diff --git a/check-lets-encrypt-certs.sh b/check-lets-encrypt-certs.sh new file mode 100755 index 0000000..2953625 --- /dev/null +++ b/check-lets-encrypt-certs.sh @@ -0,0 +1,121 @@ +#!/usr//bin/env bash + +script_name="$(basename $(realpath $0))" +working_dir="$(dirname $(realpath $0))" + +conf_file="${working_dir}/conf/${script_name%%.*}.conf" + +LOCK_DIR="/tmp/$(basename $0).$$.LOCK" +log_file="${LOCK_DIR}/${script_name%%.*}.log" + +backup_date="$(date +%Y-%m-%d-%H%M)" +declare -a CERTS_NEED_RENEWAL_ARR=() + +# ---------- +# Base Function(s) +# ---------- + +clean_up() { + + # Perform program exit housekeeping + rm -rf "$LOCK_DIR" + blank_line + exit $1 +} + +echononl(){ + echo X\\c > /tmp/shprompt$$ + if [ `wc -c /tmp/shprompt$$ | awk '{print $1}'` -eq 1 ]; then + echo -e -n " $*\\c" 1>&2 + else + echo -e -n " $*" 1>&2 + fi + rm /tmp/shprompt$$ +} +echo_done() { + echo -e "\033[53G [ \033[32mdone\033[m ]" +} +echo_error() { + echo -e "\033[53G [ \033[1;31mfail\033[m ]" +} + +echo_ok() { + echo -e "\033[50G -> [ \033[32mok\033[m ]" +} + +echo_renew(){ + echo -e "\033[50G -> [ \033[1;31mneeds renewal\033[m ]" +} + +echo_response(){ + echo -e "\033[50G -> $*" +} + +blank_line() { + echo "" +} + +# ---------- +# - Jobhandling +# ---------- + +# - Run 'clean_up' for signals SIGHUP SIGINT SIGTERM +# - +trap clean_up SIGHUP SIGINT SIGTERM + +# - Create lock directory '$LOCK_DIR" +# +mkdir "$LOCK_DIR" + + + +if [[ -f "/var/lib/dehydrated/domains.txt" ]] ; then + + blank_line + + while read _CHECK_HOST _rest ; do + + echononl "Host: $_CHECK_HOST" + + RESPONSE="$(curl -s -XPOST -d fqdn=$_CHECK_HOST https://checkhost.unboundtest.com/checkhost)" + + if $(echo "$RESPONSE" | grep -q "is OK") ; then + echo_ok + elif $(echo "$RESPONSE" | grep -q "needs renewal") ; then + echo_renew + CERTS_NEED_RENEWAL_ARR+=("$_CHECK_HOST") + else + echo_response $RESPONSE + blank_line + fi + + done < "/var/lib/dehydrated/domains.txt" + blank_line + +fi + + +if [[ ${#CERTS_NEED_RENEWAL_ARR[@]} -gt 0 ]]; then + + for _HOST in "${CERTS_NEED_RENEWAL_ARR[@]}" ; do + if [[ -d "/var/lib/dehydrated/certs/$_HOST" ]]; then + echononl "Remove certs for '$_HOST'.." + mv "/var/lib/dehydrated/certs/$_HOST" "/var/lib/dehydrated/certs/${_HOST}.BAK.$(date +%Y-%m-%d-%H%M)" + echo_done + fi + done + + blank_line + echononl "Trigger script 'dehydrated_cron.sh'.." + /var/lib/dehydrated/cron/dehydrated_cron.sh > /dev/null 2>&1 + if [[ $? -eq 0 ]] ; then + echo_done + else + echo_error + fi + + blank_line + +fi + +clean_up 0