From b6ddc5968e7a3393bb6e9b0c0ccf96379efc62b4 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 11 May 2022 09:42:44 +0200 Subject: README: RouterOS v7 path syntax --- README.d/01-download-certs.avif | Bin 2115 -> 2105 bytes README.d/02-import-certs.avif | Bin 2356 -> 2266 bytes README.d/03-check-certs.avif | Bin 5059 -> 4850 bytes README.d/04-import-scripts.avif | Bin 4599 -> 3782 bytes README.d/05-edit-global-config-overlay.avif | Bin 6600 -> 6602 bytes README.d/06-run-and-schedule-scripts.avif | Bin 2994 -> 1946 bytes README.d/07-schedule-update.avif | Bin 2312 -> 2200 bytes README.d/08-update-scripts.avif | Bin 1917 -> 1733 bytes README.d/09-install-scripts.avif | Bin 2493 -> 2423 bytes README.d/10-schedule-script.avif | Bin 2009 -> 1847 bytes README.d/11-setup-lease-script.avif | Bin 3712 -> 1686 bytes README.d/12-install-custom-script.avif | Bin 2349 -> 2242 bytes README.d/hello-world.rsc | 2 +- README.md | 47 ++++++++++------------------ global-config.changes | 4 +-- 15 files changed, 20 insertions(+), 33 deletions(-) diff --git a/README.d/01-download-certs.avif b/README.d/01-download-certs.avif index 41fa5ca..4da73fa 100644 Binary files a/README.d/01-download-certs.avif and b/README.d/01-download-certs.avif differ diff --git a/README.d/02-import-certs.avif b/README.d/02-import-certs.avif index 09fe586..308be5b 100644 Binary files a/README.d/02-import-certs.avif and b/README.d/02-import-certs.avif differ diff --git a/README.d/03-check-certs.avif b/README.d/03-check-certs.avif index 52c4df8..adf1161 100644 Binary files a/README.d/03-check-certs.avif and b/README.d/03-check-certs.avif differ diff --git a/README.d/04-import-scripts.avif b/README.d/04-import-scripts.avif index c86a5c8..53439e4 100644 Binary files a/README.d/04-import-scripts.avif and b/README.d/04-import-scripts.avif differ diff --git a/README.d/05-edit-global-config-overlay.avif b/README.d/05-edit-global-config-overlay.avif index 8a8a173..e08fde8 100644 Binary files a/README.d/05-edit-global-config-overlay.avif and b/README.d/05-edit-global-config-overlay.avif differ diff --git a/README.d/06-run-and-schedule-scripts.avif b/README.d/06-run-and-schedule-scripts.avif index b59c2cb..37e1173 100644 Binary files a/README.d/06-run-and-schedule-scripts.avif and b/README.d/06-run-and-schedule-scripts.avif differ diff --git a/README.d/07-schedule-update.avif b/README.d/07-schedule-update.avif index cb43b48..7c96f3a 100644 Binary files a/README.d/07-schedule-update.avif and b/README.d/07-schedule-update.avif differ diff --git a/README.d/08-update-scripts.avif b/README.d/08-update-scripts.avif index 434bc84..f549fef 100644 Binary files a/README.d/08-update-scripts.avif and b/README.d/08-update-scripts.avif differ diff --git a/README.d/09-install-scripts.avif b/README.d/09-install-scripts.avif index 467b9e4..00225b1 100644 Binary files a/README.d/09-install-scripts.avif and b/README.d/09-install-scripts.avif differ diff --git a/README.d/10-schedule-script.avif b/README.d/10-schedule-script.avif index 945a7df..27541b7 100644 Binary files a/README.d/10-schedule-script.avif and b/README.d/10-schedule-script.avif differ diff --git a/README.d/11-setup-lease-script.avif b/README.d/11-setup-lease-script.avif index 168481b..365e0e8 100644 Binary files a/README.d/11-setup-lease-script.avif and b/README.d/11-setup-lease-script.avif differ diff --git a/README.d/12-install-custom-script.avif b/README.d/12-install-custom-script.avif index fb53606..c27408f 100644 Binary files a/README.d/12-install-custom-script.avif and b/README.d/12-install-custom-script.avif differ diff --git a/README.d/hello-world.rsc b/README.d/hello-world.rsc index 17ec575..6404781 100644 --- a/README.d/hello-world.rsc +++ b/README.d/hello-world.rsc @@ -1,3 +1,3 @@ #!rsc by RouterOS -:put ("Hello World from " . [ / system identity get name ] . "!"); +:put ("Hello World from " . [ /system/identity/get name ] . "!"); diff --git a/README.md b/README.md index 23d1254..df3cb9e 100644 --- a/README.md +++ b/README.md @@ -23,6 +23,9 @@ Make sure to install latest updates before you begin. Specific scripts may require even newer RouterOS version. +> ℹ️ **Info**: The `main` branch is now RouterOS v7 only. If you are still +> running RouterOS v6 switch to `routeros-v6` branch! + Initial setup ------------- @@ -50,7 +53,7 @@ download the certificates. If you intend to download the scripts from a different location (for example from github.com) install the corresponding certificate chain. - / tool fetch "https://git.eworm.de/cgit/routeros-scripts/plain/certs/R3.pem" dst-path="letsencrypt-R3.pem"; + /tool/fetch "https://git.eworm.de/cgit/routeros-scripts/plain/certs/R3.pem" dst-path="letsencrypt-R3.pem"; ![screenshot: download certs](README.d/01-download-certs.avif) @@ -63,16 +66,16 @@ files to your MikroTik device. Then we import the certificates. - / certificate import file-name=letsencrypt-R3.pem passphrase=""; + /certificate/import file-name=letsencrypt-R3.pem passphrase=""; ![screenshot: import certs](README.d/02-import-certs.avif) For basic verification we rename the certificates and print their count. Make sure the certificate count is **two**. - / certificate set name="R3" [ find where fingerprint="67add1166b020ae61b8f5fc96813c04c2aa589960796865572a3c7e737613dfd" ]; - / certificate set name="ISRG-Root-X1" [ find where fingerprint="96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6" ]; - / certificate print count-only where fingerprint="67add1166b020ae61b8f5fc96813c04c2aa589960796865572a3c7e737613dfd" or fingerprint="96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6"; + /certificate/set name="R3" [ find where fingerprint="67add1166b020ae61b8f5fc96813c04c2aa589960796865572a3c7e737613dfd" ]; + /certificate/set name="ISRG-Root-X1" [ find where fingerprint="96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6" ]; + /certificate/print count-only where fingerprint="67add1166b020ae61b8f5fc96813c04c2aa589960796865572a3c7e737613dfd" or fingerprint="96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6"; ![screenshot: check certs](README.d/03-check-certs.avif) @@ -82,14 +85,9 @@ All following commands will verify the server certificate. For validity the certificate's lifetime is checked with local time, so make sure the device's date and time is set correctly! -One extra step is required if you run RouterOS v6: - - :global ScriptUpdatesUrlSuffix "\?h=routeros-v6"; - Now let's download the main scripts and add them in configuration on the fly. - :global ScriptUpdatesUrlSuffix; - :foreach Script in={ "global-config"; "global-config-overlay"; "global-functions" } do={ / system script add name=$Script source=([ / tool fetch check-certificate=yes-without-crl ("https://git.eworm.de/cgit/routeros-scripts/plain/" . $Script . $ScriptUpdatesUrlSuffix) output=user as-value]->"data"); }; + :foreach Script in={ "global-config"; "global-config-overlay"; "global-functions" } do={ /system/script/add name=$Script source=([ /tool/fetch check-certificate=yes-without-crl ("https://git.eworm.de/cgit/routeros-scripts/plain/" . $Script) output=user as-value]->"data"); }; ![screenshot: import scripts](README.d/04-import-scripts.avif) @@ -98,35 +96,24 @@ The configuration needs to be tweaked for your needs. Edit [`global-config`](global-config) (the one without `-overlay`). Save changes and exit with `Ctrl-o`. - / system script edit global-config-overlay source; + /system/script edit global-config-overlay source; ![screenshot: edit global-config-overlay](README.d/05-edit-global-config-overlay.avif) And finally load configuration and functions and add the scheduler. - / system script { run global-config; run global-functions; }; - / system scheduler add name="global-scripts" start-time=startup on-event="/ system script { run global-config; run global-functions; }"; + /system/script { run global-config; run global-functions; }; + /system/scheduler/add name="global-scripts" start-time=startup on-event="/system/script { run global-config; run global-functions; }"; ![screenshot: run and schedule scripts](README.d/06-run-and-schedule-scripts.avif) The last step is optional: Add this scheduler **only** if you want the scripts to be updated automatically! - / system scheduler add name="ScriptInstallUpdate" start-time=startup interval=1d on-event=":global ScriptInstallUpdate; \$ScriptInstallUpdate;"; + /system/scheduler/add name="ScriptInstallUpdate" start-time=startup interval=1d on-event=":global ScriptInstallUpdate; \$ScriptInstallUpdate;"; ![screenshot: schedule update](README.d/07-schedule-update.avif) -### Changes for RouterOS v6 - -RouterOS v7 is the way to go, let's consider RouterOS v6 deprecated. -If you want to stay with RouterOS v6 for some time add these lines -to your `global-config-overlay`, if missing: - - # Use branch routeros-v6 with RouterOS v6: - :global ScriptUpdatesUrlSuffix "\?h=routeros-v6"; - -Then reload the configuration. - Updating scripts ---------------- @@ -155,7 +142,7 @@ Most scripts are designed to run regularly from added `check-routeros-update`, so let's run it every hour to make sure not to miss an update. - / system scheduler add name="check-routeros-update" interval=1h on-event="/ system script run check-routeros-update;"; + /system/scheduler/add name="check-routeros-update" interval=1h on-event="/system/script/run check-routeros-update;"; ![screenshot: schedule script](README.d/10-schedule-script.avif) @@ -164,8 +151,8 @@ in DNS use `dhcp-to-dns` with the events from dhcp server. For a regular cleanup add a scheduler entry. $ScriptInstallUpdate dhcp-to-dns,lease-script; - / ip dhcp-server set lease-script=lease-script [ find ]; - / system scheduler add name="dhcp-to-dns" interval=5m on-event="/ system script run dhcp-to-dns;"; + /ip/dhcp-server/set lease-script=lease-script [ find ]; + /system/scheduler/add name="dhcp-to-dns" interval=5m on-event="/system/script/run dhcp-to-dns;"; ![screenshot: setup lease script](README.d/11-setup-lease-script.avif) @@ -240,7 +227,7 @@ still use my scripts to manage and deploy yours, by specifying `base-url` This will fetch and install a script `hello-world.rsc` from the given url: - $ScriptInstallUpdate hello-world.rsc "base-url=https://git.eworm.de/cgit/routeros-scripts/plain/README.d/" + $ScriptInstallUpdate hello-world.rsc "base-url=https://git.eworm.de/cgit/routeros-scripts/plain/README.d/"; ![screenshot: install custom script](README.d/12-install-custom-script.avif) diff --git a/global-config.changes b/global-config.changes index 0ee4eba..4bb87a9 100644 --- a/global-config.changes +++ b/global-config.changes @@ -77,13 +77,13 @@ 68="Reintroduced 'global-wait' for functions in scheduler."; 69="Support hard lower limit for voltage in 'check-health'."; 70="MikroTik started pushing RouterOS v7. Changes are no longer required."; - 71="MikroTik is pushing RouterOS v7 even more, in parallel branches. If you want to keep RouterOS v6 for some time see https://git.eworm.de/cgit/routeros-scripts/about/#changes-for-routeros-v6"; + 71="MikroTik is pushing RouterOS v7 even more, in parallel branches. If you want to keep RouterOS v6 for some time see https://git.eworm.de/cgit/routeros-scripts/about/#requirements"; 72="Introduced new script 'netwatch-dns' to manage DNS and DoH servers from netwatch."; 73="Renamed backup scripts ('cloud-backup' -> 'backup-cloud', 'email-backup' -> 'backup-email', 'upload-backup' -> 'backup-upload')."; 74="Extended 'hotspot-to-wpa', it can now read additional configuration from templates and hotspot users."; 75=("Finally merged the RouterOS v7 code into the main branch. " . [ $IfThenElse ([ $RequiredRouterOS "global-config.changes" "7.0" false ] = true) \ ("You may now drop '\$ScriptUpdatesUrlSuffix' from 'global-config-overlay'.") \ - ("Still running RouterOS v6, so last reminder to see https://git.eworm.de/cgit/routeros-scripts/about/#changes-for-routeros-v6") ]); + ("Still running RouterOS v6, so last reminder to see https://git.eworm.de/cgit/routeros-scripts/about/#requirements") ]); 76="Added an option to suppress notifications on host down with 'netwatch-notify'."; 77="Introduced new script 'firmware-upgrade-reboot'. Handle with care!"; 78="New documentation is online for notifications via Telegram & Matrix, variable inspection, ip address calculation and running scripts once."; -- cgit v1.2.3-54-g00ecf