Renew timeframe as config option

2026-03-21 08:39:01 +01:00 · 2015-12-06 14:42:46 +01:00
parent 5060dea068
commit e300c0a173
2 changed files with 7 additions and 3 deletions
--- a/config.sh.example
+++ b/config.sh.example
@@ -8,3 +8,6 @@ WELLKNOWN="/var/www/letsencrypt/.well-known/acme-challenge"
 # token; can be used to e.g. upload the challenge if this script doesn't run
 # on the webserver
 #HOOK_CHALLENGE=
+
+# try to renew certs that are within RENEW_DAYS days of there expire date
+#RENEW_DAYS="14"
--- a/letsencrypt.sh
+++ b/letsencrypt.sh
@@ -8,6 +8,7 @@ set -o pipefail
 CA="https://acme-v01.api.letsencrypt.org"
 LICENSE="https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf"
 HOOK_CHALLENGE=
+RENEW_DAYS="14"
 KEYSIZE="4096"

 . ./config.sh
@@ -189,12 +190,12 @@ fi
  domain="$(echo $line | cut -d' ' -f1)"
  if [[ -e "certs/${domain}/cert.pem" ]]; then
    echo -n "Found existing cert for ${domain}. Expire date ..."
-    set +e; openssl x509 -checkend 1209600 -noout -in "certs/${domain}/cert.pem"; expiring=$?; set -e
+    set +e; openssl x509 -checkend $((${RENEW_DAYS} * 86400)) -noout -in "certs/${domain}/cert.pem"; expiring=$?; set -e
    if [[ ${expiring} -eq 0 ]]; then
-        echo " is not within 2 weeks. Skipping"
+        echo " is not within ${RENEW_DAYS} days. Skipping"
        continue
    fi
-    echo " is within 2 weeks. Renewing..."
+    echo " is within ${RENEW_DAYS} days. Renewing..."
  fi

  sign_domain $line