Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
3 hours | README: use :tocrlf to convert global-config-overlay | 1 | -1/+1 | ||
5 hours | README: drop command to remove certificate file... | 1 | -2/+1 | ||
... as this is done automatically with RouterOS 7.15rc1 and later. | |||||
2024-06-21 | certs: E1 / E5 -> ISRG Root X2 | 1 | -11/+9 | ||
In the beginning of Let's Encrypt their root certificate ISRG Root X1 was not widely trusted, at least some older and/or mobile platforms were missing that certificate in their root certificate store. At that time Let's Encrypt was using an alternative chain of trust, where a certificate was cross-signed with DST Root CA X3. To make sure a valid chain of trust is available under all circumstances a set of all certificates had to be supplied: both root vertificates ISRG Root X1 & DST Root CA X3, and an intermediate certificate. This was still true after DST Root CA X3 expired, as it could still be used as a root anchor and was shipped by Let's Encrypt when requested. ðĪŠ This time is finally over, and we have a clean chain for trust ending in ISRG Root X1 (or ISRG Root X2). Well, actually it is the other way round... Let's Encrypt signs with different tantamount intermediate certificates. There is not only E5, but also E6 - and we can not know beforehand which one is used on renew. So let's jetzt drop the intermediate certificates now, and rely on root certificates only. We are perfectly fine with this these days. Follow-up commits will do the same for *all* certificates. The certificate is downloaded with: curl -d '["ISRG Root X2"]' https://mkcert.org/generate/ | grep -v '^$' > certs/ISRG-Root-X2.pem | |||||
2024-06-19 | Let's Encrypt changed their intermediate certificates | 1 | -7/+7 | ||
https://letsencrypt.org/2024/03/19/new-intermediate-certificates https://letsencrypt.org/certificates/ But let's keep the old ones around for now, as some sites are still using the old intermediate. | |||||
2024-04-19 | README: show fingerprints in output | 1 | -1/+1 | ||
This is not scrictly necessary, as we filter by fingerprint already... But it gives better overview and feeling. | |||||
2024-04-19 | README: remove left over certificate file | 1 | -1/+2 | ||
But use find as RouterOS 7.15rc1 removes it automatically. | |||||
2024-04-06 | global-functions: introduce $FetchHugerouteros-7.13-4 | 1 | -1/+1 | ||
2024-04-04 | README: add start-time & change interval in scheduler example | 1 | -2/+2 | ||
Set the interval to once a day, Instead of every 1 hour. Add start-time to start-up. Thereby introducing randomization based on when the user last rebooted there device. As the interval is counted based on last boot time. | |||||
2024-03-15 | README: add QR code with (shortened) upstream url | 1 | -0/+2 | ||
2024-03-12 | global-config: support loading snippetschange-122 | 1 | -0/+5 | ||
This adds support for loading snippets, which need a name starting with "global-config-overlay.d/". This allows to split off configuration if desired. | |||||
2024-01-30 | README: note on required hardware and limitations by storage | 1 | -0/+8 | ||
2024-01-30 | README: make required software a paragraph | 1 | -0/+2 | ||
2024-01-30 | global-functions: $RandomDelay: always scale to ms...routeros-7.12-1 | 1 | -1/+1 | ||
... to randomize in friction of unit. This requires :tonsec from RouterOS 7.12. | |||||
2024-01-18 | doc/hotspot-to-wpa: reference as WPA only... | 1 | -1/+1 | ||
... as this works with WPA3 as well. ð | |||||
2024-01-16 | README: set script owner on initial creation | 1 | -1/+1 | ||
2023-11-07 | README: print name with proplist for certificate verification | 1 | -3/+4 | ||
2023-11-07 | README: reference stable version | 1 | -1/+1 | ||
2023-11-07 | global-functions: $ParseDate: drop code for old format...routeros-7.10beta5-2 | 1 | -1/+1 | ||
... and increase required RouterOS. We should probably wait some time before merging this: Even current versions have some hidden places with old format: [admin@MikroTik] > /system/resource/print [...] version: 7.10.2 (stable) build-time: Jul/12/2023 09:45:11 [...] (Though this is written with capital letter and fails anyway...) Something similar goes for `/ip/neighbor`, where format depends on remote devices. Does anybody need to parse this? | |||||
2023-10-26 | README: explain sensitive property | 1 | -0/+3 | ||
2023-10-26 | global: switch eworm.de to new certificate chain (E1 / ISRG Root X2) | 1 | -7/+7 | ||
old chain: R3 / ISRG Root X1 new chain: E1 / ISRG Root X2 No user interaction or migration is required for existing installations as we install 'E1' and 'ISRG Root X2' for some time already. | |||||
2023-10-17 | introduce mod/notification-ntfy...change-109 | 1 | -0/+1 | ||
... for sending notifications via Ntfy (https://ntfy.sh/). TODO: use proper formatting once supported in Android app: https://github.com/binwiederhier/ntfy/issues/889 | |||||
2023-06-28 | README: reference stable version | 1 | -1/+1 | ||
2023-06-28 | global-functions: $MkDir: drop old code with smb workaround...routeros-7.9beta4-5 | 1 | -1/+1 | ||
... and increase required RouterOS. | |||||
2023-06-27 | README: link the RouterOS button to changelog | 1 | -1/+1 | ||
2023-06-13 | introduce fw-addr-listschange-101 | 1 | -0/+1 | ||
2023-04-26 | mod/ssh-keys-import: make ssh-keys-import a modulerouteros-7.9beta4-3change-100 | 1 | -1/+1 | ||
2023-04-18 | README: make the Telegram QR code a link | 1 | -1/+1 | ||
2023-04-18 | README: add a donate button to badges | 1 | -0/+1 | ||
2023-04-18 | README: generate a donate buttom from shields.io | 1 | -1/+1 | ||
2023-04-17 | README: note about breaking changes | 1 | -1/+4 | ||
2023-04-16 | README: add badge to link Telegram group | 1 | -0/+1 | ||
2023-04-06 | README: add badge to hint required RouterOS version | 1 | -0/+1 | ||
2023-03-20 | README: badge in style flat and with color | 1 | -3/+3 | ||
2023-03-07 | rename scripts and add file extension ".rsc"change-95 | 1 | -3/+3 | ||
No functional change for the user... The migration is done automatically. | |||||
2023-03-06 | ... and update the logo in notifications | 1 | -1/+1 | ||
2023-02-17 | README: add a paragraph for scheduled automatic updates | 1 | -2/+4 | ||
2023-02-17 | README: move configuration down, make it a separate paragraph | 1 | -21/+33 | ||
2023-02-13 | README: give hint about converting line endings | 1 | -0/+5 | ||
2023-01-31 | introduce telegram-chatchange-90 | 1 | -0/+1 | ||
Druvis from Mikrotik produced a video "MikroTik Telegram bot - Chat with your Router?". He shows his script to chat with a Router via Telegram bot to send it commands: https://youtu.be/KLX6j3sLRIE This script is kind of limited and has several issues... ðĨī Let's make it robust, usable, multi-device capable and just fun! ð (Sadly Mikrotik has a policy to not allow links in Youtube comments. Thus my comment with several hints was removed immediately. If anybody is in contact with Druvis... Please tell him about this script!) | |||||
2023-01-11 | use arrows with emoji representation | 1 | -1/+1 | ||
We had... â Go back to main README âē Go back to top ... and switch to... ⎠ïļ Go back to main README âŽïļ Go back to top | |||||
2023-01-11 | README: install custom script from routeros-scripts-custom | 1 | -4/+1 | ||
2023-01-10 | README: add linked custom scripts & modules | 1 | -0/+20 | ||
2022-12-19 | README: RouterOS v7 path syntax | 1 | -1/+1 | ||
Missed one in b6ddc5968e7a3393bb6e9b0c0ccf96379efc62b4... | |||||
2022-11-17 | README: link to Github pull requests | 1 | -1/+3 | ||
2022-10-31 | README: copy *relevant* configuration only | 1 | -1/+1 | ||
2022-10-20 | README: update notification | 1 | -1/+1 | ||
---- âïļ ---- ð News and configuration changes The configuration version on MikroTik increased to 85, current configuration may need modification. Please review and update global-config-overlay, then re-run global-config. Changes: â Support for e-mail notifications moved to a module. It is installed automatically if required. â Dropped 'netwatch-syslog', filtering in firewall is advised. ---- âïļ ---- | |||||
2022-09-25 | drop 'learn-mac-based-vlan' and 'manage-umts' | 1 | -4/+0 | ||
This was undocumented and scripts did never catch up with general quality expectations, for example global-config and global functions were not used. If you need the code get it from git history. ð | |||||
2022-09-25 | drop 'netwatch-syslog'change-85 | 1 | -1/+0 | ||
To filter in firewall you should use something like this: /ip/firewall/filter/add action=reject chain=output out-interface-list=WAN port=514 protocol=udp reject-with=icmp-admin-prohibited; /ip/firewall/filter/add action=reject chain=forward out-interface-list=WAN port=514 protocol=udp reject-with=icmp-admin-prohibited; | |||||
2022-09-25 | introduce 'mod/notification-email', split off from global-functionschange-84 | 1 | -0/+1 | ||
2022-07-11 | ... and another one | 1 | -1/+1 | ||
2022-07-07 | README: show a sample news and changes notification | 1 | -0/+5 | ||
2022-06-28 | README: How to remove a script... | 1 | -0/+12 | ||
2022-06-15 | drop script 'rotate-ntp'change-81 | 1 | -1/+0 | ||
For RouterOS 6.x a separate package 'ntp' exists. This adds server functionality, but allows ip addresses for the client only. I added the script 'rotate-ntp' to update addresses from names... Now with RouterOS 7.x there's no extra package and the limitation does no longer exist. So let's just drop the script. This adds migration code, that... * removes the script from configuration * removes a scheduler from configuration * sets the configured ntp pool name for ntp client | |||||
2022-05-12 | README: RouterOS v7 path syntax | 1 | -30/+17 | ||
2022-05-05 | README: installing custom scripts & modules | 1 | -0/+23 | ||
2022-03-30 | introduce backup-partitionchange-79 | 1 | -0/+1 | ||
2022-02-21 | add doc/mod/scriptrunonce | 1 | -0/+1 | ||
2022-02-20 | add doc/mod/ipcalc | 1 | -0/+1 | ||
2022-02-20 | add doc/mod/inspectvar | 1 | -0/+1 | ||
2022-02-20 | add doc/mod/notification-matrix | 1 | -0/+1 | ||
2022-02-20 | add doc/mod/notification-telegram | 1 | -0/+1 | ||
2022-02-11 | README: put hint into block quote | 1 | -2/+2 | ||
2022-02-10 | introduce firmware-upgrade-rebootchange-77 | 1 | -0/+1 | ||
2022-01-14 | README: drop hint on branch 'routeros-v7' | 1 | -18/+3 | ||
2022-01-14 | README: install correct global-config-overlay for RouterOS v6branch-routeros-v6 | 1 | -2/+7 | ||
2022-01-06 | rename script upload-backup -> backup-upload | 1 | -1/+1 | ||
2022-01-06 | rename script email-backup -> backup-email | 1 | -1/+1 | ||
2022-01-06 | rename script cloud-backup -> backup-cloud | 1 | -1/+1 | ||
2022-01-03 | introduce netwatch-dnschange-72 | 1 | -0/+1 | ||
2022-01-03 | README: convert screenshots to AVIF | 1 | -11/+11 | ||
2022-01-03 | README: convert Telegram group qr code to AVIF | 1 | -1/+1 | ||
2021-12-30 | README: add a qr code to join Telegram group | 1 | -0/+3 | ||
2021-12-13 | README: changes for RouterOS v6change-71 | 1 | -0/+12 | ||
2021-12-07 | global-config: load overlay automatically | 1 | -2/+2 | ||
2021-12-07 | README: changes for RouterOS v7change-70 | 1 | -0/+14 | ||
2021-11-18 | README: no capitals here... | 1 | -1/+1 | ||
2021-11-16 | reintroduce global-waitchange-68 | 1 | -0/+1 | ||
2021-11-15 | shorten modules directory name (global-functions.d -> mod)change-67 | 1 | -2/+2 | ||
2021-11-15 | bridge-port-to-default -> global-functions.d/bridge-port-tochange-66 | 1 | -1/+1 | ||
2021-11-12 | add global-functions.d/bridge-port-vlanchange-65 | 1 | -0/+5 | ||
2021-09-21 | README: add a note about date and time | 1 | -0/+4 | ||
2021-09-21 | README: use real screenshots... | 1 | -27/+41 | ||
... and make sure copy-and-paste with code does not fail. Also end all commands with a semicolon for Github copy button. | |||||
2021-05-18 | drop certificate DST Root CA X3 | 1 | -12/+4 | ||
Let's Encrypt planned the transition to ISRG's root certificate ("ISRG Root X1") on July 8, 2019, but postponed several times. Finally they found another solution: A certificate 'ISRG Root X1', but cross-signed with 'DST Root CA X3' and with a livetime that exceeds that of the root CA. This is said to work for most operating system where root certificate authorities are just 'trust anchors'. I doubt this is true for RouterOS, where certificates are just imported into the certificate store. So let's migrate to 'ISRG Root X1' now. | |||||
2021-05-17 | add 'ipsec-to-dns'change-51 | 1 | -0/+1 | ||
2021-05-07 | README: use svg logo | 1 | -1/+1 | ||
2021-04-28 | README: add logo | 1 | -0/+2 | ||
2021-03-04 | global-config-overlay: remove magic | 1 | -4/+0 | ||
This allows to drop the ignore flag. | |||||
2021-02-22 | We have a Telegram group!change-45 | 1 | -0/+7 | ||
2021-02-21 | README: swap stars and forks | 1 | -1/+1 | ||
2021-02-18 | global: drop script 'global-wait'change-44 | 1 | -1/+0 | ||
All scripts wait for the global functions on their own now. | |||||
2021-02-18 | README: fix typo | 1 | -1/+1 | ||
2020-12-18 | README: drop Let's Encrypt Authority X3 | 1 | -18/+3 | ||
2020-12-17 | README: also import Let's Encrypt certificate "R3" | 1 | -9/+24 | ||
2020-11-01 | README: optional scheduler to update scripts automatically | 1 | -0/+5 | ||
2020-10-23 | ospf-to-leds: introduce script to visualize ospf state via ledschange-34 | 1 | -0/+1 | ||
2020-10-15 | README: link to global-config | 1 | -2/+2 | ||
2020-10-15 | global-config: do not define mail addresses by default | 1 | -3/+3 | ||
2020-08-13 | fix typo: botton -> button | 1 | -1/+1 | ||
2020-07-15 | add 'log-forward', drop 'early-errors'change-23 | 1 | -1/+1 | ||
2020-07-14 | README: be more explicit on file name | 1 | -1/+1 | ||