Skip to content

Instantly share code, notes, and snippets.

@matthiaskonrath

matthiaskonrath/mikrotik_maintenance.sh

Last active February 2, 2024 17:22
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save matthiaskonrath/4305eba9b465b2d77ef8bcbd2dcb9073 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save matthiaskonrath/4305eba9b465b2d77ef8bcbd2dcb9073 to your computer and use it in GitHub Desktop.
Download ZIP
Mikrotik Maintenance Script
Raw
mikrotik_maintenance.sh
#!/bin/bash
ssh_key=TODO_MIKROTIK_SSH_PRIV_KEY_FILE
### Mikrotik Options ###
# Backup Options
backup_key=TODO_MIKROTIK_BACKUP_ENCRYPTION_PASSWORD
encryption=aes-sha256
# Paths
base_path_mt=TODO_MIKROTIK_BACKUP_BASE_PATH
backup_path_mt=$base_path_mt/devices/
config_path_mt=$base_path_mt/configs/
license_path_mt=$base_path_mt/license/
# Update Channels: long-term / stable / testing / development
update_channel=stable
print_heder () {
echo "#### #### #### #### #### #### #### #### #### #### #### #### #### #### #### #### #### #### #### #### #### #### #### ####"
echo "[*] Running tasks on device .............. $dev_name / user:$ssh_user / ip:$ip / port:$port"
}
wait_for_dev () {
sleep 5
until ping -c1 $ip >/dev/null 2>&1; do echo "[***] Waiting for device"; done
}
create_backup_mt () {
echo "[**] Starting full backup on device"
ssh -i $ssh_key -p $port $ssh_user@$ip "file/remove [find type=backup] ; system/backup/save encryption=$encryption password=$backup_key" > /dev/null
mt_bak_filename=$(ssh -i $ssh_key -p $port $ssh_user@$ip "file/print where type=backup" | pcregrep -o2 "^(\d*) (.*\.backup)")
scp -q -i $ssh_key -P $port $ssh_user@$ip:"/$mt_bak_filename" $backup_path_mt
}
create_config_backup_mt () {
echo "[**] Starting config backup on device"
ssh -i $ssh_key -p $port $ssh_user@$ip "export show-sensitive verbose" > $config_path_mt$dev_name-verbose.txt
ssh -i $ssh_key -p $port $ssh_user@$ip "export show-sensitive terse" > $config_path_mt$dev_name-terse.txt
}
create_license_backup_mt () {
echo "[**] Starting license backup on device"
ssh -i $ssh_key -p $port $ssh_user@$ip "system/license/output" > /dev/null
mt_bak_filename=$(ssh -i $ssh_key -p $port $ssh_user@$ip "system/license/print" | pcregrep -o1 "^ software-id: (.*)" | tr -d '\r')
mt_bak_filename+=".key"
scp -q -i $ssh_key -P $port $ssh_user@$ip:/"$mt_bak_filename" $license_path_mt/$dev_name---$mt_bak_filename
ssh -i $ssh_key -p $port $ssh_user@$ip "file/remove \"$mt_bak_filename\""
}
update_mt () {
echo "[**] Checking for updates"
ssh -i $ssh_key -p $port $ssh_user@$ip "system/package/update/set channel=$update_channel"
ssh -i $ssh_key -p $port $ssh_user@$ip "system/package/update/check-for-updates" > /dev/null
cmp_string=$(ssh -i $ssh_key -p $port $ssh_user@$ip "system/package/update/print" | pcregrep -o2 "(status: )(.*)" | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//')
if [[ "${cmp_string}" == *"New version is available"* ]]; then
echo "[***] Starting the update"
ssh -i $ssh_key -p $port $ssh_user@$ip "system/package/update/install" || true
wait_for_dev
echo "[***] Flashing router board"
ssh -i $ssh_key -p $port $ssh_user@$ip "system/routerboard/upgrade"
sleep 5
echo "[***] Rebooting router"
ssh -i $ssh_key -p $port $ssh_user@$ip ":execute {/system reboot;}" || true
wait_for_dev
else
echo "[***] No update available"
fi
}
run_mt_tasks () {
print_heder
wait_for_dev
create_backup_mt
create_config_backup_mt
#create_license_backup_mt
update_mt
}
### MAIN FUNCTION
dev_name="TODO_MIKROTIK_DEVICE_NAME_1"
ssh_user=TODO_MIKROTIK_SSH_USERNAME_1
ip=TODO_MIKROTIK_IP_ADDRESS_1
port=TODO_MIKROTIK_SSH_PORT_1
run_mt_tasks
dev_name="TODO_MIKROTIK_DEVICE_NAME_2"
ssh_user=TODO_MIKROTIK_SSH_USERNAMEv2
ip=TODO_MIKROTIK_IP_ADDRESS_2
port=TODO_MIKROTIK_SSH_PORT_2
run_mt_tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment