Procházet zdrojové kódy

Prevent useless sleep in first iteration

As the script is normaly already run at nearly random time, the sleep
is unnesseccary before we requested a letsencrypt cert. Also we do not
need to sleep if the cert is still valid long enough.
master
Jonathan Golder před 7 roky
rodič
revize
418377395d
Signed by: golderweb GPG Key ID: A63CA3193092AD20
  1. 8
      letsencrypt-renew.sh

8
letsencrypt-renew.sh

@ -28,6 +28,9 @@
PATH=/usr/local/bin:/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/sbin
# Detect first iteration to prevent useless sleep
FIRSTITER=1
# PATH to inifiles / letsencrypt dir
if [ -z "${LECONFIGDIR}" ]; then
LECONFIGDIR=~/.config/letsencrypt
@ -46,12 +49,15 @@ for inifile in "${LECONFIGDIR}"/cli-*.ini; do
domain=$(grep -e "[ \t]*domains.*" "${inifile}" | sed "s/ //g" |cut -d "=" -f2 | cut -d "," -f1)
# sleep for a random time so not all certificates get renewed at the same time
sleep $(expr $RANDOM % 600)
if [ $FIRSTITER -ne 1 ]; then
sleep $(expr $RANDOM % 600)
fi
# Check validity of cert for domain
openssl x509 -checkend $(( 21 * 86400 )) -in "${LECONFIGDIR}/live/${domain}/cert.pem" > /dev/null && continue
# run let's encrypt
FIRSTITER=0
letsencrypt certonly -c "${inifile}" || continue
# import certificate

Načítá se…
Zrušit
Uložit