diff --git a/src/scripts/entrypoint.sh b/src/scripts/entrypoint.sh index 3317d39..71d433e 100644 --- a/src/scripts/entrypoint.sh +++ b/src/scripts/entrypoint.sh @@ -23,20 +23,10 @@ for f in /scripts/startup/*.sh; do done echo "Done with startup" -last_renewal_file="/etc/letsencrypt/last_renewal.txt" - # Instead of trying to run `cron` or something like that, just sleep and run `certbot`. while [ true ]; do - if is_renewal_required $last_renewal_file; then - # Recreate the file to persist the last renewal timestamp - touch "$last_renewal_file" - - # Run certbot to request all the ssl certs we can find - echo "Run certbot" - /scripts/run_certbot.sh - else - echo "Not run certbot" - fi + echo "Run certbot" + /scripts/run_certbot.sh # Sleep for 1 week sleep 604810 & diff --git a/src/scripts/util.sh b/src/scripts/util.sh index d03a0d2..eb0243b 100644 --- a/src/scripts/util.sh +++ b/src/scripts/util.sh @@ -76,17 +76,25 @@ get_certificate() { --standalone --preferred-challenges http-01 --debug } -# Given a last renewal file with timestamp, return true if a renewal is -# required (last renewal ran over a week ago), return false otherwise +# Given a domain name, return true if a renewal is required (last renewal +# ran over a week ago or never happened yet), otherwise return false. is_renewal_required() { # If the file does not exist assume a renewal is required - [[ ! -e "$1" ]] && return; + last_renewal_file="/etc/letsencrypt/$1_last_renewal.txt" + [[ ! -e "$last_renewal_file" ]] && return; # If the file exists, check if the last renewal was more than a week ago one_week_sec=604800 now_sec=$(date -d now +%s) - last_renewal_sec=$(stat -c %Y "$1") + last_renewal_sec=$(stat -c %Y "$last_renewal_file") last_renewal_delta_sec=$(( ($now_sec - $last_renewal_sec) )) is_finshed_week_sec=$(( ($one_week_sec - $last_renewal_delta_sec) )) [[ $is_finshed_week_sec -lt 0 ]] } + +# Given a domain name, set the current time as the last renewal timestamp +# as read by is_renewal_required(). +update_renewal_timestamp() { + last_renewal_file="/etc/letsencrypt/$1_last_renewal.txt" + touch "$last_renewal_file" +}