mirror of
				https://github.com/eworm-de/routeros-scripts.git
				synced 2024-05-11 05:55:19 +00:00 
			
		
		
		
	
		
			
				
	
	
		
			201 lines
		
	
	
		
			7.5 KiB
		
	
	
	
		
			Plaintext
		
	
	
	
	
	
			
		
		
	
	
			201 lines
		
	
	
		
			7.5 KiB
		
	
	
	
		
			Plaintext
		
	
	
	
	
	
| #!rsc by RouterOS
 | |
| # RouterOS script: global-config
 | |
| # Copyright (c) 2013-2022 Christian Hesse <mail@eworm.de>
 | |
| # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md
 | |
| #
 | |
| # global configuration
 | |
| # https://git.eworm.de/cgit/routeros-scripts/about/
 | |
| 
 | |
| # Make sure all configuration properties are up to date and this
 | |
| # value is in sync with value in script 'global-functions'!
 | |
| :global GlobalConfigVersion 79;
 | |
| 
 | |
| # This is used for DNS and backup file.
 | |
| :global Domain "example.com";
 | |
| :global HostNameInZone true;
 | |
| :global PrefixInZone true;
 | |
| :global ServerNameInZone false;
 | |
| 
 | |
| # These addresses are used to send e-mails to. The to-address needs
 | |
| # to be filled; cc-address can be empty, one address or a comma
 | |
| # separated list of addresses.
 | |
| :global EmailGeneralTo "";
 | |
| :global EmailGeneralCc "";
 | |
| #:global EmailGeneralTo "mail@example.com";
 | |
| #:global EmailGeneralCc "another@example.com,third@example.com";
 | |
| 
 | |
| # You can send Telegram notifications. Register a bot
 | |
| # and add the token and chat ids here, then install the module:
 | |
| # $ScriptInstallUpdate mod/notification-telegram
 | |
| :global TelegramTokenId "";
 | |
| :global TelegramChatId "";
 | |
| #:global TelegramTokenId "123456:ABCDEF-GHI";
 | |
| #:global TelegramChatId "12345678";
 | |
| # This is whether or not to send Telegram messages with fixed-width font.
 | |
| :global TelegramFixedWidthFont true;
 | |
| 
 | |
| # You can send Matrix notifications. Configure these settings and
 | |
| # install the module:
 | |
| # $ScriptInstallUpdate mod/notification-matrix
 | |
| :global MatrixHomeServer "";
 | |
| :global MatrixAccessToken "";
 | |
| :global MatrixRoom "";
 | |
| #:global MatrixHomeServer "matrix.org";
 | |
| #:global MatrixAccessToken "123456ABCDEFGHI...";
 | |
| #:global MatrixRoom "!example:matrix.org";
 | |
| 
 | |
| # It is possible to override e-mail, Telegram and Matrix setting for every
 | |
| # script. This is done in arrays, where 'Override' is appended to the
 | |
| # variable name, like this:
 | |
| #:global EmailGeneralToOverride {
 | |
| #  "check-certificates"="override@example.com";
 | |
| #  "backup-email"="backup@example.com";
 | |
| #}
 | |
| 
 | |
| # Toggle this to disable symbols in notifications.
 | |
| :global NotificationsWithSymbols true;
 | |
| # Toggle this to disable color output in terminal/cli.
 | |
| :global TerminalColorOutput true;
 | |
| 
 | |
| # This defines what backups to generate and what password to use.
 | |
| :global BackupSendBinary false;
 | |
| :global BackupSendExport true;
 | |
| :global BackupPassword "v3ry-s3cr3t";
 | |
| :global BackupRandomDelay 0;
 | |
| # These credentials are used to upload backup and config export files.
 | |
| # SFTP authentication is tricky, you may have to limit authentication
 | |
| # methods for your SSH server.
 | |
| :global BackupUploadUrl "sftp://example.com/backup/";
 | |
| :global BackupUploadUser "mikrotik";
 | |
| :global BackupUploadPass "v3ry-s3cr3t";
 | |
| 
 | |
| # This defines what log messages to filter or include by topic or message
 | |
| # text. Regular expressions are supported. Do *NOT* set an empty string,
 | |
| # that will filter or include everything!
 | |
| # These are filters, so excluding messages from forwarding.
 | |
| :global LogForwardFilter "(debug|info)";
 | |
| :global LogForwardFilterMessage [];
 | |
| #:global LogForwardFilterMessage "message text";
 | |
| #:global LogForwardFilterMessage "(message text|another text|...)";
 | |
| # ... and another setting with reverse logic. This includes messages even
 | |
| # if filtered above.
 | |
| :global LogForwardInclude [];
 | |
| :global LogForwardIncludeMessage [];
 | |
| #:global LogForwardInclude "account";
 | |
| #:global LogForwardIncludeMessage "message text";
 | |
| 
 | |
| # Specify an address to enable auto update to version assumed safe.
 | |
| # The configured channel (bugfix, current, release-candidate) is appended.
 | |
| :global SafeUpdateUrl "";
 | |
| #:global SafeUpdateUrl "https://example.com/ros/safe-update/";
 | |
| # Allow to install patch updates automatically.
 | |
| :global SafeUpdatePatch false;
 | |
| # Allow to install updates automatically if seen in neighbor list.
 | |
| :global SafeUpdateNeighbor false;
 | |
| # Allow to install updates even if device is managed by CAPsMAN.
 | |
| :global SafeUpdateOnCap false;
 | |
| 
 | |
| # These thresholds control when to send health notification
 | |
| # on temperature and voltage.
 | |
| :global CheckHealthTemperature {
 | |
|   temperature=50;
 | |
|   cpu-temperature=70;
 | |
|   board-temperature1=50;
 | |
|   board-temperature2=50;
 | |
| }
 | |
| # This is deviation on recovery threshold against notification flooding.
 | |
| :global CheckHealthTemperatureDeviation 2;
 | |
| :global CheckHealthVoltageLow 115;
 | |
| :global CheckHealthVoltagePercent 10;
 | |
| 
 | |
| # Access-list entries matching this comment are updated
 | |
| # with daily pseudo-random PSK.
 | |
| :global DailyPskMatchComment "Daily PSK";
 | |
| :global DailyPskSecrets {
 | |
|   { "Abusive"; "Aggressive"; "Bored"; "Chemical"; "Cold";
 | |
|     "Cruel"; "Curved"; "Delightful"; "Discreet"; "Elite";
 | |
|     "Evasive"; "Faded"; "Flat"; "Future"; "Grandiose";
 | |
|     "Hanging"; "Humorous"; "Interesting"; "Magenta";
 | |
|     "Magnificent"; "Numerous"; "Optimal"; "Pathetic";
 | |
|     "Possessive"; "Remarkable"; "Rightful"; "Ruthless";
 | |
|     "Stale"; "Unusual"; "Useless"; "Various" };
 | |
|   { "Adhesive"; "Amusing"; "Astonishing"; "Frantic";
 | |
|     "Kindhearted"; "Limping"; "Roasted"; "Robust";
 | |
|     "Staking"; "Thundering"; "Ultra"; "Unreal" };
 | |
|   { "Belief"; "Button"; "Curtain"; "Edge"; "Jewel";
 | |
|     "String"; "Whistle" }
 | |
| }
 | |
| 
 | |
| # Run different commands with multiple mode-button presses.
 | |
| :global ModeButton {
 | |
|   1="/ system script run leds-toggle-mode;";
 | |
|   2=":global SendNotification; :global Identity; \$SendNotification (\"Hello...\") (\"Hello world, \" . \$Identity . \" calling!\");";
 | |
|   3="/ system shutdown;";
 | |
|   4="/ system reboot;";
 | |
|   5=":global BridgePortVlan; \$BridgePortVlan alt;";
 | |
| # add more here...
 | |
| };
 | |
| # This led gives visual feedback if type is 'on' or 'off'.
 | |
| :global ModeButtonLED "user-led";
 | |
| 
 | |
| # Run commands on SMS action.
 | |
| :global SmsAction {
 | |
|   bridge-port-vlan-alt=":global BridgePortVlan; \$BridgePortVlan alt;";
 | |
|   reboot="/ system reboot;";
 | |
|   shutdown="/ system shutdown;";
 | |
| # add more here...
 | |
| };
 | |
| 
 | |
| # This address should resolve ntp servers and is used to update
 | |
| # ntp settings. A pool can rotate servers.
 | |
| :global NtpPool "pool.ntp.org";
 | |
| 
 | |
| # This is the address used to send gps data to.
 | |
| :global GpsTrackUrl "https://example.com/index.php";
 | |
| 
 | |
| # Enable this to fetch scripts from given url.
 | |
| :global ScriptUpdatesFetch true;
 | |
| :global ScriptUpdatesBaseUrl "https://git.eworm.de/cgit/routeros-scripts/plain/";
 | |
| # alternative urls - main: stable code - next: currently in development
 | |
| #:global ScriptUpdatesBaseUrl "https://raw.githubusercontent.com/eworm-de/routeros-scripts/main/";
 | |
| #:global ScriptUpdatesBaseUrl "https://raw.githubusercontent.com/eworm-de/routeros-scripts/next/";
 | |
| #:global ScriptUpdatesBaseUrl "https://gitlab.com/eworm-de/routeros-scripts/raw/main/";
 | |
| #:global ScriptUpdatesBaseUrl "https://gitlab.com/eworm-de/routeros-scripts/raw/next/";
 | |
| :global ScriptUpdatesUrlSuffix "";
 | |
| # use next branch with default url (git.eworm.de)
 | |
| #:global ScriptUpdatesUrlSuffix "\?h=next";
 | |
| 
 | |
| # Use this for defaults with $ScriptRunOnce
 | |
| # Install module with:
 | |
| # $ScriptInstallUpdate mod/scriptrunonce
 | |
| :global ScriptRunOnceBaseUrl "";
 | |
| :global ScriptRunOnceUrlSuffix "";
 | |
| 
 | |
| # This project is developed in private spare time and usage is free of charge
 | |
| # for you. If you like the scripts and think this is of value for you or your
 | |
| # business please consider a donation:
 | |
| # https://git.eworm.de/cgit/routeros-scripts/about/#donate
 | |
| # Enable this to silence donation hint.
 | |
| :global IDonate false;
 | |
| 
 | |
| # Use this for certificate auto-renew
 | |
| :global CertRenewUrl "";
 | |
| #:global CertRenewUrl "https://example.com/certificates/";
 | |
| :global CertRenewTime 3w;
 | |
| :global CertRenewPass {
 | |
|   "v3ry-s3cr3t";
 | |
|   "4n0th3r-s3cr3t";
 | |
| }
 | |
| :global CertIssuedExportPass {
 | |
|   "cert1-cn"="v3ry-s3cr3t";
 | |
|   "cert2-cn"="4n0th3r-s3cr3t";
 | |
| }
 | |
| 
 | |
| # load custom settings from overlay
 | |
| # Warning: Do *NOT* copy this code to overlay!
 | |
| :do {
 | |
|   / system script run global-config-overlay;
 | |
| } on-error={
 | |
|   :log error ("Loading configuration from overlay failed!");
 | |
| }
 |