iankelling.org Git - distro-setup/blob - filesystem/usr/local/bin/check-lets-encrypt-ssl-settings

   1 #!/bin/bash
   2 # I, Ian Kelling, follow the GNU license recommendations at
   3 # https://www.gnu.org/licenses/license-recommendations.en.html. They
   4 # recommend that small programs, < 300 lines, be licensed under the
   5 # Apache License 2.0. This file contains or is part of one or more small
   6 # programs. If a small program grows beyond 300 lines, I plan to switch
   7 # its license to GPL.
   8
   9 # Copyright 2024 Ian Kelling
  10
  11 # Licensed under the Apache License, Version 2.0 (the "License");
  12 # you may not use this file except in compliance with the License.
  13 # You may obtain a copy of the License at
  14
  15 #     http://www.apache.org/licenses/LICENSE-2.0
  16
  17 # Unless required by applicable law or agreed to in writing, software
  18 # distributed under the License is distributed on an "AS IS" BASIS,
  19 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  20 # See the License for the specific language governing permissions and
  21 # limitations under the License.
  22
  23 # Copyright (C) 2016 Ian Kelling
  24
  25 # Licensed under the Apache License, Version 2.0 (the "License");
  26 # you may not use this file except in compliance with the License.
  27 # You may obtain a copy of the License at
  28
  29 #     http://www.apache.org/licenses/LICENSE-2.0
  30
  31 # Unless required by applicable law or agreed to in writing, software
  32 # distributed under the License is distributed on an "AS IS" BASIS,
  33 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  34 # See the License for the specific language governing permissions and
  35 # limitations under the License.
  36
  37 if [[ ! -e /dev/shm/iank-status ]]; then
  38   exit 0
  39 fi
  40 eval "$(< /dev/shm/iank-status)"
  41
  42 if [[ $HOSTNAME != "$MAIL_HOST" || $HOST2 && $HOST2 != "$HOSTNAME" ]]; then
  43   exit 0
  44 fi
  45
  46 lock_file=/tmp/check-lets-encrypt-ssl-settings
  47 if [[ -e $lock_file ]]; then
  48   exit 0
  49 fi
  50
  51 d=/a/opt/certbot
  52 gitget https://github.com/certbot/certbot.git $d |& ts "%F %T" >>/tmp/${0##*/}.log
  53 cd $d
  54
  55 f=certbot-apache/certbot_apache/_internal/tls_configs/current-options-ssl-apache.conf
  56 out=$(git log -p --since 2022-05-14 $f)
  57
  58 if [[ $out ]]; then
  59   cat <<EOF
  60 Let's encrypt has new ssl settings.
  61 1. edit mail-setup if needed: search for check-lets-encrypt-ssl-settings
  62 2. edit web-conf, search for common_ssl_conf
  63 3. Update servers if needed
  64 4. edit the date in /a/bin/ds/filesystem/usr/local/bin/check-lets-encrypt-ssl-settings
  65 5. rm $lock_file
  66 The change is:
  67 $out
  68 EOF
  69   touch $lock_file
  70 fi