fixed some autorenew letsencrypt problems

2020-09-27 15:57:47 +02:00 · 2020-09-27 15:57:47 +02:00 · 29c8bfccdf
commit 29c8bfccdf
parent c2c8727fe9
5 changed files with 121 additions and 20 deletions
--- a/files/letsencrypt_renew.sh
+++ b/files/letsencrypt_renew.sh
@ -3,12 +3,14 @@ set -euo pipefail

 source $1

-daysleft=$(/usr/local/bin/acme-primitives.py remaining_days "$LETSENCRYPT_CRT" || echo "0") 2>/dev/null
-[ "$daysleft" -lt "$LETSENCRYPT_REMAININGDAYS" ] || exit 0
+logger -t letsencrypt "Checking certificate ${LETSENCRYPT_CRT}"
+daysleft=$(/usr/local/bin/acme-primitives.py remaining_days "${LETSENCRYPT_CRT}" || echo "0") 2>/dev/null
+[ "$daysleft" -lt "$LETSENCRYPT_REMAININGDAYS" ] || { logger -t letsencrypt "Cert has ${LETSENCRYPT_REMAININGDAYS} days remaining, not renewing" exit 0; }

 folder="$(mktemp -d)"
-cd "$folder"
-/usr/local/bin/acme-primitives.py get_cert --directory 'https://acme-v02.api.letsencrypt.org/directory' --acc /etc/ssl/letsencrypt_account.key --csr $LETSENCRYPT_CSR /usr/local/bin/letsencrypt_deploy_challenge.sh > chained.pem
+cd "${folder}"
+logger -t letsencrypt "Renewing certificate"
+/usr/local/bin/acme-primitives.py get_cert --directory 'https://acme-v02.api.letsencrypt.org/directory' --acc /etc/ssl/letsencrypt_account.key --csr "${LETSENCRYPT_CSR}" /usr/local/bin/letsencrypt_deploy_challenge.sh > chained.pem

 cat chained.pem "$LETSENCRYPT_KEY" > full.pem
 openssl x509 -in chained.pem > cert.pem
@ -25,6 +27,10 @@ mv full.pem "$LETSENCRYPT_FULL"
 cd
 rm -r "$folder"

-for i in $LETSENCRYPT_SERVICES; do
-	/bin/systemctl "$i" restart
+logger -t letsencrypt "Success, restarting services ( ${LETSENCRYPT_SERVICES} )..."
+
+for i in ${LETSENCRYPT_SERVICES}; do
+	/bin/systemctl "${i}" restart
 done
+
+logger -t letsencrypt "done"