add certbot.py

This commit is contained in:
vincent 2020-09-27 18:19:13 +02:00
parent 13af397a2d
commit db28d25bfa

43
script/script/certbot.py Normal file
View File

@ -0,0 +1,43 @@
import datetime
import socket
import ssl
import sys
HOSTNAME="www.ducamps.win"
WEBSERVEURUNIT="nginx.service"
def ssl_expiry_datetime(hostname: str) -> datetime.datetime:
ssl_date_fmt = r'%b %d %H:%M:%S %Y %Z'
context = ssl.create_default_context()
conn = context.wrap_socket(
socket.socket(socket.AF_INET),
server_hostname=hostname,
)
# 3 second timeout because Lambda has runtime limitations
conn.settimeout(3.0)
conn.connect((hostname, 443))
ssl_info = conn.getpeercert()
# parse the string from the certificate into a Python datetime object
return datetime.datetime.strptime(ssl_info['notAfter'], ssl_date_fmt)
try:
ssl_remaining=ssl_expiry_datetime(HOSTNAME ) - datetime.datetime.utcnow()
except ConnectionRefusedError:
print(f"can't connect to {HOSTNAME}")
sys.exit(0)
except socket.gaierror:
print(f"{HOSTNAME} not exist")
sys.exit(0)
if ssl_remaining.days < 5 :
print("certificat will expire in {0} launch renewal procedure".format(ssl_remaining))
print("stopping {0}".format(WEBSERVEURUNIT))
print("renewal cert")
print("starting {0}".format(WEBSERVEURUNIT))
else:
print("certificat will expire in {0} no renewal need".format(ssl_remaining))
sys.exit(0)