RouterOS - make deploy more resilient
In the case where importing the cert and key removes the files from disk the existing deploy will fail when it tries to remove those files. This still attempts to remove the files but catches the error and moves on instead of bombing like before. Similarly, if the deploy had failed before, subsequent deploys would fail because the script already existed, so it would not be able to create the script. This first attempts to remove the script if it exists, and then creates the script.pull/5245/head
							parent
							
								
									0f61e9c15e
								
							
						
					
					
						commit
						e711d168df
					
				|  | @ -137,7 +137,8 @@ routeros_deploy() { | |||
|     return $_err_code | ||||
|   fi | ||||
| 
 | ||||
|   DEPLOY_SCRIPT_CMD="/system script add name=\"LECertDeploy-$_cdomain\" owner=$ROUTER_OS_USERNAME \ | ||||
|   DEPLOY_SCRIPT_CMD=":do {/system script remove \"LECertDeploy-$_cdomain\" } on-error={ }; \ | ||||
| /system script add name=\"LECertDeploy-$_cdomain\" owner=$ROUTER_OS_USERNAME \ | ||||
| comment=\"generated by routeros deploy script in acme.sh\" \ | ||||
| source=\"/certificate remove [ find name=$_cdomain.cer_0 ];\ | ||||
| \n/certificate remove [ find name=$_cdomain.cer_1 ];\ | ||||
|  | @ -146,8 +147,8 @@ source=\"/certificate remove [ find name=$_cdomain.cer_0 ];\ | |||
| \n/certificate import file-name=$_cdomain.cer passphrase=\\\"\\\";\ | ||||
| \n/certificate import file-name=$_cdomain.key passphrase=\\\"\\\";\ | ||||
| \ndelay 1;\ | ||||
| \n/file remove $_cdomain.cer;\ | ||||
| \n/file remove $_cdomain.key;\ | ||||
| \n:do {/file remove $_cdomain.cer; } on-error={ }\ | ||||
| \n:do {/file remove $_cdomain.key; } on-error={ }\ | ||||
| \ndelay 2;\ | ||||
| \n/ip service set www-ssl certificate=$_cdomain.cer_0;\ | ||||
| \n$ROUTER_OS_ADDITIONAL_SERVICES;\ | ||||
|  |  | |||
		Loading…
	
		Reference in New Issue
	
	 Nathan Johnson
						Nathan Johnson