:local dnsName vpn.dom.ru
:local certName "$dnsName.cer"
:local certFullChain "$certName,1_.cer,0_.cer"
:local ipsecIdentityComment $dnsName
:local Comment letsencrypt
log info "[LE] enable www"
/ip/service/enable www
/ip/firewall/filter/enable [ find where comment="letsencrypt" ]
log info "[LE] updating cert for $dnsName"
/certificate enable-ssl-certificate dns-name=$dnsName
:log info "[LE] disable www"
/ip/service/disable www
/ip/firewall/filter/disable [ find where comment="letsencrypt" ]
:log info "[LE] rename cert to $certName "
/certificate/set numbers=[/certificate/find where common-name=$dnsName] name="$certName"
:log info "[LE] setup cert for sstp server"
/interface/sstp-server/server/set certificate="$certName"
:log info "[LE] setup cert for ipsec identity"
/ip/ipsec/identity/set numbers=[find where comment=$ipsecIdentityComment] certificate=$certFullChain
:local certName "$dnsName.cer"
:local certFullChain "$certName,1_.cer,0_.cer"
:local ipsecIdentityComment $dnsName
:local Comment letsencrypt
log info "[LE] enable www"
/ip/service/enable www
/ip/firewall/filter/enable [ find where comment="letsencrypt" ]
log info "[LE] updating cert for $dnsName"
/certificate enable-ssl-certificate dns-name=$dnsName
:log info "[LE] disable www"
/ip/service/disable www
/ip/firewall/filter/disable [ find where comment="letsencrypt" ]
:log info "[LE] rename cert to $certName "
/certificate/set numbers=[/certificate/find where common-name=$dnsName] name="$certName"
:log info "[LE] setup cert for sstp server"
/interface/sstp-server/server/set certificate="$certName"
:log info "[LE] setup cert for ipsec identity"
/ip/ipsec/identity/set numbers=[find where comment=$ipsecIdentityComment] certificate=$certFullChain
Ратнер Арсений, arsenyratner@gmail.com, 7 985 273 2090
Комментариев нет:
Отправить комментарий