API tools faq
paste
Guest User

Untitled

a guest
Aug 24th, 2020
77
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 3.05 KB | None | 0 0
raw download clone embed print report
  1. #!/bin/bash
  2. CONFIG_FILE=/opt/letsencrypt-routeros/letsencrypt-routeros.settings
  3.  
  4. if [[ -z $1 ]] || [[ -z $2 ]] || [[ -z $3 ]] || [[ -z $4 ]] || [[ -z $5 ]]; then
  5.         echo -e "Usage: $0 or $0 [RouterOS User] [RouterOS Host] [SSH Port] [SSH Private Key] [Domain]\n"
  6.         source $CONFIG_FILE
  7. else
  8.         ROUTEROS_USER=$1
  9.         ROUTEROS_HOST=$2
  10.         ROUTEROS_SSH_PORT=$3
  11.         ROUTEROS_PRIVATE_KEY=$4
  12.         DOMAIN=$5
  13. fi
  14.  
  15. if [[ -z $ROUTEROS_USER ]] || [[ -z $ROUTEROS_HOST ]] || [[ -z $ROUTEROS_SSH_PORT ]] || [[ -z $ROUTEROS_PRIVATE_KEY ]] || [[ -z $DOMAIN ]]; then
  16.         echo "Check the config file $CONFIG_FILE or start with params: $0 [RouterOS User] [RouterOS Host] [SSH Port] [SSH Private Key] [Domain]"
  17.         echo "Please avoid spaces"
  18.         exit 1
  19. fi
  20.  
  21. CERTIFICATE=/etc/letsencrypt/live/$DOMAIN/cert.pem
  22. KEY=/etc/letsencrypt/live/$DOMAIN/privkey.pem
  23.  
  24. #Create alias for RouterOS command
  25. routeros="ssh -i $ROUTEROS_PRIVATE_KEY $ROUTEROS_USER@$ROUTEROS_HOST -p $ROUTEROS_SSH_PORT"
  26.  
  27. #Check connection to RouterOS
  28. $routeros /system resource print
  29. RESULT=$?
  30.  
  31. if [[ ! $RESULT == 0 ]]; then
  32.         echo -e "\nError in: $routeros"
  33.         echo "More info: https://wiki.mikrotik.com/wiki/Use_SSH_to_execute_commands_(DSA_key_login)"
  34.         exit 1
  35. else
  36.         echo -e "\nConnection to RouterOS Successful!\n"
  37. fi
  38.  
  39. if [ ! -f $CERTIFICATE ] && [ ! -f $KEY ]; then
  40.         echo -e "\nFile(s) not found:\n$CERTIFICATE\n$KEY\n"
  41.         echo -e "Please use CertBot Let'sEncrypt:"
  42.         echo "============================"
  43.         echo "certbot certonly --preferred-challenges=dns --manual -d $DOMAIN --manual-public-ip-logging-ok"
  44.         echo "or (for wildcard certificate):"
  45.         echo "certbot certonly --preferred-challenges=dns --manual -d *.$DOMAIN --manual-public-ip-logging-ok --server https://acme-v02.api.letsencrypt.org/directory"
  46.         echo "==========================="
  47.         echo -e "and follow instructions from CertBot\n"
  48.         exit 1
  49. fi
  50.  
  51. # Remove previous certificate
  52. $routeros /certificate remove [find name=$DOMAIN.pem_0]
  53.  
  54. # Create Certificate
  55. # Delete Certificate file if the file exist on RouterOS
  56. $routeros /file remove $DOMAIN.pem > /dev/null
  57. # Upload Certificate to RouterOS
  58. scp -q -P $ROUTEROS_SSH_PORT -i "$ROUTEROS_PRIVATE_KEY" "$CERTIFICATE" "$ROUTEROS_USER"@"$ROUTEROS_HOST":"$DOMAIN.pem"
  59. sleep 2
  60. # Import Certificate file
  61. $routeros /certificate import file-name=$DOMAIN.pem passphrase=\"\"
  62. # Delete Certificate file after import
  63. $routeros /file remove $DOMAIN.pem
  64.  
  65. # Create Key
  66. # Delete Certificate file if the file exist on RouterOS
  67. $routeros /file remove $KEY.key > /dev/null
  68. # Upload Key to RouterOS
  69. scp -q -P $ROUTEROS_SSH_PORT -i "$ROUTEROS_PRIVATE_KEY" "$KEY" "$ROUTEROS_USER"@"$ROUTEROS_HOST":"$DOMAIN.key"
  70. sleep 2
  71. # Import Key file
  72. $routeros /certificate import file-name=$DOMAIN.key passphrase=\"\"
  73. # Delete Certificate file after import
  74. $routeros /file remove $DOMAIN.key
  75.  
  76. # Setup Certificate to SSTP Server
  77. $routeros /interface sstp-server server set certificate=$DOMAIN.pem_0
  78.  
  79. exit 0
  80.  
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!