-
-
Save mdeweerd/c9040a56379e31173094e9354583b953 to your computer and use it in GitHub Desktop.
Homeassistant Blueprint for SSL-Certificate renewal
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| blueprint: | |
| name: Renew Let's Encrypt Certificate | |
| description: Renew Certificate when due date is below given value | |
| domain: automation | |
| input: | |
| cert_expiry_sensor: | |
| name: Certificate Expiry Sensor | |
| description: Sensor from the Certificate Expiry Integration (https://www.home-assistant.io/integrations/cert_expiry) | |
| selector: | |
| entity: | |
| integration: cert_expiry | |
| renew_date: | |
| name: Certificate renewal date | |
| description: Date when the SSL-Certificate will be renewed | |
| selector: | |
| number: | |
| min: 1 | |
| max: 29 | |
| mode: slider | |
| unit_of_measurement: days | |
| default: 5 | |
| time_to_check_cert: | |
| name: Certificate check time | |
| description: Time when the certificate date will be checked. | |
| selector: | |
| time: | |
| restart_nginx_after_renewal: | |
| name: Restart Nginx | |
| description: Restarts Nginx when the certificate is renewed. (if enabled) | |
| selector: | |
| boolean: | |
| default: true | |
| minutes_until_nginx_restart: | |
| name: Minutes until restart | |
| description: Minutes until restart of Home Assistant if restart is enabled | |
| selector: | |
| number: | |
| min: 1 | |
| max: 60 | |
| mode: slider | |
| unit_of_measurement: minutes | |
| default: 1 | |
| restart_ha_after_renewal: | |
| name: Restart Home Assistant | |
| description: Restarts the Home Assistant when the certificate is renewed. (if | |
| enabled) | |
| selector: | |
| boolean: | |
| default: false | |
| minutes_until_ha_restart: | |
| name: Minutes until restart | |
| description: Minutes until restart of Home Assistant if restart is enabled | |
| selector: | |
| number: | |
| min: 1 | |
| max: 60 | |
| mode: slider | |
| unit_of_measurement: minutes | |
| default: 5 | |
| send_notification: | |
| name: Send notification | |
| description: Sends a notification to a device if enabled | |
| selector: | |
| boolean: | |
| default: false | |
| notification_device: | |
| name: Device to notify | |
| description: Device which will be notified. | |
| selector: | |
| device: | |
| integration: mobile_app | |
| default: None | |
| notification_title: | |
| name: Notification title | |
| description: Title for notification, sent when the certificate has been renewed. | |
| default: SSL certificate renewed | |
| notification_message: | |
| name: Notification message | |
| description: Notification message, sent when the certificate has been renewed. | |
| default: HA SSL certificate renewed | |
| alias: Renew SSL Cert | |
| description: 'Renew SSL Certificate, optionnaly: restart HA, restart NGINX, send notification' | |
| trigger: | |
| - platform: time | |
| at: !input time_to_check_cert | |
| condition: | |
| - condition: template | |
| value_template: '{{ expire_days_var < var_check }}' | |
| action: | |
| - service: hassio.addon_start | |
| data: | |
| addon: core_letsencrypt | |
| - choose: | |
| - conditions: | |
| - condition: template | |
| value_template: '{{ send_notification_var }}' | |
| sequence: | |
| - device_id: !input notification_device | |
| domain: mobile_app | |
| type: notify | |
| title: '{{ message_title_var }}' | |
| message: '{{ message_var }}' | |
| default: [] | |
| - choose: | |
| - conditions: | |
| - condition: template | |
| value_template: '{{ restart_nginx_after_renewal_var }}' | |
| sequence: | |
| - delay: | |
| hours: 0 | |
| minutes: !input minutes_until_nginx_restart | |
| seconds: 0 | |
| milliseconds: 0 | |
| - service: hassio.addon_restart | |
| data: | |
| addon: core_nginx_proxy | |
| default: [] | |
| - choose: | |
| - conditions: | |
| - condition: template | |
| value_template: '{{ restart_ha_after_renewal_var }}' | |
| sequence: | |
| - delay: | |
| hours: 0 | |
| minutes: !input minutes_until_ha_restart | |
| seconds: 0 | |
| milliseconds: 0 | |
| - service: hassio.host_reboot | |
| default: [] | |
| mode: single | |
| variables: | |
| certificate_var: !input cert_expiry_sensor | |
| var_check: !input renew_date | |
| message_var: !input notification_message | |
| message_title_var: !input notification_title | |
| restart_ha_after_renewal_var: !input restart_ha_after_renewal | |
| restart_nginx_after_renewal_var: !input restart_nginx_after_renewal | |
| send_notification_var: !input send_notification | |
| expire_days_var: >- | |
| {{ ((as_timestamp(states(certificate_var), 0) - as_timestamp(now())) / 60 / 60 / | |
| 24 ) | int }} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
as_timestamp(states(certificate_var))should be changed toas_timestamp(states(certificate_var), 0)to add a default value of 0. The state returnsunkownif the certificate has already expired, making the script fail.