98 lines
1.4 KiB
Bash
Executable File
98 lines
1.4 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
|
|
err() {
|
|
printf '%s\n' "$*" >&2
|
|
}
|
|
|
|
msg() {
|
|
printf '%s\n' "$*"
|
|
}
|
|
|
|
set_default() {
|
|
declare -n _vref=$1
|
|
|
|
if ! [[ "$_vref" ]]; then
|
|
_vref=$2
|
|
fi
|
|
}
|
|
|
|
gen_san_string() {
|
|
declare d
|
|
declare -a argv
|
|
|
|
argv=( "$@" )
|
|
|
|
printf '[SAN]\nsubjectAltName='
|
|
|
|
for d in "${argv[@]}"; do
|
|
printf 'DNS:%s' "$d"
|
|
if ! [[ "$d" == "${argv[-1]}" ]]; then
|
|
printf ','
|
|
fi
|
|
done
|
|
}
|
|
|
|
main() {
|
|
declare cfg_dir
|
|
declare -a domains le_args
|
|
|
|
while (( $# )); do
|
|
case $1 in
|
|
-c)
|
|
cfg_dir=$2
|
|
shift;;
|
|
|
|
-t)
|
|
checkend_seconds=$2
|
|
shift;;
|
|
|
|
-d)
|
|
domains+=( "$2" )
|
|
shift;;
|
|
|
|
--)
|
|
shift
|
|
break;;
|
|
|
|
*) break;;
|
|
esac
|
|
|
|
shift
|
|
done
|
|
|
|
set_default cfg_dir "$HOME/.acme"
|
|
set_default checkend_seconds 259200
|
|
|
|
certname=$1
|
|
|
|
if ! [[ "$certname" ]]; then
|
|
err "Please tell me what to do!"
|
|
return 1
|
|
fi
|
|
|
|
if [[ -f "$cfg_dir/domains/$certname/renew.fail" ]]; then
|
|
err "Fail flag exists: $cfg_dir/domains/$certname/renew.fail, not attempting renew."
|
|
return 2
|
|
fi
|
|
|
|
if ! openssl x509 -checkend "$checkend_seconds" < "$cfg_dir/domains/$certname/certificate.pem"; then
|
|
if ! (( "${#domains[@]}" )); then
|
|
if [[ -f "$cfg_dir/domains/$certname/renew.cfg" ]]; then
|
|
source "$cfg_dir/domains/$certname/renew.cfg"
|
|
else
|
|
domains=( "$certname" )
|
|
fi
|
|
fi
|
|
|
|
for d in "${domains[@]}"; do
|
|
le_args+=( '-d' "$d" )
|
|
done
|
|
|
|
if ! le "${le_args[@]}"; then
|
|
> "$cfg_dir/domains/$certname/renew.fail"
|
|
fi
|
|
fi
|
|
}
|
|
|
|
main "$@"
|