You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

80 lines
2.3 KiB

  1. #!/bin/bash
  2. ################################################################
  3. ###
  4. ### A script to deploy Let's Encrypt certificate
  5. ### on Edgemax routers.
  6. ###
  7. ################################################################
  8. #This file name is "edgemax.sh"
  9. #So, here must be a method edgemax_deploy()
  10. #Which will be called by acme.sh to deploy the cert
  11. #returns 0 means success, otherwise error.
  12. ######## Public functions #####################
  13. atexit() {
  14. #closes CLI session
  15. cli-shell-api teardownSession
  16. _debug EXITCODE: "$1"
  17. return "$1"
  18. }
  19. #domain keyfile certfile cafile fullchain
  20. edgemax_deploy() {
  21. _cdomain="$1"
  22. _ckey="$2"
  23. _ccert="$3"
  24. _cca="$4"
  25. _cfullchain="$5"
  26. ### 'lighttpd_pem' - certificate file configured for your Edgemax GUI
  27. lighttpd_pem=/config/auth/le-cert.pem
  28. _info "$(__green "EdgeMax Certificate Path: $lighttpd_pem")"
  29. _debug _cdomain "$_cdomain"
  30. _debug _ckey "$_ckey"
  31. _debug _ccert "$_ccert"
  32. _debug _cca "$_cca"
  33. _debug _cfullchain "$_cfullchain"
  34. _info "Generating PEM file for lighttpd"
  35. sudo sh -c "cat ${_ccert} ${_ckey} > ${lighttpd_pem}"
  36. _info "$(__green "Checking EdgeMax Config for SSL Settings: $lighttpd_pem")"
  37. vals=$(cli-shell-api returnEffectiveValue service gui cert-file)
  38. certfile=$vals
  39. if [ "$lighttpd_pem" != "$certfile" ]; then
  40. _debug "Current Edgemax Certfile" "$certfile"
  41. _info "Certfile is not set to $lighttpd_pem"
  42. vyatta_sbindir="/opt/vyatta/sbin" #overwritten by eval command but needed to pass github checks.
  43. # Obtain session environment
  44. session_env=$(cli-shell-api getSessionEnv $PPID)
  45. eval "$session_env"
  46. # Setup the session
  47. cli-shell-api setupSession
  48. # Verify Session Started
  49. cli-shell-api inSession
  50. if [ $? -ne 0 ]; then
  51. _err "Something went wrong starting CLI Session!"
  52. atexit 1
  53. fi
  54. SET=${vyatta_sbindir}/my_set
  55. COMMIT=${vyatta_sbindir}/my_commit
  56. SAVE=${vyatta_sbindir}/vyatta-save-config.pl
  57. _info "Setting Certificate parameter."
  58. $SET service gui cert-file /config/auth/le-cert.pem
  59. $COMMIT
  60. $SAVE
  61. else
  62. _info "EdgeMax cert-file already set to $lighttpd_pem"
  63. fi
  64. _info Restarting lighttpd
  65. sudo kill -SIGTERM "$(cat /var/run/lighttpd.pid)"
  66. sudo /usr/sbin/lighttpd -f /etc/lighttpd/lighttpd.conf
  67. atexit 0
  68. }