Crontab script for updating let's encrypt certificate on Mikrotik/RouterOS

update-ros-cert.sh

#!/usr/bin/env bash

shopt -s expand_aliases
source "../.acme.sh/acme.sh.env"

#alias
# Based on

# Set up acme first;
# 1:
#  $ curl https://get.acme.sh | sh
# 2:
#  $ acme.sh --issue --webroot /var/www/html -d wifi.example.org
# 3:Follow instructions from (2)
# 4:Copy ssh key to router

set -e
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
DOMAIN=wifi.example.org
CERT=$DOMAIN.cer
KEY=$DOMAIN.key
GW=192.168.0.1

acme.sh --renew -d $DOMAIN
acme.sh --installcert -d $DOMAIN  --capath $DIR/$CERT  --certpath $DIR/$CERT   --keypath $DIR/$KEY

cd $DIR


if [ -f $CERT ]; then
        echo -n "Uploading to router..."
        scp -q $CERT admin@$GW:$CERT
        scp -q $KEY admin@$GW:$KEY
        #rm $CERT $KEY
        echo "done!"
#        exit 0
fi



ssh admin@$GW  <<HERE

:put "Removing old certificates!" ;
/certificate remove "$CERT_0" ;
/certificate remove "$CERT_1" ;
:delay 1 ;
:put "Importing certs" ;

/certificate import passphrase="" file-name=$CERT ;
/certificate import passphrase="" file-name=$KEY ;
:delay 1 ;
:put "Removing uploaded temp files!" ;

/file remove $CERT ;
/file remove $KEY ;
:delay 2

:put "Activating new certs"

/ip hotspot profile set example-hotspot-profile ssl-certificate=$CERT_0 ;
/ip service set www-ssl certificate=$CERT_0 ;

:put "New certificate installed!" ;

HERE