{ "openapi": "3.1.0", "info": { "title": "uapi", "version": "2.2.0", "description": "Native HTTP REST API for OpenWrt. Translates standard REST verbs into ubus/uci operations so edge routers become first-class targets for Infrastructure-as-Code workflows.\n\n## Quickstart\n\nMint a token on the router (one-time):\n\n```sh\nuapi-token create --name terraform_prod --scope '*:rw' --expires-in 90d\n```\n\nThen call the API:\n\n```sh\ncurl -H \"Authorization: Bearer $TOKEN\" https://router/api/v2/firewall/rules\n```\n\n## Two surfaces\n\n- **Curated resources** under `/api/v2//...` - hand-written schemas, stable across the major. Field names are `snake_case`; uci booleans normalize to JSON booleans; uci list options surface as JSON arrays.\n- **Raw passthrough** under `/api/v2/raw//` - generic uci access for the long tail. Same atomic-transaction recipe and same auth model, but payloads follow uci's field names directly (and move when upstream OpenWrt does).\n\n## Resource shape\n\nEvery curated resource carries `id` (stable across uci rewrites) and `managed: bool` at the top level. Server-derived state lives under `runtime: {...}` (computed; clients ignore for drift detection).\n\n## Auth\n\nBearer tokens with hierarchical scopes (e.g. `firewall:rules:rw`, `*:ro`). See the **Auth / Tokens** group for mint/list/revoke and the `/auth/whoami` endpoint for introspection.\n\n## Optimistic concurrency\n\nEvery resource GET and write returns an `ETag` header that is a stable hash of the resource's own body (the `runtime` block is excluded so live ubus state never trips a 412). Honor with `If-Match` on writes (or `?if_match=` query param for clients behind uhttpd's strict CGI env, which drops the header). Conditional GET via `If-None-Match` returns 304 when matching. Sibling sections in the same package do not influence each other's ETags; If-Match fires only when *this* resource has actually changed.\n\n## Idempotency\n\n`Idempotency-Key` on POST caches the response for 24 h; a repeat with the same key replays. Same key with a different body returns `409 idempotency_key_conflict`.\n\n## Sensitive fields (write-only + `has_` presence flag)\n\nFields holding secret material (passphrases, private keys, PSKs, PKCS#12 paths) are write-only on the wire: GET responses omit the value and surface a read-only `has_: bool` companion indicating presence. Examples: `wireless.interfaces.key`/`has_key`, `network.wireguard_peers.private_key`/`has_private_key`, `network.wireguard_peers.preshared_key`/`has_preshared_key`, `openvpn.instances.key`/`has_key`, `openvpn.instances.tls_auth`/`has_tls_auth`, `openvpn.instances.pkcs12`/`has_pkcs12`. PATCH that omits a sensitive field carries the existing value forward; rotation is explicit.\n\n## Atomicity\n\nEvery write is one transaction: snapshot, validate, commit, reload, restore-on-failure. `POST /batch` extends this across N packages under one combined snapshot/restore.\n\n## IMPORTANT - Success != runtime convergence\n\nA 2xx response means the init script's reload action **exited 0**. It does NOT mean the daemon has finished re-converging (`network/interfaces` is the dangerous one: a bad change can drop the management link, and the API has already reported success). The `X-Reload-Status` response header surfaces the reload outcome explicitly:\n\n- `X-Reload-Status: ok` - init script ran and exited 0 (not a convergence promise)\n- `X-Reload-Status: no_reload` - the resource has no reload services\n\nFor high-stakes writes (management interface, firewall defaults, uhttpd itself) verify convergence out-of-band. See [`docs/operations.md`](https://github.com/raspbeguy/uapi/blob/main/docs/operations.md) `Success != converged` for the full contract.\n\n## Compatibility & versioning\n\nA given uapi installation serves exactly one API major. Within a major, additions are backwards-compatible: new endpoints, new optional fields, new error codes, new scopes. Breaking changes require the next major. Operators who need an older major keep that package version installed.\n\n## More\n\n- **GitHub:** https://github.com/raspbeguy/uapi\n- **Terraform provider:** https://registry.terraform.io/providers/raspbeguy/uapi\n- **APK feed install:** [/install/](../install/)\n- **Architecture, security, migration, release-process docs:** [in repo](https://github.com/raspbeguy/uapi/tree/main/docs)", "contact": { "name": "uapi", "url": "https://github.com/raspbeguy/uapi" }, "license": { "name": "MIT", "identifier": "MIT" } }, "servers": [ { "url": "https://{host}/api/v2", "variables": { "host": { "default": "192.168.1.1" } } } ], "tags": [ { "name": "Firewall / Zones", "description": "Firewall zones (`config zone`): input/output/forward policies, network lists, masq/mtu_fix toggles." }, { "name": "Firewall / Rules", "description": "Firewall rules (`config rule`): nested `match` block for src/dest zone, IPs, ports, proto, family. Cross-refs `firewall/zones`." }, { "name": "Firewall / Redirects", "description": "Port forwards and NAT loopback (`config redirect`). Cross-refs `firewall/zones`." }, { "name": "Firewall / Forwardings", "description": "Zone-to-zone forwarding (`config forwarding`)." }, { "name": "Firewall / Defaults", "description": "Global firewall defaults singleton: verdicts, syn_flood, tcp_syncookies, flow_offloading." }, { "name": "Network / Interfaces", "description": "Network interfaces (`config interface`). proto static/dhcp/dhcpv6/pppoe/wireguard/etc. `runtime` carries ubus state." }, { "name": "Network / Devices", "description": "Network devices (`config device`): bridges, VLAN (8021q/8021ad), macvlan, veth, tun/tap." }, { "name": "Network / Routes", "description": "Static routes (`config route`)." }, { "name": "Network / Rules", "description": "Policy routing rules (`config rule`)." }, { "name": "Network / Bridge Vlans", "description": "Bridge VLAN tagging (`config bridge-vlan`)." }, { "name": "Network / Wireguard Peers", "description": "WireGuard peers (dynamic uci type `wireguard_`); preshared_key write-only." }, { "name": "Wireless / Devices", "description": "Wifi radios (`config wifi-device`): band, channel, htmode, country, txpower." }, { "name": "Wireless / Interfaces", "description": "SSIDs (`config wifi-iface`). `key` write-only; runtime carries iwinfo state." }, { "name": "Dhcp / Hosts", "description": "Static DHCP leases (`config host`)." }, { "name": "Dhcp / Servers", "description": "Per-interface DHCP server config (`config dhcp`). runtime carries lease counts." }, { "name": "Dhcp / Dnsmasq", "description": "Global dnsmasq tuning singleton." }, { "name": "Dhcp / Odhcpd", "description": "odhcpd singleton." }, { "name": "Dhcp / Leases", "description": "IPv4 leases parsed from /tmp/dhcp.leases (read-only)." }, { "name": "Dhcp / Leases6", "description": "IPv6 leases from odhcpd statefile (read-only)." }, { "name": "System", "description": "Global system config singleton (`config system`): hostname, timezone, log_size, etc." }, { "name": "System / Timeservers", "description": "NTP server list (`config timeserver`)." }, { "name": "System / Password", "description": "Local Unix password (write-only; shells out to passwd)." }, { "name": "System / SSH authorized keys", "description": "Manage `/etc/dropbear/authorized_keys` entries by stable id." }, { "name": "Dropbear / Instances", "description": "Per-instance SSH config (`config dropbear`)." }, { "name": "Uhttpd / Instances", "description": "Per-instance HTTP server config (`config uhttpd`). Self-lockout protection on `main`." }, { "name": "Uhttpd / Certs", "description": "px5g certificate generation params (`config cert`)." }, { "name": "Unbound / Server", "description": "Recursive DNS server singleton (`config unbound`)." }, { "name": "Sqm / Queues", "description": "Per-interface SQM shaping (`config queue`)." }, { "name": "Snmpd / Agents", "description": "SNMP listen addresses (`config agent`)." }, { "name": "Snmpd / Com2secs", "description": "community-to-security mapping (`config com2sec`)." }, { "name": "Snmpd / Groups", "description": "SNMP groups (`config group`)." }, { "name": "Snmpd / Accesses", "description": "group-to-view ACLs (`config access`)." }, { "name": "Snmpd / System", "description": "SNMPv2-MIB system.* singleton (sys_location, sys_contact, etc.)." }, { "name": "Lldpd / Config", "description": "LLDP/CDP/etc. toggles singleton." }, { "name": "Prometheus Node Exporter Lua / Config", "description": "node_exporter listen + per-collector toggles singleton." }, { "name": "Vnstat / Config", "description": "Global vnstat singleton." }, { "name": "Vnstat / Interfaces", "description": "Per-iface vnstat enable." }, { "name": "Mwan3 / Globals", "description": "mwan3 multi-WAN tuning singleton (mark mask, logging, route-monitor interval)." }, { "name": "Mwan3 / Interfaces", "description": "Per-WAN tracking config: track_ip probes, failure/recovery thresholds, family." }, { "name": "Mwan3 / Members", "description": "(interface, metric, weight) tuples consumed by policies." }, { "name": "Mwan3 / Policies", "description": "Member groups with a last-resort fallback. Cross-refs `mwan3:members`." }, { "name": "Mwan3 / Rules", "description": "Traffic-match -> policy bindings. Cross-refs `mwan3:policies`." }, { "name": "Usteer / Config", "description": "Passive band-steering daemon singleton (signal thresholds, roam scan intervals, SSID filter)." }, { "name": "Openvpn / Instances", "description": "Per-tunnel OpenVPN config. Filesystem paths for ca/cert/dh; key/tls_auth/pkcs12 are write-only (reads return has_)." }, { "name": "Raw / Generic uci passthrough", "description": "Escape hatch for any uci section type uapi does not curate. Same atomic-transaction recipe, same auth model. Stable URL/verb/error contract; payload follows uci's moving target." }, { "name": "Packages / Installed", "description": "Manage on-router apk packages (shells out to `apk add`/`del`)." }, { "name": "Packages / Feeds", "description": "Manage `/etc/apk/repositories.d/*.list` feed files." }, { "name": "Auth / Whoami", "description": "Token introspection: read the calling bearer's own metadata." }, { "name": "Auth / Tokens", "description": "HTTP token rotation: list, mint, revoke. Mint enforces scope-subset (caller must hold every requested scope)." }, { "name": "Operational / Healthz", "description": "Liveness + subsystem checks. No auth. Treat `version` as the stable version-skew probe." }, { "name": "Operational / OpenAPI spec", "description": "Self-describing endpoint serving this OpenAPI document. No auth." }, { "name": "Operational / Schema discovery", "description": "Per-resource schema_properties for dynamic clients without parsing the full spec. No auth." }, { "name": "Operational / Metrics", "description": "Prometheus 0.0.4 text. Path-template labels normalize concrete ids." }, { "name": "Operational / Diagnostics", "description": "Lock state, uptime, loaded resources." }, { "name": "Operational / Batch", "description": "Multi-package atomic transaction (max 50 ops). 207 Multi-Status on success." } ], "x-tagGroups": [ { "name": "Firewall", "tags": [ "Firewall / Zones", "Firewall / Rules", "Firewall / Redirects", "Firewall / Forwardings", "Firewall / Defaults" ] }, { "name": "Network", "tags": [ "Network / Interfaces", "Network / Devices", "Network / Routes", "Network / Rules", "Network / Bridge Vlans", "Network / Wireguard Peers" ] }, { "name": "Wireless", "tags": [ "Wireless / Devices", "Wireless / Interfaces" ] }, { "name": "DHCP", "tags": [ "Dhcp / Hosts", "Dhcp / Servers", "Dhcp / Dnsmasq", "Dhcp / Odhcpd", "Dhcp / Leases", "Dhcp / Leases6" ] }, { "name": "System", "tags": [ "System", "System / Timeservers", "System / Password", "System / SSH authorized keys" ] }, { "name": "Other daemons", "tags": [ "Dropbear / Instances", "Uhttpd / Instances", "Uhttpd / Certs", "Unbound / Server", "Sqm / Queues", "Snmpd / Agents", "Snmpd / Com2secs", "Snmpd / Groups", "Snmpd / Accesses", "Snmpd / System", "Lldpd / Config", "Prometheus Node Exporter Lua / Config", "Vnstat / Config", "Vnstat / Interfaces", "Mwan3 / Globals", "Mwan3 / Interfaces", "Mwan3 / Members", "Mwan3 / Policies", "Mwan3 / Rules", "Usteer / Config", "Openvpn / Instances" ] }, { "name": "Generic uci passthrough", "tags": [ "Raw / Generic uci passthrough" ] }, { "name": "Packages", "tags": [ "Packages / Installed", "Packages / Feeds" ] }, { "name": "Auth & tokens", "tags": [ "Auth / Whoami", "Auth / Tokens" ] }, { "name": "Operational endpoints", "tags": [ "Operational / Healthz", "Operational / OpenAPI spec", "Operational / Schema discovery", "Operational / Metrics", "Operational / Diagnostics", "Operational / Batch" ] } ], "security": [ { "bearerAuth": [ ] } ], "paths": { "/firewall/rules": { "get": { "summary": "List rules", "parameters": [ { "name": "managed", "in": "query", "required": false, "schema": { "type": "string", "enum": [ "true", "false" ] }, "description": "Filter by managed flag" } ], "responses": { "200": { "description": "OK", "headers": { "Link": { "$ref": "#/components/headers/Link" }, "X-Next-Cursor": { "$ref": "#/components/headers/XNextCursor" }, "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } }, "content": { "application/json": { "schema": { "type": "array", "items": { "$ref": "#/components/schemas/FirewallRules" } } } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Firewall / Rules" ] }, "post": { "summary": "Create a rules", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/FirewallRules" } } } }, "responses": { "200": { "description": "Created", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/FirewallRules" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Firewall / Rules" ] } }, "/firewall/rules/{id}": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "get": { "summary": "Get one rules", "description": "Supports conditional GET via `If-None-Match` (or `?if_none_match=` query param for clients behind uhttpd's strict CGI env). A matching ETag returns 304 with no body.", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/FirewallRules" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "304": { "description": "If-None-Match matched current ETag", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Firewall / Rules" ] }, "put": { "summary": "Replace a rules", "description": "Honors `If-Match` (header or `?if_match=`). Stale ETag → 412.", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/FirewallRules" } } } }, "responses": { "200": { "description": "Replaced", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/FirewallRules" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Firewall / Rules" ] }, "patch": { "summary": "Partially update a rules", "description": "Default content-type uses RFC 7396 merge-patch semantics (partial object). `application/json-patch+json` selects RFC 6902 JSON Patch with ops add/remove/replace/move/copy/test (the test op enables atomic compare-and-swap without If-Match).", "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object", "description": "merge-patch partial body" } }, "application/json-patch+json": { "schema": { "$ref": "#/components/schemas/JsonPatch" } } } }, "responses": { "200": { "description": "Updated", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/FirewallRules" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Firewall / Rules" ] }, "delete": { "summary": "Delete a rules", "responses": { "204": { "description": "Deleted", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Firewall / Rules" ] } }, "/firewall/rules/{id}/adopt": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "post": { "summary": "Adopt an anonymous firewall rule", "description": "Adopt an anonymous firewall rule into uapi management. The section is renamed to a uapi-generated ULID and `managed` flips to `true`; subsequent writes (PUT, PATCH, DELETE) are then permitted. **The id changes**: the response carries the new ULID; any client state pointing at the original anonymous id (`cfgXXXXXX`) must be updated. Idempotent: adopting an already-managed section returns 409 unmanaged_resource (see error envelope).", "responses": { "200": { "description": "Adopted", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/FirewallRules" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Firewall / Rules" ] } }, "/firewall/zones": { "get": { "summary": "List zones", "parameters": [ { "name": "managed", "in": "query", "required": false, "schema": { "type": "string", "enum": [ "true", "false" ] }, "description": "Filter by managed flag" } ], "responses": { "200": { "description": "OK", "headers": { "Link": { "$ref": "#/components/headers/Link" }, "X-Next-Cursor": { "$ref": "#/components/headers/XNextCursor" }, "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } }, "content": { "application/json": { "schema": { "type": "array", "items": { "$ref": "#/components/schemas/FirewallZones" } } } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Firewall / Zones" ] }, "post": { "summary": "Create a zones", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/FirewallZones" } } } }, "responses": { "200": { "description": "Created", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/FirewallZones" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Firewall / Zones" ] } }, "/firewall/zones/{id}": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "get": { "summary": "Get one zones", "description": "Supports conditional GET via `If-None-Match` (or `?if_none_match=` query param for clients behind uhttpd's strict CGI env). A matching ETag returns 304 with no body.", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/FirewallZones" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "304": { "description": "If-None-Match matched current ETag", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Firewall / Zones" ] }, "put": { "summary": "Replace a zones", "description": "Honors `If-Match` (header or `?if_match=`). Stale ETag → 412.", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/FirewallZones" } } } }, "responses": { "200": { "description": "Replaced", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/FirewallZones" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Firewall / Zones" ] }, "patch": { "summary": "Partially update a zones", "description": "Default content-type uses RFC 7396 merge-patch semantics (partial object). `application/json-patch+json` selects RFC 6902 JSON Patch with ops add/remove/replace/move/copy/test (the test op enables atomic compare-and-swap without If-Match).", "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object", "description": "merge-patch partial body" } }, "application/json-patch+json": { "schema": { "$ref": "#/components/schemas/JsonPatch" } } } }, "responses": { "200": { "description": "Updated", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/FirewallZones" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Firewall / Zones" ] }, "delete": { "summary": "Delete a zones", "responses": { "204": { "description": "Deleted", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Firewall / Zones" ] } }, "/firewall/zones/{id}/adopt": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "post": { "summary": "Adopt an anonymous firewall zone", "description": "Adopt an anonymous firewall zone into uapi management. The section is renamed to a uapi-generated ULID and `managed` flips to `true`; subsequent writes (PUT, PATCH, DELETE) are then permitted. **The id changes**: the response carries the new ULID; any client state pointing at the original anonymous id (`cfgXXXXXX`) must be updated. Idempotent: adopting an already-managed section returns 409 unmanaged_resource (see error envelope).", "responses": { "200": { "description": "Adopted", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/FirewallZones" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Firewall / Zones" ] } }, "/firewall/redirects": { "get": { "summary": "List redirects", "parameters": [ { "name": "managed", "in": "query", "required": false, "schema": { "type": "string", "enum": [ "true", "false" ] }, "description": "Filter by managed flag" } ], "responses": { "200": { "description": "OK", "headers": { "Link": { "$ref": "#/components/headers/Link" }, "X-Next-Cursor": { "$ref": "#/components/headers/XNextCursor" }, "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } }, "content": { "application/json": { "schema": { "type": "array", "items": { "$ref": "#/components/schemas/FirewallRedirects" } } } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Firewall / Redirects" ] }, "post": { "summary": "Create a redirects", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/FirewallRedirects" } } } }, "responses": { "200": { "description": "Created", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/FirewallRedirects" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Firewall / Redirects" ] } }, "/firewall/redirects/{id}": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "get": { "summary": "Get one redirects", "description": "Supports conditional GET via `If-None-Match` (or `?if_none_match=` query param for clients behind uhttpd's strict CGI env). A matching ETag returns 304 with no body.", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/FirewallRedirects" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "304": { "description": "If-None-Match matched current ETag", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Firewall / Redirects" ] }, "put": { "summary": "Replace a redirects", "description": "Honors `If-Match` (header or `?if_match=`). Stale ETag → 412.", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/FirewallRedirects" } } } }, "responses": { "200": { "description": "Replaced", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/FirewallRedirects" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Firewall / Redirects" ] }, "patch": { "summary": "Partially update a redirects", "description": "Default content-type uses RFC 7396 merge-patch semantics (partial object). `application/json-patch+json` selects RFC 6902 JSON Patch with ops add/remove/replace/move/copy/test (the test op enables atomic compare-and-swap without If-Match).", "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object", "description": "merge-patch partial body" } }, "application/json-patch+json": { "schema": { "$ref": "#/components/schemas/JsonPatch" } } } }, "responses": { "200": { "description": "Updated", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/FirewallRedirects" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Firewall / Redirects" ] }, "delete": { "summary": "Delete a redirects", "responses": { "204": { "description": "Deleted", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Firewall / Redirects" ] } }, "/firewall/redirects/{id}/adopt": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "post": { "summary": "Adopt an anonymous firewall redirect", "description": "Adopt an anonymous firewall redirect into uapi management. The section is renamed to a uapi-generated ULID and `managed` flips to `true`; subsequent writes (PUT, PATCH, DELETE) are then permitted. **The id changes**: the response carries the new ULID; any client state pointing at the original anonymous id (`cfgXXXXXX`) must be updated. Idempotent: adopting an already-managed section returns 409 unmanaged_resource (see error envelope).", "responses": { "200": { "description": "Adopted", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/FirewallRedirects" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Firewall / Redirects" ] } }, "/firewall/forwardings": { "get": { "summary": "List forwardings", "parameters": [ { "name": "managed", "in": "query", "required": false, "schema": { "type": "string", "enum": [ "true", "false" ] }, "description": "Filter by managed flag" } ], "responses": { "200": { "description": "OK", "headers": { "Link": { "$ref": "#/components/headers/Link" }, "X-Next-Cursor": { "$ref": "#/components/headers/XNextCursor" }, "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } }, "content": { "application/json": { "schema": { "type": "array", "items": { "$ref": "#/components/schemas/FirewallForwardings" } } } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Firewall / Forwardings" ] }, "post": { "summary": "Create a forwardings", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/FirewallForwardings" } } } }, "responses": { "200": { "description": "Created", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/FirewallForwardings" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Firewall / Forwardings" ] } }, "/firewall/forwardings/{id}": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "get": { "summary": "Get one forwardings", "description": "Supports conditional GET via `If-None-Match` (or `?if_none_match=` query param for clients behind uhttpd's strict CGI env). A matching ETag returns 304 with no body.", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/FirewallForwardings" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "304": { "description": "If-None-Match matched current ETag", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Firewall / Forwardings" ] }, "put": { "summary": "Replace a forwardings", "description": "Honors `If-Match` (header or `?if_match=`). Stale ETag → 412.", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/FirewallForwardings" } } } }, "responses": { "200": { "description": "Replaced", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/FirewallForwardings" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Firewall / Forwardings" ] }, "patch": { "summary": "Partially update a forwardings", "description": "Default content-type uses RFC 7396 merge-patch semantics (partial object). `application/json-patch+json` selects RFC 6902 JSON Patch with ops add/remove/replace/move/copy/test (the test op enables atomic compare-and-swap without If-Match).", "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object", "description": "merge-patch partial body" } }, "application/json-patch+json": { "schema": { "$ref": "#/components/schemas/JsonPatch" } } } }, "responses": { "200": { "description": "Updated", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/FirewallForwardings" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Firewall / Forwardings" ] }, "delete": { "summary": "Delete a forwardings", "responses": { "204": { "description": "Deleted", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Firewall / Forwardings" ] } }, "/firewall/forwardings/{id}/adopt": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "post": { "summary": "Adopt an anonymous firewall forwarding", "description": "Adopt an anonymous firewall forwarding into uapi management. The section is renamed to a uapi-generated ULID and `managed` flips to `true`; subsequent writes (PUT, PATCH, DELETE) are then permitted. **The id changes**: the response carries the new ULID; any client state pointing at the original anonymous id (`cfgXXXXXX`) must be updated. Idempotent: adopting an already-managed section returns 409 unmanaged_resource (see error envelope).", "responses": { "200": { "description": "Adopted", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/FirewallForwardings" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Firewall / Forwardings" ] } }, "/firewall/defaults": { "get": { "summary": "Get the firewall singleton", "description": "Conditional GET via If-None-Match (or ?if_none_match=).", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/FirewallDefaults" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "304": { "description": "If-None-Match matched current ETag", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Firewall / Defaults" ] }, "patch": { "summary": "Update the firewall singleton", "description": "Merge-patch by default; `application/json-patch+json` selects RFC 6902 ops.", "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object" } }, "application/json-patch+json": { "schema": { "$ref": "#/components/schemas/JsonPatch" } } } }, "responses": { "200": { "description": "Updated", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/FirewallDefaults" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Firewall / Defaults" ] } }, "/network/interfaces": { "get": { "summary": "List interfaces", "parameters": [ { "name": "managed", "in": "query", "required": false, "schema": { "type": "string", "enum": [ "true", "false" ] }, "description": "Filter by managed flag" } ], "responses": { "200": { "description": "OK", "headers": { "Link": { "$ref": "#/components/headers/Link" }, "X-Next-Cursor": { "$ref": "#/components/headers/XNextCursor" }, "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } }, "content": { "application/json": { "schema": { "type": "array", "items": { "$ref": "#/components/schemas/NetworkInterfaces" } } } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Network / Interfaces" ] }, "post": { "summary": "Create a interfaces", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/NetworkInterfaces" } } } }, "responses": { "200": { "description": "Created", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/NetworkInterfaces" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Network / Interfaces" ] } }, "/network/interfaces/{id}": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "get": { "summary": "Get one interfaces", "description": "Supports conditional GET via `If-None-Match` (or `?if_none_match=` query param for clients behind uhttpd's strict CGI env). A matching ETag returns 304 with no body.", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/NetworkInterfaces" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "304": { "description": "If-None-Match matched current ETag", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Network / Interfaces" ] }, "put": { "summary": "Replace a interfaces", "description": "Honors `If-Match` (header or `?if_match=`). Stale ETag → 412.", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/NetworkInterfaces" } } } }, "responses": { "200": { "description": "Replaced", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/NetworkInterfaces" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Network / Interfaces" ] }, "patch": { "summary": "Partially update a interfaces", "description": "Default content-type uses RFC 7396 merge-patch semantics (partial object). `application/json-patch+json` selects RFC 6902 JSON Patch with ops add/remove/replace/move/copy/test (the test op enables atomic compare-and-swap without If-Match).", "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object", "description": "merge-patch partial body" } }, "application/json-patch+json": { "schema": { "$ref": "#/components/schemas/JsonPatch" } } } }, "responses": { "200": { "description": "Updated", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/NetworkInterfaces" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Network / Interfaces" ] }, "delete": { "summary": "Delete a interfaces", "responses": { "204": { "description": "Deleted", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Network / Interfaces" ] } }, "/network/interfaces/{id}/adopt": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "post": { "summary": "Adopt an anonymous network interface", "description": "Adopt an anonymous network interface into uapi management. The section is renamed to a uapi-generated ULID and `managed` flips to `true`; subsequent writes (PUT, PATCH, DELETE) are then permitted. **The id changes**: the response carries the new ULID; any client state pointing at the original anonymous id (`cfgXXXXXX`) must be updated. Idempotent: adopting an already-managed section returns 409 unmanaged_resource (see error envelope).", "responses": { "200": { "description": "Adopted", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/NetworkInterfaces" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Network / Interfaces" ] } }, "/network/devices": { "get": { "summary": "List devices", "parameters": [ { "name": "managed", "in": "query", "required": false, "schema": { "type": "string", "enum": [ "true", "false" ] }, "description": "Filter by managed flag" } ], "responses": { "200": { "description": "OK", "headers": { "Link": { "$ref": "#/components/headers/Link" }, "X-Next-Cursor": { "$ref": "#/components/headers/XNextCursor" }, "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } }, "content": { "application/json": { "schema": { "type": "array", "items": { "$ref": "#/components/schemas/NetworkDevices" } } } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Network / Devices" ] }, "post": { "summary": "Create a devices", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/NetworkDevices" } } } }, "responses": { "200": { "description": "Created", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/NetworkDevices" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Network / Devices" ] } }, "/network/devices/{id}": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "get": { "summary": "Get one devices", "description": "Supports conditional GET via `If-None-Match` (or `?if_none_match=` query param for clients behind uhttpd's strict CGI env). A matching ETag returns 304 with no body.", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/NetworkDevices" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "304": { "description": "If-None-Match matched current ETag", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Network / Devices" ] }, "put": { "summary": "Replace a devices", "description": "Honors `If-Match` (header or `?if_match=`). Stale ETag → 412.", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/NetworkDevices" } } } }, "responses": { "200": { "description": "Replaced", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/NetworkDevices" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Network / Devices" ] }, "patch": { "summary": "Partially update a devices", "description": "Default content-type uses RFC 7396 merge-patch semantics (partial object). `application/json-patch+json` selects RFC 6902 JSON Patch with ops add/remove/replace/move/copy/test (the test op enables atomic compare-and-swap without If-Match).", "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object", "description": "merge-patch partial body" } }, "application/json-patch+json": { "schema": { "$ref": "#/components/schemas/JsonPatch" } } } }, "responses": { "200": { "description": "Updated", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/NetworkDevices" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Network / Devices" ] }, "delete": { "summary": "Delete a devices", "responses": { "204": { "description": "Deleted", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Network / Devices" ] } }, "/network/devices/{id}/adopt": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "post": { "summary": "Adopt an anonymous network device", "description": "Adopt an anonymous network device into uapi management. The section is renamed to a uapi-generated ULID and `managed` flips to `true`; subsequent writes (PUT, PATCH, DELETE) are then permitted. **The id changes**: the response carries the new ULID; any client state pointing at the original anonymous id (`cfgXXXXXX`) must be updated. Idempotent: adopting an already-managed section returns 409 unmanaged_resource (see error envelope).", "responses": { "200": { "description": "Adopted", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/NetworkDevices" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Network / Devices" ] } }, "/network/routes": { "get": { "summary": "List routes", "parameters": [ { "name": "managed", "in": "query", "required": false, "schema": { "type": "string", "enum": [ "true", "false" ] }, "description": "Filter by managed flag" } ], "responses": { "200": { "description": "OK", "headers": { "Link": { "$ref": "#/components/headers/Link" }, "X-Next-Cursor": { "$ref": "#/components/headers/XNextCursor" }, "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } }, "content": { "application/json": { "schema": { "type": "array", "items": { "$ref": "#/components/schemas/NetworkRoutes" } } } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Network / Routes" ] }, "post": { "summary": "Create a routes", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/NetworkRoutes" } } } }, "responses": { "200": { "description": "Created", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/NetworkRoutes" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Network / Routes" ] } }, "/network/routes/{id}": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "get": { "summary": "Get one routes", "description": "Supports conditional GET via `If-None-Match` (or `?if_none_match=` query param for clients behind uhttpd's strict CGI env). A matching ETag returns 304 with no body.", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/NetworkRoutes" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "304": { "description": "If-None-Match matched current ETag", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Network / Routes" ] }, "put": { "summary": "Replace a routes", "description": "Honors `If-Match` (header or `?if_match=`). Stale ETag → 412.", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/NetworkRoutes" } } } }, "responses": { "200": { "description": "Replaced", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/NetworkRoutes" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Network / Routes" ] }, "patch": { "summary": "Partially update a routes", "description": "Default content-type uses RFC 7396 merge-patch semantics (partial object). `application/json-patch+json` selects RFC 6902 JSON Patch with ops add/remove/replace/move/copy/test (the test op enables atomic compare-and-swap without If-Match).", "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object", "description": "merge-patch partial body" } }, "application/json-patch+json": { "schema": { "$ref": "#/components/schemas/JsonPatch" } } } }, "responses": { "200": { "description": "Updated", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/NetworkRoutes" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Network / Routes" ] }, "delete": { "summary": "Delete a routes", "responses": { "204": { "description": "Deleted", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Network / Routes" ] } }, "/network/routes/{id}/adopt": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "post": { "summary": "Adopt an anonymous network route", "description": "Adopt an anonymous network route into uapi management. The section is renamed to a uapi-generated ULID and `managed` flips to `true`; subsequent writes (PUT, PATCH, DELETE) are then permitted. **The id changes**: the response carries the new ULID; any client state pointing at the original anonymous id (`cfgXXXXXX`) must be updated. Idempotent: adopting an already-managed section returns 409 unmanaged_resource (see error envelope).", "responses": { "200": { "description": "Adopted", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/NetworkRoutes" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Network / Routes" ] } }, "/network/rules": { "get": { "summary": "List rules", "parameters": [ { "name": "managed", "in": "query", "required": false, "schema": { "type": "string", "enum": [ "true", "false" ] }, "description": "Filter by managed flag" } ], "responses": { "200": { "description": "OK", "headers": { "Link": { "$ref": "#/components/headers/Link" }, "X-Next-Cursor": { "$ref": "#/components/headers/XNextCursor" }, "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } }, "content": { "application/json": { "schema": { "type": "array", "items": { "$ref": "#/components/schemas/NetworkRules" } } } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Network / Rules" ] }, "post": { "summary": "Create a rules", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/NetworkRules" } } } }, "responses": { "200": { "description": "Created", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/NetworkRules" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Network / Rules" ] } }, "/network/rules/{id}": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "get": { "summary": "Get one rules", "description": "Supports conditional GET via `If-None-Match` (or `?if_none_match=` query param for clients behind uhttpd's strict CGI env). A matching ETag returns 304 with no body.", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/NetworkRules" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "304": { "description": "If-None-Match matched current ETag", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Network / Rules" ] }, "put": { "summary": "Replace a rules", "description": "Honors `If-Match` (header or `?if_match=`). Stale ETag → 412.", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/NetworkRules" } } } }, "responses": { "200": { "description": "Replaced", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/NetworkRules" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Network / Rules" ] }, "patch": { "summary": "Partially update a rules", "description": "Default content-type uses RFC 7396 merge-patch semantics (partial object). `application/json-patch+json` selects RFC 6902 JSON Patch with ops add/remove/replace/move/copy/test (the test op enables atomic compare-and-swap without If-Match).", "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object", "description": "merge-patch partial body" } }, "application/json-patch+json": { "schema": { "$ref": "#/components/schemas/JsonPatch" } } } }, "responses": { "200": { "description": "Updated", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/NetworkRules" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Network / Rules" ] }, "delete": { "summary": "Delete a rules", "responses": { "204": { "description": "Deleted", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Network / Rules" ] } }, "/network/rules/{id}/adopt": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "post": { "summary": "Adopt an anonymous network policy rule", "description": "Adopt an anonymous network policy rule into uapi management. The section is renamed to a uapi-generated ULID and `managed` flips to `true`; subsequent writes (PUT, PATCH, DELETE) are then permitted. **The id changes**: the response carries the new ULID; any client state pointing at the original anonymous id (`cfgXXXXXX`) must be updated. Idempotent: adopting an already-managed section returns 409 unmanaged_resource (see error envelope).", "responses": { "200": { "description": "Adopted", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/NetworkRules" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Network / Rules" ] } }, "/network/bridge_vlans": { "get": { "summary": "List bridge_vlans", "parameters": [ { "name": "managed", "in": "query", "required": false, "schema": { "type": "string", "enum": [ "true", "false" ] }, "description": "Filter by managed flag" } ], "responses": { "200": { "description": "OK", "headers": { "Link": { "$ref": "#/components/headers/Link" }, "X-Next-Cursor": { "$ref": "#/components/headers/XNextCursor" }, "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } }, "content": { "application/json": { "schema": { "type": "array", "items": { "$ref": "#/components/schemas/NetworkBridgeVlans" } } } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Network / Bridge Vlans" ] }, "post": { "summary": "Create a bridge_vlans", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/NetworkBridgeVlans" } } } }, "responses": { "200": { "description": "Created", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/NetworkBridgeVlans" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Network / Bridge Vlans" ] } }, "/network/bridge_vlans/{id}": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "get": { "summary": "Get one bridge_vlans", "description": "Supports conditional GET via `If-None-Match` (or `?if_none_match=` query param for clients behind uhttpd's strict CGI env). A matching ETag returns 304 with no body.", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/NetworkBridgeVlans" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "304": { "description": "If-None-Match matched current ETag", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Network / Bridge Vlans" ] }, "put": { "summary": "Replace a bridge_vlans", "description": "Honors `If-Match` (header or `?if_match=`). Stale ETag → 412.", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/NetworkBridgeVlans" } } } }, "responses": { "200": { "description": "Replaced", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/NetworkBridgeVlans" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Network / Bridge Vlans" ] }, "patch": { "summary": "Partially update a bridge_vlans", "description": "Default content-type uses RFC 7396 merge-patch semantics (partial object). `application/json-patch+json` selects RFC 6902 JSON Patch with ops add/remove/replace/move/copy/test (the test op enables atomic compare-and-swap without If-Match).", "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object", "description": "merge-patch partial body" } }, "application/json-patch+json": { "schema": { "$ref": "#/components/schemas/JsonPatch" } } } }, "responses": { "200": { "description": "Updated", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/NetworkBridgeVlans" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Network / Bridge Vlans" ] }, "delete": { "summary": "Delete a bridge_vlans", "responses": { "204": { "description": "Deleted", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Network / Bridge Vlans" ] } }, "/network/bridge_vlans/{id}/adopt": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "post": { "summary": "Adopt an anonymous bridge VLAN", "description": "Adopt an anonymous bridge VLAN into uapi management. The section is renamed to a uapi-generated ULID and `managed` flips to `true`; subsequent writes (PUT, PATCH, DELETE) are then permitted. **The id changes**: the response carries the new ULID; any client state pointing at the original anonymous id (`cfgXXXXXX`) must be updated. Idempotent: adopting an already-managed section returns 409 unmanaged_resource (see error envelope).", "responses": { "200": { "description": "Adopted", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/NetworkBridgeVlans" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Network / Bridge Vlans" ] } }, "/network/wireguard_peers": { "get": { "summary": "List wireguard_peers", "parameters": [ { "name": "managed", "in": "query", "required": false, "schema": { "type": "string", "enum": [ "true", "false" ] }, "description": "Filter by managed flag" } ], "responses": { "200": { "description": "OK", "headers": { "Link": { "$ref": "#/components/headers/Link" }, "X-Next-Cursor": { "$ref": "#/components/headers/XNextCursor" }, "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } }, "content": { "application/json": { "schema": { "type": "array", "items": { "$ref": "#/components/schemas/NetworkWireguardPeers" } } } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Network / Wireguard Peers" ] }, "post": { "summary": "Create a wireguard_peers", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/NetworkWireguardPeers" } } } }, "responses": { "200": { "description": "Created", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/NetworkWireguardPeers" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Network / Wireguard Peers" ] } }, "/network/wireguard_peers/{id}": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "get": { "summary": "Get one wireguard_peers", "description": "Supports conditional GET via `If-None-Match` (or `?if_none_match=` query param for clients behind uhttpd's strict CGI env). A matching ETag returns 304 with no body.", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/NetworkWireguardPeers" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "304": { "description": "If-None-Match matched current ETag", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Network / Wireguard Peers" ] }, "put": { "summary": "Replace a wireguard_peers", "description": "Honors `If-Match` (header or `?if_match=`). Stale ETag → 412.", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/NetworkWireguardPeers" } } } }, "responses": { "200": { "description": "Replaced", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/NetworkWireguardPeers" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Network / Wireguard Peers" ] }, "patch": { "summary": "Partially update a wireguard_peers", "description": "Default content-type uses RFC 7396 merge-patch semantics (partial object). `application/json-patch+json` selects RFC 6902 JSON Patch with ops add/remove/replace/move/copy/test (the test op enables atomic compare-and-swap without If-Match).", "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object", "description": "merge-patch partial body" } }, "application/json-patch+json": { "schema": { "$ref": "#/components/schemas/JsonPatch" } } } }, "responses": { "200": { "description": "Updated", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/NetworkWireguardPeers" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Network / Wireguard Peers" ] }, "delete": { "summary": "Delete a wireguard_peers", "responses": { "204": { "description": "Deleted", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Network / Wireguard Peers" ] } }, "/network/wireguard_peers/{id}/adopt": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "post": { "summary": "Adopt an anonymous wireguard peer", "description": "Adopt an anonymous wireguard peer into uapi management. The section is renamed to a uapi-generated ULID and `managed` flips to `true`; subsequent writes (PUT, PATCH, DELETE) are then permitted. **The id changes**: the response carries the new ULID; any client state pointing at the original anonymous id (`cfgXXXXXX`) must be updated. Idempotent: adopting an already-managed section returns 409 unmanaged_resource (see error envelope).", "responses": { "200": { "description": "Adopted", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/NetworkWireguardPeers" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Network / Wireguard Peers" ] } }, "/wireless/devices": { "get": { "summary": "List devices", "parameters": [ { "name": "managed", "in": "query", "required": false, "schema": { "type": "string", "enum": [ "true", "false" ] }, "description": "Filter by managed flag" } ], "responses": { "200": { "description": "OK", "headers": { "Link": { "$ref": "#/components/headers/Link" }, "X-Next-Cursor": { "$ref": "#/components/headers/XNextCursor" }, "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } }, "content": { "application/json": { "schema": { "type": "array", "items": { "$ref": "#/components/schemas/WirelessDevices" } } } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Wireless / Devices" ] }, "post": { "summary": "Create a devices", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/WirelessDevices" } } } }, "responses": { "200": { "description": "Created", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/WirelessDevices" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Wireless / Devices" ] } }, "/wireless/devices/{id}": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "get": { "summary": "Get one devices", "description": "Supports conditional GET via `If-None-Match` (or `?if_none_match=` query param for clients behind uhttpd's strict CGI env). A matching ETag returns 304 with no body.", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/WirelessDevices" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "304": { "description": "If-None-Match matched current ETag", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Wireless / Devices" ] }, "put": { "summary": "Replace a devices", "description": "Honors `If-Match` (header or `?if_match=`). Stale ETag → 412.", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/WirelessDevices" } } } }, "responses": { "200": { "description": "Replaced", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/WirelessDevices" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Wireless / Devices" ] }, "patch": { "summary": "Partially update a devices", "description": "Default content-type uses RFC 7396 merge-patch semantics (partial object). `application/json-patch+json` selects RFC 6902 JSON Patch with ops add/remove/replace/move/copy/test (the test op enables atomic compare-and-swap without If-Match).", "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object", "description": "merge-patch partial body" } }, "application/json-patch+json": { "schema": { "$ref": "#/components/schemas/JsonPatch" } } } }, "responses": { "200": { "description": "Updated", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/WirelessDevices" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Wireless / Devices" ] }, "delete": { "summary": "Delete a devices", "responses": { "204": { "description": "Deleted", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Wireless / Devices" ] } }, "/wireless/devices/{id}/adopt": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "post": { "summary": "Adopt an anonymous wireless device", "description": "Adopt an anonymous wireless device into uapi management. The section is renamed to a uapi-generated ULID and `managed` flips to `true`; subsequent writes (PUT, PATCH, DELETE) are then permitted. **The id changes**: the response carries the new ULID; any client state pointing at the original anonymous id (`cfgXXXXXX`) must be updated. Idempotent: adopting an already-managed section returns 409 unmanaged_resource (see error envelope).", "responses": { "200": { "description": "Adopted", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/WirelessDevices" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Wireless / Devices" ] } }, "/wireless/interfaces": { "get": { "summary": "List interfaces", "parameters": [ { "name": "managed", "in": "query", "required": false, "schema": { "type": "string", "enum": [ "true", "false" ] }, "description": "Filter by managed flag" } ], "responses": { "200": { "description": "OK", "headers": { "Link": { "$ref": "#/components/headers/Link" }, "X-Next-Cursor": { "$ref": "#/components/headers/XNextCursor" }, "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } }, "content": { "application/json": { "schema": { "type": "array", "items": { "$ref": "#/components/schemas/WirelessInterfaces" } } } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Wireless / Interfaces" ] }, "post": { "summary": "Create a interfaces", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/WirelessInterfaces" } } } }, "responses": { "200": { "description": "Created", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/WirelessInterfaces" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Wireless / Interfaces" ] } }, "/wireless/interfaces/{id}": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "get": { "summary": "Get one interfaces", "description": "Supports conditional GET via `If-None-Match` (or `?if_none_match=` query param for clients behind uhttpd's strict CGI env). A matching ETag returns 304 with no body.", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/WirelessInterfaces" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "304": { "description": "If-None-Match matched current ETag", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Wireless / Interfaces" ] }, "put": { "summary": "Replace a interfaces", "description": "Honors `If-Match` (header or `?if_match=`). Stale ETag → 412.", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/WirelessInterfaces" } } } }, "responses": { "200": { "description": "Replaced", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/WirelessInterfaces" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Wireless / Interfaces" ] }, "patch": { "summary": "Partially update a interfaces", "description": "Default content-type uses RFC 7396 merge-patch semantics (partial object). `application/json-patch+json` selects RFC 6902 JSON Patch with ops add/remove/replace/move/copy/test (the test op enables atomic compare-and-swap without If-Match).", "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object", "description": "merge-patch partial body" } }, "application/json-patch+json": { "schema": { "$ref": "#/components/schemas/JsonPatch" } } } }, "responses": { "200": { "description": "Updated", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/WirelessInterfaces" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Wireless / Interfaces" ] }, "delete": { "summary": "Delete a interfaces", "responses": { "204": { "description": "Deleted", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Wireless / Interfaces" ] } }, "/wireless/interfaces/{id}/adopt": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "post": { "summary": "Adopt an anonymous wireless interface", "description": "Adopt an anonymous wireless interface into uapi management. The section is renamed to a uapi-generated ULID and `managed` flips to `true`; subsequent writes (PUT, PATCH, DELETE) are then permitted. **The id changes**: the response carries the new ULID; any client state pointing at the original anonymous id (`cfgXXXXXX`) must be updated. Idempotent: adopting an already-managed section returns 409 unmanaged_resource (see error envelope).", "responses": { "200": { "description": "Adopted", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/WirelessInterfaces" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Wireless / Interfaces" ] } }, "/dhcp/hosts": { "get": { "summary": "List hosts", "parameters": [ { "name": "managed", "in": "query", "required": false, "schema": { "type": "string", "enum": [ "true", "false" ] }, "description": "Filter by managed flag" } ], "responses": { "200": { "description": "OK", "headers": { "Link": { "$ref": "#/components/headers/Link" }, "X-Next-Cursor": { "$ref": "#/components/headers/XNextCursor" }, "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } }, "content": { "application/json": { "schema": { "type": "array", "items": { "$ref": "#/components/schemas/DhcpHosts" } } } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Dhcp / Hosts" ] }, "post": { "summary": "Create a hosts", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/DhcpHosts" } } } }, "responses": { "200": { "description": "Created", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/DhcpHosts" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Dhcp / Hosts" ] } }, "/dhcp/hosts/{id}": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "get": { "summary": "Get one hosts", "description": "Supports conditional GET via `If-None-Match` (or `?if_none_match=` query param for clients behind uhttpd's strict CGI env). A matching ETag returns 304 with no body.", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/DhcpHosts" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "304": { "description": "If-None-Match matched current ETag", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Dhcp / Hosts" ] }, "put": { "summary": "Replace a hosts", "description": "Honors `If-Match` (header or `?if_match=`). Stale ETag → 412.", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/DhcpHosts" } } } }, "responses": { "200": { "description": "Replaced", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/DhcpHosts" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Dhcp / Hosts" ] }, "patch": { "summary": "Partially update a hosts", "description": "Default content-type uses RFC 7396 merge-patch semantics (partial object). `application/json-patch+json` selects RFC 6902 JSON Patch with ops add/remove/replace/move/copy/test (the test op enables atomic compare-and-swap without If-Match).", "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object", "description": "merge-patch partial body" } }, "application/json-patch+json": { "schema": { "$ref": "#/components/schemas/JsonPatch" } } } }, "responses": { "200": { "description": "Updated", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/DhcpHosts" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Dhcp / Hosts" ] }, "delete": { "summary": "Delete a hosts", "responses": { "204": { "description": "Deleted", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Dhcp / Hosts" ] } }, "/dhcp/hosts/{id}/adopt": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "post": { "summary": "Adopt an anonymous DHCP host", "description": "Adopt an anonymous DHCP host into uapi management. The section is renamed to a uapi-generated ULID and `managed` flips to `true`; subsequent writes (PUT, PATCH, DELETE) are then permitted. **The id changes**: the response carries the new ULID; any client state pointing at the original anonymous id (`cfgXXXXXX`) must be updated. Idempotent: adopting an already-managed section returns 409 unmanaged_resource (see error envelope).", "responses": { "200": { "description": "Adopted", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/DhcpHosts" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Dhcp / Hosts" ] } }, "/dhcp/leases": { "get": { "summary": "List leases (read-only)", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "type": "array", "items": { "$ref": "#/components/schemas/DhcpLeases" } } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Dhcp / Leases" ] } }, "/dhcp/leases/{id}": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" } } ], "get": { "summary": "Get one leases by id", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/DhcpLeases" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Dhcp / Leases" ] } }, "/dhcp/leases6": { "get": { "summary": "List leases6 (read-only)", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "type": "array", "items": { "$ref": "#/components/schemas/DhcpLeases6" } } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Dhcp / Leases6" ] } }, "/dhcp/leases6/{id}": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" } } ], "get": { "summary": "Get one leases6 by id", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/DhcpLeases6" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Dhcp / Leases6" ] } }, "/dhcp/servers": { "get": { "summary": "List servers", "parameters": [ { "name": "managed", "in": "query", "required": false, "schema": { "type": "string", "enum": [ "true", "false" ] }, "description": "Filter by managed flag" } ], "responses": { "200": { "description": "OK", "headers": { "Link": { "$ref": "#/components/headers/Link" }, "X-Next-Cursor": { "$ref": "#/components/headers/XNextCursor" }, "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } }, "content": { "application/json": { "schema": { "type": "array", "items": { "$ref": "#/components/schemas/DhcpServers" } } } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Dhcp / Servers" ] }, "post": { "summary": "Create a servers", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/DhcpServers" } } } }, "responses": { "200": { "description": "Created", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/DhcpServers" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Dhcp / Servers" ] } }, "/dhcp/servers/{id}": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "get": { "summary": "Get one servers", "description": "Supports conditional GET via `If-None-Match` (or `?if_none_match=` query param for clients behind uhttpd's strict CGI env). A matching ETag returns 304 with no body.", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/DhcpServers" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "304": { "description": "If-None-Match matched current ETag", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Dhcp / Servers" ] }, "put": { "summary": "Replace a servers", "description": "Honors `If-Match` (header or `?if_match=`). Stale ETag → 412.", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/DhcpServers" } } } }, "responses": { "200": { "description": "Replaced", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/DhcpServers" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Dhcp / Servers" ] }, "patch": { "summary": "Partially update a servers", "description": "Default content-type uses RFC 7396 merge-patch semantics (partial object). `application/json-patch+json` selects RFC 6902 JSON Patch with ops add/remove/replace/move/copy/test (the test op enables atomic compare-and-swap without If-Match).", "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object", "description": "merge-patch partial body" } }, "application/json-patch+json": { "schema": { "$ref": "#/components/schemas/JsonPatch" } } } }, "responses": { "200": { "description": "Updated", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/DhcpServers" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Dhcp / Servers" ] }, "delete": { "summary": "Delete a servers", "responses": { "204": { "description": "Deleted", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Dhcp / Servers" ] } }, "/dhcp/servers/{id}/adopt": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "post": { "summary": "Adopt an anonymous DHCP server", "description": "Adopt an anonymous DHCP server into uapi management. The section is renamed to a uapi-generated ULID and `managed` flips to `true`; subsequent writes (PUT, PATCH, DELETE) are then permitted. **The id changes**: the response carries the new ULID; any client state pointing at the original anonymous id (`cfgXXXXXX`) must be updated. Idempotent: adopting an already-managed section returns 409 unmanaged_resource (see error envelope).", "responses": { "200": { "description": "Adopted", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/DhcpServers" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Dhcp / Servers" ] } }, "/dhcp/dnsmasq": { "get": { "summary": "Get the dhcp singleton", "description": "Conditional GET via If-None-Match (or ?if_none_match=).", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/DhcpDnsmasq" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "304": { "description": "If-None-Match matched current ETag", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Dhcp / Dnsmasq" ] }, "patch": { "summary": "Update the dhcp singleton", "description": "Merge-patch by default; `application/json-patch+json` selects RFC 6902 ops.", "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object" } }, "application/json-patch+json": { "schema": { "$ref": "#/components/schemas/JsonPatch" } } } }, "responses": { "200": { "description": "Updated", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/DhcpDnsmasq" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Dhcp / Dnsmasq" ] } }, "/dhcp/odhcpd": { "get": { "summary": "Get the dhcp singleton", "description": "Conditional GET via If-None-Match (or ?if_none_match=).", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/DhcpOdhcpd" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "304": { "description": "If-None-Match matched current ETag", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Dhcp / Odhcpd" ] }, "patch": { "summary": "Update the dhcp singleton", "description": "Merge-patch by default; `application/json-patch+json` selects RFC 6902 ops.", "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object" } }, "application/json-patch+json": { "schema": { "$ref": "#/components/schemas/JsonPatch" } } } }, "responses": { "200": { "description": "Updated", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/DhcpOdhcpd" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Dhcp / Odhcpd" ] } }, "/system": { "get": { "summary": "Get the system singleton", "description": "Conditional GET via If-None-Match (or ?if_none_match=).", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/System" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "304": { "description": "If-None-Match matched current ETag", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "System" ] }, "patch": { "summary": "Update the system singleton", "description": "Merge-patch by default; `application/json-patch+json` selects RFC 6902 ops.", "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object" } }, "application/json-patch+json": { "schema": { "$ref": "#/components/schemas/JsonPatch" } } } }, "responses": { "200": { "description": "Updated", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/System" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "System" ] } }, "/system/timeservers": { "get": { "summary": "List timeservers", "parameters": [ { "name": "managed", "in": "query", "required": false, "schema": { "type": "string", "enum": [ "true", "false" ] }, "description": "Filter by managed flag" } ], "responses": { "200": { "description": "OK", "headers": { "Link": { "$ref": "#/components/headers/Link" }, "X-Next-Cursor": { "$ref": "#/components/headers/XNextCursor" }, "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } }, "content": { "application/json": { "schema": { "type": "array", "items": { "$ref": "#/components/schemas/SystemTimeservers" } } } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "System / Timeservers" ] }, "post": { "summary": "Create a timeservers", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SystemTimeservers" } } } }, "responses": { "200": { "description": "Created", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SystemTimeservers" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "System / Timeservers" ] } }, "/system/timeservers/{id}": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "get": { "summary": "Get one timeservers", "description": "Supports conditional GET via `If-None-Match` (or `?if_none_match=` query param for clients behind uhttpd's strict CGI env). A matching ETag returns 304 with no body.", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SystemTimeservers" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "304": { "description": "If-None-Match matched current ETag", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "System / Timeservers" ] }, "put": { "summary": "Replace a timeservers", "description": "Honors `If-Match` (header or `?if_match=`). Stale ETag → 412.", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SystemTimeservers" } } } }, "responses": { "200": { "description": "Replaced", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SystemTimeservers" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "System / Timeservers" ] }, "patch": { "summary": "Partially update a timeservers", "description": "Default content-type uses RFC 7396 merge-patch semantics (partial object). `application/json-patch+json` selects RFC 6902 JSON Patch with ops add/remove/replace/move/copy/test (the test op enables atomic compare-and-swap without If-Match).", "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object", "description": "merge-patch partial body" } }, "application/json-patch+json": { "schema": { "$ref": "#/components/schemas/JsonPatch" } } } }, "responses": { "200": { "description": "Updated", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SystemTimeservers" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "System / Timeservers" ] }, "delete": { "summary": "Delete a timeservers", "responses": { "204": { "description": "Deleted", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "System / Timeservers" ] } }, "/system/timeservers/{id}/adopt": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "post": { "summary": "Adopt an anonymous timeserver", "description": "Adopt an anonymous timeserver into uapi management. The section is renamed to a uapi-generated ULID and `managed` flips to `true`; subsequent writes (PUT, PATCH, DELETE) are then permitted. **The id changes**: the response carries the new ULID; any client state pointing at the original anonymous id (`cfgXXXXXX`) must be updated. Idempotent: adopting an already-managed section returns 409 unmanaged_resource (see error envelope).", "responses": { "200": { "description": "Adopted", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SystemTimeservers" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "System / Timeservers" ] } }, "/dropbear/instances": { "get": { "summary": "List instances", "parameters": [ { "name": "managed", "in": "query", "required": false, "schema": { "type": "string", "enum": [ "true", "false" ] }, "description": "Filter by managed flag" } ], "responses": { "200": { "description": "OK", "headers": { "Link": { "$ref": "#/components/headers/Link" }, "X-Next-Cursor": { "$ref": "#/components/headers/XNextCursor" }, "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } }, "content": { "application/json": { "schema": { "type": "array", "items": { "$ref": "#/components/schemas/DropbearInstances" } } } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Dropbear / Instances" ] }, "post": { "summary": "Create a instances", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/DropbearInstances" } } } }, "responses": { "200": { "description": "Created", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/DropbearInstances" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Dropbear / Instances" ] } }, "/dropbear/instances/{id}": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "get": { "summary": "Get one instances", "description": "Supports conditional GET via `If-None-Match` (or `?if_none_match=` query param for clients behind uhttpd's strict CGI env). A matching ETag returns 304 with no body.", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/DropbearInstances" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "304": { "description": "If-None-Match matched current ETag", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Dropbear / Instances" ] }, "put": { "summary": "Replace a instances", "description": "Honors `If-Match` (header or `?if_match=`). Stale ETag → 412.", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/DropbearInstances" } } } }, "responses": { "200": { "description": "Replaced", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/DropbearInstances" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Dropbear / Instances" ] }, "patch": { "summary": "Partially update a instances", "description": "Default content-type uses RFC 7396 merge-patch semantics (partial object). `application/json-patch+json` selects RFC 6902 JSON Patch with ops add/remove/replace/move/copy/test (the test op enables atomic compare-and-swap without If-Match).", "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object", "description": "merge-patch partial body" } }, "application/json-patch+json": { "schema": { "$ref": "#/components/schemas/JsonPatch" } } } }, "responses": { "200": { "description": "Updated", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/DropbearInstances" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Dropbear / Instances" ] }, "delete": { "summary": "Delete a instances", "responses": { "204": { "description": "Deleted", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Dropbear / Instances" ] } }, "/dropbear/instances/{id}/adopt": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "post": { "summary": "Adopt an anonymous dropbear instance", "description": "Adopt an anonymous dropbear instance into uapi management. The section is renamed to a uapi-generated ULID and `managed` flips to `true`; subsequent writes (PUT, PATCH, DELETE) are then permitted. **The id changes**: the response carries the new ULID; any client state pointing at the original anonymous id (`cfgXXXXXX`) must be updated. Idempotent: adopting an already-managed section returns 409 unmanaged_resource (see error envelope).", "responses": { "200": { "description": "Adopted", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/DropbearInstances" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Dropbear / Instances" ] } }, "/uhttpd/instances": { "get": { "summary": "List instances", "parameters": [ { "name": "managed", "in": "query", "required": false, "schema": { "type": "string", "enum": [ "true", "false" ] }, "description": "Filter by managed flag" } ], "responses": { "200": { "description": "OK", "headers": { "Link": { "$ref": "#/components/headers/Link" }, "X-Next-Cursor": { "$ref": "#/components/headers/XNextCursor" }, "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } }, "content": { "application/json": { "schema": { "type": "array", "items": { "$ref": "#/components/schemas/UhttpdInstances" } } } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Uhttpd / Instances" ] }, "post": { "summary": "Create a instances", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/UhttpdInstances" } } } }, "responses": { "200": { "description": "Created", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/UhttpdInstances" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Uhttpd / Instances" ] } }, "/uhttpd/instances/{id}": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "get": { "summary": "Get one instances", "description": "Supports conditional GET via `If-None-Match` (or `?if_none_match=` query param for clients behind uhttpd's strict CGI env). A matching ETag returns 304 with no body.", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/UhttpdInstances" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "304": { "description": "If-None-Match matched current ETag", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Uhttpd / Instances" ] }, "put": { "summary": "Replace a instances", "description": "Honors `If-Match` (header or `?if_match=`). Stale ETag → 412.", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/UhttpdInstances" } } } }, "responses": { "200": { "description": "Replaced", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/UhttpdInstances" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Uhttpd / Instances" ] }, "patch": { "summary": "Partially update a instances", "description": "Default content-type uses RFC 7396 merge-patch semantics (partial object). `application/json-patch+json` selects RFC 6902 JSON Patch with ops add/remove/replace/move/copy/test (the test op enables atomic compare-and-swap without If-Match).", "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object", "description": "merge-patch partial body" } }, "application/json-patch+json": { "schema": { "$ref": "#/components/schemas/JsonPatch" } } } }, "responses": { "200": { "description": "Updated", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/UhttpdInstances" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Uhttpd / Instances" ] }, "delete": { "summary": "Delete a instances", "responses": { "204": { "description": "Deleted", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Uhttpd / Instances" ] } }, "/uhttpd/instances/{id}/adopt": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "post": { "summary": "Adopt an anonymous uhttpd instance", "description": "Adopt an anonymous uhttpd instance into uapi management. The section is renamed to a uapi-generated ULID and `managed` flips to `true`; subsequent writes (PUT, PATCH, DELETE) are then permitted. **The id changes**: the response carries the new ULID; any client state pointing at the original anonymous id (`cfgXXXXXX`) must be updated. Idempotent: adopting an already-managed section returns 409 unmanaged_resource (see error envelope).", "responses": { "200": { "description": "Adopted", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/UhttpdInstances" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Uhttpd / Instances" ] } }, "/uhttpd/certs": { "get": { "summary": "List certs", "parameters": [ { "name": "managed", "in": "query", "required": false, "schema": { "type": "string", "enum": [ "true", "false" ] }, "description": "Filter by managed flag" } ], "responses": { "200": { "description": "OK", "headers": { "Link": { "$ref": "#/components/headers/Link" }, "X-Next-Cursor": { "$ref": "#/components/headers/XNextCursor" }, "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } }, "content": { "application/json": { "schema": { "type": "array", "items": { "$ref": "#/components/schemas/UhttpdCerts" } } } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Uhttpd / Certs" ] }, "post": { "summary": "Create a certs", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/UhttpdCerts" } } } }, "responses": { "200": { "description": "Created", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/UhttpdCerts" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Uhttpd / Certs" ] } }, "/uhttpd/certs/{id}": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "get": { "summary": "Get one certs", "description": "Supports conditional GET via `If-None-Match` (or `?if_none_match=` query param for clients behind uhttpd's strict CGI env). A matching ETag returns 304 with no body.", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/UhttpdCerts" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "304": { "description": "If-None-Match matched current ETag", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Uhttpd / Certs" ] }, "put": { "summary": "Replace a certs", "description": "Honors `If-Match` (header or `?if_match=`). Stale ETag → 412.", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/UhttpdCerts" } } } }, "responses": { "200": { "description": "Replaced", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/UhttpdCerts" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Uhttpd / Certs" ] }, "patch": { "summary": "Partially update a certs", "description": "Default content-type uses RFC 7396 merge-patch semantics (partial object). `application/json-patch+json` selects RFC 6902 JSON Patch with ops add/remove/replace/move/copy/test (the test op enables atomic compare-and-swap without If-Match).", "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object", "description": "merge-patch partial body" } }, "application/json-patch+json": { "schema": { "$ref": "#/components/schemas/JsonPatch" } } } }, "responses": { "200": { "description": "Updated", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/UhttpdCerts" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Uhttpd / Certs" ] }, "delete": { "summary": "Delete a certs", "responses": { "204": { "description": "Deleted", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Uhttpd / Certs" ] } }, "/uhttpd/certs/{id}/adopt": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "post": { "summary": "Adopt an anonymous uhttpd certificate", "description": "Adopt an anonymous uhttpd certificate into uapi management. The section is renamed to a uapi-generated ULID and `managed` flips to `true`; subsequent writes (PUT, PATCH, DELETE) are then permitted. **The id changes**: the response carries the new ULID; any client state pointing at the original anonymous id (`cfgXXXXXX`) must be updated. Idempotent: adopting an already-managed section returns 409 unmanaged_resource (see error envelope).", "responses": { "200": { "description": "Adopted", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/UhttpdCerts" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Uhttpd / Certs" ] } }, "/unbound/server": { "get": { "summary": "Get the unbound singleton", "description": "Conditional GET via If-None-Match (or ?if_none_match=).", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/UnboundServer" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "304": { "description": "If-None-Match matched current ETag", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Unbound / Server" ] }, "patch": { "summary": "Update the unbound singleton", "description": "Merge-patch by default; `application/json-patch+json` selects RFC 6902 ops.", "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object" } }, "application/json-patch+json": { "schema": { "$ref": "#/components/schemas/JsonPatch" } } } }, "responses": { "200": { "description": "Updated", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/UnboundServer" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Unbound / Server" ] } }, "/unbound/srv": { "get": { "summary": "Get the unbound singleton", "description": "Conditional GET via If-None-Match (or ?if_none_match=).", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/UnboundSrv" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "304": { "description": "If-None-Match matched current ETag", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Unbound / Srv" ] }, "patch": { "summary": "Update the unbound singleton", "description": "Merge-patch by default; `application/json-patch+json` selects RFC 6902 ops.", "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object" } }, "application/json-patch+json": { "schema": { "$ref": "#/components/schemas/JsonPatch" } } } }, "responses": { "200": { "description": "Updated", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/UnboundSrv" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Unbound / Srv" ] } }, "/unbound/ext": { "get": { "summary": "Get the unbound singleton", "description": "Conditional GET via If-None-Match (or ?if_none_match=).", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/UnboundExt" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "304": { "description": "If-None-Match matched current ETag", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Unbound / Ext" ] }, "patch": { "summary": "Update the unbound singleton", "description": "Merge-patch by default; `application/json-patch+json` selects RFC 6902 ops.", "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object" } }, "application/json-patch+json": { "schema": { "$ref": "#/components/schemas/JsonPatch" } } } }, "responses": { "200": { "description": "Updated", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/UnboundExt" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Unbound / Ext" ] } }, "/sqm/queues": { "get": { "summary": "List queues", "parameters": [ { "name": "managed", "in": "query", "required": false, "schema": { "type": "string", "enum": [ "true", "false" ] }, "description": "Filter by managed flag" } ], "responses": { "200": { "description": "OK", "headers": { "Link": { "$ref": "#/components/headers/Link" }, "X-Next-Cursor": { "$ref": "#/components/headers/XNextCursor" }, "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } }, "content": { "application/json": { "schema": { "type": "array", "items": { "$ref": "#/components/schemas/SqmQueues" } } } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Sqm / Queues" ] }, "post": { "summary": "Create a queues", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SqmQueues" } } } }, "responses": { "200": { "description": "Created", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SqmQueues" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Sqm / Queues" ] } }, "/sqm/queues/{id}": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "get": { "summary": "Get one queues", "description": "Supports conditional GET via `If-None-Match` (or `?if_none_match=` query param for clients behind uhttpd's strict CGI env). A matching ETag returns 304 with no body.", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SqmQueues" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "304": { "description": "If-None-Match matched current ETag", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Sqm / Queues" ] }, "put": { "summary": "Replace a queues", "description": "Honors `If-Match` (header or `?if_match=`). Stale ETag → 412.", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SqmQueues" } } } }, "responses": { "200": { "description": "Replaced", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SqmQueues" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Sqm / Queues" ] }, "patch": { "summary": "Partially update a queues", "description": "Default content-type uses RFC 7396 merge-patch semantics (partial object). `application/json-patch+json` selects RFC 6902 JSON Patch with ops add/remove/replace/move/copy/test (the test op enables atomic compare-and-swap without If-Match).", "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object", "description": "merge-patch partial body" } }, "application/json-patch+json": { "schema": { "$ref": "#/components/schemas/JsonPatch" } } } }, "responses": { "200": { "description": "Updated", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SqmQueues" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Sqm / Queues" ] }, "delete": { "summary": "Delete a queues", "responses": { "204": { "description": "Deleted", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Sqm / Queues" ] } }, "/sqm/queues/{id}/adopt": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "post": { "summary": "Adopt an anonymous SQM queue", "description": "Adopt an anonymous SQM queue into uapi management. The section is renamed to a uapi-generated ULID and `managed` flips to `true`; subsequent writes (PUT, PATCH, DELETE) are then permitted. **The id changes**: the response carries the new ULID; any client state pointing at the original anonymous id (`cfgXXXXXX`) must be updated. Idempotent: adopting an already-managed section returns 409 unmanaged_resource (see error envelope).", "responses": { "200": { "description": "Adopted", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SqmQueues" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Sqm / Queues" ] } }, "/snmpd/agents": { "get": { "summary": "List agents", "parameters": [ { "name": "managed", "in": "query", "required": false, "schema": { "type": "string", "enum": [ "true", "false" ] }, "description": "Filter by managed flag" } ], "responses": { "200": { "description": "OK", "headers": { "Link": { "$ref": "#/components/headers/Link" }, "X-Next-Cursor": { "$ref": "#/components/headers/XNextCursor" }, "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } }, "content": { "application/json": { "schema": { "type": "array", "items": { "$ref": "#/components/schemas/SnmpdAgents" } } } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Snmpd / Agents" ] }, "post": { "summary": "Create a agents", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SnmpdAgents" } } } }, "responses": { "200": { "description": "Created", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SnmpdAgents" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Snmpd / Agents" ] } }, "/snmpd/agents/{id}": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "get": { "summary": "Get one agents", "description": "Supports conditional GET via `If-None-Match` (or `?if_none_match=` query param for clients behind uhttpd's strict CGI env). A matching ETag returns 304 with no body.", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SnmpdAgents" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "304": { "description": "If-None-Match matched current ETag", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Snmpd / Agents" ] }, "put": { "summary": "Replace a agents", "description": "Honors `If-Match` (header or `?if_match=`). Stale ETag → 412.", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SnmpdAgents" } } } }, "responses": { "200": { "description": "Replaced", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SnmpdAgents" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Snmpd / Agents" ] }, "patch": { "summary": "Partially update a agents", "description": "Default content-type uses RFC 7396 merge-patch semantics (partial object). `application/json-patch+json` selects RFC 6902 JSON Patch with ops add/remove/replace/move/copy/test (the test op enables atomic compare-and-swap without If-Match).", "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object", "description": "merge-patch partial body" } }, "application/json-patch+json": { "schema": { "$ref": "#/components/schemas/JsonPatch" } } } }, "responses": { "200": { "description": "Updated", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SnmpdAgents" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Snmpd / Agents" ] }, "delete": { "summary": "Delete a agents", "responses": { "204": { "description": "Deleted", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Snmpd / Agents" ] } }, "/snmpd/agents/{id}/adopt": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "post": { "summary": "Adopt an anonymous SNMP agent", "description": "Adopt an anonymous SNMP agent into uapi management. The section is renamed to a uapi-generated ULID and `managed` flips to `true`; subsequent writes (PUT, PATCH, DELETE) are then permitted. **The id changes**: the response carries the new ULID; any client state pointing at the original anonymous id (`cfgXXXXXX`) must be updated. Idempotent: adopting an already-managed section returns 409 unmanaged_resource (see error envelope).", "responses": { "200": { "description": "Adopted", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SnmpdAgents" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Snmpd / Agents" ] } }, "/snmpd/com2secs": { "get": { "summary": "List com2secs", "parameters": [ { "name": "managed", "in": "query", "required": false, "schema": { "type": "string", "enum": [ "true", "false" ] }, "description": "Filter by managed flag" } ], "responses": { "200": { "description": "OK", "headers": { "Link": { "$ref": "#/components/headers/Link" }, "X-Next-Cursor": { "$ref": "#/components/headers/XNextCursor" }, "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } }, "content": { "application/json": { "schema": { "type": "array", "items": { "$ref": "#/components/schemas/SnmpdCom2secs" } } } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Snmpd / Com2secs" ] }, "post": { "summary": "Create a com2secs", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SnmpdCom2secs" } } } }, "responses": { "200": { "description": "Created", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SnmpdCom2secs" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Snmpd / Com2secs" ] } }, "/snmpd/com2secs/{id}": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "get": { "summary": "Get one com2secs", "description": "Supports conditional GET via `If-None-Match` (or `?if_none_match=` query param for clients behind uhttpd's strict CGI env). A matching ETag returns 304 with no body.", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SnmpdCom2secs" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "304": { "description": "If-None-Match matched current ETag", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Snmpd / Com2secs" ] }, "put": { "summary": "Replace a com2secs", "description": "Honors `If-Match` (header or `?if_match=`). Stale ETag → 412.", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SnmpdCom2secs" } } } }, "responses": { "200": { "description": "Replaced", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SnmpdCom2secs" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Snmpd / Com2secs" ] }, "patch": { "summary": "Partially update a com2secs", "description": "Default content-type uses RFC 7396 merge-patch semantics (partial object). `application/json-patch+json` selects RFC 6902 JSON Patch with ops add/remove/replace/move/copy/test (the test op enables atomic compare-and-swap without If-Match).", "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object", "description": "merge-patch partial body" } }, "application/json-patch+json": { "schema": { "$ref": "#/components/schemas/JsonPatch" } } } }, "responses": { "200": { "description": "Updated", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SnmpdCom2secs" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Snmpd / Com2secs" ] }, "delete": { "summary": "Delete a com2secs", "responses": { "204": { "description": "Deleted", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Snmpd / Com2secs" ] } }, "/snmpd/com2secs/{id}/adopt": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "post": { "summary": "Adopt an anonymous SNMP community-to-security mapping", "description": "Adopt an anonymous SNMP community-to-security mapping into uapi management. The section is renamed to a uapi-generated ULID and `managed` flips to `true`; subsequent writes (PUT, PATCH, DELETE) are then permitted. **The id changes**: the response carries the new ULID; any client state pointing at the original anonymous id (`cfgXXXXXX`) must be updated. Idempotent: adopting an already-managed section returns 409 unmanaged_resource (see error envelope).", "responses": { "200": { "description": "Adopted", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SnmpdCom2secs" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Snmpd / Com2secs" ] } }, "/snmpd/groups": { "get": { "summary": "List groups", "parameters": [ { "name": "managed", "in": "query", "required": false, "schema": { "type": "string", "enum": [ "true", "false" ] }, "description": "Filter by managed flag" } ], "responses": { "200": { "description": "OK", "headers": { "Link": { "$ref": "#/components/headers/Link" }, "X-Next-Cursor": { "$ref": "#/components/headers/XNextCursor" }, "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } }, "content": { "application/json": { "schema": { "type": "array", "items": { "$ref": "#/components/schemas/SnmpdGroups" } } } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Snmpd / Groups" ] }, "post": { "summary": "Create a groups", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SnmpdGroups" } } } }, "responses": { "200": { "description": "Created", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SnmpdGroups" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Snmpd / Groups" ] } }, "/snmpd/groups/{id}": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "get": { "summary": "Get one groups", "description": "Supports conditional GET via `If-None-Match` (or `?if_none_match=` query param for clients behind uhttpd's strict CGI env). A matching ETag returns 304 with no body.", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SnmpdGroups" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "304": { "description": "If-None-Match matched current ETag", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Snmpd / Groups" ] }, "put": { "summary": "Replace a groups", "description": "Honors `If-Match` (header or `?if_match=`). Stale ETag → 412.", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SnmpdGroups" } } } }, "responses": { "200": { "description": "Replaced", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SnmpdGroups" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Snmpd / Groups" ] }, "patch": { "summary": "Partially update a groups", "description": "Default content-type uses RFC 7396 merge-patch semantics (partial object). `application/json-patch+json` selects RFC 6902 JSON Patch with ops add/remove/replace/move/copy/test (the test op enables atomic compare-and-swap without If-Match).", "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object", "description": "merge-patch partial body" } }, "application/json-patch+json": { "schema": { "$ref": "#/components/schemas/JsonPatch" } } } }, "responses": { "200": { "description": "Updated", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SnmpdGroups" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Snmpd / Groups" ] }, "delete": { "summary": "Delete a groups", "responses": { "204": { "description": "Deleted", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Snmpd / Groups" ] } }, "/snmpd/groups/{id}/adopt": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "post": { "summary": "Adopt an anonymous SNMP group", "description": "Adopt an anonymous SNMP group into uapi management. The section is renamed to a uapi-generated ULID and `managed` flips to `true`; subsequent writes (PUT, PATCH, DELETE) are then permitted. **The id changes**: the response carries the new ULID; any client state pointing at the original anonymous id (`cfgXXXXXX`) must be updated. Idempotent: adopting an already-managed section returns 409 unmanaged_resource (see error envelope).", "responses": { "200": { "description": "Adopted", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SnmpdGroups" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Snmpd / Groups" ] } }, "/snmpd/accesses": { "get": { "summary": "List accesses", "parameters": [ { "name": "managed", "in": "query", "required": false, "schema": { "type": "string", "enum": [ "true", "false" ] }, "description": "Filter by managed flag" } ], "responses": { "200": { "description": "OK", "headers": { "Link": { "$ref": "#/components/headers/Link" }, "X-Next-Cursor": { "$ref": "#/components/headers/XNextCursor" }, "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } }, "content": { "application/json": { "schema": { "type": "array", "items": { "$ref": "#/components/schemas/SnmpdAccesses" } } } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Snmpd / Accesses" ] }, "post": { "summary": "Create a accesses", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SnmpdAccesses" } } } }, "responses": { "200": { "description": "Created", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SnmpdAccesses" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Snmpd / Accesses" ] } }, "/snmpd/accesses/{id}": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "get": { "summary": "Get one accesses", "description": "Supports conditional GET via `If-None-Match` (or `?if_none_match=` query param for clients behind uhttpd's strict CGI env). A matching ETag returns 304 with no body.", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SnmpdAccesses" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "304": { "description": "If-None-Match matched current ETag", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Snmpd / Accesses" ] }, "put": { "summary": "Replace a accesses", "description": "Honors `If-Match` (header or `?if_match=`). Stale ETag → 412.", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SnmpdAccesses" } } } }, "responses": { "200": { "description": "Replaced", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SnmpdAccesses" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Snmpd / Accesses" ] }, "patch": { "summary": "Partially update a accesses", "description": "Default content-type uses RFC 7396 merge-patch semantics (partial object). `application/json-patch+json` selects RFC 6902 JSON Patch with ops add/remove/replace/move/copy/test (the test op enables atomic compare-and-swap without If-Match).", "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object", "description": "merge-patch partial body" } }, "application/json-patch+json": { "schema": { "$ref": "#/components/schemas/JsonPatch" } } } }, "responses": { "200": { "description": "Updated", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SnmpdAccesses" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Snmpd / Accesses" ] }, "delete": { "summary": "Delete a accesses", "responses": { "204": { "description": "Deleted", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Snmpd / Accesses" ] } }, "/snmpd/accesses/{id}/adopt": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "post": { "summary": "Adopt an anonymous SNMP access ACL", "description": "Adopt an anonymous SNMP access ACL into uapi management. The section is renamed to a uapi-generated ULID and `managed` flips to `true`; subsequent writes (PUT, PATCH, DELETE) are then permitted. **The id changes**: the response carries the new ULID; any client state pointing at the original anonymous id (`cfgXXXXXX`) must be updated. Idempotent: adopting an already-managed section returns 409 unmanaged_resource (see error envelope).", "responses": { "200": { "description": "Adopted", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SnmpdAccesses" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Snmpd / Accesses" ] } }, "/snmpd/system": { "get": { "summary": "Get the snmpd singleton", "description": "Conditional GET via If-None-Match (or ?if_none_match=).", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SnmpdSystem" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "304": { "description": "If-None-Match matched current ETag", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Snmpd / System" ] }, "patch": { "summary": "Update the snmpd singleton", "description": "Merge-patch by default; `application/json-patch+json` selects RFC 6902 ops.", "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object" } }, "application/json-patch+json": { "schema": { "$ref": "#/components/schemas/JsonPatch" } } } }, "responses": { "200": { "description": "Updated", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SnmpdSystem" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Snmpd / System" ] } }, "/lldpd/config": { "get": { "summary": "Get the lldpd singleton", "description": "Conditional GET via If-None-Match (or ?if_none_match=).", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/LldpdConfig" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "304": { "description": "If-None-Match matched current ETag", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Lldpd / Config" ] }, "patch": { "summary": "Update the lldpd singleton", "description": "Merge-patch by default; `application/json-patch+json` selects RFC 6902 ops.", "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object" } }, "application/json-patch+json": { "schema": { "$ref": "#/components/schemas/JsonPatch" } } } }, "responses": { "200": { "description": "Updated", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/LldpdConfig" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Lldpd / Config" ] } }, "/prometheus_node_exporter_lua/config": { "get": { "summary": "Get the prometheus_node_exporter_lua singleton", "description": "Conditional GET via If-None-Match (or ?if_none_match=).", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/PrometheusNodeExporterLuaConfig" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "304": { "description": "If-None-Match matched current ETag", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Prometheus Node Exporter Lua / Config" ] }, "patch": { "summary": "Update the prometheus_node_exporter_lua singleton", "description": "Merge-patch by default; `application/json-patch+json` selects RFC 6902 ops.", "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object" } }, "application/json-patch+json": { "schema": { "$ref": "#/components/schemas/JsonPatch" } } } }, "responses": { "200": { "description": "Updated", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/PrometheusNodeExporterLuaConfig" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Prometheus Node Exporter Lua / Config" ] } }, "/vnstat/config": { "get": { "summary": "Get the vnstat singleton", "description": "Conditional GET via If-None-Match (or ?if_none_match=).", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/VnstatConfig" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "304": { "description": "If-None-Match matched current ETag", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Vnstat / Config" ] }, "patch": { "summary": "Update the vnstat singleton", "description": "Merge-patch by default; `application/json-patch+json` selects RFC 6902 ops.", "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object" } }, "application/json-patch+json": { "schema": { "$ref": "#/components/schemas/JsonPatch" } } } }, "responses": { "200": { "description": "Updated", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/VnstatConfig" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Vnstat / Config" ] } }, "/vnstat/interfaces": { "get": { "summary": "List interfaces", "parameters": [ { "name": "managed", "in": "query", "required": false, "schema": { "type": "string", "enum": [ "true", "false" ] }, "description": "Filter by managed flag" } ], "responses": { "200": { "description": "OK", "headers": { "Link": { "$ref": "#/components/headers/Link" }, "X-Next-Cursor": { "$ref": "#/components/headers/XNextCursor" }, "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } }, "content": { "application/json": { "schema": { "type": "array", "items": { "$ref": "#/components/schemas/VnstatInterfaces" } } } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Vnstat / Interfaces" ] }, "post": { "summary": "Create a interfaces", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/VnstatInterfaces" } } } }, "responses": { "200": { "description": "Created", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/VnstatInterfaces" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Vnstat / Interfaces" ] } }, "/vnstat/interfaces/{id}": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "get": { "summary": "Get one interfaces", "description": "Supports conditional GET via `If-None-Match` (or `?if_none_match=` query param for clients behind uhttpd's strict CGI env). A matching ETag returns 304 with no body.", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/VnstatInterfaces" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "304": { "description": "If-None-Match matched current ETag", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Vnstat / Interfaces" ] }, "put": { "summary": "Replace a interfaces", "description": "Honors `If-Match` (header or `?if_match=`). Stale ETag → 412.", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/VnstatInterfaces" } } } }, "responses": { "200": { "description": "Replaced", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/VnstatInterfaces" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Vnstat / Interfaces" ] }, "patch": { "summary": "Partially update a interfaces", "description": "Default content-type uses RFC 7396 merge-patch semantics (partial object). `application/json-patch+json` selects RFC 6902 JSON Patch with ops add/remove/replace/move/copy/test (the test op enables atomic compare-and-swap without If-Match).", "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object", "description": "merge-patch partial body" } }, "application/json-patch+json": { "schema": { "$ref": "#/components/schemas/JsonPatch" } } } }, "responses": { "200": { "description": "Updated", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/VnstatInterfaces" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Vnstat / Interfaces" ] }, "delete": { "summary": "Delete a interfaces", "responses": { "204": { "description": "Deleted", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Vnstat / Interfaces" ] } }, "/vnstat/interfaces/{id}/adopt": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "post": { "summary": "Adopt an anonymous vnstat interface", "description": "Adopt an anonymous vnstat interface into uapi management. The section is renamed to a uapi-generated ULID and `managed` flips to `true`; subsequent writes (PUT, PATCH, DELETE) are then permitted. **The id changes**: the response carries the new ULID; any client state pointing at the original anonymous id (`cfgXXXXXX`) must be updated. Idempotent: adopting an already-managed section returns 409 unmanaged_resource (see error envelope).", "responses": { "200": { "description": "Adopted", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/VnstatInterfaces" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Vnstat / Interfaces" ] } }, "/mwan3/globals": { "get": { "summary": "Get the mwan3 singleton", "description": "Conditional GET via If-None-Match (or ?if_none_match=).", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Mwan3Globals" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "304": { "description": "If-None-Match matched current ETag", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Mwan3 / Globals" ] }, "patch": { "summary": "Update the mwan3 singleton", "description": "Merge-patch by default; `application/json-patch+json` selects RFC 6902 ops.", "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object" } }, "application/json-patch+json": { "schema": { "$ref": "#/components/schemas/JsonPatch" } } } }, "responses": { "200": { "description": "Updated", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Mwan3Globals" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Mwan3 / Globals" ] } }, "/mwan3/interfaces": { "get": { "summary": "List interfaces", "parameters": [ { "name": "managed", "in": "query", "required": false, "schema": { "type": "string", "enum": [ "true", "false" ] }, "description": "Filter by managed flag" } ], "responses": { "200": { "description": "OK", "headers": { "Link": { "$ref": "#/components/headers/Link" }, "X-Next-Cursor": { "$ref": "#/components/headers/XNextCursor" }, "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } }, "content": { "application/json": { "schema": { "type": "array", "items": { "$ref": "#/components/schemas/Mwan3Interfaces" } } } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Mwan3 / Interfaces" ] }, "post": { "summary": "Create a interfaces", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Mwan3Interfaces" } } } }, "responses": { "200": { "description": "Created", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Mwan3Interfaces" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Mwan3 / Interfaces" ] } }, "/mwan3/interfaces/{id}": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "get": { "summary": "Get one interfaces", "description": "Supports conditional GET via `If-None-Match` (or `?if_none_match=` query param for clients behind uhttpd's strict CGI env). A matching ETag returns 304 with no body.", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Mwan3Interfaces" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "304": { "description": "If-None-Match matched current ETag", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Mwan3 / Interfaces" ] }, "put": { "summary": "Replace a interfaces", "description": "Honors `If-Match` (header or `?if_match=`). Stale ETag → 412.", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Mwan3Interfaces" } } } }, "responses": { "200": { "description": "Replaced", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Mwan3Interfaces" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Mwan3 / Interfaces" ] }, "patch": { "summary": "Partially update a interfaces", "description": "Default content-type uses RFC 7396 merge-patch semantics (partial object). `application/json-patch+json` selects RFC 6902 JSON Patch with ops add/remove/replace/move/copy/test (the test op enables atomic compare-and-swap without If-Match).", "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object", "description": "merge-patch partial body" } }, "application/json-patch+json": { "schema": { "$ref": "#/components/schemas/JsonPatch" } } } }, "responses": { "200": { "description": "Updated", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Mwan3Interfaces" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Mwan3 / Interfaces" ] }, "delete": { "summary": "Delete a interfaces", "responses": { "204": { "description": "Deleted", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Mwan3 / Interfaces" ] } }, "/mwan3/interfaces/{id}/adopt": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "post": { "summary": "Adopt an anonymous mwan3 interface", "description": "Adopt an anonymous mwan3 interface into uapi management. The section is renamed to a uapi-generated ULID and `managed` flips to `true`; subsequent writes (PUT, PATCH, DELETE) are then permitted. **The id changes**: the response carries the new ULID; any client state pointing at the original anonymous id (`cfgXXXXXX`) must be updated. Idempotent: adopting an already-managed section returns 409 unmanaged_resource (see error envelope).", "responses": { "200": { "description": "Adopted", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Mwan3Interfaces" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Mwan3 / Interfaces" ] } }, "/mwan3/members": { "get": { "summary": "List members", "parameters": [ { "name": "managed", "in": "query", "required": false, "schema": { "type": "string", "enum": [ "true", "false" ] }, "description": "Filter by managed flag" } ], "responses": { "200": { "description": "OK", "headers": { "Link": { "$ref": "#/components/headers/Link" }, "X-Next-Cursor": { "$ref": "#/components/headers/XNextCursor" }, "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } }, "content": { "application/json": { "schema": { "type": "array", "items": { "$ref": "#/components/schemas/Mwan3Members" } } } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Mwan3 / Members" ] }, "post": { "summary": "Create a members", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Mwan3Members" } } } }, "responses": { "200": { "description": "Created", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Mwan3Members" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Mwan3 / Members" ] } }, "/mwan3/members/{id}": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "get": { "summary": "Get one members", "description": "Supports conditional GET via `If-None-Match` (or `?if_none_match=` query param for clients behind uhttpd's strict CGI env). A matching ETag returns 304 with no body.", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Mwan3Members" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "304": { "description": "If-None-Match matched current ETag", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Mwan3 / Members" ] }, "put": { "summary": "Replace a members", "description": "Honors `If-Match` (header or `?if_match=`). Stale ETag → 412.", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Mwan3Members" } } } }, "responses": { "200": { "description": "Replaced", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Mwan3Members" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Mwan3 / Members" ] }, "patch": { "summary": "Partially update a members", "description": "Default content-type uses RFC 7396 merge-patch semantics (partial object). `application/json-patch+json` selects RFC 6902 JSON Patch with ops add/remove/replace/move/copy/test (the test op enables atomic compare-and-swap without If-Match).", "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object", "description": "merge-patch partial body" } }, "application/json-patch+json": { "schema": { "$ref": "#/components/schemas/JsonPatch" } } } }, "responses": { "200": { "description": "Updated", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Mwan3Members" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Mwan3 / Members" ] }, "delete": { "summary": "Delete a members", "responses": { "204": { "description": "Deleted", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Mwan3 / Members" ] } }, "/mwan3/members/{id}/adopt": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "post": { "summary": "Adopt an anonymous mwan3 member", "description": "Adopt an anonymous mwan3 member into uapi management. The section is renamed to a uapi-generated ULID and `managed` flips to `true`; subsequent writes (PUT, PATCH, DELETE) are then permitted. **The id changes**: the response carries the new ULID; any client state pointing at the original anonymous id (`cfgXXXXXX`) must be updated. Idempotent: adopting an already-managed section returns 409 unmanaged_resource (see error envelope).", "responses": { "200": { "description": "Adopted", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Mwan3Members" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Mwan3 / Members" ] } }, "/mwan3/policies": { "get": { "summary": "List policies", "parameters": [ { "name": "managed", "in": "query", "required": false, "schema": { "type": "string", "enum": [ "true", "false" ] }, "description": "Filter by managed flag" } ], "responses": { "200": { "description": "OK", "headers": { "Link": { "$ref": "#/components/headers/Link" }, "X-Next-Cursor": { "$ref": "#/components/headers/XNextCursor" }, "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } }, "content": { "application/json": { "schema": { "type": "array", "items": { "$ref": "#/components/schemas/Mwan3Policies" } } } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Mwan3 / Policies" ] }, "post": { "summary": "Create a policies", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Mwan3Policies" } } } }, "responses": { "200": { "description": "Created", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Mwan3Policies" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Mwan3 / Policies" ] } }, "/mwan3/policies/{id}": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "get": { "summary": "Get one policies", "description": "Supports conditional GET via `If-None-Match` (or `?if_none_match=` query param for clients behind uhttpd's strict CGI env). A matching ETag returns 304 with no body.", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Mwan3Policies" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "304": { "description": "If-None-Match matched current ETag", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Mwan3 / Policies" ] }, "put": { "summary": "Replace a policies", "description": "Honors `If-Match` (header or `?if_match=`). Stale ETag → 412.", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Mwan3Policies" } } } }, "responses": { "200": { "description": "Replaced", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Mwan3Policies" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Mwan3 / Policies" ] }, "patch": { "summary": "Partially update a policies", "description": "Default content-type uses RFC 7396 merge-patch semantics (partial object). `application/json-patch+json` selects RFC 6902 JSON Patch with ops add/remove/replace/move/copy/test (the test op enables atomic compare-and-swap without If-Match).", "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object", "description": "merge-patch partial body" } }, "application/json-patch+json": { "schema": { "$ref": "#/components/schemas/JsonPatch" } } } }, "responses": { "200": { "description": "Updated", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Mwan3Policies" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Mwan3 / Policies" ] }, "delete": { "summary": "Delete a policies", "responses": { "204": { "description": "Deleted", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Mwan3 / Policies" ] } }, "/mwan3/policies/{id}/adopt": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "post": { "summary": "Adopt an anonymous mwan3 policy", "description": "Adopt an anonymous mwan3 policy into uapi management. The section is renamed to a uapi-generated ULID and `managed` flips to `true`; subsequent writes (PUT, PATCH, DELETE) are then permitted. **The id changes**: the response carries the new ULID; any client state pointing at the original anonymous id (`cfgXXXXXX`) must be updated. Idempotent: adopting an already-managed section returns 409 unmanaged_resource (see error envelope).", "responses": { "200": { "description": "Adopted", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Mwan3Policies" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Mwan3 / Policies" ] } }, "/mwan3/rules": { "get": { "summary": "List rules", "parameters": [ { "name": "managed", "in": "query", "required": false, "schema": { "type": "string", "enum": [ "true", "false" ] }, "description": "Filter by managed flag" } ], "responses": { "200": { "description": "OK", "headers": { "Link": { "$ref": "#/components/headers/Link" }, "X-Next-Cursor": { "$ref": "#/components/headers/XNextCursor" }, "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } }, "content": { "application/json": { "schema": { "type": "array", "items": { "$ref": "#/components/schemas/Mwan3Rules" } } } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Mwan3 / Rules" ] }, "post": { "summary": "Create a rules", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Mwan3Rules" } } } }, "responses": { "200": { "description": "Created", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Mwan3Rules" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Mwan3 / Rules" ] } }, "/mwan3/rules/{id}": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "get": { "summary": "Get one rules", "description": "Supports conditional GET via `If-None-Match` (or `?if_none_match=` query param for clients behind uhttpd's strict CGI env). A matching ETag returns 304 with no body.", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Mwan3Rules" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "304": { "description": "If-None-Match matched current ETag", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Mwan3 / Rules" ] }, "put": { "summary": "Replace a rules", "description": "Honors `If-Match` (header or `?if_match=`). Stale ETag → 412.", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Mwan3Rules" } } } }, "responses": { "200": { "description": "Replaced", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Mwan3Rules" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Mwan3 / Rules" ] }, "patch": { "summary": "Partially update a rules", "description": "Default content-type uses RFC 7396 merge-patch semantics (partial object). `application/json-patch+json` selects RFC 6902 JSON Patch with ops add/remove/replace/move/copy/test (the test op enables atomic compare-and-swap without If-Match).", "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object", "description": "merge-patch partial body" } }, "application/json-patch+json": { "schema": { "$ref": "#/components/schemas/JsonPatch" } } } }, "responses": { "200": { "description": "Updated", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Mwan3Rules" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Mwan3 / Rules" ] }, "delete": { "summary": "Delete a rules", "responses": { "204": { "description": "Deleted", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Mwan3 / Rules" ] } }, "/mwan3/rules/{id}/adopt": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "post": { "summary": "Adopt an anonymous mwan3 rule", "description": "Adopt an anonymous mwan3 rule into uapi management. The section is renamed to a uapi-generated ULID and `managed` flips to `true`; subsequent writes (PUT, PATCH, DELETE) are then permitted. **The id changes**: the response carries the new ULID; any client state pointing at the original anonymous id (`cfgXXXXXX`) must be updated. Idempotent: adopting an already-managed section returns 409 unmanaged_resource (see error envelope).", "responses": { "200": { "description": "Adopted", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Mwan3Rules" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Mwan3 / Rules" ] } }, "/usteer/config": { "get": { "summary": "Get the usteer singleton", "description": "Conditional GET via If-None-Match (or ?if_none_match=).", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/UsteerConfig" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "304": { "description": "If-None-Match matched current ETag", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Usteer / Config" ] }, "patch": { "summary": "Update the usteer singleton", "description": "Merge-patch by default; `application/json-patch+json` selects RFC 6902 ops.", "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object" } }, "application/json-patch+json": { "schema": { "$ref": "#/components/schemas/JsonPatch" } } } }, "responses": { "200": { "description": "Updated", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/UsteerConfig" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Usteer / Config" ] } }, "/openvpn/instances": { "get": { "summary": "List instances", "parameters": [ { "name": "managed", "in": "query", "required": false, "schema": { "type": "string", "enum": [ "true", "false" ] }, "description": "Filter by managed flag" } ], "responses": { "200": { "description": "OK", "headers": { "Link": { "$ref": "#/components/headers/Link" }, "X-Next-Cursor": { "$ref": "#/components/headers/XNextCursor" }, "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } }, "content": { "application/json": { "schema": { "type": "array", "items": { "$ref": "#/components/schemas/OpenvpnInstances" } } } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Openvpn / Instances" ] }, "post": { "summary": "Create a instances", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/OpenvpnInstances" } } } }, "responses": { "200": { "description": "Created", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/OpenvpnInstances" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Openvpn / Instances" ] } }, "/openvpn/instances/{id}": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "get": { "summary": "Get one instances", "description": "Supports conditional GET via `If-None-Match` (or `?if_none_match=` query param for clients behind uhttpd's strict CGI env). A matching ETag returns 304 with no body.", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/OpenvpnInstances" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "304": { "description": "If-None-Match matched current ETag", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Openvpn / Instances" ] }, "put": { "summary": "Replace a instances", "description": "Honors `If-Match` (header or `?if_match=`). Stale ETag → 412.", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/OpenvpnInstances" } } } }, "responses": { "200": { "description": "Replaced", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/OpenvpnInstances" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Openvpn / Instances" ] }, "patch": { "summary": "Partially update a instances", "description": "Default content-type uses RFC 7396 merge-patch semantics (partial object). `application/json-patch+json` selects RFC 6902 JSON Patch with ops add/remove/replace/move/copy/test (the test op enables atomic compare-and-swap without If-Match).", "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object", "description": "merge-patch partial body" } }, "application/json-patch+json": { "schema": { "$ref": "#/components/schemas/JsonPatch" } } } }, "responses": { "200": { "description": "Updated", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/OpenvpnInstances" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Openvpn / Instances" ] }, "delete": { "summary": "Delete a instances", "responses": { "204": { "description": "Deleted", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Openvpn / Instances" ] } }, "/openvpn/instances/{id}/adopt": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" }, "description": "Section identifier (uapi-generated ULID for managed sections, uci cfg-name for unmanaged)" } ], "post": { "summary": "Adopt an anonymous openvpn instance", "description": "Adopt an anonymous openvpn instance into uapi management. The section is renamed to a uapi-generated ULID and `managed` flips to `true`; subsequent writes (PUT, PATCH, DELETE) are then permitted. **The id changes**: the response carries the new ULID; any client state pointing at the original anonymous id (`cfgXXXXXX`) must be updated. Idempotent: adopting an already-managed section returns 409 unmanaged_resource (see error envelope).", "responses": { "200": { "description": "Adopted", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/OpenvpnInstances" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Openvpn / Instances" ] } }, "/raw/{package}": { "parameters": [ { "name": "package", "in": "path", "required": true, "schema": { "type": "string" } } ], "get": { "summary": "List raw uci sections for a package", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/RawSection" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Raw / Generic uci passthrough" ] }, "post": { "summary": "Create a raw uci section", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/RawSection" } } } }, "responses": { "200": { "description": "Created", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/RawWriteResult" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Raw / Generic uci passthrough" ] } }, "/raw/{package}/{id}": { "parameters": [ { "name": "package", "in": "path", "required": true, "schema": { "type": "string" } }, { "name": "id", "in": "path", "required": true, "schema": { "type": "string" } } ], "get": { "summary": "Get a raw uci section", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/RawSection" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Raw / Generic uci passthrough" ] }, "put": { "summary": "Replace a raw uci section", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/RawSection" } } } }, "responses": { "200": { "description": "Replaced", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/RawWriteResult" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Raw / Generic uci passthrough" ] }, "patch": { "summary": "Partially update a raw uci section", "requestBody": { "required": true, "content": { "application/json": { "schema": { "type": "object" } } } }, "responses": { "200": { "description": "Updated", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/RawWriteResult" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Raw / Generic uci passthrough" ] }, "delete": { "summary": "Delete a raw uci section", "responses": { "204": { "description": "Deleted", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Raw / Generic uci passthrough" ] } }, "/packages/installed": { "get": { "summary": "List installed apk packages", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "type": "array", "items": { "$ref": "#/components/schemas/InstalledPackage" } } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Packages / Installed" ] }, "post": { "summary": "Install a package (apk add)", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/PackageInstallRequest" } } } }, "responses": { "200": { "description": "Installed", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/InstalledPackage" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Packages / Installed" ] } }, "/packages/installed/{name}": { "parameters": [ { "name": "name", "in": "path", "required": true, "schema": { "type": "string" } } ], "get": { "summary": "Get info on an installed package", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/InstalledPackage" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Packages / Installed" ] }, "delete": { "summary": "Remove a package (apk del)", "responses": { "204": { "description": "Removed", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Packages / Installed" ] } }, "/packages/feeds": { "get": { "summary": "List apk feeds under /etc/apk/repositories.d", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "type": "array", "items": { "$ref": "#/components/schemas/PackageFeed" } } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Packages / Feeds" ] }, "post": { "summary": "Create a new apk feed file and run apk update", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/PackageFeedCreateRequest" } } } }, "responses": { "200": { "description": "Created", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/PackageFeed" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Packages / Feeds" ] } }, "/packages/feeds/{id}": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" } } ], "get": { "summary": "Get one apk feed by id", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/PackageFeed" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Packages / Feeds" ] }, "delete": { "summary": "Delete an apk feed and re-run apk update", "responses": { "204": { "description": "Removed", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Packages / Feeds" ] } }, "/system/password": { "post": { "summary": "Set the password for a local user (write-only; shells out to passwd)", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SystemPasswordRequest" } } } }, "responses": { "204": { "description": "Password set", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "System / Password" ] } }, "/system/authorized_keys": { "get": { "summary": "List installed SSH public keys", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "type": "array", "items": { "$ref": "#/components/schemas/SSHAuthorizedKey" } } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "System / SSH authorized keys" ] }, "post": { "summary": "Add a single SSH public key", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SSHKeyAddRequest" } } } }, "responses": { "200": { "description": "Added", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SSHAuthorizedKey" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "System / SSH authorized keys" ] }, "put": { "summary": "Replace the authorized_keys list wholesale", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SSHKeyReplaceRequest" } } } }, "responses": { "200": { "description": "Replaced", "content": { "application/json": { "schema": { "type": "array", "items": { "$ref": "#/components/schemas/SSHAuthorizedKey" } } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "System / SSH authorized keys" ] } }, "/system/authorized_keys/{id}": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string", "pattern": "^[a-f0-9]{12}$" } } ], "get": { "summary": "Get a single SSH key by stable id", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SSHAuthorizedKey" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "System / SSH authorized keys" ] }, "delete": { "summary": "Remove a single SSH key by stable id", "responses": { "204": { "description": "Removed", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "System / SSH authorized keys" ] } }, "/healthz": { "get": { "summary": "Liveness check (no auth required)", "security": [ ], "responses": { "200": { "description": "All subsystems ok", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Healthz" } } } }, "503": { "description": "At least one subsystem degraded", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Healthz" } } } } }, "tags": [ "Operational / Healthz" ] } }, "/openapi.json": { "get": { "summary": "Retrieve this OpenAPI document (no auth required)", "security": [ ], "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "type": "object" } } } } }, "tags": [ "Operational / OpenAPI spec" ] } }, "/schema": { "get": { "summary": "List every curated resource key (no auth)", "security": [ ], "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "type": "object", "properties": { "resources": { "type": "array", "items": { "type": "string" } } } } } } } }, "tags": [ "Operational / Schema discovery" ] } }, "/schema/{package}": { "parameters": [ { "name": "package", "in": "path", "required": true, "schema": { "type": "string" } } ], "get": { "summary": "Schemas for every resource in one package (no auth)", "security": [ ], "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "type": "object" } } } }, "404": { "$ref": "#/components/responses/NotFound" } }, "tags": [ "Operational / Schema discovery" ] } }, "/schema/{package}/{resource}": { "parameters": [ { "name": "package", "in": "path", "required": true, "schema": { "type": "string" } }, { "name": "resource", "in": "path", "required": true, "schema": { "type": "string" } } ], "get": { "summary": "Schema for one curated resource (no auth)", "security": [ ], "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/ResourceSchema" } } } }, "404": { "$ref": "#/components/responses/NotFound" } }, "tags": [ "Operational / Schema discovery" ] } }, "/auth/whoami": { "get": { "summary": "Introspection: the calling token's own metadata", "description": "No additional scope check. Any authenticated bearer can read its own metadata.", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/WhoamiResponse" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Auth / Whoami" ] } }, "/tokens": { "get": { "summary": "List all tokens (no secrets surfaced)", "description": "Scope: uapi:tokens:ro (or *:ro). Each entry omits salt and hash.", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "type": "object", "properties": { "tokens": { "type": "array", "items": { "$ref": "#/components/schemas/TokenMetadata" } } } } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Auth / Tokens" ] }, "post": { "summary": "Mint a new token over HTTP", "description": "Scope: uapi:tokens:rw (or *:rw). Requested scopes MUST be a strict subset of the caller's own; escalation returns 403 scope_escalation_blocked. The cleartext bearer is returned exactly once.", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/TokenCreateRequest" } } } }, "responses": { "200": { "description": "Created", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/TokenCreateResponse" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Auth / Tokens" ] } }, "/tokens/{id}": { "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string" } } ], "get": { "summary": "Get one token's metadata", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/TokenMetadata" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Auth / Tokens" ] }, "delete": { "summary": "Revoke a token", "responses": { "204": { "description": "Revoked", "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Auth / Tokens" ] } }, "/metrics": { "get": { "summary": "Prometheus 0.0.4 text exposition", "description": "Scope: uapi:metrics:ro (or *:ro). Series: uapi_requests_total, uapi_request_duration_seconds_bucket, uapi_request_duration_seconds_count, uapi_rate_limit_drops_total, uapi_lock_contention_total, uapi_validate_errors_total. Path-template labels normalize concrete ids to :id to keep cardinality bounded.", "responses": { "200": { "description": "OK", "content": { "text/plain": { "schema": { "type": "string" }, "example": "uapi_requests_total{method=\"GET\",path=\"/firewall/rules\",status=\"200\"} 42\n" } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Operational / Metrics" ] } }, "/diagnostics": { "get": { "summary": "Operational snapshot (lock state, uptime, loaded resources)", "description": "Scope: uapi:diagnostics:ro (or *:ro).", "responses": { "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/DiagnosticsResponse" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "ETag": { "$ref": "#/components/headers/ETag" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" } }, "tags": [ "Operational / Diagnostics" ] } }, "/batch": { "post": { "summary": "Multi-package atomic transaction", "description": "Each sub-request is scope-checked independently. Pure-read batches acquire no lock. Writes acquire per-package EX locks in sorted order (deadlock-free) under one combined snapshot/restore. First sub-request failure aborts the batch and reverts all packages; success returns 207 Multi-Status with the per-sub-request results. Max 50 ops.", "requestBody": { "required": true, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/BatchRequest" } } } }, "responses": { "207": { "description": "Multi-Status: every sub-request succeeded", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/BatchResponse" } } }, "headers": { "X-Request-Id": { "$ref": "#/components/headers/XRequestId" }, "X-Reload-Status": { "$ref": "#/components/headers/XReloadStatus" }, "X-Reload-Services": { "$ref": "#/components/headers/XReloadServices" }, "Idempotent-Replayed": { "$ref": "#/components/headers/IdempotentReplayed" } } }, "400": { "$ref": "#/components/responses/BadRequest" }, "401": { "$ref": "#/components/responses/Unauthorized" }, "403": { "$ref": "#/components/responses/Forbidden" }, "404": { "$ref": "#/components/responses/NotFound" }, "429": { "$ref": "#/components/responses/TooManyRequests" }, "500": { "$ref": "#/components/responses/InternalError" }, "503": { "$ref": "#/components/responses/ServiceUnavailable" }, "409": { "$ref": "#/components/responses/Conflict" }, "412": { "$ref": "#/components/responses/PreconditionFailed" }, "422": { "$ref": "#/components/responses/ValidationFailed" }, "423": { "$ref": "#/components/responses/Locked" } }, "tags": [ "Operational / Batch" ] } } }, "components": { "schemas": { "ErrorEnvelope": { "type": "object", "required": [ "code", "message", "request_id" ], "properties": { "code": { "type": "string", "enum": [ "bad_request", "invalid_cursor", "unauthorized", "invalid_token", "insufficient_scope", "scope_escalation_blocked", "tls_required", "not_found", "method_not_allowed", "conflict", "unmanaged_resource", "idempotency_key_conflict", "precondition_failed", "unsupported_media_type", "validation_failed", "locked", "too_many_requests", "internal_error", "reload_failed_restored", "reload_failed_unrecovered", "service_unavailable", "init_script_missing", "batch_partial_failure" ], "description": "Machine-readable error code. Stable within a major. Clients should branch on HTTP status first and treat unknown codes gracefully (the project's additive contract permits new codes within a major)." }, "message": { "type": "string", "description": "Human-readable English. Do not parse." }, "request_id": { "type": "string", "description": "ULID echoed in the X-Request-Id response header. Pair with audit log for server-side tracing." }, "errors": { "type": "array", "items": { "$ref": "#/components/schemas/FieldError" }, "description": "Per-field error list (validation_failed only)." }, "reload_error": { "type": "string", "description": "reload_failed_restored / reload_failed_unrecovered only." }, "restore_error": { "type": "string", "description": "reload_failed_unrecovered only." }, "aborted_at_index": { "type": "integer", "description": "batch_partial_failure only: 0-based index of the sub-request that failed." }, "reverted": { "type": "boolean", "description": "batch_partial_failure only: true if all packages were restored." }, "error": { "$ref": "#/components/schemas/ErrorEnvelope", "description": "batch_partial_failure only: the failing sub-request's envelope." } } }, "FieldError": { "type": "object", "required": [ "field", "code", "message" ], "properties": { "field": { "type": "string" }, "code": { "type": "string", "enum": [ "required", "invalid_type", "invalid_format", "out_of_range", "not_in_enum", "conflict", "read_only" ] }, "message": { "type": "string" } } }, "RawSection": { "type": "object", "required": [ ".type" ], "properties": { "id": { "type": "string", "description": "Optional; generated if absent" }, ".type": { "type": "string" }, "managed": { "type": "boolean" } }, "additionalProperties": true }, "RawWriteResult": { "allOf": [ { "$ref": "#/components/schemas/RawSection" }, { "type": "object", "properties": { "reloaded": { "type": "boolean" }, "reload_services": { "type": "array", "items": { "type": "string" } }, "reload_note": { "type": "string" } } } ] }, "InstalledPackage": { "type": "object", "required": [ "id", "name", "installed" ], "properties": { "id": { "type": "string", "description": "Package name (same as name)" }, "managed": { "type": "boolean" }, "name": { "type": "string" }, "version": { "type": [ "string", "null" ] }, "installed": { "type": "boolean" }, "runtime": { "type": "object" } } }, "PackageInstallRequest": { "type": "object", "required": [ "name" ], "properties": { "name": { "type": "string", "description": "apk package name (^[A-Za-z0-9_+.-]+$)" } } }, "PackageFeed": { "type": "object", "required": [ "id", "url" ], "properties": { "id": { "type": "string" }, "managed": { "type": "boolean" }, "name": { "type": "string" }, "filename": { "type": "string" }, "url": { "type": "string" }, "enabled": { "type": "boolean" }, "update_status": { "type": "string" }, "runtime": { "type": "object" } } }, "PackageFeedCreateRequest": { "type": "object", "required": [ "name", "url" ], "properties": { "name": { "type": "string", "description": "Feed name (^[A-Za-z0-9_.-]+$); becomes .list" }, "url": { "type": "string", "description": "HTTP(S) URL of the package repository" } } }, "SystemPasswordRequest": { "type": "object", "required": [ "user", "password" ], "properties": { "user": { "type": "string", "pattern": "^(root|[a-z][a-z0-9_-]*)$", "description": "Local Unix user to update; usually 'root'" }, "password": { "type": "string", "minLength": 8, "writeOnly": true, "description": "New password (min 8 chars). Never echoed back." } } }, "SSHAuthorizedKey": { "type": "object", "required": [ "id", "type" ], "properties": { "id": { "type": "string", "pattern": "^[a-f0-9]{12}$", "description": "Stable id: sha256 prefix of the public-key blob (or non-crypto djb2 fallback in test environments)" }, "type": { "type": "string", "description": "SSH key type (e.g. ssh-ed25519, ssh-rsa, ecdsa-sha2-nistp256)" }, "comment": { "type": "string", "description": "Optional comment (trailing text on the key line)" } } }, "SSHKeyAddRequest": { "type": "object", "required": [ "key" ], "properties": { "key": { "type": "string", "description": "Full SSH public key line: [comment]" } } }, "SSHKeyReplaceRequest": { "type": "object", "required": [ "keys" ], "properties": { "keys": { "type": "array", "items": { "type": "string" }, "description": "Full key lines; replaces /etc/dropbear/authorized_keys wholesale" } } }, "Healthz": { "type": "object", "required": [ "status", "version", "checks" ], "properties": { "status": { "type": "string", "enum": [ "ok", "degraded" ] }, "version": { "type": "string", "description": "Package version. STABLE: clients may rely on this for version-skew detection." }, "checks": { "type": "object", "required": [ "ubus", "uci", "lock_dir", "time_sync" ], "properties": { "ubus": { "type": "string", "enum": [ "ok", "degraded" ] }, "uci": { "type": "string", "enum": [ "ok", "degraded" ] }, "lock_dir": { "type": "string", "enum": [ "ok", "degraded" ] }, "time_sync": { "type": "string", "enum": [ "ok", "degraded", "unknown" ], "description": "unknown for first 60s after boot; degraded if wall-clock epoch < 2023-11-15 sanity floor" } } }, "errors": { "type": "array", "items": { "type": "string" }, "description": "Present when status=degraded; one human-readable line per failing subsystem." } } }, "ResourceSchema": { "type": "object", "required": [ "id", "package", "type", "schema_properties" ], "properties": { "id": { "type": "string", "description": ": key" }, "package": { "type": "string" }, "type": { "type": "string", "description": "uci section type" }, "schema_properties": { "type": "object", "description": "JSON-Schema fragment for the resource body" } } }, "WhoamiResponse": { "type": "object", "required": [ "token_id", "scopes", "source_ip", "expires_at", "allowed_cidrs", "last_used_at", "last_used_ip" ], "properties": { "token_id": { "type": "string" }, "scopes": { "type": "array", "items": { "type": "string" } }, "source_ip": { "type": [ "string", "null" ] }, "expires_at": { "type": [ "integer", "null" ], "description": "Unix epoch seconds; null if never expires" }, "allowed_cidrs": { "type": "array", "items": { "type": "string" } }, "last_used_at": { "type": [ "integer", "null" ], "description": "Unix epoch seconds of last authed request; throttled to ~1/minute" }, "last_used_ip": { "type": [ "string", "null" ] }, "rate": { "type": [ "integer", "null" ], "description": "Per-token rate-limit override (req/s); null means use global" }, "burst": { "type": [ "integer", "null" ], "description": "Per-token burst override; null means use global" } } }, "TokenMetadata": { "allOf": [ { "$ref": "#/components/schemas/WhoamiResponse" }, { "type": "object", "required": [ "name" ], "properties": { "name": { "type": "string", "description": "Same as token_id; field name varies by endpoint" } } } ] }, "TokenCreateRequest": { "type": "object", "required": [ "name", "scopes" ], "properties": { "name": { "type": "string", "pattern": "^[A-Za-z0-9_][A-Za-z0-9_-]{0,62}$" }, "scopes": { "type": "array", "items": { "type": "string" }, "minItems": 1, "description": "MUST be a strict subset of the caller's own scopes; escalation returns 403 scope_escalation_blocked" }, "expires_in_seconds": { "type": [ "integer", "null" ], "minimum": 1 }, "allowed_cidrs": { "type": "array", "items": { "type": "string", "description": "IPv4 CIDR" } } } }, "TokenCreateResponse": { "type": "object", "required": [ "bearer", "name" ], "properties": { "bearer": { "type": "string", "writeOnly": true, "description": "Cleartext bearer token. Shown exactly once at mint time; uapi keeps only the salted sha256 on disk. Store securely and pass back as `Authorization: Bearer ` on subsequent requests." }, "name": { "type": "string", "description": "Stable token id (also the uci section name). Use as the path segment in `GET /tokens/{name}`, `DELETE /tokens/{name}`. Must match `[A-Za-z0-9_]+` (uci section-name charset)." } } }, "DiagnosticsResponse": { "type": "object", "required": [ "version", "uptime_seconds", "resources_loaded", "lock_state", "request_id" ], "properties": { "version": { "type": "string" }, "uptime_seconds": { "type": "integer" }, "resources_loaded": { "type": "array", "items": { "type": "string" } }, "lock_state": { "type": "object", "required": [ "global_held", "per_package" ], "properties": { "global_held": { "type": "boolean" }, "per_package": { "type": "object", "additionalProperties": { "type": "boolean" } } } }, "recent_errors": { "type": "array", "maxItems": 20, "description": "Best-effort ring of the last 20 error envelopes emitted by this uhttpd parent VM. May be empty (no errors yet, or /tmp ring file unreadable).", "items": { "type": "object", "required": [ "ts", "request_id", "code", "status" ], "properties": { "ts": { "type": "integer", "description": "Unix epoch seconds when the error was recorded." }, "request_id": { "type": "string" }, "code": { "type": "string" }, "status": { "type": "integer" }, "method": { "type": [ "string", "null" ] }, "path": { "type": [ "string", "null" ] }, "message": { "type": "string" } } } }, "request_id": { "type": "string" } } }, "BatchRequest": { "type": "object", "required": [ "operations" ], "properties": { "operations": { "type": "array", "minItems": 1, "maxItems": 50, "items": { "$ref": "#/components/schemas/BatchOperation" } } } }, "BatchOperation": { "type": "object", "required": [ "path", "method" ], "properties": { "path": { "type": "string", "description": "Resource path (e.g. /firewall/rules)" }, "method": { "type": "string", "enum": [ "GET", "POST", "PUT", "PATCH", "DELETE" ] }, "body": { "description": "Request body for POST/PUT/PATCH; omit for GET/DELETE" }, "if_match": { "type": "string", "description": "Optional per-sub-request If-Match ETag" } } }, "BatchResponse": { "type": "object", "required": [ "results", "request_id" ], "properties": { "results": { "type": "array", "items": { "type": "object", "required": [ "status" ], "properties": { "status": { "type": "integer" }, "body": { } } } }, "request_id": { "type": "string" } } }, "JsonPatch": { "type": "array", "description": "RFC 6902 JSON Patch document. Sent with Content-Type: application/json-patch+json on PATCH. Supports ops: add, remove, replace, move, copy, test.", "items": { "type": "object", "required": [ "op", "path" ], "properties": { "op": { "type": "string", "enum": [ "add", "remove", "replace", "move", "copy", "test" ] }, "path": { "type": "string", "description": "RFC 6901 JSON Pointer" }, "value": { "description": "Required for add, replace, test" }, "from": { "type": "string", "description": "Required for move, copy" } } } }, "FirewallRules": { "type": "object", "description": "uapi resource backed by uci firewall.rule", "properties": { "id": { "type": "string", "pattern": "^[A-Za-z][A-Za-z0-9_]{0,31}$", "description": "Optional at create: caller-supplied uci section name; becomes the response `id`. When omitted, the server emits a ULID. Read-only after create (rename via DELETE + POST). Charset and length follow uci section-name rules: 1 to 32 characters, start with a letter, alphanumerics and underscore only. Per-resource modules may tighten further (e.g. proto=wireguard interfaces are IFNAMSIZ-tight at 15 chars)." }, "managed": { "type": "boolean" }, "name": { "type": [ "string", "null" ], "description": "Human-readable label for this rule" }, "target": { "type": "string", "enum": [ "ACCEPT", "REJECT", "DROP", "NOTRACK", "MARK" ] }, "enabled": { "type": "boolean" }, "match": { "type": "object", "required": [ "src_zone" ], "properties": { "src_zone": { "type": [ "string", "null" ] }, "dest_zone": { "type": [ "string", "null" ] }, "src_ip": { "type": "array", "items": { "type": "string" } }, "dest_ip": { "type": "array", "items": { "type": "string" } }, "src_port": { "type": "array", "items": { "type": "string" } }, "dest_port": { "type": "array", "items": { "type": "string" } }, "proto": { "type": "array", "items": { "type": "string", "enum": [ "tcp", "udp", "icmp", "icmpv6", "esp", "ah", "any", "all" ] } }, "family": { "type": "string", "enum": [ "any", "ipv4", "ipv6" ] } } }, "runtime": { "type": "object" } }, "required": [ "target", "match" ], "allOf": [ { "if": { "type": "object", "required": [ "match" ] }, "then": { "properties": { "match": { "type": "object", "required": [ "src_zone" ] } } } } ] }, "FirewallZones": { "type": "object", "description": "uapi resource backed by uci firewall.zone", "properties": { "id": { "type": "string", "pattern": "^[A-Za-z][A-Za-z0-9_]{0,31}$", "description": "Optional at create: caller-supplied uci section name; becomes the response `id`. When omitted, the server emits a ULID. Read-only after create (rename via DELETE + POST). Charset and length follow uci section-name rules: 1 to 32 characters, start with a letter, alphanumerics and underscore only. Per-resource modules may tighten further (e.g. proto=wireguard interfaces are IFNAMSIZ-tight at 15 chars)." }, "managed": { "type": "boolean" }, "name": { "type": [ "string", "null" ], "pattern": "^[a-zA-Z0-9_-]+$", "description": "Zone name; alphanumerics, dashes, underscores" }, "input": { "type": "string", "enum": [ "ACCEPT", "REJECT", "DROP" ] }, "output_policy": { "type": "string", "enum": [ "ACCEPT", "REJECT", "DROP" ], "description": "Renamed on the wire from uci's `output` (HCL block keyword)." }, "forward": { "type": "string", "enum": [ "ACCEPT", "REJECT", "DROP" ] }, "network": { "type": "array", "items": { "type": "string" } }, "masq": { "type": "boolean", "description": "Enable IPv4 masquerading on this zone" }, "mtu_fix": { "type": "boolean", "description": "Clamp MSS to PMTU for traffic in this zone" }, "family": { "type": "string", "enum": [ "any", "ipv4", "ipv6" ] }, "runtime": { "type": "object" } }, "required": [ "name" ] }, "FirewallRedirects": { "type": "object", "description": "uapi resource backed by uci firewall.redirect", "properties": { "id": { "type": "string", "pattern": "^[A-Za-z][A-Za-z0-9_]{0,31}$", "description": "Optional at create: caller-supplied uci section name; becomes the response `id`. When omitted, the server emits a ULID. Read-only after create (rename via DELETE + POST). Charset and length follow uci section-name rules: 1 to 32 characters, start with a letter, alphanumerics and underscore only. Per-resource modules may tighten further (e.g. proto=wireguard interfaces are IFNAMSIZ-tight at 15 chars)." }, "managed": { "type": "boolean" }, "name": { "type": [ "string", "null" ], "description": "Human-readable label for this redirect" }, "target": { "type": "string", "enum": [ "DNAT", "SNAT" ] }, "enabled": { "type": "boolean" }, "match": { "type": "object", "required": [ "src_zone" ], "properties": { "src_zone": { "type": [ "string", "null" ] }, "dest_zone": { "type": [ "string", "null" ] }, "src_ip": { "type": "array", "items": { "type": "string" } }, "src_port": { "type": "array", "items": { "type": "string" } }, "src_dport": { "type": "array", "items": { "type": "string" } }, "dest_ip": { "type": "array", "items": { "type": "string" } }, "dest_port": { "type": "array", "items": { "type": "string" } }, "proto": { "type": "array", "items": { "type": "string", "enum": [ "tcp", "udp", "icmp", "icmpv6", "esp", "ah", "any", "all" ] } }, "family": { "type": "string", "enum": [ "any", "ipv4", "ipv6" ] } } }, "reflection": { "type": "boolean", "description": "Enable NAT loopback / hairpinning for this redirect (fw4 default true)" }, "reflection_src": { "type": "string", "enum": [ "internal", "external" ], "description": "Source address used for hairpinned packets: internal LAN or external WAN" }, "reflection_zone": { "type": "array", "items": { "type": "string" }, "description": "Zones in which NAT reflection is allowed (uci list reflection_zone)" }, "runtime": { "type": "object" } }, "required": [ "match" ], "allOf": [ { "if": { "type": "object", "required": [ "match" ] }, "then": { "properties": { "match": { "type": "object", "required": [ "src_zone" ] } } } } ] }, "FirewallForwardings": { "type": "object", "description": "uapi resource backed by uci firewall.forwarding", "properties": { "id": { "type": "string", "pattern": "^[A-Za-z][A-Za-z0-9_]{0,31}$", "description": "Optional at create: caller-supplied uci section name; becomes the response `id`. When omitted, the server emits a ULID. Read-only after create (rename via DELETE + POST). Charset and length follow uci section-name rules: 1 to 32 characters, start with a letter, alphanumerics and underscore only. Per-resource modules may tighten further (e.g. proto=wireguard interfaces are IFNAMSIZ-tight at 15 chars)." }, "managed": { "type": "boolean" }, "src": { "type": "string", "description": "Source zone name" }, "dest": { "type": "string", "description": "Destination zone name" }, "family": { "type": "string", "enum": [ "any", "ipv4", "ipv6" ] }, "enabled": { "type": "boolean" }, "runtime": { "type": "object" } }, "required": [ "src", "dest" ] }, "FirewallDefaults": { "type": "object", "description": "uapi resource backed by uci firewall.defaults", "properties": { "id": { "type": [ "string", "null" ] }, "managed": { "type": "boolean" }, "input": { "type": "string", "enum": [ "ACCEPT", "REJECT", "DROP" ] }, "output_policy": { "type": "string", "enum": [ "ACCEPT", "REJECT", "DROP" ], "description": "Renamed on the wire from uci's `output` (HCL block keyword)." }, "forward": { "type": "string", "enum": [ "ACCEPT", "REJECT", "DROP" ] }, "syn_flood": { "type": "boolean", "description": "Enable SYN flood protection" }, "drop_invalid": { "type": "boolean", "description": "Drop packets with invalid conntrack state" }, "synflood_burst": { "type": "integer", "minimum": 1, "maximum": 1000000 }, "synflood_rate": { "type": "integer", "minimum": 1, "maximum": 1000000 }, "tcp_syncookies": { "type": "boolean", "description": "Enable kernel TCP SYN cookies" }, "flow_offloading": { "type": "boolean", "description": "Enable software flow offloading" }, "flow_offloading_hw": { "type": "boolean", "description": "Enable hardware flow offloading (requires NIC support)" }, "runtime": { "type": "object" } } }, "NetworkInterfaces": { "type": "object", "description": "uapi resource backed by uci network.interface", "properties": { "id": { "type": "string", "pattern": "^[A-Za-z][A-Za-z0-9_]{0,31}$", "description": "Create-time only; picks the uci section name (which becomes the uapi `id` field). When omitted, the server emits a 14-char `wg_` for proto=wireguard (fits Linux IFNAMSIZ for the kernel netdev) or a 28-char ULID otherwise. Useful for LuCI parity (`lan`, `wan`, `guest`) and readable cross-references. For proto=wireguard the value must additionally fit IFNAMSIZ (15 chars max)." }, "managed": { "type": "boolean" }, "device": { "type": [ "string", "null" ], "description": "Physical or logical L2 device this interface binds to" }, "proto": { "type": "string", "enum": [ "static", "dhcp", "dhcpv6", "pppoe", "none", "ppp", "wwan", "wireguard" ] }, "ipaddr": { "type": [ "string", "null" ], "description": "Static IPv4 address (single). Backward-compatible view of the first entry when uci has `list ipaddr`." }, "ipaddrs": { "type": "array", "items": { "type": "string" }, "description": "Full IPv4 address list for static proto (uci `list ipaddr`). Preferred on write for multi-address interfaces." }, "netmask": { "type": [ "string", "null" ], "description": "IPv4 netmask (static proto)" }, "gateway": { "type": [ "string", "null" ], "description": "IPv4 default gateway (static proto)" }, "dns": { "type": "array", "items": { "type": "string" } }, "ip6assign": { "type": [ "integer", "null" ], "minimum": 0, "maximum": 128, "description": "Prefix length to assign downstream from a delegated prefix" }, "mtu": { "type": [ "integer", "null" ], "minimum": 0, "maximum": 65535 }, "auto": { "type": "boolean", "description": "Bring this interface up at boot" }, "runtime": { "type": "object", "description": "Populated from ubus network.interface. status; empty {} when the interface has no runtime state.", "properties": { "up": { "type": "boolean" }, "pending": { "type": "boolean" }, "available": { "type": "boolean" }, "l3_device": { "type": [ "string", "null" ] }, "uptime": { "type": [ "integer", "null" ], "minimum": 0 }, "ipv4_address": { "type": "array", "items": { "type": "object" } }, "ipv6_address": { "type": "array", "items": { "type": "object" } }, "ipv6_prefix": { "type": "array", "items": { "type": "object" } }, "route": { "type": "array", "items": { "type": "object" } } } }, "name": { "type": "string", "pattern": "^[A-Za-z][A-Za-z0-9_]{0,14}$", "deprecated": true, "description": "DEPRECATED in 2.2.0: use `id` instead (the universal section-name input across every resource). Both are accepted during the deprecation window; if both are supplied they must match. `name` is scheduled for removal in v3. See docs/deprecations.md." }, "addresses": { "type": "array", "items": { "type": "string" } }, "private_key": { "type": "string", "writeOnly": true, "description": "WireGuard private key; accepted on write, masked on read" }, "has_private_key": { "type": "boolean", "readOnly": true }, "listen_port": { "type": "integer", "minimum": 0, "maximum": 65535 }, "nohostroute": { "type": "boolean", "description": "Suppress the implicit host-route for wireguard endpoint" }, "ip4table": { "type": [ "string", "null" ], "description": "Routing table to install WireGuard IPv4 routes into" }, "ip6table": { "type": [ "string", "null" ], "description": "Routing table to install WireGuard IPv6 routes into" }, "peerdns": { "type": "boolean", "description": "Accept DNS servers advertised by the upstream (dhcp/dhcpv6)" }, "defaultroute": { "type": "boolean", "description": "Install the default route from DHCP (dhcp)" }, "metric": { "type": "integer", "minimum": 0, "description": "Default-route metric (dhcp)" }, "hostname": { "type": "string", "description": "Client hostname sent in DHCPDISCOVER (dhcp)" }, "clientid": { "type": "string", "description": "DHCP client identifier (dhcp)" }, "reqprefix": { "type": "string", "pattern": "^(auto|no|[0-9]+)$", "description": "DHCPv6 prefix-delegation request: auto, no, or numeric size" }, "reqaddress": { "type": "string", "enum": [ "try", "force", "none" ], "description": "DHCPv6 IA_NA request mode (dhcpv6)" }, "ip6hint": { "type": "string", "description": "Preferred IPv6 prefix hint for PD (dhcpv6)" }, "ip6ifaceid": { "type": "string", "description": "Static IPv6 interface id for IA_NA (dhcpv6)" }, "delegate": { "type": "boolean", "description": "Accept prefix delegation downstream (dhcpv6)" } }, "required": [ "proto" ], "allOf": [ { "if": { "properties": { "proto": { "const": "static" } }, "required": [ "proto" ] }, "then": { "anyOf": [ { "required": [ "ipaddr" ] }, { "required": [ "ipaddrs" ] } ] } }, { "if": { "properties": { "proto": { "const": "wireguard" } }, "required": [ "proto" ] }, "then": { "required": [ "addresses" ] } } ] }, "NetworkDevices": { "type": "object", "description": "uapi resource backed by uci network.device", "properties": { "id": { "type": "string", "pattern": "^[A-Za-z][A-Za-z0-9_]{0,31}$", "description": "Optional at create: caller-supplied uci section name; becomes the response `id`. When omitted, the server emits a ULID. Read-only after create (rename via DELETE + POST). Charset and length follow uci section-name rules: 1 to 32 characters, start with a letter, alphanumerics and underscore only. Per-resource modules may tighten further (e.g. proto=wireguard interfaces are IFNAMSIZ-tight at 15 chars)." }, "managed": { "type": "boolean" }, "name": { "type": "string", "description": "Device name as seen by netifd / the kernel" }, "type": { "type": "string", "enum": [ "bridge", "8021q", "8021ad", "macvlan", "veth", "tun", "tap" ] }, "ports": { "type": "array", "items": { "type": "string" } }, "vid": { "type": "integer", "minimum": 1, "maximum": 4094, "description": "VLAN id for 8021q / 8021ad devices" }, "ifname": { "type": [ "string", "null" ], "description": "Underlying parent interface (e.g. for macvlan/8021q)" }, "mtu": { "type": "integer", "minimum": 0, "maximum": 65535 }, "macaddr": { "type": [ "string", "null" ], "pattern": "^[0-9A-Fa-f]{2}([:-][0-9A-Fa-f]{2}){5}$", "description": "MAC address override (colon or dash separated)" }, "ipv6": { "type": "boolean", "description": "Enable IPv6 on this device" }, "runtime": { "type": "object" } }, "required": [ "name", "type" ], "allOf": [ { "if": { "properties": { "type": { "const": "8021q" } }, "required": [ "type" ] }, "then": { "required": [ "vid" ] } } ] }, "NetworkRoutes": { "type": "object", "description": "uapi resource backed by uci network.route", "properties": { "id": { "type": "string", "pattern": "^[A-Za-z][A-Za-z0-9_]{0,31}$", "description": "Optional at create: caller-supplied uci section name; becomes the response `id`. When omitted, the server emits a ULID. Read-only after create (rename via DELETE + POST). Charset and length follow uci section-name rules: 1 to 32 characters, start with a letter, alphanumerics and underscore only. Per-resource modules may tighten further (e.g. proto=wireguard interfaces are IFNAMSIZ-tight at 15 chars)." }, "managed": { "type": "boolean" }, "interface": { "type": [ "string", "null" ], "description": "Parent network interface name" }, "target": { "type": "string", "description": "Destination IPv4 address or CIDR" }, "netmask": { "type": [ "string", "null" ], "description": "IPv4 netmask if target is an address (not CIDR)" }, "gateway": { "type": [ "string", "null" ], "description": "IPv4 next-hop address" }, "table": { "type": [ "integer", "null" ], "minimum": 0, "description": "Routing table id" }, "metric": { "type": "integer", "minimum": 0 }, "mtu": { "type": "integer", "minimum": 0 }, "source": { "type": [ "string", "null" ], "description": "Preferred source address (IPv4 or CIDR)" }, "type": { "type": "string", "enum": [ "unicast", "blackhole", "unreachable", "prohibit", "throw", "anycast", "multicast", "local", "broadcast" ] }, "runtime": { "type": "object" } }, "required": [ "target" ] }, "NetworkRules": { "type": "object", "description": "uapi resource backed by uci network.rule", "properties": { "id": { "type": "string", "pattern": "^[A-Za-z][A-Za-z0-9_]{0,31}$", "description": "Optional at create: caller-supplied uci section name; becomes the response `id`. When omitted, the server emits a ULID. Read-only after create (rename via DELETE + POST). Charset and length follow uci section-name rules: 1 to 32 characters, start with a letter, alphanumerics and underscore only. Per-resource modules may tighten further (e.g. proto=wireguard interfaces are IFNAMSIZ-tight at 15 chars)." }, "managed": { "type": "boolean" }, "in": { "type": [ "string", "null" ], "description": "Match traffic arriving on this interface" }, "out": { "type": [ "string", "null" ], "description": "Match traffic departing on this interface" }, "src": { "type": [ "string", "null" ], "description": "Match source IPv4 address or CIDR" }, "dest": { "type": [ "string", "null" ], "description": "Match destination IPv4 address or CIDR" }, "priority": { "type": "integer", "minimum": 0, "maximum": 32766 }, "lookup": { "type": [ "integer", "null" ], "minimum": 0, "description": "Routing table id to look up when action is lookup" }, "goto": { "type": [ "integer", "null" ], "minimum": 0, "description": "Priority of the rule to jump to when action is goto" }, "action": { "type": "string", "enum": [ "lookup", "goto", "unreachable", "prohibit", "blackhole", "throw" ] }, "invert": { "type": "boolean", "description": "Invert the match selectors" }, "mark": { "type": [ "string", "null" ], "description": "Match fwmark (value or value/mask)" }, "runtime": { "type": "object" } }, "allOf": [ { "anyOf": [ { "required": [ "in" ] }, { "required": [ "out" ] }, { "required": [ "src" ] }, { "required": [ "dest" ] } ] }, { "if": { "properties": { "action": { "const": "lookup" } }, "required": [ "action" ] }, "then": { "required": [ "lookup" ] } }, { "if": { "properties": { "action": { "const": "goto" } }, "required": [ "action" ] }, "then": { "required": [ "goto" ] } } ] }, "NetworkBridgeVlans": { "type": "object", "description": "uapi resource backed by uci network.bridge-vlan", "properties": { "id": { "type": "string", "pattern": "^[A-Za-z][A-Za-z0-9_]{0,31}$", "description": "Optional at create: caller-supplied uci section name; becomes the response `id`. When omitted, the server emits a ULID. Read-only after create (rename via DELETE + POST). Charset and length follow uci section-name rules: 1 to 32 characters, start with a letter, alphanumerics and underscore only. Per-resource modules may tighten further (e.g. proto=wireguard interfaces are IFNAMSIZ-tight at 15 chars)." }, "managed": { "type": "boolean" }, "device": { "type": "string", "description": "Parent bridge device name (must exist in network/devices type=bridge)" }, "vlan": { "type": "integer", "minimum": 1, "maximum": 4094 }, "ports": { "type": "array", "items": { "type": "string", "pattern": "^[A-Za-z0-9._-]+(:[tu*]+)?$" }, "description": "Bridge ports with optional :t (tagged), :u (untagged), :* (pvid) suffix" }, "runtime": { "type": "object" } }, "required": [ "device", "vlan" ] }, "NetworkWireguardPeers": { "type": "object", "description": "uapi resource backed by uci network.wireguard_peer", "properties": { "id": { "type": "string", "pattern": "^[A-Za-z][A-Za-z0-9_]{0,31}$", "description": "Optional at create: caller-supplied uci section name; becomes the response `id`. When omitted, the server emits a ULID. Read-only after create (rename via DELETE + POST). Charset and length follow uci section-name rules: 1 to 32 characters, start with a letter, alphanumerics and underscore only. Per-resource modules may tighten further (e.g. proto=wireguard interfaces are IFNAMSIZ-tight at 15 chars)." }, "managed": { "type": "boolean" }, "interface": { "type": "string", "description": "Parent WireGuard interface (network/interfaces name with proto=wireguard)" }, "description": { "type": [ "string", "null" ], "description": "Human-readable label for this peer" }, "public_key": { "type": "string", "pattern": "^[A-Za-z0-9+/]{43}=$" }, "has_preshared_key": { "type": "boolean", "readOnly": true }, "allowed_ips": { "type": "array", "items": { "type": "string" } }, "endpoint_host": { "type": [ "string", "null" ], "description": "Remote endpoint hostname or IP" }, "endpoint_port": { "type": "integer", "minimum": 1, "maximum": 65535 }, "persistent_keepalive": { "type": "integer", "minimum": 0, "maximum": 65535 }, "route_allowed_ips": { "type": "boolean", "description": "Auto-install routes for allowed_ips" }, "disabled": { "type": "boolean", "description": "Skip this peer when starting the tunnel" }, "runtime": { "type": "object" }, "preshared_key": { "type": "string", "writeOnly": true, "pattern": "^[A-Za-z0-9+/]{43}=$", "description": "Optional preshared key; accepted on write, masked on read" } }, "required": [ "interface", "public_key", "allowed_ips" ] }, "WirelessDevices": { "type": "object", "description": "uapi resource backed by uci wireless.wifi-device", "properties": { "id": { "type": "string", "pattern": "^[A-Za-z][A-Za-z0-9_]{0,31}$", "description": "Optional at create: caller-supplied uci section name; becomes the response `id`. When omitted, the server emits a ULID. Read-only after create (rename via DELETE + POST). Charset and length follow uci section-name rules: 1 to 32 characters, start with a letter, alphanumerics and underscore only. Per-resource modules may tighten further (e.g. proto=wireguard interfaces are IFNAMSIZ-tight at 15 chars)." }, "managed": { "type": "boolean" }, "type": { "type": "string", "enum": [ "mac80211", "broadcom" ] }, "band": { "type": "string", "enum": [ "2g", "5g", "6g", "60g" ] }, "channel": { "type": [ "integer", "string" ], "minimum": 0, "maximum": 196, "pattern": "^auto$", "description": "Channel number (0-196) or the string \"auto\"" }, "htmode": { "type": [ "string", "null" ], "description": "HT/VHT/HE mode label (e.g. HT20, VHT80, HE160)" }, "country": { "type": [ "string", "null" ], "pattern": "^[A-Za-z]{2}$", "description": "ISO 3166-1 alpha-2 regulatory country code" }, "txpower": { "type": [ "integer", "null" ], "minimum": 0, "maximum": 30, "description": "TX power in dBm" }, "disabled": { "type": "boolean", "description": "Disable this radio at boot" }, "runtime": { "type": "object" } }, "required": [ "type" ] }, "WirelessInterfaces": { "type": "object", "description": "uapi resource backed by uci wireless.wifi-iface", "properties": { "id": { "type": "string", "pattern": "^[A-Za-z][A-Za-z0-9_]{0,31}$", "description": "Optional at create: caller-supplied uci section name; becomes the response `id`. When omitted, the server emits a ULID. Read-only after create (rename via DELETE + POST). Charset and length follow uci section-name rules: 1 to 32 characters, start with a letter, alphanumerics and underscore only. Per-resource modules may tighten further (e.g. proto=wireguard interfaces are IFNAMSIZ-tight at 15 chars)." }, "managed": { "type": "boolean" }, "device": { "type": "string", "description": "Parent radio (wireless/devices id)" }, "network": { "type": [ "string", "null" ], "description": "Network interface this SSID bridges into" }, "mode": { "type": "string", "enum": [ "ap", "sta", "adhoc", "wds", "monitor", "mesh" ] }, "ssid": { "type": [ "string", "null" ], "description": "SSID broadcast (or joined in sta mode)" }, "encryption": { "type": "string", "enum": [ "none", "wep", "psk", "psk2", "psk-mixed", "sae", "sae-mixed", "wpa", "wpa2", "wpa3", "wpa3-mixed" ] }, "disabled": { "type": "boolean", "description": "Disable this iface at boot" }, "hidden": { "type": "boolean", "description": "Suppress SSID in beacon frames" }, "isolate": { "type": "boolean", "description": "Block station-to-station traffic on this AP" }, "runtime": { "type": "object", "description": "Populated from ubus iwinfo info/assoclist for the runtime interface that backs this uci section; empty {} when the iface has not been provisioned yet.", "properties": { "ifname": { "type": "string" }, "bssid": { "type": [ "string", "null" ] }, "channel": { "type": [ "integer", "null" ] }, "frequency": { "type": [ "integer", "null" ] }, "signal": { "type": [ "integer", "null" ] }, "noise": { "type": [ "integer", "null" ] }, "txpower_actual": { "type": [ "integer", "null" ] }, "assoclist_count": { "type": "integer", "minimum": 0 } } }, "key": { "type": "string", "writeOnly": true, "description": "Encryption passphrase; accepted on write, masked on read" }, "has_key": { "type": "boolean", "readOnly": true, "description": "True if a key is configured (cleartext never returned)" } }, "required": [ "device" ], "allOf": [ { "if": { "properties": { "encryption": { "enum": [ "psk", "psk2", "psk-mixed", "sae", "sae-mixed", "wpa", "wpa2", "wpa3", "wpa3-mixed" ] } }, "required": [ "encryption" ] }, "then": { "required": [ "key" ] } } ] }, "DhcpHosts": { "type": "object", "description": "uapi resource backed by uci dhcp.host", "properties": { "id": { "type": "string", "pattern": "^[A-Za-z][A-Za-z0-9_]{0,31}$", "description": "Optional at create: caller-supplied uci section name; becomes the response `id`. When omitted, the server emits a ULID. Read-only after create (rename via DELETE + POST). Charset and length follow uci section-name rules: 1 to 32 characters, start with a letter, alphanumerics and underscore only. Per-resource modules may tighten further (e.g. proto=wireguard interfaces are IFNAMSIZ-tight at 15 chars)." }, "managed": { "type": "boolean" }, "name": { "type": [ "string", "null" ] }, "mac": { "type": [ "string", "null" ], "pattern": "^[0-9A-Fa-f]{2}([:-][0-9A-Fa-f]{2}){5}$", "description": "Primary MAC address for IPv4 reservation" }, "mac_aliases": { "type": "array", "items": { "type": "string" }, "description": "Additional MACs for the same reservation (uci list mac)" }, "duid": { "type": [ "string", "null" ], "description": "Client DUID for DHCPv6 reservation" }, "hostid": { "type": [ "string", "null" ], "description": "Static IPv6 host id hint (suffix)" }, "ip": { "type": "string", "description": "IPv4 or IPv6 address" }, "leasetime": { "type": [ "string", "null" ], "description": "Duration like '12h', '30m', '1d', or plain seconds" }, "tag": { "type": [ "string", "null" ] }, "dns": { "type": "boolean" }, "broadcast": { "type": "boolean", "description": "Force broadcast replies for clients that need it" }, "instance": { "type": [ "string", "null" ], "description": "Pin this reservation to a specific dhcp/dnsmasq instance (section name)" }, "runtime": { "type": "object" } }, "allOf": [ { "anyOf": [ { "required": [ "mac" ] }, { "required": [ "duid" ] } ] } ] }, "DhcpLeases": { "type": "object", "description": "uapi resource backed by uci dhcp.lease", "properties": { "expires_at": { "type": "integer", "description": "Unix epoch seconds when the lease expires" }, "mac": { "type": "string", "description": "Client MAC address" }, "ip": { "type": "string", "description": "Assigned IP address" }, "hostname": { "type": [ "string", "null" ] }, "duid": { "type": [ "string", "null" ] } } }, "DhcpLeases6": { "type": "object", "description": "uapi resource backed by uci dhcp.lease6", "properties": { "duid": { "type": "string", "description": "Client DUID (hex)" }, "iaid": { "type": "string", "description": "Identity Association ID (hex)" }, "hostname": { "type": [ "string", "null" ] }, "interface": { "type": "string", "description": "Server-side interface that issued the lease" }, "ia_type": { "type": "string", "enum": [ "IA_NA", "IA_TA", "IA_PD" ], "description": "DHCPv6 Identity Association type" }, "ip": { "type": "string", "description": "Assigned IPv6 address or prefix" }, "prefix_length": { "type": [ "integer", "null" ], "description": "Prefix length for IA_PD; null for IA_NA" }, "expires_at": { "type": [ "integer", "null" ], "description": "Unix epoch seconds when the lease expires; null for non-numeric values like 'forever'" } } }, "DhcpServers": { "type": "object", "description": "uapi resource backed by uci dhcp.dhcp", "properties": { "id": { "type": "string", "pattern": "^[A-Za-z][A-Za-z0-9_]{0,31}$", "description": "Optional at create: caller-supplied uci section name; becomes the response `id`. When omitted, the server emits a ULID. Read-only after create (rename via DELETE + POST). Charset and length follow uci section-name rules: 1 to 32 characters, start with a letter, alphanumerics and underscore only. Per-resource modules may tighten further (e.g. proto=wireguard interfaces are IFNAMSIZ-tight at 15 chars)." }, "managed": { "type": "boolean" }, "interface": { "type": "string" }, "start": { "type": "integer", "minimum": 0, "maximum": 254 }, "limit": { "type": "integer", "minimum": 0, "maximum": 254 }, "leasetime": { "type": [ "string", "null" ], "pattern": "^[0-9]+[smhdwMY]?$" }, "ignore": { "type": "boolean" }, "force": { "type": "boolean" }, "dynamicdhcp": { "type": "boolean" }, "ra": { "type": "string", "enum": [ "disabled", "server", "relay", "hybrid" ] }, "dhcpv6": { "type": "string", "enum": [ "disabled", "server", "relay", "hybrid" ] }, "ra_default": { "type": [ "integer", "null" ], "minimum": 0, "maximum": 2, "description": "0 default, 1 deprecate prefix, 2 advertise as router" }, "domain": { "type": [ "string", "null" ] }, "dhcp_option": { "type": "array", "items": { "type": "string" } }, "runtime": { "type": "object", "description": "Lease counters derived from /tmp/dhcp.leases (v4 box-total) and odhcpd statefile (v6 per-interface). Empty {} when no interface is bound.", "properties": { "active_leases_v4_box_total": { "type": "integer", "minimum": 0, "description": "Total IPv4 leases box-wide; dnsmasq leases are not interface-tagged" }, "active_leases_v6_iface": { "type": "integer", "minimum": 0, "description": "IPv6 leases issued on this section's interface" } } } }, "required": [ "interface" ] }, "DhcpDnsmasq": { "type": "object", "description": "uapi resource backed by uci dhcp.dnsmasq", "properties": { "id": { "type": [ "string", "null" ] }, "managed": { "type": "boolean" }, "domain": { "type": [ "string", "null" ] }, "local": { "type": [ "string", "null" ], "description": "Local domain pattern (e.g. /lan/) resolved authoritatively" }, "noresolv": { "type": "boolean" }, "rebind_protection": { "type": "boolean" }, "expandhosts": { "type": "boolean" }, "cachesize": { "type": "integer", "minimum": 0, "maximum": 1000000 }, "port": { "type": "integer", "minimum": 1, "maximum": 65535 }, "domainneeded": { "type": "boolean" }, "boguspriv": { "type": "boolean" }, "filterwin2k": { "type": "boolean" }, "authoritative": { "type": "boolean" }, "readethers": { "type": "boolean" }, "leasefile": { "type": [ "string", "null" ] }, "resolvfile": { "type": [ "string", "null" ] }, "server": { "type": "array", "items": { "type": "string" } }, "address": { "type": "array", "items": { "type": "string" } }, "nonwildcard": { "type": "boolean" }, "runtime": { "type": "object" } } }, "DhcpOdhcpd": { "type": "object", "description": "uapi resource backed by uci dhcp.odhcpd", "properties": { "id": { "type": [ "string", "null" ] }, "managed": { "type": "boolean" }, "maindhcp": { "type": "boolean", "description": "Use odhcpd as the IPv4 DHCP server too" }, "leasefile": { "type": [ "string", "null" ], "description": "Path where odhcpd persists active leases" }, "leasetrigger": { "type": [ "string", "null" ], "description": "Script invoked on lease add/update/del" }, "loglevel": { "type": "integer", "minimum": 0, "maximum": 7, "description": "syslog priority (0=emerg .. 7=debug)" }, "runtime": { "type": "object" } } }, "System": { "type": "object", "description": "uapi resource backed by uci system.system", "properties": { "id": { "type": [ "string", "null" ] }, "managed": { "type": "boolean" }, "hostname": { "type": [ "string", "null" ], "pattern": "^[a-zA-Z0-9_-]+(\\.[a-zA-Z0-9_-]+)*$", "description": "System hostname (alphanumerics, dashes, underscores, dots)" }, "description": { "type": [ "string", "null" ], "description": "Free-form system description shown in LuCI" }, "notes": { "type": [ "string", "null" ], "description": "Operator-facing notes" }, "timezone": { "type": [ "string", "null" ], "description": "POSIX TZ string (e.g. CET-1CEST,M3.5.0,M10.5.0/3)" }, "zonename": { "type": [ "string", "null" ], "description": "IANA zone name (e.g. Europe/Paris)" }, "log_size": { "type": "integer", "minimum": 0 }, "log_ip": { "type": [ "string", "null" ], "description": "Remote syslog collector IP address" }, "log_proto": { "type": [ "string", "null" ], "description": "Remote syslog transport (udp or tcp)" }, "log_remote": { "type": "boolean" }, "urandom_seed": { "type": "boolean" }, "runtime": { "type": "object" } } }, "SystemTimeservers": { "type": "object", "description": "uapi resource backed by uci system.timeserver", "properties": { "id": { "type": "string", "pattern": "^[A-Za-z][A-Za-z0-9_]{0,31}$", "description": "Optional at create: caller-supplied uci section name; becomes the response `id`. When omitted, the server emits a ULID. Read-only after create (rename via DELETE + POST). Charset and length follow uci section-name rules: 1 to 32 characters, start with a letter, alphanumerics and underscore only. Per-resource modules may tighten further (e.g. proto=wireguard interfaces are IFNAMSIZ-tight at 15 chars)." }, "managed": { "type": "boolean" }, "enabled": { "type": "boolean", "description": "Whether sysntpd runs at all" }, "enable_server": { "type": "boolean", "description": "Also serve time to LAN clients" }, "interface": { "type": [ "string", "null" ], "description": "Bind sysntpd to a specific network interface" }, "server": { "type": "array", "items": { "type": "string" } }, "use_dhcp": { "type": "boolean", "description": "Accept NTP servers learned via DHCP option 42" }, "runtime": { "type": "object" } }, "allOf": [ { "if": { "properties": { "use_dhcp": { "const": false } }, "required": [ "use_dhcp" ] }, "then": { "required": [ "server" ] } } ] }, "DropbearInstances": { "type": "object", "description": "uapi resource backed by uci dropbear.dropbear", "properties": { "id": { "type": "string", "pattern": "^[A-Za-z][A-Za-z0-9_]{0,31}$", "description": "Optional at create: caller-supplied uci section name; becomes the response `id`. When omitted, the server emits a ULID. Read-only after create (rename via DELETE + POST). Charset and length follow uci section-name rules: 1 to 32 characters, start with a letter, alphanumerics and underscore only. Per-resource modules may tighten further (e.g. proto=wireguard interfaces are IFNAMSIZ-tight at 15 chars)." }, "managed": { "type": "boolean" }, "enable": { "type": "boolean" }, "port": { "type": "integer", "minimum": 1, "maximum": 65535 }, "password_auth": { "type": "boolean" }, "root_password_auth": { "type": "boolean" }, "root_login": { "type": "boolean" }, "banner_file": { "type": [ "string", "null" ] }, "interface": { "type": [ "string", "null" ], "description": "Listen interface or IP" }, "gateway_ports": { "type": "boolean", "description": "Allow remote port forwarding" }, "runtime": { "type": "object" } } }, "UhttpdInstances": { "type": "object", "description": "uapi resource backed by uci uhttpd.uhttpd", "properties": { "id": { "type": "string", "pattern": "^[A-Za-z][A-Za-z0-9_]{0,31}$", "description": "Optional at create: caller-supplied uci section name; becomes the response `id`. When omitted, the server emits a ULID. Read-only after create (rename via DELETE + POST). Charset and length follow uci section-name rules: 1 to 32 characters, start with a letter, alphanumerics and underscore only. Per-resource modules may tighten further (e.g. proto=wireguard interfaces are IFNAMSIZ-tight at 15 chars)." }, "managed": { "type": "boolean" }, "listen_http": { "type": "array", "items": { "type": "string", "pattern": "^(\\[[0-9A-Fa-f:]+\\]|[0-9A-Fa-f:.]*):[0-9]+$" } }, "listen_https": { "type": "array", "items": { "type": "string", "pattern": "^(\\[[0-9A-Fa-f:]+\\]|[0-9A-Fa-f:.]*):[0-9]+$" } }, "home": { "type": [ "string", "null" ], "description": "Document root" }, "cert": { "type": [ "string", "null" ], "description": "Path to TLS certificate file" }, "key": { "type": [ "string", "null" ], "description": "Path to TLS key file" }, "cgi_prefix": { "type": [ "string", "null" ], "description": "URL prefix served as CGI" }, "lua_prefix": { "type": "array", "items": { "type": "string" } }, "ucode_prefix": { "type": "array", "items": { "type": "string" } }, "max_requests": { "type": "integer", "minimum": 0 }, "max_connections": { "type": "integer", "minimum": 0 }, "script_timeout": { "type": "integer", "minimum": 0 }, "network_timeout": { "type": "integer", "minimum": 0 }, "http_keepalive": { "type": "integer", "minimum": 0 }, "tcp_keepalive": { "type": "integer", "minimum": 0 }, "index_page": { "type": "array", "items": { "type": "string" } }, "error_page": { "type": [ "string", "null" ], "description": "Path served when a request 404s" }, "no_dirlists": { "type": "boolean", "description": "Disable directory listings" }, "no_symlinks": { "type": "boolean", "description": "Refuse to follow symlinks under home" }, "rfc1918_filter": { "type": "boolean", "description": "Reject requests from RFC1918 ranges with non-RFC1918 host header" }, "runtime": { "type": "object" } } }, "UhttpdCerts": { "type": "object", "description": "uapi resource backed by uci uhttpd.cert", "properties": { "id": { "type": "string", "pattern": "^[A-Za-z][A-Za-z0-9_]{0,31}$", "description": "Optional at create: caller-supplied uci section name; becomes the response `id`. When omitted, the server emits a ULID. Read-only after create (rename via DELETE + POST). Charset and length follow uci section-name rules: 1 to 32 characters, start with a letter, alphanumerics and underscore only. Per-resource modules may tighten further (e.g. proto=wireguard interfaces are IFNAMSIZ-tight at 15 chars)." }, "managed": { "type": "boolean" }, "days": { "type": "integer", "minimum": 1, "maximum": 36500, "description": "Certificate validity in days" }, "bits": { "type": "integer", "minimum": 1024, "description": "RSA key size in bits" }, "commonname": { "type": "string", "description": "X.509 CN (required)" }, "organization": { "type": "string", "description": "X.509 O" }, "location": { "type": "string", "description": "X.509 L" }, "state": { "type": "string", "description": "X.509 ST" }, "country": { "type": "string", "pattern": "^[A-Za-z]{2}$", "description": "ISO 3166-1 alpha-2 country code (case-insensitive; normalized to uppercase on write)" }, "runtime": { "type": "object" } }, "required": [ "commonname" ] }, "UnboundServer": { "type": "object", "description": "uapi resource backed by uci unbound.unbound", "properties": { "id": { "type": [ "string", "null" ] }, "managed": { "type": "boolean" }, "enabled": { "type": "boolean" }, "listen_port": { "type": "integer", "minimum": 1, "maximum": 65535 }, "dhcp_link": { "type": "string", "enum": [ "none", "odhcpd", "dnsmasq" ] }, "add_local_fqdn": { "type": [ "integer", "null" ], "minimum": 0, "maximum": 4, "description": "How aggressively to add local FQDNs (0..4)" }, "add_wan_fqdn": { "type": [ "integer", "null" ], "minimum": 0, "maximum": 4, "description": "How aggressively to add WAN FQDNs (0..4)" }, "dnssec_enabled": { "type": "boolean" }, "recursion": { "type": "string", "enum": [ "default", "passive", "aggressive" ] }, "resource_limits": { "type": "string", "enum": [ "default", "tiny", "small", "medium", "large", "big", "huge" ], "description": "Memory / cache sizing preset. Renamed on the wire from uci's `resource` (HCL block keyword)." }, "protocol": { "type": "string", "enum": [ "default", "mixed", "ip4_only", "ip6_only", "ip6_local", "ip6_prefer" ] }, "query_minimize": { "type": "boolean" }, "prefetch": { "type": "boolean" }, "manual_conf": { "type": "boolean", "description": "Skip uci and use /etc/unbound/unbound.conf hand-written" }, "extended_stats": { "type": "boolean", "description": "Emit extended statistics (stats-extended: yes)" }, "interface_auto": { "type": "boolean", "description": "Bind to all interfaces (interface-automatic: yes). Disable to bind manually via /etc/unbound/unbound_srv.conf." }, "localservice": { "type": "boolean" }, "hide_binddata": { "type": "boolean" }, "rebind_protection": { "type": "string", "enum": [ "0", "1", "2" ], "description": "0 = off, 1 = private nets, 2 = all rebind attacks blocked" }, "num_threads": { "type": "integer", "minimum": 1, "maximum": 64 }, "ttl_min": { "type": "integer", "minimum": 0, "maximum": 86400 }, "domain": { "type": [ "string", "null" ] }, "domain_type": { "type": "string", "enum": [ "deny", "refuse", "static", "transparent", "redirect", "nodefault", "typetransparent", "inform", "inform_deny" ], "description": "Local-zone type for the configured domain" }, "runtime": { "type": "object" } } }, "UnboundSrv": { "type": "object", "description": "uapi resource backed by uci unbound_srv.unbound_srv", "properties": { "id": { "type": [ "string", "null" ] }, "managed": { "type": "boolean" }, "enabled": { "type": "boolean" }, "ip_transparent": { "type": [ "boolean", "null" ], "description": "Bind to addresses that are not yet up / VIP / alias addresses." }, "interface_bind": { "type": "array", "items": { "type": "string", "pattern": "^[^\n]+$" }, "description": "Addresses unbound binds on (`addr` or `addr@port`). Pair with `unbound.@unbound[0].interface_auto = false` on the main unbound UCI for exclusive binding." }, "interface_outgoing": { "type": "array", "items": { "type": "string", "pattern": "^[^\n]+$" }, "description": "Source addresses for upstream recursion (multi-WAN egress)." }, "srv_line": { "type": "array", "items": { "type": "string", "pattern": "^[^\n]+$" }, "description": "Verbatim passthrough lines inserted inside unbound's `server:` clause. One uci entry per rendered line; `unbound-checkconf` validates grammar after restart." }, "runtime": { "type": "object" } } }, "UnboundExt": { "type": "object", "description": "uapi resource backed by uci unbound_ext.unbound_ext", "properties": { "id": { "type": [ "string", "null" ] }, "managed": { "type": "boolean" }, "enabled": { "type": "boolean" }, "ext_line": { "type": "array", "items": { "type": "string", "pattern": "^[^\n]+$" }, "description": "Verbatim lines rendered into `/etc/unbound/unbound_ext.conf` (outside the `server:` clause). One uci entry per rendered line; build whole `forward-zone:`, `view:`, `stub:`, or `remote-control:` clauses by listing them in order. `unbound-checkconf` validates grammar after restart." }, "runtime": { "type": "object" } } }, "SqmQueues": { "type": "object", "description": "uapi resource backed by uci sqm.queue", "properties": { "id": { "type": "string", "pattern": "^[A-Za-z][A-Za-z0-9_]{0,31}$", "description": "Optional at create: caller-supplied uci section name; becomes the response `id`. When omitted, the server emits a ULID. Read-only after create (rename via DELETE + POST). Charset and length follow uci section-name rules: 1 to 32 characters, start with a letter, alphanumerics and underscore only. Per-resource modules may tighten further (e.g. proto=wireguard interfaces are IFNAMSIZ-tight at 15 chars)." }, "managed": { "type": "boolean" }, "enabled": { "type": "boolean", "description": "Whether SQM is active on this interface" }, "interface": { "type": "string", "description": "Network interface name SQM applies to" }, "download": { "type": "integer", "minimum": 0 }, "upload": { "type": "integer", "minimum": 0 }, "qdisc": { "type": "string", "enum": [ "cake", "fq_codel", "pie", "htb" ] }, "script": { "type": "string", "enum": [ "piece_of_cake.qos", "simple.qos", "simplest.qos", "layer_cake.qos" ] }, "linklayer": { "type": "string", "enum": [ "none", "ethernet", "atm" ] }, "overhead": { "type": "integer", "description": "Per-packet overhead bytes for link-layer accounting" }, "runtime": { "type": "object" } }, "required": [ "interface" ] }, "SnmpdAgents": { "type": "object", "description": "uapi resource backed by uci snmpd.agent", "properties": { "id": { "type": "string", "pattern": "^[A-Za-z][A-Za-z0-9_]{0,31}$", "description": "Optional at create: caller-supplied uci section name; becomes the response `id`. When omitted, the server emits a ULID. Read-only after create (rename via DELETE + POST). Charset and length follow uci section-name rules: 1 to 32 characters, start with a letter, alphanumerics and underscore only. Per-resource modules may tighten further (e.g. proto=wireguard interfaces are IFNAMSIZ-tight at 15 chars)." }, "managed": { "type": "boolean" }, "agentaddress": { "type": "array", "items": { "type": "string" } }, "runtime": { "type": "object" } } }, "SnmpdCom2secs": { "type": "object", "description": "uapi resource backed by uci snmpd.com2sec", "properties": { "id": { "type": "string", "pattern": "^[A-Za-z][A-Za-z0-9_]{0,31}$", "description": "Optional at create: caller-supplied uci section name; becomes the response `id`. When omitted, the server emits a ULID. Read-only after create (rename via DELETE + POST). Charset and length follow uci section-name rules: 1 to 32 characters, start with a letter, alphanumerics and underscore only. Per-resource modules may tighten further (e.g. proto=wireguard interfaces are IFNAMSIZ-tight at 15 chars)." }, "managed": { "type": "boolean" }, "secname": { "type": "string", "description": "security name this community maps to" }, "source": { "type": "string", "description": "source network/range or 'default'" }, "community": { "type": "string", "description": "SNMP community string" }, "runtime": { "type": "object" } }, "required": [ "secname", "source", "community" ] }, "SnmpdGroups": { "type": "object", "description": "uapi resource backed by uci snmpd.group", "properties": { "id": { "type": "string", "pattern": "^[A-Za-z][A-Za-z0-9_]{0,31}$", "description": "Optional at create: caller-supplied uci section name; becomes the response `id`. When omitted, the server emits a ULID. Read-only after create (rename via DELETE + POST). Charset and length follow uci section-name rules: 1 to 32 characters, start with a letter, alphanumerics and underscore only. Per-resource modules may tighten further (e.g. proto=wireguard interfaces are IFNAMSIZ-tight at 15 chars)." }, "managed": { "type": "boolean" }, "group": { "type": "string", "description": "Group name referenced by snmpd/accesses entries" }, "version": { "type": "string", "enum": [ "v1", "v2c", "usm" ] }, "secname": { "type": [ "string", "null" ], "description": "Security name (community for v1/v2c, USM user for v3)" }, "runtime": { "type": "object" } }, "required": [ "group" ] }, "SnmpdAccesses": { "type": "object", "description": "uapi resource backed by uci snmpd.access", "properties": { "id": { "type": "string", "pattern": "^[A-Za-z][A-Za-z0-9_]{0,31}$", "description": "Optional at create: caller-supplied uci section name; becomes the response `id`. When omitted, the server emits a ULID. Read-only after create (rename via DELETE + POST). Charset and length follow uci section-name rules: 1 to 32 characters, start with a letter, alphanumerics and underscore only. Per-resource modules may tighten further (e.g. proto=wireguard interfaces are IFNAMSIZ-tight at 15 chars)." }, "managed": { "type": "boolean" }, "group": { "type": "string", "description": "snmpd group this access entry binds to (must exist in snmpd/groups)" }, "context": { "type": [ "string", "null" ], "description": "SNMPv3 context (usually empty)" }, "version": { "type": "string", "enum": [ "any", "v1", "v2c", "usm" ] }, "level": { "type": "string", "enum": [ "noauth", "auth", "priv" ] }, "prefix": { "type": "string", "enum": [ "exact", "prefix" ] }, "read": { "type": [ "string", "null" ], "description": "View name granted for read access" }, "write": { "type": [ "string", "null" ], "description": "View name granted for write access" }, "notify": { "type": [ "string", "null" ], "description": "View name granted for notifications" }, "runtime": { "type": "object" } }, "required": [ "group" ] }, "SnmpdSystem": { "type": "object", "description": "uapi resource backed by uci snmpd.system", "properties": { "id": { "type": [ "string", "null" ] }, "managed": { "type": "boolean" }, "sys_location": { "type": "string", "description": "SNMPv2-MIB::sysLocation" }, "sys_contact": { "type": "string", "description": "SNMPv2-MIB::sysContact" }, "sys_name": { "type": "string", "description": "SNMPv2-MIB::sysName" }, "sys_services": { "type": "integer", "minimum": 0, "maximum": 127, "description": "SNMPv2-MIB::sysServices bitfield" }, "sys_descr": { "type": "string", "description": "SNMPv2-MIB::sysDescr" }, "sys_object_id": { "type": "string", "description": "SNMPv2-MIB::sysObjectID OID" }, "runtime": { "type": "object" } } }, "LldpdConfig": { "type": "object", "description": "uapi resource backed by uci lldpd.lldpd", "properties": { "id": { "type": [ "string", "null" ] }, "managed": { "type": "boolean" }, "enable_cdp": { "type": "boolean", "description": "Emit Cisco Discovery Protocol frames" }, "enable_fdp": { "type": "boolean", "description": "Emit Foundry Discovery Protocol frames" }, "enable_sonmp": { "type": "boolean", "description": "Emit Nortel SONMP frames" }, "enable_edp": { "type": "boolean", "description": "Emit Extreme Discovery Protocol frames" }, "enable_lldpmed": { "type": "boolean", "description": "Emit LLDP-MED extensions" }, "lldp_class": { "type": "integer", "minimum": 1, "maximum": 4 }, "lldp_description": { "type": "boolean", "description": "Advertise the system description TLV" }, "lldp_capabilities": { "type": "boolean", "description": "Advertise the system capabilities TLV" }, "lldp_mgmt_ip": { "type": [ "string", "null" ], "description": "Management IP advertised in LLDP frames" }, "interface": { "type": "array", "items": { "type": "string" } }, "runtime": { "type": "object" } } }, "PrometheusNodeExporterLuaConfig": { "type": "object", "description": "uapi resource backed by uci prometheus-node-exporter-lua.prometheus-node-exporter-lua", "properties": { "id": { "type": [ "string", "null" ] }, "managed": { "type": "boolean" }, "listen_ipv6": { "type": "boolean", "description": "Listen on IPv6 in addition to IPv4" }, "listen_interface": { "type": "string", "description": "Bind to a specific network interface (uci interface name)" }, "listen_port": { "type": "integer", "minimum": 1, "maximum": 65535, "description": "TCP port for the /metrics endpoint" }, "runtime": { "type": "object" }, "cpu": { "type": "boolean", "description": "Enable the cpu collector" }, "meminfo": { "type": "boolean", "description": "Enable the meminfo collector" }, "netdev": { "type": "boolean", "description": "Enable the netdev collector" }, "loadavg": { "type": "boolean", "description": "Enable the loadavg collector" }, "filesystem": { "type": "boolean", "description": "Enable the filesystem collector" }, "diskstats": { "type": "boolean", "description": "Enable the diskstats collector" }, "uname": { "type": "boolean", "description": "Enable the uname collector" }, "netstat": { "type": "boolean", "description": "Enable the netstat collector" }, "stat": { "type": "boolean", "description": "Enable the stat collector" }, "vmstat": { "type": "boolean", "description": "Enable the vmstat collector" }, "boottime": { "type": "boolean", "description": "Enable the boottime collector" }, "entropy": { "type": "boolean", "description": "Enable the entropy collector" }, "time": { "type": "boolean", "description": "Enable the time collector" }, "hwmon": { "type": "boolean", "description": "Enable the hwmon collector" }, "textfile": { "type": "boolean", "description": "Enable the textfile collector" }, "thermal_zone": { "type": "boolean", "description": "Enable the thermal_zone collector" }, "edac": { "type": "boolean", "description": "Enable the edac collector" } } }, "VnstatConfig": { "type": "object", "description": "uapi resource backed by uci vnstat.vnstat", "properties": { "id": { "type": [ "string", "null" ] }, "managed": { "type": "boolean" }, "database_dir": { "type": "string", "description": "Path to vnstat's database directory" }, "interface_5min_hours": { "type": "integer", "minimum": 0, "description": "How many hours of 5-minute granularity data to keep" }, "month_rotate": { "type": "integer", "minimum": 1, "maximum": 31, "description": "Day of month that monthly counters roll over" }, "runtime": { "type": "object" } } }, "VnstatInterfaces": { "type": "object", "description": "uapi resource backed by uci vnstat.interface", "properties": { "id": { "type": "string", "pattern": "^[A-Za-z][A-Za-z0-9_]{0,31}$", "description": "Optional at create: caller-supplied uci section name; becomes the response `id`. When omitted, the server emits a ULID. Read-only after create (rename via DELETE + POST). Charset and length follow uci section-name rules: 1 to 32 characters, start with a letter, alphanumerics and underscore only. Per-resource modules may tighten further (e.g. proto=wireguard interfaces are IFNAMSIZ-tight at 15 chars)." }, "managed": { "type": "boolean" }, "interface": { "type": "string", "description": "Network interface to track (must exist in network/interfaces)" }, "enabled": { "type": "boolean", "description": "Whether vnstat tracks this interface" }, "runtime": { "type": "object" } }, "required": [ "interface" ] }, "Mwan3Globals": { "type": "object", "description": "uapi resource backed by uci mwan3.globals", "properties": { "id": { "type": [ "string", "null" ] }, "managed": { "type": "boolean" }, "mmx_mask": { "type": [ "string", "null" ], "pattern": "^0x[0-9A-Fa-f]+$", "description": "Firewall mark mask for mwan3-tagged packets (hex, default 0x3F00)." }, "local_source": { "type": [ "string", "null" ], "description": "Network interface used as source for locally-generated traffic; 'none' to disable." }, "logging": { "type": "boolean", "description": "Enable mwan3 daemon logging via logread." }, "loglevel": { "type": [ "string", "null" ], "enum": [ "emerg", "alert", "crit", "err", "warn", "notice", "info", "debug" ], "description": "syslog facility level (notice/info/debug/etc.)." }, "rtmon_interval": { "type": [ "integer", "null" ], "minimum": 1, "maximum": 86400, "description": "Seconds between netlink route-monitor polls." }, "runtime": { "type": "object" } } }, "Mwan3Interfaces": { "type": "object", "description": "uapi resource backed by uci mwan3.interface", "properties": { "id": { "type": "string", "pattern": "^[A-Za-z][A-Za-z0-9_]{0,31}$", "description": "Optional at create: caller-supplied uci section name; becomes the response `id`. When omitted, the server emits a ULID. Read-only after create (rename via DELETE + POST). Charset and length follow uci section-name rules: 1 to 32 characters, start with a letter, alphanumerics and underscore only. Per-resource modules may tighten further (e.g. proto=wireguard interfaces are IFNAMSIZ-tight at 15 chars)." }, "managed": { "type": "boolean" }, "enabled": { "type": "boolean" }, "family": { "type": "string", "enum": [ "ipv4", "ipv6" ], "description": "Address family this interface tracks." }, "track_ip": { "type": "array", "items": { "type": "string" }, "description": "List of IPs to ping for reachability." }, "track_method": { "type": [ "string", "null" ], "enum": [ "ping", "arping", "httping", "nping-tcp", "nping-udp", null ] }, "reliability": { "type": [ "integer", "null" ], "minimum": 1, "description": "Min reachable track_ip count to call this interface up." }, "probe_count": { "type": [ "integer", "null" ], "minimum": 1, "maximum": 10, "description": "Probes per cycle per track_ip. Maps to the `count` uci option; renamed on the wire because Terraform reserves the top-level `count` attribute." }, "size": { "type": [ "integer", "null" ], "minimum": 1, "maximum": 65507, "description": "Probe payload size in bytes." }, "max_ttl": { "type": [ "integer", "null" ], "minimum": 1, "maximum": 255 }, "check_quality": { "type": "boolean", "description": "Enable failure_latency/failure_loss thresholds." }, "failure_latency": { "type": [ "integer", "null" ], "minimum": 1 }, "failure_loss": { "type": [ "integer", "null" ], "minimum": 1, "maximum": 100 }, "recovery_latency": { "type": [ "integer", "null" ], "minimum": 1 }, "recovery_loss": { "type": [ "integer", "null" ], "minimum": 0, "maximum": 100 }, "timeout": { "type": [ "integer", "null" ], "minimum": 1, "maximum": 60 }, "interval": { "type": [ "integer", "null" ], "minimum": 1, "maximum": 3600 }, "failure_interval": { "type": [ "integer", "null" ], "minimum": 1, "maximum": 3600 }, "recovery_interval": { "type": [ "integer", "null" ], "minimum": 1, "maximum": 3600 }, "keep_failure_interval": { "type": "boolean" }, "down": { "type": [ "integer", "null" ], "minimum": 1, "description": "Consecutive failed probes before marking down." }, "up": { "type": [ "integer", "null" ], "minimum": 1, "description": "Consecutive successful probes before marking up." }, "flush_conntrack": { "type": "array", "items": { "type": "string", "enum": [ "ifup", "ifdown", "connected", "disconnected", "never" ] }, "description": "Events that flush conntrack table." }, "runtime": { "type": "object" } }, "required": [ "family" ] }, "Mwan3Members": { "type": "object", "description": "uapi resource backed by uci mwan3.member", "properties": { "id": { "type": "string", "pattern": "^[A-Za-z][A-Za-z0-9_]{0,31}$", "description": "Optional at create: caller-supplied uci section name; becomes the response `id`. When omitted, the server emits a ULID. Read-only after create (rename via DELETE + POST). Charset and length follow uci section-name rules: 1 to 32 characters, start with a letter, alphanumerics and underscore only. Per-resource modules may tighten further (e.g. proto=wireguard interfaces are IFNAMSIZ-tight at 15 chars)." }, "managed": { "type": "boolean" }, "interface": { "type": "string", "description": "Name of an mwan3:interfaces section." }, "metric": { "type": [ "integer", "null" ], "minimum": 1, "maximum": 1000, "description": "Lower wins. Members in the same policy with equal metric share load." }, "weight": { "type": [ "integer", "null" ], "minimum": 1, "maximum": 1000, "description": "Relative load-share weight among equal-metric members." }, "runtime": { "type": "object" } }, "required": [ "interface" ] }, "Mwan3Policies": { "type": "object", "description": "uapi resource backed by uci mwan3.policy", "properties": { "id": { "type": "string", "pattern": "^[A-Za-z][A-Za-z0-9_]{0,31}$", "description": "Optional at create: caller-supplied uci section name; becomes the response `id`. When omitted, the server emits a ULID. Read-only after create (rename via DELETE + POST). Charset and length follow uci section-name rules: 1 to 32 characters, start with a letter, alphanumerics and underscore only. Per-resource modules may tighten further (e.g. proto=wireguard interfaces are IFNAMSIZ-tight at 15 chars)." }, "managed": { "type": "boolean" }, "last_resort": { "type": [ "string", "null" ], "enum": [ "default", "unreachable", "blackhole", null ], "description": "Fallback when no member is reachable." }, "use_members": { "type": "array", "items": { "type": "string" }, "description": "Member section names. Equal metric balances; lower metric is preferred." }, "runtime": { "type": "object" } }, "required": [ "use_members" ] }, "Mwan3Rules": { "type": "object", "description": "uapi resource backed by uci mwan3.rule", "properties": { "id": { "type": "string", "pattern": "^[A-Za-z][A-Za-z0-9_]{0,31}$", "description": "Optional at create: caller-supplied uci section name; becomes the response `id`. When omitted, the server emits a ULID. Read-only after create (rename via DELETE + POST). Charset and length follow uci section-name rules: 1 to 32 characters, start with a letter, alphanumerics and underscore only. Per-resource modules may tighten further (e.g. proto=wireguard interfaces are IFNAMSIZ-tight at 15 chars)." }, "managed": { "type": "boolean" }, "family": { "type": [ "string", "null" ], "enum": [ "ipv4", "ipv6", null ] }, "proto": { "type": [ "string", "null" ], "enum": [ "tcp", "udp", "icmp", "all", null ] }, "src_ip": { "type": [ "string", "null" ], "description": "IP address or CIDR." }, "src_port": { "type": [ "string", "null" ], "description": "Single port or 'lo-hi' range." }, "dest_ip": { "type": [ "string", "null" ], "description": "IP address or CIDR." }, "dest_port": { "type": [ "string", "null" ], "description": "Single port or 'lo-hi' range." }, "sticky": { "type": "boolean", "description": "Pin matching connections to the same member for `timeout` seconds." }, "timeout": { "type": [ "integer", "null" ], "minimum": 1, "maximum": 86400 }, "ipset": { "type": [ "string", "null" ], "description": "Match destination against an ipset; bypasses src/dest_ip." }, "use_policy": { "type": "string", "description": "Name of an mwan3:policies section." }, "logging": { "type": "boolean" }, "runtime": { "type": "object" } }, "required": [ "use_policy" ] }, "UsteerConfig": { "type": "object", "description": "uapi resource backed by uci usteer.usteer", "properties": { "id": { "type": [ "string", "null" ] }, "managed": { "type": "boolean" }, "enabled": { "type": "boolean" }, "network": { "type": [ "string", "null" ], "description": "Network interface usteer listens on for peer announcements." }, "syslog": { "type": "boolean" }, "debug_level": { "type": [ "integer", "null" ], "minimum": 0, "maximum": 3 }, "ipv6": { "type": "boolean" }, "sta_block_timeout": { "type": [ "integer", "null" ], "minimum": 0 }, "local_sta_timeout": { "type": [ "integer", "null" ], "minimum": 0 }, "local_sta_update": { "type": [ "integer", "null" ], "minimum": 0 }, "max_neighbor_reports": { "type": [ "integer", "null" ], "minimum": 0, "maximum": 255 }, "max_retry_band": { "type": [ "integer", "null" ], "minimum": 0 }, "seen_policy_timeout": { "type": [ "integer", "null" ], "minimum": 0 }, "measurement_report_timeout": { "type": [ "integer", "null" ], "minimum": 0 }, "load_balancing_threshold": { "type": [ "integer", "null" ], "minimum": 0, "maximum": 255 }, "band_steering_threshold": { "type": [ "integer", "null" ], "minimum": 0, "maximum": 255 }, "remote_update_interval": { "type": [ "integer", "null" ], "minimum": 0 }, "remote_node_timeout": { "type": [ "integer", "null" ], "minimum": 0 }, "assoc_steering": { "type": "boolean" }, "max_assoc_sta": { "type": [ "integer", "null" ], "minimum": 0, "maximum": 255 }, "min_connect_snr": { "type": [ "integer", "null" ], "description": "Refuse association below this SNR (dBm)." }, "min_snr": { "type": [ "integer", "null" ], "description": "Disconnect clients below this SNR (dBm)." }, "min_snr_kick_delay": { "type": [ "integer", "null" ], "minimum": 0 }, "roam_kick_delay": { "type": [ "integer", "null" ], "minimum": 0 }, "roam_process_timeout": { "type": [ "integer", "null" ], "minimum": 0 }, "roam_scan_snr": { "type": [ "integer", "null" ] }, "roam_scan_tries": { "type": [ "integer", "null" ], "minimum": 0 }, "roam_scan_interval": { "type": [ "integer", "null" ], "minimum": 0 }, "roam_trigger_snr": { "type": [ "integer", "null" ] }, "roam_trigger_interval": { "type": [ "integer", "null" ], "minimum": 0 }, "signal_diff_threshold": { "type": [ "integer", "null" ], "minimum": 0 }, "node_up_script": { "type": [ "string", "null" ], "description": "Path to a hook script run on peer changes." }, "event_log_types": { "type": "array", "items": { "type": "string" }, "description": "Log categories: probe_req, beacon, auth, assoc, load_kick, signal_kick, etc." }, "ssid_list": { "type": "array", "items": { "type": "string" }, "description": "Filter usteer's action to these SSIDs (empty = all)." }, "runtime": { "type": "object" } } }, "OpenvpnInstances": { "type": "object", "description": "uapi resource backed by uci openvpn.openvpn", "properties": { "id": { "type": "string", "pattern": "^[A-Za-z][A-Za-z0-9_]{0,31}$", "description": "Optional at create: caller-supplied uci section name; becomes the response `id`. When omitted, the server emits a ULID. Read-only after create (rename via DELETE + POST). Charset and length follow uci section-name rules: 1 to 32 characters, start with a letter, alphanumerics and underscore only. Per-resource modules may tighten further (e.g. proto=wireguard interfaces are IFNAMSIZ-tight at 15 chars)." }, "managed": { "type": "boolean" }, "enabled": { "type": "boolean" }, "client": { "type": "boolean", "description": "Run this instance as a client (default: server)." }, "dev": { "type": [ "string", "null" ], "description": "Interface name (tun0, tap0, etc.)." }, "dev_type": { "type": [ "string", "null" ], "enum": "NaN" }, "proto": { "type": [ "string", "null" ], "enum": "NaN" }, "port": { "type": [ "integer", "null" ], "minimum": 1, "maximum": 65535 }, "lport": { "type": [ "integer", "null" ], "minimum": 0, "maximum": 65535 }, "rport": { "type": [ "integer", "null" ], "minimum": 1, "maximum": 65535 }, "remote": { "type": "array", "items": { "type": "string" }, "description": "host[:port] entries; client tries them in order." }, "local": { "type": [ "string", "null" ], "description": "Bind to this local IP." }, "nobind": { "type": "boolean" }, "float": { "type": "boolean" }, "topology": { "type": [ "string", "null" ], "enum": [ "net30", "p2p", "subnet", null ] }, "server": { "type": [ "string", "null" ], "description": "Server-mode subnet (e.g. `10.8.0.0 255.255.255.0`)." }, "server_bridge": { "type": [ "string", "null" ] }, "push": { "type": "array", "items": { "type": "string" }, "description": "Server-mode directives pushed to clients." }, "route": { "type": "array", "items": { "type": "string" } }, "route_gateway": { "type": [ "string", "null" ] }, "ifconfig": { "type": [ "string", "null" ] }, "ifconfig_pool": { "type": [ "string", "null" ] }, "client_to_client": { "type": "boolean" }, "duplicate_cn": { "type": "boolean" }, "keepalive": { "type": [ "string", "null" ], "description": "`interval timeout` pair." }, "ping": { "type": [ "integer", "null" ], "minimum": 1, "maximum": 3600 }, "ping_restart": { "type": [ "integer", "null" ], "minimum": 1, "maximum": 86400 }, "persist_key": { "type": "boolean" }, "persist_tun": { "type": "boolean" }, "comp_lzo": { "type": [ "string", "null" ], "enum": [ "yes", "no", "adaptive", null ] }, "compress": { "type": [ "string", "null" ], "enum": [ "lzo", "lz4", "lz4-v2", "stub", "stub-v2", null ] }, "cipher": { "type": [ "string", "null" ], "description": "Legacy data cipher (e.g. AES-256-CBC)." }, "auth": { "type": [ "string", "null" ], "description": "HMAC digest (SHA256, etc.)." }, "ncp_ciphers": { "type": [ "string", "null" ], "description": "Colon-separated negotiable data ciphers." }, "ncp_disable": { "type": "boolean" }, "tls_server": { "type": "boolean" }, "tls_client": { "type": "boolean" }, "tls_crypt": { "type": [ "string", "null" ], "description": "Path to tls-crypt key file." }, "ca": { "type": [ "string", "null" ], "description": "Path to CA cert PEM." }, "cert": { "type": [ "string", "null" ], "description": "Path to local cert PEM." }, "dh": { "type": [ "string", "null" ], "description": "Path to DH parameters PEM (server-mode)." }, "crl_verify": { "type": [ "string", "null" ], "description": "Path to CRL PEM." }, "remote_cert_tls": { "type": [ "string", "null" ], "enum": [ "client", "server", null ] }, "verify_x509_name": { "type": [ "string", "null" ] }, "user": { "type": [ "string", "null" ], "description": "Drop privileges to this user." }, "group": { "type": [ "string", "null" ] }, "status": { "type": [ "string", "null" ], "description": "Status file path." }, "log": { "type": [ "string", "null" ] }, "log_append": { "type": [ "string", "null" ] }, "verb": { "type": [ "integer", "null" ], "minimum": 0, "maximum": 11 }, "mute": { "type": [ "integer", "null" ], "minimum": 0 }, "has_key": { "type": "boolean", "readOnly": true }, "has_tls_auth": { "type": "boolean", "readOnly": true }, "has_pkcs12": { "type": "boolean", "readOnly": true }, "runtime": { "type": "object" }, "key": { "type": "string", "writeOnly": true, "description": "Path to private key PEM. Write-only; reads return has_key." }, "tls_auth": { "type": "string", "writeOnly": true, "description": "Path to TLS auth key file. Write-only; reads return has_tls_auth." }, "pkcs12": { "type": "string", "writeOnly": true, "description": "Path to PKCS#12 bundle. Write-only; reads return has_pkcs12." } } } }, "securitySchemes": { "bearerAuth": { "type": "http", "scheme": "bearer", "description": "Token created via uapi-token on the router. Hashed (salted sha256) at rest." } }, "headers": { "WWWAuthenticateBearer": { "description": "RFC 7235 challenge on 401 responses", "schema": { "type": "string", "example": "Bearer realm=\"uapi\", error=\"invalid_token\"" } }, "RetryAfter": { "description": "Seconds the client should wait before retrying (RFC 7231 6.6.4)", "schema": { "type": "integer", "minimum": 1 } }, "ETag": { "description": "Quoted hash of the resource body (minus volatile `runtime` state). Stable across unchanged sibling sections; mutates only when the resource itself changes. Use with `If-Match` on writes (or `?if_match=` query param through uhttpd) for optimistic concurrency.", "schema": { "type": "string", "example": "\"a8a93ccd3144\"" } }, "XRequestId": { "description": "ULID echoing the request_id from request (or generated server-side).", "schema": { "type": "string" } }, "Link": { "description": "RFC 8288 link relations; rel=\"next\" present when more paginated items exist.", "schema": { "type": "string", "example": "; rel=\"next\"" } }, "XNextCursor": { "description": "Convenience companion to Link rel=next: the bare next-cursor token.", "schema": { "type": "string", "pattern": "^c_[A-Za-z0-9_-]+$" } }, "IdempotentReplayed": { "description": "Set to true when a POST response was served from the Idempotency-Key cache instead of being re-applied.", "schema": { "type": "string", "enum": [ "true" ] } }, "XReloadStatus": { "description": "Outcome of the post-commit daemon reload. `ok` = init script exited 0 (NOT a runtime-convergence promise; see docs/operations.md). `no_reload` = the resource has no reload services. Absent on non-write 2xx responses.", "schema": { "type": "string", "enum": [ "ok", "no_reload" ] } }, "XReloadServices": { "description": "Comma-separated list of init scripts that were reloaded after the write committed. Absent when X-Reload-Status: no_reload.", "schema": { "type": "string", "example": "firewall,dnsmasq" } } }, "responses": { "BadRequest": { "description": "Malformed request (codes: bad_request, invalid_cursor)", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/ErrorEnvelope" } } }, "headers": { "WWW-Authenticate": { "$ref": "#/components/headers/WWWAuthenticateBearer" } } }, "Unauthorized": { "description": "Missing/invalid bearer (codes: unauthorized, invalid_token; the latter also covers expired tokens and source-IP-not-permitted)", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/ErrorEnvelope" } } }, "headers": { "WWW-Authenticate": { "$ref": "#/components/headers/WWWAuthenticateBearer" } } }, "Forbidden": { "description": "Scope or TLS check failed (codes: insufficient_scope, tls_required, scope_escalation_blocked)", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/ErrorEnvelope" } } } }, "NotFound": { "description": "Resource not found", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/ErrorEnvelope" } } } }, "Conflict": { "description": "Conflict (codes: conflict, unmanaged_resource, idempotency_key_conflict)", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/ErrorEnvelope" } } } }, "PreconditionFailed": { "description": "If-Match did not match current ETag, or JSON-Patch test op failed", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/ErrorEnvelope" } } } }, "ValidationFailed": { "description": "Request body failed validation (per-field errors in `errors[]`)", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/ErrorEnvelope" } } } }, "Locked": { "description": "Another write holds the same per-package lock; retry after Retry-After seconds", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/ErrorEnvelope" } } }, "headers": { "Retry-After": { "$ref": "#/components/headers/RetryAfter" } } }, "TooManyRequests": { "description": "Per-token rate limit exceeded; retry after Retry-After seconds", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/ErrorEnvelope" } } }, "headers": { "Retry-After": { "$ref": "#/components/headers/RetryAfter" } } }, "InternalError": { "description": "Server error (codes: internal_error, reload_failed_restored, reload_failed_unrecovered)", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/ErrorEnvelope" } } } }, "ServiceUnavailable": { "description": "Service unavailable (codes: service_unavailable, init_script_missing)", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/ErrorEnvelope" } } } } } } }