Cron with Bash Script to check Dehydrated for certificat renewal


#1

Anthony Allen
Monday February 20, 2017
I have full control over the DNS. So I use the manual method, dns-01, with success.

Purpose: Weekly check for Dehydrated certificate renewal.
Comment out weeks that are not desired to check!

Usage: Cron file is checked daily. Placed in /etc/crond.d

Example Cron file:
0 20 * * 6 /path/to/script/weeklycheck.sh
i.e. check daily but run the script if the time is 8pm Saturday.
Don’t place script (in this case weeklycheck.sh, the script to be run) in directory cron.d.

Disclaimer: Limited testing for bash only on Fedora. Test, use and modify at your own risk.

start: weeklycheck.sh

#! /usr/bin/bash

#Get day of the month.
#NOTE: bash day of month (dom) IS the date i.e. the number of cron’s day of the week, the day in which cron runs

dom=$(date +%d)

comment: #check if dom in 1st week. If dom in 1st week check certificate for renewal
if [ $dom -le 07 ]; then
/path/to/dehydrated/dehydrated -c -t dns-01 -k /path/to/dehydrated/hooks/manual/manual_hook.rb

#check if dom in 2nd week. If dom in 2nd week check certificate for renewal
elif [ $dom -ge 08 ] && [ $dom -le 14 ]; then
/path/to/dehydrated/dehydrated -c -t dns-01 -k /path/to/dehydrated/hooks/manual/manual_hook.rb

#check if dom in 3rd week. If dom in 3rd week check certificate for renewal
elif [ $dom -ge 15 ] && [ $dom -le 21 ]; then
/path/to/dehydrated/dehydrated -c -t dns-01 -k /path/to/dehydrated/hooks/manual/manual_hook.rb

#check if dom in 4th week. If dom in 4th week check certificate for renewal
elif [ $dom -ge 22 ] && [ $dom -le 28 ]; then
/path/to/dehydrated/dehydrated -c -t dns-01 -k /path/to/dehydrated/hooks/manual/manual_hook.rb

#check if dom in 5th week. If dom in 5th week check certificate for renewal
elif [ $dom -ge 29 ] && [ $dom -le 31 ]; then
/path/to/dehydrated/dehydrated -c -t dns-01 -k /path/to/dehydrated/hooks/manual/manual_hook.rb

fi

end: weeklycheck.sh

As mentioned, comment out the weeks not desired.
The script does not address when the certificate is up for renewal.


#2

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.