From 767868108a78b0c62b6613dba22e81b9134739b2 Mon Sep 17 00:00:00 2001 From: Dimitri Sokolyuk Date: Fri, 18 Mar 2016 19:35:41 +0100 Subject: wip --- cmd/batch/args.go | 3 ++- cmd/batch/files.go | 12 ++++++++++-- cmd/batch/main.go | 26 ++++++++++++++++++++++++-- 3 files changed, 36 insertions(+), 5 deletions(-) (limited to 'cmd/batch') diff --git a/cmd/batch/args.go b/cmd/batch/args.go index 0bb4d99..83475f1 100644 --- a/cmd/batch/args.go +++ b/cmd/batch/args.go @@ -22,7 +22,8 @@ var ( baseDir = flag.String("basedir", "/etc/ssl", "Base directory for SSL files") graceTime = flag.Duration("gracetime", 24*7*time.Hour, "Renew grace time") keySize = flag.Int("keysize", 2048, "Private key size") - provider = flag.String("provider", acme.LE1, "Certificate provider") + provider = flag.String("provider", acme.LES, "Certificate provider (staging)") + force = flag.Bool("force", false, "Forece renewal") emails = new(Emails) domains = new(Domains) ) diff --git a/cmd/batch/files.go b/cmd/batch/files.go index fee7a1a..474d0ff 100644 --- a/cmd/batch/files.go +++ b/cmd/batch/files.go @@ -3,11 +3,12 @@ package main import ( "crypto/tls" "crypto/x509" + "fmt" "io" - "log" "os" "path" "path/filepath" + "time" "dim13.org/acme" ) @@ -18,6 +19,14 @@ type Cert struct { crtFile string } +func (c Cert) String() string { + return fmt.Sprint(c.Leaf.DNSNames, " valid until ", c.Leaf.NotAfter) +} + +func (c Cert) IsValid(grace time.Duration) bool { + return time.Now().Add(grace).Before(c.Leaf.NotAfter) +} + func loadFiles(crtFile, keyFile string) (Cert, error) { crt, err := tls.LoadX509KeyPair(crtFile, keyFile) if err != nil { @@ -67,7 +76,6 @@ func scanFiles(dir string) ([]Cert, error) { c := filepath.Join(dir, "certs", filepath.Base(k[:len(k)-4])+".pem") crt, err := loadFiles(c, k) if err != nil { - log.Println(err) continue } certs = append(certs, crt) diff --git a/cmd/batch/main.go b/cmd/batch/main.go index 28620e3..dbe1195 100644 --- a/cmd/batch/main.go +++ b/cmd/batch/main.go @@ -1,14 +1,36 @@ package main -import "log" +import ( + "log" + + "dim13.org/acme" +) func main() { + log.Println("Scan files") crt, err := scanFiles(*baseDir) if err != nil { log.Fatal(err) } + + log.Println("Dial", *provider) + prov, err := acme.DialProvider(*provider) + if err != nil { + log.Fatal(err) + } + _ = prov + for _, c := range crt { - log.Printf("%+v\n", c.Leaf.NotAfter) + if c.IsValid(*graceTime) && !*force { + log.Println("Skip", c) + continue + } + csr, err := acme.NewCSR(c.PrivateKey, c.Leaf.DNSNames, c.Leaf.EmailAddresses) + if err != nil { + log.Println(err) + continue + } + _ = csr } if len(*emails) > 0 && len(*domains) > 0 { log.Println(*emails) -- cgit v1.2.3