# News, changes and migration by RouterOS Scripts
# Copyright (c) 2019-2023 Christian Hesse <mail@eworm.de>
# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md

:global IfThenElse;
:global RequiredRouterOS;

# Changes for global-config to be added to notification on script updates
:global GlobalConfigChanges {
   1="Moved variables from 'global-config' to 'global-functions' for independence";
   2="Variable names became CamelCase to work around scripting issues";
   3="Variable for certificate renew passphrase became an array to support multiple passphrases";
   4="Added option to ignore global-config changes";
   5="Split off new script 'cloud-backup' from 'email-backup'";
   6="Introduced script 'upload-backup' with new configuration parameters";
   7="Introduced script 'check-health' with new configuration parameters";
   8="Added donation hint and option to silence it";
   9="Introduced configuration overlay 'global-config-overlay'";
  10="Made health threshold for voltage configurable";
  11="Introduced function '\$ScriptInstallUpdate' to install new and update existing scripts";
  12="Removed '\$ScriptUpdatesConfigChangesIgnore', comment '\$GlobalConfigVersion' in 'global-config-overlay' to disable change notifications";
  13="Configuration for script 'bridge-port-to-default' changed with new syntax in comment";
  14="Dropped script 'script-updates', use '\$ScriptInstallUpdate' exclusively!";
  15="New documentation is online! https://git.eworm.de/cgit/routeros-scripts/about/#available-scripts";
  16="Happy with RouterOS Scripts and have a GitHub and/or GitLab account? Please star!";
  17="Introduced script 'early-errors'";
  18=("Added a simple IP calculation function, try: \$IPCalc " . [ /ip/address/get ([ find ]->0) address ]);
  19="Commenting scripts with 'ignore', 'base-url=...' and 'url-suffix=...' is honored on update";
  20="Added support for hooks to 'netwatch-notify'";
  21="Added support for installing patch updates automatically by 'check-routeros-update'";
  22="Dropped '\$ScriptUpdatesIgnore' from global configuration, auto-migrating to ignore flag in comment"
  23="Added 'log-forward' with configurable filter, which replaces 'early-errors'";
  24="Made symbols in notifications configurable.";
  25="Added support for DHCP server name in DNS FQDN via '\$ServerNameInZone'";
  26="Made check count threshold in 'netwatch-notify' configurable.";
  27="Added queue for Telegram notifications to resend later on error.";
  28="Made 'dhcp-to-dns' act on all bound leases, not just dynamic ones.";
  29="Added filter on log message text for 'log-forward'.";
  30="Implemented simple rate limit for 'log-forward' to prevent flooding.";
  31="Switched Telegram notifications to fixed-width font, with opt-out.";
  32="Merged mode (& reset) button scripts in single new script 'mode-button'.";
  33="Added configurable deviation on health temperature recovery threshold against notification flooding.";
  34="Introduced script 'ospf-to-leds' to visualize OSPF instance state via LEDs.";
  35="Implemented visual feedback for 'mode-button' with configurable LED.";
  36="Added support for installing updates automatically if seen in neighbor list.";
  37="Implemented simple dependency model in 'netwatch-notify'.";
  38="Imported new Let's Encrypt intermediate certificate 'R3'.";
  39="Added support for interface specific address list entries in 'ipv6-update'.";
  40="Made the certificate renewal time configurable.";
  41="Implemented migration mechanism for script updates.";
  42="Made severity in terminal output colorful, with opt-out.";
  43="Added queue for e-mail notifications to resend later on error.";
  44="Dropped script 'global-wait', all scripts wait on their own now.";
  45="We have a Telegram Group! Come along and say hello: https://t.me/routeros_scripts";
  46="Added configurable random delay in backup scripts to stretch execution and prevent resource congestion.";
  47="Removed obsolete intermediate certificate 'Let's Encrypt Authority X3' from store.";
  48="Added support for overriding e-mail and Telegram settings for every script.";
  49="Dropped '\$EmailBackupTo' & '\$EmailBackupCc' from configuration, use settings override if required.";
  50="Added support for dynamic address update in 'netwatch-notify'.";
  51="Added 'ipsec-to-dns' to add DNS records for IPSec peers from mode-config.";
  52="Updated Let's Encrypt trust chain to use root certificate 'ISRG Root X1'. Do not re-import the old chain!";
  53="Added support to send notifications via Matrix.";
  54="Support for Telegram notifications moved to a module. It is installed automatically if required.";
  55="Added reverse logic in 'log-forward', so messages can be included even if filtered before.";
  56="Added tags in all backup, lease and ppp-on-up scripts. These are used by 'packages-update', 'lease-script' and 'ppp-on-up' to find the scripts.";
  57="Celebrating the 1.000th commit - Hooray!";
  58="Added a cleanup script for 'hotspot-to-wpa' to purge old access list entries.";
  59="Updating CAP with 'check-routeros-update' is now possible with opt-in.";
  60="Implemented a pre-down hook in 'netwatch-notify' that fires at two thirds of failed checks.";
  61="Finally removed old scripts.";
  62="Added '\$ScriptRunOnce' to run a script from URL once without installation, intended to aid configuration management and the like.";
  63="Moved optional functions '\$IPCalc' and '\$ScriptRunOnce' to modules.";
  64="Implemented '\$InspectVar' in module to inspect variables.";
  65="Added module to manage VLANs on bridge ports.";
  66="Moved script 'bridge-port-to-default' to new module.";
  67="Moved modules to directory with shorter name.";
  68="Reintroduced 'global-wait' for functions in scheduler.";
  69="Support hard lower limit for voltage in 'check-health'.";
  70="MikroTik started pushing RouterOS v7. Changes are no longer required.";
  71="MikroTik is pushing RouterOS v7 even more, in parallel branches. If you want to keep RouterOS v6 for some time see https://git.eworm.de/cgit/routeros-scripts/about/#requirements";
  72="Introduced new script 'netwatch-dns' to manage DNS and DoH servers from netwatch.";
  73="Renamed backup scripts ('cloud-backup' -> 'backup-cloud', 'email-backup' -> 'backup-email', 'upload-backup' -> 'backup-upload').";
  74="Extended 'hotspot-to-wpa', it can now read additional configuration from templates and hotspot users.";
  75=("Finally merged the RouterOS v7 code into the main branch. " . [ $IfThenElse ([ $RequiredRouterOS "global-config.changes" "7.0" false ] = true) \
        ("You may now drop '\$ScriptUpdatesUrlSuffix' from 'global-config-overlay'.") \
        ("Still running RouterOS v6, so last reminder to see https://git.eworm.de/cgit/routeros-scripts/about/#requirements") ]);
  76="Added an option to suppress notifications on host down with 'netwatch-notify'.";
  77="Introduced new script 'firmware-upgrade-reboot'. Handle with care!";
  78="New documentation is online for notifications via Telegram & Matrix, variable inspection, ip address calculation and running scripts once.";
  79="Introduced new script 'backup-partition' to save configuration to fallback partition.";
  80="The 'routeros-v7' branch will now freeze, and vanish any time in future. You already switched to 'main' branch, well done!";
  81="Dropped script 'rotate-ntp', as the limitation does no longer exist.";
  82="Renamed the comment parameter 'hostname' to just 'name' for 'netwatch-notify'.";
  83="Introduced new setting to disable news and change notifications, dropped version from configuration.";
  84="Support for e-mail notifications moved to a module. It is installed automatically if required.";
  85="Dropped 'netwatch-syslog', filtering in firewall is advised.";
  86="Added support for hooks in 'sms-forward'. This now provides similar functionality to 'sms-action', but is more flexible.";
  87="Added support for extra text (or emojis \F0\9F\9A\80) in notification tags.";
};

# Migration steps to be applied on script updates
:global GlobalConfigMigration {
  41=":global SendNotification; \$SendNotification (\"Migration mechanism\") (\"Congratulations!\nSuccessfully tested the new migration mechanism.\");";
  47="/certificate/remove [ find where fingerprint=\"731d3d9cfaa061487a1d71445a42f67df0afca2a6c2d2f98ff7b3ce112b1f568\" or fingerprint=\"25847d668eb4f04fdd40b12b6b0740c567da7d024308eb6c2c96fe41d9de218d\" ];";
  52=":global CertificateDownload; :if ([ :len [ /certificate/find where fingerprint=\"67add1166b020ae61b8f5fc96813c04c2aa589960796865572a3c7e737613dfd\" or fingerprint=\"96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6\" ] ] < 2) do={ \$CertificateDownload \"R3\"; }; /certificate/remove [ find where fingerprint=\"0687260331a72403d909f105e69bcf0d32e1bd2493ffc6d9206d11bcd6770739\" ];";
  54=":global ScriptInstallUpdate; :global TelegramTokenId; :global TelegramChatId; :if ([ :len \$TelegramTokenId ] > 0 && [ :len \$TelegramChatId ] > 0) do={ \$ScriptInstallUpdate mod/notification-telegram; }";
  61="/system/script/remove [ find where name~\"^(early-errors|mode-button-(event|scheduler)|script-updates)\\\$\" source~\"^#!rsc by RouterOS\\n\" ];";
  66=":global ScriptInstallUpdate; :if ([ :len [ /system/script/find where name=\"bridge-port-to-default\" ] ] > 0) do={ /system/script/remove [ find where name~\"^bridge-port-to(-default|ggle)\\\$\" ]; \$ScriptInstallUpdate mod/bridge-port-to; }";
  67=":global ScriptInstallUpdate; :global CharacterReplace; :foreach Script in=[ /system/script/find where name~\"^global-functions.d/\" ] do={ /system/script/set name=[ \$CharacterReplace [ /system/script/get \$Script name ] \"global-functions.d/\" \"mod/\" ] \$Script; }; \$ScriptInstallUpdate;";
  73=":global ScriptInstallUpdate; :global CharacterReplace; :foreach Old,New in={ \"cloud-backup\"=\"backup-cloud\"; \"email-backup\"=\"backup-email\"; \"upload-backup\"=\"backup-upload\" } do={ /system/script/set name=\$New [ find where name=\$Old ]; :foreach Scheduler in=[ /system/scheduler/find where on-event~\$Old ] do={ /system/scheduler/set \$Scheduler name=[ \$CharacterReplace [ get \$Scheduler name ] \$Old \$New ] on-event=[ \$CharacterReplace [ get \$Scheduler on-event ] \$Old \$New ]; }; }; \$ScriptInstallUpdate;";
  81=":global NtpPool; :if ([ :len [ /system/script/find where name=\"rotate-ntp\" ] ] > 0) do={ /system/script/remove [ find where name=\"rotate-ntp\" ]; /system/scheduler/remove [ find where name=\"rotate-ntp\" ]; /system/ntp/client/set servers=\$NtpPool; };";
  82=":global CharacterReplace; :foreach Netwatch in=[ /tool/netwatch/find where comment~\"notify\" !disabled ] do={ /tool/netwatch/set \$Netwatch comment=[ \$CharacterReplace [ get \$Netwatch comment ] \"hostname=\" \"name=\" ]; };";
  84=":global ScriptInstallUpdate; :global EmailGeneralTo; :if ([ /tool/e-mail/get address ] != \"0.0.0.0\" && [ :len \$EmailGeneralTo ] > 0) do={ \$ScriptInstallUpdate mod/notification-email; }";
};