diff options
-rw-r--r-- | check-routeros-update | 19 | ||||
-rw-r--r-- | global-config | 5 |
2 files changed, 20 insertions, 4 deletions
diff --git a/check-routeros-update b/check-routeros-update index bcbe742..4810368 100644 --- a/check-routeros-update +++ b/check-routeros-update @@ -7,6 +7,7 @@ :global "identity"; :global "email-general-to"; :global "email-general-cc"; +:global "safe-update-url"; :global "sent-routeros-update-notification"; :if ([ :len [ / system package find where name="wireless" disabled=no ] ] > 0) do={ @@ -20,15 +21,25 @@ :local installedversion [ / system package update get installed-version ]; :local latestversion [ / system package update get latest-version ]; -:if ($"sent-routeros-update-notification" = $latestversion) do={ - :error ("Already sent the RouterOS update notification for version" . $latestversion . "."); -} - :if ($installedversion != $latestversion) do={ :local channel [ / system package update get channel ]; :local model [ / system routerboard get model ]; :local serialnumber [ / system routerboard get serial-number ]; + :if ([ :len $"safe-update-url" ] > 0) do={ + :local result [ / tool fetch check-certificate=yes-without-crl \ + ($"safe-update-url" . $channel) output=user as-value ]; + :if ($result->"status" = "finished" && $result->"data" = $latestversion) do={ + :log info ("Version " . $latestversion . " is assumed safe, updating..."); + / system package update install; + :error "Waiting for system to reboot."; + } + } + + :if ($"sent-routeros-update-notification" = $latestversion) do={ + :error ("Already sent the RouterOS update notification for version" . $latestversion . "."); + } + / tool e-mail send to=$"email-general-to" cc=$"email-general-cc" \ subject=("[" . $identity . "] RouterOS update notification") \ body=("There is a RouterOS update available\n\n" . \ diff --git a/global-config b/global-config index 756251b..ae7f73a 100644 --- a/global-config +++ b/global-config @@ -21,6 +21,11 @@ :global "backup-send-export" true; :global "backup-password" "v3ry-s3cr3t"; +# Specify an address to enable auto update to version assumed safe. +# The configured channel (bugfix, current, release-candidate) is appended. +:global "safe-update-url" ""; +#:global "safe-update-url" "https://example.com/ros/safe-update/"; + # This is used to update AAAA records and firewall address-list. :global "ipv6-interface" "br-local"; :global "ipv6-pool" "telekom"; |