Add python routeros setup script

terraform-routeros · Dec 21, 2021 · 07fb19d · 07fb19d
1 parent 964f180
commit 07fb19d
Show file tree

Hide file tree

Showing 2 changed files with 34 additions and 6 deletions.
diff --git a/.github/scripts/setup_routeros.py b/.github/scripts/setup_routeros.py
@@ -0,0 +1,27 @@
+import routeros_api
+import os
+
+def main():
+    user = os.environ.get("ROS_USERNAME")
+    pswd = os.environ.get("ROS_PASSWORD")
+    ip_addr = os.environ.get("ROS_IP_ADDRESS")
+
+    connection = routeros_api.RouterOsApiPool(ip_addr, username=user, password=pswd, port=8728, plaintext_login=True)
+    api = connection.get_api()
+
+    certificate = api.get_resource("/certificate")
+    certificate.add(name="root-cert", common_name="MyRouter", days_valid="3650", key_usage="key-cert-sign,crl-sign")
+    certificate.add(name="https-cert", common_name="MyRouter", days_valid="3650")
+    certs = certificate.get()
+    root_cert_id = [x['id'] for x in certs if x['name'] == "root-cert"][0]
+    http_cert_id = [x['id'] for x in certs if x['name'] == "https-cert"][0]
+    api.get_binary_resource("/").call("certificate/sign", {"id": bytes(root_cert_id, "utf-8")})
+    api.get_binary_resource("/").call("certificate/sign", {"id": bytes(http_cert_id, "utf-8"), "ca": b"root-cert"})
+    ip_service = api.get_resource("/ip/service")
+    services = ip_service.get()
+    www_ssl_service_id = [x['id'] for x in services if x['name'] == 'www-ssl'][0]
+    ip_service.set(id=www_ssl_service_id, certificate="https-cert", disabled="false")
+
+
+if __name__ == "__main__":
+    main()
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -32,11 +32,12 @@ jobs:
 
       - name: Setup routeros
         run: |
-          sshpass -p "" ssh -vvv -o StrictHostKeyChecking=no admin@127.0.0.1 -p 2222 "/certificate add name=root-cert common-name=MyRouter days-valid=3650 key-usage=key-cert-sign,crl-sign"
-          sshpass -p "" ssh -o StrictHostKeyChecking=no admin@127.0.0.1 -p 2222 /certificate sign root-cert
-          sshpass -p "" ssh -o StrictHostKeyChecking=no admin@127.0.0.1 -p 2222 /certificate add name=https-cert common-name=MyRouter days-valid=3650
-          sshpass -p "" ssh -o StrictHostKeyChecking=no admin@127.0.0.1 -p 2222 /certificate sign ca=root-cert https-cert
-          sshpass -p "" ssh -o StrictHostKeyChecking=no admin@127.0.0.1 -p 2222 /ip service set www-ssl certificate=https-cert disabled=no
+          sudo pip3 install routeros_api
+          python3 .github/scripts/setup_routeros.py
+        env:
+          ROS_USERNAME: admin
+          ROS_PASSWORD: ''
+          ROS_IP_ADDRESS: 127.0.0.1
 
       - name: Check out code into the Go module directory
         uses: actions/checkout@v2.3.4
@@ -73,7 +74,7 @@ jobs:
         image: gnewbury/routeros:${{ matrix.routeros_version }}
         ports:
           - 443:443
-          - 2222:22
+          - 8728:8728
         volumes:
           - /dev/net/tun:/dev/net/tun
         options: >-