2016-06-09 17:07:15 +03:00
|
|
|
#!/bin/bash
|
|
|
|
|
# info: update letsencrypt ssl certificates
|
|
|
|
|
# options: NONE
|
|
|
|
|
#
|
|
|
|
|
# The function for renew letsencrypt expired ssl certificate for all users
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#----------------------------------------------------------#
|
|
|
|
|
# Variable&Function #
|
|
|
|
|
#----------------------------------------------------------#
|
|
|
|
|
|
|
|
|
|
# Importing system enviroment as we run this script
|
|
|
|
|
# mostly by cron wich not read it by itself
|
|
|
|
|
source /etc/profile
|
|
|
|
|
|
|
|
|
|
# Includes
|
2016-08-13 16:28:51 -04:00
|
|
|
source $VESTA/func/main.sh
|
2016-06-09 17:07:15 +03:00
|
|
|
source $VESTA/conf/vesta.conf
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#----------------------------------------------------------#
|
|
|
|
|
# Action #
|
|
|
|
|
#----------------------------------------------------------#
|
|
|
|
|
|
2018-12-10 14:31:10 +01:00
|
|
|
lecounter=0
|
2021-04-12 00:12:04 +02:00
|
|
|
hostname=$(hostname)
|
|
|
|
|
|
|
|
|
|
echo "[$(date)] : -----------------------------------------------------------------------------------" >> /usr/local/vesta/log/letsencrypt_cron.log
|
2018-12-10 14:31:10 +01:00
|
|
|
|
2018-12-26 12:54:33 +02:00
|
|
|
# Checking user certificates
|
|
|
|
|
for user in $($BIN/v-list-users plain |cut -f 1); do
|
2016-08-13 16:29:28 -04:00
|
|
|
USER_DATA=$VESTA/data/users/$user
|
2018-12-26 12:54:33 +02:00
|
|
|
|
2016-07-31 06:48:06 -04:00
|
|
|
for domain in $(search_objects 'web' 'LETSENCRYPT' 'yes' 'DOMAIN'); do
|
2020-04-30 00:00:08 +02:00
|
|
|
|
2021-04-13 18:55:22 +02:00
|
|
|
limit_check=1
|
2020-04-30 00:00:08 +02:00
|
|
|
fail_counter=$(get_web_counter "$user" "$domain" 'LETSENCRYPT_FAIL_COUNT')
|
2021-04-12 00:12:04 +02:00
|
|
|
|
2022-11-23 14:25:56 +01:00
|
|
|
# proxy_tpl=$(/usr/local/vesta/bin/v-list-web-domain "$user" "$domain" "shell" | grep 'PROXY:' | cut -d ' ' -f11-)
|
|
|
|
|
# if [ "$proxy_tpl" = "forward" ]; then
|
|
|
|
|
# echo "[$(date)] : $domain is using forward proxy, skipping" >> /usr/local/vesta/log/letsencrypt_cron.log
|
|
|
|
|
# continue;
|
|
|
|
|
# fi
|
2022-11-22 09:07:25 +01:00
|
|
|
|
2021-04-13 18:55:22 +02:00
|
|
|
if [[ "$hostname" = "$domain" ]]; then
|
|
|
|
|
if [[ "$fail_counter" -eq 7 ]]; then
|
|
|
|
|
limit_check=0
|
|
|
|
|
fi
|
|
|
|
|
if [[ "$fail_counter" -eq 8 ]]; then
|
2021-04-13 18:25:56 +02:00
|
|
|
fail_counter=$(alter_web_counter "$user" "$domain" 'LETSENCRYPT_FAIL_COUNT')
|
|
|
|
|
send_email_to_admin "LetsEncrypt renewing hostname $hostname" "Warning: hostname $domain failed for LetsEncrypt renewing"
|
2021-04-12 00:12:04 +02:00
|
|
|
fi
|
|
|
|
|
fi
|
|
|
|
|
|
2021-04-13 18:55:22 +02:00
|
|
|
if [[ "$fail_counter" -ge 7 ]] && [[ "$limit_check" -eq 1 ]]; then
|
2021-04-12 00:12:04 +02:00
|
|
|
# echo "$domain failed $fail_counter times for LetsEncrypt renewing, skipping"
|
|
|
|
|
echo "[$(date)] : $domain failed $fail_counter times for LetsEncrypt renewing, skipping" >> /usr/local/vesta/log/letsencrypt_cron.log
|
2020-04-30 00:00:08 +02:00
|
|
|
continue;
|
|
|
|
|
fi
|
2018-12-26 12:54:33 +02:00
|
|
|
crt_data=$(openssl x509 -text -in $USER_DATA/ssl/$domain.crt)
|
|
|
|
|
not_after=$(echo "$crt_data" |grep "Not After" |cut -f 2,3,4 -d :)
|
|
|
|
|
expiration=$(date -d "$not_after" +%s)
|
2016-07-31 06:48:06 -04:00
|
|
|
now=$(date +%s)
|
2018-12-26 12:54:33 +02:00
|
|
|
seconds_valid=$((expiration - now))
|
|
|
|
|
days_valid=$((seconds_valid / 86400))
|
|
|
|
|
if [[ "$days_valid" -lt 31 ]]; then
|
2018-12-10 14:31:10 +01:00
|
|
|
if [ $lecounter -gt 0 ]; then
|
2018-12-14 15:55:35 +01:00
|
|
|
sleep 120
|
2018-12-10 14:31:10 +01:00
|
|
|
fi
|
|
|
|
|
((lecounter++))
|
2016-07-31 06:48:06 -04:00
|
|
|
aliases=$(echo "$crt_data" |grep DNS:)
|
2019-05-14 08:59:43 +02:00
|
|
|
aliases=$(echo "$aliases" |sed -e "s/DNS://g" -e "s/,//g")
|
2016-07-31 06:48:06 -04:00
|
|
|
aliases=$(echo "$aliases" |tr ' ' '\n' |sed "/^$/d")
|
2019-06-06 06:07:44 +01:00
|
|
|
aliases=$(echo "$aliases" |egrep -v "^$domain,?$")
|
2018-12-26 12:54:33 +02:00
|
|
|
aliases=$(echo "$aliases" |sed -e ':a;N;$!ba;s/\n/,/g')
|
|
|
|
|
msg=$($BIN/v-add-letsencrypt-domain $user $domain $aliases)
|
|
|
|
|
if [ $? -ne 0 ]; then
|
2020-04-30 00:30:53 +02:00
|
|
|
if [[ $msg == *"is suspended" ]]; then
|
2021-04-12 00:12:04 +02:00
|
|
|
echo "[$(date)] : SUSPENDED: $domain $msg" >> /usr/local/vesta/log/letsencrypt_cron.log
|
2020-04-30 00:30:53 +02:00
|
|
|
else
|
2021-04-12 00:12:04 +02:00
|
|
|
echo "[$(date)] : $domain $msg" >> /usr/local/vesta/log/letsencrypt_cron.log
|
|
|
|
|
echo "$domain $msg"
|
2020-04-30 00:30:53 +02:00
|
|
|
fail_counter=$(alter_web_counter "$user" "$domain" 'LETSENCRYPT_FAIL_COUNT')
|
2021-04-12 00:12:04 +02:00
|
|
|
echo "[$(date)] : fail_counter = $fail_counter" >> /usr/local/vesta/log/letsencrypt_cron.log
|
2020-04-30 00:30:53 +02:00
|
|
|
echo "fail_counter = $fail_counter"
|
|
|
|
|
fi
|
2016-06-09 17:07:15 +03:00
|
|
|
fi
|
|
|
|
|
fi
|
|
|
|
|
done
|
|
|
|
|
done
|
|
|
|
|
|
|
|
|
|
#----------------------------------------------------------#
|
|
|
|
|
# Vesta #
|
|
|
|
|
#----------------------------------------------------------#
|
|
|
|
|
|
|
|
|
|
# No Logging
|
|
|
|
|
#log_event "$OK" "$EVENT"
|
|
|
|
|
|
|
|
|
|
exit
|
