From e77b39e933a87bf509c176ee5a964c0772e0c54d Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 5 Jan 2022 22:37:55 +0100 Subject: rename script upload-backup -> backup-upload --- README.md | 2 +- backup-upload | 106 ++++++++++++++++++ doc/backup-cloud.md | 2 +- doc/backup-email.md | 2 +- doc/backup-upload.d/notification.svg | 212 +++++++++++++++++++++++++++++++++++ doc/backup-upload.md | 70 ++++++++++++ doc/packages-update.md | 4 +- doc/upload-backup.d/notification.svg | 212 ----------------------------------- doc/upload-backup.md | 71 +----------- upload-backup | 106 +----------------- 10 files changed, 395 insertions(+), 392 deletions(-) create mode 100644 backup-upload create mode 100644 doc/backup-upload.d/notification.svg create mode 100644 doc/backup-upload.md delete mode 100644 doc/upload-backup.d/notification.svg diff --git a/README.md b/README.md index 1aca7ef..d65ea0a 100644 --- a/README.md +++ b/README.md @@ -187,6 +187,7 @@ Available scripts * [Find and remove access list duplicates](doc/accesslist-duplicates.md) * [Upload backup to Mikrotik cloud](doc/backup-cloud.md) * [Send backup via e-mail](doc/backup-email.md) +* [Upload backup to server](doc/backup-upload.md) * [Download packages for CAP upgrade from CAPsMAN](doc/capsman-download-packages.md) * [Run rolling CAP upgrades from CAPsMAN](doc/capsman-rolling-upgrade.md) * [Renew locally issued certificates](doc/certificate-renew-issued.md) @@ -222,7 +223,6 @@ Available scripts * [Install LTE firmware upgrade](doc/unattended-lte-firmware-upgrade.md) * [Update GRE configuration with dynamic addresses](doc/update-gre-address.md) * [Update tunnelbroker configuration](doc/update-tunnelbroker.md) -* [Upload backup to server](doc/upload-backup.md) [comment]: # (TODO: currently undocumented) [comment]: # (* learn-mac-based-vlan) diff --git a/backup-upload b/backup-upload new file mode 100644 index 0000000..6aba3e7 --- /dev/null +++ b/backup-upload @@ -0,0 +1,106 @@ +#!rsc by RouterOS +# RouterOS script: backup-upload +# Copyright (c) 2013-2022 Christian Hesse +# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# +# provides: backup-script +# +# create and upload backup and config file +# https://git.eworm.de/cgit/routeros-scripts/about/doc/backup-upload.md + +:local 0 "backup-upload"; +:global GlobalFunctionsReady; +:while ($GlobalFunctionsReady != true) do={ :delay 500ms; } + +:global BackupPassword; +:global BackupRandomDelay; +:global BackupSendBinary; +:global BackupSendExport; +:global BackupUploadPass; +:global BackupUploadUrl; +:global BackupUploadUser; +:global Domain; +:global Identity; + +:global CharacterReplace; +:global DeviceInfo; +:global IfThenElse; +:global LogPrintExit2; +:global MkDir; +:global RandomDelay; +:global ScriptFromTerminal; +:global SendNotification2; +:global SymbolForNotification; +:global WaitForFile; +:global WaitFullyConnected; + +:if ($BackupSendBinary != true && \ + $BackupSendExport != true) do={ + $LogPrintExit2 error $0 ("Configured to send neither backup nor config export.") true; +} + +$WaitFullyConnected; + +:if ([ $ScriptFromTerminal $0 ] = false && $BackupRandomDelay > 0) do={ + $RandomDelay $BackupRandomDelay; +} + +:if ([ $MkDir $0 ] = false) do={ + $LogPrintExit2 error $0 ("Failed creating directory!") true; +} + +# filename based on identity +:local FileName [ $CharacterReplace ($Identity . "." . $Domain) "." "_" ]; +:local FilePath ($0 . "/" . $FileName); +:local BackupFile "none"; +:local ConfigFile "none"; +:local Failed 0; + +# binary backup +:if ($BackupSendBinary = true) do={ + / system backup save encryption=aes-sha256 name=$FilePath password=$BackupPassword; + $WaitForFile ($FilePath . ".backup"); + + :do { + / tool fetch upload=yes url=($BackupUploadUrl . "/" . $FileName . ".backup") \ + user=$BackupUploadUser password=$BackupUploadPass src-path=($FilePath . ".backup"); + :set BackupFile ($FileName . ".backup"); + } on-error={ + $LogPrintExit2 error $0 ("Uploading backup file failed!") false; + :set BackupFile "failed"; + :set Failed 1; + } + + / file remove ($FilePath . ".backup"); +} + +# create configuration export +:if ($BackupSendExport = true) do={ + / export terse file=$FilePath; + $WaitForFile ($FilePath . ".rsc"); + + :do { + / tool fetch upload=yes url=($BackupUploadUrl . "/" . $FileName . ".rsc") \ + user=$BackupUploadUser password=$BackupUploadPass src-path=($FilePath . ".rsc"); + :set ConfigFile ($FileName . ".rsc"); + } on-error={ + $LogPrintExit2 error $0 ("Uploading configuration export failed!") false; + :set ConfigFile "failed"; + :set Failed 1; + } + + / file remove ($FilePath . ".rsc"); +} + +$SendNotification2 ({ origin=$0; \ + subject=[ $IfThenElse ($Failed > 0) \ + ([ $SymbolForNotification "warning-sign" ] . "Backup & Config upload with failure") \ + ([ $SymbolForNotification "floppy-disk,up-arrow" ] . "Backup & Config upload") ]; \ + message=("Backup and config export upload for " . $Identity . ".\n\n" . \ + [ $DeviceInfo ] . "\n\n" . \ + "Backup file: " . $BackupFile . "\n" . \ + "Config file: " . $ConfigFile); silent=true }); + +:if ($Failed = 1) do={ + :error "An error occured!"; +} diff --git a/doc/backup-cloud.md b/doc/backup-cloud.md index a31a736..117e4c7 100644 --- a/doc/backup-cloud.md +++ b/doc/backup-cloud.md @@ -47,7 +47,7 @@ See also -------- * [Send backup via e-mail](backup-email.md) -* [Upload backup to server](upload-backup.md) +* [Upload backup to server](backup-upload.md) --- [◀ Go back to main README](../README.md) diff --git a/doc/backup-email.md b/doc/backup-email.md index 7361b44..be36cb4 100644 --- a/doc/backup-email.md +++ b/doc/backup-email.md @@ -47,7 +47,7 @@ See also -------- * [Upload backup to Mikrotik cloud](backup-cloud.md) -* [Upload backup to server](upload-backup.md) +* [Upload backup to server](backup-upload.md) --- [◀ Go back to main README](../README.md) diff --git a/doc/backup-upload.d/notification.svg b/doc/backup-upload.d/notification.svg new file mode 100644 index 0000000..90573ab --- /dev/null +++ b/doc/backup-upload.d/notification.svg @@ -0,0 +1,212 @@ + + + + + + + + + + + + image/svg+xml + + + + + + + + + + + + + + + + + + + + + + + [MikroTik] 💾⬆ Backup & Config upload + +Backup and config export upload for MikroTik. + +Hostname: MikroTik +Board name: CHR +Architecture: x86_64 +RouterOS: + Channel: stable + Installed: 6.48.3 +RouterOS-Scripts: + Current: 55 + +Backup file: MikroTik_example_com.backup +Config file: MikroTik_example_com.rsc + + diff --git a/doc/backup-upload.md b/doc/backup-upload.md new file mode 100644 index 0000000..212b16c --- /dev/null +++ b/doc/backup-upload.md @@ -0,0 +1,70 @@ +Upload backup to server +======================= + +[◀ Go back to main README](../README.md) + +🛈 This script can not be used on its own but requires the base installation. +See [main README](../README.md) for details. + +Description +----------- + +This script uploads binary backup (`/ system backup save`) and complete +configuration export (`/ export terse`) to external server. + +### Sample notification + +![backup-upload notification](backup-upload.d/notification.svg) + +Requirements and installation +----------------------------- + +Just install the script: + + $ScriptInstallUpdate backup-upload; + +Configuration +------------- + +The configuration goes to `global-config-overlay`, these are the parameters: + +* `BackupSendBinary`: whether to send binary backup +* `BackupSendExport`: whether to send configuration export +* `BackupPassword`: password to encrypt the backup with +* `BackupRandomDelay`: delay up to amount of seconds when run from scheduler +* `BackupUploadUrl`: url to upload to +* `BackupUploadUser`: username for server authentication +* `BackupUploadPass`: password for server authentication + +Also notification settings are required for e-mail, matrix and/or telegram. + +### Issues with SFTP client + +The RouterOS SFTP client is picky if it comes to authentication methods. +I had to disable all but password authentication on server side. For openssh +edit `/etc/ssh/sshd_config` and add a directive like this, changed for your +needs: + + Match User mikrotik + AuthenticationMethods password + +Usage and invocation +-------------------- + +Just run the script: + + / system script run backup-upload; + +Creating a scheduler may be an option: + + / system scheduler add interval=1w name=backup-upload on-event="/ system script run backup-upload;" start-time=09:25:00; + +See also +-------- + +* [Send backup via e-mail](backup-email.md) +* [Upload backup to Mikrotik cloud](backup-cloud.md) + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) diff --git a/doc/packages-update.md b/doc/packages-update.md index 8502a36..ac69301 100644 --- a/doc/packages-update.md +++ b/doc/packages-update.md @@ -17,7 +17,7 @@ verification. But it provides some extra functionality: * send backup via e-mail if [backup-email](backup-email.md) is installed -* upload backup if [upload-backup](upload-backup.md) is installed +* upload backup if [backup-upload](backup-upload.md) is installed * schedule reboot at night Requirements and installation @@ -42,7 +42,7 @@ See also * [Notify on RouterOS update](check-routeros-update.md) * [Send backup via e-mail](backup-email.md) -* [Upload backup to server](upload-backup.md) +* [Upload backup to server](backup-upload.md) --- [◀ Go back to main README](../README.md) diff --git a/doc/upload-backup.d/notification.svg b/doc/upload-backup.d/notification.svg deleted file mode 100644 index a85bd5c..0000000 --- a/doc/upload-backup.d/notification.svg +++ /dev/null @@ -1,212 +0,0 @@ - - - - - - - - - - - - image/svg+xml - - - - - - - - - - - - - - - - - - - - - - - [MikroTik] 💾⬆ Backup & Config upload - -Backup and config export upload for MikroTik. - -Hostname: MikroTik -Board name: CHR -Architecture: x86_64 -RouterOS: - Channel: stable - Installed: 6.48.3 -RouterOS-Scripts: - Current: 55 - -Backup file: MikroTik_example_com.backup -Config file: MikroTik_example_com.rsc - - diff --git a/doc/upload-backup.md b/doc/upload-backup.md index 33022f4..83c9991 100644 --- a/doc/upload-backup.md +++ b/doc/upload-backup.md @@ -1,70 +1 @@ -Upload backup to server -======================= - -[◀ Go back to main README](../README.md) - -🛈 This script can not be used on its own but requires the base installation. -See [main README](../README.md) for details. - -Description ------------ - -This script uploads binary backup (`/ system backup save`) and complete -configuration export (`/ export terse`) to external server. - -### Sample notification - -![upload-backup notification](upload-backup.d/notification.svg) - -Requirements and installation ------------------------------ - -Just install the script: - - $ScriptInstallUpdate upload-backup; - -Configuration -------------- - -The configuration goes to `global-config-overlay`, these are the parameters: - -* `BackupSendBinary`: whether to send binary backup -* `BackupSendExport`: whether to send configuration export -* `BackupPassword`: password to encrypt the backup with -* `BackupRandomDelay`: delay up to amount of seconds when run from scheduler -* `BackupUploadUrl`: url to upload to -* `BackupUploadUser`: username for server authentication -* `BackupUploadPass`: password for server authentication - -Also notification settings are required for e-mail, matrix and/or telegram. - -### Issues with SFTP client - -The RouterOS SFTP client is picky if it comes to authentication methods. -I had to disable all but password authentication on server side. For openssh -edit `/etc/ssh/sshd_config` and add a directive like this, changed for your -needs: - - Match User mikrotik - AuthenticationMethods password - -Usage and invocation --------------------- - -Just run the script: - - / system script run upload-backup; - -Creating a scheduler may be an option: - - / system scheduler add interval=1w name=upload-backup on-event="/ system script run upload-backup;" start-time=09:25:00; - -See also --------- - -* [Send backup via e-mail](backup-email.md) -* [Upload backup to Mikrotik cloud](backup-cloud.md) - ---- -[◀ Go back to main README](../README.md) -[▲ Go back to top](#top) +This script has been renamed. Please see [backup-upload](backup-upload.md). diff --git a/upload-backup b/upload-backup index f243ef0..2c48f07 100644 --- a/upload-backup +++ b/upload-backup @@ -1,106 +1,2 @@ #!rsc by RouterOS -# RouterOS script: upload-backup -# Copyright (c) 2013-2022 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md -# -# provides: backup-script -# -# create and upload backup and config file -# https://git.eworm.de/cgit/routeros-scripts/about/doc/upload-backup.md - -:local 0 "upload-backup"; -:global GlobalFunctionsReady; -:while ($GlobalFunctionsReady != true) do={ :delay 500ms; } - -:global BackupPassword; -:global BackupRandomDelay; -:global BackupSendBinary; -:global BackupSendExport; -:global BackupUploadPass; -:global BackupUploadUrl; -:global BackupUploadUser; -:global Domain; -:global Identity; - -:global CharacterReplace; -:global DeviceInfo; -:global IfThenElse; -:global LogPrintExit2; -:global MkDir; -:global RandomDelay; -:global ScriptFromTerminal; -:global SendNotification2; -:global SymbolForNotification; -:global WaitForFile; -:global WaitFullyConnected; - -:if ($BackupSendBinary != true && \ - $BackupSendExport != true) do={ - $LogPrintExit2 error $0 ("Configured to send neither backup nor config export.") true; -} - -$WaitFullyConnected; - -:if ([ $ScriptFromTerminal $0 ] = false && $BackupRandomDelay > 0) do={ - $RandomDelay $BackupRandomDelay; -} - -:if ([ $MkDir $0 ] = false) do={ - $LogPrintExit2 error $0 ("Failed creating directory!") true; -} - -# filename based on identity -:local FileName [ $CharacterReplace ($Identity . "." . $Domain) "." "_" ]; -:local FilePath ($0 . "/" . $FileName); -:local BackupFile "none"; -:local ConfigFile "none"; -:local Failed 0; - -# binary backup -:if ($BackupSendBinary = true) do={ - / system backup save encryption=aes-sha256 name=$FilePath password=$BackupPassword; - $WaitForFile ($FilePath . ".backup"); - - :do { - / tool fetch upload=yes url=($BackupUploadUrl . "/" . $FileName . ".backup") \ - user=$BackupUploadUser password=$BackupUploadPass src-path=($FilePath . ".backup"); - :set BackupFile ($FileName . ".backup"); - } on-error={ - $LogPrintExit2 error $0 ("Uploading backup file failed!") false; - :set BackupFile "failed"; - :set Failed 1; - } - - / file remove ($FilePath . ".backup"); -} - -# create configuration export -:if ($BackupSendExport = true) do={ - / export terse file=$FilePath; - $WaitForFile ($FilePath . ".rsc"); - - :do { - / tool fetch upload=yes url=($BackupUploadUrl . "/" . $FileName . ".rsc") \ - user=$BackupUploadUser password=$BackupUploadPass src-path=($FilePath . ".rsc"); - :set ConfigFile ($FileName . ".rsc"); - } on-error={ - $LogPrintExit2 error $0 ("Uploading configuration export failed!") false; - :set ConfigFile "failed"; - :set Failed 1; - } - - / file remove ($FilePath . ".rsc"); -} - -$SendNotification2 ({ origin=$0; \ - subject=[ $IfThenElse ($Failed > 0) \ - ([ $SymbolForNotification "warning-sign" ] . "Backup & Config upload with failure") \ - ([ $SymbolForNotification "floppy-disk,up-arrow" ] . "Backup & Config upload") ]; \ - message=("Backup and config export upload for " . $Identity . ".\n\n" . \ - [ $DeviceInfo ] . "\n\n" . \ - "Backup file: " . $BackupFile . "\n" . \ - "Config file: " . $ConfigFile); silent=true }); - -:if ($Failed = 1) do={ - :error "An error occured!"; -} +# dummy for migration -- cgit v1.2.3-70-g09d2