check_sslcerts/checksslcerts.sh aktualisiert

check_sslcerts/checksslcerts.sh

@@ -1,8 +1,10 @@
 #!/bin/bash
 
 ## crontab
-##   0    5  *   *   *     bash /data/scripts/sslcerts/checksslcerts.sh 2>&1 > /tmp/checksslcert.log
+##  0    4  *   *   *     bash /data/scripts/sslcerts/create_sites.sh > /data/scripts/sslcerts/sites.txt
+##  0    5  *   *   *     bash /data/scripts/sslcerts/checksslcerts.sh 2>&1 > /tmp/checksslcert.log
 
+#!/bin/bash
 
 sites=$(cat /data/scripts/sslcerts/sites.txt)
 
@@ -10,49 +12,52 @@ export SITE_SSL_PORT="443"
 
 for site in `echo $sites`
 do
- export SITE_URL=$site
+   export SITE_URL=$site
  
- notAfter=$(/usr/bin/openssl s_client -connect ${SITE_URL}:${SITE_SSL_PORT} \
-  -servername ${SITE_URL} 2> /dev/null | /usr/bin/openssl x509 -noout  -dates | grep notAfter)
+   notAfter=$(/usr/bin/openssl s_client -connect ${SITE_URL}:${SITE_SSL_PORT} \
+      -servername ${SITE_URL} 2> /dev/null | /usr/bin/openssl x509 -noout  -dates | grep notAfter)
  
- not_after=$(echo "$notAfter" | cut -d= -f2-)
+   not_after=$(echo "$notAfter" | cut -d= -f2-)
  
- now_ts=$(date +%s)
- expiry_ts=$(date -d "$not_after" +%s)
- diff_sec=$((expiry_ts - now_ts))
- diff_days=$((diff_sec / 86400))
+   now_ts=$(date +%s)
+   expiry_ts=$(date -d "$not_after" +%s)
+   diff_sec=$((expiry_ts - now_ts))
+   diff_days=$((diff_sec / 86400))
 
- if [ "$diff_days" -lt 14 ]
- then
-  echo "send warning für $site ($diff_days)"
-  url="https://msg.rproxy.conet-services.de/message.php"
-  # JSON-Daten für den POST-Request
-  json_data=$(cat <<EOF
-{
-     "msg": "Certificate for $site is about to expire in $diff_days day(s)",
-     "subject": "Certificate expiration warning",
-     "x_conet_src": "conetadm@conlxscript1:/data/scripts/sslcerts/checksslcerts.sh",
-     "from_descr": "CONET Monitoring",
-     "from_email": "noreply@conet-services.de",
-     "to_email": "help@conet.de",
-     "reply_mail": "support-con@tasks.conet.de"
-}
+   if [ "$not_after" != "" ]
+   then
+      if [ "$diff_days" -lt 14 ]
+      then
+         echo "send warning für $site ($diff_days)"
+         url="https://msg.rproxy.conet-services.de/message.php"
+         # JSON-Daten für den POST-Request
+         json_data=$(cat <<EOF
+            {
+               "msg": "Certificate for $site is about to expire in $diff_days day(s)",
+               "subject": "Certificate expiration warning",
+               "x_conet_src": "conetadm@conlxscript1:/data/scripts/sslcerts/checksslcerts.sh",
+               "from_descr": "CONET Monitoring",
+               "from_email": "noreply@conet-services.de",
+               "to_email": "help@conet.de",
+               "reply_mail": "support-con@tasks.conet.de"
+            }
 EOF
 ) 
-  # Senden der POST-Anfrage mit curl
-  response=$(curl -s -X POST $url \
-                     -H "Content-Type: application/json" \
-                     -d "$json_data"
+         # Senden der POST-Anfrage mit curl
+         response=$(curl -s -X POST $url \
+            -H "Content-Type: application/json" \
+            -d "$json_data"
             )
- fi
+      fi
  
- printf "%02d days" "$diff_days"
- echo -n "@"
- printf "%30s" "$not_after"
- echo -n ":"
- printf "%40s\n" "$site"
- echo "delete from sslcerts where cn='$site'" | /usr/bin/mysql -u conetadm -p'Conet12#' -Dscripts
- echo "INSERT INTO sslcerts (expiration, datestring, cn) VALUES ('$diff_days', '$not_after', '$site') ON DUPLICATE KEY UPDATE cn = VALUES(cn);" | /usr/bin/mysql -u conetadm -p'Conet12#' -Dscripts
-
- 
-done
+      printf "%02d days" "$diff_days"
+      echo -n "@"
+      printf "%30s" "$not_after"
+      echo -n ":"
+      printf "%40s\n" "$site"
+      echo "delete from sslcerts where cn='$site'" | /usr/bin/mysql -u conetadm -p'Conet12#' -Dscripts
+      echo "INSERT INTO sslcerts (expiration, datestring, cn) VALUES ('$diff_days', '$not_after', '$site') ON DUPLICATE KEY UPDATE cn = VALUES(cn);" | /usr/bin/mysql -u conetadm -p'Conet12#' -Dscripts
+   else
+      echo "cannot get certificate from $site"
+   fi
+done