summaryrefslogtreecommitdiffstats
path: root/certrenew
blob: 7691eaeb6cafc8eaa704a06ea9516d0989c9b477 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
#!/bin/bash

set -e

main() {
	if (($#<2)); then
		printf "usage: %s <webroot> <domains ...>\n" "${0##*/}"
		exit 1
	fi

	local webroot=$1; shift;
	local -a domains=("$@")

	local cert="/etc/letsencrypt/live/${domains[0]}/cert.pem"

	# renew if expires within 8 weeks
	if ! openssl x509 -noout -checkend $((8*7*86400)) -in "${cert}"; then
		certbot certonly --email bluewind@xinu.at --agree-tos --renew-by-default --webroot -w "$webroot" "${domains[@]/#/-d }"
		return 0
	fi

	# exit 1 so that scripts using this can check we the cert has been updated
	# (certrenew .. && systemctl reload ..)
	return 1
}

main "$@"