Christian Hesse
6dbd228c7f
bump required RouterOS version for all scripts
2026-07-15 21:33:18 +02:00
Christian Hesse
93e593a891
revert to Telegram domain: t.me
...
... as it resolves to its address again.
This reverts commit 5b26c6b24e .
2026-07-14 14:34:51 +02:00
Christian Hesse
5b26c6b24e
switch Telegram domain: t.me -> telegram.me
...
https://domainnamewire.com/2026/07/13/telegrams-t-me-domain-suspended-leading-to-outages/
2026-07-14 11:39:10 +02:00
Christian Hesse
4480282079
INITIAL-COMMANDS: warn on missing checksums
2026-07-08 16:07:44 +02:00
Christian Hesse
e906deda04
INITIAL-COMMANDS: give hint on url in global configuration overlay
2026-07-08 16:07:19 +02:00
Christian Hesse
5f32948f20
INITIAL-COMMANDS: give option to install from mirrors
2026-07-08 16:06:53 +02:00
Christian Hesse
cb423d2491
INITIAL-COMMANDS: drop the old builtin-trust-anchors
2026-06-25 14:09:12 +02:00
Christian Hesse
6d0574d58c
INITIAL-COMMANDS: Let's Encrypt switched back to new chain (Gen Y)
...
This reverts commit 2a6567135e .
2026-05-27 09:12:18 +02:00
Christian Hesse
2a6567135e
INITIAL-COMMANDS: Let's Encrypt switched back to old chain
2026-05-13 16:19:11 +02:00
Christian Hesse
baa8d6c974
INITIAL-COMMANDS: drop the compatibility workaround...
...
... and make it depend in RouterOS 7.19 and its builtin certificates.
2026-01-27 15:47:19 +01:00
Christian Hesse
ced6bf2c11
INITIAL-COMMANDS: update for new Let's Encrypt CA 'Root YE'
2026-01-17 16:58:16 +01:00
Christian Hesse
2b8dfec2f7
bump required RouterOS version for all scripts
2026-01-12 10:00:30 +01:00
Christian Hesse
c0678f0501
INITIAL-COMMANDS: add missing space
2025-12-01 11:25:28 +01:00
Christian Hesse
b285f2c5d2
global-functions: add and fix global scheduler automatically...
...
... and also adjust README and INITIAL-COMMANDS.
2025-11-20 11:26:59 +01:00
Christian Hesse
af5f01a973
INITIAL-COMMANDS: install from rsc.eworm.de
2025-11-20 11:26:59 +01:00
Christian Hesse
fbfeea3042
INITIAL-COMMANDS: support new builtin-trust-store...
...
... which was introduced with RouterOS 7.21beta7.
2025-11-19 16:19:59 +01:00
Christian Hesse
d69b399572
INITIAL-COMMANDS: use builtin certificates if possible
2025-06-03 11:06:59 +02:00
Christian Hesse
d80f43a1c8
INITIAL-COMMANDS: fix typos
2025-04-14 11:19:46 +02:00
Miquel Bonastre
390e3653d7
INITIAL-COMMANDS: add status output
...
Co-authored-by: Christian Hesse <mail@eworm.de>
2025-04-14 11:19:42 +02:00
Miquel Bonastre
75163f0d3c
INITIAL-COMMANDS: support installation from custom server
...
Closes: https://github.com/eworm-de/routeros-scripts/pull/96
Co-authored-by: Christian Hesse <mail@eworm.de>
2025-04-14 11:19:24 +02:00
Christian Hesse
f5189b8bd7
INITIAL-COMMANDS: quote the certificate file name
2025-02-27 10:52:52 +01:00
Christian Hesse
4bfb591fa0
bump required RouterOS version for all scripts
2025-02-07 17:44:41 +01:00
Christian Hesse
f952ea73e6
INITIAL-COMMANDS: match the certificate file name from Let's Encrypt website...
...
... and our README. 😜
2024-08-19 15:10:16 +02:00
Christian Hesse
8f43b802bc
INITIAL-COMMANDS: drop command to remove certificate file...
...
... as this is done automatically with RouterOS 7.15rc1 and later.
2024-07-25 09:11:26 +02:00
Christian Hesse
6fbafe76ba
bump RouterOS requirement for all scripts and modules...
...
... now that global-functions requires RouterOS 7.14 anyway.
2024-07-16 13:50:22 +02:00
Christian Hesse
d1693a241b
certs: E1 / E5 -> ISRG Root X2
...
In the beginning of Let's Encrypt their root certificate ISRG Root X1
was not widely trusted, at least some older and/or mobile platforms were
missing that certificate in their root certificate store.
At that time Let's Encrypt was using an alternative chain of trust,
where a certificate was cross-signed with DST Root CA X3.
To make sure a valid chain of trust is available under all circumstances
a set of all certificates had to be supplied: both root vertificates
ISRG Root X1 & DST Root CA X3, and an intermediate certificate.
This was still true after DST Root CA X3 expired, as it could still be
used as a root anchor and was shipped by Let's Encrypt when requested. 🤪
This time is finally over, and we have a clean chain for trust ending in
ISRG Root X1 (or ISRG Root X2).
Well, actually it is the other way round... Let's Encrypt signs with
different tantamount intermediate certificates. There is not only E5, but
also E6 - and we can not know beforehand which one is used on renew.
So let's jetzt drop the intermediate certificates now, and rely on root
certificates only. We are perfectly fine with this these days.
Follow-up commits will do the same for *all* certificates.
The certificate is downloaded with:
curl -d '["ISRG Root X2"]' https://mkcert.org/generate/ | grep -v '^$' > certs/ISRG-Root-X2.pem
2024-06-21 15:55:45 +02:00
Christian Hesse
76dd069fa6
Let's Encrypt changed their intermediate certificates
...
https://letsencrypt.org/2024/03/19/new-intermediate-certificates
https://letsencrypt.org/certificates/
But let's keep the old ones around for now, as some sites are still
using the old intermediate.
2024-06-19 09:29:23 +02:00
Christian Hesse
e42f8843bd
INITIAL-COMMANDS: remove the certificate file with find
...
Required as RouterOS 7.15rc1 removes it automatically.
2024-04-19 13:17:01 +02:00
Christian Hesse
009674b5bc
bump RouterOS requirement for all scripts and modules...
...
... now that global-functions requires RouterOS 7.13 anyway.
2024-04-07 22:51:24 +02:00
Christian Hesse
13d0075a48
INITIAL-COMMANDS: add badges
2024-03-12 15:27:15 +01:00
Christian Hesse
ed00c0877f
INITIAL-COMMANDS: link initial commands above
2024-02-01 15:39:39 +01:00
Christian Hesse
3ca51f4699
INITIAL-COMMANDS: fix existing installation
2024-01-25 09:38:11 +01:00
Christian Hesse
20c337d6ba
INITIAL-COMMANDS: ... but rename the configuration overlay!
...
This should not ultimately destroy user's configuration.
2024-01-24 15:52:58 +01:00
Christian Hesse
49a83682c3
INITIAL-COMMANDS: remove before adding...
...
... to make sure it does not fail on (partly) installed scripts. This
should work to fix borked base installation now.
2024-01-24 11:47:26 +01:00
Christian Hesse
be4221264c
INITIAL-COMMANDS: set script owner on initial creation
2024-01-16 22:01:04 +01:00
Christian Hesse
8f75c17e0b
global: switch eworm.de to new certificate chain (E1 / ISRG Root X2)
...
old chain: R3 / ISRG Root X1
new chain: E1 / ISRG Root X2
No user interaction or migration is required for existing installations
as we install 'E1' and 'ISRG Root X2' for some time already.
2023-10-26 22:15:05 +02:00
Christian Hesse
a832fd04ef
rename scripts and add file extension ".rsc"
...
No functional change for the user... The migration is done
automatically.
2023-03-07 22:26:01 +01:00
Christian Hesse
fe0460ef6d
INITIAL-COMMANDS: link to new paragraphs
2023-02-17 12:27:47 +01:00
Christian Hesse
34ed387343
use arrows with emoji representation
...
We had...
◀ Go back to main README
▲ Go back to top
... and switch to...
⬅️ Go back to main README
⬆️ Go back to top
2023-01-11 12:28:31 +01:00
Christian Hesse
44c7d56858
INITIAL-COMMANDS: RouterOS v7 path syntax
2022-05-12 11:04:00 +02:00
Christian Hesse
0ab99fcdbb
INITIAL-COMMANDS: give another delay before fetch
2022-02-23 09:24:10 +01:00
Christian Hesse
4b16dc06c4
INITIAL-COMMANDS: put hint into block quote
2022-02-11 23:38:28 +01:00
Christian Hesse
1089b7e7f9
README: install correct global-config-overlay for RouterOS v6
2022-01-14 08:03:53 +01:00
Christian Hesse
31653a84ca
INITIAL-COMMANDS: silence the certificate download
2022-01-14 07:49:04 +01:00
Christian Hesse
b936970c19
INITIAL-COMMANDS: adopt changes, no need to run global-config-overlay
2021-12-16 22:26:29 +01:00
Christian Hesse
a1c8716a95
INITIAL-COMMANDS: make github copy function work
...
The Github copy function skips all line breaks, so add some extra
semicolons to fix syntax.
2021-06-08 20:58:25 +02:00
Christian Hesse
f2433b8091
drop certificate DST Root CA X3
...
Let's Encrypt planned the transition to ISRG's root certificate ("ISRG Root
X1") on July 8, 2019, but postponed several times.
Finally they found another solution: A certificate 'ISRG Root X1', but
cross-signed with 'DST Root CA X3' and with a livetime that exceeds that
of the root CA. This is said to work for most operating system where root
certificate authorities are just 'trust anchors'.
I doubt this is true for RouterOS, where certificates are just imported
into the certificate store. So let's migrate to 'ISRG Root X1' now.
2021-05-18 16:32:26 +02:00
Christian Hesse
9ab20bb927
global-config-overlay: remove magic
...
This allows to drop the ignore flag.
2021-03-04 12:13:20 +01:00
Christian Hesse
25d5454234
INITIAL-COMMANDS: drop Let's Encrypt Authority X3
2020-12-18 20:32:29 +01:00
Christian Hesse
c51a630a21
INITIAL-COMMANDS: also import Let's Encrypt certificate "R3"
2020-12-17 22:14:25 +01:00