There are webAPIs for checking and triggering firmware updates. But this would require going through the upgrade process one router at a time (serially).
In my case, I run an out-of-the-box-setup script to initialize the admin password (see below), and then enroll the routers into GoodCloud management. Business users can request a “business” level GoodCloud account, which can perform firmware upgrades and apply configuration templates in bulk/parallel.
#!/bin/sh
# router by IP (default)
ROUTER='192.168.8.1'
# router by FQDN (undocumented?)
ROUTER='console.gl-inet.com'
BASE_URL="http://${ROUTER}/cgi-bin/api"
PASSWORD='SecretPassword'
# rudimentary JSON parser helper functions
if which jsonfilter > /dev/null ; then
# when running on GL.inet routers, use built-in jsonfilter
get_json_bool() { jsonfilter -s "$1" -e "@.$2"; }
get_json_str() { jsonfilter -s "$1" -e "@.$2"; }
else
# when running on Linux/macOS, use bash regex as a polyfill
get_json_bool() { expr "$1" : '.*"'$2'":\([^",}]*\).*'; }
get_json_str() { expr "$1" : '.*"'$2'":"\([^",}]*\)".*'; }
fi
## get router API authorization
echo "## GET authorization token"
json=$( curl -s "${BASE_URL}/router/hello" )
if [ $( get_json_bool "$json" 'configured' ) = 'false' ]; then
json=$( curl -s "${BASE_URL}/router/initpwd" -d "newpwd=$PASSWORD" )
else
json=$( curl -s "${BASE_URL}/router/login" -d "pwd=$PASSWORD" )
fi
auth=$( get_json_str "$json" 'token' )
if [ -z $auth ]; then
echo "[ERROR] Router login failed (token missing from response)"
echo $"$json\n"
exit 1
fi
auth="Authorization:$auth"
## perform other provisioning steps/APIs here
# example POST call using the auth token
json=$( curl -sH $auth "${BASE_URL}/router/logout" -d '' )