Commit 8ba636ca authored by Laurent Peuch's avatar Laurent Peuch

[enh] add --cron option to only renew older than 4month certificate

parent ee0c90e5
......@@ -3,10 +3,13 @@ import sys
import time
import shutil
import subprocess
from datetime import datetime
from renew import renew
from debug_context_manager import debug
CRT_PATH = "/etc/openvpn/keys/user.crt"
def from_cube():
if os.path.exists("/etc/openvpn/keys/credentials"):
login, password = [x.strip() for x in open("/etc/openvpn/keys/credentials", "r").read().split("\n") if x.strip()]
......@@ -16,6 +19,16 @@ def from_cube():
print("Error: I can't find your credentials for neutrinet since neither /etc/openvpn/keys/credentials nor /etc/openvpn/auth exists on your filesystem")
sys.exit(1)
in_cron = (sys.argv[1:] and sys.argv[:1][0] == "--cron")
if in_cron and os.path.exists(CRT_PATH):
expiration_date = subprocess.check_output('openssl x509 -in %s -noout -enddate | sed -e "s/.*=//"' % CRT_PATH, shell=True).strip()
expiration_date = datetime.strptime(expiration_date, "%b %d %H:%M:%S %Y GMT")
delta = (expiration_date - datetime.now())
# only renew if cert expire in less than 4 months
if delta.days > (31 * 4):
sys.exit(0)
result_dir = renew(login, password)
run_id = result_dir.split("_", 1)[1]
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment