Created
May 24, 2018 05:10
-
-
Save leedohyung-dba/87e18e90e86d559b30ebf81c8263c425 to your computer and use it in GitHub Desktop.
定期的にLet's Encrypt証明書を更新してSlackでアナウンス ref: https://qiita.com/leedohyung-dba/items/947185ab37818b66bacd
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 0 4 1 1,3,5,7,9,11 * root /usr/bin/systemctl stop httpd.service && /usr/bin/certbot renew --force-renew --quiet --post-hook "/usr/bin/systemctl start httpd.service" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 0 4 1 1,3,5,7,9,11 * root /bin/sh /run/ssl_certificate_renew.sh |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # WebHookのURL | |
| WEBHOOK_URL='https://hooks.slack.com/services/***************************' | |
| # メッセージを一時保存する場所 | |
| MESSAGEFILE=$(mktemp -t ssl-certificate-notice-XXXX) | |
| # 送信先のチャンネル | |
| CHANNEL=${CHANNEL:-'#lee_test'} | |
| # 終了時に削除 | |
| trap "rm ${MESSAGEFILE}" 0 | |
| send_notice_to_slack_renew_start () { | |
| # 見出し | |
| hd=${HEAD:-"start to ssl certificate renew.\n"} | |
| # json形式に整形 | |
| payload="payload={ | |
| \"channel\": \"${CHANNEL}\", | |
| \"text\": \"${hd}\" | |
| }" | |
| curl -s -S -X POST --data-urlencode "${payload}" ${WEBHOOK_URL} > /dev/null | |
| } | |
| send_notice_to_slack_renew_success () { | |
| # 見出し | |
| hd=${HEAD:-"ssl certificate renew success.\n"} | |
| # 絵文字 | |
| emoji=${EMOJI:-':carlton:'} | |
| # json形式に整形 | |
| payload="payload={ | |
| \"channel\": \"${CHANNEL}\", | |
| \"icon_emoji\": \"${emoji}\", | |
| \"text\": \"${hd}\" | |
| }" | |
| curl -s -S -X POST --data-urlencode "${payload}" ${WEBHOOK_URL} > /dev/null | |
| } | |
| send_notice_to_slack_renew_fail () { | |
| # 改行処理 | |
| cat ${MESSAGEFILE} | tr '\n' '\\' | sed 's/\\/\\n/g' > ${MESSAGEFILE} | |
| # 絵文字 | |
| emoji=${EMOJI:-':aaw_yeah:'} | |
| # 見出し | |
| hd=${HEAD:-"<!here>ssl certificate renew fail.\n"} | |
| # メッセージをシンタックスハイライト付きで取得 | |
| msg='```'`cat ${MESSAGEFILE}`'```' | |
| # json形式に整形 | |
| payload="payload={ | |
| \"channel\": \"${CHANNEL}\", | |
| \"icon_emoji\": \"${emoji}\", | |
| \"text\": \"${hd}${msg}\" | |
| }" | |
| curl -s -S -X POST --data-urlencode "${payload}" ${WEBHOOK_URL} > /dev/null | |
| } | |
| send_notice_to_slack_renew_start | |
| /usr/bin/systemctl stop httpd.service | |
| /usr/bin/certbot renew --force-renew --quiet 2> ${MESSAGEFILE} | |
| RENEW_RESULT=$? | |
| /usr/bin/systemctl start httpd.service | |
| if [ ${RENEW_RESULT} -eq 0 ]; then | |
| send_notice_to_slack_renew_success | |
| else | |
| send_notice_to_slack_renew_fail | |
| fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment