From 1b115cc864868bbae2d4690c9ee1a1d6867f05a3 Mon Sep 17 00:00:00 2001
From: Giorgio Ravera <giorgio.ravera@gmail.com>
Date: Thu, 28 Dec 2023 14:00:26 +0100
Subject: [PATCH] Updated script for updating certificates on fritz7590 and
 fritz7530ax

---
 update_certificate       | 85 +++++++++++++++++++++++++---------------
 update_certificate_fritz | 30 +++++++++-----
 2 files changed, 73 insertions(+), 42 deletions(-)

diff --git a/update_certificate b/update_certificate
index f488337..f7394be 100755
--- a/update_certificate
+++ b/update_certificate
@@ -50,7 +50,7 @@ function update_certificate () {
 		ssh $USER@$HOST "cat $DST_TMP_FULLCHAIN > $DST_TMP_SERVER"
 		ssh $USER@$HOST "cat $DST_TMP_KEY >> $DST_TMP_SERVER"
 		ssh $USER@$HOST $COMMAND
-		ssh $USER@$HOST rm $DST_TMP_CERT $DST_TMP_KEY $DST_TMP_CHAIN $DST_TMP_FULLCHAIN $DST_TMP_SERVER 
+		ssh $USER@$HOST rm $DST_TMP_CERT $DST_TMP_KEY $DST_TMP_CHAIN $DST_TMP_FULLCHAIN $DST_TMP_SERVER
 	else
 		echo "Host $HOST not alive, skipped"
 	fi
@@ -58,9 +58,9 @@ function update_certificate () {
 
 # Update Server
 function update_server() {
-	echo " ------------------------------- "
-	echo "| Updating Server Certificate   |"
-	echo " ------------------------------- "
+	echo " ------------------------------------ "
+	echo "| Updating Server Certificate        |"
+	echo " ------------------------------------ "
 	HOST="server.giorgioravera.it"
 	USER="root"
 	COMMAND="systemctl restart apache2 postfix dovecot proftpd && systemctl restart slapd"
@@ -70,9 +70,9 @@ function update_server() {
 
 # Update Docker
 function update_docker () {
-	echo " ------------------------------- "
-	echo "| Updating Docker Certificate   |"
-	echo " ------------------------------- "
+	echo " ------------------------------------ "
+	echo "| Updating Docker Certificate        |"
+	echo " ------------------------------------ "
 	HOST="docker.giorgioravera.it"
 	USER="root"
 	COMMAND="docker container restart traefik mosquitto zigbee2mqtt"
@@ -82,9 +82,9 @@ function update_docker () {
 
 # Update Asterisk
 function update_asterisk () {
-	echo " ------------------------------- "
-	echo "| Updating Asterisk Certificate |"
-	echo " ------------------------------- "
+	echo " ------------------------------------ "
+	echo "| Updating Asterisk Certificate      |"
+	echo " ------------------------------------ "
 	HOST="asterisk.giorgioravera.it"
 	USER="root"
 	COMMAND="cat $DST_TMP_FULLCHAIN > /etc/asterisk/keys/Asterisk.crt &&
@@ -101,9 +101,9 @@ function update_asterisk () {
 
 # Update NAS
 function update_nas () {
-	echo " ------------------------------- "
-	echo "| Updating NAS Certificate      |"
-	echo " ------------------------------- "
+	echo " ------------------------------------ "
+	echo "| Updating NAS Certificate           |"
+    echo " ------------------------------------ "
 	HOST="nas.giorgioravera.it"
 	USER="admin"
 	COMMAND="cat $DST_TMP_SERVER > /etc/stunnel/stunnel.pem &&
@@ -116,9 +116,9 @@ function update_nas () {
 
 # Update Firewall
 function update_firewall () {
-	echo " ------------------------------- "
-	echo "| Updating Firewall Certificate |"
-	echo " ------------------------------- "
+	echo " ------------------------------------ "
+	echo "| Updating Firewall Certificate      |"
+	echo " ------------------------------------ "
 	HOST="firewall.giorgioravera.it"
 	USER="admin"
 	ALIVE=$(ping -c 1 $HOST |grep ttl)
@@ -130,16 +130,32 @@ function update_firewall () {
 	echo ""
 }
 
-# Update Fritz
-function update_fritz () {
-	echo " ------------------------------- "
-	echo "| Updating Fritz Certificate    |"
-	echo " ------------------------------- "
+# Update Fritz 7590
+function update_fritz7590 () {
+	echo " ------------------------------------ "
+	echo "| Updating Fritz 7590 Certificate    |"
+	echo " ------------------------------------ "
 	HOST="fritz.giorgioravera.it"
-	USER="admin"
+	USER="fritz5570"
 	ALIVE=$(ping -c 1 $HOST |grep ttl)
 	if [ ! -z "$ALIVE" ]; then
-		update_certificate_fritz
+		update_certificate_fritz $HOST $USER $SRC_FULLCHAIN $SRC_KEY
+	else
+		echo "Host $HOST not alive, skipped"
+	fi
+	echo ""
+}
+
+# Update Fritz 530 AX
+function update_fritz7530ax () {
+	echo " ------------------------------------ "
+	echo "| Updating Fritz 7530 AX Certificate |"
+	echo " ------------------------------------ "
+	HOST="ap1.giorgioravera.it"
+	USER="fritz5655"
+	ALIVE=$(ping -c 1 $HOST |grep ttl)
+	if [ ! -z "$ALIVE" ]; then
+		update_certificate_fritz $HOST $USER $SRC_FULLCHAIN $SRC_KEY
 	else
 		echo "Host $HOST not alive, skipped"
 	fi
@@ -148,9 +164,9 @@ function update_fritz () {
 
 # Update Xenserver
 function update_xenserver () {
-	echo " ------------------------------- "
-	echo "| Updating Xenserver Certificate |"
-	echo " ------------------------------- "
+	echo " ------------------------------------ "
+	echo "| Updating Xenserver Certificate     |"
+	echo " ------------------------------------ "
 	HOST="xenserver.giorgioravera.it"
 	USER="root"
 	COMMAND="cat $DST_TMP_SERVER > /etc/xensource/xapi-ssl.pem &&
@@ -161,9 +177,9 @@ function update_xenserver () {
 
 # Update PVE
 function update_pve () {
-	echo " ------------------------------- "
-	echo "| Updating Proxmox Certificate  |"
-	echo " ------------------------------- "
+	echo " ------------------------------------ "
+	echo "| Updating Proxmox Certificate       |"
+	echo " ------------------------------------ "
 	HOST="pve.giorgioravera.it"
 	USER="root"
 	COMMAND="cat $DST_TMP_FULLCHAIN > /etc/pve/local/pveproxy-ssl.pem &&
@@ -182,7 +198,8 @@ function update_all ()
 	update_asterisk
 	update_nas
 	update_firewall
-	update_fritz
+	update_fritz7590
+	update_fritz7530ax
 	#update_xenserver
 	update_pve
 }
@@ -218,8 +235,12 @@ function parse_options ()
 				update_firewall
 				shift
 				;;
-			fritz )
-				update_fritz
+			fritz7590 )
+				update_fritz7590
+				shift
+				;;
+			fritz7530ax )
+				update_fritz7530ax
 				shift
 				;;
 			xenserver )
diff --git a/update_certificate_fritz b/update_certificate_fritz
index adb7181..4f71d6d 100755
--- a/update_certificate_fritz
+++ b/update_certificate_fritz
@@ -1,13 +1,23 @@
 #!/bin/bash
 
 # Parameters
-HOST='fritz.giorgioravera.it'
-USERNAME="fritz5570"
 PASSWORD=""
-CERT_PATH="/etc/letsencrypt/live/server.giorgioravera.it"
-CERT="fullchain.pem"
-#CERT_PASSWORD=""
-KEY="privkey.pem"
+
+# check inputs:
+if [ $# -eq 0 ]; then
+    echo "Wrong parameters. Please use:"
+    echo "- host"
+    echo "- username"
+    echo "- certificate"
+    echo "- key"
+    exit
+fi
+
+# save inputs
+HOST=$1
+USERNAME=$2
+CERT=$3
+KEY=$4
 
 # make and secure a temporary file
 TMP="$(mktemp -t XXXXXX)"
@@ -27,13 +37,13 @@ printf "Content-Disposition: form-data; name=\"sid\"\r\n\r\n$SID\r\n" >> $TMP
 printf -- "--$BOUNDARY\r\n" >> $TMP
 printf "Content-Disposition: form-data; name=\"BoxCertImportFile\"; filename=\"BoxCert.pem\"\r\n" >> $TMP
 printf "Content-Type: application/octet-stream\r\n\r\n" >> $TMP
-cat $CERT_PATH/$KEY >> $TMP
-cat $CERT_PATH/$CERT >> $TMP
+cat $KEY >> $TMP
+cat $CERT >> $TMP
 printf "\r\n" >> $TMP
 printf -- "--$BOUNDARY--" >> $TMP
 
 # upload the certificate to the box
 wget -q -O - $HOST/cgi-bin/firmwarecfg --header="Content-type: multipart/form-data boundary=$BOUNDARY" --post-file $TMP | grep SSL
 
-# remove temporary file
-rm $TMP
+# clean up
+rm -f $TMP
-- 
2.47.3