add certbot telegraf plugin

4 files changed, 23 insertions, 0 deletions

diff --git a/modules/tick/files/plugins/certbot b/modules/tick/files/plugins/certbot
new file mode 100644
index 0000000..af3f340
--- /dev/null
+++ b/modules/tick/files/plugins/certbot
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+sudo "$(dirname $0)/certbot_inner"
diff --git a/modules/tick/files/plugins/certbot.conf b/modules/tick/files/plugins/certbot.conf
new file mode 100644
index 0000000..0e4a923
--- /dev/null
+++ b/modules/tick/files/plugins/certbot.conf
@@ -0,0 +1,3 @@
+[[inputs.exec]]
+commands = ["/etc/telegraf/plugins/certbot"]
+data_format = "influx"
diff --git a/modules/tick/files/plugins/certbot.sudoers b/modules/tick/files/plugins/certbot.sudoers
new file mode 100644
index 0000000..bab97c7
--- /dev/null
+++ b/modules/tick/files/plugins/certbot.sudoers
@@ -0,0 +1,3 @@
+Cmnd_Alias CERTBOTINNER = /etc/telegraf/plugins/certbot_inner
+telegraf  ALL=(ALL) NOPASSWD: CERTBOTINNER
+Defaults!CERTBOTINNER !logfile, !syslog, !pam_session
diff --git a/modules/tick/files/plugins/certbot_inner b/modules/tick/files/plugins/certbot_inner
new file mode 100644
index 0000000..5d31c35
--- /dev/null
+++ b/modules/tick/files/plugins/certbot_inner
@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+
+require 'openssl'
+
+config_dir = "/media/persistent/certbot"
+
+(Dir.entries("#{config_dir}/live/") - [".", ".."]).each do |site|
+  next unless File.directory?("#{config_dir}/live/#{site}")
+  cert = File.read("#{config_dir}/live/#{site}/cert.pem")
+  x509 = OpenSSL::X509::Certificate.new(cert)
+  days = (x509.not_after - Time.now) / 60 / 60 / 24
+  sanitized_site = site.gsub(/[^a-zA-Z0-9]/, '_')
+  puts "certbot,site=#{sanitized_site} days_remaining=#{days}"
+end