|
|
@@ -3,39 +3,42 @@
|
|
|
git_dir="pki"
|
|
|
branch="100883"
|
|
|
log_file="/var/log/letsencrypt/letsencrypt.log"
|
|
|
+message_file="/var/log/letsencrypt/letsencrypt_out.log"
|
|
|
#git_url="git.sdsys.ru/sdsys/pki.git"
|
|
|
|
|
|
if [[ -z ${CERT_SUBDIR} ]];then echo "variable CERT_SUBDIR doesn't set"; exit 1;fi
|
|
|
-
|
|
|
-function mail_send {
|
|
|
- echo "${message}"|mail -s "Attention! Certificate status!" \
|
|
|
- -S smtp=${SMTP_SERVER} \
|
|
|
- -S smtp-use-starttls \
|
|
|
- -S smtp-auth=login \
|
|
|
- -S ssl-verify=ignore \
|
|
|
- -S smtp-auth-user=${JENKINS_MAIL_USER} \
|
|
|
- -S smtp-auth-password=$(cat /run/secrets/jenkins-mail-pass) \
|
|
|
- -S nss-config-dir=/etc/pki/nssdb \
|
|
|
- -S from=${JENKINS_MAIL_USER} \
|
|
|
- -a ${log_file} \
|
|
|
- ${RECIPIENT_MAIL_BOX}
|
|
|
+[[ ${CERT_SUBDIR} == "dev_iru" ]] && exit 0
|
|
|
+
|
|
|
+mail_send() {
|
|
|
+ echo "$1"|mail -s "Attention! Certificate status!" \
|
|
|
+ -S smtp=${SMTP_SERVER} \
|
|
|
+ -S smtp-use-starttls \
|
|
|
+ -S smtp-auth=login \
|
|
|
+ -S ssl-verify=ignore \
|
|
|
+ -S smtp-auth-user=${JENKINS_MAIL_USER} \
|
|
|
+ -S smtp-auth-password=$(cat /run/secrets/jenkins-mail-pass) \
|
|
|
+ -S nss-config-dir=/etc/pki/nssdb \
|
|
|
+ -S from=${JENKINS_MAIL_USER} \
|
|
|
+ -a ${message_file} \
|
|
|
+ ${RECIPIENT_MAIL_BOX}
|
|
|
}
|
|
|
|
|
|
-function git_config {
|
|
|
+git_config() {
|
|
|
cd /${git_dir}
|
|
|
git config --global user.email "${JENKINS_MAIL_USER}"
|
|
|
git config --global user.name "Jenkins"
|
|
|
}
|
|
|
|
|
|
-function clear_log {
|
|
|
+clear_log() {
|
|
|
echo -n > ${log_file}
|
|
|
+ echo -n > ${message_file}
|
|
|
}
|
|
|
|
|
|
clear_log
|
|
|
|
|
|
[[ -d /${git_dir} ]] && rm -rf /${git_dir}
|
|
|
cd / && git clone https://${GIT_USER}:$(cat /run/secrets/provision-pass)@${GIT_URL} && cd /${git_dir} && git checkout ${branch}
|
|
|
-if [ $? -ne 0 ];then message="letsencrypt. Can't clone https://${GIT_URL}"; mail_send; exit 1;fi
|
|
|
+if [ $? -ne 0 ];then mail_send "letsencrypt. Can't clone https://${GIT_URL}";exit 1;fi
|
|
|
|
|
|
|
|
|
#certbot renew --dry-run --config-dir /${git_dir}/letsencrypt
|
|
|
@@ -43,13 +46,13 @@ if [ $? -ne 0 ];then message="letsencrypt. Can't clone https://${GIT_URL}"; mail
|
|
|
|
|
|
#clear_log
|
|
|
|
|
|
-certbot renew --config-dir /${git_dir}/${CERT_SUBDIR}/letsencrypt
|
|
|
-if [ $? -ne 0 ];then message="letsencrypt. Can't renew certs and keys. See log !!!"; mail_send; exit 1;fi
|
|
|
+certbot renew --config-dir /${git_dir}/${CERT_SUBDIR}/letsencrypt >> ${message_file} 2>&1
|
|
|
+if [ $? -ne 0 ];then mail_send "LETSENCRYPT!!! Can't renew certs and keys. See log !!!";exit 1;fi
|
|
|
|
|
|
echo "Renew keys and certs" > /tmp/commit.txt
|
|
|
git_config && git add -A && git commit -F /tmp/commit.txt
|
|
|
git push https://${GIT_USER}:$(cat /run/secrets/provision-pass)@${GIT_URL} ${branch}
|
|
|
-if [ $? -ne 0 ];then message="letsencrypt. Can't push diff to https://${GIT_URL} !!!"; mail_send; exit 1;fi
|
|
|
+if [ $? -ne 0 ];then mail_send "letsencrypt. Can't push diff to https://${GIT_URL} !!!";exit 1;fi
|
|
|
+
|
|
|
+mail_send "LETSENCRYPT!!! Renew Certs and Keys are success!!!"
|
|
|
|
|
|
-message="letsencrypt.Renew Certs and Keys are success!!!"
|
|
|
-mail_send
|
