Browse Source

Prevent useless sleep in first iteration

As the script is normaly already run at nearly random time, the sleep
is unnesseccary before we requested a letsencrypt cert. Also we do not
need to sleep if the cert is still valid long enough.
master
Jonathan Golder 3 years ago
parent
commit
418377395d
Signed by: golderweb <jonathan@golderweb.de> GPG Key ID: A63CA3193092AD20
1 changed files with 7 additions and 1 deletions
  1. +7
    -1
      letsencrypt-renew.sh

+ 7
- 1
letsencrypt-renew.sh View File

@@ -28,6 +28,9 @@

PATH=/usr/local/bin:/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/sbin

# Detect first iteration to prevent useless sleep
FIRSTITER=1

# PATH to inifiles / letsencrypt dir
if [ -z "${LECONFIGDIR}" ]; then
LECONFIGDIR=~/.config/letsencrypt
@@ -46,12 +49,15 @@ for inifile in "${LECONFIGDIR}"/cli-*.ini; do
domain=$(grep -e "[ \t]*domains.*" "${inifile}" | sed "s/ //g" |cut -d "=" -f2 | cut -d "," -f1)

# sleep for a random time so not all certificates get renewed at the same time
sleep $(expr $RANDOM % 600)
if [ $FIRSTITER -ne 1 ]; then
sleep $(expr $RANDOM % 600)
fi

# Check validity of cert for domain
openssl x509 -checkend $(( 21 * 86400 )) -in "${LECONFIGDIR}/live/${domain}/cert.pem" > /dev/null && continue

# run let's encrypt
FIRSTITER=0
letsencrypt certonly -c "${inifile}" || continue

# import certificate


Loading…
Cancel
Save