Mercurial > certwatch-docker / file comparison
comparison: certwatch.sh
certwatch.sh
- changeset 0
- e6c11dadd985
equal
deleted
inserted
replaced
| -1:000000000000 | 0:e6c11dadd985 |
|---|---|
| 1 #!/bin/bash | |
| 2 | |
| 3 . /etc/certwatch/config.sh | |
| 4 | |
| 5 PASS=1 | |
| 6 | |
| 7 check_domain() { | |
| 8 DOMAIN="$1" | |
| 9 shift; | |
| 10 DAYS=14 | |
| 11 CRT=$(echo "" | openssl s_client $@ 2>/dev/null); | |
| 12 if [[ $? != 0 ]]; then | |
| 13 PASS=0 | |
| 14 send_notification "Check failed for $DOMAIN" "$CRT"; | |
| 15 return; | |
| 16 fi | |
| 17 | |
| 18 if (echo "$CRT" | openssl x509 -noout -checkend $(($DAYS*3600*24)) >/dev/null 2>&1); then | |
| 19 return; | |
| 20 fi | |
| 21 MSG=$(echo "$CRT" | openssl x509 -noout -text|egrep 'CN|DNS|Not After' 2>/dev/null) | |
| 22 PASS=0 | |
| 23 send_notification "Certificate expiry: $DOMAIN" "$MSG" | |
| 24 } | |
| 25 | |
| 26 check_https() { | |
| 27 check_domain "$1 HTTPS" -servername $1 -connect $1:443 | |
| 28 } | |
| 29 | |
| 30 check_xmpp() { | |
| 31 # need OpenSSL 1.1 for -xmpphost :( | |
| 32 check_domain "$1 XMPP" -connect $1:5222 -starttls xmpp | |
| 33 } | |
| 34 | |
| 35 check_xmpps2s() { | |
| 36 # need OpenSSL 1.1 for -xmpphost :( | |
| 37 check_domain "$1 XMPP" -connect $1:5269 -starttls xmpp | |
| 38 } | |
| 39 | |
| 40 check_smtp() { | |
| 41 check_domain "$1 SMTP" -connect $1:25 -starttls smtp | |
| 42 } | |
| 43 | |
| 44 check_imap() { | |
| 45 check_domain "$1 IMAP" -connect $1:993 | |
| 46 } | |
| 47 | |
| 48 . /etc/certwatch/checks.sh | |
| 49 | |
| 50 if [[ "$PASS" != 1 ]]; then | |
| 51 exit 2; | |
| 52 fi | |
| 53 | |
| 54 exit 0; |
