mirror of
https://github.com/eworm-de/routeros-scripts.git
synced 2026-03-04 21:19:36 +00:00
Compare commits
12 commits
b560ea4b7d
...
d80f43a1c8
| Author | SHA1 | Date | |
|---|---|---|---|
|
d80f43a1c8 | ||
|
|
390e3653d7 | ||
|
|
75163f0d3c | ||
|
|
d4b5e1f5e7 | ||
|
|
c823ff87ed | ||
|
|
44fa91f5c4 | ||
|
|
e36613608c | ||
|
|
019e10e190 | ||
|
|
314ba5796d | ||
|
|
67e7b11aa7 | ||
|
|
27987a0d7c | ||
|
|
2cc47f56b9 |
4 changed files with 91 additions and 68 deletions
|
|
@ -21,6 +21,7 @@ for details!
|
|||
* [Ben Harris](mailto:mail@bharr.is) (@bharrisau)
|
||||
* [Daniel Ziegenberg](mailto:daniel@ziegenberg.at) (@ziegenberg)
|
||||
* [Ignacio Serrano](mailto:ignic@ignic.com) (@ignic)
|
||||
* [Ilya Kulakov](mailto:kulakov.ilya@gmail.com) (@Kentzo)
|
||||
* [Michael Gisbers](mailto:michael@gisbers.de) (@mgisbers)
|
||||
* [Miquel Bonastre](mailto:mbonastre@yahoo.com) (@mbonastre)
|
||||
* @netravnen
|
||||
|
|
|
|||
|
|
@ -10,30 +10,40 @@ Initial commands
|
|||
|
||||
[⬅️ Go back to main README](README.md)
|
||||
|
||||
> ⚠️ **Warning**: These command are inteneded for initial setup. If you are
|
||||
> ⚠️ **Warning**: These commands are intended for initial setup. If you are
|
||||
> not aware of the procedure please follow
|
||||
> [the long way in detail](README.md#the-long-way-in-detail).
|
||||
|
||||
Run the complete base installation:
|
||||
|
||||
{
|
||||
/tool/fetch "https://git.eworm.de/cgit/routeros-scripts/plain/certs/ISRG-Root-X2.pem" dst-path="isrg-root-x2.pem" as-value;
|
||||
:local BaseUrl "https://git.eworm.de/cgit/routeros-scripts/plain/";
|
||||
:local CertFileName "ISRG-Root-X2.pem";
|
||||
:local CertFingerprint "69729b8e15a86efc177a57afb7171dfc64add28c2fca8cf1507e34453ccb1470";
|
||||
|
||||
:put "Importing certificate...";
|
||||
/tool/fetch ($BaseUrl . "certs/" . $CertFileName) dst-path=$CertFileName as-value;
|
||||
:delay 1s;
|
||||
/certificate/import file-name="isrg-root-x2.pem" passphrase="";
|
||||
:if ([ :len [ /certificate/find where fingerprint="69729b8e15a86efc177a57afb7171dfc64add28c2fca8cf1507e34453ccb1470" ] ] != 1) do={
|
||||
/certificate/import file-name=$CertFileName passphrase="";
|
||||
:if ([ :len [ /certificate/find where fingerprint=$CertFingerprint ] ] != 1) do={
|
||||
:error "Something is wrong with your certificates!";
|
||||
};
|
||||
:delay 1s;
|
||||
:put "Renaming global-config-overlay, if exists...";
|
||||
/system/script/set name=("global-config-overlay-" . [ /system/clock/get date ] . "-" . [ /system/clock/get time ]) [ find where name="global-config-overlay" ];
|
||||
:foreach Script in={ "global-config"; "global-config-overlay"; "global-functions" } do={
|
||||
:put "Installing $Script...";
|
||||
/system/script/remove [ find where name=$Script ];
|
||||
/system/script/add name=$Script owner=$Script source=([ /tool/fetch check-certificate=yes-without-crl ("https://git.eworm.de/cgit/routeros-scripts/plain/" . $Script . ".rsc") output=user as-value]->"data");
|
||||
/system/script/add name=$Script owner=$Script source=([ /tool/fetch check-certificate=yes-without-crl ($BaseUrl . $Script . ".rsc") output=user as-value]->"data");
|
||||
};
|
||||
:put "Loading configuration and functions...";
|
||||
/system/script { run global-config; run global-functions; };
|
||||
:put "Scheduling to load configuration and functions...";
|
||||
/system/scheduler/remove [ find where name="global-scripts" ];
|
||||
/system/scheduler/add name="global-scripts" start-time=startup on-event="/system/script { run global-config; run global-functions; }";
|
||||
:put "Renaming certificate by its common-name...";
|
||||
:global CertificateNameByCN;
|
||||
$CertificateNameByCN "ISRG Root X2";
|
||||
$CertificateNameByCN $CertFingerprint;
|
||||
};
|
||||
|
||||
Then continue setup with
|
||||
|
|
|
|||
102
README.md
102
README.md
|
|
@ -214,61 +214,61 @@ There's much more to explore... Have fun!
|
|||
Available scripts
|
||||
-----------------
|
||||
|
||||
* [Find and remove access list duplicates](doc/accesslist-duplicates.md)
|
||||
* [Upload backup to Mikrotik cloud](doc/backup-cloud.md)
|
||||
* [Send backup via e-mail](doc/backup-email.md)
|
||||
* [Save configuration to fallback partition](doc/backup-partition.md)
|
||||
* [Upload backup to server](doc/backup-upload.md)
|
||||
* [Download packages for CAP upgrade from CAPsMAN](doc/capsman-download-packages.md)
|
||||
* [Run rolling CAP upgrades from CAPsMAN](doc/capsman-rolling-upgrade.md)
|
||||
* [Renew locally issued certificates](doc/certificate-renew-issued.md)
|
||||
* [Renew certificates and notify on expiration](doc/check-certificates.md)
|
||||
* [Notify about health state](doc/check-health.md)
|
||||
* [Notify on LTE firmware upgrade](doc/check-lte-firmware-upgrade.md)
|
||||
* [Check perpetual license on CHR](doc/check-perpetual-license.md)
|
||||
* [Notify on RouterOS update](doc/check-routeros-update.md)
|
||||
* [Collect MAC addresses in wireless access list](doc/collect-wireless-mac.md)
|
||||
* [Use wireless network with daily psk](doc/daily-psk.md)
|
||||
* [Comment DHCP leases with info from access list](doc/dhcp-lease-comment.md)
|
||||
* [Create DNS records for DHCP leases](doc/dhcp-to-dns.md)
|
||||
* [Automatically upgrade firmware and reboot](doc/firmware-upgrade-reboot.md)
|
||||
* [Download, import and update firewall address-lists](doc/fw-addr-lists.md)
|
||||
* [Wait for global functions und modules](doc/global-wait.md)
|
||||
* [Send GPS position to server](doc/gps-track.md)
|
||||
* [Use WPA network with hotspot credentials](doc/hotspot-to-wpa.md)
|
||||
* [Create DNS records for IPSec peers](doc/ipsec-to-dns.md)
|
||||
* [Update configuration on IPv6 prefix change](doc/ipv6-update.md)
|
||||
* [Manage IP addresses with bridge status](doc/ip-addr-bridge.md)
|
||||
* [Run other scripts on DHCP lease](doc/lease-script.md)
|
||||
* [Manage LEDs dark mode](doc/leds-mode.md)
|
||||
* [Forward log messages via notification](doc/log-forward.md)
|
||||
* [Mode button with multiple presses](doc/mode-button.md)
|
||||
* [Manage DNS and DoH servers from netwatch](doc/netwatch-dns.md)
|
||||
* [Notify on host up and down](doc/netwatch-notify.md)
|
||||
* [Visualize OSPF state via LEDs](doc/ospf-to-leds.md)
|
||||
* [Manage system update](doc/packages-update.md)
|
||||
* [Run scripts on ppp connection](doc/ppp-on-up.md)
|
||||
* [Act on received SMS](doc/sms-action.md)
|
||||
* [Forward received SMS](doc/sms-forward.md)
|
||||
* [Play Super Mario theme](doc/super-mario-theme.md)
|
||||
* [Chat with your router and send commands via Telegram bot](doc/telegram-chat.md)
|
||||
* [Install LTE firmware upgrade](doc/unattended-lte-firmware-upgrade.md)
|
||||
* [Update GRE configuration with dynamic addresses](doc/update-gre-address.md)
|
||||
* [Update tunnelbroker configuration](doc/update-tunnelbroker.md)
|
||||
* [Find and remove access list duplicates](doc/accesslist-duplicates.md) (`accesslist-duplicates`)
|
||||
* [Upload backup to Mikrotik cloud](doc/backup-cloud.md) (`backup-cloud`)
|
||||
* [Send backup via e-mail](doc/backup-email.md) (`backup-email`)
|
||||
* [Save configuration to fallback partition](doc/backup-partition.md) (`backup-partition`)
|
||||
* [Upload backup to server](doc/backup-upload.md) (`backup-upload`)
|
||||
* [Download packages for CAP upgrade from CAPsMAN](doc/capsman-download-packages.md) (`capsman-download-packages`)
|
||||
* [Run rolling CAP upgrades from CAPsMAN](doc/capsman-rolling-upgrade.md) (`capsman-rolling-upgrade`)
|
||||
* [Renew locally issued certificates](doc/certificate-renew-issued.md) (`certificate-renew-issued`)
|
||||
* [Renew certificates and notify on expiration](doc/check-certificates.md) (`check-certificates`)
|
||||
* [Notify about health state](doc/check-health.md) (`check-health`)
|
||||
* [Notify on LTE firmware upgrade](doc/check-lte-firmware-upgrade.md) (`check-lte-firmware-upgrade`)
|
||||
* [Check perpetual license on CHR](doc/check-perpetual-license.md) (`check-perpetual-license`)
|
||||
* [Notify on RouterOS update](doc/check-routeros-update.md) (`check-routeros-update`)
|
||||
* [Collect MAC addresses in wireless access list](doc/collect-wireless-mac.md) (`collect-wireless-mac`)
|
||||
* [Use wireless network with daily psk](doc/daily-psk.md) (`daily-psk`)
|
||||
* [Comment DHCP leases with info from access list](doc/dhcp-lease-comment.md) (`dhcp-lease-comment`)
|
||||
* [Create DNS records for DHCP leases](doc/dhcp-to-dns.md) (`dhcp-to-dns`)
|
||||
* [Automatically upgrade firmware and reboot](doc/firmware-upgrade-reboot.md) (`firmware-upgrade-reboot`)
|
||||
* [Download, import and update firewall address-lists](doc/fw-addr-lists.md) (`fw-addr-lists`)
|
||||
* [Wait for global functions und modules](doc/global-wait.md) (`global-wait`)
|
||||
* [Send GPS position to server](doc/gps-track.md) (`gps-track`)
|
||||
* [Use WPA network with hotspot credentials](doc/hotspot-to-wpa.md) (`hotspot-to-wpa` & `hotspot-to-wpa-cleanup`)
|
||||
* [Create DNS records for IPSec peers](doc/ipsec-to-dns.md) (`ipsec-to-dns`)
|
||||
* [Update configuration on IPv6 prefix change](doc/ipv6-update.md) (`ipv6-update`)
|
||||
* [Manage IP addresses with bridge status](doc/ip-addr-bridge.md) (`ip-addr-bridge`)
|
||||
* [Run other scripts on DHCP lease](doc/lease-script.md) (`lease-script`)
|
||||
* [Manage LEDs dark mode](doc/leds-mode.md) (`leds-day-mode`, `leds-night-mode` & `leds-toggle-mode`)
|
||||
* [Forward log messages via notification](doc/log-forward.md) (`log-forward`)
|
||||
* [Mode button with multiple presses](doc/mode-button.md) (`mode-button`)
|
||||
* [Manage DNS and DoH servers from netwatch](doc/netwatch-dns.md) (`netwatch-dns`)
|
||||
* [Notify on host up and down](doc/netwatch-notify.md) (`netwatch-notify`)
|
||||
* [Visualize OSPF state via LEDs](doc/ospf-to-leds.md) (`ospf-to-leds`)
|
||||
* [Manage system update](doc/packages-update.md) (`packages-update`)
|
||||
* [Run scripts on ppp connection](doc/ppp-on-up.md) (`ppp-on-up`)
|
||||
* [Act on received SMS](doc/sms-action.md) (`sms-action`)
|
||||
* [Forward received SMS](doc/sms-forward.md) (`sms-forward`)
|
||||
* [Play Super Mario theme](doc/super-mario-theme.md) (`super-mario-theme`)
|
||||
* [Chat with your router and send commands via Telegram bot](doc/telegram-chat.md) (`telegram-chat`)
|
||||
* [Install LTE firmware upgrade](doc/unattended-lte-firmware-upgrade.md) (`unattended-lte-firmware-upgrade`)
|
||||
* [Update GRE configuration with dynamic addresses](doc/update-gre-address.md) (`update-gre-address`)
|
||||
* [Update tunnelbroker configuration](doc/update-tunnelbroker.md) (`update-tunnelbroker`)
|
||||
|
||||
Available modules
|
||||
-----------------
|
||||
|
||||
* [Manage ports in bridge](doc/mod/bridge-port-to.md)
|
||||
* [Manage VLANs on bridge ports](doc/mod/bridge-port-vlan.md)
|
||||
* [Inspect variables](doc/mod/inspectvar.md)
|
||||
* [IP address calculation](doc/mod/ipcalc.md)
|
||||
* [Send notifications via e-mail](doc/mod/notification-email.md)
|
||||
* [Send notifications via Matrix](doc/mod/notification-matrix.md)
|
||||
* [Send notifications via Ntfy](doc/mod/notification-ntfy.md)
|
||||
* [Send notifications via Telegram](doc/mod/notification-telegram.md)
|
||||
* [Download script and run it once](doc/mod/scriptrunonce.md)
|
||||
* [Import ssh keys for public key authentication](doc/mod/ssh-keys-import.md)
|
||||
* [Manage ports in bridge](doc/mod/bridge-port-to.md) (`mod/bridge-port-to`)
|
||||
* [Manage VLANs on bridge ports](doc/mod/bridge-port-vlan.md) (`mod/bridge-port-vlan`)
|
||||
* [Inspect variables](doc/mod/inspectvar.md) (`mod/inspectvar`)
|
||||
* [IP address calculation](doc/mod/ipcalc.md) (`mod/ipcalc`)
|
||||
* [Send notifications via e-mail](doc/mod/notification-email.md) (`mod/notification-email`)
|
||||
* [Send notifications via Matrix](doc/mod/notification-matrix.md) (`mod/notification-matrix`)
|
||||
* [Send notifications via Ntfy](doc/mod/notification-ntfy.md) (`mod/notification-ntfy`)
|
||||
* [Send notifications via Telegram](doc/mod/notification-telegram.md) (`mod/notification-telegram`)
|
||||
* [Download script and run it once](doc/mod/scriptrunonce.md) (`mod/scriptrunonce`)
|
||||
* [Import ssh keys for public key authentication](doc/mod/ssh-keys-import.md) (`mod/ssh-keys-import`)
|
||||
|
||||
Installing custom scripts & modules
|
||||
-----------------------------------
|
||||
|
|
|
|||
|
|
@ -167,8 +167,8 @@
|
|||
$LogPrint warning $0 ("Failed downloading certificate with CommonName '" . $CommonName . \
|
||||
"' from repository! Trying fallback to mkcert.org...");
|
||||
:do {
|
||||
:if ([ $CertificateAvailable "ISRG Root X1" ] = false) do={
|
||||
$LogPrint error $0 ("Downloading required certificate failed.");
|
||||
:if ([ :len [ /certificate/find where common-name="ISRG Root X1" ] ] = 0) do={
|
||||
$LogPrint error $0 ("Required certificate is not available.");
|
||||
:return false;
|
||||
}
|
||||
/tool/fetch check-certificate=yes-without-crl http-header-field=({ [ $FetchUserAgentStr $0 ] }) \
|
||||
|
|
@ -203,12 +203,19 @@
|
|||
|
||||
# name a certificate by its common-name
|
||||
:set CertificateNameByCN do={
|
||||
:local CommonName [ :tostr $1 ];
|
||||
:local Match [ :tostr $1 ];
|
||||
|
||||
:global CleanName;
|
||||
:global LogPrint;
|
||||
|
||||
:local Cert [ /certificate/find where common-name=$CommonName ];
|
||||
:local Cert ([ /certificate/find where (common-name=$Match or fingerprint=$Match or name=$Match) ]->0);
|
||||
:if ([ :len $Cert ] = 0) do={
|
||||
$LogPrint warning $0 ("No matching certificate found.");
|
||||
:return false;
|
||||
}
|
||||
:local CommonName [ /certificate/get $Cert common-name ];
|
||||
/certificate/set $Cert name=[ $CleanName $CommonName ];
|
||||
:return true;
|
||||
}
|
||||
|
||||
# multiply given character(s)
|
||||
|
|
@ -1387,8 +1394,8 @@
|
|||
|
||||
# lock script against multiple invocation
|
||||
:set ScriptLock do={
|
||||
:local Script [ :tostr $1 ];
|
||||
:local WaitMax ([ :tonum $3 ] * 10);
|
||||
:local Script [ :tostr $1 ];
|
||||
:local WaitMax [ :totime $2 ];
|
||||
|
||||
:global GetRandom20CharAlNum;
|
||||
:global IfThenElse;
|
||||
|
|
@ -1477,6 +1484,10 @@
|
|||
:set ($ScriptLockOrder->$Script) ({});
|
||||
}
|
||||
|
||||
:if ([ :typeof $WaitMax ] = "nil" ) do={
|
||||
:set WaitMax 0s;
|
||||
}
|
||||
|
||||
:if ([ :len [ /system/script/find where name=$Script ] ] = 0) do={
|
||||
$LogPrint error $0 ("A script named '" . $Script . "' does not exist!");
|
||||
:error false;
|
||||
|
|
@ -1496,12 +1507,13 @@
|
|||
:local MyTicket [ $GetRandom20CharAlNum 6 ];
|
||||
$AddTicket $Script $MyTicket;
|
||||
|
||||
:local WaitCount 0;
|
||||
:while ($WaitMax > $WaitCount && \
|
||||
:local WaitInterval ($WaitMax / 20);
|
||||
:local WaitTime $WaitMax;
|
||||
:while ($WaitTime > 0 && \
|
||||
([ $IsFirstTicket $Script $MyTicket ] = false || \
|
||||
[ $TicketCount $Script ] < [ $JobCount $Script ])) do={
|
||||
:set WaitCount ($WaitCount + 1);
|
||||
:delay 100ms;
|
||||
:set WaitTime ($WaitTime - $WaitInterval);
|
||||
:delay $WaitInterval;
|
||||
}
|
||||
|
||||
:if ([ $IsFirstTicket $Script $MyTicket ] = true && \
|
||||
|
|
@ -1513,7 +1525,7 @@
|
|||
|
||||
$RemoveTicket $Script $MyTicket;
|
||||
$LogPrint debug $0 ("Script '" . $Script . "' started more than once" . \
|
||||
[ $IfThenElse ($WaitCount > 0) " and timed out waiting for lock" "" ] . "...");
|
||||
[ $IfThenElse ($WaitTime < $WaitMax) " and timed out waiting for lock" "" ] . "...");
|
||||
:return false;
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue