Commit graph

2031 commits

Author SHA1 Message Date
Christian Hesse
85aeeadcee netwatch-dns: check DoH server functionality...
... and try all servers one after another.
2024-01-11 15:33:03 +01:00
Christian Hesse
80db12a3e9 netwatch-dns: enable DoH certificate verification...
... if a certificate is named in configuration.
2024-01-11 09:22:32 +01:00
Christian Hesse
44a8195c37 doc/netwatch-dns: use new certificate for Cloudflare 2024-01-09 23:01:22 +01:00
Christian Hesse
d6645e8157 certs: add new DigiCert certificates...
... used by Cloudflare.
2024-01-09 23:00:13 +01:00
Christian Hesse
4249ad61df global-functions: $CertificateDownload: move delay up
We still had cases where fetch misbehaves... But this was permanent.
Perhaps we should not touch the certificate too early...
2024-01-08 00:29:18 +01:00
Christian Hesse
8c458592f5 check-lte-firmware-upgrade: unbreak terminal detectiono
This broke with commit 50d7e1fa41b8f8a6a1379de5521798346fd1ae9f... 🫣
2024-01-07 23:13:54 +01:00
Christian Hesse
0760ea9121 check-lte-firmware-upgrade: fail on empty version string 2024-01-05 17:05:34 +01:00
Christian Hesse
9a73fc526f update copyright for 2024 2024-01-01 15:25:25 +01:00
Christian Hesse
777c388b43 global-functions: $GetMacVendor: get new certificate
The service now uses: GTS CA 1P5 -> GTS Root R1
2023-12-22 14:47:54 +01:00
Christian Hesse
1c26d08267 mod/ssh-keys-import: unbreak import from file
Looks like this broke in c3045f3723 where
a non-existent variable name was used.
2023-12-21 11:34:55 +01:00
Christian Hesse
0377064f65 capsman-download-packages: avaiable packages only...
... as things became more complicated with 'wifi-qcom*'.
2023-12-20 12:29:24 +01:00
Christian Hesse
5aaa24b507 capsman-download-packages: use default set for legacy capsman...
... as well - now that 'wireless' package has been split from 'routeros'
guessing kind of broke. It required several attempts and intermittent
errors in logs to get things right.
2023-12-20 12:11:12 +01:00
Christian Hesse
5fdc8d9e65 doc/mode-button: document required type of led 2023-12-14 08:54:04 +01:00
Christian Hesse
f9528f0ac5 fw-addr-lists: warn on possible truncation
... as fetch truncates data at about 64kB, reported in SUP-132297.
2023-12-13 15:57:28 +01:00
Christian Hesse
db5ff00b5a doc/capsman-download-packages: mention package-path 2023-12-05 11:01:14 +01:00
Christian Hesse
69af869572 mention the donation hint... 2023-12-05 00:11:19 +01:00
Christian Hesse
52b8e67309 celebrating 1.000 stars on Github! 2023-12-05 00:11:19 +01:00
Christian Hesse
d3611cebbd mod/notification-email: $NotificationFunctions->"email": support hook for signature
You can compose your own signature by creating a function:

:global NotificationEMailSignature do={
  :global EitherOr;

  :local RouterBoard [ /system/routerboard/get ];
  :return ( \
    [ $EitherOr ($RouterBoard->"board-name") ($RouterBoard->"model") ] . " s/n " . $RouterBoard->"serial-number" . " | " . \
    "RouterOS " . [ /system/package/update/get installed-version ] . " | " . \
    "IP " . [ /ip/cloud/get public-address ]);
}
2023-12-05 00:11:19 +01:00
Christian Hesse
9fb596135e check-certificates: properly renew from template 2023-12-05 00:11:19 +01:00
Christian Hesse
a12ccba29e check-certificates: improve wording 2023-12-05 00:11:19 +01:00
Christian Hesse
8de6995c4b check-certificates: add workaround for broken certificates...
... where the issuer array is borked. Or is this a RouterOS issue?

[eworm@carpo] > $InspectVar [ $ParseKeyValueStore  [ /certificate/get ISRG-Root-X2 issuer ] ]
-type-> array
  -key-> C
    -type-> str
    -value-> US,O=Internet Security Research Group,CN=ISRG Root X2

A good certificate looks like this:

[eworm@carpo] > $InspectVar [ $ParseKeyValueStore  [ /certificate/get [ find where name~"eworm.net" ] issuer ] ]
-type-> array
  -key-> C
    -type-> str
    -value-> US
  -key-> CN
    -type-> str
    -value-> E1
  -key-> O
    -type-> str
    -value-> Let's Encrypt
2023-12-04 13:05:46 +01:00
Christian Hesse
a08df7bdec check-certificates: prevent infinte loop 2023-12-04 13:05:46 +01:00
Christian Hesse
3df99b0ee0 check-certificates: give full certificate chain 2023-12-04 13:05:46 +01:00
Christian Hesse
94607496ae check-certificates: fix typo and syntax 2023-12-04 12:15:10 +01:00
Christian Hesse
e4b10d4b76 mod/notification-email: $QuotedPrintable: also encode question mark
Following the RFC it is not required, but looks like Thunderbird has an
issue here...

https://datatracker.ietf.org/doc/html/rfc2045#section-6.7
2023-12-04 12:08:47 +01:00
Christian Hesse
84368ec6eb mod/notification-email: $QuotedPrintable: minor rework
We have to encode all characters from 0x00 to 0x1f as well...
Also the equal sign is nothing special here, just adding to list.
2023-12-04 12:08:47 +01:00
Christian Hesse
1bb2871e0b global-functions: $FormatLine: use $CharacterMultiply 2023-12-04 12:08:47 +01:00
Christian Hesse
5e2e65b252 global-functions: $AlignRight: use $CharacterMultiply 2023-12-04 12:08:47 +01:00
Christian Hesse
8f24b4c490 global-functions: introduce $CharacterMultiply 2023-12-04 11:22:36 +01:00
Christian Hesse
15e347303b global-functions: $DeviceInfo: add SNMP location and contact 2023-12-04 09:33:24 +01:00
Christian Hesse
aba4770395 fw-addr-lists: support timeout per list
This works with something like this:

    :global FwAddrLists {
      "allow"={
        { url="https://eworm.de/ros/fw-addr-lists/allow";
          cert="E1"; timeout=1w };
      };
      ...
    }

All urls for one named list should have the same timeout! With different
timeout values and identical addresses the behavior is besically undefined,
depending on order.
2023-11-30 13:51:57 +01:00
Christian Hesse
c6bf722e49 global-functions: introduce $MIN 2023-11-30 13:51:57 +01:00
Christian Hesse
495eff48de global-functions: introduce $MAX 2023-11-30 13:51:57 +01:00
Christian Hesse
080bef89a9 global-functions: $SymbolByUnicodeName: rename up-arrow -> arrow-up
... so arrows are grouped in case we add more.
2023-11-30 13:51:57 +01:00
Christian Hesse
4e1d54d733 global-functions: $SymbolForNotification: properly append space to alt text 2023-11-30 13:51:57 +01:00
Christian Hesse
81a86ee043 netwatch-dns: get doh host name from static dns 2023-11-27 18:21:47 +01:00
Christian Hesse
1cc0e3429b global-functions: introduce $AlignRight 2023-11-23 14:41:46 +01:00
Christian Hesse
cae5f425a6 telegram-chat: get rid of '.txt' file extension 2023-11-22 21:20:44 +01:00
Christian Hesse
d1abbede75 backup-email: get rid of '.txt' file extension 2023-11-22 21:18:39 +01:00
Christian Hesse
b75b0bf6be backup-upload: get rid of '.txt' file extension 2023-11-22 21:17:44 +01:00
Christian Hesse
11daef75f0 packages-update: refuse automatic update to RouterOS 7.13
... as migration to wireless or wifi package has to be done. Please
update manually by running:

    /system/package/update/install
2023-11-21 13:14:51 +01:00
Christian Hesse
ab8c9d04ff check-routeros-update: rename scheduler
This was missing for commit f7c72b6ed96e45bf1fbb54c46ce09e1fccc791be...
2023-11-16 13:18:10 +01:00
Christian Hesse
6384f6a239 drop old files left from migration 2023-11-15 15:10:49 +01:00
Christian Hesse
c7e2ff71e6 check-health: decrease indention in messages 2023-11-15 15:07:07 +01:00
Christian Hesse
23c5c461a6 check-health: use $HumanReadableNum for RAM utilization 2023-11-15 15:03:16 +01:00
Christian Hesse
5f457e5c37 backup-upload: build file info in a function 2023-11-15 14:35:18 +01:00
Christian Hesse
4d70b7fea4 backup-upload: give more info on files 2023-11-15 14:35:09 +01:00
Christian Hesse
180d6b8733 backup-cloud: use $HumanReadableNum for file size 2023-11-15 14:34:40 +01:00
Christian Hesse
890cd6c58d global-functions: introduce $HumanReadableNum 2023-11-15 14:34:40 +01:00
Christian Hesse
a4b2da8087 Merge branch 'wifi' into next 2023-11-15 14:34:40 +01:00