Page 1 of 3

Automating MikroTik RouterOS updates

Posted: Thu May 03, 2018 1:13 am
by Tomas
We have a blog article on automating RouterOS upgrades:
https://unimus.net/blog/network-wide-mi ... grade.html

The article shows how to setup a local RouterOS Package Source "server".
Unimus is then used to push package source configuration to the network, and tell the MikroTiks to update.

We will be putting out more blogs around automation (and other things) in the near future, stay tuned!

Any feedback is most welcome :)

Re: Automating MikroTik RouterOS updates

Posted: Fri May 25, 2018 4:08 pm
by lweidig
We are working on the RouterBoard upgrade part that was left at the end and wonder if the following will work, not knowing how your syste, is processing the commands.

Code: Select all

/system routerboard
:if ([get current-firmware] = [get upgrade-firmware]) \
do={:put "Versions match, skipping"} \
else={upgrade; \
y\
:delay 10;\
/system reboot;\
y\
}
The trick here is of course getting the system to respond to the two prompts that the upgrade / reboot generate. Thanks!

Re: Automating MikroTik RouterOS updates

Posted: Fri May 25, 2018 9:05 pm
by Tomas
You don't need to use "\" after each line.

Basically, Unimus works the same way as you would in the CLI.
So whatever series of commands works for you manually, will work through Mass Config Push in Unimus as well.

For example:

Code: Select all

/system routerboard
:if ([get current-firmware] = [get upgrade-firmware]) do={
:put "Versions match, skipping"
} else={
upgrade
y
:delay 10
/system reboot
y
}
Should work just fine.

Re: Automating MikroTik RouterOS updates

Posted: Thu Aug 29, 2019 7:45 pm
by JAz
Tried this:

Code: Select all

:if ( [/system routerboard get current-firmware] != [/system routerboard get upgrade-firmware]) do={ 
:set didAnUpdate411 true; 
/system routerboard upgrade
y
 }
Doesn't work. Hangs waiting for prompt
Clipboard01.jpg
Clipboard01.jpg (20.2 KiB) Viewed 25698 times
What am I missing?

(am on latest as of yesterday btw. 1.10.14?)

Re: Automating MikroTik RouterOS updates

Posted: Fri Jan 10, 2020 1:26 pm
by Tomas
JAz wrote:
Thu Aug 29, 2019 7:45 pm
Tried this:

Code: Select all

...
Doesn't work. Hangs waiting for prompt

What am I missing?

(am on latest as of yesterday btw. 1.10.14?)
I looked at this, it seems on SOME (but not all - it's inconsistent) version of RouterOS, the "y" needs to be outside of the script scope (outside the "{" "}" block).

Something like this should do the trick:

Code: Select all

/system routerboard
:if ([get current-firmware] = [get upgrade-firmware]) do={
:put "Versions match, skipping"
} else={
upgrade
:delay 10
/system reboot
}

y
y


Re: Automating MikroTik RouterOS updates

Posted: Tue Feb 11, 2020 4:05 pm
by efiniste
How does RouterOS connect to the package source? Just wondering if this would work with an offsite package source and if so, what would need opening up on the firewall?

Re: Automating MikroTik RouterOS updates

Posted: Tue Feb 11, 2020 4:23 pm
by Tomas
efiniste wrote:
Tue Feb 11, 2020 4:05 pm
How does RouterOS connect to the package source? Just wondering if this would work with an offsite package source and if so, what would need opening up on the firewall?
It should use the Winbox port and the Winbox service itself.
So theoretically all that is needed is opening up the Winbox service.

SECURITY NOTE: please do not ever open Winbox to the world - use a VPN or an address-list for allowed incoming connection to the Winbox service.

Re: Automating MikroTik RouterOS updates

Posted: Tue Feb 11, 2020 7:34 pm
by JAz
Tomas wrote:
Fri Jan 10, 2020 1:26 pm
JAz wrote:
Thu Aug 29, 2019 7:45 pm
Tried this:

Code: Select all

...
Doesn't work. Hangs waiting for prompt

What am I missing?

(am on latest as of yesterday btw. 1.10.14?)
I looked at this, it seems on SOME (but not all - it's inconsistent) version of RouterOS, the "y" needs to be outside of the script scope (outside the "{" "}" block).

Something like this should do the trick:

Code: Select all

/system routerboard
:if ([get current-firmware] = [get upgrade-firmware]) do={
:put "Versions match, skipping"
} else={
upgrade
:delay 10
/system reboot
}

y
y

Hey Tomas. Somehow I missed your reply. So should this mod now work for all MT routers or just those versions where it's an issue? ie. do I need to maintain two versions of upgrade script or will the above do it all.

Thx.

Re: Automating MikroTik RouterOS updates

Posted: Sun May 24, 2020 10:41 pm
by auwireless
I am definitely messing this up... I'm trying to run:

Code: Select all

/system package update set channel=long-term
/system package update check-for-updates
/system package update install
This works when done from CLI but not when sent as a config push. I then tried adding a :delay10 between lines 2 and three to give the router time to find the new version. That failed.

I get this will install even if the current version is up to date. We only schedule this when we know we need to update routers (since they all get done at the same time).

What simple and obvious step and I missing??

Re: Automating MikroTik RouterOS updates

Posted: Mon May 25, 2020 12:41 pm
by auwireless
Looks like the simple thing I did not do was have my Unimus user login to the router with "full" privilege. I had given that user "write" and that is not enough to upgrade firmware...