You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

62 lines
1.4 KiB

6 years ago
  1. #!/usr/bin/env sh
  2. #Here is a script to deploy cert to routeros router.
  3. #returns 0 means success, otherwise error.
  4. ######## Public functions #####################
  5. #domain keyfile certfile cafile fullchain
  6. routeros_deploy() {
  7. _cdomain="$1"
  8. _ckey="$2"
  9. _ccert="$3"
  10. _cca="$4"
  11. _cfullchain="$5"
  12. _debug _cdomain "$_cdomain"
  13. _debug _ckey "$_ckey"
  14. _debug _ccert "$_ccert"
  15. _debug _cca "$_cca"
  16. _debug _cfullchain "$_cfullchain"
  17. if [ -z "$ROUTER_OS_HOST" ]; then
  18. _debug "Using _cdomain as ROUTER_OS_HOST, please set if not correct."
  19. ROUTER_OS_HOST="$_cdomain"
  20. fi
  21. if [ -z "$ROUTER_OS_USERNAME" ]; then
  22. _err "Need to set the env variable ROUTER_OS_USERNAME"
  23. return 1
  24. fi
  25. _info "Trying to push key '$_ckey' to router"
  26. scp "$_ckey" "$ROUTER_OS_USERNAME@$ROUTER_OS_HOST:$_cdomain.key"
  27. _info "Trying to push cert '$_cfullchain' to router"
  28. scp "$_cfullchain" "$ROUTER_OS_USERNAME@$ROUTER_OS_HOST:$_cdomain.cer"
  29. # shellcheck disable=SC2029
  30. ssh "$ROUTER_OS_USERNAME@$ROUTER_OS_HOST" bash -c "'
  31. /certificate remove $_cdomain.cer_0
  32. /certificate remove $_cdomain.cer_1
  33. delay 1
  34. /certificate import file-name=$_cdomain.cer passphrase=\"\"
  35. /certificate import file-name=$_cdomain.key passphrase=\"\"
  36. delay 1
  37. /file remove $_cdomain.cer
  38. /file remove $_cdomain.key
  39. delay 2
  40. /ip service set www-ssl certificate=$_cdomain.cer_0
  41. '"
  42. return 0
  43. }