mirror of
https://github.com/dehydrated-io/dehydrated.git
synced 2026-07-13 08:32:46 +02:00
Cleaner outputs
This commit is contained in:
committed by
Lukas Schauer
parent
5d24285f5e
commit
579e231631
+1
-1
@@ -9,7 +9,7 @@
|
|||||||
# on the webserver
|
# on the webserver
|
||||||
#HOOK_CHALLENGE=
|
#HOOK_CHALLENGE=
|
||||||
|
|
||||||
# try to renew certs that are within RENEW_DAYS days of there expire date
|
# try to renew certs that are within RENEW_DAYS days of their expiration date
|
||||||
#RENEW_DAYS="14"
|
#RENEW_DAYS="14"
|
||||||
|
|
||||||
# create new private key for each csr (yes|no)
|
# create new private key for each csr (yes|no)
|
||||||
|
|||||||
+14
-7
@@ -101,7 +101,7 @@ signed_request() {
|
|||||||
sign_domain() {
|
sign_domain() {
|
||||||
domain="${1}"
|
domain="${1}"
|
||||||
altnames="${*}"
|
altnames="${*}"
|
||||||
echo "Signing domain ${1} (${*})..."
|
echo " + Signing domains..."
|
||||||
|
|
||||||
# If there is no existing certificate directory => make it
|
# If there is no existing certificate directory => make it
|
||||||
if [[ ! -e "certs/${domain}" ]]; then
|
if [[ ! -e "certs/${domain}" ]]; then
|
||||||
@@ -217,15 +217,22 @@ fi
|
|||||||
# Generate certificates for all domains found in domain.txt. Check if existing certificate are about to expire
|
# Generate certificates for all domains found in domain.txt. Check if existing certificate are about to expire
|
||||||
<domains.txt sed 's/^\s*//g;s/\s*$//g' | grep -v '^#' | grep -v '^$' | while read -r line; do
|
<domains.txt sed 's/^\s*//g;s/\s*$//g' | grep -v '^#' | grep -v '^$' | while read -r line; do
|
||||||
domain="$(echo $line | cut -d' ' -f1)"
|
domain="$(echo $line | cut -d' ' -f1)"
|
||||||
if [[ -e "certs/${domain}/cert.pem" ]]; then
|
cert="certs/${domain}/cert.pem"
|
||||||
echo -n "Found existing cert for ${domain}. Expire date ..."
|
|
||||||
set +e; openssl x509 -checkend $((${RENEW_DAYS} * 86400)) -noout -in "certs/${domain}/cert.pem"; expiring=$?; set -e
|
echo "Processing ${domain}"
|
||||||
|
if [[ -e "${cert}" ]]; then
|
||||||
|
echo " + Found existing cert..."
|
||||||
|
|
||||||
|
# Turning off exit on non-zero status for cert validation
|
||||||
|
set +e; openssl x509 -checkend $((${RENEW_DAYS} * 86400)) -noout -in "${cert}"; expiring=$?; set -e
|
||||||
|
valid="$(openssl x509 -enddate -noout -in "certs/${domain}/cert.pem" | cut -d= -f2- )"
|
||||||
|
|
||||||
|
echo -n " + Valid till ${valid} "
|
||||||
if [[ ${expiring} -eq 0 ]]; then
|
if [[ ${expiring} -eq 0 ]]; then
|
||||||
valid=$(openssl x509 -enddate -noout -in "certs/${domain}/cert.pem" | cut -d= -f2- )
|
echo "(Longer than ${RENEW_DAYS} days). Skipping!"
|
||||||
echo " ${valid} Skipping. (Valid longer than ${RENEW_DAYS} days.)"
|
|
||||||
continue
|
continue
|
||||||
fi
|
fi
|
||||||
echo " is within ${RENEW_DAYS} days. Renewing..."
|
echo "(Less than ${RENEW_DAYS} days). Renewing!"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
sign_domain $line
|
sign_domain $line
|
||||||
|
|||||||
Reference in New Issue
Block a user