aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2024-01-30netwatch-dns: use :jobname to get script nameGravatar Christian Hesse1-1/+3
2024-01-30mode-button: use :jobname to get script nameGravatar Christian Hesse1-1/+3
2024-01-30log-forward: use :jobname to get script nameGravatar Christian Hesse1-1/+3
2024-01-30lease-script: use :jobname to get script nameGravatar Christian Hesse1-1/+3
2024-01-30ipv6-update: use :jobname to get script nameGravatar Christian Hesse1-1/+3
2024-01-30ipsec-to-dns: use :jobname to get script nameGravatar Christian Hesse1-1/+3
2024-01-30hotspot-to-wpa-cleanup: use :jobname to get script nameGravatar Christian Hesse4-6/+5
2024-01-30hotspot-to-wpa: use :jobname to get script nameGravatar Christian Hesse4-4/+12
2024-01-30gps-track: use :jobname to get script nameGravatar Christian Hesse1-1/+3
2024-01-30global-wait: use :jobname to get script nameGravatar Christian Hesse1-1/+3
2024-01-30global-functions: use :jobname to get script nameGravatar Christian Hesse1-1/+1
2024-01-30fw-addr-lists: use :jobname to get script nameGravatar Christian Hesse1-1/+3
2024-01-30firmware-upgrade-reboot: use :jobname to get script nameGravatar Christian Hesse1-1/+3
2024-01-30dhcp-to-dns: use :jobname to get script nameGravatar Christian Hesse1-1/+2
2024-01-30dhcp-lease-comment: use :jobname to get script nameGravatar Christian Hesse5-5/+10
2024-01-30daily-psk.capsman: use :jobname to get script nameGravatar Christian Hesse5-5/+15
2024-01-30collect-wireless-mac: use :jobname to get script nameGravatar Christian Hesse5-5/+10
2024-01-30check-routeros-update: use :jobname to get script nameGravatar Christian Hesse1-1/+3
2024-01-30check-lte-firmware-upgrade: use :jobname to get script nameGravatar Christian Hesse1-1/+3
2024-01-30check-health: use :jobname to get script nameGravatar Christian Hesse1-1/+3
2024-01-30check-certificates: use :jobname to get script nameGravatar Christian Hesse1-1/+3
2024-01-30certificate-renew-issued: use :jobname to get script nameGravatar Christian Hesse1-1/+3
2024-01-30capsman-rolling-upgrade: use :jobname to get script nameGravatar Christian Hesse4-4/+8
2024-01-30capsman-download-packages: use :jobname to get script nameGravatar Christian Hesse4-4/+12
2024-01-30backup-upload: use :jobname to get script nameGravatar Christian Hesse1-1/+2
2024-01-30backup-partition: use :jobname to get script nameGravatar Christian Hesse1-1/+2
2024-01-30backup-email: use :jobname to get script nameGravatar Christian Hesse1-1/+2
2024-01-30backup-cloud: use :jobname to get script nameGravatar Christian Hesse1-1/+2
2024-01-30accesslist-duplicates: use :jobname to get script nameGravatar Christian Hesse5-5/+5
2024-01-30Merge branch 'bump' into nextrouteros-7.12-2Gravatar Christian Hesse11-13/+9
2024-01-30mod/ssh-keys-import: bump RouterOS version dependencyGravatar Christian Hesse2-3/+1
2024-01-30accesslist-duplicates: bump RouterOS version dependencyGravatar Christian Hesse6-7/+5
2024-01-30hotspot-to-wpa-cleanup: bump RouterOS version dependencyGravatar Christian Hesse3-3/+3
2024-01-30mod/notification-email: drop support for old property nameGravatar Christian Hesse1-2/+4
2024-01-30README: note on required hardware and limitations by storageGravatar Christian Hesse1-0/+8
2024-01-30README: make required software a paragraphGravatar Christian Hesse1-0/+2
2024-01-30send a warning on storage sizechange-118Gravatar Christian Hesse2-1/+7
2024-01-30packages-update: support deferred reboot on auto-updatechange-117Gravatar Christian Hesse5-1/+24
Closes #56
2024-01-30packages-update: schedule from local functionGravatar Christian Hesse1-8/+12
2024-01-30telegram-chat: add (and increase) random delay on errorGravatar Christian Hesse1-0/+11
Chances are that two devices schedule the script (nearly) simultaneously. Causing a lot of failures from fetch. Instead of forcing a retry on *every* invocating we add (and increase) a random delay, that is slowly decreasd on success. This should minimize failures...
2024-01-30telegram-chat: fix concatenation (and retry with delay)Gravatar Christian Hesse1-1/+1
Ups... 😳
2024-01-30global-functions: $RandomDelay: always scale to ms...routeros-7.12-1Gravatar Christian Hesse2-3/+4
... to randomize in friction of unit. This requires :tonsec from RouterOS 7.12.
2024-01-29global-functions: $RandomDelay: allow zero time, return immediatelyGravatar Christian Hesse1-0/+4
2024-01-29global-functions: $RandomDelay: name the parametersGravatar Christian Hesse1-1/+4
2024-01-25update list of contributorsGravatar Christian Hesse1-0/+1
2024-01-25INITIAL-COMMANDS: fix existing installationGravatar Christian Hesse1-0/+7
2024-01-24doc/check-certificates: initial certificate importGravatar Christian Hesse1-0/+10
2024-01-24doc/check-certificates: add paragraphGravatar Christian Hesse1-0/+2
2024-01-24check-certificates: unbreak certificate downloadGravatar Christian Hesse1-1/+1
This was borked with a2749b276003a90b95b9723e287542be56c0d0c1. 😳
2024-01-24INITIAL-COMMANDS: ... but rename the configuration overlay!Gravatar Christian Hesse1-0/+1
This should not ultimately destroy user's configuration.
2024-01-24INITIAL-COMMANDS: remove before adding...Gravatar Christian Hesse1-0/+2
... to make sure it does not fail on (partly) installed scripts. This should work to fix borked base installation now.
2024-01-22mod/notification-telegram: apply url encoding when sendingGravatar Christian Hesse1-5/+5
2024-01-22mod/notification-matrix: drop declaration of unused functionGravatar Christian Hesse1-1/+0
2024-01-20global-functions: $SymbolByUnicodeName: log warning on missing nameGravatar Christian Hesse1-0/+7
2024-01-20global-functions: $SymbolByUnicodeName: name the parameterGravatar Christian Hesse1-1/+3
2024-01-19backup-upload: fix the upload symbol...Gravatar Christian Hesse1-1/+1
... which broke with commit 080bef89a934980271a50eed25a494a0bc33d007.
2024-01-19fw-addr-lists: use prepared user-agent string with fetchGravatar Christian Hesse1-1/+2
2024-01-19check-certificates: use prepared user-agent string with fetchGravatar Christian Hesse1-1/+2
2024-01-18netwatch-dns: be move verbose on time to settleGravatar Christian Hesse1-2/+3
2024-01-18global-functions: log successful loadingGravatar Christian Hesse1-0/+5
2024-01-18sms-forward: log warning just onceGravatar Christian Hesse1-1/+2
2024-01-18global-functions: $LogPrintOnce: support exitGravatar Christian Hesse3-4/+5
2024-01-18doc/hotspot-to-wpa: reference as WPA only...Gravatar Christian Hesse3-8/+8
... as this works with WPA3 as well. 😜
2024-01-17doc/hotspot-to-wpa: fix property nameGravatar Christian Hesse1-5/+5
2024-01-16global-functions: $HexToNum: use :tonumGravatar Christian Hesse1-7/+5
2024-01-16INITIAL-COMMANDS: set script owner on initial creationGravatar Christian Hesse1-1/+1
2024-01-16README: set script owner on initial creationGravatar Christian Hesse1-1/+1
2024-01-15netwatch-dns: check DoH server with fetchGravatar Christian Hesse1-15/+25
This way we do not have to configure possibly non-functional servers to check. The query is for doh-check.eworm.de of type TXT, the expected answer is 'doh-check-OK'. % dig TXT doh-check.eworm.de +https @1.1.1.1 ; <<>> DiG 9.18.21 <<>> TXT doh-check.eworm.de +https @1.1.1.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42226 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ;; QUESTION SECTION: ;doh-check.eworm.de. IN TXT ;; ANSWER SECTION: doh-check.eworm.de. 63791 IN TXT "doh-check-OK" ;; Query time: 16 msec ;; SERVER: 1.1.1.1#443(1.1.1.1) (HTTPS) ;; WHEN: Mon Jan 15 13:55:36 CET 2024 ;; MSG SIZE rcvd: 72
2024-01-11netwatch-dns: check DoH server functionality...Gravatar Christian Hesse1-21/+31
... and try all servers one after another.
2024-01-11netwatch-dns: enable DoH certificate verification...Gravatar Christian Hesse1-1/+3
... if a certificate is named in configuration.
2024-01-09doc/netwatch-dns: use new certificate for CloudflareGravatar Christian Hesse1-1/+1
2024-01-09certs: add new DigiCert certificates...Gravatar Christian Hesse1-0/+182
... used by Cloudflare.
2024-01-08global-functions: $CertificateDownload: move delay upGravatar Christian Hesse1-1/+1
We still had cases where fetch misbehaves... But this was permanent. Perhaps we should not touch the certificate too early...
2024-01-07check-lte-firmware-upgrade: unbreak terminal detectionoGravatar Christian Hesse1-4/+5
This broke with commit 50d7e1fa41b8f8a6a1379de5521798346fd1ae9f... 🫣
2024-01-05check-lte-firmware-upgrade: fail on empty version stringGravatar Christian Hesse1-0/+5
2024-01-01update copyright for 2024Gravatar Christian Hesse85-85/+85
2023-12-22global-functions: $GetMacVendor: get new certificateGravatar Christian Hesse2-1/+239
The service now uses: GTS CA 1P5 -> GTS Root R1
2023-12-21mod/ssh-keys-import: unbreak import from fileGravatar Christian Hesse1-1/+1
Looks like this broke in c3045f372350bd8dd0a8f10efb8a4b938e896145 where a non-existent variable name was used.
2023-12-20capsman-download-packages: avaiable packages only...Gravatar Christian Hesse3-3/+7
... as things became more complicated with 'wifi-qcom*'.
2023-12-20capsman-download-packages: use default set for legacy capsman...Gravatar Christian Hesse3-55/+16
... as well - now that 'wireless' package has been split from 'routeros' guessing kind of broke. It required several attempts and intermittent errors in logs to get things right.
2023-12-14doc/mode-button: document required type of ledGravatar Christian Hesse1-1/+1
2023-12-13fw-addr-lists: warn on possible truncationGravatar Christian Hesse1-0/+5
... as fetch truncates data at about 64kB, reported in SUP-132297.
2023-12-05doc/capsman-download-packages: mention package-pathGravatar Christian Hesse1-1/+5
2023-12-05mention the donation hint...change-116Gravatar Christian Hesse2-1/+8
2023-12-05celebrating ✨⭐ 1.000 stars ⭐✨ on Github!change-115Gravatar Christian Hesse2-1/+4
2023-12-05mod/notification-email: $NotificationFunctions->"email": support hook for ↵Gravatar Christian Hesse1-1/+2
signature You can compose your own signature by creating a function: :global NotificationEMailSignature do={ :global EitherOr; :local RouterBoard [ /system/routerboard/get ]; :return ( \ [ $EitherOr ($RouterBoard->"board-name") ($RouterBoard->"model") ] . " s/n " . $RouterBoard->"serial-number" . " | " . \ "RouterOS " . [ /system/package/update/get installed-version ] . " | " . \ "IP " . [ /ip/cloud/get public-address ]); }
2023-12-05check-certificates: properly renew from templateGravatar Christian Hesse1-1/+1
2023-12-05check-certificates: improve wordingGravatar Christian Hesse1-3/+2
2023-12-04check-certificates: add workaround for broken certificates...Gravatar Christian Hesse1-2/+4
... where the issuer array is borked. Or is this a RouterOS issue? [eworm@carpo] > $InspectVar [ $ParseKeyValueStore [ /certificate/get ISRG-Root-X2 issuer ] ] -type-> array -key-> C -type-> str -value-> US,O=Internet Security Research Group,CN=ISRG Root X2 A good certificate looks like this: [eworm@carpo] > $InspectVar [ $ParseKeyValueStore [ /certificate/get [ find where name~"eworm.net" ] issuer ] ] -type-> array -key-> C -type-> str -value-> US -key-> CN -type-> str -value-> E1 -key-> O -type-> str -value-> Let's Encrypt
2023-12-04check-certificates: prevent infinte loopGravatar Christian Hesse1-1/+2
2023-12-04check-certificates: give full certificate chainGravatar Christian Hesse1-7/+28
2023-12-04check-certificates: fix typo and syntaxGravatar Christian Hesse1-2/+2
2023-12-04mod/notification-email: $QuotedPrintable: also encode question markGravatar Christian Hesse1-1/+1
Following the RFC it is not required, but looks like Thunderbird has an issue here... https://datatracker.ietf.org/doc/html/rfc2045#section-6.7
2023-12-04mod/notification-email: $QuotedPrintable: minor reworkGravatar Christian Hesse1-10/+11
We have to encode all characters from 0x00 to 0x1f as well... Also the equal sign is nothing special here, just adding to list.
2023-12-04global-functions: $FormatLine: use $CharacterMultiplyGravatar Christian Hesse1-1/+3
2023-12-04global-functions: $AlignRight: use $CharacterMultiplyGravatar Christian Hesse1-1/+2
2023-12-04global-functions: introduce $CharacterMultiplyGravatar Christian Hesse1-0/+10
2023-12-04global-functions: $DeviceInfo: add SNMP location and contactGravatar Christian Hesse1-1/+6
2023-11-30fw-addr-lists: support timeout per listGravatar Christian Hesse2-7/+9
This works with something like this: :global FwAddrLists { "allow"={ { url="https://eworm.de/ros/fw-addr-lists/allow"; cert="E1"; timeout=1w }; }; ... } All urls for one named list should have the same timeout! With different timeout values and identical addresses the behavior is besically undefined, depending on order.
2023-11-30global-functions: introduce $MINGravatar Christian Hesse1-0/+7