/ Verzeichnis / Playground / unifi-mcp
← Alle Server ↗ GitHub
● Community sirkirby ⚡ Sofort

unifi-mcp

von sirkirby · sirkirby/unifi-mcp

Operate your Ubiquiti UniFi stack — Network, Protect cameras, Access doors — by chatting with Claude. 224 tools covering the real product surface.

unifi-mcp is actually three MCP servers bundled: Network (161 tools, stable), Protect (34 tools, beta), and Access (29 tools, beta). Cross-product event correlation via optional cloud relay. Installs via uvx or the Claude Code plugin marketplace.

▶ Demo ansehen 📦 Installieren 💡 Anwendungsfälle

Warum nutzen

Hauptfunktionen

Live-Demo

In der Praxis

unifi.replay ▶ bereit
0/0

Installieren

Wählen Sie Ihren Client

~/Library/Application Support/Claude/claude_desktop_config.json  · Windows: %APPDATA%\Claude\claude_desktop_config.json
{
  "mcpServers": {
    "unifi": {
      "command": "uvx",
      "args": [
        "unifi-mcp"
      ],
      "_inferred": true
    }
  }
}

Öffne Claude Desktop → Settings → Developer → Edit Config. Nach dem Speichern neu starten.

~/.cursor/mcp.json · .cursor/mcp.json
{
  "mcpServers": {
    "unifi": {
      "command": "uvx",
      "args": [
        "unifi-mcp"
      ],
      "_inferred": true
    }
  }
}

Cursor nutzt das gleiche mcpServers-Schema wie Claude Desktop. Projektkonfiguration schlägt die globale.

VS Code → Cline → MCP Servers → Edit
{
  "mcpServers": {
    "unifi": {
      "command": "uvx",
      "args": [
        "unifi-mcp"
      ],
      "_inferred": true
    }
  }
}

Klicken Sie auf das MCP-Servers-Symbol in der Cline-Seitenleiste, dann "Edit Configuration".

~/.codeium/windsurf/mcp_config.json
{
  "mcpServers": {
    "unifi": {
      "command": "uvx",
      "args": [
        "unifi-mcp"
      ],
      "_inferred": true
    }
  }
}

Gleiche Struktur wie Claude Desktop. Windsurf neu starten zum Übernehmen.

~/.continue/config.json
{
  "mcpServers": [
    {
      "name": "unifi",
      "command": "uvx",
      "args": [
        "unifi-mcp"
      ]
    }
  ]
}

Continue nutzt ein Array von Serverobjekten statt einer Map.

~/.config/zed/settings.json
{
  "context_servers": {
    "unifi": {
      "command": {
        "path": "uvx",
        "args": [
          "unifi-mcp"
        ]
      }
    }
  }
}

In context_servers hinzufügen. Zed lädt beim Speichern neu.

claude mcp add unifi -- uvx unifi-mcp

Einzeiler. Prüfen mit claude mcp list. Entfernen mit claude mcp remove.

Anwendungsfälle

Praxisnahe Nutzung: unifi-mcp

Investigate a motion alert across cameras and doors

👤 UniFi home/SMB users ⏱ ~10 min intermediate

Wann einsetzen: You got a Protect motion alert at 2 AM. Who was it? Did a door open?

Voraussetzungen
  • UniFi controller + credentials — UniFi UI > Admin > API credentials
Ablauf
  1. Pull the motion event
    Get Protect motion events between 01:55 and 02:05 today. Include smart detection labels.✓ Kopiert
    → Event list with 'person' / 'vehicle' tags
  2. Correlate with doors
    Were any Access doors opened in the same window?✓ Kopiert
    → Door open events or none
  3. Check network side
    Any new/unknown clients joined the network in that window?✓ Kopiert
    → Network client delta

Ergebnis: Fast sensemaking of a potential incident without clicking between 3 UniFi apps.

Fallstricke
  • Protect timestamps use controller timezone — Always ask Claude to convert to your local time explicitly

Provision and audit guest networks

👤 Office IT, Airbnb hosts ⏱ ~10 min beginner

Wann einsetzen: You want a throwaway guest WiFi for the week, auto-expiring.

Ablauf
  1. Create SSID
    Create a guest SSID 'Week42' on the 2.4 + 5 GHz bands with a random 12-char password. Expires in 7 days.✓ Kopiert
    → SSID created + password returned
  2. Review
    End of week — how many clients connected, total bandwidth, any suspicious patterns?✓ Kopiert
    → Usage report

Ergebnis: Less hassle than doing it in the UI.

Fallstricke
  • Claude leaves the SSID up past expiry — Set a UniFi scheduled rule; don't rely on LLM to remember

Audit your firewall rules for drift

👤 Self-hosted homelabbers, SMB admins ⏱ ~30 min advanced

Wann einsetzen: You've added rules over time and want a second pair of eyes on what's actually allowed.

Ablauf
  1. Dump rules
    List all firewall rules, grouped by zone.✓ Kopiert
    → Complete rule inventory
  2. Audit
    Flag any rules that allow inbound from 0.0.0.0/0 to internal services. Flag overly permissive any-any rules.✓ Kopiert
    → Risk-flagged subset
  3. Propose tightening
    For each flagged rule, propose the minimal scope change that preserves functionality.✓ Kopiert
    → Concrete diff suggestions

Ergebnis: A tighter firewall configured in one session.

Fallstricke
  • Applying changes blindly locks you out — Have Claude list changes; apply them yourself via the UI for anything gateway-related

Kombinationen

Mit anderen MCPs für 10-fache Wirkung

unifi + ssh-manager

Run deep diagnostics on a controller via SSH when the API isn't enough

If a UniFi API call returns no data for a device, SSH into the controller and run info on that device's ID.✓ Kopiert

Werkzeuge

Was dieses MCP bereitstellt

WerkzeugEingabenWann aufrufenKosten
network_list_clients site?: str See who's on your network 1 API call
network_firewall_rules action: list|create|update|delete, ... Audit or change firewall 1 API call
network_health Diagnose offline APs, high error rates 1 API call
protect_list_events start, end, cameras?, types? Investigate motion/detection events 1 API call
access_open_door door_id, duration_s? Remote door unlock — destructive; confirm first 1 API call + physical effect

Kosten & Limits

Was der Betrieb kostet

API-Kontingent
Your controller — no external limits
Tokens pro Aufruf
List calls 500-3000 tokens; individual ops 100-500
Kosten in €
Free, MIT. UniFi hardware/licenses are your existing spend.
Tipp
Only enable the product servers you actually use — Network only for most homelabs reduces schema overhead.

Sicherheit

Rechte, Secrets, Reichweite

Minimale Scopes: Dedicated UniFi admin user with role scoped to needed product
Credential-Speicherung: UNIFI_HOST, UNIFI_USERNAME, UNIFI_PASSWORD env vars; or experimental read-only UNIFI_API_KEY
Datenabfluss: LAN to controller; optional cloud relay for cross-product correlation
Niemals gewähren: Super Admin credentials to an agent that can also reach the public internet

Fehlerbehebung

Häufige Fehler und Lösungen

Cannot connect to controller

Check UNIFI_HOST — include https:// and port (e.g. https://unifi.local:8443). Self-signed cert? Set UNIFI_VERIFY_SSL=false (for trusted LAN only).

Prüfen: curl -k https://unifi.local:8443/api/system
401 Unauthorized

Credentials wrong, or 2FA required. Create a local admin without 2FA for automation.

Protect events empty

Ensure Protect is actually installed on this controller. protect_health confirms.

Alternativen

unifi-mcp vs. andere

AlternativeWann stattdessenKompromiss
unifi-api-client in custom scriptsYou want full customization and don't use AI for opsYou write all the glue; no MCP ergonomics

Mehr

Ressourcen

📖 Offizielle README auf GitHub lesen

🐙 Offene Issues ansehen

🔍 Alle 400+ MCP-Server und Skills durchsuchen