-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathros-fetch-backup.rsc
341 lines (310 loc) · 10.5 KB
/
ros-fetch-backup.rsc
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
### RoS Fetch-based Backup
### Backs Up nearly everything via /tool fetch
### (currently only sftp mode is supported)
#
### 2024 Leonardo Valeri Manera
#
### Based on:
# https://forum.mikrotik.com/viewtopic.php?t=159432
# https://forum.mikrotik.com/viewtopic.php?p=858564#p858564
### Configuration
#
### Set local variables. Change the value between "" to reflect your environment. Do not delete quotation marks.
# Server FQDN or IP
:local remoteserver "";
# Server Account Username
:local username "";
# Server Account Password
:local password "";
# Server Path, leave blank to push to root. Path must exist
:local remotepath "";
# Include date in local file names. Leave false to overwrite single files
:local datelocal false;
# Remove local file after uploading
:local removelocal true;
# Binary Backup
:local dobinbackup true;
# Encrypt Backup
:local backupencrypt false;
# Backup Password
:local backuppassword "";
# Sensitive information in Export
:local exportsensitive true;
# General Export
:local dogexport true;
# User Export
:local douexport true;
# License Export (not for CHR, will silently skip)
:local dolicense true;
# SSH Keys
:local dosshkeys false;
# Certificate Export
:local docertificates true;
# Certificate Password
:local certpassword "";
# User-Manager Export
:local dousermanager false;
# The Dude Export
:local dothedude false;
# User Files to export, comma-separated string or array of strings
# User Files are not removed on backup
# Any directory paths will be removed (/ -> _) on remote file
# Nonpresent files are silently skipped
:local userfilelist "autosupout.rif,autosupout.old.rif";
### End Configuration
:local hostname [/system identity get name];
:local date [:pick [/system clock get date] 2 11];
:local lprefix ($hostname . "-sftpb-");
:if ($datelocal = true) do={
:set lprefix ($lprefix . $date . "-");
}
:local rprefix ($hostname . "-sftpb-" . $date . "-");
:if ($remotepath != "") do={
:set rprefix ($remotepath . "/" . $rprefix);
}
:set rprefix ("/" . $rprefix);
### Process local filename to create remote filename
### Return array for file array
## Strips path separator '/' from local file name and replaces with '_'
# 'lfile' (string) the local filename
# 'lpref' (string) the local prefix to strip from start of lfile (if present)
# 'rpref' (string) remote prefix to prepend to remote filename
# 'clear' (bool) whether to delete local file after uploading
:local dofnames do={
:local rfile "";
:local rfilef "";
# Strip Local Prefix if present
if ([:find $lfile $lpref -1] = 0) do={
:set rfile [:pick $lfile [:len $lpref] [:len $lfile]];
} else={
:set rfile $lfile;
}
# Convert / to _
:for i from=0 to=([:len $rfile] - 1) do={
:local char [:pick $rfile $i];
:if ($char = "/") do={
:set $char "_";
}
:set rfilef ($rfilef . $char);
}
# Prepend Remote Prefix
:set rfile ($rpref . $rfilef);
# Return array
:return {lfile=$lfile; rfile=$rfile; clear=$clear};
}
### Delete Local File(s)
# $lfile (string) local file to be deleted
:local dodelete do={
if ([:len [/file find where name="$lfile"]] > 0) do={
/file remove [find where name="$lfile"];
}
}
### Info Log Action
# $stage (string) selects action text
# $msg (string) additional message, usually the backup stage or filename
# $error (bool) (optional) creates error log instead of info if 'true'
:local dolog do={
:local msgarr { start="STARTING BACKUP"; \
clear="CLEARING PREVIOUS "; \
create="CREATING "; \
upload="UPLOADING "; \
delete="DELETING "; \
user="ADDING USER FILES"; \
finish="FINISHED BACKUP" }
if ($error = true) do={
:log error ("SFTP-BACKUP: ERROR " . $msg);
} else={
:log info ("SFTP-BACKUP: " . ($msgarr->"$stage") . $msg);
}
}
:local osver [:pick [/system resource get version] 0 1];
:local boardname [/system resource get board-name];
:local filesa [:toarray ""];
:local logstage "";
:local cfilename "";
:local lfilename "";
:local rfilename "";
### Starting the Backup
$dolog stage="start";
### Binary Backup
if ($dobinbackup = true) do={
:set cfilename ($lprefix . "backup");
:set lfilename ($cfilename . ".backup");
:set logstage "BINARY BACKUP";
$dolog stage="create" msg=$logstage;
if ($backupencrypt = false) do={
:do {
/system backup save name=$cfilename dont-encrypt=yes;
} on-error={$dolog stage="create" msg=$logstage error=true;}
} else={
:do {
/system backup save name=$cfilename password=$backuppassword;
} on-error={$dolog stage="create" msg=$logstage error=true;}
}
:set ($filesa->([:len $filesa])) \
[$dofnames lfile=$lfilename lpref=$lprefix rpref=$rprefix clear=$removelocal];
}
### Generic Export
if ($dogexport = true) do={
:set cfilename ($lprefix . "export");
:set lfilename ($cfilename . ".rsc");
:set logstage "GENERIC EXPORT";
if (($osver = "6" and $exportsensitive = true) or ($osver = "7" and $exportsensitive = false)) do={
$dolog stage="create" msg=$logstage;
:do {
/export compact file=$cfilename;
} on-error={$dolog stage="create" msg=$logstage error=true;}
} else={
if ($osver = "6") do={
$dolog stage="create" msg=($logstage . " (hide-sensitive)");
:do {
/export compact hide-sensitive file=$cfilename;
} on-error={$dolog stage="create" msg=$logstage error=true;}
} else={
$dolog stage="create" msg=($logstage . " (show-sensitive)");
:do {
/export compact show-sensitive file=$cfilename;
} on-error={$dolog stage="create" msg=$logstage error=true;}
}
}
:set ($filesa->([:len $filesa])) \
[$dofnames lfile=$lfilename lpref=$lprefix rpref=$rprefix clear=$removelocal];
}
### User Export
if ($douexport = true) do={
:set cfilename ($lprefix . "user");
:set lfilename ($cfilename . ".rsc");
:set logstage "USER EXPORT";
if (($osver = "6" and $exportsensitive = true) or ($osver = "7" and $exportsensitive = false)) do={
$dolog stage="create" msg=$logstage;
:do {
/user export compact file=$cfilename;
} on-error={$dolog stage="create" msg=$logstage error=true;}
} else={
if ($osver = "6") do={
$dolog stage="create" msg=($logstage . " (hide-sensitive)");
:do {
/user export compact hide-sensitive file=$cfilename;
} on-error={$dolog stage="create" msg=$logstage error=true;}
} else={
$dolog stage="create" msg=($logstage . " (show-sensitive)");
:do {
/user export compact show-sensitive file=$cfilename;
} on-error={$dolog stage="create" msg=$logstage error=true;}
}
}
:set ($filesa->([:len $filesa])) \
[$dofnames lfile=$lfilename lpref=$lprefix rpref=$rprefix clear=$removelocal];
}
### License Export
if ($dolicense = true and $boardname != "CHR") do={
:set logstage "LICENSE EXPORT";
:set lfilename ([/system license get software-id] . ".key");
:set rfilename ($rprefix . "license.key");
$dolog stage="create" msg=$logstage;
:do {
/system license output;
} on-error={$dolog stage="create" msg=$logstage error=true;}
:set ($filesa->([:len $filesa])) \
{lfile=$lfilename; rfile=$rfilename; clear=$removelocal};
}
### SSH Keys
if ($dosshkeys = true) do={
:set logstage "SSH KEY EXPORT";
:set cfilename ($lprefix . "host-key");
$dolog stage="create" msg=$logstage;
:do {
/ip ssh export-host-key key-file-prefix=$cfilename;
} on-error={$dolog stage="create" msg=$logstage error=true;}
:foreach lfile in=[/file find where name~"^$cfilename"] do={
:set ($filesa->([:len $filesa])) \
[$dofnames lfile=[/file get $lfile name] lpref=$lprefix rpref=$rprefix clear=$removelocal];
}
}
### Certificates
if ($docertificates = true) do={
:set logstage "USER-MANAGER BACKUP";
$dolog stage="create" msg=$logstage;
:foreach cert in=[/certificate find] do={
:local certname [/certificate get $cert name];
:local cfilename ($lprefix . "cert-" . $certname);
:do {
/certificate export-certificate $cert file-name=$cfilename \
type=pkcs12 export-passphrase=$certpassword;
} on-error={$dolog stage="create" msg=$logstage error=true;}
:set ($filesa->([:len $filesa])) \
[$dofnames lfile=($cfilename . ".p12") lpref=$lprefix rpref=$rprefix clear=$removelocal];
}
}
# User-Manager
if ($dousermanager = true) do={
:set cfilename ($lprefix . "user-manager");
:set lfilename ($cfilename . ".umb");
:set logstage "USER-MANAGER BACKUP";
$dolog stage="clear" msg=$logstage;
:do {
$dodelete lfile=$lfilename;
} on-error={$dolog stage="clear" msg=$logstage error=true;}
$dolog stage="create" msg=$logstage;
if ($osver = "6") do={
:do {
/tool user-manager database save name=$cfilename;
} on-error={$dolog stage="create" msg=$logstage error=true;}
}
if ($osver = "7") do={
:do {
/user-manager database save name=$cfilename;
} on-error={$dolog stage="create" msg=$logstage error=true;}
}
:set ($filesa->([:len $filesa])) \
[$dofnames lfile=$lfilename lpref=$lprefix rpref=$rprefix clear=$removelocal];
}
# The Dude
if ($dothedude = true) do={
:set lfilename ($lprefix . "the-dude.db");
:set logstage "THE DUDE BACKUP";
$dolog stage="clear" msg=$logstage;
:do {
$dodelete lfile=$lfilename;
} on-error={$dolog stage="clear" msg=$logstage error=true;}
$dolog stage="create" msg=$logstage;
:do {
/dude export-db backup-file=$lfilename;
} on-error={$dolog stage="create" msg=$logstage error=true;}
:set ($filesa->([:len $filesa])) \
[$dofnames lfile=$lfilename lpref=$lprefix rpref=$rprefix clear=$removelocal];
}
# User File List
if ([:len $userfilelist] > 0) do={
$dolog stage="user";
:foreach lfile in=[:toarray $userfilelist] do={
:set ($filesa->([:len $filesa])) \
[$dofnames lfile=$lfile lpref=$lprefix rpref=$rprefix clear=false];
}
}
# Process Files Array
:local lfile "";
:local rfile "";
:local clear true;
/delay 10s;
:foreach a in=$filesa do={
:set lfile ($a->"lfile");
:set rfile ($a->"rfile");
:set clear ($a->"clear");
if ([:len [/file find where name="$lfile"]] > 0) do={
$dolog stage="upload" msg=($lfile . " AS " . $rfile);
:do {
/tool fetch address=$remoteserver user=$username password=$password \
src-path=$lfile dst-path=$rfile mode=sftp upload=yes;
} on-error={$dolog stage="upload" msg=$rfile error=true;}
if ($clear = true) do={
$dolog stage="delete" msg=$lfile;
:do {
$dodelete lfile=$lfile;
} on-error={$dolog stage="delete" msg=$lfile error=true;}
}
}
}
### Finishing the Backup
$dolog stage="finish";
### vim:set filetype=routeros: