kubernetes-acme-tiny/renew at master · muchlearning/kubernetes-acme-tiny · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
#!/bin/sh

set +e

if [ "$1" = "--force" -o "$1" = "-f" ]; then
    shift
else
    # only renew if certificate will expire within 20 days (=1728000 seconds)
    openssl x509 -checkend 1728000 -in /etc/acme-tiny/certs/$1 && exit
fi

if [ -z "$1" ]; then
    echo "Please provide the certificate name as argument"
    exit 1
fi

set -e

mkdir -p /var/lib/acme-tiny/certs/$1
python /opt/acme-tiny/acme_tiny.py --account-key /etc/acme-tiny/secrets/account.key --csr /etc/acme-tiny/csrs/$1.csr --acme-dir /var/lib/acme-tiny/challenge/.well-known/acme-challenge/ > /var/lib/acme-tiny/certs/$1/cert.pem
/opt/cert-chain-resolver-py/cert-chain-resolver.py -o /var/lib/acme-tiny/certs/$1/chain.pem -i /var/lib/acme-tiny/certs/$1/cert.pem -n 1
python /opt/acme-tiny-utils/put-certificate.py $1
echo "Renewed certificate"