You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

70 lines
1.6 KiB

  1. #!/usr/bin/env bash
  2. #Here is a script to deploy cert to routeros router.
  3. #returns 0 means success, otherwise error.
  4. ######## Public functions #####################
  5. #domain keyfile certfile cafile fullchain
  6. routeros_deploy() {
  7. _cdomain="$1"
  8. _ckey="$2"
  9. _ccert="$3"
  10. _cca="$4"
  11. _cfullchain="$5"
  12. _debug _cdomain "$_cdomain"
  13. _debug _ckey "$_ckey"
  14. _debug _ccert "$_ccert"
  15. _debug _cca "$_cca"
  16. _debug _cfullchain "$_cfullchain"
  17. if [ -z "$ROUTER_OS_HOST" ]; then
  18. _debug "Using _cdomain as ROUTER_OS_HOST, please set if not correct."
  19. ROUTER_OS_HOST = "$_cdomain"
  20. fi
  21. if [ -z "$ROUTER_OS_USERNAME" ]; then
  22. _err "Need to set the env variable ROUTER_OS_USERNAME"
  23. return 1
  24. fi
  25. _info "Trying to push key '$_ckey' to router"
  26. scp "$_ckey" "$ROUTER_OS_USERNAME@$ROUTER_OS_HOST:$_cdomain.key"
  27. _info "Trying to push cert '$_ccert' to router"
  28. scp "$_ccert" "$ROUTER_OS_USERNAME@$ROUTER_OS_HOST:$_cdomain.cer"
  29. _info "Trying to push ca cert '$_cca' to router"
  30. scp "$_cca" "$ROUTER_OS_USERNAME@$ROUTER_OS_HOST:$_cdomain.ca"
  31. # shellcheck disable=SC2029
  32. ssh "$ROUTER_OS_USERNAME@$ROUTER_OS_HOST" bash -c "'
  33. /certificate remove $_cdomain.cer_0
  34. /certificate remove $_cdomain.cer_1
  35. /certificate remove $_cdomain.ca_0
  36. delay 1
  37. /certificate import file-name=$_cdomain.cer passphrase=\"\"
  38. /certificate import file-name=$_cdomain.key passphrase=\"\"
  39. /certificate import file-name=$_cdomain.ca passphrase=\"\"
  40. delay 1
  41. /file remove $_cdomain.cer
  42. /file remove $_cdomain.key
  43. /file remove $_cdomain.ca
  44. delay 2
  45. /ip service set www-ssl certificate=$_cdomain.cer_0
  46. '"
  47. return 0
  48. }