Skip to content

Instantly share code, notes, and snippets.

@pandanote-info
Last active February 19, 2021 13:34
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save pandanote-info/5572114fd1d89465051db798f64501ff to your computer and use it in GitHub Desktop.
Save pandanote-info/5572114fd1d89465051db798f64501ff to your computer and use it in GitHub Desktop.
Let's encryptから取得した証明書を更新するためのコマンドを証明書が更新可能なタイミングでのみ更新するためのシェルスクリプト。
#!/bin/sh
#
# See https://pandanote.info/?p=3842 for details.
#
PATH=/usr/bin:/bin:/usr/sbin
DRY_RUN=""
LASTCHECK_DIR=/var/run/letsencrypt
LASTCHECK_FILE=${LASTCHECK_DIR}/lastcheck.txt
LOG_DIR=/var/log/letsencrypt
SERVER_OPT=""
if [ "$1" = "-d" ]; then
DRY_RUN="--dry-run"
shift
fi
if [ -n "$1" ]; then
DOMAIN_LIST=`echo $1 | sed -e "s/,/ /"`
else
echo "Usage: $0 <domain list(comma-separated)>"
fi
if [ ! -d "${LASTCHECK_DIR}" ]; then
mkdir -p "${LASTCHECK_DIR}"
fi
if [ ! -d "${LOG_DIR}" ]; then
mkdir -p "${LOG_DIR}"
fi
if [ ! -f "${LASTCHECK_FILE}" ]; then
echo "0" > ${LASTCHECK_FILE}
fi
if [ -f /etc/nginx/nginx.conf ]; then
SERVER_OPT="--nginx"
fi
LASTCHECK_TIME=`cat ${LASTCHECK_FILE}`
CURRENT_TIME=`date +%s`
ELAPSED_TIME=`expr ${CURRENT_TIME} - ${LASTCHECK_TIME}`
LOG_FILE=${LOG_DIR}/letsencrypt_update_`date +%Y%m%d%H%M`.log
if [ ${ELAPSED_TIME} -le 5184000 ]; then
echo "Not yet due to update (elapsed time: ${ELAPSED_TIME})" >& ${LOG_FILE}
exit 1
fi
for i in ${DOMAIN_LIST}
do
certbot certonly ${DRY_RUN} ${SERVER_OPT} -n -d $i --preferred-challenges http-01,dns-01 &>> ${LOG_FILE}
done
rm -f ${LASTCHECK_FILE}
date +%s > ${LASTCHECK_FILE}
cd ${LOG_DIR}
find . -type f -a -mtime +100 -a -name letsencrypt\* -exec rm -f '{}' \;
exit 0
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment