mode (local/production)
- Set up authentication (production only)
- Create your .env file
Copy and edit the example configuration:
cp .env.example .env
| Variable | Description |
|---|---|
ENCRYPTION_KEY |
Encrypts stored credentials (auto-generated by setup wizard) |
| Variable | Description |
|---|---|
DEPLOYMENT_TYPE |
local or production |
DOMAIN |
Your domain name (e.g., toolkit.example.com) |
AUTH_USERNAME |
Admin username |
AUTH_PASSWORD_HASH |
Bcrypt password hash (generated by setup wizard) |
Configure via .env or the web UI (web UI takes precedence):
| Variable | Description |
|---|---|
UNIFI_CONTROLLER_URL |
Controller URL (e.g., https://192.168.1.1) |
UNIFI_USERNAME |
Username (legacy controllers) |
UNIFI_PASSWORD |
Password (legacy controllers) |
UNIFI_API_KEY |
API key (UniFi OS: UDM, UCG, Cloud Key) |
UNIFI_SITE_ID |
Site ID from URL, not friendly name (default: default). For multi-site, use ID from /manage/site/{id}/... |
UNIFI_VERIFY_SSL |
SSL verification (default: false) |
| Variable | Description |
|---|---|
STALKER_REFRESH_INTERVAL |
Device refresh interval in seconds (default: 60) |
Production deployments use Caddy for automatic HTTPS: - Let's Encrypt certificates (auto-renewed) - HTTP to HTTPS redirect - Security headers (HSTS, X-Frame-Options, etc.)
When managing multiple UniFi sites, always use site-to-site VPN:
✅ RECOMMENDED: VPN Connection
┌──────────────────┐ ┌──────────────────┐
│ UI Toolkit │◄──VPN──►│ Remote UniFi │
│ Server │ │ Controller │
└──────────────────┘ └──────────────────┘
❌ AVOID: Direct Internet Exposure
Never expose UniFi controllers via port forwarding
VPN Options: UniFi Site-to-Site, WireGuard, Tailscale, IPSec
UNIFI_VERIFY_SSL=false for self-signed certificatesdocker compose logs caddy./reset_password.sh if you forgot your password.env exists and contains ENCRYPTION_KEYdocker compose logs -fdocker compose pull && docker compose up -d# Clone repository
git clone https://github.com/Crosstalk-Solutions/unifi-toolkit.git
cd unifi-toolkit
# Create virtual environment (Python 3.9-3.12 only, NOT 3.13+)
python3 -m venv venv
source venv/bin/activate
# Install dependencies
pip install -r requirements.txt
# Run setup wizard
./setup.sh
# Start application
python run.py
unifi-toolkit/
├── app/ # Main application
│ ├── main.py # FastAPI entry point
│ ├── routers/ # API routes (auth, config)
│ ├── static/ # CSS, images
│ └── templates/ # HTML templates
├── tools/ # Individual tools
│ ├── wifi_stalker/ # Wi-Fi Stalker tool
│ ├── threat_watch/ # Threat Watch tool
│ └── network_pulse/ # Network Pulse tool
├── shared/ # Shared infrastructure
│ ├── config.py # Settings management
│ ├── database.py # SQLAlchemy setup
│ ├── unifi_client.py # UniFi API wrapper
│ └── crypto.py # Credential encryption
├── docs/ # Documentation
├── data/ # Database (created at runtime)
├── setup.sh # Setup wizard
├── upgrade.sh # Upgrade script
├── reset_password.sh # Password reset utility
├── Caddyfile # Reverse proxy config
├── docker-compose.yml # Docker configuration
└── requirements.txt # Python dependencies
The project includes a comprehensive test suite covering authentication, caching, configuration, and encryption.
# Install development dependencies
pip install -r requirements-dev.txt
# Run all tests
pytest tests/ -v
# Run specific test file
pytest tests/test_auth.py -v
# Run with coverage
pytest tests/ --cov=shared --cov=app -v
Test modules:
- tests/test_auth.py - Authentication, session management, rate limiting (22 tests)
- tests/test_cache.py - In-memory caching with TTL expiration (18 tests)
- tests/test_config.py - Pydantic settings and environment variables (13 tests)
- tests/test_crypto.py - Fernet encryption for credentials (15 tests)
If you find UI Toolkit useful, consider supporting development:
Developed by Crosstalk Solutions
MIT License
$ claude mcp add unifi-toolkit \
-- python -m otcore.mcp_server <graph>