This method is absolutely not recommended for a container accessible with no restraints, as MongoDB 4.4 is very old and no longer contains any security updates. This is however sufficient for homelab requirements, especially as a failover node.
I faced an issue when originally trying to clone containers between proxmox nodes to add high availability to the omada controller (see Proxmox: install omada controller in high-availability). The target node would fail to start with an obscure error:
Starting Omada Network Application. Please wait.
.......
Failed to start the MongoDB server with exit code 132. Please check your system memory, disk space, maximum number of open file handles, and file permissions.
After confirming your system status, delete the /data/db/_repair_incomplete file in the installation directory.This is simply caused by a breaking change introduced in upstream MongoDB 5.0, a hard dependency on the AVX instruction set. As my target node does not support this set, I only have two options to run the Omada Controller:
- install a MongoDB-like engine, for example FerretDB, and configure Omada to use an external database
- install MongoDB 4.4
I took the latter option, because at the time of writing I could not get ferret to start on my node. Once I sort this one out I will likely change my approach.
The following guide is written for debian trixie (13.0), but should work in similar way for other debian-based distributions.
Prepare mongoDB repository
curl -fsSL https://pgp.mongodb.com/server-4.4.asc | \
gpg -o /usr/share/keyrings/mongodb-server-4.4.gpg \
--dearmorAt this stage, the certificate is expired, but maybe at some point it will be re-issued.
Create /etc/apt/sources.list.d/mongodb.sources
Types: deb
Suites: buster/mongodb-org/4.4
Components: main
Signed-By: /usr/share/keyrings/mongodb-server-4.4.gpg
Allow-Insecure: yes
Trusted: yes
URIs: https://repo.mongodb.org/apt/debianThe Allow-Insecure and Trusted options are here because of certificate expiration. In general it is not recommended to have production grade VMs / containers with such configuration. Since the certificate has expired there is not much choice left to us.
Add bullseye repository
This is needed to install libssl1.1 required by MongoDB 4.4.
Modify /etc/apt/sources.list.d/debian.sources and append the following
Types: deb
URIs: http://deb.debian.org/debian
Suites: bullseye
Components: main
Signed-By: /usr/share/keyrings/debian-archive-keyring.gpgInstall everything
Download the latest Omada version
wget https://static.tp-link.com/upload/software/2026/202604/20260402/Omada_Network_Application_v6.2.0.17_linux_x64_20260331104746.debInstall all needed dependencies
apt install mongodb-org-server curl jsvc openjdk-25-jre-headless libssl1.1 --no-install-recommendsInstall the omada controller
dpkg -i --force-all Omada_Network_Application_v6.2.0.17_linux_x64_20260331104746.debThe installation may take some time but should be successful
> dpkg -i --force-all /usr/src/Omada_Network_Application_v6.2.0.17_linux_x64_20260331104746.deb
Selecting previously unselected package omadac.
(Reading database ... 24989 files and directories currently installed.)
Preparing to unpack .../Omada_Network_Application_v6.2.0.17_linux_x64_20260331104746.deb ...
Cannot locate Java Home
Unpacking omadac (6.2.0.17) ...
dpkg: omadac: dependency problems, but configuring anyway as you requested:
omadac depends on java17-runtime | java17-runtime-headless | jdk-17; however:
Package java17-runtime is not installed.
Package java17-runtime-headless is not installed.
Package jdk-17 is not installed.
Setting up omadac (6.2.0.17) ...
Install Omada Network Application succeeded!
==========================
current data is empty
Omada Network Application will start up with system boot. You can also control it by [/usr/bin/tpeap].
check omada
Starting Omada Network Application. Please wait.
..............
Started successfully.
You can visit http://localhost:8088 on this host to manage the wireless network.
========================At this stage the controller can be used as any other. Care should be taken about hardening it as much as possible since outdated dependencies are run.
- Log in to post comments