You are here: OpenWrt Wiki » Documentation » The UCI System

The UCI System

The abbreviation UCI stands for Unified Configuration Interface and is intended to centralize the configuration of OpenWrt.

Configuration should be easy, straightforward and documented here, making life easier! UCI is the successor to the NVRAM-based configuration found in the White Russian series of OpenWrt.

Many programs have their own configuration files lying around somewhere, like /etc/network/interfaces, /etc/exports, /etc/dnsmasq.conf or /etc/samba/samba.conf and they often use different syntaxes. With OpenWrt you don't have to bother with any of them and only need to change the UCI configuration files.

You no longer have to reboot your system to make configuration changes. You can use the UCI command line utility instead. And please do not forget that quite some daemons are included in the official binaries, but they are not enabled by default! For example the cron daemon is not activated by default, thus only editing the crontab won't do anything. You have to either start the daemon with /etc/init.d/cron start or enable it with /etc/init.d/cron enable. You can disable, stop and restart most of those daemons, too. There are some not UCI configuration files you may want to tend to.

Common Principles

OpenWrt's central configuration is split into several files located in the /etc/config/ directory. Each file roughly relates to the part of the system it configures. You can edit the configuration files with a text editor or with the command line utility program uci or through various programming APIs (like Shell, Lua and C).

Configuration Files

File	Description
Basic
/etc/config/dhcp	Dnsmasq configuration and DHCP settings
/etc/config/dropbear	SSH server options
/etc/config/firewall	NAT, packet filter, port forwarding, etc.
/etc/config/network	Switch, interface and route configuration
/etc/config/system	Misc. system settings
/etc/config/timeserver	Time server list for rdate
/etc/config/wireless	Wireless settings and wifi network definition
IPv6
/etc/config/6relayd	IPv6-Server and Relay (RD, DHCPv6 & NDP)
/etc/config/ahcpd	Ad-Hoc Configuration Protocol (AHCP) server and forwarder configuration
/etc/config/aiccu	AICCU client configuration
/etc/config/dhcp6c	WIDE-DHCPv6 client
/etc/config/dhcp6s	WIDE-DHCPv6 server
/etc/config/gw6c	GW6c client configuration
/etc/config/radvd	Router Advertisement (radvd) configuration
Other
/etc/config/bbstored	BoxBackup server configuration
/etc/config/etherwake	Wake-on-Lan: etherwake
/etc/config/fstab	Mount points and swap
/etc/config/hd-idle	Another idle-daemon for attached hard drives
/etc/config/httpd	Web server options (Busybox httpd, deprecated)
/etc/config/luci	Base LuCI config
/etc/config/luci_statistics	Configuration of Statistics packet
/etc/config/mini_snmpd	mini_snmpd settings
/etc/config/minidlna	MiniDLNA settings
/etc/config/mjpg-streamer	Streaming application for Linux-UVC compatible webcams
/etc/config/mountd	OpenWrt automount daemon
/etc/config/mroute	Configuration files for multiple WAN routes
/etc/config/multiwan	Simple multi WAN configuration
/etc/config/ntpclient	Getting the correct time
/etc/config/p910nd	config for non-spoooling Printer daemon p910nd.server
/etc/config/pure-ftpd	Pure-FTPd server config
/etc/config/qos	Implementing Quality of Service for the upload
/etc/config/racoon	racoon IPsec daemon
/etc/config/samba	settings for the Microsoft file and print services daemon
/etc/config/snmpd	SNMPd settings
/etc/config/sshtunnel	Settings for the package `sshtunnel`
/etc/config/stund	STUN server configuration
/etc/config/transmission	BitTorrent configuration
/etc/config/uhttpd	Web server options (uHTTPd)
/etc/config/upnpd	miniupnpd UPnP server settings
/etc/config/users	user database for different services
/etc/config/ushare	uShare UPnP server settings
/etc/config/vblade	vblade userspace AOE target
/etc/config/vnstat	vnstat downloader settings
/etc/config/wifitoggle	Script to toogle WiFi with a button
/etc/config/wol	Wake-on-Lan: wol
/etc/config/wshaper	wondershaper qos script settings
/etc/config/znc	ZNC bouncer configuration

File Syntax

The uci configuration files usually consist of one or more config statements, so called sections with one or more option statements defining the actual values.

Below is an example of a simple configuration file:

package 'example'

config 'example' 'test'
        option   'string'      'some value'
        option   'boolean'     '1'
        list     'collection'  'first item'
        list     'collection'  'second item'

The config 'example' 'test' statement defines the start of a section with the type example and the name test. There can also be so called anonymous sections with only a type, but no name identifier. The type is important for the processing programs to decide how to treat the enclosed options.

The option 'string' 'some value' and option 'boolean' '1' lines define simple values within the section. Note that there are no syntactical differences between text- and boolean options. Per convention, boolean options may have one of the values '0', 'no', 'off' or 'false' to specify a false value or '1' , 'yes', 'on' or 'true' to specify a true value.

In the lines starting with a list keyword an option with multiple values is defined. All list statements that share the same name, collection in our example, will be combined into a single list of values with the same order as in the configuration file.

The indentination of the option and list statements is a convention to improve the readability of the configuration file but it's not syntactically required.

Usually you do not need to enclose identifiers or values in quotes. Quotes are only required if the enclosed value contains spaces or tabs. Also it's legal to use double- instead of single-quotes when typing configuration options.

All of the examples below are valid uci syntax:

option example value
option 'example' value
option example "value"
option "example" 'value'
option 'example' "value"

In contrast, the following examples are not valid syntax:

option 'example" "value' (quotes are unbalanced)
option example some value with space (note the missing quotes around the value)

It is important to know that UCI identifiers and config file names may only contain the characters a-z, 0-9 and _. Option values may contain any character (as long they are properly quoted).

Command Line Utility

It is redundant, unwise, and inefficient to use awk and grep to parse OpenWrt's config files. Use the uci utility instead to get what you need!

Below is the usage, as well as some useful examples of how to use this powerful utility. Remember, friends don't let friends parse their own config files!

When there are multiple rules next to each other, uci uses array-like references for them. If there are 8 NTP servers, uci will let you reference their sections as timeserver.@timeserver[0] for the first or timeserver.@timeserver[7] for the last one. You can also use negative indexes, such as timeserver.@timeserver[-1]. "-1" means "the last one, and "-2" means the second-to-last one. This comes in very handy when appending new rules to the end of a list. See examples below.

Usage

root@OpenWrt:/lib/config# uci

Usage: uci [<options>] <command> [<arguments>]

Commands:
	batch
	export     [<config>]
	import     [<config>]
	changes    [<config>]
	commit     [<config>]
	add        <config> <section-type>
	add_list   <config>.<section>.<option>=<string>
	show       [<config>[.<section>[.<option>]]]
	get        <config>.<section>[.<option>]
	set        <config>.<section>[.<option>]=<value>
	delete     <config>[.<section[.<option>]]
	rename     <config>.<section>[.<option>]=<name>
	revert     <config>[.<section>[.<option>]]

Options:
	-c <path>  set the search path for config files (default: /etc/config)
	-d <str>   set the delimiter for list values in uci show
	-f <file>  use <file> as input instead of stdin
	-m         when importing, merge data into an existing package
	-n         name unnamed sections on export (default)
	-N         don't name unnamed sections
	-p <path>  add a search path for config change files
	-P <path>  add a search path for config change files and use as default
	-q         quiet mode (don't print error messages)
	-s         force strict mode (stop on parser errors, default)
	-S         disable strict mode
	-X         do not use extended syntax on 'show'

`Command`	Target	Description
`commit`	`[<config>]`	Writes changes of the given configuration file, or if none is given, all configration files, to the filesystem. All "uci set", "uci add", "uci rename" and "uci delete" commands are staged into a temporary location and written to flash at once with "uci commit". This is not needed after editing configuration files with a text editor, but for scripts, GUIs and other programs working directly with UCI files.
`batch`	-	Executes a multi-line UCI script which is typically wrapped into a here document syntax.
`export`	`[<config>]`	Exports the configuration in a machine readable format. It is used internally to evaluate configuration files as shell scripts.
`import`	`[<config>]`	Imports configuration files in UCI syntax.
`changes`	`[<config>]`	List staged changes to the given configuration file or if none given, all configuration files.
`add`	`<config> <section-type>`	Add an anonymous section of type `section-type` to the given configuration.
`add_list`	`<config>.<section>.<option>=<string>`	Add the given string to an existing list option.
`show`	`[<config>[.<section>[.<option>]]]`	Show the given option, section or configuration in compressed notation.
`get`	`<config>.<section>[.<option>]`	Get the value of the given option or the type of the given section.
`set`	`<config>.<section>[.<option>]=<value>`	Set the value of the given option, or add a new section with the type set to the given value.
`delete`	`<config>[.<section[.<option>]]`	Delete the given section or option.
`rename`	`<config>.<section>[.<option>]=<name>`	Rename the given option or section to the given name.
`revert`	`<config>[.<section>[.<option>]]`	Revert the given option, section or configuration file.

Examples:

No need to reboot

After changing the port uhttpd listens on from 80 to 8080 in the file /etc/config/uhttpd, save it. Then do

uci commit uhttpd

And then a

/etc/init.d/uhttpd restart

Done. No reboot needed.

Export an entire configuration

root@OpenWrt:~# uci export httpd
package 'httpd'

config 'httpd'
	option 'port' '80'
	option 'home' '/www'

root@OpenWrt:~#

Show the configuration "tree" for a given config

root@OpenWrt:~# uci show httpd
httpd.@httpd[0]=httpd
httpd.@httpd[0].port=80
httpd.@httpd[0].home=/www
root@OpenWrt:~#

Display just the value of an option

root@OpenWrt:~# uci get httpd.@httpd[0].port
80
root@OpenWrt:~#

append an entry to a list

uci add_list system.ntp.server='0.de.pool.ntp.org'

replace a list completely

uci delete system.ntp.server
uci add_list system.ntp.server='0.de.pool.ntp.org'
uci add_list system.ntp.server='1.de.pool.ntp.org'
uci add_list system.ntp.server='2.de.pool.ntp.org'

UCI paths

Consider this example config file:

# /etc/config/foo
config bar 'first'
	option name	'Mr. First'
config bar
	option name	'Mr. Second'
config bar 'third'
	option name	'Mr. Third'

Then the paths below are equal in every group:

# Mr. First
uci get foo.@bar[0].name
uci get foo.@bar[-0].name
uci get foo.@bar[-3].name
uci get foo.first.name

# Mr. Second
uci get foo.@bar[1].name
uci get foo.@bar[-2].name
# uci get foo.second.name won't work; label 'second' undefined.

# Mr. Third
uci get foo.@bar[2].name
uci get foo.@bar[-1].name
uci get foo.third.name

If you show it, you get :

# uci show foo
foo.first=bar
foo.first.name=Mr. First
foo.@bar[0]=bar
foo.@bar[0].name=Mr. Second
foo.third=bar
foo.third.name=Mr. Third

But if you used "uci show foo.@bar[0]", you will see:

# uci show foo.@bar[0]
foo.first=bar
foo.first.name=Mr. First

Query interface state

root@OpenWrt:~# uci -P/var/state show network.wan
network.wan=interface
network.wan.ifname=eth0.1
network.wan.proto=dhcp
network.wan.defaultroute=0
network.wan.peerdns=0
network.wan.device=eth0.1
network.wan.ipaddr=10.11.12.13
network.wan.broadcast=255.255.255.255
network.wan.netmask=255.255.255.0
network.wan.gateway=10.11.12.1
network.wan.dnsdomain=
network.wan.dns=10.11.12.100 10.11.12.200
network.wan.up=1
network.wan.lease_gateway=10.11.12.1
network.wan.lease_server=10.11.12.25
network.wan.lease_acquired=1262482940
network.wan.lease_lifetime=5400
network.wan.lease_hostname=x-10-11-12-13
root@OpenWrt:~#

Add a firewall rule

This is a good example of both adding a firewall rule to forward the TCP SSH port, and of the negative (-1) syntax used with uci.

root@OpenWrt:~# uci add firewall rule
root@OpenWrt:~# uci set firewall.@rule[-1].src=wan
root@OpenWrt:~# uci set firewall.@rule[-1].target=ACCEPT
root@OpenWrt:~# uci set firewall.@rule[-1].proto=tcp
root@OpenWrt:~# uci set firewall.@rule[-1].dest_port=22
root@OpenWrt:~# uci commit firewall
root@OpenWrt:~# /etc/init.d/firewall restart

Get WAN IP address

Backfire
```
uci -P/var/state get network.wan.ipaddr
```

Trunk (not really uci)

. /lib/functions/network.sh; network_get_ipaddr ip wan; echo $ip

Get SSID

 uci get wireless.@wifi-iface[-1].ssid

Defaults:

To set some system defaults the first time the device boots, create a script in the folder

/etc/uci-defaults/

All scripts in that folder are automatically executed by /etc/init.d/S10boot and if they exited with code 0 deleted afterwards (scripts that did not exit with code 0 are not deleted and will be re-executed during the next boot until they also successfully exit).

Porting UCI to a different Linux distribution

https://forum.openwrt.org/viewtopic.php?id=15243

doc/uci.txt · Last modified: 2013/05/23 16:15 by nousername

OpenWrt

Wiki Search

Actions

Donate

Translations