diff options
author | Christian Hesse <mail@eworm.de> | 2022-01-06 10:23:03 +0100 |
---|---|---|
committer | Christian Hesse <mail@eworm.de> | 2022-01-06 10:23:03 +0100 |
commit | 97f35dcf0e99738e9170a413f6be52c989708b9c (patch) | |
tree | 1b9dee4af1a834b4cc2fa83d713743708498f1f4 | |
parent | 57c80dc2a42280c1a8d1f2c7de8d73a3e03190bc (diff) | |
parent | ed0135c613b92ce59bda832f0e4a789a8268223f (diff) |
Merge branch 'backup' into next
-rw-r--r-- | README.md | 6 | ||||
-rw-r--r-- | backup-cloud | 58 | ||||
-rw-r--r-- | backup-email | 80 | ||||
-rw-r--r-- | backup-upload | 106 | ||||
-rw-r--r-- | cloud-backup | 58 | ||||
-rw-r--r-- | doc/backup-cloud.d/notification.svg (renamed from doc/cloud-backup.d/notification.svg) | 2 | ||||
-rw-r--r-- | doc/backup-cloud.md | 54 | ||||
-rw-r--r-- | doc/backup-email.md | 54 | ||||
-rw-r--r-- | doc/backup-upload.d/notification.svg (renamed from doc/upload-backup.d/notification.svg) | 2 | ||||
-rw-r--r-- | doc/backup-upload.md | 70 | ||||
-rw-r--r-- | doc/cloud-backup.md | 55 | ||||
-rw-r--r-- | doc/email-backup.md | 55 | ||||
-rw-r--r-- | doc/log-forward.d/notification.svg | 2 | ||||
-rw-r--r-- | doc/packages-update.md | 8 | ||||
-rw-r--r-- | doc/upload-backup.md | 71 | ||||
-rw-r--r-- | email-backup | 80 | ||||
-rw-r--r-- | global-config | 4 | ||||
-rw-r--r-- | global-config-overlay | 2 | ||||
-rw-r--r-- | global-config.changes | 2 | ||||
-rw-r--r-- | global-functions | 2 | ||||
-rw-r--r-- | upload-backup | 106 |
21 files changed, 444 insertions, 433 deletions
@@ -185,6 +185,9 @@ Available scripts ----------------- * [Find and remove access list duplicates](doc/accesslist-duplicates.md) +* [Upload backup to Mikrotik cloud](doc/backup-cloud.md) +* [Send backup via e-mail](doc/backup-email.md) +* [Upload backup to server](doc/backup-upload.md) * [Download packages for CAP upgrade from CAPsMAN](doc/capsman-download-packages.md) * [Run rolling CAP upgrades from CAPsMAN](doc/capsman-rolling-upgrade.md) * [Renew locally issued certificates](doc/certificate-renew-issued.md) @@ -192,12 +195,10 @@ Available scripts * [Notify about health state](doc/check-health.md) * [Notify on LTE firmware upgrade](doc/check-lte-firmware-upgrade.md) * [Notify on RouterOS update](doc/check-routeros-update.md) -* [Upload backup to Mikrotik cloud](doc/cloud-backup.md) * [Collect MAC addresses in wireless access list](doc/collect-wireless-mac.md) * [Use wireless network with daily psk](doc/daily-psk.md) * [Comment DHCP leases with info from access list](doc/dhcp-lease-comment.md) * [Create DNS records for DHCP leases](doc/dhcp-to-dns.md) -* [Send backup via e-mail](doc/email-backup.md) * [Wait for global functions und modules](doc/global-wait.md) * [Send GPS position to server](doc/gps-track.md) * [Use WPA2 network with hotspot credentials](doc/hotspot-to-wpa.md) @@ -222,7 +223,6 @@ Available scripts * [Install LTE firmware upgrade](doc/unattended-lte-firmware-upgrade.md) * [Update GRE configuration with dynamic addresses](doc/update-gre-address.md) * [Update tunnelbroker configuration](doc/update-tunnelbroker.md) -* [Upload backup to server](doc/upload-backup.md) [comment]: # (TODO: currently undocumented) [comment]: # (* learn-mac-based-vlan) diff --git a/backup-cloud b/backup-cloud new file mode 100644 index 0000000..d1d9f14 --- /dev/null +++ b/backup-cloud @@ -0,0 +1,58 @@ +#!rsc by RouterOS +# RouterOS script: backup-cloud +# Copyright (c) 2013-2022 Christian Hesse <mail@eworm.de> +# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# +# provides: backup-script +# +# upload backup to MikroTik cloud +# https://git.eworm.de/cgit/routeros-scripts/about/doc/backup-cloud.md + +:local 0 "backup-cloud"; +:global GlobalFunctionsReady; +:while ($GlobalFunctionsReady != true) do={ :delay 500ms; } + +:global BackupPassword; +:global BackupRandomDelay; +:global Identity; + +:global DeviceInfo; +:global LogPrintExit2; +:global RandomDelay; +:global ScriptFromTerminal; +:global SendNotification2; +:global SymbolForNotification; +:global WaitFullyConnected; + +$WaitFullyConnected; + +:if ([ $ScriptFromTerminal $0 ] = false && $BackupRandomDelay > 0) do={ + $RandomDelay $BackupRandomDelay; +} + +:do { + # we are not interested in output, but print is + # required to fetch information from cloud + / system backup cloud print as-value; + :if ([ :len [ / system backup cloud find ] ] > 0) do={ + / system backup cloud upload-file action=create-and-upload \ + password=$BackupPassword replace=[ get ([ find ]->0) name ]; + } else={ + / system backup cloud upload-file action=create-and-upload \ + password=$BackupPassword; + } + :local Cloud [ / system backup cloud get ([ find ]->0) ]; + + $SendNotification2 ({ origin=$0; \ + subject=([ $SymbolForNotification "floppy-disk,cloud" ] . "Cloud backup"); \ + message=("Uploaded backup for " . $Identity . " to cloud.\n\n" . \ + [ $DeviceInfo ] . "\n\n" . \ + "Name: " . $Cloud->"name" . "\n" . \ + "Size: " . $Cloud->"size" . " B (" . ($Cloud->"size" / 1024) . " KiB)\n" . \ + "Download key: " . $Cloud->"secret-download-key"); silent=true }); +} on-error={ + $SendNotification2 ({ origin=$0; \ + subject=([ $SymbolForNotification "warning-sign" ] . "Cloud backup failed"); \ + message=("Failed uploading backup for " . $Identity . " to cloud!\n\n" . [ $DeviceInfo ]) }); + $LogPrintExit2 error $0 ("Failed uploading backup for " . $Identity . " to cloud!") true; +} diff --git a/backup-email b/backup-email new file mode 100644 index 0000000..bda9215 --- /dev/null +++ b/backup-email @@ -0,0 +1,80 @@ +#!rsc by RouterOS +# RouterOS script: backup-email +# Copyright (c) 2013-2022 Christian Hesse <mail@eworm.de> +# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# +# provides: backup-script +# +# create and email backup and config file +# https://git.eworm.de/cgit/routeros-scripts/about/doc/backup-email.md + +:local 0 "backup-email"; +:global GlobalFunctionsReady; +:while ($GlobalFunctionsReady != true) do={ :delay 500ms; } + +:global BackupPassword; +:global BackupRandomDelay; +:global BackupSendBinary; +:global BackupSendExport; +:global Domain; +:global Identity; + +:global CharacterReplace; +:global DeviceInfo; +:global LogPrintExit2; +:global MkDir; +:global RandomDelay; +:global ScriptFromTerminal; +:global SendEMail2; +:global SymbolForNotification; +:global WaitForFile; +:global WaitFullyConnected; + +:if ($BackupSendBinary != true && \ + $BackupSendExport != true) do={ + $LogPrintExit2 error $0 ("Configured to send neither backup nor config export.") true; +} + +$WaitFullyConnected; + +:if ([ $ScriptFromTerminal $0 ] = false && $BackupRandomDelay > 0) do={ + $RandomDelay $BackupRandomDelay; +} + +:if ([ $MkDir $0 ] = false) do={ + $LogPrintExit2 error $0 ("Failed creating directory!") true; +} + +# filename based on identity +:local FileName [ $CharacterReplace ($Identity . "." . $Domain) "." "_" ]; +:local FilePath ($0 . "/" . $FileName); +:local BackupFile "none"; +:local ConfigFile "none"; +:local Attach [ :toarray "" ]; + +# binary backup +:if ($BackupSendBinary = true) do={ + / system backup save encryption=aes-sha256 name=$FilePath password=$BackupPassword; + $WaitForFile ($FilePath . ".backup"); + :set BackupFile ($FileName . ".backup"); + :set Attach ($Attach, ($FilePath . ".backup")); +} + +# create configuration export +:if ($BackupSendExport = true) do={ + / export terse file=$FilePath; + $WaitForFile ($FilePath . ".rsc"); + :set ConfigFile ($FileName . ".rsc"); + :set Attach ($Attach, ($FilePath . ".rsc")); +} + +# send email with status and files +$SendEMail2 ({ origin=$0; \ + subject=([ $SymbolForNotification "floppy-disk,incoming-envelope" ] . \ + "Backup & Config"); \ + message=("See attached files for backup and config export for " . \ + $Identity . ".\n\n" . \ + [ $DeviceInfo ] . "\n\n" . \ + "Backup file: " . $BackupFile . "\n" . \ + "Config file: " . $ConfigFile); \ + attach=$Attach; remove-attach=true }); diff --git a/backup-upload b/backup-upload new file mode 100644 index 0000000..6aba3e7 --- /dev/null +++ b/backup-upload @@ -0,0 +1,106 @@ +#!rsc by RouterOS +# RouterOS script: backup-upload +# Copyright (c) 2013-2022 Christian Hesse <mail@eworm.de> +# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# +# provides: backup-script +# +# create and upload backup and config file +# https://git.eworm.de/cgit/routeros-scripts/about/doc/backup-upload.md + +:local 0 "backup-upload"; +:global GlobalFunctionsReady; +:while ($GlobalFunctionsReady != true) do={ :delay 500ms; } + +:global BackupPassword; +:global BackupRandomDelay; +:global BackupSendBinary; +:global BackupSendExport; +:global BackupUploadPass; +:global BackupUploadUrl; +:global BackupUploadUser; +:global Domain; +:global Identity; + +:global CharacterReplace; +:global DeviceInfo; +:global IfThenElse; +:global LogPrintExit2; +:global MkDir; +:global RandomDelay; +:global ScriptFromTerminal; +:global SendNotification2; +:global SymbolForNotification; +:global WaitForFile; +:global WaitFullyConnected; + +:if ($BackupSendBinary != true && \ + $BackupSendExport != true) do={ + $LogPrintExit2 error $0 ("Configured to send neither backup nor config export.") true; +} + +$WaitFullyConnected; + +:if ([ $ScriptFromTerminal $0 ] = false && $BackupRandomDelay > 0) do={ + $RandomDelay $BackupRandomDelay; +} + +:if ([ $MkDir $0 ] = false) do={ + $LogPrintExit2 error $0 ("Failed creating directory!") true; +} + +# filename based on identity +:local FileName [ $CharacterReplace ($Identity . "." . $Domain) "." "_" ]; +:local FilePath ($0 . "/" . $FileName); +:local BackupFile "none"; +:local ConfigFile "none"; +:local Failed 0; + +# binary backup +:if ($BackupSendBinary = true) do={ + / system backup save encryption=aes-sha256 name=$FilePath password=$BackupPassword; + $WaitForFile ($FilePath . ".backup"); + + :do { + / tool fetch upload=yes url=($BackupUploadUrl . "/" . $FileName . ".backup") \ + user=$BackupUploadUser password=$BackupUploadPass src-path=($FilePath . ".backup"); + :set BackupFile ($FileName . ".backup"); + } on-error={ + $LogPrintExit2 error $0 ("Uploading backup file failed!") false; + :set BackupFile "failed"; + :set Failed 1; + } + + / file remove ($FilePath . ".backup"); +} + +# create configuration export +:if ($BackupSendExport = true) do={ + / export terse file=$FilePath; + $WaitForFile ($FilePath . ".rsc"); + + :do { + / tool fetch upload=yes url=($BackupUploadUrl . "/" . $FileName . ".rsc") \ + user=$BackupUploadUser password=$BackupUploadPass src-path=($FilePath . ".rsc"); + :set ConfigFile ($FileName . ".rsc"); + } on-error={ + $LogPrintExit2 error $0 ("Uploading configuration export failed!") false; + :set ConfigFile "failed"; + :set Failed 1; + } + + / file remove ($FilePath . ".rsc"); +} + +$SendNotification2 ({ origin=$0; \ + subject=[ $IfThenElse ($Failed > 0) \ + ([ $SymbolForNotification "warning-sign" ] . "Backup & Config upload with failure") \ + ([ $SymbolForNotification "floppy-disk,up-arrow" ] . "Backup & Config upload") ]; \ + message=("Backup and config export upload for " . $Identity . ".\n\n" . \ + [ $DeviceInfo ] . "\n\n" . \ + "Backup file: " . $BackupFile . "\n" . \ + "Config file: " . $ConfigFile); silent=true }); + +:if ($Failed = 1) do={ + :error "An error occured!"; +} diff --git a/cloud-backup b/cloud-backup index ab2cf7c..2c48f07 100644 --- a/cloud-backup +++ b/cloud-backup @@ -1,58 +1,2 @@ #!rsc by RouterOS -# RouterOS script: cloud-backup -# Copyright (c) 2013-2022 Christian Hesse <mail@eworm.de> -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md -# -# provides: backup-script -# -# upload backup to MikroTik cloud -# https://git.eworm.de/cgit/routeros-scripts/about/doc/cloud-backup.md - -:local 0 "cloud-backup"; -:global GlobalFunctionsReady; -:while ($GlobalFunctionsReady != true) do={ :delay 500ms; } - -:global BackupPassword; -:global BackupRandomDelay; -:global Identity; - -:global DeviceInfo; -:global LogPrintExit2; -:global RandomDelay; -:global ScriptFromTerminal; -:global SendNotification2; -:global SymbolForNotification; -:global WaitFullyConnected; - -$WaitFullyConnected; - -:if ([ $ScriptFromTerminal $0 ] = false && $BackupRandomDelay > 0) do={ - $RandomDelay $BackupRandomDelay; -} - -:do { - # we are not interested in output, but print is - # required to fetch information from cloud - / system backup cloud print as-value; - :if ([ :len [ / system backup cloud find ] ] > 0) do={ - / system backup cloud upload-file action=create-and-upload \ - password=$BackupPassword replace=[ get ([ find ]->0) name ]; - } else={ - / system backup cloud upload-file action=create-and-upload \ - password=$BackupPassword; - } - :local Cloud [ / system backup cloud get ([ find ]->0) ]; - - $SendNotification2 ({ origin=$0; \ - subject=([ $SymbolForNotification "floppy-disk,cloud" ] . "Cloud backup"); \ - message=("Uploaded backup for " . $Identity . " to cloud.\n\n" . \ - [ $DeviceInfo ] . "\n\n" . \ - "Name: " . $Cloud->"name" . "\n" . \ - "Size: " . $Cloud->"size" . " B (" . ($Cloud->"size" / 1024) . " KiB)\n" . \ - "Download key: " . $Cloud->"secret-download-key"); silent=true }); -} on-error={ - $SendNotification2 ({ origin=$0; \ - subject=([ $SymbolForNotification "warning-sign" ] . "Cloud backup failed"); \ - message=("Failed uploading backup for " . $Identity . " to cloud!\n\n" . [ $DeviceInfo ]) }); - $LogPrintExit2 error $0 ("Failed uploading backup for " . $Identity . " to cloud!") true; -} +# dummy for migration diff --git a/doc/cloud-backup.d/notification.svg b/doc/backup-cloud.d/notification.svg index 8b84b8f..b023e50 100644 --- a/doc/cloud-backup.d/notification.svg +++ b/doc/backup-cloud.d/notification.svg @@ -6,7 +6,7 @@ version="1.1" id="svg8" inkscape:version="1.1 (c4e8f9ed74, 2021-05-24)" - sodipodi:docname="cloud-backup.svg" + sodipodi:docname="backup-cloud.svg" inkscape:export-filename="logo.png" inkscape:export-xdpi="96" inkscape:export-ydpi="96" diff --git a/doc/backup-cloud.md b/doc/backup-cloud.md new file mode 100644 index 0000000..117e4c7 --- /dev/null +++ b/doc/backup-cloud.md @@ -0,0 +1,54 @@ +Upload backup to Mikrotik cloud +=============================== + +[◀ Go back to main README](../README.md) + +🛈 This script can not be used on its own but requires the base installation. +See [main README](../README.md) for details. + +Description +----------- + +This script uploads [binary backup to Mikrotik cloud](https://wiki.mikrotik.com/wiki/Manual:IP/Cloud#Backup). + +### Sample notification + +![backup-cloud notification](backup-cloud.d/notification.svg) + +Requirements and installation +----------------------------- + +Just install the script: + + $ScriptInstallUpdate backup-cloud; + +Configuration +------------- + +The configuration goes to `global-config-overlay`, these are the parameters: + +* `BackupPassword`: password to encrypt the backup with +* `BackupRandomDelay`: delay up to amount of seconds when run from scheduler + +Also notification settings are required for e-mail, matrix and/or telegram. + +Usage and invocation +-------------------- + +Just run the script: + + / system script run backup-cloud; + +Creating a scheduler may be an option: + + / system scheduler add interval=1w name=backup-cloud on-event="/ system script run backup-cloud;" start-time=09:20:00; + +See also +-------- + +* [Send backup via e-mail](backup-email.md) +* [Upload backup to server](backup-upload.md) + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) diff --git a/doc/backup-email.md b/doc/backup-email.md new file mode 100644 index 0000000..be36cb4 --- /dev/null +++ b/doc/backup-email.md @@ -0,0 +1,54 @@ +Send backup via e-mail +====================== + +[◀ Go back to main README](../README.md) + +🛈 This script can not be used on its own but requires the base installation. +See [main README](../README.md) for details. + +Description +----------- + +This script sends binary backup (`/ system backup save`) and complete +configuration export (`/ export terse`) via e-mail. + + +Requirements and installation +----------------------------- + +Just install the script: + + $ScriptInstallUpdate backup-email; + +Configuration +------------- + +The configuration goes to `global-config-overlay`, these are the parameters: + +* `BackupSendBinary`: whether to send binary backup +* `BackupSendExport`: whether to send configuration export +* `BackupPassword`: password to encrypt the backup with +* `BackupRandomDelay`: delay up to amount of seconds when run from scheduler + +Also valid e-mail settings are required to send mails. + +Usage and invocation +-------------------- + +Just run the script: + + / system script run backup-email; + +Creating a scheduler may be an option: + + / system scheduler add interval=1w name=backup-email on-event="/ system script run backup-email;" start-time=09:15:00; + +See also +-------- + +* [Upload backup to Mikrotik cloud](backup-cloud.md) +* [Upload backup to server](backup-upload.md) + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) diff --git a/doc/upload-backup.d/notification.svg b/doc/backup-upload.d/notification.svg index a85bd5c..90573ab 100644 --- a/doc/upload-backup.d/notification.svg +++ b/doc/backup-upload.d/notification.svg @@ -6,7 +6,7 @@ version="1.1" id="svg8" inkscape:version="1.1 (c4e8f9ed74, 2021-05-24)" - sodipodi:docname="upload-backup.svg" + sodipodi:docname="backup-upload.svg" inkscape:export-filename="logo.png" inkscape:export-xdpi="96" inkscape:export-ydpi="96" diff --git a/doc/backup-upload.md b/doc/backup-upload.md new file mode 100644 index 0000000..212b16c --- /dev/null +++ b/doc/backup-upload.md @@ -0,0 +1,70 @@ +Upload backup to server +======================= + +[◀ Go back to main README](../README.md) + +🛈 This script can not be used on its own but requires the base installation. +See [main README](../README.md) for details. + +Description +----------- + +This script uploads binary backup (`/ system backup save`) and complete +configuration export (`/ export terse`) to external server. + +### Sample notification + +![backup-upload notification](backup-upload.d/notification.svg) + +Requirements and installation +----------------------------- + +Just install the script: + + $ScriptInstallUpdate backup-upload; + +Configuration +------------- + +The configuration goes to `global-config-overlay`, these are the parameters: + +* `BackupSendBinary`: whether to send binary backup +* `BackupSendExport`: whether to send configuration export +* `BackupPassword`: password to encrypt the backup with +* `BackupRandomDelay`: delay up to amount of seconds when run from scheduler +* `BackupUploadUrl`: url to upload to +* `BackupUploadUser`: username for server authentication +* `BackupUploadPass`: password for server authentication + +Also notification settings are required for e-mail, matrix and/or telegram. + +### Issues with SFTP client + +The RouterOS SFTP client is picky if it comes to authentication methods. +I had to disable all but password authentication on server side. For openssh +edit `/etc/ssh/sshd_config` and add a directive like this, changed for your +needs: + + Match User mikrotik + AuthenticationMethods password + +Usage and invocation +-------------------- + +Just run the script: + + / system script run backup-upload; + +Creating a scheduler may be an option: + + / system scheduler add interval=1w name=backup-upload on-event="/ system script run backup-upload;" start-time=09:25:00; + +See also +-------- + +* [Send backup via e-mail](backup-email.md) +* [Upload backup to Mikrotik cloud](backup-cloud.md) + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) diff --git a/doc/cloud-backup.md b/doc/cloud-backup.md index 7522bc1..e161cfa 100644 --- a/doc/cloud-backup.md +++ b/doc/cloud-backup.md @@ -1,54 +1 @@ -Upload backup to Mikrotik cloud -=============================== - -[◀ Go back to main README](../README.md) - -🛈 This script can not be used on its own but requires the base installation. -See [main README](../README.md) for details. - -Description ------------ - -This script uploads [binary backup to Mikrotik cloud](https://wiki.mikrotik.com/wiki/Manual:IP/Cloud#Backup). - -### Sample notification - -![cloud-backup notification](cloud-backup.d/notification.svg) - -Requirements and installation ------------------------------ - -Just install the script: - - $ScriptInstallUpdate cloud-backup; - -Configuration -------------- - -The configuration goes to `global-config-overlay`, these are the parameters: - -* `BackupPassword`: password to encrypt the backup with -* `BackupRandomDelay`: delay up to amount of seconds when run from scheduler - -Also notification settings are required for e-mail, matrix and/or telegram. - -Usage and invocation --------------------- - -Just run the script: - - / system script run cloud-backup; - -Creating a scheduler may be an option: - - / system scheduler add interval=1w name=cloud-backup on-event="/ system script run cloud-backup;" start-time=09:20:00; - -See also --------- - -* [Send backup via e-mail](email-backup.md) -* [Upload backup to server](upload-backup.md) - ---- -[◀ Go back to main README](../README.md) -[▲ Go back to top](#top) +This script has been renamed. Please see [backup-cloud](backup-cloud.md). diff --git a/doc/email-backup.md b/doc/email-backup.md index 85d50bd..d674743 100644 --- a/doc/email-backup.md +++ b/doc/email-backup.md @@ -1,54 +1 @@ -Send backup via e-mail -====================== - -[◀ Go back to main README](../README.md) - -🛈 This script can not be used on its own but requires the base installation. -See [main README](../README.md) for details. - -Description ------------ - -This script sends binary backup (`/ system backup save`) and complete -configuration export (`/ export terse`) via e-mail. - - -Requirements and installation ------------------------------ - -Just install the script: - - $ScriptInstallUpdate email-backup; - -Configuration -------------- - -The configuration goes to `global-config-overlay`, these are the parameters: - -* `BackupSendBinary`: whether to send binary backup -* `BackupSendExport`: whether to send configuration export -* `BackupPassword`: password to encrypt the backup with -* `BackupRandomDelay`: delay up to amount of seconds when run from scheduler - -Also valid e-mail settings are required to send mails. - -Usage and invocation --------------------- - -Just run the script: - - / system script run email-backup; - -Creating a scheduler may be an option: - - / system scheduler add interval=1w name=email-backup on-event="/ system script run email-backup;" start-time=09:15:00; - -See also --------- - -* [Upload backup to Mikrotik cloud](cloud-backup.md) -* [Upload backup to server](upload-backup.md) - ---- -[◀ Go back to main README](../README.md) -[▲ Go back to top](#top) +This script has been renamed. Please see [backup-email](backup-email.md).
\ No newline at end of file diff --git a/doc/log-forward.d/notification.svg b/doc/log-forward.d/notification.svg index b3389fe..373144b 100644 --- a/doc/log-forward.d/notification.svg +++ b/doc/log-forward.d/notification.svg @@ -170,7 +170,7 @@ </tspan><tspan x="180" y="86.082811" - id="tspan2327"> ● 13:24:02 script;error cloud-backup: Failed uploading backup </tspan><tspan + id="tspan2327"> ● 13:24:02 script;error backup-cloud: Failed uploading backup </tspan><tspan x="180" y="101.08281" id="tspan2329">for MikroTik to cloud! diff --git a/doc/packages-update.md b/doc/packages-update.md index cc4a29b..ac69301 100644 --- a/doc/packages-update.md +++ b/doc/packages-update.md @@ -16,8 +16,8 @@ verification. But it provides some extra functionality: -* send backup via e-mail if [email-backup](email-backup.md) is installed -* upload backup if [upload-backup](upload-backup.md) is installed +* send backup via e-mail if [backup-email](backup-email.md) is installed +* upload backup if [backup-upload](backup-upload.md) is installed * schedule reboot at night Requirements and installation @@ -41,8 +41,8 @@ See also -------- * [Notify on RouterOS update](check-routeros-update.md) -* [Send backup via e-mail](email-backup.md) -* [Upload backup to server](upload-backup.md) +* [Send backup via e-mail](backup-email.md) +* [Upload backup to server](backup-upload.md) --- [◀ Go back to main README](../README.md) diff --git a/doc/upload-backup.md b/doc/upload-backup.md index 9566853..83c9991 100644 --- a/doc/upload-backup.md +++ b/doc/upload-backup.md @@ -1,70 +1 @@ -Upload backup to server -======================= - -[◀ Go back to main README](../README.md) - -🛈 This script can not be used on its own but requires the base installation. -See [main README](../README.md) for details. - -Description ------------ - -This script uploads binary backup (`/ system backup save`) and complete -configuration export (`/ export terse`) to external server. - -### Sample notification - -![upload-backup notification](upload-backup.d/notification.svg) - -Requirements and installation ------------------------------ - -Just install the script: - - $ScriptInstallUpdate upload-backup; - -Configuration -------------- - -The configuration goes to `global-config-overlay`, these are the parameters: - -* `BackupSendBinary`: whether to send binary backup -* `BackupSendExport`: whether to send configuration export -* `BackupPassword`: password to encrypt the backup with -* `BackupRandomDelay`: delay up to amount of seconds when run from scheduler -* `BackupUploadUrl`: url to upload to -* `BackupUploadUser`: username for server authentication -* `BackupUploadPass`: password for server authentication - -Also notification settings are required for e-mail, matrix and/or telegram. - -### Issues with SFTP client - -The RouterOS SFTP client is picky if it comes to authentication methods. -I had to disable all but password authentication on server side. For openssh -edit `/etc/ssh/sshd_config` and add a directive like this, changed for your -needs: - - Match User mikrotik - AuthenticationMethods password - -Usage and invocation --------------------- - -Just run the script: - - / system script run upload-backup; - -Creating a scheduler may be an option: - - / system scheduler add interval=1w name=upload-backup on-event="/ system script run upload-backup;" start-time=09:25:00; - -See also --------- - -* [Send backup via e-mail](email-backup.md) -* [Upload backup to Mikrotik cloud](cloud-backup.md) - ---- -[◀ Go back to main README](../README.md) -[▲ Go back to top](#top) +This script has been renamed. Please see [backup-upload](backup-upload.md). diff --git a/email-backup b/email-backup index 1d4099c..2c48f07 100644 --- a/email-backup +++ b/email-backup @@ -1,80 +1,2 @@ #!rsc by RouterOS -# RouterOS script: email-backup -# Copyright (c) 2013-2022 Christian Hesse <mail@eworm.de> -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md -# -# provides: backup-script -# -# create and email backup and config file -# https://git.eworm.de/cgit/routeros-scripts/about/doc/email-backup.md - -:local 0 "email-backup"; -:global GlobalFunctionsReady; -:while ($GlobalFunctionsReady != true) do={ :delay 500ms; } - -:global BackupPassword; -:global BackupRandomDelay; -:global BackupSendBinary; -:global BackupSendExport; -:global Domain; -:global Identity; - -:global CharacterReplace; -:global DeviceInfo; -:global LogPrintExit2; -:global MkDir; -:global RandomDelay; -:global ScriptFromTerminal; -:global SendEMail2; -:global SymbolForNotification; -:global WaitForFile; -:global WaitFullyConnected; - -:if ($BackupSendBinary != true && \ - $BackupSendExport != true) do={ - $LogPrintExit2 error $0 ("Configured to send neither backup nor config export.") true; -} - -$WaitFullyConnected; - -:if ([ $ScriptFromTerminal $0 ] = false && $BackupRandomDelay > 0) do={ - $RandomDelay $BackupRandomDelay; -} - -:if ([ $MkDir $0 ] = false) do={ - $LogPrintExit2 error $0 ("Failed creating directory!") true; -} - -# filename based on identity -:local FileName [ $CharacterReplace ($Identity . "." . $Domain) "." "_" ]; -:local FilePath ($0 . "/" . $FileName); -:local BackupFile "none"; -:local ConfigFile "none"; -:local Attach [ :toarray "" ]; - -# binary backup -:if ($BackupSendBinary = true) do={ - / system backup save encryption=aes-sha256 name=$FilePath password=$BackupPassword; - $WaitForFile ($FilePath . ".backup"); - :set BackupFile ($FileName . ".backup"); - :set Attach ($Attach, ($FilePath . ".backup")); -} - -# create configuration export -:if ($BackupSendExport = true) do={ - / export terse file=$FilePath; - $WaitForFile ($FilePath . ".rsc"); - :set ConfigFile ($FileName . ".rsc"); - :set Attach ($Attach, ($FilePath . ".rsc")); -} - -# send email with status and files -$SendEMail2 ({ origin=$0; \ - subject=([ $SymbolForNotification "floppy-disk,incoming-envelope" ] . \ - "Backup & Config"); \ - message=("See attached files for backup and config export for " . \ - $Identity . ".\n\n" . \ - [ $DeviceInfo ] . "\n\n" . \ - "Backup file: " . $BackupFile . "\n" . \ - "Config file: " . $ConfigFile); \ - attach=$Attach; remove-attach=true }); +# dummy for migration diff --git a/global-config b/global-config index cd8ba58..feccf55 100644 --- a/global-config +++ b/global-config @@ -8,7 +8,7 @@ # Make sure all configuration properties are up to date and this # value is in sync with value in script 'global-functions'! -:global GlobalConfigVersion 72; +:global GlobalConfigVersion 73; # This is used for DNS and backup file. :global Domain "example.com"; @@ -49,7 +49,7 @@ # variable name, like this: #:global EmailGeneralToOverride { # "check-certificates"="override@example.com"; -# "email-backup"="backup@example.com"; +# "backup-email"="backup@example.com"; #} # Toggle this to disable symbols in notifications. diff --git a/global-config-overlay b/global-config-overlay index f94d082..89b74e4 100644 --- a/global-config-overlay +++ b/global-config-overlay @@ -8,7 +8,7 @@ # Make sure all configuration properties are up to date and this # value is in sync with value in script 'global-functions'! # Comment or remove to disable news and change notifications. -:global GlobalConfigVersion 72; +:global GlobalConfigVersion 73; # Copy configuration from global-config here and modify it. diff --git a/global-config.changes b/global-config.changes index 00c31fc..0325ac5 100644 --- a/global-config.changes +++ b/global-config.changes @@ -76,6 +76,7 @@ 70="MikroTik started pushing RouterOS v7. Changes are required if you run it, see https://git.eworm.de/cgit/routeros-scripts/about/#changes-for-routeros-v7"; 71="MikroTik is pushing RouterOS v7 even more, in parallel branches. If you want to keep RouterOS v6 for some time see https://git.eworm.de/cgit/routeros-scripts/about/#changes-for-routeros-v6"; 72="Introduced new script 'netwatch-dns' to manage DNS and DoH servers from netwatch."; + 73="Renamed backup scripts ('cloud-backup' -> 'backup-cloud', 'email-backup' -> 'backup-email', 'upload-backup' -> 'backup-upload')."; }; # Migration steps to be applied on script updates @@ -87,4 +88,5 @@ 61="/ system script remove [ find where name~\"^(early-errors|mode-button-(event|scheduler)|script-updates)\\\$\" source~\"^#!rsc by RouterOS\\n\" ];"; 66=":global ScriptInstallUpdate; :if ([ :len [ / system script find where name=\"bridge-port-to-default\" ] ] > 0) do={ / system script remove [ find where name~\"^bridge-port-to(-default|ggle)\\\$\" ]; \$ScriptInstallUpdate mod/bridge-port-to; }"; 67=":global ScriptInstallUpdate; :global CharacterReplace; :foreach Script in=[ / system script find where name~\"^global-functions.d/\" ] do={ / system script set name=[ \$CharacterReplace [ / system script get \$Script name ] \"global-functions.d/\" \"mod/\" ] \$Script; }; \$ScriptInstallUpdate;"; + 73=":global ScriptInstallUpdate; :global CharacterReplace; :foreach Old,New in={ \"cloud-backup\"=\"backup-cloud\"; \"email-backup\"=\"backup-email\"; \"upload-backup\"=\"backup-upload\" } do={ / system script set name=\$New [ find where name=\$Old ]; :foreach Scheduler in=[ / system scheduler find where on-event~\$Old ] do={ / system scheduler set \$Scheduler name=[ \$CharacterReplace [ get \$Scheduler name ] \$Old \$New ] on-event=[ \$CharacterReplace [ get \$Scheduler on-event ] \$Old \$New ]; }; }; \$ScriptInstallUpdate;"; }; diff --git a/global-functions b/global-functions index de1aec6..a6f31c8 100644 --- a/global-functions +++ b/global-functions @@ -8,7 +8,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/ # expected configuration version -:global ExpectedConfigVersion 72; +:global ExpectedConfigVersion 73; # global variables not to be changed by user :global GlobalFunctionsReady false; diff --git a/upload-backup b/upload-backup index f243ef0..2c48f07 100644 --- a/upload-backup +++ b/upload-backup @@ -1,106 +1,2 @@ #!rsc by RouterOS -# RouterOS script: upload-backup -# Copyright (c) 2013-2022 Christian Hesse <mail@eworm.de> -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md -# -# provides: backup-script -# -# create and upload backup and config file -# https://git.eworm.de/cgit/routeros-scripts/about/doc/upload-backup.md - -:local 0 "upload-backup"; -:global GlobalFunctionsReady; -:while ($GlobalFunctionsReady != true) do={ :delay 500ms; } - -:global BackupPassword; -:global BackupRandomDelay; -:global BackupSendBinary; -:global BackupSendExport; -:global BackupUploadPass; -:global BackupUploadUrl; -:global BackupUploadUser; -:global Domain; -:global Identity; - -:global CharacterReplace; -:global DeviceInfo; -:global IfThenElse; -:global LogPrintExit2; -:global MkDir; -:global RandomDelay; -:global ScriptFromTerminal; -:global SendNotification2; -:global SymbolForNotification; -:global WaitForFile; -:global WaitFullyConnected; - -:if ($BackupSendBinary != true && \ - $BackupSendExport != true) do={ - $LogPrintExit2 error $0 ("Configured to send neither backup nor config export.") true; -} - -$WaitFullyConnected; - -:if ([ $ScriptFromTerminal $0 ] = false && $BackupRandomDelay > 0) do={ - $RandomDelay $BackupRandomDelay; -} - -:if ([ $MkDir $0 ] = false) do={ - $LogPrintExit2 error $0 ("Failed creating directory!") true; -} - -# filename based on identity -:local FileName [ $CharacterReplace ($Identity . "." . $Domain) "." "_" ]; -:local FilePath ($0 . "/" . $FileName); -:local BackupFile "none"; -:local ConfigFile "none"; -:local Failed 0; - -# binary backup -:if ($BackupSendBinary = true) do={ - / system backup save encryption=aes-sha256 name=$FilePath password=$BackupPassword; - $WaitForFile ($FilePath . ".backup"); - - :do { - / tool fetch upload=yes url=($BackupUploadUrl . "/" . $FileName . ".backup") \ - user=$BackupUploadUser password=$BackupUploadPass src-path=($FilePath . ".backup"); - :set BackupFile ($FileName . ".backup"); - } on-error={ - $LogPrintExit2 error $0 ("Uploading backup file failed!") false; - :set BackupFile "failed"; - :set Failed 1; - } - - / file remove ($FilePath . ".backup"); -} - -# create configuration export -:if ($BackupSendExport = true) do={ - / export terse file=$FilePath; - $WaitForFile ($FilePath . ".rsc"); - - :do { - / tool fetch upload=yes url=($BackupUploadUrl . "/" . $FileName . ".rsc") \ - user=$BackupUploadUser password=$BackupUploadPass src-path=($FilePath . ".rsc"); - :set ConfigFile ($FileName . ".rsc"); - } on-error={ - $LogPrintExit2 error $0 ("Uploading configuration export failed!") false; - :set ConfigFile "failed"; - :set Failed 1; - } - - / file remove ($FilePath . ".rsc"); -} - -$SendNotification2 ({ origin=$0; \ - subject=[ $IfThenElse ($Failed > 0) \ - ([ $SymbolForNotification "warning-sign" ] . "Backup & Config upload with failure") \ - ([ $SymbolForNotification "floppy-disk,up-arrow" ] . "Backup & Config upload") ]; \ - message=("Backup and config export upload for " . $Identity . ".\n\n" . \ - [ $DeviceInfo ] . "\n\n" . \ - "Backup file: " . $BackupFile . "\n" . \ - "Config file: " . $ConfigFile); silent=true }); - -:if ($Failed = 1) do={ - :error "An error occured!"; -} +# dummy for migration |