# News, changes and migration by RouterOS Scripts # Copyright (c) 2019-2022 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md :global IfThenElse; :global RequiredRouterOS; # Changes for global-config to be added to notification on script updates :global GlobalConfigChanges { 1="Moved variables from 'global-config' to 'global-functions' for independence"; 2="Variable names became CamelCase to work around scripting issues"; 3="Variable for certificate renew passphrase became an array to support multiple passphrases"; 4="Added option to ignore global-config changes"; 5="Split off new script 'cloud-backup' from 'email-backup'"; 6="Introduced script 'upload-backup' with new configuration parameters"; 7="Introduced script 'check-health' with new configuration parameters"; 8="Added donation hint and option to silence it"; 9="Introduced configuration overlay 'global-config-overlay'"; 10="Made health threshold for voltage configurable"; 11="Introduced function '\$ScriptInstallUpdate' to install new and update existing scripts"; 12="Removed '\$ScriptUpdatesConfigChangesIgnore', comment '\$GlobalConfigVersion' in 'global-config-overlay' to disable change notifications"; 13="Configuration for script 'bridge-port-to-default' changed with new syntax in comment"; 14="Dropped script 'script-updates', use '\$ScriptInstallUpdate' exclusively!"; 15="New documentation is online! https://git.eworm.de/cgit/routeros-scripts/about/#available-scripts"; 16="Happy with RouterOS Scripts and have a GitHub and/or GitLab account? Please star!"; 17="Introduced script 'early-errors'"; 18=("Added a simple IP calculation function, try: \$IPCalc " . [ /ip/address/get ([ find ]->0) address ]); 19="Commenting scripts with 'ignore', 'base-url=...' and 'url-suffix=...' is honored on update"; 20="Added support for hooks to 'netwatch-notify'"; 21="Added support for installing patch updates automatically by 'check-routeros-update'"; 22="Dropped '\$ScriptUpdatesIgnore' from global configuration, auto-migrating to ignore flag in comment" 23="Added 'log-forward' with configurable filter, which replaces 'early-errors'"; 24="Made symbols in notifications configurable."; 25="Added support for DHCP server name in DNS FQDN via '\$ServerNameInZone'"; 26="Made check count threshold in 'netwatch-notify' configurable."; 27="Added queue for Telegram notifications to resend later on error."; 28="Made 'dhcp-to-dns' act on all bound leases, not just dynamic ones."; 29="Added filter on log message text for 'log-forward'."; 30="Implemented simple rate limit for 'log-forward' to prevent flooding."; 31="Switched Telegram notifications to fixed-width font, with opt-out."; 32="Merged mode (& reset) button scripts in single new script 'mode-button'."; 33="Added configurable deviation on health temperature recovery threshold against notification flooding."; 34="Introduced script 'ospf-to-leds' to visualize OSPF instance state via LEDs."; 35="Implemented visual feedback for 'mode-button' with configurable LED."; 36="Added support for installing updates automatically if seen in neighbor list."; 37="Implemented simple dependency model in 'netwatch-notify'."; 38="Imported new Let's Encrypt intermediate certificate 'R3'."; 39="Added support for interface specific address list entries in 'ipv6-update'."; 40="Made the certificate renewal time configurable."; 41="Implemented migration mechanism for script updates."; 42="Made severity in terminal output colorful, with opt-out."; 43="Added queue for e-mail notifications to resend later on error."; 44="Dropped script 'global-wait', all scripts wait on their own now."; 45="We have a Telegram Group! Come along and say hello: https://t.me/routeros_scripts"; 46="Added configurable random delay in backup scripts to stretch execution and prevent resource congestion."; 47="Removed obsolete intermediate certificate 'Let's Encrypt Authority X3' from store."; 48="Added support for overriding e-mail and Telegram settings for every script."; 49="Dropped '\$EmailBackupTo' & '\$EmailBackupCc' from configuration, use settings override if required."; 50="Added support for dynamic address update in 'netwatch-notify'."; 51="Added 'ipsec-to-dns' to add DNS records for IPSec peers from mode-config."; 52="Updated Let's Encrypt trust chain to use root certificate 'ISRG Root X1'. Do not re-import the old chain!"; 53="Added support to send notifications via Matrix."; 54="Support for Telegram notifications moved to a module. It is installed automatically if required."; 55="Added reverse logic in 'log-forward', so messages can be included even if filtered before."; 56="Added tags in all backup, lease and ppp-on-up scripts. These are used by 'packages-update', 'lease-script' and 'ppp-on-up' to find the scripts."; 57="Celebrating the 1.000th commit - Hooray!"; 58="Added a cleanup script for 'hotspot-to-wpa' to purge old access list entries."; 59="Updating CAP with 'check-routeros-update' is now possible with opt-in."; 60="Implemented a pre-down hook in 'netwatch-notify' that fires at two thirds of failed checks."; 61="Finally removed old scripts."; 62="Added '\$ScriptRunOnce' to run a script from URL once without installation, intended to aid configuration management and the like."; 63="Moved optional functions '\$IPCalc' and '\$ScriptRunOnce' to modules."; 64="Implemented '\$InspectVar' in module to inspect variables."; 65="Added module to manage VLANs on bridge ports."; 66="Moved script 'bridge-port-to-default' to new module."; 67="Moved modules to directory with shorter name."; 68="Reintroduced 'global-wait' for functions in scheduler."; 69="Support hard lower limit for voltage in 'check-health'."; 70="MikroTik started pushing RouterOS v7. Changes are no longer required."; 71="MikroTik is pushing RouterOS v7 even more, in parallel branches. If you want to keep RouterOS v6 for some time see https://git.eworm.de/cgit/routeros-scripts/about/#requirements"; 72="Introduced new script 'netwatch-dns' to manage DNS and DoH servers from netwatch."; 73="Renamed backup scripts ('cloud-backup' -> 'backup-cloud', 'email-backup' -> 'backup-email', 'upload-backup' -> 'backup-upload')."; 74="Extended 'hotspot-to-wpa', it can now read additional configuration from templates and hotspot users."; 75=("Finally merged the RouterOS v7 code into the main branch. " . [ $IfThenElse ([ $RequiredRouterOS "global-config.changes" "7.0" false ] = true) \ ("You may now drop '\$ScriptUpdatesUrlSuffix' from 'global-config-overlay'.") \ ("Still running RouterOS v6, so last reminder to see https://git.eworm.de/cgit/routeros-scripts/about/#requirements") ]); 76="Added an option to suppress notifications on host down with 'netwatch-notify'."; 77="Introduced new script 'firmware-upgrade-reboot'. Handle with care!"; 78="New documentation is online for notifications via Telegram & Matrix, variable inspection, ip address calculation and running scripts once."; 79="Introduced new script 'backup-partition' to save configuration to fallback partition."; }; # Migration steps to be applied on script updates :global GlobalConfigMigration { 41=":global SendNotification; \$SendNotification (\"Migration mechanism\") (\"Congratulations!\nSuccessfully tested the new migration mechanism.\");"; 47="/certificate/remove [ find where fingerprint=\"731d3d9cfaa061487a1d71445a42f67df0afca2a6c2d2f98ff7b3ce112b1f568\" or fingerprint=\"25847d668eb4f04fdd40b12b6b0740c567da7d024308eb6c2c96fe41d9de218d\" ];"; 52=":global CertificateDownload; :if ([ :len [ /certificate/find where fingerprint=\"67add1166b020ae61b8f5fc96813c04c2aa589960796865572a3c7e737613dfd\" or fingerprint=\"96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6\" ] ] < 2) do={ \$CertificateDownload \"R3\"; }; /certificate/remove [ find where fingerprint=\"0687260331a72403d909f105e69bcf0d32e1bd2493ffc6d9206d11bcd6770739\" ];"; 54=":global ScriptInstallUpdate; :global TelegramTokenId; :global TelegramChatId; :if ([ :len \$TelegramTokenId ] > 0 && [ :len \$TelegramChatId ] > 0) do={ \$ScriptInstallUpdate mod/notification-telegram; }"; 61="/system/script/remove [ find where name~\"^(early-errors|mode-button-(event|scheduler)|script-updates)\\\$\" source~\"^#!rsc by RouterOS\\n\" ];"; 66=":global ScriptInstallUpdate; :if ([ :len [ /system/script/find where name=\"bridge-port-to-default\" ] ] > 0) do={ /system/script/remove [ find where name~\"^bridge-port-to(-default|ggle)\\\$\" ]; \$ScriptInstallUpdate mod/bridge-port-to; }"; 67=":global ScriptInstallUpdate; :global CharacterReplace; :foreach Script in=[ /system/script/find where name~\"^global-functions.d/\" ] do={ /system/script/set name=[ \$CharacterReplace [ /system/script/get \$Script name ] \"global-functions.d/\" \"mod/\" ] \$Script; }; \$ScriptInstallUpdate;"; 73=":global ScriptInstallUpdate; :global CharacterReplace; :foreach Old,New in={ \"cloud-backup\"=\"backup-cloud\"; \"email-backup\"=\"backup-email\"; \"upload-backup\"=\"backup-upload\" } do={ /system/script/set name=\$New [ find where name=\$Old ]; :foreach Scheduler in=[ /system/scheduler/find where on-event~\$Old ] do={ /system/scheduler/set \$Scheduler name=[ \$CharacterReplace [ get \$Scheduler name ] \$Old \$New ] on-event=[ \$CharacterReplace [ get \$Scheduler on-event ] \$Old \$New ]; }; }; \$ScriptInstallUpdate;"; };