mirror of
https://github.com/eworm-de/routeros-scripts
synced 2024-05-14 08:04:19 +00:00
4427cabd0e
Drop 'DST Root CA X3', use 'ISRG Root X1' instead. The migration code makes sure that... * the intermediate certificate 'R3' is signed by 'ISRG Root X1' * 'ISRG Root X1' is self-signed, not cross-signed by 'DST Root CA X3' * 'DST Root CA X3' is finally gone
66 lines
5.2 KiB
Text
66 lines
5.2 KiB
Text
# News, changes and migration by RouterOS Scripts
|
|
# Copyright (c) 2019-2021 Christian Hesse <mail@eworm.de>
|
|
# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md
|
|
|
|
# Changes for global-config to be added to notification on script updates
|
|
:global GlobalConfigChanges {
|
|
1="Moved variables from 'global-config' to 'global-functions' for independence";
|
|
2="Variable names became CamelCase to work around scripting issues";
|
|
3="Variable for certificate renew passphrase became an array to support multiple passphrases";
|
|
4="Added option to ignore global-config changes";
|
|
5="Split off new script 'cloud-backup' from 'email-backup'";
|
|
6="Introduced script 'upload-backup' with new configuration parameters";
|
|
7="Introduced script 'check-health' with new configuration parameters";
|
|
8="Added donation hint and option to silence it";
|
|
9="Introduced configuration overlay 'global-config-overlay'";
|
|
10="Made health threshold for voltage configurable";
|
|
11="Introduced function '\$ScriptInstallUpdate' to install new and update existing scripts";
|
|
12="Removed '\$ScriptUpdatesConfigChangesIgnore', comment '\$GlobalConfigVersion' in 'global-config-overlay' to disable change notifications";
|
|
13="Configuration for script 'bridge-port-to-default' changed with new syntax in comment";
|
|
14="Dropped script 'script-updates', use '\$ScriptInstallUpdate' exclusively!";
|
|
15="New documentation is online! https://git.eworm.de/cgit/routeros-scripts/about/#available-scripts";
|
|
16="Happy with RouterOS Scripts and have a GitHub and/or GitLab account? Please star!";
|
|
17="Introduced script 'early-errors'";
|
|
18=("Added a simple IP calculation function, try: \$IPCalc " . [ / ip address get ([ find ]->0) address ]);
|
|
19="Commenting scripts with 'ignore', 'base-url=...' and 'url-suffix=...' is honored on update";
|
|
20="Added support for hooks to 'netwatch-notify'";
|
|
21="Added support for installing patch updates automatically by 'check-routeros-update'";
|
|
22="Dropped '\$ScriptUpdatesIgnore' from global configuration, auto-migrating to ignore flag in comment"
|
|
23="Added 'log-forward' with configurable filter, which replaces 'early-errors'";
|
|
24="Made symbols in notifications configurable.";
|
|
25="Added support for DHCP server name in DNS FQDN via '\$ServerNameInZone'";
|
|
26="Made check count threshold in 'netwatch-notify' configurable.";
|
|
27="Added queue for Telegram notifications to resend later on error.";
|
|
28="Made 'dhcp-to-dns' act on all bound leases, not just dynamic ones.";
|
|
29="Added filter on log message text for 'log-forward'.";
|
|
30="Implemented simple rate limit for 'log-forward' to prevent flooding.";
|
|
31="Switched Telegram notifications to fixed-width font, with opt-out.";
|
|
32="Merged mode (& reset) button scripts in single new script 'mode-button'.";
|
|
33="Added configurable deviation on health temperature recovery threshold against notification flooding.";
|
|
34="Introduced script 'ospf-to-leds' to visualize OSPF instance state via LEDs.";
|
|
35="Implemented visual feedback for 'mode-button' with configurable LED.";
|
|
36="Added support for installing updates automatically if seen in neighbor list.";
|
|
37="Implemented simple dependency model in 'netwatch-notify'.";
|
|
38="Imported new Let's Encrypt intermediate certificate 'R3'.";
|
|
39="Added support for interface specific address list entries in 'ipv6-update'.";
|
|
40="Made the certificate renewal time configurable.";
|
|
41="Implemented migration mechanism for script updates.";
|
|
42="Made severity in terminal output colorful, with opt-out.";
|
|
43="Added queue for e-mail notifications to resend later on error.";
|
|
44="Dropped script 'global-wait', all scripts wait on their own now.";
|
|
45="We have a Telegram Group! Come along and say hello: https://t.me/routeros_scripts";
|
|
46="Added configurable random delay in backup scripts to stretch execution and prevent resource congestion.";
|
|
47="Removed obsolete intermediate certificate 'Let's Encrypt Authority X3' from store.";
|
|
48="Added support for overriding e-mail and Telegram settings for every script.";
|
|
49="Dropped '\$EmailBackupTo' & '\$EmailBackupCc' from configuration, use settings override if required.";
|
|
50="Added support for dynamic address update in 'netwatch-notify'.";
|
|
51="Added 'ipsec-to-dns' to add DNS records for IPSec peers from mode-config.";
|
|
52="Updated Let's Encrypt trust chain to use root certificate 'ISRG Root X1'. Do not re-import the old chain!";
|
|
};
|
|
|
|
# Migration steps to be applied on script updates
|
|
:global GlobalConfigMigration {
|
|
41=":global SendNotification; \$SendNotification (\"Migration mechanism\") (\"Congratulations!\nSuccessfully tested the new migration mechanism.\");";
|
|
47="/ certificate remove [ find where fingerprint=\"731d3d9cfaa061487a1d71445a42f67df0afca2a6c2d2f98ff7b3ce112b1f568\" or fingerprint=\"25847d668eb4f04fdd40b12b6b0740c567da7d024308eb6c2c96fe41d9de218d\" ];";
|
|
52=":global CertificateDownload; :if ([ :len [ / certificate find where fingerprint=\"67add1166b020ae61b8f5fc96813c04c2aa589960796865572a3c7e737613dfd\" or fingerprint=\"96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6\" ] ] < 2) do={ \$CertificateDownload \"R3\"; }; / certificate remove [ find where fingerprint=\"0687260331a72403d909f105e69bcf0d32e1bd2493ffc6d9206d11bcd6770739\" ];";
|
|
};
|