search

sysadmin-info / NUT

Repository contains the NUT configuration and tells how to install Docker, Docker Compose and run the Home Assistant as a Docker container. Additionally I present how to turn off the Mikrotik router from the Raspberry Pi if the battery level state is low.
1 stars 0 forks source link

Mikrotik shutdown #1

Open patan32 opened 8 months ago

patan32 commented 8 months ago

Hello,

Thanks for the information and setup guide you provided. I was able to do this little easier way.

I created the bash file called "mikrotik.sh" with the contents below. 

#!/bin/bash
echo "Shutting down Mikrotik Firewall"
ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o CheckHostIP=no -p 22 -i /etc/nut/id_rsa ups@x.x.x.x "/system shutdown; /y; /quit;"
exit 0
fi

In the upssched.conf file i added the below. Change the 3 to what ever you like for your shutdown parameter. 

CMDSCRIPT /etc/nut/upssched-cmd
PIPEFN /etc/nut/upssched.pipe
LOCKFN /etc/nut/upssched.lock

AT ONLINE * EXECUTE online
AT ONBATT * START-TIMER onbatt 30
AT ONLINE * CANCEL-TIMER onbatt online
AT ONBATT * START-TIMER mikrotik 3
AT ONLINE * CANCEL-TIMER mikrotik online
AT ONBATT * START-TIMER earlyshutdown 60
AT ONLINE * CANCEL-TIMER earlyshutdown
AT LOWBATT * START-TIMER shutdowncritical 300
AT ONLINE * CANCEL-TIMER shutdowncritical
AT LOWBATT * EXECUTE onbatt
AT COMMBAD * START-TIMER commbad 30
AT COMMOK * CANCEL-TIMER commbad commok
AT NOCOMM * EXECUTE commbad
AT REPLBATT * EXECUTE replacebatt
AT SHUTDOWN * EXECUTE powerdown

This is the contents of my upssched-cmd file.

#!/bin/sh
#
# This script should be called by upssched via the CMDSCRIPT directive.
#
# This script may be replaced with another program without harm.
#
# The first argument passed to your CMDSCRIPT is the name of the timer
# from your AT lines.
#
# N.B. The $NOTIFYTYPE can be misleading so best to stick to AT event names

 case $1 in
       onbatt)
          logger -t upssched-cmd "UPS running on battery"
          ;;
       mikrotik)
          logger -t upssched-cmd "Shutting down Mikrotik"
          bash /etc/nut/mikrotik.sh
          ;;
       online)
          logger -t upssched-cmd "The UPS is back on power"
          ;;
       commbad)
       logger -t upssched-cmd "The server lost communication with UPS"
          ;;
       commok)
          logger -t upssched-cmd "The server re-establish communication with UPS"
          ;;
       earlyshutdown)
          logger -t upssched-cmd "UPS on battery too long, early shutdown"
          /usr/sbin/upsmon -c fsd
          ;;
       shutdowncritical)
          logger -t upssched-cmd "UPS on battery critical, forced shutdown"
          /usr/sbin/upsmon -c fsd
          ;;
       upsgone)
          logger -t upssched-cmd "UPS has been gone too long, can't reach"
          ;;
       replacebatt)
          logger -t upssched-cmd "The UPS needs new battery"
          ;;
       *)
          logger -t upssched-cmd "Unrecognized command: $1"
          ;;
 esac

Once the online power drops i get this message in the syslog. My Mikrotik shuts down and after 120 seconds shuts the load off. It will take 180 seconds for the load to turn on after inline power returns.

Nov 21 09:40:51 NZ-WAG-PI3 upsmon[3823]: UPS blazer@localhost on battery
Nov 21 09:40:51 NZ-WAG-PI3 upssched[3832]: Timer daemon started
Nov 21 09:40:52 NZ-WAG-PI3 upssched[3832]: New timer: onbatt (30 seconds)
Nov 21 09:40:52 NZ-WAG-PI3 upssched[3832]: New timer: mikrotik (3 seconds)
Nov 21 09:40:52 NZ-WAG-PI3 upssched[3832]: New timer: earlyshutdown (60 seconds)
Nov 21 09:40:55 NZ-WAG-PI3 upssched[3832]: Event: mikrotik 
Nov 21 09:40:55 NZ-WAG-PI3 upssched-cmd: Shutting down Mikrotik
Nov 21 09:40:55 NZ-WAG-PI3 upssched[3832]: exec_cmd(/etc/nut/upssched-cmd mikrotik) returned 255
Nov 21 09:41:01 NZ-WAG-PI3 upsmon[3823]: UPS blazer@localhost on line power
Nov 21 09:41:01 NZ-WAG-PI3 upssched[3844]: Executing command: online
Nov 21 09:41:01 NZ-WAG-PI3 upssched-cmd: The UPS is back on power
Nov 21 09:41:01 NZ-WAG-PI3 upssched[3832]: Cancelling timer: onbatt
Nov 21 09:41:01 NZ-WAG-PI3 upssched[3832]: Cancel mikrotik, event: online
Nov 21 09:41:01 NZ-WAG-PI3 upssched-cmd: The UPS is back on power
Nov 21 09:41:01 NZ-WAG-PI3 upssched[3832]: Cancelling timer: earlyshutdown
Nov 21 09:41:11 NZ-WAG-PI3 upssched[3832]: Timer queue empty, exiting

I hope it helps someone else.

sysadmin-info commented 8 months ago

Hi, Thanks for sharing. Indeed, in Linux you can achieve the goal using different approach. This way it will also work. The only one thing I do not recommend on production and if you take care about the security in your environment: -o StrictHostKeyChecking=no -o CheckHostIP=no Why? Well because this way you will not avoid middle in the man attack. You can read about this here: https://sysadmin.info.pl/en/blog/known-hosts-file/ and also I am talking about this here: https://sysadmin.info.pl/en/blog/ansible-ssh-prompt-known_hosts-issue-explained-and-solved/

patan32 commented 8 months ago

Hi, Thanks for sharing. Indeed, in Linux you can achieve the goal using different approach. This way it will also work. The only one thing I do not recommend on production and if you take care about the security in your environment: -o StrictHostKeyChecking=no -o CheckHostIP=no Why? Well because this way you will not avoid middle in the man attack. You can read about this here: https://sysadmin.info.pl/en/blog/known-hosts-file/ and also I am talking about this here: https://sysadmin.info.pl/en/blog/ansible-ssh-prompt-known_hosts-issue-explained-and-solved/

Yes, i was thinking about it. What i have done, i create a management VLAN that this PC and only monitoring UPS are connected. I have dedicated a single port for that VLAN only. Nothing is allowed from any other VLANS so i am secure this way. I need to be on the same network to do anything. This is home environment but set up like enterprise. I am hoping that Mikrotik will put a nutclient package soon.