更新 RouterOS 脚本

07.设置定时任务.md

@@ -13,14 +13,14 @@ RouterOS 提供了强大的脚本能力，搭配系统的定时器功能，可
 - 要使用 RouterOS 发送邮件功能，需要准备一个邮箱并开启 `SMTP` 服务，推荐使用 QQ 邮箱或 163 邮箱  
 
 - 对于使用 **CHR 版本** RouterOS 的软路由  
-    - 系统自动更新脚本，请查阅文件 [ros_sys_upgrade_worker.chr.conf](./src/upgrade/ros_sys_upgrade_worker.chr.conf)  
+    - 系统自动更新脚本，请查阅文件 [ros_sys_upgrade_worker.conf](./src/upgrade/ros_sys_upgrade_worker.conf)  
     - 证书自动更新脚本，请查阅文件 [ros_certs_update_worker.conf](./src/certificates/ros_certs_update_worker.conf)  
     - 系统日志邮件脚本，请查阅文件 [ros_email_log_worker.conf](./src/email/ros_email_log_worker.conf)  
     - 系统资源邮件脚本，请查阅文件 [ros_email_res_worker.chr.conf](./src/email/ros_email_res_worker.chr.conf)  
 
 
 - 对于使用 **Mikrotik 原生** RouterOS 的硬路由  
-    - 系统自动更新脚本，请查阅文件 [ros_sys_upgrade_worker.native.conf](./src/upgrade/ros_sys_upgrade_worker.native.conf)  
+    - 系统自动更新脚本，与 CHR 版本相同  
     - 证书自动更新脚本，与 CHR 版本相同  
     - 系统日志邮件脚本，与 CHR 版本相同  
     - 系统资源邮件脚本，与 CHR 版本略有不同，请查阅文件 [ros_email_res_worker.native.conf](./src/email/ros_email_res_worker.native.conf)  
@@ -115,11 +115,7 @@ add comment="sysconf: system certs update" dont-require-permissions=no name=cert
 
 ![脚本待完善](img/p07/wb_scripts_red.jpeg)
 
-根据所使用的 RouterOS 的类型，从以下两个系统自动更新脚本中选择合适的版本，并复制其代码：  
-
-- CHR 使用：[ros_sys_upgrade_worker.chr.conf](./src/upgrade/ros_sys_upgrade_worker.chr.conf)  
-
-- 官方硬件使用：[ros_sys_upgrade_worker.native.conf](./src/upgrade/ros_sys_upgrade_worker.native.conf)  
+首先设置系统自动更新脚本，复制 [ros_sys_upgrade_worker.conf](./src/upgrade/ros_sys_upgrade_worker.conf) 中的脚本代码。  
 
 鼠标 **双击** 系统自动更新脚本 `sys-upgrade-worker` ，进入脚本配置界面，在 `Source` 处粘贴脚本代码。   
 

A.命令行配置脚本.md

@@ -43,8 +43,7 @@
 ||[ros_email_res_worker.native.conf](./src/email/ros_email_res_worker.native.conf)|资源状态邮件 推送脚本|官方硬件|
 ||[ros_email_res_worker.chr.conf](./src/email/ros_email_res_worker.chr.conf)|资源状态邮件 推送脚本|CHR|
 |-|-|-|-|
-|[upgrade](./src/upgrade)|[ros_sys_upgrade_worker.native.conf](./src/upgrade/ros_sys_upgrade_worker.native.conf)|系统自动更新脚本|官方硬件|
-||[ros_sys_upgrade_worker.chr.conf](./src/upgrade/ros_sys_upgrade_worker.chr.conf)|系统自动更新脚本|CHR|
+|[upgrade](./src/upgrade)|[ros_sys_upgrade_worker.conf](./src/upgrade/ros_sys_upgrade_worker.conf)|系统自动更新脚本|官方硬件 / CHR|
 |-|-|-|-|
 |[certificates](./src/certificates)|[ros_certs_update_worker.conf](./src/certificates/ros_certs_update_worker.conf)|根证书自动更新脚本|官方硬件 / CHR|
 |-|-|-|-|

src/certificates/ros_certs_update_worker.conf

@@ -2,28 +2,20 @@
 :local LetsencryptURL "https://letsencrypt.org/certs/isrgrootx1.pem";
 :local MkcertURL "https://mkcert.org/generate/all/except/nothing";
 :local IsrgUnsafe "isrgrootx1_unsafe";
-:local GetCertExpire;
-:local LenCertExpire;
-:local DnsHttps;
-:local DnsVerify;
 :local DnsChanged;
-:local GetIsrgID;
-:local LenIsrgID;
 :local IsrgFile;
 :local IsrgFileSize;
 :local UseCert;
-:local Fetched;
+:local CertFetched;
 :local IsrgFetch;
 :local MkcertFetch;
-:local GetMkcertID;
-:local LenMkcertID;
 :local MkcertFile;
 :local MkcertFileSize;
 :local Date;
 
 ## Initiate Check on Certificate Expiring within 45 Days
-:set GetCertExpire [/certificate find where expires-after < 45d ];
-:set LenCertExpire [:len $GetCertExpire ];
+:local GetCertExpire [/certificate find where expires-after < 45d ];
+:local LenCertExpire [:len $GetCertExpire ];
 
 :if ($LenCertExpire > 0) do={
     /certificate remove $GetCertExpire;
@@ -33,8 +25,8 @@
 ## End Certificate Check
 
 ## Initiate Check on DNS Resolution Influence
-:set DnsHttps [/ip dns get use-doh-server ];
-:set DnsVerify [/ip dns get verify-doh-cert ];
+:local DnsHttps [/ip dns get use-doh-server ];
+:local DnsVerify [/ip dns get verify-doh-cert ];
 
 :if ($DnsHttps != "" && $DnsVerify) do={
     /ip dns cache flush
@@ -57,8 +49,8 @@
 ## End DNS Resolution Check
 
 ## Initiate Check on Root CA 'isrg*' Existence
-:set GetIsrgID [/certificate find where name ~ "isrg*" ];
-:set LenIsrgID [:len $GetIsrgID];
+:local GetIsrgID [/certificate find where name ~ "isrg*" ];
+:local LenIsrgID [:len $GetIsrgID];
 
 :if ($LenIsrgID = 0) do={
     :set IsrgFile $IsrgUnsafe;
@@ -96,8 +88,8 @@
 ## End Root CA 'isrg*' Check
 
 ## Initiate Check on Mkcert CA 'mkcert*' Existence
-:set GetMkcertID [/certificate find where name ~ "mkcert*" ];
-:set LenMkcertID [:len $GetMkcertID];
+:local GetMkcertID [/certificate find where name ~ "mkcert*" ];
+:local LenMkcertID [:len $GetMkcertID];
 
 :if ($LenMkcertID = 0) do={
     :set MkcertFetch true;
@@ -113,11 +105,11 @@
             :resolve letsencrypt.org;
             :delay 2s;
             /tool fetch url=$LetsencryptURL check-certificate=no dst-path=$IsrgFile;
-            :set Fetched true;
+            :set CertFetched true;
         } delay=10s max=3;
     } do={
         # Failed to fetch the cert
-        :set Fetched false;
+        :set CertFetched false;
         :set IsrgFetch false;
         :set MkcertFetch false;
         :log warning ("Failed to download the ISRG cert. Aborting...");
@@ -125,7 +117,7 @@
 
     :delay 5s;
 
-    :if ($Fetched) do={
+    :if ($CertFetched) do={
         :set IsrgFileSize [/file get $IsrgFile size ];
 
         # If download is successful (file size > 1000), import the certificate
@@ -154,18 +146,18 @@
             :resolve letsencrypt.org;
             :delay 2s;
             /tool fetch url=$LetsencryptURL check-certificate=yes dst-path=$IsrgFile;
-            :set Fetched true;
+            :set CertFetched true;
         } delay=10s max=3;
     } do={
         # Failed to fetch the cert
-        :set Fetched false;
+        :set CertFetched false;
         :set MkcertFetch false;
         :log warning ("Failed to download the ISRG cert. Aborting...");
     }
 
     :delay 5s;
 
-    :if ($Fetched) do={
+    :if ($CertFetched) do={
         :set IsrgFileSize [/file get $IsrgFile size ];
 
         # If download is successful (file size > 1000), import the certificate
@@ -198,17 +190,17 @@
             :resolve mkcert.org;
             :delay 2s;
             /tool fetch url=$MkcertURL check-certificate=yes dst-path=$MkcertFile;
-            :set Fetched true;
+            :set CertFetched true;
         } delay=10s max=3;
     } do={
         # Failed to fetch the cert
-        :set Fetched false;
+        :set CertFetched false;
         :log warning ("Failed to download the Mkcert cert. Aborting...");
     }
 
     :delay 5s;
 
-    :if ($Fetched) do={
+    :if ($CertFetched) do={
         :set MkcertFileSize [/file get $MkcertFile size ];
 
         # If download is successful (file size > 200000), import the certificate
@@ -253,5 +245,5 @@
 }
 ## End DoH Restoration
 
-## Fox RouterOS Certificates Updater End
+## End Fox RouterOS Certificates Updater
 

src/upgrade/ros_sys_upgrade_worker.chr.conf

@@ -1,36 +0,0 @@
-## Set Variables
-:local UpdateChannel "stable";
-:local DeviceName [/system identity get name ];
-## Set Variables End
-
-## Update RouterOS
-:log info ("Checking RouterOS status...")
-
-/system package update
-set channel=$UpdateChannel
-check-for-updates
-
-# Wait on slow connections
-:delay 60s;
-
-:local SystemVer [/system package update get installed-version ];
-:local UpstreamVer [/system package update get latest-version ];
-:local Status [/system package update get status ];
-:local Channel [/system package update get channel ];
-
-:if ($SystemVer != $UpstreamVer) do={
-    # New version of RouterOS available
-    :log info ("$DeviceName can be updated from $SystemVer to $UpstreamVer ( channel: $Channel )")
-    :log info ("Preparing to update RouterOS")
-    # Wait for system email log timer
-    :delay 210s;
-    :log info ("Start updating :) ")
-    :delay 90s;
-    install
-} else={
-    # No RouterOS update available, nothing to do, just log info
-    :log info ("RouterOS of $DeviceName is $SystemVer")
-    :log info ("$Status")
-}
-## Update RouterOS End
-

src/upgrade/ros_sys_upgrade_worker.conf

@@ -0,0 +1,88 @@
+## Fox RouterOS System & Firmware Updater
+:local UpdateChannel "stable";
+:local DeviceName [/system identity get name ];
+:local UpdateFirmware true;
+:local Model;
+:local Arch;
+
+## Initiate Check on RouterOS Arch
+:onerror e {
+    :set Model [/system routerboard get model ];
+    :set Arch true;
+} do={
+    :set Arch false;
+}
+## End RouterOS Arch Check
+
+## Update RouterOS
+:log info ("Checking RouterOS status...")
+
+/system package update
+set channel=$UpdateChannel
+check-for-updates
+
+# Wait on slow connections
+:delay 60s;
+
+:local SystemVer [/system package update get installed-version ];
+:local UpstreamVer [/system package update get latest-version ];
+:local Status [/system package update get status ];
+:local Channel [/system package update get channel ];
+
+:log info ("System of $DeviceName is $SystemVer")
+
+:if ($SystemVer != $UpstreamVer) do={
+    # New version of RouterOS available
+    :log info ("New version is available ($Channel channel).")
+    :log info ("System update: $SystemVer => $UpstreamVer")
+    :log info ("Preparing to update system...")
+    # Wait for system email log timer
+    :delay 210s;
+    :log info ("Start updating :) ")
+    :delay 90s;
+    install
+} else={
+    # No RouterOS update available, nothing to do, just log info
+    :log info ("$Status.")
+}
+## End Update RouterOS
+
+## Upgrade RouterBOARD Firmware
+:if ($Arch) do={
+
+    :if ($UpdateFirmware) do={
+        :log info ("Checking RouterBOARD status...")
+
+        /system routerboard
+        :local SystemFirmware [/system routerboard get current-firmware ];
+        :local UpstreamFirmware [/system routerboard get upgrade-firmware ];
+
+        :log info ("Firmware of $DeviceName is $SystemFirmware")
+
+        :if ($SystemFirmware != $UpstreamFirmware) do={
+            # New version of firmware available
+            :log info ("New version is available ($Model).")
+            :log info ("Firmware upgrade: $SystemFirmware => $UpstreamFirmware")
+            upgrade
+            # Firmware upgraded, need to reboot to finish
+            :log info ("A firmware reboot is required.")
+            :delay 210s;
+            :log info ("Start rebooting :) ")
+            :delay 90s;
+            /system reboot
+        } else={
+            # No firmware upgrade available, log info
+            :log info ("Firmware is already up to date.")
+        }
+
+    } else={
+        # Automatic firmware upgrade disabled, log info
+        :log info ("Firmware automatic upgrades disabled.")
+    }
+
+}
+
+## End Upgrade RouterBOARD Firmware
+
+## End Fox RouterOS System & Firmware Updater
+

src/upgrade/ros_sys_upgrade_worker.native.conf

@@ -1,66 +0,0 @@
-## Set Variables
-:local UpdateChannel "stable";
-:local UpdateFirmware true;
-:local DeviceName [/system identity get name ];
-## Set Variables End
-
-## Update RouterOS
-:log info ("Checking RouterOS status...")
-
-/system package update
-set channel=$UpdateChannel
-check-for-updates
-
-# Wait on slow connections
-:delay 60s;
-
-:local SystemVer [/system package update get installed-version ];
-:local UpstreamVer [/system package update get latest-version ];
-:local Status [/system package update get status ];
-:local Channel [/system package update get channel ];
-
-:if ($SystemVer != $UpstreamVer) do={
-    # New version of RouterOS available
-    :log info ("$DeviceName can be updated from $SystemVer to $UpstreamVer ( channel: $Channel )")
-    :log info ("Preparing to update RouterOS")
-    # Wait for system email log timer
-    :delay 210s;
-    :log info ("Start updating :) ")
-    :delay 90s;
-    install
-} else={
-    # No RouterOS update available, nothing to do, just log info
-    :log info ("RouterOS of $DeviceName is $SystemVer")
-    :log info ("$Status")
-}
-## Update RouterOS End
-
-## Upgrade Firmware
-:if ($UpdateFirmware) do={
-    :log info ("Checking Firmware status...")
-    /system routerboard
-    :local SystemFirmware [/system routerboard get current-firmware ];
-    :local UpstreamFirmware [/system routerboard get upgrade-firmware ];
-
-    :if ($SystemFirmware != $UpstreamFirmware) do={
-        # New version of firmware available
-        :log info ("Upgrading firmware of $DeviceName from $SystemFirmware to $UpstreamFirmware")
-        upgrade
-        # Firmware upgraded, need to reboot to finish
-        :log info ("A firmware reboot is required")
-        :delay 210s;
-        :log info ("Start rebooting :) ")
-        :delay 90s;
-        /system reboot
-    } else={
-        # No firmware upgrade available, log info
-        :log info ("Firmware of $DeviceName is $SystemFirmware")
-        :log info ("Firmware is already up to date")
-    }
-
-} else={
-    # Automatic firmware upgrade disabled, log info
-    :log info ("Firmware automatic upgrades disabled")
-}
-## Upgrade Firmware End
-