Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2024-06-21 | certs: R3 / R10 -> ISRG Root X1 | 6 | -471/+41 | ||
2024-06-21 | certs: E1 / E5 -> ISRG Root X2 | 10 | -263/+38 | ||
In the beginning of Let's Encrypt their root certificate ISRG Root X1 was not widely trusted, at least some older and/or mobile platforms were missing that certificate in their root certificate store. At that time Let's Encrypt was using an alternative chain of trust, where a certificate was cross-signed with DST Root CA X3. To make sure a valid chain of trust is available under all circumstances a set of all certificates had to be supplied: both root vertificates ISRG Root X1 & DST Root CA X3, and an intermediate certificate. This was still true after DST Root CA X3 expired, as it could still be used as a root anchor and was shipped by Let's Encrypt when requested. 🤪 This time is finally over, and we have a clean chain for trust ending in ISRG Root X1 (or ISRG Root X2). Well, actually it is the other way round... Let's Encrypt signs with different tantamount intermediate certificates. There is not only E5, but also E6 - and we can not know beforehand which one is used on renew. So let's jetzt drop the intermediate certificates now, and rely on root certificates only. We are perfectly fine with this these days. Follow-up commits will do the same for *all* certificates. The certificate is downloaded with: curl -d '["ISRG Root X2"]' https://mkcert.org/generate/ | grep -v '^$' > certs/ISRG-Root-X2.pem | |||||
2024-06-20 | doc/mod/notification-matrix: drop certificate hint... | 1 | -3/+0 | ||
... as matrix.org switched to Let's Encrypt with ISRG Root X2. | |||||
2024-06-19 | Let's Encrypt changed their intermediate certificates | 8 | -16/+366 | ||
https://letsencrypt.org/2024/03/19/new-intermediate-certificates https://letsencrypt.org/certificates/ But let's keep the old ones around for now, as some sites are still using the old intermediate. | |||||
2024-06-11 | unattended-lte-firmware-upgrade: check on valid version first | 1 | -1/+2 | ||
2024-06-11 | unattended-lte-firmware-upgrade: drop the AT reset | 1 | -2/+1 | ||
The AT command to reset is specific to modem. So this worked for some only... Let's just drop it, and update the log message. | |||||
2024-06-11 | unattended-lte-firmware-upgrade: omit just another once | 1 | -1/+1 | ||
2024-06-10 | backup-cloud: remove trailing spaces | 1 | -1/+1 | ||
How did I produce these!? 😳 | |||||
2024-06-10 | unattended-lte-firmware-upgrade: omit once | 1 | -1/+1 | ||
Omit `once` from the `/interface/lte/firmware-upgrade` command to make sure it does acutally return a valid result. Fixes #69 | |||||
2024-06-10 | check-lte-firmware-upgrade: omit once | 1 | -1/+1 | ||
Omit `once` from the `/interface/lte/firmware-upgrade` command to make sure it does acutally return a valid result. | |||||
2024-06-05 | backup-cloud: log note on previous connection errors | 1 | -0/+4 | ||
2024-06-01 | global-functions: $CleanName: no exception for dash... | 1 | -1/+1 | ||
... as we still want to deduplicate it when it is inside the input string. This also unbreak certificate import for "Go Daddy Secure Certificate Authority - G2" (and more)... | |||||
2024-05-25 | telegram-chat: drop extra parenthesis | 1 | -3/+3 | ||
2024-05-24 | telegram-chat: convert the message (command) to string | 1 | -10/+11 | ||
RouterOS 7.15beta4 fixed a bug in JSON parser: *) console - do not convert string to array in ":deserialize" command; Before that change commands with a comma caused very crazy issues. Let's convert the message to a string. This does not give exactly the expected result, but mitigates telegram-chat to explode. A command like... /ip/address/print proplist=address,network; ... is converted to... /ip/address/print proplist=address;network; ... and results in: Columns: ADDRESS # ADDRESS 0 10.0.0.1/24 1 127.0.0.1/8 bad command name network (line 1 column 36) | |||||
2024-05-23 | Merge branch 'backup-partition' into next | 5 | -4/+66 | ||
2024-05-23 | backup-partition: news on support for copy-overchange-129 | 2 | -1/+2 | ||
2024-05-23 | doc/backup-upload: fix link for backup-partition | 1 | -1/+1 | ||
2024-05-23 | backup-partition: support copy before feature update | 3 | -3/+30 | ||
2024-05-23 | doc/backup-email: fix link for backup-partition | 1 | -1/+1 | ||
2024-05-23 | backup-partition: move code to a local function | 1 | -5/+17 | ||
2024-05-23 | doc/backup-cloud: fix link for backup-partition | 1 | -1/+1 | ||
2024-05-23 | backup-partition: support RouterOS copy-over... | 2 | -3/+25 | ||
... when run interactively from CLI. | |||||
2024-05-15 | daily-psk: quote ssid and passphrase | 4 | -4/+4 | ||
2024-05-15 | daily-psk: decrease indention in notification | 4 | -12/+12 | ||
2024-05-15 | daily-psk: adopt syntax changesrouteros-7.15beta8-1 | 4 | -2/+6 | ||
RouterOS 7.15beta8 came with this change: *) wifi - show inherited properties with "print" command (replaces "actual-configuration") and added "print config" for showing only configured values; While the old code is bad syntax with RouterOS 7.15, the new code is valid for older RouterOS, but produces different (and more or less unexpected) results. 🥴 Let's use the new code, and add a check on the RouterOS version. With old RouterOS this now sends the notification even if the interface is disabled. | |||||
2024-05-15 | global-functions: $IsTimeSync: initialize with uptime... | 1 | -2/+2 | ||
... to make sure the warning is not issued too early. | |||||
2024-05-14 | fw-addr-lists: add 'strongips' list from blocklist.dechange-128 | 5 | -3/+182 | ||
2024-05-08 | global-functions: $IsTimeSync: add (one time) warning on failed ntp sync | 1 | -0/+1 | ||
2024-05-08 | global-functions: $IsTimeSync: log just once | 1 | -3/+3 | ||
2024-04-29 | global-functions: $WaitForFile: drop extra conversion | 1 | -1/+1 | ||
2024-04-29 | global-functions: $WaitForFile: respect minimum delay | 1 | -1/+2 | ||
2024-04-29 | global-functions: $WaitForFile: use fewer steps | 1 | -2/+2 | ||
2024-04-29 | telegram-chat: shorten the message | 1 | -1/+1 | ||
2024-04-29 | mod/notification-telegram: format percentage italic | 1 | -2/+2 | ||
2024-04-29 | mod/notification-telegram: format date & time italic | 1 | -2/+2 | ||
2024-04-29 | mod/notification-telegram: support excluding characters from escaping... | 1 | -1/+4 | ||
... to support formatting in plain text. Handle with care, this can break the request if done wrong! | |||||
2024-04-29 | mod/notification-telegram: use proper variable naming... | 1 | -7/+9 | ||
... in local escaping function. | |||||
2024-04-29 | mod/notification-telegram: capitalize Telegram in message | 1 | -1/+1 | ||
2024-04-29 | mod/notification-matrix: format date & time italic | 1 | -5/+6 | ||
2024-04-29 | global-functions: $CleanName: do not start with a dash | 1 | -4/+12 | ||
2024-04-29 | mod/ssh-keys-import: remove temporary directory | 1 | -0/+2 | ||
2024-04-29 | mod/ssh-keys-import: create directory later | 1 | -5/+5 | ||
2024-04-29 | global-functions: $FetchHuge: remove temporary directory | 1 | -4/+5 | ||
2024-04-29 | backup-cloud: retry on error... | 1 | -12/+16 | ||
Let's see if brute force helps. 🤪 | |||||
2024-04-29 | backup-cloud: clean up and simplify code | 1 | -6/+4 | ||
2024-04-29 | backup-cloud: no early exit... | 1 | -1/+0 | ||
... as we want to make sure the directory (and its content) is removed. | |||||
2024-04-29 | backup-upload: no early exit... | 1 | -1/+0 | ||
2024-04-23 | backup-upload: remove temporary directory | 1 | -0/+1 | ||
2024-04-23 | netwatch-notify: log to debug... | 1 | -2/+3 | ||
... instead of discarding the message completely. | |||||
2024-04-19 | README: show fingerprints in output | 2 | -1/+1 | ||
This is not scrictly necessary, as we filter by fingerprint already... But it gives better overview and feeling. | |||||
2024-04-19 | README: remove left over certificate file | 1 | -1/+2 | ||
But use find as RouterOS 7.15rc1 removes it automatically. | |||||
2024-04-19 | INITIAL-COMMANDS: remove the certificate file with findrouteros-7.15rc1-2 | 1 | -1/+1 | ||
Required as RouterOS 7.15rc1 removes it automatically. | |||||
2024-04-19 | global-functions: $CertificateDownload: remove with find...routeros-7.15rc1-1 | 1 | -1/+1 | ||
... to make sure this does not break when the file does no longer exist. Starting with RouterOS 7.15rc1 the file is automatically removed on import. | |||||
2024-04-19 | netwatch-notify: allow to suppress resolve failure | 2 | -1/+10 | ||
2024-04-19 | mod/notification-telegram: string protocol for display | 1 | -2/+5 | ||
2024-04-19 | mod/notification-matrix: string protocol for display | 1 | -2/+4 | ||
2024-04-19 | global-functions: introduce $ProtocolStrip | 1 | -0/+12 | ||
2024-04-18 | mod/notification-matrix: ... and more double escaping | 1 | -2/+2 | ||
2024-04-18 | mod/notification-matrix: fix double escaping | 1 | -17/+11 | ||
That was introduced with 2a232ad2f5eef4b60c97306ef731bc5883bf5cfb when switching to :serialize... | |||||
2024-04-15 | certificate-renew-issued: use single quotes | 1 | -3/+3 | ||
2024-04-15 | global-functions: $CertificateDownload: use single quotes | 1 | -2/+2 | ||
2024-04-15 | global-functions: $CertificateAvailable: use single quotes | 1 | -3/+3 | ||
2024-04-15 | gps-track: use custom user agent string | 1 | -3/+4 | ||
2024-04-15 | gps-track: generate JSON with :serializerouteros-7.13-8 | 1 | -5/+2 | ||
2024-04-15 | mod/notification-matrix: generate JSON with :serializerouteros-7.13-7 | 1 | -13/+11 | ||
2024-04-15 | mod/notification-matrix: use custom user agent string | 1 | -7/+15 | ||
2024-04-15 | mod/notification-ntfy: use custom user agent string | 1 | -1/+3 | ||
2024-04-15 | mod/notification-ntfy: support basic authchange-127 | 5 | -4/+20 | ||
Closes #59 | |||||
2024-04-11 | global-functions: $ScriptFromTerminal: check multiple invocations... | 1 | -1/+6 | ||
... and return false. We can not tell which job is us... So better safe than sorry. | |||||
2024-04-11 | global-functions: $ScriptLock: break long lines | 1 | -2/+5 | ||
2024-04-11 | global-functions: $ScriptLock: degrade message to debug | 1 | -2/+2 | ||
2024-04-10 | mod/notification-telegram: $SendTelegram: set origin | 1 | -1/+1 | ||
2024-04-10 | mod/notification-ntfy: $SendNtfy: set origin | 1 | -1/+1 | ||
2024-04-10 | mod/notification-matrix: $SendMatrix: set origin | 1 | -1/+1 | ||
2024-04-10 | mod/notification-email: $SendEMail: set origin | 1 | -1/+1 | ||
2024-04-10 | global-functions: $SendNotification: set origin | 1 | -1/+1 | ||
2024-04-07 | global-functions: $HumanReadableNum: indicate binary base... | 4 | -7/+11 | ||
... and update scripts to match the change. | |||||
2024-04-07 | global-functions: drop $LogPrintExit2 | 1 | -22/+0 | ||
2024-04-07 | bump RouterOS requirement for all scripts and modules...routeros-7.13-6 | 110 | -104/+116 | ||
... now that global-functions requires RouterOS 7.13 anyway. | |||||
2024-04-07 | Merge branch 'fw-addr-lists' into next | 2 | -37/+65 | ||
2024-04-07 | fw-addr-lists: break long lines | 1 | -4/+8 | ||
2024-04-07 | fw-addr-lists: show count of active addresses | 1 | -0/+1 | ||
2024-04-07 | fw-addr-lists: human readable numbers for counts | 1 | -2/+4 | ||
2024-04-07 | fw-addr-lists: rework log messages, always include list name | 1 | -13/+26 | ||
2024-04-07 | fw-addr-lists: add debug message on successful download | 1 | -0/+3 | ||
2024-04-07 | fw-addr-lists: try with less regexp matches | 1 | -8/+15 | ||
2024-04-07 | fw-addr-lists: use $FetchHugerouteros-7.13-5 | 2 | -13/+11 | ||
2024-04-06 | Merge branch 'FetchHuge' into next | 2 | -2/+49 | ||
2024-04-06 | global-functions: $FetchHuge: remove file on failed download | 1 | -0/+3 | ||
2024-04-06 | global-functions: $FetchHuge: make sure to work with clean file names | 1 | -3/+4 | ||
2024-04-06 | global-functions: $FetchHuge: control check-certificate with parameter | 1 | -3/+7 | ||
2024-04-06 | global-functions: $FetchHuge: use custom user agent string | 1 | -1/+3 | ||
2024-04-06 | global-functions: introduce $FetchHugerouteros-7.13-4 | 2 | -2/+39 | ||
2024-04-04 | README: update screenshot on lease script setup | 1 | -0/+0 | ||
2024-04-04 | update list of contributors | 1 | -0/+1 | ||
2024-04-04 | README: add start-time & change interval in scheduler example | 2 | -2/+2 | ||
Set the interval to once a day, Instead of every 1 hour. Add start-time to start-up. Thereby introducing randomization based on when the user last rebooted there device. As the interval is counted based on last boot time. | |||||
2024-04-04 | update list of contributors | 1 | -0/+1 | ||
2024-04-02 | mod/notification-matrix: add new configuration snippet... | 4 | -8/+14 | ||
... instead of appending to global-config-overlay. | |||||
2024-04-02 | Merge branch 'deserialize' into nextrouteros-7.13-3 | 6 | -78/+16 | ||
2024-04-02 | global-functions: drop $ParseJson | 1 | -61/+0 | ||