mirror.MikroTik/eworm.routeros-scripts
1
0
Fork 0
mirror of https://git.eworm.de/cgit/routeros-scripts synced 2025-06-24 02:28:39 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
2765 commits 4 branches 238 tags 6.9 MiB
Commit graph

2765 commits

This branch
This branch
All branches
Author SHA1 Message Date
Christian Hesse
fe52bd4a0a fw-addr-lists: use lists in JSON format for spamhaus.org 2024-09-11 10:49:04 +02:00
Christian Hesse
d23d05f2ea fw-addr-lists: handle JSON format from spamhaus.org 
Closes: https://github.com/eworm-de/routeros-scripts/issues/79
 2024-09-11 10:48:45 +02:00
Christian Hesse
09dcd51feb netwatch-dns: give warning on CRL use 2024-09-05 09:54:35 +02:00
Christian Hesse
9737bfa46a certs: add poor man's check 😜 2024-09-04 11:55:02 +02:00
Christian Hesse
21fa46fdf6 certs: drop 'Baltimore CyberTrust Root' 2024-08-28 17:59:44 +02:00
Christian Hesse
f4c97559b3 fw-addr-lists: drop edrop.txt, which does no longer exist 2024-08-28 17:56:48 +02:00
Christian Hesse
917be4b425 fw-addr-lists: spamhaus.org requires 'GTS Root R4' now 
Fixes: https://github.com/eworm-de/routeros-scripts/issues/78
 2024-08-28 17:55:28 +02:00
Christian Hesse
48fd281c1d certs: drop 'DigiCert Global Root CA' 2024-08-27 16:43:35 +02:00
Christian Hesse
90632f223a doc/netwatch-dns: 'DigiCert Global Root G3' for Quad9 2024-08-27 10:59:51 +02:00
Christian Hesse
3e9a7ea75a certs: add 'DigiCert Global Root G3'... 
... for quad9.net which can be used for DoH:

$CertificateAvailable "DigiCert Global Root G3";
/ip/dns/set use-doh-server=https://9.9.9.9/dns-query verify-doh-cert=yes;
 2024-08-27 09:38:13 +02:00
Christian Hesse
f17502d3d0 check-routeros-update: support switching to stable channel... 
... with a feature update in testing channel.
 2024-08-20 11:08:05 +02:00
Christian Hesse
d360cc05be netwatch-dns: disable DoH if time not sync... 
... as it is possible that time is off, DNS via DoH fails (cert invalid),
and finally syncing time fails due to failing DNS.
 2024-08-19 15:10:37 +02:00
Christian Hesse
f952ea73e6 INITIAL-COMMANDS: match the certificate file name from Let's Encrypt website... 
... and our README. 😜
 2024-08-19 15:10:16 +02:00
Christian Hesse
342d459436 README: match the certificate file name from Let's Encrypt website... 
... so import from manually downloaded and transferred file works
out of the box as well.
 2024-08-19 15:06:32 +02:00
Christian Hesse
c28574b8f4 README: make the QR code a link 2024-08-19 10:35:37 +02:00
Christian Hesse
32474c751f telegram-chat: drop extra conversion 
The JSON parser was actually fixed in RouterOS 7.15beta4, but let's bump
the required version to next stable release instead.
 2024-07-25 09:15:41 +02:00
Christian Hesse
a017f24224 daily-psk: drop workaround for old RouterOS 2024-07-25 09:15:41 +02:00
Christian Hesse
209c37664b netwatch-notify: do not switch type when resolving 
This requires RouterOS 7.15beta4, but let's bump the required version
to next stable release instead.
 2024-07-25 09:15:41 +02:00
Christian Hesse
8f43b802bc INITIAL-COMMANDS: drop command to remove certificate file... 
... as this is done automatically with RouterOS 7.15rc1 and later.
 2024-07-25 09:11:26 +02:00
Christian Hesse
22d93d0708 README: drop command to remove certificate file... 
... as this is done automatically with RouterOS 7.15rc1 and later.

Not bumping the required RouterOS version (badge) here... Worst thing
that can happen is a stale certificate file left on storage.
 2024-07-25 09:11:26 +02:00
Christian Hesse
511184a4a7 global-functions: $EitherOr: revert... 
... but leave a comment.
 2024-07-22 21:14:03 +02:00
Christian Hesse
8ea7805541 global-functions: $EitherOr: pass boolean value 
Note that literal "true" or "false" (even without quotes) is converted
to string. So you may have to enclose it in parentheses for a boolean
value:

    > :put [ :typeof [ $EitherOr true false ] ];
    str
    > :put [ :typeof [ $EitherOr (true) (false) ] ];
    bool
 2024-07-22 18:28:56 +02:00
Christian Hesse
380b3b3137 Merge branch 'line-breaks' into next 2024-07-16 14:19:17 +02:00
Christian Hesse
6fbafe76ba bump RouterOS requirement for all scripts and modules... 
... now that global-functions requires RouterOS 7.14 anyway.
 2024-07-16 13:50:22 +02:00
Christian Hesse
075a9bd6c4 mod/ipcalc: use :tocrlf 2024-07-16 13:50:22 +02:00
Christian Hesse
2b758b83fd mod/inspectvar: use :tocrlf 2024-07-16 13:50:22 +02:00
Christian Hesse
2fd0d27447 global-functions: $Unix2Dos: use :tocrlf 2024-07-16 13:50:22 +02:00
Christian Hesse
8f75d542f3 global-functions: $PrettyPrint: use :tocrlf 2024-07-16 13:50:22 +02:00
Christian Hesse
8074305b92 global-functions: $Dos2Unix: use :tolf 2024-07-16 13:50:22 +02:00
Christian Hesse
f2ca62aed0 global-functions: $ScriptInstallUpdate: support storing with CRLF 
Adding this in `global-config-overlay` make the scripts being stored
with CRLF line breaks:

    :global ScriptUpdatesCRLF true;

Handle with care, I do not recommend it. Thus it's just a hidden
setting.
 2024-07-16 13:50:22 +02:00
Christian Hesse
a26f78329a ppp-on-up: support scripts with CRLF line breaks 2024-07-16 13:50:22 +02:00
Christian Hesse
ee928605df news-and-changes: support scripts with CRLF line breaks 2024-07-16 13:50:22 +02:00
Christian Hesse
7cf0c5b205 capsman-download-packages: support scripts with CRLF line breaks 2024-07-16 13:50:22 +02:00
Christian Hesse
68f61ae622 global-functions: $ScriptInstallUpdate: allow CRLF on device 2024-07-16 13:50:22 +02:00
Christian Hesse
2d42fed621 global-functions: $ScriptInstallUpdate: forcibly convert to LF... 
... to make sure we do not have unintended CRLF line breaks.
 2024-07-16 13:50:22 +02:00
Christian Hesse
0101b56bff README: use :tocrlf to convert global-config-overlay 2024-07-16 13:50:22 +02:00
Christian Hesse
f09fa83105 doc/mod/ssh-keys-import: drop hint on older RouterOS 2024-07-16 13:49:54 +02:00
Christian Hesse
3fd1896ad6 capsman-download-packages: support running several scripts... 
... as it is possible to have more than just one providing
the functionality.
 2024-07-11 08:57:09 +02:00
Christian Hesse
78dfc568c1 capsman-{download-packages,rolling-upgrade}: run matching script 
It is possible to run old and new CAPsMAN on one system simultaneously
(... since RouterOS 7.13?). Thus it may make sense to have both variants
of these scripts installed, and we have to make sure to run the correct
one.
 2024-07-11 08:45:53 +02:00
Christian Hesse
35d3c058b8 update list of contributors 2024-07-10 11:02:53 +02:00
Christian Hesse
25135b64e5 backup-partition: check that target is inactive 2024-07-08 10:05:11 +02:00
Christian Hesse
235737c232 backup-partition: check the fallback partition actually exists... 
... and use its id for actions.
 2024-07-08 10:04:57 +02:00
Christian Hesse
1bc6f9c45c backup-partition: rename variable 2024-07-05 15:19:11 +02:00
Christian Hesse
64bc9f73f7 packages-update: run backups before package download 
This reduces memory pressure, especially on device with very limited RAM
like mAP with its 64 MB.
 2024-07-04 15:31:43 +02:00
Christian Hesse
eab9b28cd2 global-functions: $MkDir: enable tmpfs if disabled 2024-07-04 15:31:43 +02:00
Christian Hesse
ce1b635eb2 global-functions: $GetMacVendor: cert 'GTS Root R4' 2024-07-02 21:29:14 +02:00
Christian Hesse
f3f7d3edc0 check-certificates: limit scope for $CertNew... 
... into block where certificate is replaced.

This should unbreak renewing with a certificate updated in place.
 2024-06-25 07:58:10 +02:00
Christian Hesse
cdb553d39b global-functions: $CertificateDownload: try fallback to mkcert.org 
There's a nice API that allows to download certificate by exact common
name. Let's use that, as a fallback at least.

https://mkcert.org/
 2024-06-21 16:04:05 +02:00
Christian Hesse
b35c7b6703 Merge branch 'root-certificates' into next 2024-06-21 15:57:04 +02:00
Christian Hesse
1a6812ef79 notify on changes regarding certificates 2024-06-21 15:57:04 +02:00