39 lines
1.2 KiB
Django/Jinja
39 lines
1.2 KiB
Django/Jinja
#!/bin/bash
|
|
|
|
#set -e
|
|
|
|
PUB_CERTS_DIR="/srv/CA/pki/issued"
|
|
|
|
# 1 day in seconds 86400
|
|
# 7 days in seconds: 604800
|
|
# 30 days in seconds: 2592000
|
|
DAYS="{{ easy_rsa_alert_on_cert_seconds_before_expire }}"
|
|
RETVAL=
|
|
|
|
# Email settings
|
|
_sub=" will expire within $DAYS seconds (30 days):"
|
|
_from="{{ easy_rsa_alert_on_cert_from }}"
|
|
_to="{{ easy_rsa_alert_on_cert_to }}"
|
|
_openssl="/usr/bin/openssl"
|
|
|
|
for cert in "$PUB_CERTS_DIR/"*.crt ; do
|
|
#echo -n "$cert: "
|
|
#$_openssl x509 -enddate -noout -in "$cert" -checkend "$DAYS" | grep -q 'notAfter'
|
|
expiry_date=$( $_openssl x509 -enddate -noout -in "$cert" -checkend "$DAYS" )
|
|
RETVAL=$?
|
|
#echo "RETVAL: $RETVAL"
|
|
|
|
# Send email
|
|
if [ $RETVAL -ne 0 ] ; then
|
|
echo "$cert ${_sub} $expiry_date"
|
|
{% if easy_rsa_alert_on_cert_expiration %}
|
|
mail -s "$cert $_sub" -r "$_from" "$_to" <<< "Warning: The TLS/SSL certificate ($cert) will expire soon on $HOSTNAME [$(date)]: $expiry_date"
|
|
# # See https://www.cyberciti.biz/mobile-devices/android/how-to-push-send-message-to-ios-and-android-from-linux-cli/ #
|
|
# source ~/bin/cli_app.sh
|
|
# push_to_mobile "$0" "$_sub. See $_to email for detailed log. -- $HOSTNAME " >/dev/null
|
|
{% endif %}
|
|
fi
|
|
done
|
|
|
|
exit 0
|