浏览代码

Добавил отправку файла лога. Написал renewal.sh

OBT-SYSADM\tomishinets 6 年之前
父节点
当前提交
56869f2870
共有 2 个文件被更改,包括 27 次插入11 次删除
  1. 12 2
      generate.sh
  2. 15 9
      renewal.sh

+ 12 - 2
generate.sh

@@ -2,6 +2,7 @@
 
 git_dir="pki"
 branch="100883"
+log_file="/var/log/letsencrypt/letsencrypt.log"
 #git_url="git.sdsys.ru/sdsys/pki.git"
 
 function mail_send {
@@ -14,6 +15,7 @@ function mail_send {
               -S smtp-auth-password=$(cat /run/secrets/jenkins-mail-pass) \
               -S nss-config-dir=/etc/pki/nssdb \
               -S from=${JENKINS_MAIL_USER} \
+              -a ${log_file} \
               ${RECIPIENT_MAIL_BOX}
 }
 
@@ -23,8 +25,14 @@ function git_config {
               git config --global user.name "Jenkins"
 }
 
+function clear_log {
+              echo -n > ${log_file}
+}
+
 if [ -z "$*" ]; then message="letsencrypt. No domain specified!!!"; mail_send; exit 1;fi
 
+clear_log
+
 if [ -d /${git_dir} ]
 then
   git_config && git checkout ${branch} && git pull https://${GIT_USER}:$(cat /run/secrets/provision-pass)@${GIT_URL}
@@ -38,8 +46,10 @@ domain=$(echo "$*" | sed 's/ / -d /g')
 certbot certonly --dry-run --webroot -w /var/www/html --config-dir /${git_dir}/letsencrypt -m admin@sdsys.ru -d ${domain}
 if [ $? -ne 0 ];then message="letsencrypt. Can't execute "dry-run" for $(echo $*). Generate cert and key will be skipped!!!"; mail_send; exit 1;fi
 
-#certbot certonly --webroot -w /var/www/html --config-dir /${git_dir}/letsencrypt -m admin@sdsys.ru -d ${domain}
-#if [ $? -ne 0 ];then message="letsencrypt. Can't generate cert and key for $(echo $*). See log !!!"; mail_send; exit 1;fi
+clear_log
+
+certbot certonly --webroot -w /var/www/html --config-dir /${git_dir}/letsencrypt -m admin@sdsys.ru -d ${domain}
+if [ $? -ne 0 ];then message="letsencrypt. Can't generate cert and key for $(echo $*). See log !!!"; mail_send; exit 1;fi
 
 echo "Generate new key and cert for $(echo $*)" > /tmp/commit.txt
 git_config && git add -A && git commit -F /tmp/commit.txt

+ 15 - 9
renewal.sh

@@ -2,6 +2,7 @@
 
 git_dir="pki"
 branch="100883"
+log_file="/var/log/letsencrypt/letsencrypt.log"
 #git_url="git.sdsys.ru/sdsys/pki.git"
 
 function mail_send {
@@ -14,6 +15,7 @@ function mail_send {
               -S smtp-auth-password=$(cat /run/secrets/jenkins-mail-pass) \
               -S nss-config-dir=/etc/pki/nssdb \
               -S from=${JENKINS_MAIL_USER} \
+              -a ${log_file} \
               ${RECIPIENT_MAIL_BOX}
 }
 
@@ -23,7 +25,11 @@ function git_config {
               git config --global user.name "Jenkins"
 }
 
-#if [ -z "$*" ]; then message="letsencrypt. No domain specified!!!"; mail_send; exit 1;fi
+function clear_log {
+              echo -n > ${log_file}
+}
+
+clear_log
 
 if [ -d /${git_dir} ]
 then
@@ -34,18 +40,18 @@ else
   if [ $? -ne 0 ];then message="letsencrypt. Can't clone https://${GIT_URL}"; mail_send; exit 1;fi
 fi
 
-#domain=$(echo "$*" | sed 's/ / -d /g')
-#certbot certonly --dry-run --webroot -w /var/www/html --config-dir /${git_dir}/letsencrypt -m admin@sdsys.ru -d ${domain}
-certbot renew --config-dir /pki/letsencrypt
-if [ $? -ne 0 ];then message="letsencrypt. Can't execute "dry-run" for $(echo $*). Generate cert and key will be skipped!!!"; mail_send; exit 1;fi
+certbot renew --dry-run --config-dir /${git_dir}/letsencrypt
+if [ $? -ne 0 ];then message="letsencrypt. Can't execute "dry-run" renew procces. Renew certs and keys will be skipped!!!"; mail_send; exit 1;fi
+
+clear_log
 
-#certbot certonly --webroot -w /var/www/html --config-dir /${git_dir}/letsencrypt -m admin@sdsys.ru -d ${domain}
-#if [ $? -ne 0 ];then message="letsencrypt. Can't generate cert and key for $(echo $*). See log !!!"; mail_send; exit 1;fi
+certbot renew --config-dir /${git_dir}/letsencrypt
+if [ $? -ne 0 ];then message="letsencrypt. Can't renew certs and keys. See log !!!"; mail_send; exit 1;fi
 
-echo "Generate new key and cert for $(echo $*)" > /tmp/commit.txt
+echo "Renew keys and certs" > /tmp/commit.txt
 git_config && git add -A && git commit -F /tmp/commit.txt
 git push https://${GIT_USER}:$(cat /run/secrets/provision-pass)@${GIT_URL} ${branch}
 if [ $? -ne 0 ];then message="letsencrypt. Can't push diff to https://${GIT_URL} !!!"; mail_send; exit 1;fi
 
-message="letsencrypt. Certs for domain $(echo $*) is generated!!!"
+message="letsencrypt.Renew Certs and Keys are success!!!"
 mail_send