Automating MikroTik RouterOS updates

Share your Config Push presets or discuss automation in general
Post Reply
User avatar
Tomas
Posts: 857
Joined: Sat Jun 25, 2016 12:33 pm

Thu May 03, 2018 1:13 am

We have a blog article on automating RouterOS upgrades:
https://unimus.net/blog/network-wide-mi ... grade.html

The article shows how to setup a local RouterOS Package Source "server".
Unimus is then used to push package source configuration to the network, and tell the MikroTiks to update.

We will be putting out more blogs around automation (and other things) in the near future, stay tuned!

Any feedback is most welcome :)
User avatar
lweidig
Posts: 27
Joined: Fri Jan 12, 2018 4:43 pm

Fri May 25, 2018 4:08 pm

We are working on the RouterBoard upgrade part that was left at the end and wonder if the following will work, not knowing how your syste, is processing the commands.

Code: Select all

/system routerboard
:if ([get current-firmware] = [get upgrade-firmware]) \
do={:put "Versions match, skipping"} \
else={upgrade; \
y\
:delay 10;\
/system reboot;\
y\
}
The trick here is of course getting the system to respond to the two prompts that the upgrade / reboot generate. Thanks!
User avatar
Tomas
Posts: 857
Joined: Sat Jun 25, 2016 12:33 pm

Fri May 25, 2018 9:05 pm

You don't need to use "\" after each line.

Basically, Unimus works the same way as you would in the CLI.
So whatever series of commands works for you manually, will work through Mass Config Push in Unimus as well.

For example:

Code: Select all

/system routerboard
:if ([get current-firmware] = [get upgrade-firmware]) do={
:put "Versions match, skipping"
} else={
upgrade
y
:delay 10
/system reboot
y
}
Should work just fine.
JAz
Posts: 43
Joined: Thu Apr 26, 2018 11:06 pm

Thu Aug 29, 2019 7:45 pm

Tried this:

Code: Select all

:if ( [/system routerboard get current-firmware] != [/system routerboard get upgrade-firmware]) do={ 
:set didAnUpdate411 true; 
/system routerboard upgrade
y
 }
Doesn't work. Hangs waiting for prompt
Clipboard01.jpg
Clipboard01.jpg (20.2 KiB) Viewed 5308 times
What am I missing?

(am on latest as of yesterday btw. 1.10.14?)
User avatar
Tomas
Posts: 857
Joined: Sat Jun 25, 2016 12:33 pm

Fri Jan 10, 2020 1:26 pm

JAz wrote:
Thu Aug 29, 2019 7:45 pm
Tried this:

Code: Select all

...
Doesn't work. Hangs waiting for prompt

What am I missing?

(am on latest as of yesterday btw. 1.10.14?)
I looked at this, it seems on SOME (but not all - it's inconsistent) version of RouterOS, the "y" needs to be outside of the script scope (outside the "{" "}" block).

Something like this should do the trick:

Code: Select all

/system routerboard
:if ([get current-firmware] = [get upgrade-firmware]) do={
:put "Versions match, skipping"
} else={
upgrade
:delay 10
/system reboot
}

y
y

efiniste
Posts: 4
Joined: Wed Jul 05, 2017 3:32 pm

Tue Feb 11, 2020 4:05 pm

How does RouterOS connect to the package source? Just wondering if this would work with an offsite package source and if so, what would need opening up on the firewall?
User avatar
Tomas
Posts: 857
Joined: Sat Jun 25, 2016 12:33 pm

Tue Feb 11, 2020 4:23 pm

efiniste wrote:
Tue Feb 11, 2020 4:05 pm
How does RouterOS connect to the package source? Just wondering if this would work with an offsite package source and if so, what would need opening up on the firewall?
It should use the Winbox port and the Winbox service itself.
So theoretically all that is needed is opening up the Winbox service.

SECURITY NOTE: please do not ever open Winbox to the world - use a VPN or an address-list for allowed incoming connection to the Winbox service.
JAz
Posts: 43
Joined: Thu Apr 26, 2018 11:06 pm

Tue Feb 11, 2020 7:34 pm

Tomas wrote:
Fri Jan 10, 2020 1:26 pm
JAz wrote:
Thu Aug 29, 2019 7:45 pm
Tried this:

Code: Select all

...
Doesn't work. Hangs waiting for prompt

What am I missing?

(am on latest as of yesterday btw. 1.10.14?)
I looked at this, it seems on SOME (but not all - it's inconsistent) version of RouterOS, the "y" needs to be outside of the script scope (outside the "{" "}" block).

Something like this should do the trick:

Code: Select all

/system routerboard
:if ([get current-firmware] = [get upgrade-firmware]) do={
:put "Versions match, skipping"
} else={
upgrade
:delay 10
/system reboot
}

y
y

Hey Tomas. Somehow I missed your reply. So should this mod now work for all MT routers or just those versions where it's an issue? ie. do I need to maintain two versions of upgrade script or will the above do it all.

Thx.
auwireless
Posts: 14
Joined: Wed Jan 31, 2018 10:45 pm

Sun May 24, 2020 10:41 pm

I am definitely messing this up... I'm trying to run:

Code: Select all

/system package update set channel=long-term
/system package update check-for-updates
/system package update install
This works when done from CLI but not when sent as a config push. I then tried adding a :delay10 between lines 2 and three to give the router time to find the new version. That failed.

I get this will install even if the current version is up to date. We only schedule this when we know we need to update routers (since they all get done at the same time).

What simple and obvious step and I missing??
auwireless
Posts: 14
Joined: Wed Jan 31, 2018 10:45 pm

Mon May 25, 2020 12:41 pm

Looks like the simple thing I did not do was have my Unimus user login to the router with "full" privilege. I had given that user "write" and that is not enough to upgrade firmware...
Post Reply