HeroCC/checkLeExpiring.sh

## checkLeExpiring.sh
#!/bin/bash
# Check for LE Cert Updates
# Adapted from https://raw.githubusercontent.com/myprs/lenc-update/master/lenc-update.sh


LENC_CONFDIR="/etc/letsencrypt"
LENC_LIVEDIRNAME="$LENC_CONFDIR/live"
LENC_DEFAULT_CERTFILENAME="cert.pem"

LENC_AUTOBINARY="/opt/letsencrypt/letsencrypt-auto"

# Minimum days of cert validity that must be left before trying to renew cert
MIN_VALDAYS=14

NUM_RENEWALS_NEEDED="0"
RENEWALS_NEEDED="no"
PWD=`pwd`
function checkenv () {

# check if LENC_AUTOBINARY is set to a reasonable value
[ ! -x `which "$LENC_AUTOBINARY"` ] && { echo "ERROR: Variable LENC_AUTOBINARY has no reasonable value, >$LENC_AUTOBINARY< not found or not executable."; exit 1; }

# check if WEBSRV_SERVICENAME is set to a reasonable value
[ ! -x `which "$WEBSRV_SERVICENAME"` ] && { echo "ERROR: Variable WEBSRV_SERVICENAME has no reasonable value, >$WEBSRV_SERVICENAME< not found or not executable."; exit 2; }


# check existance of LENC_CONFDIR directory
[ ! -d "$LENC_CONFDIR" ] && { echo "ERROR: Variable LENC_CONFDIR has no reasonable value, >$LENC_CONFDIR< not found or not an directory."; exit 3; }


# check existence of LENC_LIVEDIRNAME directory
[ ! -d "$LENC_LIVEDIRNAME" ] && { echo "ERROR: Variable LENC_LIVEDIRNAME has no reasonable value, >$LENC_LIVEDIRNAME< not found or not an directory."; exit 3; }
}


function getcertdaystoexpiry () {

# get the days to expiry of the cert

local CERTFILE="$1"
local CERT_XPRY_STRING=`openssl x509 -in "$CERTFILE" -noout   -enddate | mawk -F "=" '{print $2}'`
local CERT_XPRY_NUM=`date -d "$CERT_XPRY_STRING" +%s`
local DATE_NOW_NUM=`date  +%s`
local CERT_XPRY_INSECONDS=$(($CERT_XPRY_NUM - $DATE_NOW_NUM))

# set variable to a decent default
DAYSLEFT=-9999999

cd "$LENC_LIVEDIRNAME/$DOMAINNAME"
getcertdaystoexpiry $LENC_DEFAULT_CERTFILENAME

if [ $DAYSLEFT -lt $MIN_VALDAYS ]; then
  ## go for the update
  echo "$DOMAINNAME needs renewal, $DAYSLEFT days left"
  ((NUM_RENEWALS_NEEDED++))
  RENEWALS_NEEDED="yes"
else
  ## not updating cert
  echo "$DAYSLEFT days left to exiry of certificate for domain $DOMAINNAME. Not exceeding the minimum validity of $MIN_VALDAYS. Not updating certificate."

fi

}

function runallconfigs () {


# enumerate
cd $LENC_LIVEDIRNAME
for CERTDIR in `find . -name '*cert*' -printf '%h\n'| sort -u | cut -c3- ` ;
do
  checkcertneedsrenewal "$CERTDIR"
  echo Running $CERTDIR
done


}

function exitRoutines () {
cd "$PWD"
if [[ "$RENEWALS_NEEDED" != "no" ]]; then
  echo "Please renew your certs, they are about to expire:"
  echo "$NUM_RENEWALS_NEEDED"
  exit "$NUM_RENEWALS_NEEDED"
else
  echo "No Renewals Needed"
fi
}

checkenv
runallconfigs
exitRoutines
	#!/bin/bash
	# Check for LE Cert Updates
	# Adapted from https://raw.githubusercontent.com/myprs/lenc-update/master/lenc-update.sh



	LENC_CONFDIR="/etc/letsencrypt"
	LENC_LIVEDIRNAME="$LENC_CONFDIR/live"
	LENC_DEFAULT_CERTFILENAME="cert.pem"

	LENC_AUTOBINARY="/opt/letsencrypt/letsencrypt-auto"

	# Minimum days of cert validity that must be left before trying to renew cert
	MIN_VALDAYS=14

	NUM_RENEWALS_NEEDED="0"
	RENEWALS_NEEDED="no"
	PWD=`pwd`
	function checkenv () {

	# check if LENC_AUTOBINARY is set to a reasonable value
	[ ! -x `which "$LENC_AUTOBINARY"` ] && { echo "ERROR: Variable LENC_AUTOBINARY has no reasonable value, >$LENC_AUTOBINARY< not found or not executable."; exit 1; }

	# check if WEBSRV_SERVICENAME is set to a reasonable value
	[ ! -x `which "$WEBSRV_SERVICENAME"` ] && { echo "ERROR: Variable WEBSRV_SERVICENAME has no reasonable value, >$WEBSRV_SERVICENAME< not found or not executable."; exit 2; }


	# check existance of LENC_CONFDIR directory
	[ ! -d "$LENC_CONFDIR" ] && { echo "ERROR: Variable LENC_CONFDIR has no reasonable value, >$LENC_CONFDIR< not found or not an directory."; exit 3; }


	# check existence of LENC_LIVEDIRNAME directory
	[ ! -d "$LENC_LIVEDIRNAME" ] && { echo "ERROR: Variable LENC_LIVEDIRNAME has no reasonable value, >$LENC_LIVEDIRNAME< not found or not an directory."; exit 3; }
	}


	function getcertdaystoexpiry () {

	# get the days to expiry of the cert

	local CERTFILE="$1"
	local CERT_XPRY_STRING=`openssl x509 -in "$CERTFILE" -noout -enddate \| mawk -F "=" '{print $2}'`
	local CERT_XPRY_NUM=`date -d "$CERT_XPRY_STRING" +%s`
	local DATE_NOW_NUM=`date +%s`
	local CERT_XPRY_INSECONDS=$(($CERT_XPRY_NUM - $DATE_NOW_NUM))

	# set variable to a decent default
	DAYSLEFT=-9999999

	cd "$LENC_LIVEDIRNAME/$DOMAINNAME"
	getcertdaystoexpiry $LENC_DEFAULT_CERTFILENAME

	if [ $DAYSLEFT -lt $MIN_VALDAYS ]; then
	## go for the update
	echo "$DOMAINNAME needs renewal, $DAYSLEFT days left"
	((NUM_RENEWALS_NEEDED++))
	RENEWALS_NEEDED="yes"
	else
	## not updating cert
	echo "$DAYSLEFT days left to exiry of certificate for domain $DOMAINNAME. Not exceeding the minimum validity of $MIN_VALDAYS. Not updating certificate."

	fi

	}

	function runallconfigs () {


	# enumerate
	cd $LENC_LIVEDIRNAME
	for CERTDIR in `find . -name 'cert' -printf '%h\n'\| sort -u \| cut -c3- ` ;
	do
	checkcertneedsrenewal "$CERTDIR"
	echo Running $CERTDIR
	done


	}

	function exitRoutines () {
	cd "$PWD"
	if [[ "$RENEWALS_NEEDED" != "no" ]]; then
	echo "Please renew your certs, they are about to expire:"
	echo "$NUM_RENEWALS_NEEDED"
	exit "$NUM_RENEWALS_NEEDED"
	else
	echo "No Renewals Needed"
	fi
	}

	checkenv
	runallconfigs
	exitRoutines