37 lines
1.3 KiB
Django/Jinja
37 lines
1.3 KiB
Django/Jinja
#!/usr/bin/env sh
|
|
|
|
# Based on https://gist.github.com/danie1k/c3d866eb6eed93bbc16b0628639efefe
|
|
|
|
HOSTNAME="gateway.rostvik.site"
|
|
CERT_ID="2"
|
|
USERNAME="root"
|
|
PASSWORD="{{ secret_rox_pass }}"
|
|
|
|
echo "Downloading certificate id=${CERT_ID} from ${HOSTNAME} into cert.pem file..."
|
|
|
|
# Open login screen
|
|
curl --cookie /tmp/opnsense_cookies.txt --cookie-jar /tmp/opnsense_cookies.txt \
|
|
https://$HOSTNAME/system_certmanager.php \
|
|
| grep hidden | sed -E 's/.*name="([^"\]+)" value="([^"]+)".*/\1=\2/' > /tmp/opnsense_csrf.txt
|
|
|
|
POST_DATA="usernamefld=${USERNAME}&passwordfld=${PASSWORD}&login=1&$(cat /tmp/opnsense_csrf.txt)"
|
|
|
|
# Perform login
|
|
curl --cookie /tmp/opnsense_cookies.txt --cookie-jar /tmp/opnsense_cookies.txt \
|
|
https://$HOSTNAME/system_certmanager.php \
|
|
-X POST --data "${POST_DATA}" > /dev/null
|
|
|
|
# Export user key
|
|
curl --cookie /tmp/opnsense_cookies.txt --cookie-jar /tmp/opnsense_cookies.txt \
|
|
"https://$HOSTNAME/system_certmanager.php?act=key&id=$CERT_ID" > /etc/pve/local/pve-ssl.key
|
|
|
|
# Export user cert
|
|
curl --cookie /tmp/opnsense_cookies.txt --cookie-jar /tmp/opnsense_cookies.txt \
|
|
"https://$HOSTNAME/system_certmanager.php?act=exp&id=$CERT_ID" > /etc/pve/local/pve-ssl.pem
|
|
|
|
rm -f /tmp/opnsense_csrf.txt /tmp/opnsense_cookies.txt
|
|
|
|
# Restart pveproxy
|
|
systemctl restart pveproxy.service
|
|
|
|
echo "Done." |