groove/routeros-scripts-main
1
0
Fork 0
mirror of https://github.com/eworm-de/routeros-scripts.git synced 2026-01-18 06:59:32 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
3365 commits 4 branches 247 tags 10 MiB
Commit graph

3365 commits

This branch
This branch
All branches
Author SHA1 Message Date
Christian Hesse
6e8e841906 README: update for new Let's Encrypt CA 'Root YE' 2026-01-17 16:58:16 +01:00
Christian Hesse
9919b9fe76 global-functions: $ScriptInstallUpdate: get new Let's Encrypt CA 'Root YE' 2026-01-17 16:58:16 +01:00
Christian Hesse
68a4ac942e certs: update *.eworm.de for new Let's Encrypt 'Root YE' 2026-01-17 16:58:16 +01:00
Christian Hesse
244eceafee certs: add Let's Encrypt 'Root YR' for future use 
https://letsencrypt.org/2025/11/24/gen-y-hierarchy
https://letsencrypt.org/certificates/#root-cas
 2026-01-17 16:58:16 +01:00
Christian Hesse
aebe7bd054 certs: add Let's Encrypt 'Root YE' for future use 
https://letsencrypt.org/2025/11/24/gen-y-hierarchy
https://letsencrypt.org/certificates/#root-cas
 2026-01-17 16:58:16 +01:00
Christian Hesse
6468c24d61 update list of contributors 2026-01-17 16:57:50 +01:00
Christian Hesse
fd4bf59bae Merge branch 'certificates' into next 2026-01-17 16:57:34 +01:00
Christian Hesse
b52936e946 doc/netwatch-dns: mention ip address... 
... which can be used for serveral services that have it in SAN.
 2026-01-17 16:52:20 +01:00
Christian Hesse
92759fcca5 doc/netwatch-dns: give hint on multiple certificates 2026-01-16 14:48:18 +01:00
Christian Hesse
ad310e6573 doc/netwatch-dns: always use the same order for examples 2026-01-16 14:48:18 +01:00
Christian Hesse
c0c1c5521e doc/netwatch-dns: include examples for dns.quad9.net & dns.google 2026-01-16 14:48:02 +01:00
Christian Hesse
0fffb5198e netwatch-dns: support multiple certificates 
Some services use certificates issued by differnt CA certificates,
depending on geolocation. One example is dns.google, which may require
either of 'GTS Root R1' or 'GTS Root R4'.

    /tool/netwatch/add comment="doh, dns, name=google-dns-ipv4, doh-cert=GTS Root R1:GTS Root R4" host=8.8.8.8 type=simple;
 2026-01-16 13:52:18 +01:00
Christian Hesse
330a616406 check-certificates: abort renew if "new" certificate is older... 
... and drop the condition on $CertRenewTime.
 2026-01-16 13:41:10 +01:00
Christian Hesse
0fee5cea3c check-certificates: move the warning below check for key 2026-01-16 13:41:10 +01:00
Christian Hesse
d673f0956c global-functions: $CertificateAvailable: get missing certificate... 
... not the issued and available one.
 2026-01-16 00:32:49 +01:00
Christian Hesse
ad455c8f1d doc/netwatch-dns: cloudflare uses a new CA for certificates 2026-01-15 23:14:37 +01:00
Christian Hesse
b72a79824e certs: add 'SSL.com Root Certification Authority ECC'... 
... to use with Cloudflare DNS.

curl -d '["SSL.com Root Certification Authority ECC"]' https://mkcert.org/generate/ | grep -v '^$' > certs/SSL-com-Root-Certification-Authority-ECC.pem
 2026-01-15 23:14:37 +01:00
Christian Hesse
156b0e4aaf fw-addr-lists: www.dshield.org requires 'GTS Root R4' 2026-01-15 23:14:37 +01:00
Christian Hesse
302fc0bb82 fw-addr-lists: lists.blocklist.de requires 'GTS Root R4' 2026-01-15 23:14:33 +01:00
Christian Hesse
df8d0370c5 doc/mod/ssh-keys-import: reverse old and new 2026-01-14 15:30:21 +01:00
Christian Hesse
cc56680206 log-forward: try to mitigate a race condition 
The old code looped over all new messages, then updated the variable
to the newest message - at that time! Messages in between were lost.
 2026-01-14 15:19:12 +01:00
Christian Hesse
6fd28bf8f7 netwatch-dns: check the certificate is available for fetch 
That trust is not needed for DNS functionality (that was checked before),
but for our hacky check with fetch.
 2026-01-14 15:05:07 +01:00
Christian Hesse
2b8dfec2f7 bump required RouterOS version for all scripts 2026-01-12 10:00:30 +01:00
Christian Hesse
45bcb80125 global-functions: bump required version to 7.17... 
... as we use `:convert from=num ...` which was introduced back then.

Actually the requirment did exist since commit
6ad6f9aa08.
 2026-01-12 10:00:30 +01:00
Christian Hesse
e7a16ad279 check-certificates: give hint on possibly incomplete cert chain 2026-01-12 10:00:30 +01:00
Christian Hesse
5481787869 check-certificates: handle builtin certificate in chain 
This includes an ugly workaround to keep it compatible with old RouterOS
versions... For now.
 2026-01-12 10:00:30 +01:00
Christian Hesse
54af7fd024 check-certificates: drop workaround 
This revert commit 8de6995c4b.

The exact example given in the commit message of that commit works
as expected now:

[eworm@kalyke] > $InspectVar [ $ParseKeyValueStore  [ /certificate/get ISRG-Root-X2 issuer ] ];
-type-> array
  -key-> C
    -type-> str
    -len-> 2
    -value-> US
  -key-> CN
    -type-> str
    -len-> 12
    -value-> ISRG Root X2
  -key-> O
    -type-> str
    -len-> 32
    -value-> Internet Security Research Group
 2026-01-12 08:31:53 +01:00
Christian Hesse
927edc639c README: hint on the badge regarding required RouterOS version 2026-01-11 21:54:12 +01:00
Christian Hesse
377e196cb0 README: long-term channel is back! 🎉 2026-01-11 21:54:12 +01:00
Christian Hesse
3c62536f87 README: make prerequisite configuration a sub-section 2026-01-11 21:22:59 +01:00
Christian Hesse
0d71cd5b3b doc/mod/inspectvar: update screenshot... 
... with fix from $CharacterMultiply and doubled indention.
 2026-01-06 14:10:08 +01:00
Christian Hesse
33061fea21 mod/inspectvar: indent by two characters 2026-01-06 14:10:08 +01:00
Christian Hesse
0ceedab5db global-functions: $CharacterMultiply: return early on length zero... 
... as :for loop counts backwards and would return two
character otherwise.
 2026-01-06 14:10:08 +01:00
Christian Hesse
6990084d98 global-functions: $CharacterMultiply: use local variables for parameters 2026-01-06 14:10:08 +01:00
Christian Hesse
7dc230cceb contrib/telegram: add Oxford Comma in greeting 2026-01-06 00:48:49 +01:00
Christian Hesse
8878449b0b global-functions: support modules (or snippets) in global-functions.d/ 2026-01-05 11:37:58 +01:00
Christian Hesse
8fa17d4b3b check-health: fix regex to load plugins 2026-01-05 11:11:52 +01:00
Christian Hesse
8528ca376c global-config: support loading custom config snippets 
This may be interesting for custom scripts which can drop their own
default global configuration.
 2026-01-05 11:11:52 +01:00
Christian Hesse
4af18ced9e global-config: fix regex to load overlay snippets 2026-01-05 11:11:52 +01:00
Christian Hesse
623f96d94a update copyright for 2026 2026-01-01 13:50:07 +01:00
Christian Hesse
aa0b5a9ca2 README: add a brief description 2025-12-29 19:21:29 +01:00
Christian Hesse
ee9618014c introduce contrib/telegram... 
... with all the content for Miss Rose.

https://t.me/MissRose_bot
 2025-12-25 23:56:00 +01:00
Christian Hesse
0745f09a8a global-functions: $FetchHuge: handle missing file 
This should not happen, as download was supposed to be
successful - it does. 🤪
 2025-12-25 23:56:00 +01:00
Christian Hesse
222404535b netwatch-dns: drop declaration of unused function 2025-12-10 16:29:20 +01:00
Christian Hesse
c697c321e6 netwatch-dns: drop early check... 
... as the later check should handle that just fine.
 2025-12-09 21:48:16 +01:00
Christian Hesse
96896c37e5 netwatch-dns: update wording to reflect the extra check 2025-12-08 09:36:03 +01:00
Christian Hesse
6e37bab481 netwatch-dns: add active check to keep DoH server 2025-12-08 09:33:07 +01:00
Christian Hesse
28b00e23a1 check-routeros-update: $DoUpdate: drop message... 
... as it's either not shown anyway (when rebooting already),
`packages-update` gives reasonable output, or it is simply wrong (when
`packages-update` failed).
 2025-12-05 12:02:29 +01:00
Christian Hesse
830693df79 global-functions: $SymbolByUnicodeName: extend special 2025-12-03 17:53:31 +01:00
Christian Hesse
240decf419 check-perpetual-license: cross-mark on already expired license 2025-12-03 15:43:58 +01:00