From db28d25bfa81a1780174ddfd285648bb61565600 Mon Sep 17 00:00:00 2001
From: vincent <vincent@ducamps.win>
Date: Sun, 27 Sep 2020 18:19:13 +0200
Subject: [PATCH] add certbot.py

---
 script/script/certbot.py | 43 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 43 insertions(+)
 create mode 100644 script/script/certbot.py

diff --git a/script/script/certbot.py b/script/script/certbot.py
new file mode 100644
index 0000000..12d84b2
--- /dev/null
+++ b/script/script/certbot.py
@@ -0,0 +1,43 @@
+import datetime
+import socket
+import ssl
+
+import sys
+
+HOSTNAME="www.ducamps.win"
+WEBSERVEURUNIT="nginx.service"
+
+def ssl_expiry_datetime(hostname: str) -> datetime.datetime:
+    ssl_date_fmt = r'%b %d %H:%M:%S %Y %Z'
+
+    context = ssl.create_default_context()
+    conn = context.wrap_socket(
+        socket.socket(socket.AF_INET),
+        server_hostname=hostname,
+    )
+    # 3 second timeout because Lambda has runtime limitations
+    conn.settimeout(3.0)
+    conn.connect((hostname, 443))
+    
+    ssl_info = conn.getpeercert()
+    # parse the string from the certificate into a Python datetime object
+    return datetime.datetime.strptime(ssl_info['notAfter'], ssl_date_fmt)
+
+try:
+    ssl_remaining=ssl_expiry_datetime(HOSTNAME ) - datetime.datetime.utcnow()
+except ConnectionRefusedError:
+    print(f"can't connect to {HOSTNAME}")
+    sys.exit(0)
+except socket.gaierror:
+    print(f"{HOSTNAME} not exist")
+    sys.exit(0)
+
+if ssl_remaining.days < 5 :
+    print("certificat will expire in  {0} launch renewal procedure".format(ssl_remaining))
+    print("stopping {0}".format(WEBSERVEURUNIT))
+    print("renewal cert")
+    print("starting {0}".format(WEBSERVEURUNIT))
+
+else:
+    print("certificat will expire in  {0} no renewal need".format(ssl_remaining))
+    sys.exit(0)