iankelling.org Git - distro-setup/blob - filesystem/usr/local/bin/check-lets-encrypt-ssl-settings

   1 #!/bin/bash
   2 # Copyright (C) 2016 Ian Kelling
   3
   4 # Licensed under the Apache License, Version 2.0 (the "License");
   5 # you may not use this file except in compliance with the License.
   6 # You may obtain a copy of the License at
   7
   8 #     http://www.apache.org/licenses/LICENSE-2.0
   9
  10 # Unless required by applicable law or agreed to in writing, software
  11 # distributed under the License is distributed on an "AS IS" BASIS,
  12 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13 # See the License for the specific language governing permissions and
  14 # limitations under the License.
  15
  16 source ~/.bashrc
  17
  18 if [[ ! -e /dev/shm/iank-status ]]; then
  19   exit 0
  20 fi
  21 eval $(< /dev/shm/iank-status)
  22
  23 if [[ $HOSTNAME != "$MAIL_HOST" || $HOST2 && $HOST2 != "$HOSTNAME" ]]; then
  24   exit 0
  25 fi
  26
  27 lock_file=/tmp/check-lets-encrypt-ssl-settings
  28 if [[ -e $lock_file ]]; then
  29   exit 0
  30 fi
  31
  32 d=/a/opt/certbot
  33 gitget https://github.com/certbot/certbot.git $d |& ts "%F %T" >>/tmp/${0##*/}.log
  34 cd $d
  35
  36 f=certbot-apache/certbot_apache/_internal/tls_configs/current-options-ssl-apache.conf
  37 out=$(git log -p --since 2020-04-06 $f)
  38
  39 if [[ $out ]]; then
  40   cat <<EOF
  41 Let's encrypt has new ssl settings.
  42 1. edit mail-setup and web-conf
  43 2. Update servers
  44 3. edit the date in $0
  45 4. rm $lock_file
  46 The change is:
  47 $out
  48 EOF
  49   touch $lock_file
  50 fi