move more renewal logic to util.sh

This commit is contained in:
Bruno Zell 2018-10-03 05:04:44 +02:00
parent a89ebd176f
commit 57c429078c
2 changed files with 14 additions and 16 deletions

View File

@ -23,20 +23,10 @@ for f in /scripts/startup/*.sh; do
done done
echo "Done with startup" echo "Done with startup"
last_renewal_file="/etc/letsencrypt/last_renewal.txt"
# Instead of trying to run `cron` or something like that, just sleep and run `certbot`. # Instead of trying to run `cron` or something like that, just sleep and run `certbot`.
while [ true ]; do while [ true ]; do
if is_renewal_required $last_renewal_file; then echo "Run certbot"
# Recreate the file to persist the last renewal timestamp /scripts/run_certbot.sh
touch "$last_renewal_file"
# Run certbot to request all the ssl certs we can find
echo "Run certbot"
/scripts/run_certbot.sh
else
echo "Not run certbot"
fi
# Sleep for 1 week # Sleep for 1 week
sleep 604810 & sleep 604810 &

View File

@ -76,17 +76,25 @@ get_certificate() {
--standalone --preferred-challenges http-01 --debug --standalone --preferred-challenges http-01 --debug
} }
# Given a last renewal file with timestamp, return true if a renewal is # Given a domain name, return true if a renewal is required (last renewal
# required (last renewal ran over a week ago), return false otherwise # ran over a week ago or never happened yet), otherwise return false.
is_renewal_required() { is_renewal_required() {
# If the file does not exist assume a renewal is required # If the file does not exist assume a renewal is required
[[ ! -e "$1" ]] && return; last_renewal_file="/etc/letsencrypt/$1_last_renewal.txt"
[[ ! -e "$last_renewal_file" ]] && return;
# If the file exists, check if the last renewal was more than a week ago # If the file exists, check if the last renewal was more than a week ago
one_week_sec=604800 one_week_sec=604800
now_sec=$(date -d now +%s) now_sec=$(date -d now +%s)
last_renewal_sec=$(stat -c %Y "$1") last_renewal_sec=$(stat -c %Y "$last_renewal_file")
last_renewal_delta_sec=$(( ($now_sec - $last_renewal_sec) )) last_renewal_delta_sec=$(( ($now_sec - $last_renewal_sec) ))
is_finshed_week_sec=$(( ($one_week_sec - $last_renewal_delta_sec) )) is_finshed_week_sec=$(( ($one_week_sec - $last_renewal_delta_sec) ))
[[ $is_finshed_week_sec -lt 0 ]] [[ $is_finshed_week_sec -lt 0 ]]
} }
# Given a domain name, set the current time as the last renewal timestamp
# as read by is_renewal_required().
update_renewal_timestamp() {
last_renewal_file="/etc/letsencrypt/$1_last_renewal.txt"
touch "$last_renewal_file"
}