From 7b47ed7ea5a937edef9699c1b8be3b6364c9c0c9 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 17 Aug 2023 09:06:44 +0200 Subject: check-routeros-update: support update from specific neighbor(s) ... by matching the identity property. --- check-routeros-update.rsc | 4 +++- doc/check-routeros-update.md | 2 ++ global-config.rsc | 1 + global-functions.rsc | 2 +- news-and-changes.rsc | 1 + 5 files changed, 8 insertions(+), 2 deletions(-) diff --git a/check-routeros-update.rsc b/check-routeros-update.rsc index b328d4c..0625ebd 100644 --- a/check-routeros-update.rsc +++ b/check-routeros-update.rsc @@ -13,6 +13,7 @@ :global Identity; :global SafeUpdateAll; :global SafeUpdateNeighbor; +:global SafeUpdateNeighborIdentity; :global SafeUpdatePatch; :global SafeUpdateUrl; :global SentRouterosUpdateNotification; @@ -81,7 +82,8 @@ $LogPrintExit2 debug $0 ("Checking for updates...") false; } :if ($SafeUpdateNeighbor = true && [ :len [ /ip/neighbor/find where platform="MikroTik" \ - version~("^" . [ $EscapeForRegEx ($Update->"latest-version" . " (" . $Update->"channel" . ")") ]) ] ] > 0) do={ + version~("^" . [ $EscapeForRegEx ($Update->"latest-version" . " (" . $Update->"channel" . ")") ]) \ + identity~$SafeUpdateNeighborIdentity ] ] > 0) do={ $LogPrintExit2 info $0 ("Seen a neighbor running version " . $Update->"latest-version" . ", updating...") false; $SendNotification2 ({ origin=$0; \ subject=([ $SymbolForNotification "sparkles" ] . "RouterOS update: " . $Update->"latest-version"); \ diff --git a/doc/check-routeros-update.md b/doc/check-routeros-update.md index 186fb86..3b5c2bd 100644 --- a/doc/check-routeros-update.md +++ b/doc/check-routeros-update.md @@ -52,6 +52,8 @@ The configuration goes to `global-config-overlay`, these are the parameters: * `SafeUpdateNeighbor`: install updates automatically if at least one other device is seen in neighbor list with new version +* `SafeUpdateNeighborIdentity`: regular expression to match identity for + trusted devices, leave empty to match all * `SafeUpdatePatch`: install patch updates (where just last digit changes) automatically * `SafeUpdateUrl`: url on webserver to check for safe update, the channel diff --git a/global-config.rsc b/global-config.rsc index 7988ce3..7d3ef7c 100644 --- a/global-config.rsc +++ b/global-config.rsc @@ -126,6 +126,7 @@ :global SafeUpdatePatch false; # Allow to install updates automatically if seen in neighbor list. :global SafeUpdateNeighbor false; +:global SafeUpdateNeighborIdentity ""; # Install *ALL* updates automatically! # Set to all upper-case "Yes, please!" to enable. :global SafeUpdateAll "no"; diff --git a/global-functions.rsc b/global-functions.rsc index 8a9b384..55f8af6 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -12,7 +12,7 @@ :local 0 "global-functions"; # expected configuration version -:global ExpectedConfigVersion 104; +:global ExpectedConfigVersion 105; # global variables not to be changed by user :global GlobalFunctionsReady false; diff --git a/news-and-changes.rsc b/news-and-changes.rsc index 7ac56f8..b027fb6 100644 --- a/news-and-changes.rsc +++ b/news-and-changes.rsc @@ -18,6 +18,7 @@ 102="Modified 'hotspot-to-wpa' to support non-local (radius) users."; 103="Dropped hard-coded name and timeout from 'hotspot-to-wpa-cleanup', instead a comment is required for dhcp server now."; 104="All relevant scripts were ported to new wifiwave2 and are available for AX devices now!"; + 105="Extended 'check-routeros-update' to support automatic update from specific neighbor(s)."; }; # Migration steps to be applied on script updates -- cgit v1.2.3-54-g00ecf