wezzels · November 6, 2023 14:36
diff --git a/gistfile1.txt b/gistfile1.txt
 #!/usr/bin/env bash
 # crontab -e
 # 0 0 * * * LOCATION_OF_SCRIPT
 TLS_DIR='./' # Set to certificate dir IE: /etc/ssl /etc/nginx/ssl
 ALIAS='gitlab'
 DOMAIN='botum.us'
 KEY="${TLS_DIR}${ALIAS}.${DOMAIN}.key"
 CERT="${TLS_DIR}${ALIAS}.${DOMAIN}.crt"
 COUNTRY='US'
 STATE='New Mexico'
 LOCATION='Albuquerque'
 ORG='Personal'
 UNIT='Private'
 OPENSSL="$(which openssl)"
 OPENSSL_VERSION="${OPENSSL} version | cut -d' ' -f2"
 RENEW_DAYS=10
 VALID_DAYS=60
 #
 function version { echo "$@" | awk -F. '{ printf("%d%03d%03d%03d\n", $1,$2,$3,$4); }'; }
 #
 if [ -f "${KEY}" ]; then
        valid="$("${OPENSSL}" x509 -enddate -noout -in "${CERT}" | cut -d= -f2- )"
        if "${OPENSSL}" x509 -checkend $((RENEW_DAYS * 86400)) -noout -in "${CERT}" 2>%1>/dev/null; then
 		echo "[Warn] good until ${valid}"
        	#cat ${CERT} | openssl x509 -noout -dates
 		exit
 	fi
 fi
 #
 if [ $(version ${OPENSSL_VERSION}) -ge $(version "1.1.1") ]; then
 	openssl req -nodes -x509 -sha256 -newkey rsa:4096 \
 	  -keyout ${KEY} \
 	  -out ${CERT} \
 	  -days ${VALID_DAYS} \
 	  -subj "/C=${COUNTRY}/ST=${STATE}/L=${LOCATION}/O=${ORG}/OU=${UNIT}/CN=${DOMAIN}"  \
 	  -addext "subjectAltName = DNS:localhost,DNS:${ALIAS},DNS:${ALIAS}.${DOMAIN}" 
 else
 	openssl req -nodes -x509 -sha256 -newkey rsa:4096 \
 	  -keyout ${KEY} \
 	  -out ${CERT} \
 	  -days ${VALID_DAYS} \
 	  -subj "/C=${COUNTRY}/ST=${STATE}/L=${LOCATION}/O=${ORG}/OU=${UNIT}/CN=${DOMAIN}" \
 	  -extensions san \
 	  -config <( \
 	  	echo '[req]'; \
 	  	echo 'distinguished_name=req'; \
 	  	echo '[san]'; \
 	  	echo "subjectAltName=DNS:localhost,DNS:${ALIAS},DNS:${ALIAS}.${DOMAIN}")
 fi
	#!/usr/bin/env bash
	# crontab -e
	# 0 0 * * * LOCATION_OF_SCRIPT
	TLS_DIR='./' # Set to certificate dir IE: /etc/ssl /etc/nginx/ssl
	ALIAS='gitlab'
	DOMAIN='botum.us'
	KEY="${TLS_DIR}${ALIAS}.${DOMAIN}.key"
	CERT="${TLS_DIR}${ALIAS}.${DOMAIN}.crt"
	COUNTRY='US'
	STATE='New Mexico'
	LOCATION='Albuquerque'
	ORG='Personal'
	UNIT='Private'
	OPENSSL="$(which openssl)"
	OPENSSL_VERSION="${OPENSSL} version \| cut -d' ' -f2"
	RENEW_DAYS=10
	VALID_DAYS=60
	#
	function version { echo "$@" \| awk -F. '{ printf("%d%03d%03d%03d\n", $1,$2,$3,$4); }'; }
	#
	if [ -f "${KEY}" ]; then
	valid="$("${OPENSSL}" x509 -enddate -noout -in "${CERT}" \| cut -d= -f2- )"
	if "${OPENSSL}" x509 -checkend $((RENEW_DAYS * 86400)) -noout -in "${CERT}" 2>%1>/dev/null; then
	echo "[Warn] good until ${valid}"
	#cat ${CERT} \| openssl x509 -noout -dates
	exit
	fi
	fi
	#
	if [ $(version ${OPENSSL_VERSION}) -ge $(version "1.1.1") ]; then
	openssl req -nodes -x509 -sha256 -newkey rsa:4096 \
	-keyout ${KEY} \
	-out ${CERT} \
	-days ${VALID_DAYS} \
	-subj "/C=${COUNTRY}/ST=${STATE}/L=${LOCATION}/O=${ORG}/OU=${UNIT}/CN=${DOMAIN}" \
	-addext "subjectAltName = DNS:localhost,DNS:${ALIAS},DNS:${ALIAS}.${DOMAIN}"
	else
	openssl req -nodes -x509 -sha256 -newkey rsa:4096 \
	-keyout ${KEY} \
	-out ${CERT} \
	-days ${VALID_DAYS} \
	-subj "/C=${COUNTRY}/ST=${STATE}/L=${LOCATION}/O=${ORG}/OU=${UNIT}/CN=${DOMAIN}" \
	-extensions san \
	-config <( \
	echo '[req]'; \
	echo 'distinguished_name=req'; \
	echo '[san]'; \
	echo "subjectAltName=DNS:localhost,DNS:${ALIAS},DNS:${ALIAS}.${DOMAIN}")
	fi