|
@ -23,6 +23,7 @@ |
|
|
# ```sh |
|
|
# ```sh |
|
|
# export ROUTER_OS_USERNAME=certuser |
|
|
# export ROUTER_OS_USERNAME=certuser |
|
|
# export ROUTER_OS_HOST=router.example.com |
|
|
# export ROUTER_OS_HOST=router.example.com |
|
|
|
|
|
# export ROUTER_OS_PORT=22 |
|
|
# |
|
|
# |
|
|
# acme.sh --deploy -d ftp.example.com --deploy-hook routeros |
|
|
# acme.sh --deploy -d ftp.example.com --deploy-hook routeros |
|
|
# ``` |
|
|
# ``` |
|
@ -80,6 +81,13 @@ routeros_deploy() { |
|
|
return 1 |
|
|
return 1 |
|
|
fi |
|
|
fi |
|
|
|
|
|
|
|
|
|
|
|
_getdeployconf ROUTER_OS_PORT |
|
|
|
|
|
|
|
|
|
|
|
if [ -z "$ROUTER_OS_PORT" ]; then |
|
|
|
|
|
_debug "Using default port 22 as ROUTER_OS_PORT, please set if not correct." |
|
|
|
|
|
ROUTER_OS_PORT=22 |
|
|
|
|
|
fi |
|
|
|
|
|
|
|
|
_getdeployconf ROUTER_OS_ADDITIONAL_SERVICES |
|
|
_getdeployconf ROUTER_OS_ADDITIONAL_SERVICES |
|
|
|
|
|
|
|
|
if [ -z "$ROUTER_OS_ADDITIONAL_SERVICES" ]; then |
|
|
if [ -z "$ROUTER_OS_ADDITIONAL_SERVICES" ]; then |
|
@ -89,12 +97,13 @@ routeros_deploy() { |
|
|
|
|
|
|
|
|
_savedeployconf ROUTER_OS_HOST "$ROUTER_OS_HOST" |
|
|
_savedeployconf ROUTER_OS_HOST "$ROUTER_OS_HOST" |
|
|
_savedeployconf ROUTER_OS_USERNAME "$ROUTER_OS_USERNAME" |
|
|
_savedeployconf ROUTER_OS_USERNAME "$ROUTER_OS_USERNAME" |
|
|
|
|
|
_savedeployconf ROUTER_OS_PORT "$ROUTER_OS_PORT" |
|
|
_savedeployconf ROUTER_OS_ADDITIONAL_SERVICES "$ROUTER_OS_ADDITIONAL_SERVICES" |
|
|
_savedeployconf ROUTER_OS_ADDITIONAL_SERVICES "$ROUTER_OS_ADDITIONAL_SERVICES" |
|
|
|
|
|
|
|
|
_info "Trying to push key '$_ckey' to router" |
|
|
_info "Trying to push key '$_ckey' to router" |
|
|
scp "$_ckey" "$ROUTER_OS_USERNAME@$ROUTER_OS_HOST:$_cdomain.key" |
|
|
|
|
|
|
|
|
scp -P "$ROUTER_OS_PORT" "$_ckey" "$ROUTER_OS_USERNAME@$ROUTER_OS_HOST:$_cdomain.key" |
|
|
_info "Trying to push cert '$_cfullchain' to router" |
|
|
_info "Trying to push cert '$_cfullchain' to router" |
|
|
scp "$_cfullchain" "$ROUTER_OS_USERNAME@$ROUTER_OS_HOST:$_cdomain.cer" |
|
|
|
|
|
|
|
|
scp -P "$ROUTER_OS_PORT" "$_cfullchain" "$ROUTER_OS_USERNAME@$ROUTER_OS_HOST:$_cdomain.cer" |
|
|
DEPLOY_SCRIPT_CMD="/system script add name=\"LE Cert Deploy - $_cdomain\" owner=admin policy=ftp,read,write,password,sensitive \ |
|
|
DEPLOY_SCRIPT_CMD="/system script add name=\"LE Cert Deploy - $_cdomain\" owner=admin policy=ftp,read,write,password,sensitive \ |
|
|
source=\"## generated by routeros deploy script in acme.sh;\ |
|
|
source=\"## generated by routeros deploy script in acme.sh;\ |
|
|
\n/certificate remove [ find name=$_cdomain.cer_0 ];\ |
|
|
\n/certificate remove [ find name=$_cdomain.cer_0 ];\ |
|
@ -111,11 +120,11 @@ source=\"## generated by routeros deploy script in acme.sh;\ |
|
|
\n\" |
|
|
\n\" |
|
|
" |
|
|
" |
|
|
# shellcheck disable=SC2029 |
|
|
# shellcheck disable=SC2029 |
|
|
ssh "$ROUTER_OS_USERNAME@$ROUTER_OS_HOST" "$DEPLOY_SCRIPT_CMD" |
|
|
|
|
|
|
|
|
ssh -p "$ROUTER_OS_PORT" "$ROUTER_OS_USERNAME@$ROUTER_OS_HOST" "$DEPLOY_SCRIPT_CMD" |
|
|
# shellcheck disable=SC2029 |
|
|
# shellcheck disable=SC2029 |
|
|
ssh "$ROUTER_OS_USERNAME@$ROUTER_OS_HOST" "/system script run \"LE Cert Deploy - $_cdomain\"" |
|
|
|
|
|
|
|
|
ssh -p "$ROUTER_OS_PORT" "$ROUTER_OS_USERNAME@$ROUTER_OS_HOST" "/system script run \"LE Cert Deploy - $_cdomain\"" |
|
|
# shellcheck disable=SC2029 |
|
|
# shellcheck disable=SC2029 |
|
|
ssh "$ROUTER_OS_USERNAME@$ROUTER_OS_HOST" "/system script remove \"LE Cert Deploy - $_cdomain\"" |
|
|
|
|
|
|
|
|
ssh -p "$ROUTER_OS_PORT" "$ROUTER_OS_USERNAME@$ROUTER_OS_HOST" "/system script remove \"LE Cert Deploy - $_cdomain\"" |
|
|
|
|
|
|
|
|
return 0 |
|
|
return 0 |
|
|
} |
|
|
} |