| 1 | #!/bin/bash |
|---|
| 2 | |
|---|
| 3 | # Small script to run about once a month to update the letsencrypt |
|---|
| 4 | # ssl cert. This can save hundreds of dollars annually! |
|---|
| 5 | # |
|---|
| 6 | # Run from cron at 12:15 on the 5th of the month like this : |
|---|
| 7 | # 15 12 05 * * /root/updateSSLcerCron.sh |& mail -s "SSL certificate update on `hostname -f`" noien@nso.edu |
|---|
| 8 | # |
|---|
| 9 | # Niles Oien for Alisdair Davey, April 2018 |
|---|
| 10 | |
|---|
| 11 | # Make sure the script we run is there. |
|---|
| 12 | pn=`basename $0` |
|---|
| 13 | if [ ! -f ./certbot-auto ] |
|---|
| 14 | then |
|---|
| 15 | echo $pn : Cert update script ./certbot-auto not found - exiting |
|---|
| 16 | exit -1 |
|---|
| 17 | fi |
|---|
| 18 | |
|---|
| 19 | # See the date initially. |
|---|
| 20 | echo Initially, the date on the cert file is as follows : |
|---|
| 21 | /bin/ls -l /etc/letsencrypt/live/`hostname -f`/fullchain.pem |
|---|
| 22 | |
|---|
| 23 | # Run it. Redirect output to a file due to weird escape char that messes up mail. |
|---|
| 24 | echo |
|---|
| 25 | echo $pn : Running certbot-auto |
|---|
| 26 | ./certbot-auto --noninteractive renew &> certbot-auto.log |
|---|
| 27 | echo $pn : Done running certbot-auto, results in certbot-auto.log |
|---|
| 28 | |
|---|
| 29 | # Having run it, print where to check it and the date on the cert. |
|---|
| 30 | echo |
|---|
| 31 | echo Now, date on the cert file is as follows : |
|---|
| 32 | /bin/ls -l /etc/letsencrypt/live/`hostname -f`/fullchain.pem |
|---|
| 33 | echo |
|---|
| 34 | echo Check your configuration \(remember to clear the cache\) at : |
|---|
| 35 | echo https://www.ssllabs.com/ssltest/analyze.html\?d=`hostname -f` |
|---|
| 36 | echo |
|---|
| 37 | |
|---|
| 38 | exit 0 |
|---|
| 39 | |
|---|
