spagu/expiry_sslcheck.sh

## expiry_sslcheck.sh
#!/usr/local/bin/bash

# All Rights reseverd to tradik.com

readonly VERSION=1.4.12
UNAME='/usr/bin/uname'

# Config you can make in here:
DATABASE="$1.db"
SQLITE='/usr/local/bin/sqlite3'
DIG='/usr/local/bin/dig'
DATECMD='/bin/date'
OPENSSL='/usr/bin/openssl'


note() {
    echo "NOTE: $*" > /dev/stderr
}

err() {
    echo "ERROR: $*" > /dev/stderr
}

fatal() {
    echo "FATAL: $*" > /dev/stderr
    exit 1
}

warn() {
    echo "WARNING: $*" > /dev/stderr
}

# Operationg System specific variables to be added:
OS=$(${UNAME})
case $OS in
    'FreeBSD')
        ;;
    'SunOS')
        ;;
    'Linux')
        ;;
    *)
        fatal "Your OS isn't supported"
        ;;
esac

# Function helpers

check_certs() {
  name="$1"
  shift
  now_epoch=$( ${DATECMD} +%s )
  ${DIG} +noall +answer "${name}" | while read _ _ _ _ ip;
  do
    echo -n "${name} | "
    echo -n "${ip} | "
    expiry_date=$( echo | ${OPENSSL} s_client -showcerts -servername "${name}" -connect "$ip:443" 2>/dev/null | ${OPENSSL} x509 -inform pem -noout -enddate | cut -d "=" -f 2 )
    echo -n "${expiry_date} | ";
    expiry_epoch=$( ${DATECMD} -j -f "%b %d %T %Y %Z" "${expiry_date}" +%s )
    expiry_days="$(( (${expiry_epoch} - ${now_epoch}) / (3600 * 24) ))"
    echo "${expiry_days} days"
    ${SQLITE} "${DATABASE}"  "INSERT INTO certs ( domain, ip, expiry, days ) VALUES ('${name}', '${ip}', '${expiry_date}' ,'${expiry_days}' );"
  done
}


help() {
    cat << EOF
${0##*/} v${VERSION} by Tradik Limited

Syntax:
${0##*/} database [ options ]

DESCRIPTION:
  ${0##*/} is a tool for monitoring SSL domains to avoid expiration date.

OPTIONS:
  -a domain  = Add domain to check database
  -i         = Init database ( custom name )
  -r domain  = Remove domain
  -h         = Show this help
  -s         = Recheck all domains (daily cron suggested)
  -ld        = List all domains
  -le days   = List domains with expiration ess than 'days'

EXAMPLES:
  ${0##*/} internals -i
  create database 'internals'

  ${0##*/} internals -ld 14
list domains with less than 14 days expiration from internals database

  ${0##*/} external -a exmaple.com
add and check domain example.com to database external

EOF
    exit 0
}

[ $# = 0 ] && help
[ "$1" = '-h' -o $1 = "--help" ] && help

init() {
${SQLITE} "${DATABASE}"  "create table certs (id INTEGER PRIMARY KEY,domain TEXT, ip TEXT, cheked DATETIME DEFAULT CURRENT_TIMESTAMP, expiry TEXT, days INT );"
echo "${DATABASE} created."
}

add_domain() {
   check_certs "$1"
   echo "Domain $1 added to ${DATABASE}"
 }

scan_domains() {
DOMAINS=$(${SQLITE} "${DATABASE}"  "SELECT DISTINCT domain FROM certs ORDER BY domain;")
for domain in ${DOMAINS}; do
    check_certs "${domain}"
done
}

list_all() {
DOMAINS=$(${SQLITE} "${DATABASE}"  "SELECT DISTINCT domain FROM certs ORDER BY domain;")
for domain in ${DOMAINS}; do
    echo "${domain}"
done
}

list_expired() {
DAYS="$1"
DOMAINS=$(${SQLITE} "${DATABASE}"  "SELECT domain,days FROM certs  WHERE days<=${DAYS} GROUP BY domain ORDER BY cheked;")
IFS=$'\n'
for domain in "${DOMAINS[@]}"; do
    echo  "${domain[0]}"
done
}

delete_domain() {
    ${SQLITE} "${DATABASE}"  "DELETE FROM certs WHERE domain='$1';"
    echo "Domain $1 removed from ${DATABASE}"
}

while [ "$2" = '-a' -o "$2" = '-i' -o "$2" = '-s' -o "$2" = '-ld'  -o "$2" = '-le' -o "$2" = '-r' ]; do
    case "$2" in
    '-a')
        add_domain "$3"
        shift
        ;;

    '-i')
        init
        shift
        ;;

    '-s')
        scan_domains
        shift
        ;;

    '-r')
        delete_domain "$3"
        shift
        ;;

    '-ld')
        list_all
        shift
        ;;

    '-le')
        list_expired "$3"
        shift
        ;;

    esac
done
	#!/usr/local/bin/bash

	# All Rights reseverd to tradik.com

	readonly VERSION=1.4.12
	UNAME='/usr/bin/uname'

	# Config you can make in here:
	DATABASE="$1.db"
	SQLITE='/usr/local/bin/sqlite3'
	DIG='/usr/local/bin/dig'
	DATECMD='/bin/date'
	OPENSSL='/usr/bin/openssl'


	note() {
	echo "NOTE: $*" > /dev/stderr
	}

	err() {
	echo "ERROR: $*" > /dev/stderr
	}

	fatal() {
	echo "FATAL: $*" > /dev/stderr
	exit 1
	}

	warn() {
	echo "WARNING: $*" > /dev/stderr
	}

	# Operationg System specific variables to be added:
	OS=$(${UNAME})
	case $OS in
	'FreeBSD')
	;;
	'SunOS')
	;;
	'Linux')
	;;
	*)
	fatal "Your OS isn't supported"
	;;
	esac

	# Function helpers

	check_certs() {
	name="$1"
	shift
	now_epoch=$( ${DATECMD} +%s )
	${DIG} +noall +answer "${name}" \| while read _ _ _ _ ip;
	do
	echo -n "${name} \| "
	echo -n "${ip} \| "
	expiry_date=$( echo \| ${OPENSSL} s_client -showcerts -servername "${name}" -connect "$ip:443" 2>/dev/null \| ${OPENSSL} x509 -inform pem -noout -enddate \| cut -d "=" -f 2 )
	echo -n "${expiry_date} \| ";
	expiry_epoch=$( ${DATECMD} -j -f "%b %d %T %Y %Z" "${expiry_date}" +%s )
	expiry_days="$(( (${expiry_epoch} - ${now_epoch}) / (3600 * 24) ))"
	echo "${expiry_days} days"
	${SQLITE} "${DATABASE}" "INSERT INTO certs ( domain, ip, expiry, days ) VALUES ('${name}', '${ip}', '${expiry_date}' ,'${expiry_days}' );"
	done
	}




	help() {
	cat << EOF
	${0##*/} v${VERSION} by Tradik Limited

	Syntax:
	${0##*/} database [ options ]

	DESCRIPTION:
	${0##*/} is a tool for monitoring SSL domains to avoid expiration date.

	OPTIONS:
	-a domain = Add domain to check database
	-i = Init database ( custom name )
	-r domain = Remove domain
	-h = Show this help
	-s = Recheck all domains (daily cron suggested)
	-ld = List all domains
	-le days = List domains with expiration ess than 'days'

	EXAMPLES:
	${0##*/} internals -i
	create database 'internals'

	${0##*/} internals -ld 14
	list domains with less than 14 days expiration from internals database

	${0##*/} external -a exmaple.com
	add and check domain example.com to database external

	EOF
	exit 0
	}

	[ $# = 0 ] && help
	[ "$1" = '-h' -o $1 = "--help" ] && help

	init() {
	${SQLITE} "${DATABASE}" "create table certs (id INTEGER PRIMARY KEY,domain TEXT, ip TEXT, cheked DATETIME DEFAULT CURRENT_TIMESTAMP, expiry TEXT, days INT );"
	echo "${DATABASE} created."
	}

	add_domain() {
	check_certs "$1"
	echo "Domain $1 added to ${DATABASE}"
	}

	scan_domains() {
	DOMAINS=$(${SQLITE} "${DATABASE}" "SELECT DISTINCT domain FROM certs ORDER BY domain;")
	for domain in ${DOMAINS}; do
	check_certs "${domain}"
	done
	}

	list_all() {
	DOMAINS=$(${SQLITE} "${DATABASE}" "SELECT DISTINCT domain FROM certs ORDER BY domain;")
	for domain in ${DOMAINS}; do
	echo "${domain}"
	done
	}

	list_expired() {
	DAYS="$1"
	DOMAINS=$(${SQLITE} "${DATABASE}" "SELECT domain,days FROM certs WHERE days<=${DAYS} GROUP BY domain ORDER BY cheked;")
	IFS=$'\n'
	for domain in "${DOMAINS[@]}"; do
	echo "${domain[0]}"
	done
	}

	delete_domain() {
	${SQLITE} "${DATABASE}" "DELETE FROM certs WHERE domain='$1';"
	echo "Domain $1 removed from ${DATABASE}"
	}

	while [ "$2" = '-a' -o "$2" = '-i' -o "$2" = '-s' -o "$2" = '-ld' -o "$2" = '-le' -o "$2" = '-r' ]; do
	case "$2" in
	'-a')
	add_domain "$3"
	shift
	;;

	'-i')
	init
	shift
	;;

	'-s')
	scan_domains
	shift
	;;

	'-r')
	delete_domain "$3"
	shift
	;;

	'-ld')
	list_all
	shift
	;;

	'-le')
	list_expired "$3"
	shift
	;;

	esac
	done