Central configuration of OpenWrt

I am new to OpenWrt and I´m building my network solely based on OpenWrt. My current network is based on Ubiquities Unifi devices, but I don´t like proprietary devices and I think Ubiquities software have limited functionality and they ditch support for old devices.
My new network is based on PCEngines APU2 as router, Zyxel NWA50AX as APs and Zyxel GS1900-series as switches. The switches I have not upgraded to OpenWrt yet but I will when OpenWrt-firmware has matured or have more time.
As for now, I have four devices (1 router, 3 APs) where they all have OpenWrt, all APs are dumb APs with exactly the same configuration, there is many devices to log into and manage, and there will be more.
One thing i like with Unifi, why I invested in it, was that they had one UI for all configuration and stats. Is there something similar for OpenWrt, where you can configure and adopt all your OpenWrt devices? Or even better, is there some plugin you can install and only configure all OpenWrt devices via yml-files with ArgoCD, GitLab etc?

1 Like

Welcome to OpenWrt and the community!

Neither do we. :slight_smile:

That's a fantastic idea. It would be great to tell the main router "dist out an access point config to these other devices". In time we may get closer to something like that, but that's not today.

Ubiquiti controls every aspect, hardware and software, of their offerings. OpenWrt works on a very wide range of other people's hardware, and it would be difficult to have the main router dist out configs for the satellite devices when those satellite devices could be almost anything with any kind of hardware. There is a sort of configuration abstraction layer with /etc/config/*, but there are still a lot of components of that which are too hardware-specific to be able to do what you suggest. And also too many things which, even now, are still configured with straight config files elsewhere in /etc.

You can get close to where you want to be. You can save a device's configuration in OpenWrt using something like sysupgrade -b ap_config.tgz and restore it with a subsequent sysupgrade -r ap_config.tgz. So you can have a common config, say for the access points, that you share between them. The sharing will have to be manual, or automated using your own scripts and methods. For the back end sharing you could use any number of different methods: rsync, scp, sshfs, or a straight share of a folder using Samba - likely from the main device. It shouldn't be too hard to set it up so that the three AP's periodically check for an updated config and when they see one they load it and reboot. With very little work and a little cleverness you could have it that when you log into one AP and update it's config that the other two get updated automagically.

OpenWISP exists, but that's not really beginner friendly.

1 Like

that’s a gracious understatement :wink:

Thanks for your input, guess I have to configure the devices one by one.

Between the learning curve for OpenWISP and just using the LuCI Webinteface, there is also SSH. You can configure several devices from a script and SSH "into" each device automatically. Using key-bas´ed-authentication prevents you from interacting during the script to enter your password each time.

Here is an example shell script to set the PSK of ESSID "Gaestenetz" for the devices Device1-3.lan:


DAS_ZUFALLSWORT="$(cat /dev/urandom | tr -dc "A-Za-z0-9" | head -c8)"

#Update the Password for each DumbAP in our network
for host in "Device1.lan" "Device2.lan" "Device3.lan"; do
	IFACES="$(ssh root@$host 'uci show wireless' | grep \.ssid=\'$DIE_SSID\' | sed -e "s/.*\.\(.*\)\..*/\1/" | xargs)" || continue

	for i in $IFACES; do
		ssh root@$host "uci set wireless.$i.key=\"$DAS_ZUFALLSWORT\" && uci commit wireless && wifi reload" || continue 2

(Full example is at Guest Wifi, changes Password daily, updates dumb APs)

For monitoring consider using RRD and collectd, easiest install is with opkg install luci-app-statistics. Collectd can collect statistics from several devices at a central collectd.