diff options
author | Jesse Luehrs <doy@tozt.net> | 2020-07-05 20:26:08 -0400 |
---|---|---|
committer | Jesse Luehrs <doy@tozt.net> | 2020-07-05 20:27:49 -0400 |
commit | 381a4252ae8c9384d257350d258508e5d496799f (patch) | |
tree | f9ab9fd37847fa38c1db5f196107a04d578ede1b /modules/tick/files | |
parent | bc3c5a1ffdecf02061933df4fb00ed11be06ce37 (diff) | |
download | puppet-tozt-381a4252ae8c9384d257350d258508e5d496799f.tar.gz puppet-tozt-381a4252ae8c9384d257350d258508e5d496799f.zip |
add certbot telegraf plugin
Diffstat (limited to 'modules/tick/files')
-rw-r--r-- | modules/tick/files/plugins/certbot | 3 | ||||
-rw-r--r-- | modules/tick/files/plugins/certbot.conf | 3 | ||||
-rw-r--r-- | modules/tick/files/plugins/certbot.sudoers | 3 | ||||
-rw-r--r-- | modules/tick/files/plugins/certbot_inner | 14 |
4 files changed, 23 insertions, 0 deletions
diff --git a/modules/tick/files/plugins/certbot b/modules/tick/files/plugins/certbot new file mode 100644 index 0000000..af3f340 --- /dev/null +++ b/modules/tick/files/plugins/certbot @@ -0,0 +1,3 @@ +#!/bin/sh + +sudo "$(dirname $0)/certbot_inner" diff --git a/modules/tick/files/plugins/certbot.conf b/modules/tick/files/plugins/certbot.conf new file mode 100644 index 0000000..0e4a923 --- /dev/null +++ b/modules/tick/files/plugins/certbot.conf @@ -0,0 +1,3 @@ +[[inputs.exec]] +commands = ["/etc/telegraf/plugins/certbot"] +data_format = "influx" diff --git a/modules/tick/files/plugins/certbot.sudoers b/modules/tick/files/plugins/certbot.sudoers new file mode 100644 index 0000000..bab97c7 --- /dev/null +++ b/modules/tick/files/plugins/certbot.sudoers @@ -0,0 +1,3 @@ +Cmnd_Alias CERTBOTINNER = /etc/telegraf/plugins/certbot_inner +telegraf ALL=(ALL) NOPASSWD: CERTBOTINNER +Defaults!CERTBOTINNER !logfile, !syslog, !pam_session diff --git a/modules/tick/files/plugins/certbot_inner b/modules/tick/files/plugins/certbot_inner new file mode 100644 index 0000000..5d31c35 --- /dev/null +++ b/modules/tick/files/plugins/certbot_inner @@ -0,0 +1,14 @@ +#!/usr/bin/env ruby + +require 'openssl' + +config_dir = "/media/persistent/certbot" + +(Dir.entries("#{config_dir}/live/") - [".", ".."]).each do |site| + next unless File.directory?("#{config_dir}/live/#{site}") + cert = File.read("#{config_dir}/live/#{site}/cert.pem") + x509 = OpenSSL::X509::Certificate.new(cert) + days = (x509.not_after - Time.now) / 60 / 60 / 24 + sanitized_site = site.gsub(/[^a-zA-Z0-9]/, '_') + puts "certbot,site=#{sanitized_site} days_remaining=#{days}" +end |