73 lines
2.0 KiB
Bash
73 lines
2.0 KiB
Bash
#!/bin/bash
|
|
|
|
RELOAD_NGINX=0
|
|
|
|
## Variables
|
|
CSI="\033["
|
|
CEND="${CSI}0m"
|
|
CRED="${CSI}1;31m"
|
|
CGREEN="${CSI}1;32m"
|
|
CYELLOW="${CSI}1;33m"
|
|
CBLUE="${CSI}1;34m"
|
|
|
|
|
|
## Functions
|
|
f_log() {
|
|
LOG_TYPE=$1
|
|
LOG_MESSAGE=$2
|
|
|
|
case "${LOG_TYPE}" in
|
|
"INF")
|
|
echo -e "${CBLUE}[NOTICE] $(date +%Y/%m/%d-%H:%M:%S) ${LOG_MESSAGE}${CEND}"
|
|
;;
|
|
"SUC")
|
|
echo -e "${CGREEN}[SUCCESS] $(date +%Y/%m/%d-%H:%M:%S) ${LOG_MESSAGE}${CEND}"
|
|
;;
|
|
"WRN")
|
|
echo -e "${CYELLOW}[WARNING] $(date +%Y/%m/%d-%H:%M:%S) ${LOG_MESSAGE}${CEND}"
|
|
;;
|
|
"ERR")
|
|
echo -e "${CRED}[ERROR] $(date +%Y/%m/%d-%H:%M:%S) ${LOG_MESSAGE}${CEND}"
|
|
;;
|
|
esac
|
|
}
|
|
|
|
f_check_certs() {
|
|
LIST_DOMAINS=$(ls /etc/nginx/ssl/certificates | grep .crt | grep -v issuer | sed 's|.crt||g')
|
|
|
|
for domain in ${LIST_DOMAINS}; do
|
|
CERTFILE=/etc/nginx/ssl/certificates/${domain}.crt
|
|
KEYFILE=/etc/nginx/ssl/certificates/${domain}.key
|
|
|
|
SSL_ALGO="$(openssl x509 -text -in ${CERTFILE} | grep "Public Key Algorithm" | awk '{print $4}')"
|
|
SSL_SIZE="$(openssl x509 -text -in ${CERTFILE} | grep "Public-Key" | sed 's/^.*(\(.*\) bit)$/\1/')"
|
|
|
|
if [ "${SSL_ALGO}" == "rsaEncryption" ]; then
|
|
SSL_TYPE="rsa${SSL_SIZE}"
|
|
elif [ "${SSL_ALGO}" == "id-ecPublicKey" ]; then
|
|
SSL_TYPE="ec${SSL_SIZE}"
|
|
fi
|
|
|
|
openssl x509 -checkend 864000 -noout -in "${CERTFILE}"
|
|
if [ $? == 0 ]; then
|
|
f_log INF "Certificate for ${domain} is good for another 10 days!"
|
|
else
|
|
f_log INF "Generate New Certificate for ${domain}"
|
|
lego -a -m ssl@dryusdan.fr -d ${domain} --path /etc/nginx/ssl --webroot /var/www/letsencrypt/ -k ${SSL_TYPE} renew
|
|
if [ -e ${CERTFILE} ]; then
|
|
RELOAD_NGINX=1
|
|
f_log INF "New Certificate for ${domain} generated"
|
|
else
|
|
f_log ERR "New Certificate for ${domain} not generated"
|
|
fi
|
|
fi
|
|
done
|
|
}
|
|
|
|
f_check_certs
|
|
|
|
if [ ${RELOAD_NGINX} -eq 1 ]; then
|
|
nginx -s reload
|
|
fi
|
|
|