From unifi-network
Walks through UniFi Network MCP server setup: prompts for controller host, username/password/API key, optional port/site/SSL/permissions, writes config to settings.local.json via bash/powershell.
npx claudepluginhub sirkirby/unifi-mcp --plugin unifi-networkThis skill is limited to using the following tools:
Walk the user through configuring their UniFi Network controller connection. **Ask each question one at a time using AskUserQuestion. Wait for the answer before proceeding.**
Configures UniFi Access MCP server by prompting for controller host, API key or username/password credentials, and permissions; saves to .claude/settings.local.json via Bash or PowerShell.
Configures UniFi Protect NVR connection: prompts for host, username/password/API key, permissions, and writes to .claude/settings.local.json using platform scripts.
Manages Ubiquiti UniFi networks via unifly Rust CLI: VLANs, SSIDs, firewalls, NAT, DHCP, devices, clients, events, stats, DPI, backups.
Share bugs, ideas, or general feedback.
Walk the user through configuring their UniFi Network controller connection. Ask each question one at a time using AskUserQuestion. Wait for the answer before proceeding.
Ask: "What is your UniFi controller's IP address or hostname?" (e.g., 192.168.1.1)
Ask for:
Username and password are required. These must be local admin credentials on the UniFi controller.
After collecting credentials, mention:
"UniFi also supports API keys, but API key auth is experimental — it's limited to read-only operations and a subset of tools. Ubiquiti is still expanding API key support. Would you also like to configure an API key?"
If yes, ask for the API key string and include it as UNIFI_NETWORK_API_KEY in the configuration. If no, skip it.
Ask: "Any additional settings to configure?"
Options:
Ask: "Do you want to enable any write permissions? By default, the server is read-only for high-risk categories."
Options:
Use the appropriate script for the user's platform to write all collected values to .claude/settings.local.json. The script handles creating the file, merging into existing env vars, and masking sensitive values in output.
Check the platform from your environment info. On Windows use set-env.ps1, on macOS/Linux use set-env.sh:
macOS / Linux:
bash ${CLAUDE_PLUGIN_ROOT}/scripts/set-env.sh \
UNIFI_NETWORK_HOST=<host> \
UNIFI_NETWORK_USERNAME=<username> \
UNIFI_NETWORK_PASSWORD=<password>
Windows:
powershell -ExecutionPolicy Bypass -File "${CLAUDE_PLUGIN_ROOT}/scripts/set-env.ps1" UNIFI_NETWORK_HOST=<host> UNIFI_NETWORK_USERNAME=<username> UNIFI_NETWORK_PASSWORD=<password>
Only pass variables the user provided values for. Use the UNIFI_NETWORK_ prefix so it doesn't conflict with other server plugins.
If permissions were enabled, also pass those (same script, separate call):
bash ${CLAUDE_PLUGIN_ROOT}/scripts/set-env.sh \
UNIFI_POLICY_NETWORK_FIREWALL_POLICIES_CREATE=true \
UNIFI_POLICY_NETWORK_FIREWALL_POLICIES_UPDATE=true \
UNIFI_POLICY_NETWORK_PORT_FORWARDS_CREATE=true \
UNIFI_POLICY_NETWORK_PORT_FORWARDS_UPDATE=true
Common permission variables for "enable all write":
UNIFI_POLICY_NETWORK_NETWORKS_CREATE=true, UNIFI_POLICY_NETWORK_NETWORKS_UPDATE=trueUNIFI_POLICY_NETWORK_WLANS_CREATE=true, UNIFI_POLICY_NETWORK_WLANS_UPDATE=trueUNIFI_POLICY_NETWORK_DEVICES_UPDATE=trueUNIFI_POLICY_NETWORK_CLIENTS_UPDATE=trueUNIFI_POLICY_NETWORK_FIREWALL_POLICIES_CREATE=true, UNIFI_POLICY_NETWORK_FIREWALL_POLICIES_UPDATE=trueUNIFI_POLICY_NETWORK_PORT_FORWARDS_CREATE=true, UNIFI_POLICY_NETWORK_PORT_FORWARDS_UPDATE=trueUNIFI_POLICY_NETWORK_TRAFFIC_ROUTES_UPDATE=trueUNIFI_POLICY_NETWORK_QOS_RULES_CREATE=true, UNIFI_POLICY_NETWORK_QOS_RULES_UPDATE=trueUNIFI_POLICY_NETWORK_VPN_CLIENTS_UPDATE=trueUNIFI_POLICY_NETWORK_ROUTES_CREATE=true, UNIFI_POLICY_NETWORK_ROUTES_UPDATE=trueTell the user:
"Configuration saved to .claude/settings.local.json. Restart Claude Code to connect the MCP server. After restart, run /mcp to verify the connection, or just ask me about your network."
Show a summary table of what was configured.