Anthony Allen
Monday February 20, 2017
I have full control over the DNS. So I use the manual method, dns-01, with success.
Purpose: Weekly check for Dehydrated certificate renewal.
Comment out weeks that are not desired to check!
Usage: Cron file is checked daily. Placed in /etc/crond.d
Example Cron file:
0 20 * * 6 /path/to/script/weeklycheck.sh
i.e. check daily but run the script if the time is 8pm Saturday.
Don’t place script (in this case weeklycheck.sh, the script to be run) in directory cron.d.
Disclaimer: Limited testing for bash only on Fedora. Test, use and modify at your own risk.
start: weeklycheck.sh
#! /usr/bin/bash
#Get day of the month.
#NOTE: bash day of month (dom) IS the date i.e. the number of cron’s day of the week, the day in which cron runs
dom=$(date +%d)
comment: #check if dom in 1st week. If dom in 1st week check certificate for renewal
if [ $dom -le 07 ]; then
/path/to/dehydrated/dehydrated -c -t dns-01 -k /path/to/dehydrated/hooks/manual/manual_hook.rb
#check if dom in 2nd week. If dom in 2nd week check certificate for renewal
elif [ $dom -ge 08 ] && [ $dom -le 14 ]; then
/path/to/dehydrated/dehydrated -c -t dns-01 -k /path/to/dehydrated/hooks/manual/manual_hook.rb
#check if dom in 3rd week. If dom in 3rd week check certificate for renewal
elif [ $dom -ge 15 ] && [ $dom -le 21 ]; then
/path/to/dehydrated/dehydrated -c -t dns-01 -k /path/to/dehydrated/hooks/manual/manual_hook.rb
#check if dom in 4th week. If dom in 4th week check certificate for renewal
elif [ $dom -ge 22 ] && [ $dom -le 28 ]; then
/path/to/dehydrated/dehydrated -c -t dns-01 -k /path/to/dehydrated/hooks/manual/manual_hook.rb
#check if dom in 5th week. If dom in 5th week check certificate for renewal
elif [ $dom -ge 29 ] && [ $dom -le 31 ]; then
/path/to/dehydrated/dehydrated -c -t dns-01 -k /path/to/dehydrated/hooks/manual/manual_hook.rb
fi
end: weeklycheck.sh
As mentioned, comment out the weeks not desired.
The script does not address when the certificate is up for renewal.