Fri, 01 May 2020 15:27:45 +0100
Initial commit
0 | 1 | #!/bin/bash |
2 | ||
3 | . /etc/certwatch/config.sh | |
4 | ||
5 | PASS=1 | |
6 | ||
7 | check_domain() { | |
8 | DOMAIN="$1" | |
9 | shift; | |
10 | DAYS=14 | |
11 | CRT=$(echo "" | openssl s_client $@ 2>/dev/null); | |
12 | if [[ $? != 0 ]]; then | |
13 | PASS=0 | |
14 | send_notification "Check failed for $DOMAIN" "$CRT"; | |
15 | return; | |
16 | fi | |
17 | ||
18 | if (echo "$CRT" | openssl x509 -noout -checkend $(($DAYS*3600*24)) >/dev/null 2>&1); then | |
19 | return; | |
20 | fi | |
21 | MSG=$(echo "$CRT" | openssl x509 -noout -text|egrep 'CN|DNS|Not After' 2>/dev/null) | |
22 | PASS=0 | |
23 | send_notification "Certificate expiry: $DOMAIN" "$MSG" | |
24 | } | |
25 | ||
26 | check_https() { | |
27 | check_domain "$1 HTTPS" -servername $1 -connect $1:443 | |
28 | } | |
29 | ||
30 | check_xmpp() { | |
31 | # need OpenSSL 1.1 for -xmpphost :( | |
32 | check_domain "$1 XMPP" -connect $1:5222 -starttls xmpp | |
33 | } | |
34 | ||
35 | check_xmpps2s() { | |
36 | # need OpenSSL 1.1 for -xmpphost :( | |
37 | check_domain "$1 XMPP" -connect $1:5269 -starttls xmpp | |
38 | } | |
39 | ||
40 | check_smtp() { | |
41 | check_domain "$1 SMTP" -connect $1:25 -starttls smtp | |
42 | } | |
43 | ||
44 | check_imap() { | |
45 | check_domain "$1 IMAP" -connect $1:993 | |
46 | } | |
47 | ||
48 | . /etc/certwatch/checks.sh | |
49 | ||
50 | if [[ "$PASS" != 1 ]]; then | |
51 | exit 2; | |
52 | fi | |
53 | ||
54 | exit 0; |