actcur-ansible/role-certbot
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Added freeipa configuration to renewal script (#5)

Browse source 
Reviewed-on: #5
Co-authored-by: Beth <ejparker@actcur.com>
Co-committed-by: Beth <ejparker@actcur.com>
This commit is contained in:
Beth Parker 2025-03-30 00:04:59 -05:00 committed by Jayne
parent 1d44d8380b
commit a6d9fe7aaf
1 changed files with 18 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
files/certbot-renewal.sh
View file

@ -1,10 +1,26 @@
#! /bin/bash #! /bin/bash
#should probably add logic to only halt/reload once (and only if necessary)
function halt() {
#stop services if necessary
if [ -d /var/lib/ipa/ ]
#stop httpd
systemctl stop httpd
fi
}
function reload() { function reload() {
#reload/restart relevant services #reload/restart relevant services
if [ -d /etc/nginx/certs/ ] if [ -d /etc/nginx/certs/ ]
then then
systemctl reload nginx systemctl reload nginx
fi fi
if [ -d /var/lib/ipa/ ]
#restart httpd
systemctl start httpd
/scripts/setup-le.sh
systemctl restart httpd
#load cert
fi
} }
dom=`date +%d` dom=`date +%d`
@ -21,6 +37,7 @@ do
if [[ $today > $expires ]] if [[ $today > $expires ]]
then then
echo Certificate for $f is expired, renewing >> $log echo Certificate for $f is expired, renewing >> $log
halt()
certbot renew --cert-name $f >> /var/log/certbot-renewal.log certbot renew --cert-name $f >> /var/log/certbot-renewal.log
reload() reload()
continue continue
@ -34,6 +51,7 @@ do
if [[ $dom -eq $rdate ]] if [[ $dom -eq $rdate ]]
then then
echo Date falls within renewal window for $f, attempting renewal >> $log echo Date falls within renewal window for $f, attempting renewal >> $log
halt()
certbot renew --cert-name $f >> $log certbot renew --cert-name $f >> $log
reload() reload()
break break