Community discussions

MikroTik App
 
Harrybg
just joined
Topic Author
Posts: 1
Joined: Tue Jul 06, 2021 9:14 am

Automatic backup for 100 MKT

Tue Jul 06, 2021 3:00 pm

Hi! I need a script for automated downloading of backup files on about 100 MikroTik routers. I have made a script to create backup file and I want to download it via centos7. Did you have any ideas how to do it?
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11967
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: Automatic backup for 100 MKT

Wed Jul 21, 2021 8:32 pm

Better put one scheduled script on each routerboard than send you every night at random time the email with EXPORT, not backup, or upload the export on one ftp.
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 3279
Joined: Sat Dec 24, 2016 11:17 am
Location: Magrathean

Re: Automatic backup for 100 MKT

Wed Jul 21, 2021 9:22 pm

Email to an google account works fine. I do send both Export and backup file just to have both.
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11967
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: Automatic backup for 100 MKT

Wed Jul 21, 2021 9:33 pm

Must clearly specified:

backup = ...backup! but for a) same device, b) same software version and c) same packages active,
export certificates, ssh host key, login users internal database, but not the dude database,
export partially the user-manager (do not exports assigned profiles and other user-manager related thigs) and do not export the other files

a) different devices can cause loss of configuration on interface because MAC addresses do not correspond, and the "import" do not translate or adapt the change.
b) different software version have often differents commands, values and sections
c) obviously, if for example IPv6 is used on old and is disabled on new, IPv6 configuration is lost

export = ...intelligent backup! but is little more difficult to restore the devices, a) must be "resetted" without default values (literally blank),
the old config is b) everytime readable do not export certificates, ssh host key, login users internal database, the dude database,
export partially the user-manager (do not exports assigned profiles and other user-manager related thigs), and do not export the other files.
But appropriate "export" or "save" can be made for save also the other things on red, except for the internal users passwords

a) the device must be blank, or any already present settings can interfere with import.
b) as text file, can be imported section-by-section, for find eventual differencies from original device and new (like less ethernet ports) or from different software version.
The config of not present packets or not present/changed interfaces is still readable.

This is how really made backup of all things on routerboard:
viewtopic.php?f=1&t=175360&p=858564#p858564

/certificate
:foreach cert in=[find] do={
 :local certname [get $cert name]
 export-certificate $cert file-name=("auto_$certname") type=pkcs12 export-passphrase=$certpass
}
# this create some files called auto_$certname.p12 for each certificate

/ip ssh export-host-key key-file-prefix=auto_host-key
# this create the files auto_host-key_dsa, auto_host-key_dsa.pub, auto_host-key_rsa, auto_host-key_rsa.pub to import back the host-key

/export file="auto_export"
# this create... auto_export.rsc

/user export file="auto_user_export"
# this create the export for internal user database auto_export.rsc but do not exports passwords!!!

/system backup save name="auto_backup" dont-encrypt=yes
# this create ... auto_backup.backup

/file remove [find where name="auto_user-manager.umb"]
/tool user-manager database save name="auto_user-manager"
# This create the User-Manager database backup auto_user-manager.umb but the already existant file must be deleted first

file remove [find where name="auto_thedude.db"]
/dude export-db backup-file="auto_thedude.db"
# This create the The Dude database backup auto_thedude.db but the already existant file must be deleted first


# And for all other files inside
/file
:foreach file in=[find where type!=disk && type!=directory && !(name~"dude/files/default") && !(name~"^auto_") && !(name~"dude.db\$") \
   && !(name~"db-...\$") && !(name~"user-manager")] do={
# place at this point a ricorsive /tool fetch upload than send the $file on ftp
}
Last edited by rextended on Wed Jul 21, 2021 9:57 pm, edited 6 times in total.
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 3279
Joined: Sat Dec 24, 2016 11:17 am
Location: Magrathean

Re: Automatic backup for 100 MKT

Wed Jul 21, 2021 11:15 pm

you can try my script
Just a quick note to your script. You should not use old and obsoleted back-tics.

Wrong:
datum=`date "+%Y-%m-%d"`
Correct
datum=$(date "+%Y-%m-%d")
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11967
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: Automatic backup for 100 MKT

Thu Jul 22, 2021 12:45 am

Last update: 5 years ago, really recent...
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 3279
Joined: Sat Dec 24, 2016 11:17 am
Location: Magrathean

Re: Automatic backup for 100 MKT

Thu Jul 22, 2021 10:47 am

# this create some files called auto_$certname.p12 for each certificate
Would be nice if all certificate could go to one file. If you have many routers and a handfull of certificate on all of them, it would be a large list of files.
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11967
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: Automatic backup for 100 MKT

Thu Jul 22, 2021 10:53 am

Actually this option on export do not exist :((
Is better if RouterOS permit to export internal users.db and cert.db for perfect backup and export to other devices...

Also why not include the internal user export when /export are done instead to
do /user export, not all users know this...
 
dmitris
Member Candidate
Member Candidate
Posts: 127
Joined: Mon Oct 09, 2017 1:08 pm

Re: Automatic backup for 100 MKT

Thu Jul 22, 2021 7:05 pm

Personally i'm using two approaches, one is Oxidize which is pulling config to git over ssh and second is script on mikrotik itself, which is sending config to ftp.

P.S
How to push configs to backup server only if configuration was changed, any ideas?
Last edited by dmitris on Thu Jul 22, 2021 7:13 pm, edited 1 time in total.
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11967
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: Automatic backup for 100 MKT

Thu Jul 22, 2021 7:11 pm

Is not possible directly,
send the previous and the actual backup and the export to a server,
inside the server with some script compare both old and new export,
if export are different, except first line containig time and date, send the backup

Why export and not directly the backup?
Because two consecutive backups can be different, for example just for dhcp server "store lease on disk".

Who is online

Users browsing this forum: drpioneer, ko00000000001 and 24 guests