Dryusdan
/
scripts-vrac
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
scripts-vrac/check_certs.sh

74 lines
2.1 KiB
Bash
Executable File
Raw Permalink Blame History

#!/bin/bash
RELOAD_NGINX=0
## Variables
CSI="\033["
CEND="${CSI}0m"
CRED="${CSI}1;31m"
CGREEN="${CSI}1;32m"
CYELLOW="${CSI}1;33m"
CBLUE="${CSI}1;34m"
## Functions
f_log() {
LOG_TYPE=$1
LOG_MESSAGE=$2
case "${LOG_TYPE}" in
"INF")
echo -e "${CBLUE}[NOTICE] $(date +%Y/%m/%d-%H:%M:%S) ${LOG_MESSAGE}${CEND}"
;;
"SUC")
echo -e "${CGREEN}[SUCCESS] $(date +%Y/%m/%d-%H:%M:%S) ${LOG_MESSAGE}${CEND}"
;;
"WRN")
echo -e "${CYELLOW}[WARNING] $(date +%Y/%m/%d-%H:%M:%S) ${LOG_MESSAGE}${CEND}"
;;
"ERR")
echo -e "${CRED}[ERROR] $(date +%Y/%m/%d-%H:%M:%S) ${LOG_MESSAGE}${CEND}"
;;
esac
}
f_check_certs() {
LIST_DOMAINS=$(ls /etc/nginx/ssl/certificates | grep .crt | grep -v issuer | sed 's|.crt||g')
for domain in ${LIST_DOMAINS}; do
CERTFILE=/etc/nginx/ssl/certificates/${domain}.crt
KEYFILE=/etc/nginx/ssl/certificates/${domain}.key
SSL_ALGO="$(openssl x509 -text -in ${CERTFILE} | grep "Public Key Algorithm" | awk '{print $4}')"
SSL_SIZE="$(openssl x509 -text -in ${CERTFILE} | grep "Public-Key" | sed 's/^.*(\(.*\) bit)$/\1/')"
if [ "${SSL_ALGO}" == "rsaEncryption" ]; then
SSL_TYPE="rsa${SSL_SIZE}"
elif [ "${SSL_ALGO}" == "id-ecPublicKey" ]; then
SSL_TYPE="ec${SSL_SIZE}"
fi
openssl x509 -checkend 864000 -noout -in "${CERTFILE}"
if [ $? == 0 ]; then
f_log INF "Certificate for ${domain} is good for another 10 days!"
else
f_log INF "Generate New Certificate for ${domain}"
lego -a -m ssl@dryusdan.fr -d ${domain} --path /etc//nginx/ssl --webroot /var/www/letsencrypt/${domain} -k ${SSL_TYPE} run
if [ -e ${CERTFILE} ]; then
RELOAD_NGINX=1
f_log INF "New Certificate for ${domain} generated"
else
f_log ERR "New Certificate for ${domain} not generated"
fi
fi
done
}
f_check_certs
cp -R /etc/nginx/ssl/certificates/xmpp.dryusdan.fr.* /etc/prosody/certs/
systemctl restart prosody.service
if [ ${RELOAD_NGINX} -eq 1 ]; then
nginx -s reload
fi
Reference in New Issue View Git Blame Copy Permalink