Skip to content

Commit 3d3053f

Browse files
spin-acompanyspin-acompany
committed
feat: Add custom filename for panos
1 parent 90e6c9b commit 3d3053f

File tree

1 file changed

+20
-4
lines changed

1 file changed

+20
-4
lines changed

deploy/panos.sh

Lines changed: 20 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,7 @@
1616
# export PANOS_TEMPLATE="" # Template Name of panorama managed devices
1717
# export PANOS_TEMPLATE_STACK="" # set a Template Stack if certificate should also be pushed automatically
1818
# export PANOS_VSYS="Shared" # name of the vsys to import the certificate
19+
# export PANOS_FILENAME="" # use a custom filename to work around Panorama's 31-character limit
1920
#
2021
# The script will automatically generate a new API key if
2122
# no key is found, or if a saved key has expired or is invalid.
@@ -89,7 +90,7 @@ deployer() {
8990
if [ "$type" = 'cert' ]; then
9091
panos_url="${panos_url}?type=import"
9192
content="--$delim${nl}Content-Disposition: form-data; name=\"category\"\r\n\r\ncertificate"
92-
content="$content${nl}--$delim${nl}Content-Disposition: form-data; name=\"certificate-name\"\r\n\r\n$_cdomain"
93+
content="$content${nl}--$delim${nl}Content-Disposition: form-data; name=\"certificate-name\"\r\n\r\n$_panos_filename"
9394
content="$content${nl}--$delim${nl}Content-Disposition: form-data; name=\"key\"\r\n\r\n$_panos_key"
9495
content="$content${nl}--$delim${nl}Content-Disposition: form-data; name=\"format\"\r\n\r\npem"
9596
content="$content${nl}--$delim${nl}Content-Disposition: form-data; name=\"file\"; filename=\"$(basename "$_cfullchain")\"${nl}Content-Type: application/octet-stream${nl}${nl}$(cat "$_cfullchain")"
@@ -103,11 +104,11 @@ deployer() {
103104
if [ "$type" = 'key' ]; then
104105
panos_url="${panos_url}?type=import"
105106
content="--$delim${nl}Content-Disposition: form-data; name=\"category\"\r\n\r\nprivate-key"
106-
content="$content${nl}--$delim${nl}Content-Disposition: form-data; name=\"certificate-name\"\r\n\r\n$_cdomain"
107+
content="$content${nl}--$delim${nl}Content-Disposition: form-data; name=\"certificate-name\"\r\n\r\n$_panos_filename"
107108
content="$content${nl}--$delim${nl}Content-Disposition: form-data; name=\"key\"\r\n\r\n$_panos_key"
108109
content="$content${nl}--$delim${nl}Content-Disposition: form-data; name=\"format\"\r\n\r\npem"
109110
content="$content${nl}--$delim${nl}Content-Disposition: form-data; name=\"passphrase\"\r\n\r\n123456"
110-
content="$content${nl}--$delim${nl}Content-Disposition: form-data; name=\"file\"; filename=\"$(basename "$_cdomain.key")\"${nl}Content-Type: application/octet-stream${nl}${nl}$(cat "$_ckey")"
111+
content="$content${nl}--$delim${nl}Content-Disposition: form-data; name=\"file\"; filename=\"$(basename "$_panos_filename.key")\"${nl}Content-Type: application/octet-stream${nl}${nl}$(cat "$_ckey")"
111112
if [ "$_panos_template" ]; then
112113
content="$content${nl}--$delim${nl}Content-Disposition: form-data; name=\"target-tpl\"\r\n\r\n$_panos_template"
113114
fi
@@ -168,7 +169,6 @@ deployer() {
168169

169170
# This is the main function that will call the other functions to deploy everything.
170171
panos_deploy() {
171-
_cdomain=$(echo "$1" | sed 's/*/WILDCARD_/g') #Wildcard Safe Filename
172172
_ckey="$2"
173173
_cfullchain="$5"
174174

@@ -242,13 +242,23 @@ panos_deploy() {
242242
_getdeployconf PANOS_VSYS
243243
fi
244244

245+
# PANOS_FILENAME
246+
if [ "$PANOS_FILENAME" ]; then
247+
_debug "Detected ENV variable PANOS_FILENAME. Saving to file."
248+
_savedeployconf PANOS_FILENAME "$PANOS_FILENAME" 1
249+
else
250+
_debug "Attempting to load variable PANOS_FILENAME from file."
251+
_getdeployconf PANOS_FILENAME
252+
fi
253+
245254
#Store variables
246255
_panos_host=$PANOS_HOST
247256
_panos_user=$PANOS_USER
248257
_panos_pass=$PANOS_PASS
249258
_panos_template=$PANOS_TEMPLATE
250259
_panos_template_stack=$PANOS_TEMPLATE_STACK
251260
_panos_vsys=$PANOS_VSYS
261+
_panos_filename=$PANOS_FILENAME
252262

253263
#Test API Key if found. If the key is invalid, the variable _panos_key will be unset.
254264
if [ "$_panos_host" ] && [ "$_panos_key" ]; then
@@ -267,6 +277,12 @@ panos_deploy() {
267277
_err "No password found. If this is your first time deploying, please set PANOS_PASS in ENV variables. You can delete it after you have successfully deployed the certs."
268278
return 1
269279
else
280+
# Use filename based on the first domain on the certificate if no custom filename is set
281+
if [ -z "$_panos_filename" ]; then
282+
_panos_filename=$(echo "$1" | sed 's/*/WILDCARD_/g') #Wildcard Safe Filename
283+
_savedeployconf PANOS_FILENAME "$_panos_filename" 1
284+
fi
285+
270286
# Generate a new API key if no valid API key is found
271287
if [ -z "$_panos_key" ]; then
272288
_debug "**** Generating new PANOS API KEY ****"

0 commit comments

Comments
 (0)