Luci Gui improvement needed

Hello. First time posting here, I don't know if it's the right place. If it's not, I'm sorry.

I just wanted to share some feedback regarding my experience with LEDE so far.

This is a great community with a lot of information and many great people who are willing to help with any issues. After making the decision to go with LEDE instead of the others. I spent some time learning the many features that are available and how to use them. Some are easier than others. I realize that LEDE is a great project however if you're a complete noob, it's kinda hard to take advantage of the many features available. From my personal experience, I think Luci GUI if improve, would be a great help for us noobs. For example, VPN is one feature that's very popular, everyone is trying protect their privacy from ISP snooping. However the way to set it up is very confusing. The Luci interface is no help to configure vpn service and others like DNS encryption. I believe a lot of features of LEDE are being missed especially noobs because of confusing and lack of information from the User Interface. I don't know if there are any plans to add these features and improvements. I just thought I would share my experience so far.



You are write, but it's finding some one who would like to work on it. I was on about this to a fue people the other day in regards to setting up USB drives on OpenWRT. It can be verry hard. The interface will not help you to understand what partitions you have on a drive or even if your filesystem has the rite driver or package installed. same gos for setting up things like ddns or dnscrypt.

1 Like

OpenWrt/LEDE seems to be UCI driven, so I would not expect any improvements in LuCI anytime soon.

@tapper I was trying to do this the other day I couldn't do it so I gave up on it. It's one of the reasons I wanted to share my feedback with the community.

@jwoods I do understand its mostly UCI driven, however a mentally that's just the way it is doesn't really welcome improvements. I hope (not expect) that one day Luci Gui will be improve better, because it would really help a lot of people.

Hopefully after the merger someone find it important to work on these improvements. It would be very helpful and people won't be starting new topics just to find help using the basic features of LEDE.


1 Like

Not a mentality...the reality.

The point being that OpenWrt/LEDE is not (and never was) geared toward complete noobs (as you call them).

It does require configuration, more so than stock is not plug-and-play.

Since the advanced features you mentioned are successfully configured by users every day using UCI, the incentive for the development team to move those to LuCI is very small, when compared to adding support for new routers as they become available.

There is no question: OpenWRT/LEDE is not for faint hearted...

I don't know that I'd go that far! OpenWRT "just works" in the majority of common home or small business situations. You plug it in, navigate your browser to its address, set a password for the unit, set your SSID and password, enable wireless, and it just works.

Yes, when you start to get into VPNs or other configuration, it gets more complex. But that isn't "turn-key" operation for any router that I know.

Agreed, the documentation on the wiki could be significantly better and I'll admit to giving up on doing any configuration with LuCI years ago, but that's mainly because I run kea and unbound as well as only using OpenWRT to manage the wireless and bridging it to the rest of my network.

Looking forward, if LuCI were to be upgraded in its handling of VPNs, which ones would you all suggest? I pretty much guarantee that just one that I or one of the active developers would pick would not "satisfy" the wide range of desire for turn-key VPN configuration. Getting the requirements down for a new feature is as important as the actual coding.


Not at all... the OpenWrt wiki section is quite robust

OpenVPN should always be configured via CLI, as whomever wrote that luci-app chose to make it ridiculously convoluted by trying to pack every relevant option into the app, versus offering basic options with a code box to enter user defined options that are appended, via uci commands, to /etc/config/openvpn

It's unlikely it will ever be a priority to create GUI versions for most packages, due to a variety of reasons, such as:

  • It's far easier, and much more efficient, for a user to perform CLI related functions via SSH than it is via LuCI
    • The OpenWrt wiki section is extremely robust for an open source project (for example, compare OpenWr'ts wiki site to DD-WRT's or Tomato)

  • uhttpd is a synchronous web server, which is not ideal for a comprehensive management WebUI

  • Since this is an opensource project without corporate sponsorship (i.e. iXsystems and FreeNAS, Sophos and Sophos UTM/XG, etc.), new packages must be created by users, and it's never been a priority, I assume, due to the fact it is often easier and far more efficient [quicker] to accomplish whatever one is trying to do via SSH.

I'm not sure how this squares, considering the robust wiki section that exists. OpenWrt is one of the simplest forms of a Linux OS, and almost all of what a user could want to do with OpenWrt can be found in the wiki section, via forum search, or your search engine of choice.

I know how intimidating (for lack of a better word, maybe overwhelming) doing things via CLI can appear if one is coming from the Windows ecosystem, however most things can be done by pulling up a wiki page and performing each thing step by step. After a few days of doing things via CLI, you'll feel a lot more comfortable, and therefore confident, with it.

Oh dude, do not get me wrong: I love using LEDE. But it is very far from just works. And people that use it, are not looking for the simplest configs: simple setup that just works is what the stock firmware is for. If I were to pick the best compromise in that category, it would be the routers supported by Asus-Merlin.

Here is the scare list without even going to the VPN.

  • Guest WiFi network setup will scare the lights out of non-tech person.
  • The need to use ssh and command line is a no-go for a lot of people
  • Config file changes in a newer version of a component (adblock, for instance) need to be dealt with manually over ssh and the warnings are only displayed on command line: now a person need to learn to use diff and, actually, first discover it :slight_smile:
  • Each router has some peculiarities when it comes to running OpenWRT. Most of people buy a router first and then start looking if it is compatible with OpenWRT
  • It requires some determination and time to figure out what router to buy
  • Recovering a bricked router is a challenge even if possible
  • I could go on...

I am not an average user and I still find it challenging and at times time-consuming to maintain a router running LEDE. I am not writing this to say this is bad router OS, far from it: it could one of the best. It is just not for an average and impatient user.

That statement alone confirms exactly what I said. Imagine a busy professional spending this amount of time to configure what they consider a non-essential piece of equipment in their life. They do not think about security and flexibility: they need it set up and out of the way.

I stand by what I said: this is a firmware for hobbyists. It is awesome, but OpenWRT does not help saving the most precious resource of all, time.

1 Like

I'm not sure someone needs to feel comfortable to follow step by step instructions...

  • The only difference between OEM firmware and OpenWrt, besides the OEM firmware locking users out of full functionality and implementing sub-par security, is that one is closed source and one is open source... They're both Linux variations.
    • On top of that, consumer routers are lucky if they receive a 24 month time frame until EOL and support is stopped by the OEM (i.e. no additional firmware updates, regardless of CVEs)... which means either open source firmware or the recycler will be required at EOL.
    • OpenWrt is by far the simplest OpenSource consumer router firmware, as last time I looked at DD-WRT's & Tomato's wiki sections they left much to be desired.

What is almost always the issue when users complain about complexity is they simply don't want to take the time to read. It's not hard to follow step by step instructions, nor does a user need to understand what an arbitrary step does to follow it (its recommended they should, but it's not a requisite).

  • Is there something you're having issues with that is not in wiki docs?

It is a bit overwhelming at first and there's a definite learning curve, but with every little thing you do you learn a little more and eventually hit that point where you know all the basics of getting around cli and realize that you really don't need Luci at all, although it's nice to have for those times when you're feeling a bit lazy since it is a little quicker in some instances and i do think Luci is fine for all the basics that a new user needs and will probably be enough to hold people over until they're comfortable with cli. As for vpn, linksys stock gui certainly is an easy setup with just a few clicks, but that's because the developers took the time to do all the foundation work necessary to end up with an easy few clicks solution, given OpenWrt/LEDE's goal to be a minimal install suitable to as wide variety of users as possible, you'd probably need a custom build to get the same result.

1 Like

As I said earlier, there's almost always a fundamental failure to read when users complain about complexity:

  • "...without even going to the VPN..."
  • "Guest WiFi network setup will scare the lights out of non-tech person."
  • I'm not sure why "...the need to use ssh and command line is a no-go for a lot of people."
  • "...Config file changes in a newer version of a component need to be dealt with manually over ssh..."
    • Usually custom configs are maintained. At worst, modified configs would be renamed, not overwritten
    • While I don't recommend doing this due to the serious security implications, but if you don't want to take the 3s it takes to open an SSH session in PuTTY (pre-built config) or Win32-OpenSSH (pre-built config), install luci-app-commands

  • "...Each router has some peculiarities when it comes to running OpenWRT"
    • This is why a device's ToH [Table of Hardware] page should be the very first stop before flashing OpenWrt.

  • "...It requires some determination and time to figure out what router to buy"
  • "...Recovering a bricked router is a challenge even if possible
    • Completely factually inaccurate... all devices can be debricked via serial, which requires a USB-TTL cable or a USB-to-UART board (Amazon) (which a person should have in their possession before flashing any third party firmware).
      • Granted, there's been some push back among some users on this forum about this recommendation, however, the only way to (1) debrick a device from a corrupted flash, or (2) troubleshoot boot / inaccessibility issues is via a serial connection.

      • Due to devices having differing bootloaders, the steps for a serial flash should be in a device's ToH.
        • I'm not sure if it is on every device's ToH, but this is what it would resemble.
        • If you do accidentally brick a device, and the serial flash instructions are not on the device's ToH, simply create a thread and you should get a reply back fairly quickly about how to do so (also ask for someone to add that to the device's ToH if you don't have time to add it yourself).

    • I've never come across a brick and mortar store that carries either, so failing to buy it before hand will result in ~5 days of down time [shipping] if either occurs.
      • Required to know for buying:
        • Voltage: 3.3V or 5V
        • Pitch (of female terminal plug): 2mm or 2.54mm

  • "...I could go on..."
    • Perhaps you could invest the same amount of energy in doing your due diligence by navigating to the Wiki Docs section and taking the time to read...

You can lead a horse to water, but you can't force it to drink...

1 Like

Totally agree with everything you said, but this learning process is time consuming. Do you disagree with that? If not, then this is a hobby. Someone really has to want to learn all this stuff. Because as with any hobby, the end benefit is relatively low comparing to the effort that is required to be put in.
This is not for everybody as was stated above in this thread.
You are making all the right points, but are not seeing this from the point of view of a non-technical user who has little time to spare and might not need another hobby.

I don't understand what is so difficult about following an instruction set step by step...

  • "I still find it challenging, and at times time-consuming, to maintain a router running LEDE... Imagine a busy professional spending this amount of time to configure [OpenWrt]..."
    • Following Step 1, Step 2, Step 3, etc. does not require a lot of mental expenditure, or time for that matter.

  • "...spending this amount of time to configure what they consider a non-essential piece of equipment in their life. They do not think about security and flexibility...."
    • I think I demonstrated the fallacies and factual inaccuracies with your perspectives in my last two posts, and that's about all the time and patience I have to dedicate to this absurd lack of personal responsibility.

Imagine yourself needing to follow the instructions to get something done in a totally unfamiliar field and do it right the first time around. Things like performing a minor surgery, installing a roof, tuning a sports car, etc. All of that by instructions with no training and needing to recover form small mis-haps along the way.
Someone needs a determination and will to go through this and learn while making mistakes along the way. It is very time consuming and not for everyone. And I totally agree with you on the rest.
Every point you made before reinforces what I said: it is time consuming and scary for new people. And until there are easy push-button solutions to setup basic things, this will remain a hobby.

1 Like

I'm dating myself, but that sounds like when microwave ovens and VCRs hit the market :exploding_head:

"We are dealing with a serious 12 o’clock flasher here kid"

(General comment about advancing technology, not targeted at any individual)

In my humble opinion, I think you have been too hard with @Bender, he wants to make complicated configurations through a simple interface, as it is done with other firmwares from other routers, such as Tomato or Gargoyle, etc ... and many of you are saying that this is not for novices. When I started working a few years ago, an engineer friend of mine told me that no one would understand me if I did not speak to him as if he were seven years old. I mean that even the most complicated things can be explained in a simple way. Of course a good interface can make things much easier, especially if it is intuitive. Luci is not very intuitive, it is very functional if you know what you are doing, and in this way the number of users that could use LEDE / OpenWRT is limited.

1 Like

That, I think is something that could be improved on. LuCI has grown organically, with a lot of focus on each contributor's pet project, and not much focus on usability. It's not surprising as most people with the skills to create or modify LuCI are sophisticated, technical users.

There's a balance too -- I've personally given up on LuCI as a configuration tool, and do everything on the command line. Ubuntu, which used to be my Linux flavor of choice, has, in my opinion, become too user friendly. I have to fight its "helpful" decisions about how someone else thinks I should administer my systems far too often these days (helloooo NetworkManager and systemd).

Yet, I'm still impressed by what LuCI can do, down to network protocols and configuration that few even know exist. Thankfully much of that is hidden in the UI if you don't press the "Advanced" button.

I'll go back to my earlier question, rephrased as

"What would you want LuCI to do, in specific, that it doesn't do now?"

Responding "VPNs" isn't helpful -- it needs to be specific and actionable.

This is the article that got me started down the path to using open source firmware...

As mentioned, OpenWrt is packaged-based, so it is more complex than other OS firmware.

I avoided it for some time, until i became dissatisfied with my experiences using DD-WRT.

I started out by reading the documentation (Quick Start, User Guide) to see what I was getting in to.

I learned what “failsafe mode” is, what a TFTP recovery is, what a serial recovery is, and when you need to do what.

It does have a larger learning curve, but you don't need to master it all at once.

I think many people dive in head first without doing any prior research, and wind up quickly overwhelmed.

The best way to eat an elephant is one bite at a time (metaphorically speaking).

I personally enjoy learning and trying out new things. However, I always create a safety net, so I can get back to a good known state in case things go sideways.

Bottom line is not (and can not be) for everyone.

That you for the thoughtful post. If you were to classify your experience with OpenWRT by using a single word, what would it be? The only one I can come up with is a hobby :wink:

1 Like