move more renewal logic to util.sh
This commit is contained in:
parent
a89ebd176f
commit
57c429078c
|
@ -23,20 +23,10 @@ for f in /scripts/startup/*.sh; do
|
||||||
done
|
done
|
||||||
echo "Done with startup"
|
echo "Done with startup"
|
||||||
|
|
||||||
last_renewal_file="/etc/letsencrypt/last_renewal.txt"
|
|
||||||
|
|
||||||
# Instead of trying to run `cron` or something like that, just sleep and run `certbot`.
|
# Instead of trying to run `cron` or something like that, just sleep and run `certbot`.
|
||||||
while [ true ]; do
|
while [ true ]; do
|
||||||
if is_renewal_required $last_renewal_file; then
|
echo "Run certbot"
|
||||||
# Recreate the file to persist the last renewal timestamp
|
/scripts/run_certbot.sh
|
||||||
touch "$last_renewal_file"
|
|
||||||
|
|
||||||
# Run certbot to request all the ssl certs we can find
|
|
||||||
echo "Run certbot"
|
|
||||||
/scripts/run_certbot.sh
|
|
||||||
else
|
|
||||||
echo "Not run certbot"
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Sleep for 1 week
|
# Sleep for 1 week
|
||||||
sleep 604810 &
|
sleep 604810 &
|
||||||
|
|
|
@ -76,17 +76,25 @@ get_certificate() {
|
||||||
--standalone --preferred-challenges http-01 --debug
|
--standalone --preferred-challenges http-01 --debug
|
||||||
}
|
}
|
||||||
|
|
||||||
# Given a last renewal file with timestamp, return true if a renewal is
|
# Given a domain name, return true if a renewal is required (last renewal
|
||||||
# required (last renewal ran over a week ago), return false otherwise
|
# ran over a week ago or never happened yet), otherwise return false.
|
||||||
is_renewal_required() {
|
is_renewal_required() {
|
||||||
# If the file does not exist assume a renewal is required
|
# If the file does not exist assume a renewal is required
|
||||||
[[ ! -e "$1" ]] && return;
|
last_renewal_file="/etc/letsencrypt/$1_last_renewal.txt"
|
||||||
|
[[ ! -e "$last_renewal_file" ]] && return;
|
||||||
|
|
||||||
# If the file exists, check if the last renewal was more than a week ago
|
# If the file exists, check if the last renewal was more than a week ago
|
||||||
one_week_sec=604800
|
one_week_sec=604800
|
||||||
now_sec=$(date -d now +%s)
|
now_sec=$(date -d now +%s)
|
||||||
last_renewal_sec=$(stat -c %Y "$1")
|
last_renewal_sec=$(stat -c %Y "$last_renewal_file")
|
||||||
last_renewal_delta_sec=$(( ($now_sec - $last_renewal_sec) ))
|
last_renewal_delta_sec=$(( ($now_sec - $last_renewal_sec) ))
|
||||||
is_finshed_week_sec=$(( ($one_week_sec - $last_renewal_delta_sec) ))
|
is_finshed_week_sec=$(( ($one_week_sec - $last_renewal_delta_sec) ))
|
||||||
[[ $is_finshed_week_sec -lt 0 ]]
|
[[ $is_finshed_week_sec -lt 0 ]]
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# Given a domain name, set the current time as the last renewal timestamp
|
||||||
|
# as read by is_renewal_required().
|
||||||
|
update_renewal_timestamp() {
|
||||||
|
last_renewal_file="/etc/letsencrypt/$1_last_renewal.txt"
|
||||||
|
touch "$last_renewal_file"
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in New Issue