You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

80 lines
2.1 KiB

  1. #!/bin/bash
  2. ################################################################
  3. ###
  4. ### A script to deploy Let's Encrypt certificate
  5. ### on Edgemax routers.
  6. ###
  7. ################################################################
  8. #This file name is "edgemax.sh"
  9. #So, here must be a method edgemax_deploy()
  10. #Which will be called by acme.sh to deploy the cert
  11. #returns 0 means success, otherwise error.
  12. ######## Public functions #####################
  13. function atexit() {
  14. #closes CLI session
  15. cli-shell-api teardownSession
  16. _debug EXITCODE: $1
  17. return $1
  18. }
  19. #domain keyfile certfile cafile fullchain
  20. edgemax_deploy() {
  21. _cdomain="$1"
  22. _ckey="$2"
  23. _ccert="$3"
  24. _cca="$4"
  25. _cfullchain="$5"
  26. ### 'lighttpd_pem' - certificate file configured for your Edgemax GUI
  27. lighttpd_pem=/config/auth/le-cert.pem
  28. _info "$(__green "EdgeMax Certificate Path: $lighttpd_pem")"
  29. _debug _cdomain "$_cdomain"
  30. _debug _ckey "$_ckey"
  31. _debug _ccert "$_ccert"
  32. _debug _cca "$_cca"
  33. _debug _cfullchain "$_cfullchain"
  34. _info "Generating PEM file for lighttpd"
  35. sudo sh -c "cat ${_ccert} ${_ckey} > ${lighttpd_pem}"
  36. _info "$(__green "Checking EdgeMax Config for SSL Settings: $lighttpd_pem")"
  37. vals=$( cli-shell-api returnEffectiveValue service gui cert-file)
  38. certfile=$vals
  39. if [ "$lighttpd_pem" != "$certfile" ]; then
  40. _debug "Current Edgemax Certfile" "$certfile"
  41. _info "Certfile is not set to $lighttpd_pem"
  42. # Obtain session environment
  43. session_env=$(cli-shell-api getSessionEnv $PPID)
  44. # Setup the session
  45. cli-shell-api setupSession
  46. # Verify Session Started
  47. cli-shell-api inSession
  48. if [ $? -ne 0 ]; then
  49. _err "Something went wrong starting CLI Session!"
  50. atexit 1
  51. fi
  52. SET=${vyatta_sbindir}/my_set
  53. COMMIT=${vyatta_sbindir}/my_commit
  54. SAVE=${vyatta_sbindir}/vyatta-save-config.pl
  55. _info "Setting Certificate parameter."
  56. $SET service gui cert-file /config/auth/le-cert.pem
  57. $COMMIT
  58. $SAVE
  59. else
  60. _info "EdgeMax cert-file already set to $lighttpd_pem"
  61. fi
  62. _info Restarting lighttpd
  63. sudo kill -SIGTERM $(cat /var/run/lighttpd.pid)
  64. sudo /usr/sbin/lighttpd -f /etc/lighttpd/lighttpd.conf
  65. atexit 0
  66. }