From 8d1313f58885682dab5789fc9805e573d32fc661 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 8 Jul 2019 17:48:55 +0200 Subject: add script 'upload-backup' --- global-config | 8 +++++- global-config.changes | 1 + global-functions | 2 +- upload-backup | 75 +++++++++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 84 insertions(+), 2 deletions(-) create mode 100644 upload-backup diff --git a/global-config b/global-config index 751fc9e..b14ff6e 100644 --- a/global-config +++ b/global-config @@ -6,7 +6,7 @@ # Make sure all configuration properties are up to date and this # value is in sync with value in script 'global-functions'! -:global GlobalConfigVersion 5; +:global GlobalConfigVersion 6; # This is used for DNS and backup file. :global Domain "example.com"; @@ -32,6 +32,12 @@ # These addresses are used to send backup and config export files to. :global EmailBackupTo "mail@example.com"; :global EmailBackupCc "another@example.com"; +# These credentials are used to upload backup and config export files. +# SFTP authentication is tricky, you may have to limit authentication +# methods for your SSH server. +:global BackupUploadUrl "sftp://example.com/backup/"; +:global BackupUploadUser "mikrotik"; +:global BackupUploadPass "v3ry-s3cr3t"; # Specify an address to enable auto update to version assumed safe. # The configured channel (bugfix, current, release-candidate) is appended. diff --git a/global-config.changes b/global-config.changes index f3c4e2b..656cb7f 100644 --- a/global-config.changes +++ b/global-config.changes @@ -8,4 +8,5 @@ 3="variable for certificate renew passphrase became an array to support multiple passphrases"; 4="added option to ignore global-config changes"; 5="split off new script cloud-backup from email-backup"; + 6="introduced script 'upload-backup' with new configuration parameters"; }; diff --git a/global-functions b/global-functions index 00eb0c9..b0e4eb3 100644 --- a/global-functions +++ b/global-functions @@ -5,7 +5,7 @@ # global functions # expected configuration version -:global ExpectedConfigVersion 5; +:global ExpectedConfigVersion 6; # global variables not to be changed by user :global SentConfigChangesNotification "-"; diff --git a/upload-backup b/upload-backup new file mode 100644 index 0000000..da2a5d7 --- /dev/null +++ b/upload-backup @@ -0,0 +1,75 @@ +#!rsc +# RouterOS script: upload-backup +# Copyright (c) 2013-2019 Christian Hesse +# +# create and upload backup and config file + +:global Identity; +:global Domain; +:global BackupUploadUrl; +:global BackupUploadUser; +:global BackupUploadPass; +:global BackupSendBinary; +:global BackupSendExport; +:global BackupPassword; + +:global CharacterReplace; +:global SendNotification; + +:if ($BackupSendBinary != true && \ + $BackupSendExport != true) do={ + :log error ("Configured to send neither backup nor config export."); + :error "Error: See log for details."; +} + +# filename based on identity +:local FileName [ $CharacterReplace ($Identity . "." . $Domain) "." "_" ]; +:local BackupFile "none"; +:local ConfigFile "none"; + +# get some system information +:local BoardName [ / system resource get board-name ]; +:local Model [ / system routerboard get model ]; +:local SerialNumber [ / system routerboard get serial-number ]; +:local Channel [ / system package update get channel ]; +:local InstalledVersion [ / system package update get installed-version ]; + +# binary backup +:if ($BackupSendBinary = true) do={ + / system backup save encryption=aes-sha256 name=$FileName password=$BackupPassword; + + :do { + / tool fetch upload=yes url=($BackupUploadUrl . "/" . $FileName . ".backup") \ + user=$BackupUploadUser password=$BackupUploadPass src-path=($FileName . ".backup"); + :set BackupFile ($FileName . ".backup"); + } on-error={ + :log error ("Uploading backup file failed!"); + :set BackupFile "failed"; + } +} + +# create configuration export +:if ($BackupSendExport = true) do={ + / export terse file=$FileName; + + :do { + / tool fetch upload=yes url=($BackupUploadUrl . "/" . $FileName . ".rsc") \ + user=$BackupUploadUser password=$BackupUploadPass src-path=($FileName . ".rsc"); + :set ConfigFile ($FileName . ".rsc"); + } on-error={ + :log error ("Uploading configuration export failed!"); + :set ConfigFile "failed"; + } +} + +$SendNotification "Backup & Config Upload" \ + ("Backup and config export for " . $Identity . ".\n\n" . \ + "Board name: " . $BoardName . "\n" . \ + "Model: " . $Model . "\n" . \ + "Serial number: " . $SerialNumber . "\n" . \ + "Hostname: " . $Identity . "\n" . \ + "Channel: " . $Channel . "\n" . \ + "RouterOS: " . $InstalledVersion . "\n\n" . \ + "Backup uploaded: " . $BackupFile . "\n" . \ + "Config uploaded: " . $ConfigFile); +} -- cgit v1.2.3-70-g09d2