51 lines
1.3 KiB
Python
51 lines
1.3 KiB
Python
# -*- coding: utf-8; mode: python -*-
|
|
|
|
info["owner"] = "root"
|
|
info["group"] = "root"
|
|
info["mode"] = 0644
|
|
|
|
header("Check SSL certificates")
|
|
|
|
def check_cert(host='localhost', port=443, user="www-data", filename=None):
|
|
params={
|
|
'host': host,
|
|
'port': port,
|
|
'user': user,
|
|
'filename': filename,
|
|
}
|
|
if filename:
|
|
out("43 7 * * * %(user)s /usr/scripts/utils/check_cert.py --filename %(filename)s" % params)
|
|
else:
|
|
out("42 7 * * * %(user)s /usr/scripts/utils/check_cert.py %(host)s %(port)s" % params)
|
|
|
|
# Host specific
|
|
if has('https-server') or has('https_cert'):
|
|
check_cert('localhost', 443, 'www-data')
|
|
|
|
if has('imap-server'):
|
|
check_cert('localhost', 993, 'www-data')
|
|
|
|
if has('bcfg2-server'):
|
|
check_cert(metadata.hostname, 6789)
|
|
|
|
if has('asterisk'):
|
|
check_cert('localhost', 5061)
|
|
|
|
# file specific
|
|
if has('nas-auth-server'):
|
|
check_cert(filename='/etc/freeradius/certs/wifi.crt', user='freerad')
|
|
|
|
if has('vpn'):
|
|
check_cert(filename='/etc/ssl/certs/vpn.pem', user='root')
|
|
|
|
if has('xmpp'):
|
|
check_cert(filename='/etc/ssl/certs/jabber_server.pem', user='jabber')
|
|
|
|
if has('mail-mx-main'):
|
|
check_cert('localhost', 465)
|
|
|
|
if has('mail-mx-secondary'):
|
|
check_cert('localhost', 25)
|
|
|
|
if has('infinoted'):
|
|
check_cert(filename='/etc/ssl/certs/infinoted.pem')
|