Commit graph

379 commits

Author SHA1 Message Date
Christian Hesse
19b80ee063 global-functions: $WaitTimeSync: rotate ntp servers minutely
Signed-off-by: Christian Hesse <mail@eworm.de>
2020-02-24 13:01:45 +01:00
Christian Hesse
5fab77abad global-functions: introduce $WaitTimeSync 2020-02-24 12:55:18 +01:00
Christian Hesse
77ec3293f0 global-functions: introduce $TimeIsSync 2020-02-24 11:06:17 +01:00
Christian Hesse
7d2239f24e global-functions: introduce $MailServerIsUp 2020-02-24 10:48:04 +01:00
Christian Hesse
e376845b12 global-functions: introduce and use $CertificateNameByCN 2020-02-06 18:18:56 +01:00
Christian Hesse
b5f4c2c87e global-config: drop $ScriptUpdatesConfigChangesIgnore
Comment or remove $GlobalConfigVersion in global-config-overlay
to disable change notifications.
2020-02-04 20:19:46 +01:00
Christian Hesse
03af7d6d9c global-functions: $CharacterReplace: do not limit string length
I've tried something like this to update a device:

/ system script set source=[ $CharacterReplace [ get global-config-overlay source ] "GlobalConfigVersion 10" "GlobalConfigVersion 11" ] global-config-overlay;

This broke with global-config-overlay longer than 999 characters. So makes
sure there is no limit for string length.
2020-02-03 21:29:21 +01:00
Christian Hesse
7f81734006 global-functions: $CertificateAvailable: simplify loop 2020-02-02 15:16:36 +01:00
Christian Hesse
1e72f03e5e README: update instructions to use $ScriptInstallUpdate 2020-01-29 22:14:56 +01:00
Christian Hesse
c500243c97 global-functions: add $ScriptInstallUpdate
Just call without parameters to update scripts:

[admin@MikroTik] > $InstallAndUpdate

Add comma separated list of scripts to install and update:

[admin@MikroTik] > $InstallAndUpdate cloud-backup[,upload-backup][,...]
2020-01-29 21:44:41 +01:00
Christian Hesse
352818ea48 global-functions: $CertificateAvailable: check whole chain
The root certificate is a self-signed certificate. Check for the issue
certificate until we find the self-signed one.
2020-01-29 21:08:10 +01:00
Christian Hesse
801dce05fa global-functions: $CertificateAvailable: warn about crl download to flash
Downloading certificate crls to flash can fill up all available space.
So warn about it!
2020-01-29 09:27:00 +01:00
Christian Hesse
5741924cf9 global-functions: replace deprecated keep-result=no with output=none 2020-01-28 21:51:27 +01:00
Christian Hesse
b3a76c7e4b global-functions: $CertificateDownload: properly name new certificates 2020-01-06 10:20:19 +01:00
Christian Hesse
cf79e6c473 global-functions: do not encode dash, dot, slash and underscore 2020-01-03 11:24:12 +01:00
Christian Hesse
b1b7ed83ed global-functions: $Certificate*: add quoting around CN 2020-01-03 10:15:34 +01:00
Christian Hesse
cb1e520965 global-functions: split $CertificateAvailable to $CertificateDownload
This allows to force download even if certificate is available. We need
this for a clean update path with Let's Encrypt.
2020-01-03 10:07:55 +01:00
Christian Hesse
afb9839073 update copyright for 2020 2020-01-01 17:00:39 +01:00
Christian Hesse
d064bd349e global-functions: define first, set later 2019-12-10 14:45:35 +01:00
Christian Hesse
64341690bf global-functions: $DownloadPackage: retry on error 2019-12-05 13:20:26 +01:00
Christian Hesse
ebd5ff9bfe global-functions: introduce $ScriptFromTerminal
Checking whether or not started from terminal is tricky... We have to find
the job for the script, find its top most parent and get its type.
2019-12-03 23:45:55 +01:00
Christian Hesse
ac6c132ea0 global-functions: $DeviceInfo: append revision to model 2019-11-28 10:49:21 +01:00
Christian Hesse
7c0c27c03f global-functions: add architecture in device info 2019-10-28 13:15:10 +01:00
Christian Hesse
f40bb2c8c8 check-health: make threshold for voltage configurable 2019-10-14 19:13:31 +02:00
Christian Hesse
1cee36a911 introduce global-config-overlay 2019-09-12 21:29:41 +02:00
Michael Gisbers
2258087aab global-functions: $DeviceInfo: handle configuration version 2019-09-12 21:29:41 +02:00
Christian Hesse
94581741f4 global-functions: introduce and use $DeviceInfo 2019-09-12 21:29:41 +02:00
Christian Hesse
166bbffe1d script-updates: add donation hint in configuration warning notification 2019-08-30 14:10:58 +02:00
Christian Hesse
29dc1b8841 add script 'check-health'
This may be incomplete... Please report if you have missing PSUs,
ttemperature sensors, whatever.
2019-08-27 12:01:32 +02:00
Christian Hesse
06b93ca6c2 global-functions: support sending silent telegram notifications 2019-08-18 21:30:59 +02:00
Christian Hesse
d457421e1e global-functions: split off $SendEMail and $SendTelegram 2019-08-18 21:30:59 +02:00
Christian Hesse
ab4aef4dfb global-functions: $DownloadPackage: re-introduce check for valid package
Even if fetch tool does its job right now... Chances are that the
download servers have corrupted or empty files.
2019-08-01 18:45:54 +02:00
Christian Hesse
acce2322c3 global-functions: add $RandomDelay 2019-07-26 18:14:33 +02:00
Christian Hesse
f49b67f5e7 global-functions: add $GetRandom 2019-07-26 18:13:59 +02:00
Christian Hesse
229dc539cc global-functions: $DownloadPackage: fix downloading for CHR / x86_64 2019-07-19 15:37:01 +02:00
Christian Hesse
8d1313f588 add script 'upload-backup' 2019-07-19 11:46:29 +02:00
Christian Hesse
f79ba55637 global-functions: add $ParseKeyValueStore 2019-07-17 16:27:21 +02:00
Christian Hesse
16f04ee7ee global-functions: $CharacterReplace: use same condition in loop 2019-07-16 12:46:33 +02:00
Christian Hesse
b1b53e3d0d global-functions: append system note in e-mail signature 2019-07-16 12:42:40 +02:00
Christian Hesse
5101d57d52 backup: split off cloud-backup
Currently backup to MikroTik cloud is pretty unreliable and script can
not catch errors at runtime. Looks like this does not change any time
soon (Ticket#2019052022003204).

So let's just split off the cloud backup to make sure email backup works
as expected.
2019-06-14 15:13:41 +02:00
Christian Hesse
42834e9de1 global-functions: $CertificateAvailable: fetch by CommonName
Now that we have a proper $UrlEncode function... Fetch certificates
by CommonName.

Also remove the PEM after import.
2019-04-30 16:52:53 +02:00
Christian Hesse
7f96e5c966 global-functions: add $WaitForFile, wait for file on fetch
The fetch command is asynchronous, the file is not guaranteed to be
available when command terminates.

I opened an issue at Mikrotik support (Ticket#2019041722004999),
their answer:

> You should perform a check in a loop.
> :delay until file exist
>
> That can happen also with any configuration not just files.

So add a function to wait for a file with given name.

I have not seen this with other configuration, though.
2019-04-30 16:52:53 +02:00
Christian Hesse
b93d4d40bc drop deprecated mode= for fetch 2019-04-09 18:01:44 +02:00
Christian Hesse
ea73505ecc script-updates: send global-config changes notification just once 2019-04-03 08:30:28 +02:00
Christian Hesse
7b1c275cc2 script-updates: add option to ignore global-config changes 2019-04-02 08:48:35 +02:00
Christian Hesse
594aef2aab check-certificates: support multiple passphrases 2019-04-01 22:45:38 +02:00
Christian Hesse
26ccf41298 global-functions: prevent infinite loop 2019-03-28 12:36:12 +01:00
Christian Hesse
72d7050423 global-functions: encode all non-alphanumeric characters 2019-03-20 22:42:16 +01:00
Christian Hesse
99a23f99e5 global-functions: remove extra check in $DownloadPackage
Should be fixed in RouterOS 6.44rc1 with changelog:

*) fetch - improved file downloading to slow memory;
2019-02-28 14:41:44 +01:00
Christian Hesse
fe1d234025 global-functions: add $ScriptLock 2019-02-21 18:35:08 +01:00
Christian Hesse
04025da9b8 global-functions: drop $Read, use :return directly 2019-02-21 00:03:57 +01:00
Christian Hesse
f127e3b7ef global-functions: detect failed package downloads 2019-02-14 20:35:13 +01:00
Christian Hesse
c361caee5b global-functions: introduce and use $CleanFilePath 2019-02-13 09:44:15 +01:00
Christian Hesse
8537bbe19d global-functions: remove file on failed download 2019-02-13 09:22:20 +01:00
Christian Hesse
900820b519 global-functions: add missing colon 2019-02-11 15:14:23 +01:00
Christian Hesse
db2c4fbf39 global-functions: prevent infinite loop in $CharacterReplace 2019-02-08 20:15:49 +01:00
Christian Hesse
fc2547c137 global-functions: add $CharacterReplace 2019-02-08 12:54:54 +01:00
Christian Hesse
870f00bb36 global: variable names are CamelCase
___  _         ___     __
           / _ )(_)__ _   / _/__ _/ /_
          / _  / / _ `/  / _/ _ `/ __/
         /____/_/\_, /  /_/ \_,_/\__/
 _       __     /___/       _             __
| |     / /___ __________  (_)___  ____ _/ /
| | /| / / __ `/ ___/ __ \/ / __ \/ __ `/ /
| |/ |/ / /_/ / /  / / / / / / / / /_/ /_/
|__/|__/\__,_/_/  /_/ /_/_/_/ /_/\__, (_)
                                /____/

RouterOS has some odd behavior when it comes to variable names. Let's
have a look at the interfaces:

[admin@MikroTik] > / interface print where name=en1
Flags: D - dynamic, X - disabled, R - running, S - slave
 #     NAME                                TYPE       ACTUAL-MTU L2MTU
 0  RS en1                                 ether            1500  1598

That looks ok. Now we use a script:

{ :local interface "en1";
  / interface print where name=$interface; }

And the result...

[admin@MikroTik] > { :local interface "en1";
{...   / interface print where name=$interface; }
Flags: D - dynamic, X - disabled, R - running, S - slave
 #     NAME                                TYPE       ACTUAL-MTU L2MTU
 0  RS en1                                 ether            1500  1598

... still looks ok.
We make a little modification to the script:

{ :local name "en1";
  / interface print where name=$name; }

And the result:

[admin@MikroTik] > { :local name "en1";
{...   / interface print where name=$name; }
Flags: D - dynamic, X - disabled, R - running, S - slave
 #     NAME                                TYPE       ACTUAL-MTU L2MTU
 0  RS en1                                 ether            1500  1598
 1   S en2                                 ether            1500  1598
 2   S en3                                 ether            1500  1598
 3   S en4                                 ether            1500  1598
 4   S en5                                 ether            1500  1598
 5  R  br-local                            bridge           1500  1598

Ups! The filter has no effect!
That happens whenever the variable name ($name) matches the property
name (name=).

And another modification:

{ :local type "en1";
  / interface print where name=$type; }

And the result:

[admin@MikroTik] > { :local type "en1";
{...   / interface print where name=$type; }
Flags: D - dynamic, X - disabled, R - running, S - slave
 #     NAME                                TYPE       ACTUAL-MTU L2MTU

Ups! Nothing?
Even if the variable name ($type) matches whatever property name (type=)
things go wrong.

The answer from MikroTik support (in Ticket#2019010222000454):

> This is how scripting works in RouterOS and we will not fix it.

To get around this we use variable names in CamelCase. Let's hope
Mikrotik never ever introduces property names in CamelCase...

*fingers crossed*
2019-01-04 12:35:34 +01:00
Christian Hesse
7d06a7e8c2 global-{config,functions}: move variables, make independent 2019-01-03 16:09:03 +01:00
Christian Hesse
6e03a3b935 script-updates: add configuration versioning 2019-01-03 15:36:26 +01:00
Christian Hesse
472cd3d905 update copyright for 2019 2019-01-02 09:38:34 +01:00
Christian Hesse
3cdd0fb94b global-functions: properly define global functions 2018-12-28 22:56:29 +01:00
Christian Hesse
ea55464434 global-functions: update comment in $SendNotification 2018-12-28 22:56:29 +01:00
Christian Hesse
ac2e6cfc61 global-functions: add $DownloadPackage
... and make script 'capsman-download-packages' use it.
2018-12-28 22:56:07 +01:00
Christian Hesse
ee5eefefc3 global-functions: add $GetMacVendor 2018-12-27 00:48:56 +01:00
Christian Hesse
f4673928ef global-functions: make $CertificateAvailable work on CommonName
This should prevent endless certificate switching for Let's Encrypt
cross-signed intermediate certificates.
2018-12-20 22:21:00 +01:00
Christian Hesse
a0fb616715 remove extra dollar sign 2018-12-12 21:57:17 +01:00
Christian Hesse
6e4d715937 global-functions: add identity tag in $SendNotification
... and send subject in telegram message.
2018-11-28 21:19:39 +01:00
Christian Hesse
ec2f976be0 global-functions: use 'print count-only' 2018-11-09 21:38:56 +01:00
Christian Hesse
ecf75697ba global-functions: add function to read user input 2018-11-09 21:13:18 +01:00
Christian Hesse
d81e1bf195 global-functions: import certificates if required
Signed-off-by: Christian Hesse <mail@eworm.de>
2018-10-16 16:06:25 +02:00
Christian Hesse
bfca11c9ad global-functions: fix missing colon 2018-10-15 09:57:13 +02:00
Christian Hesse
c9175d8e5e global-functions: make sure parameters are strings 2018-10-12 14:07:47 +02:00
Christian Hesse
92bb1d107c daily-psk: move function GeneratePSK from global-functions 2018-10-10 20:45:00 +02:00
Christian Hesse
cec61183eb global-functions: add UrlEncode and use in SendNotification 2018-10-09 16:56:29 +02:00
Christian Hesse
5e4ef0ab8f global-functions: add function to notify via e-mail and telegram 2018-10-09 15:46:39 +02:00
Christian Hesse
977a5d5f5e global-functions: move daily psk secrets to global-config 2018-10-09 14:17:19 +02:00
Christian Hesse
7b4bef1a1e make GeneratePSK a global function 2018-10-09 14:15:34 +02:00
Christian Hesse
9c3f3b9f20 add global-functions 2018-10-09 14:15:34 +02:00