Mercurial > certwatch-docker / file diff

diff: certwatch.sh

certwatch.sh

changeset 0
e6c11dadd985
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/certwatch.sh	Fri May 01 15:27:45 2020 +0100
@@ -0,0 +1,54 @@
+#!/bin/bash
+
+. /etc/certwatch/config.sh
+
+PASS=1
+
+check_domain() {
+	DOMAIN="$1"
+	shift;
+	DAYS=14
+	CRT=$(echo "" | openssl s_client $@ 2>/dev/null);
+	if [[ $? != 0 ]]; then
+		PASS=0
+		send_notification "Check failed for $DOMAIN" "$CRT";
+		return;
+	fi
+
+	if (echo "$CRT" | openssl x509 -noout -checkend $(($DAYS*3600*24)) >/dev/null 2>&1); then
+		return;
+	fi
+	MSG=$(echo "$CRT" | openssl x509 -noout -text|egrep 'CN|DNS|Not After' 2>/dev/null)
+	PASS=0
+	send_notification "Certificate expiry: $DOMAIN" "$MSG"
+}
+
+check_https() {
+	check_domain "$1 HTTPS" -servername $1 -connect $1:443
+}
+
+check_xmpp() {
+	# need OpenSSL 1.1 for -xmpphost :(
+	check_domain "$1 XMPP" -connect $1:5222 -starttls xmpp
+}
+
+check_xmpps2s() {
+	# need OpenSSL 1.1 for -xmpphost :(
+	check_domain "$1 XMPP" -connect $1:5269 -starttls xmpp
+}
+
+check_smtp() {
+	check_domain "$1 SMTP" -connect $1:25 -starttls smtp
+}
+
+check_imap() {
+	check_domain "$1 IMAP" -connect $1:993
+}
+
+. /etc/certwatch/checks.sh
+
+if [[ "$PASS" != 1 ]]; then
+	exit 2;
+fi
+
+exit 0;

Mercurial Repository: certwatch-docker

mercurial