diff options
author | Christian Hesse <mail@eworm.de> | 2022-01-05 22:37:55 +0100 |
---|---|---|
committer | Christian Hesse <mail@eworm.de> | 2022-01-06 08:19:58 +0100 |
commit | e77b39e933a87bf509c176ee5a964c0772e0c54d (patch) | |
tree | 22c0c011fe0412b118fd7ef590b0609a9c9f87cb | |
parent | 95b17ab9a17b7ad11df7c467813a061aead1c835 (diff) |
rename script upload-backup -> backup-upload
-rw-r--r-- | README.md | 2 | ||||
-rw-r--r-- | backup-upload | 106 | ||||
-rw-r--r-- | doc/backup-cloud.md | 2 | ||||
-rw-r--r-- | doc/backup-email.md | 2 | ||||
-rw-r--r-- | doc/backup-upload.d/notification.svg (renamed from doc/upload-backup.d/notification.svg) | 2 | ||||
-rw-r--r-- | doc/backup-upload.md | 70 | ||||
-rw-r--r-- | doc/packages-update.md | 4 | ||||
-rw-r--r-- | doc/upload-backup.md | 71 | ||||
-rw-r--r-- | upload-backup | 106 |
9 files changed, 184 insertions, 181 deletions
@@ -187,6 +187,7 @@ Available scripts * [Find and remove access list duplicates](doc/accesslist-duplicates.md) * [Upload backup to Mikrotik cloud](doc/backup-cloud.md) * [Send backup via e-mail](doc/backup-email.md) +* [Upload backup to server](doc/backup-upload.md) * [Download packages for CAP upgrade from CAPsMAN](doc/capsman-download-packages.md) * [Run rolling CAP upgrades from CAPsMAN](doc/capsman-rolling-upgrade.md) * [Renew locally issued certificates](doc/certificate-renew-issued.md) @@ -222,7 +223,6 @@ Available scripts * [Install LTE firmware upgrade](doc/unattended-lte-firmware-upgrade.md) * [Update GRE configuration with dynamic addresses](doc/update-gre-address.md) * [Update tunnelbroker configuration](doc/update-tunnelbroker.md) -* [Upload backup to server](doc/upload-backup.md) [comment]: # (TODO: currently undocumented) [comment]: # (* learn-mac-based-vlan) diff --git a/backup-upload b/backup-upload new file mode 100644 index 0000000..6aba3e7 --- /dev/null +++ b/backup-upload @@ -0,0 +1,106 @@ +#!rsc by RouterOS +# RouterOS script: backup-upload +# Copyright (c) 2013-2022 Christian Hesse <mail@eworm.de> +# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# +# provides: backup-script +# +# create and upload backup and config file +# https://git.eworm.de/cgit/routeros-scripts/about/doc/backup-upload.md + +:local 0 "backup-upload"; +:global GlobalFunctionsReady; +:while ($GlobalFunctionsReady != true) do={ :delay 500ms; } + +:global BackupPassword; +:global BackupRandomDelay; +:global BackupSendBinary; +:global BackupSendExport; +:global BackupUploadPass; +:global BackupUploadUrl; +:global BackupUploadUser; +:global Domain; +:global Identity; + +:global CharacterReplace; +:global DeviceInfo; +:global IfThenElse; +:global LogPrintExit2; +:global MkDir; +:global RandomDelay; +:global ScriptFromTerminal; +:global SendNotification2; +:global SymbolForNotification; +:global WaitForFile; +:global WaitFullyConnected; + +:if ($BackupSendBinary != true && \ + $BackupSendExport != true) do={ + $LogPrintExit2 error $0 ("Configured to send neither backup nor config export.") true; +} + +$WaitFullyConnected; + +:if ([ $ScriptFromTerminal $0 ] = false && $BackupRandomDelay > 0) do={ + $RandomDelay $BackupRandomDelay; +} + +:if ([ $MkDir $0 ] = false) do={ + $LogPrintExit2 error $0 ("Failed creating directory!") true; +} + +# filename based on identity +:local FileName [ $CharacterReplace ($Identity . "." . $Domain) "." "_" ]; +:local FilePath ($0 . "/" . $FileName); +:local BackupFile "none"; +:local ConfigFile "none"; +:local Failed 0; + +# binary backup +:if ($BackupSendBinary = true) do={ + / system backup save encryption=aes-sha256 name=$FilePath password=$BackupPassword; + $WaitForFile ($FilePath . ".backup"); + + :do { + / tool fetch upload=yes url=($BackupUploadUrl . "/" . $FileName . ".backup") \ + user=$BackupUploadUser password=$BackupUploadPass src-path=($FilePath . ".backup"); + :set BackupFile ($FileName . ".backup"); + } on-error={ + $LogPrintExit2 error $0 ("Uploading backup file failed!") false; + :set BackupFile "failed"; + :set Failed 1; + } + + / file remove ($FilePath . ".backup"); +} + +# create configuration export +:if ($BackupSendExport = true) do={ + / export terse file=$FilePath; + $WaitForFile ($FilePath . ".rsc"); + + :do { + / tool fetch upload=yes url=($BackupUploadUrl . "/" . $FileName . ".rsc") \ + user=$BackupUploadUser password=$BackupUploadPass src-path=($FilePath . ".rsc"); + :set ConfigFile ($FileName . ".rsc"); + } on-error={ + $LogPrintExit2 error $0 ("Uploading configuration export failed!") false; + :set ConfigFile "failed"; + :set Failed 1; + } + + / file remove ($FilePath . ".rsc"); +} + +$SendNotification2 ({ origin=$0; \ + subject=[ $IfThenElse ($Failed > 0) \ + ([ $SymbolForNotification "warning-sign" ] . "Backup & Config upload with failure") \ + ([ $SymbolForNotification "floppy-disk,up-arrow" ] . "Backup & Config upload") ]; \ + message=("Backup and config export upload for " . $Identity . ".\n\n" . \ + [ $DeviceInfo ] . "\n\n" . \ + "Backup file: " . $BackupFile . "\n" . \ + "Config file: " . $ConfigFile); silent=true }); + +:if ($Failed = 1) do={ + :error "An error occured!"; +} diff --git a/doc/backup-cloud.md b/doc/backup-cloud.md index a31a736..117e4c7 100644 --- a/doc/backup-cloud.md +++ b/doc/backup-cloud.md @@ -47,7 +47,7 @@ See also -------- * [Send backup via e-mail](backup-email.md) -* [Upload backup to server](upload-backup.md) +* [Upload backup to server](backup-upload.md) --- [◀ Go back to main README](../README.md) diff --git a/doc/backup-email.md b/doc/backup-email.md index 7361b44..be36cb4 100644 --- a/doc/backup-email.md +++ b/doc/backup-email.md @@ -47,7 +47,7 @@ See also -------- * [Upload backup to Mikrotik cloud](backup-cloud.md) -* [Upload backup to server](upload-backup.md) +* [Upload backup to server](backup-upload.md) --- [◀ Go back to main README](../README.md) diff --git a/doc/upload-backup.d/notification.svg b/doc/backup-upload.d/notification.svg index a85bd5c..90573ab 100644 --- a/doc/upload-backup.d/notification.svg +++ b/doc/backup-upload.d/notification.svg @@ -6,7 +6,7 @@ version="1.1" id="svg8" inkscape:version="1.1 (c4e8f9ed74, 2021-05-24)" - sodipodi:docname="upload-backup.svg" + sodipodi:docname="backup-upload.svg" inkscape:export-filename="logo.png" inkscape:export-xdpi="96" inkscape:export-ydpi="96" diff --git a/doc/backup-upload.md b/doc/backup-upload.md new file mode 100644 index 0000000..212b16c --- /dev/null +++ b/doc/backup-upload.md @@ -0,0 +1,70 @@ +Upload backup to server +======================= + +[◀ Go back to main README](../README.md) + +🛈 This script can not be used on its own but requires the base installation. +See [main README](../README.md) for details. + +Description +----------- + +This script uploads binary backup (`/ system backup save`) and complete +configuration export (`/ export terse`) to external server. + +### Sample notification + +![backup-upload notification](backup-upload.d/notification.svg) + +Requirements and installation +----------------------------- + +Just install the script: + + $ScriptInstallUpdate backup-upload; + +Configuration +------------- + +The configuration goes to `global-config-overlay`, these are the parameters: + +* `BackupSendBinary`: whether to send binary backup +* `BackupSendExport`: whether to send configuration export +* `BackupPassword`: password to encrypt the backup with +* `BackupRandomDelay`: delay up to amount of seconds when run from scheduler +* `BackupUploadUrl`: url to upload to +* `BackupUploadUser`: username for server authentication +* `BackupUploadPass`: password for server authentication + +Also notification settings are required for e-mail, matrix and/or telegram. + +### Issues with SFTP client + +The RouterOS SFTP client is picky if it comes to authentication methods. +I had to disable all but password authentication on server side. For openssh +edit `/etc/ssh/sshd_config` and add a directive like this, changed for your +needs: + + Match User mikrotik + AuthenticationMethods password + +Usage and invocation +-------------------- + +Just run the script: + + / system script run backup-upload; + +Creating a scheduler may be an option: + + / system scheduler add interval=1w name=backup-upload on-event="/ system script run backup-upload;" start-time=09:25:00; + +See also +-------- + +* [Send backup via e-mail](backup-email.md) +* [Upload backup to Mikrotik cloud](backup-cloud.md) + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) diff --git a/doc/packages-update.md b/doc/packages-update.md index 8502a36..ac69301 100644 --- a/doc/packages-update.md +++ b/doc/packages-update.md @@ -17,7 +17,7 @@ verification. But it provides some extra functionality: * send backup via e-mail if [backup-email](backup-email.md) is installed -* upload backup if [upload-backup](upload-backup.md) is installed +* upload backup if [backup-upload](backup-upload.md) is installed * schedule reboot at night Requirements and installation @@ -42,7 +42,7 @@ See also * [Notify on RouterOS update](check-routeros-update.md) * [Send backup via e-mail](backup-email.md) -* [Upload backup to server](upload-backup.md) +* [Upload backup to server](backup-upload.md) --- [◀ Go back to main README](../README.md) diff --git a/doc/upload-backup.md b/doc/upload-backup.md index 33022f4..83c9991 100644 --- a/doc/upload-backup.md +++ b/doc/upload-backup.md @@ -1,70 +1 @@ -Upload backup to server -======================= - -[◀ Go back to main README](../README.md) - -🛈 This script can not be used on its own but requires the base installation. -See [main README](../README.md) for details. - -Description ------------ - -This script uploads binary backup (`/ system backup save`) and complete -configuration export (`/ export terse`) to external server. - -### Sample notification - -![upload-backup notification](upload-backup.d/notification.svg) - -Requirements and installation ------------------------------ - -Just install the script: - - $ScriptInstallUpdate upload-backup; - -Configuration -------------- - -The configuration goes to `global-config-overlay`, these are the parameters: - -* `BackupSendBinary`: whether to send binary backup -* `BackupSendExport`: whether to send configuration export -* `BackupPassword`: password to encrypt the backup with -* `BackupRandomDelay`: delay up to amount of seconds when run from scheduler -* `BackupUploadUrl`: url to upload to -* `BackupUploadUser`: username for server authentication -* `BackupUploadPass`: password for server authentication - -Also notification settings are required for e-mail, matrix and/or telegram. - -### Issues with SFTP client - -The RouterOS SFTP client is picky if it comes to authentication methods. -I had to disable all but password authentication on server side. For openssh -edit `/etc/ssh/sshd_config` and add a directive like this, changed for your -needs: - - Match User mikrotik - AuthenticationMethods password - -Usage and invocation --------------------- - -Just run the script: - - / system script run upload-backup; - -Creating a scheduler may be an option: - - / system scheduler add interval=1w name=upload-backup on-event="/ system script run upload-backup;" start-time=09:25:00; - -See also --------- - -* [Send backup via e-mail](backup-email.md) -* [Upload backup to Mikrotik cloud](backup-cloud.md) - ---- -[◀ Go back to main README](../README.md) -[▲ Go back to top](#top) +This script has been renamed. Please see [backup-upload](backup-upload.md). diff --git a/upload-backup b/upload-backup index f243ef0..2c48f07 100644 --- a/upload-backup +++ b/upload-backup @@ -1,106 +1,2 @@ #!rsc by RouterOS -# RouterOS script: upload-backup -# Copyright (c) 2013-2022 Christian Hesse <mail@eworm.de> -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md -# -# provides: backup-script -# -# create and upload backup and config file -# https://git.eworm.de/cgit/routeros-scripts/about/doc/upload-backup.md - -:local 0 "upload-backup"; -:global GlobalFunctionsReady; -:while ($GlobalFunctionsReady != true) do={ :delay 500ms; } - -:global BackupPassword; -:global BackupRandomDelay; -:global BackupSendBinary; -:global BackupSendExport; -:global BackupUploadPass; -:global BackupUploadUrl; -:global BackupUploadUser; -:global Domain; -:global Identity; - -:global CharacterReplace; -:global DeviceInfo; -:global IfThenElse; -:global LogPrintExit2; -:global MkDir; -:global RandomDelay; -:global ScriptFromTerminal; -:global SendNotification2; -:global SymbolForNotification; -:global WaitForFile; -:global WaitFullyConnected; - -:if ($BackupSendBinary != true && \ - $BackupSendExport != true) do={ - $LogPrintExit2 error $0 ("Configured to send neither backup nor config export.") true; -} - -$WaitFullyConnected; - -:if ([ $ScriptFromTerminal $0 ] = false && $BackupRandomDelay > 0) do={ - $RandomDelay $BackupRandomDelay; -} - -:if ([ $MkDir $0 ] = false) do={ - $LogPrintExit2 error $0 ("Failed creating directory!") true; -} - -# filename based on identity -:local FileName [ $CharacterReplace ($Identity . "." . $Domain) "." "_" ]; -:local FilePath ($0 . "/" . $FileName); -:local BackupFile "none"; -:local ConfigFile "none"; -:local Failed 0; - -# binary backup -:if ($BackupSendBinary = true) do={ - / system backup save encryption=aes-sha256 name=$FilePath password=$BackupPassword; - $WaitForFile ($FilePath . ".backup"); - - :do { - / tool fetch upload=yes url=($BackupUploadUrl . "/" . $FileName . ".backup") \ - user=$BackupUploadUser password=$BackupUploadPass src-path=($FilePath . ".backup"); - :set BackupFile ($FileName . ".backup"); - } on-error={ - $LogPrintExit2 error $0 ("Uploading backup file failed!") false; - :set BackupFile "failed"; - :set Failed 1; - } - - / file remove ($FilePath . ".backup"); -} - -# create configuration export -:if ($BackupSendExport = true) do={ - / export terse file=$FilePath; - $WaitForFile ($FilePath . ".rsc"); - - :do { - / tool fetch upload=yes url=($BackupUploadUrl . "/" . $FileName . ".rsc") \ - user=$BackupUploadUser password=$BackupUploadPass src-path=($FilePath . ".rsc"); - :set ConfigFile ($FileName . ".rsc"); - } on-error={ - $LogPrintExit2 error $0 ("Uploading configuration export failed!") false; - :set ConfigFile "failed"; - :set Failed 1; - } - - / file remove ($FilePath . ".rsc"); -} - -$SendNotification2 ({ origin=$0; \ - subject=[ $IfThenElse ($Failed > 0) \ - ([ $SymbolForNotification "warning-sign" ] . "Backup & Config upload with failure") \ - ([ $SymbolForNotification "floppy-disk,up-arrow" ] . "Backup & Config upload") ]; \ - message=("Backup and config export upload for " . $Identity . ".\n\n" . \ - [ $DeviceInfo ] . "\n\n" . \ - "Backup file: " . $BackupFile . "\n" . \ - "Config file: " . $ConfigFile); silent=true }); - -:if ($Failed = 1) do={ - :error "An error occured!"; -} +# dummy for migration |