Skip to content
This repository has been archived by the owner on Aug 27, 2024. It is now read-only.

Commit

Permalink
chore(certs): request certificates now syncs in remote certs to decid…
Browse files Browse the repository at this point in the history
…e if they need to be renewed
  • Loading branch information
dorucioclea committed Apr 5, 2024
1 parent 9288278 commit 60c4c2b
Showing 1 changed file with 32 additions and 2 deletions.
34 changes: 32 additions & 2 deletions request-certificates.sh
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,16 @@ eval "$(

# Set the domain to check
domain="*.tariala.com"
CERTS_PATH="./certs/prod/"

FULLCHAIN_FILE="./certs/prod/fullchain.pem"
PRIVKEY_FILE="./certs/prod/privkey.pem"

PRIVKEY_REMOTE_PATH="./certs/prod/privkey.pem"
FULLCHAIN_REMOTE_PATH="./certs/prod/fullchain.pem"

KEY_PATH="./ssh/ConnectKey.pem"
CERT_HOME="./certs/root"

if [[ -z "${ACME_GD_KEY}" ]]; then
echo "ACME_GD_KEY is not set. Exiting.";
Expand All @@ -25,14 +35,34 @@ else
export GD_Secret="${ACME_GD_SECRET}"
fi

export CERT_HOME="./certs/root"

# Get today's date in the same format as acme.sh output, adjust the format as per your locale if needed
today=$(date -u +"%Y-%m-%dT%H:%M:%S")

# Use acme.sh --list to find the domain and extract the renewal date
renewalDate=$(./tools/acme.sh/acme.sh --list | grep "$domain" | awk '{print $6}')

#
# Create directories if they do not exist.

mkdir -p $CERTS_PATH
mkdir -p $CERT_HOME

if ssh -i "$KEY_PATH" "$CLOUD_REMOTE_USER@$CLOUD_REMOTE_HOST" "test -e $FULLCHAIN_FILE"; then
# your file exists
echo "Fullchain certificate exists, copying it over"
scp -i "$KEY_PATH" "$CLOUD_REMOTE_USER@$CLOUD_REMOTE_HOST":"$FULLCHAIN_REMOTE_PATH" "$FULLCHAIN_FILE"
else
echo "Fullchain certificate does not exist.";
fi

if ssh -i "$KEY_PATH" "$CLOUD_REMOTE_USER@$CLOUD_REMOTE_HOST" "test -e $PRIVKEY_FILE"; then
# your file exists
echo "Private key exists, copying it over"
scp -i "$KEY_PATH" "$CLOUD_REMOTE_USER@$CLOUD_REMOTE_HOST":"$PRIVKEY_REMOTE_PATH" "$PRIVKEY_FILE"
else
echo "Private key does not exist.";
fi

if [[ "$renewalDate" > "$today" ]]; then
echo "Doesn't need renewal"
else
Expand Down

0 comments on commit 60c4c2b

Please sign in to comment.