1 files changed, 69 insertions, 38 deletions

diff --git a/global-config.rsc b/global-config.rsc
index 7d3ef7c..42a457a 100644
--- a/global-config.rsc
+++ b/global-config.rsc
@@ -1,10 +1,10 @@
 #!rsc by RouterOS
 # RouterOS script: global-config
-# Copyright (c) 2013-2023 Christian Hesse <mail@eworm.de>
-# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md
+# Copyright (c) 2013-2025 Christian Hesse <mail@eworm.de>
+# https://rsc.eworm.de/COPYING.md
 #
 # global configuration
-# https://git.eworm.de/cgit/routeros-scripts/about/
+# https://rsc.eworm.de/
 
 # Set this to 'true' to disable news and change notifications.
 :global NoNewsAndChangesNotification false;
@@ -33,6 +33,8 @@
 :global TelegramChatId "";
 #:global TelegramTokenId "123456:ABCDEF-GHI";
 #:global TelegramChatId "12345678";
+# Use this to send notifications to a specific topic in group.
+:global TelegramThreadId "";
 # Using telegram-chat you have to define trusted chat ids (not group ids!)
 # or user names. Groups allow to chat with devices simultaneously.
 #:global TelegramChatIdsTrusted {
@@ -41,8 +43,6 @@
 #};
 :global TelegramChatGroups "(all)";
 #:global TelegramChatGroups "(all|home|office)";
-# This is whether or not to send Telegram messages with fixed-width font.
-:global TelegramFixedWidthFont true;
 
 # You can send Matrix notifications. Configure these settings and
 # install the module:
@@ -54,9 +54,24 @@
 #:global MatrixAccessToken "123456ABCDEFGHI...";
 #:global MatrixRoom "!example:matrix.org";
 
-# It is possible to override e-mail, Telegram and Matrix setting for every
-# script. This is done in arrays, where 'Override' is appended to the
-# variable name, like this:
+# You can send Ntfy notifications. Configure these settings and
+# install the module:
+# $ScriptInstallUpdate mod/notification-ntfy
+:global NtfyServer "ntfy.sh";
+:global NtfyServerUser "";
+:global NtfyServerPass "";
+:global NtfyServerToken "";
+:global NtfyTopic "";
+
+# You can send Gotify notifications. Configure these settings and
+# install the module:
+# $ScriptInstallUpdate mod/notification-gotify
+:global GotifyServer "";
+:global GotifyToken "";
+
+# It is possible to override e-mail, Telegram, Matrix and Ntfy setting
+# for every script. This is done in arrays, where 'Override' is appended
+# to the variable name, like this:
 #:global EmailGeneralToOverride {
 #  "check-certificates"="override@example.com";
 #  "backup-email"="backup@example.com";
@@ -79,42 +94,50 @@
 :global BackupUploadUrl "sftp://example.com/backup/";
 :global BackupUploadUser "mikrotik";
 :global BackupUploadPass "v3ry-s3cr3t";
+# Copy the RouterOS installation to backup partition before feature update.
+:global BackupPartitionCopyBeforeFeatureUpdate false;
 
 # This defines the settings for firewall address-lists (fw-addr-lists).
+# Warning: Mind your device's resources - memory and processing!
 :global FwAddrLists {
 #  "allow"={
-#    { url="https://eworm.de/ros/fw-addr-lists/allow";
-#      cert="R3" };
+#    { url="https://rsc.eworm.de/main/fw-addr-lists.d/allow";
+#      cert="ISRG Root X2"; timeout=1w };
 #  };
   "block"={
-#    { url="https://eworm.de/ros/fw-addr-lists/block";
-#      cert="R3" };
-    { url="https://feodotracker.abuse.ch/downloads/ipblocklist_recommended.txt";
-      cert="GlobalSign Atlas R3 DV TLS CA 2022 Q3" };
-    { url="https://sslbl.abuse.ch/blacklist/sslipblacklist.txt";
-      cert="GlobalSign Atlas R3 DV TLS CA 2022 Q3" };
+#    { url="https://rsc.eworm.de/main/fw-addr-lists.d/block";
+#      cert="ISRG Root X2" };
+    { url="https://raw.githubusercontent.com/stamparm/ipsum/refs/heads/master/levels/4.txt";
+#     # higher level (decrease the numerical value) for more addresses, and vice versa
+      cert="USERTrust RSA Certification Authority" };
     { url="https://www.dshield.org/block.txt"; cidr="/24";
-      cert="R3" };
-#    { url="https://www.spamhaus.org/drop/drop.txt";
-#      cert="Cloudflare Inc ECC CA-3" };
-#    { url="https://www.spamhaus.org/drop/edrop.txt";
-#      cert="Cloudflare Inc ECC CA-3" };
+      cert="ISRG Root X1" };
+    { url="https://lists.blocklist.de/lists/strongips.txt";
+      cert="Certum Trusted Network CA" };
+#    { url="https://www.spamhaus.org/drop/drop_v4.json";
+#      cert="GTS Root R4" };
+#    { url="https://www.spamhaus.org/drop/drop_v6.json";
+#      cert="GTS Root R4" };
   };
+#  "mikrotik"={
+#    { url="https://rsc.eworm.de/main/fw-addr-lists.d/mikrotik";
+#      cert="ISRG Root X2"; timeout=1w };
+#  };
 };
 :global FwAddrListTimeOut 1d;
 
 # This defines what log messages to filter or include by topic or message
-# text. Regular expressions are supported. Do *NOT* set an empty string,
-# that will filter or include everything!
+# text. Regular expressions are supported. An empty string has a special
+# meaning not to filter or include anything.
 # These are filters, so excluding messages from forwarding.
-:global LogForwardFilter "(debug|info)";
-:global LogForwardFilterMessage [];
+:global LogForwardFilter "(debug|info|packet|raw)";
+:global LogForwardFilterMessage "";
 #:global LogForwardFilterMessage "message text";
 #:global LogForwardFilterMessage "(message text|another text|...)";
 # ... and another setting with reverse logic. This includes messages even
 # if filtered above.
-:global LogForwardInclude [];
-:global LogForwardIncludeMessage [];
+:global LogForwardInclude "";
+:global LogForwardIncludeMessage "";
 #:global LogForwardInclude "account";
 #:global LogForwardIncludeMessage "message text";
 
@@ -131,6 +154,9 @@
 # Set to all upper-case "Yes, please!" to enable.
 :global SafeUpdateAll "no";
 
+# Defer the reboot for night on automatic (non-interactive) update
+:global PackagesUpdateDeferReboot false;
+
 # These thresholds control when to send health notification
 # on temperature and voltage.
 :global CheckHealthTemperature {
@@ -169,7 +195,7 @@
 
 # Run different commands with multiple mode-button presses.
 :global ModeButton {
-  1="/system/script/run leds-toggle-mode;";
+  1="/system/leds/settings/set all-leds-off=(({ \"never\"=\"immediate\"; \"immediate\"=\"never\" })->[ get all-leds-off ]);";
   2=":global Identity; :global SendNotification; :global SymbolForNotification; \$SendNotification ([ \$SymbolForNotification \"earth\" ] . \"Hello...\") (\"Hello world, \" . \$Identity . \" calling!\");";
   3="/system/shutdown;";
   4="/system/reboot;";
@@ -198,16 +224,17 @@
 # This is the address used to send gps data to.
 :global GpsTrackUrl "https://example.com/index.php";
 
-# Enable this to fetch scripts from given url.
-:global ScriptUpdatesFetch true;
-:global ScriptUpdatesBaseUrl "https://git.eworm.de/cgit/routeros-scripts/plain/";
+# This is the base url to fetch scripts from.
+:global ScriptUpdatesBaseUrl "https://rsc.eworm.de/main/";
 # alternative urls - main: stable code - next: currently in development
+#:global ScriptUpdatesBaseUrl "https://rsc.eworm.de/next/";
+#:global ScriptUpdatesBaseUrl "https://git.eworm.de/cgit/routeros-scripts/plain/";
 #:global ScriptUpdatesBaseUrl "https://raw.githubusercontent.com/eworm-de/routeros-scripts/main/";
 #:global ScriptUpdatesBaseUrl "https://raw.githubusercontent.com/eworm-de/routeros-scripts/next/";
 #:global ScriptUpdatesBaseUrl "https://gitlab.com/eworm-de/routeros-scripts/raw/main/";
 #:global ScriptUpdatesBaseUrl "https://gitlab.com/eworm-de/routeros-scripts/raw/next/";
 :global ScriptUpdatesUrlSuffix "";
-# use next branch with default url (git.eworm.de)
+# use next branch with my git url (git.eworm.de)
 #:global ScriptUpdatesUrlSuffix "?h=next";
 
 # Use this for defaults with $ScriptRunOnce
@@ -219,7 +246,7 @@
 # This project is developed in private spare time and usage is free of charge
 # for you. If you like the scripts and think this is of value for you or your
 # business please consider a donation:
-# https://git.eworm.de/cgit/routeros-scripts/about/#donate
+# https://rsc.eworm.de/#donate
 # Enable this to silence donation hint.
 :global IDonate false;
 
@@ -237,10 +264,14 @@
   "cert2-cn"="4n0th3r-s3cr3t";
 };
 
-# load custom settings from overlay
+# load custom settings from overlay and snippets
 # Warning: Do *NOT* copy this code to overlay!
-:do {
-  /system/script/run global-config-overlay;
-} on-error={
-  :log error ("Loading configuration from overlay failed!");
+:foreach Script in=([ /system/script/find where name="global-config-overlay" ], \
+                    [ /system/script/find where name~"^global-config-overlay.d/" ]) do={
+  :do {
+    /system/script/run $Script;
+  } on-error={
+    :log error ("Loading configuration from overlay or snippet " . \
+        [ /system/script/get $Script name ] . " failed!");
+  }
 }