From Kromonos, 3 Years ago, written in Bash.
Embed
  1. #!/bin/bash
  2.  
  3. DOM="-d example.net"
  4. MAIL="me@example.net"
  5. HOST=$(uname -n)
  6. LOGGER=`which logger`
  7. CERTFILE="/etc/letsencrypt/live/example.net/cert.pem"
  8. DAYSTORENEW="10"
  9. DAYSTOALERT="5"
  10. WEBROOT="/usr/share/nginx/tmp/"
  11.  
  12. if test -a $CERTFILE; then
  13.     d1=$(date -d "`openssl x509 -in $CERTFILE -text -noout | grep "Not After" | cut -c 25-`" +%s)
  14.     d2=$(date -d "now" +%s)
  15.     DAYS=` echo \( $d1 -  $d2 \)  / 86400 |bc `
  16.     $LOGGER -d -t letsencrypt "Certificate will expire in $DAYS days"
  17. fi;
  18.  
  19. if test $DAYS -lt $DAYSTORENEW; then
  20.     ./letsencrypt-auto certonly --agree-tos --renew-by-default --email $MAIL --webroot -w $WEBROOT --rsa-key-size 4096 $DOM
  21.     systemctl daemon-reload
  22.     systemctl reload nginx.service
  23.     $LOGGER -d -t letsencrypt "Certificate renewed"
  24. fi;
  25.  
  26. if test $DAYS -lt $DAYSTOALERT; then
  27.     echo "ALERT! CERTIFICATE RENEWAL PROBLEM! ($HOST)" | mail -s "$HOST - letsencrypt" $MAIL
  28. fi;