From: Martin Geiseler <hallo@tralafiti.de>
Date: Sun, 6 Dec 2015 13:42:46 +0000 (+0100)
Subject: Renew timeframe as config option
X-Git-Tag: v0.1.0~205
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e300c0a17344481c2f6ae0d0e216024b427f891f;p=thirdparty%2Fdehydrated.git

Renew timeframe as config option
---

diff --git a/config.sh.example b/config.sh.example
index 49b7581..ef8a7da 100644
--- a/config.sh.example
+++ b/config.sh.example
@@ -8,3 +8,6 @@ WELLKNOWN="/var/www/letsencrypt/.well-known/acme-challenge"
 # token; can be used to e.g. upload the challenge if this script doesn't run
 # on the webserver
 #HOOK_CHALLENGE=
+
+# try to renew certs that are within RENEW_DAYS days of there expire date
+#RENEW_DAYS="14"
\ No newline at end of file
diff --git a/letsencrypt.sh b/letsencrypt.sh
index 410d59c..ad2e7bb 100755
--- a/letsencrypt.sh
+++ b/letsencrypt.sh
@@ -8,6 +8,7 @@ set -o pipefail
 CA="https://acme-v01.api.letsencrypt.org"
 LICENSE="https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf"
 HOOK_CHALLENGE=
+RENEW_DAYS="14"
 KEYSIZE="4096"
 
 . ./config.sh
@@ -189,12 +190,12 @@ fi
   domain="$(echo $line | cut -d' ' -f1)"
   if [[ -e "certs/${domain}/cert.pem" ]]; then
     echo -n "Found existing cert for ${domain}. Expire date ..."
-    set +e; openssl x509 -checkend 1209600 -noout -in "certs/${domain}/cert.pem"; expiring=$?; set -e
+    set +e; openssl x509 -checkend $((${RENEW_DAYS} * 86400)) -noout -in "certs/${domain}/cert.pem"; expiring=$?; set -e
     if [[ ${expiring} -eq 0 ]]; then
-        echo " is not within 2 weeks. Skipping"
+        echo " is not within ${RENEW_DAYS} days. Skipping"
         continue
     fi
-    echo " is within 2 weeks. Renewing..."
+    echo " is within ${RENEW_DAYS} days. Renewing..."
   fi
 
   sign_domain $line