diff --git a/update-mailcow-certs-cron b/update-mailcow-certs-cron new file mode 100644 index 0000000..66b5037 --- /dev/null +++ b/update-mailcow-certs-cron @@ -0,0 +1,11 @@ +# /etc/cron.d/update-mailcow-certs-cron - ensure we're using the latest mailcow certs... +# +# Check daily... +# +# Eventually, this will be an opportunity to validate certificates +# haven't been revoked, etc. Renewal will only occur if expiration +# is within 30 days. +SHELL=/bin/sh +PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin + +0 2 * * * root /home/data/scripts/update-mailcow-certs/update-mailcow-certs.sh diff --git a/update-mailcow-certs.sh b/update-mailcow-certs.sh index fd83a6e..6ba2647 100755 --- a/update-mailcow-certs.sh +++ b/update-mailcow-certs.sh @@ -8,9 +8,9 @@ VERBOSE=1 # send an email, setting default subject... EMAIL_SUBJ="MailCow cert for $DOMAIN" # -EMAIL=sysadmin@oerfoundation.org +EMAIL=dave@davelane.nz # Mailcow stuff -DOMAIN=about.oerfoundation.org +DOMAIN=moe.lane.net.nz MCDIR=/home/docker/mailcow SSLDIR=data/assets/ssl MCCA=$MCDIR/$SSLDIR/cert.pem @@ -29,6 +29,8 @@ LS=`which ls` DATE=`date '+%Y-%m-%d'` # email program MAIL=`which mail` +# docker-compose +DC=`which docker-compose` # temporary holding point for email TMP_EMAIL=/tmp/tmp_email.$0.$DATE_$TIME # @@ -81,15 +83,23 @@ send_email_report() { fi } +restart_mailcow() { + CWD=`pwd` + cd $MCDIR + # restart the mailcow app + $DC stop && $DC up -d + cd $CWD +} # get the dates for the files... MCCA_DATE=$(getfiledate $MCCA) -#MCPRIV_DATE=$(getfiledate $MCPRIV_DATE) +MCPRIV_DATE=$(getfiledate $MCPRIV_DATE) LECA_DATE=$(getfiledate $LECA) -#LEPRIV_DATE=$(getfiledate $LEPRIV_DATE) +LEPRIV_DATE=$(getfiledate $LEPRIV_DATE) # is the Let's Encrypt CA more recent than that used by Mailcow? # If so - update the Mailcow ones, reload Mailcow, and alert the webmaster +EX=0 if (( "$LECA_DATE" > "$MCCA_DATE" )) ; then create_tmp_email message "Need to update MailCow certs for $DOMAIN!" @@ -104,17 +114,18 @@ if (( "$LECA_DATE" > "$MCCA_DATE" )) ; then MCCA_DATE=$(getfiledate $MCCA) MCPRIV_DATE=$(getfiledate $MCPRIV_DATE) if (( "$MCCA_DATE" < "$LECA_DATE" && "$MCPRIV_DATE" < "$LECAPRIV_DATE" )) ; then + restart_mailcow msg="Updated $MCCA and $MCPRIV at $TIMESTAMP" EMAIL_SUBJ='Success! '${EMAIL_SUBJ} else msg="Failed to update $MCCA and $MCPRIV at $TIMESTAMP" EMAIL_SUBJ='Failed! '${EMAIL_SUBJ} + EX=0 fi message $msg - email $msg send_email_report else message "MailCow certs for $DOMAIN still current..." fi - +exit $EX