files/certbot-renewal.sh

@@ -1,28 +1,10 @@
 #! /bin/bash
-#should probably add logic to only halt/reload once (and only if necessary)
-function halt() {
-    #stop services if necessary
-    if [ -d /var/lib/ipa/ ]
-    then
-        #stop httpd
-        systemctl stop httpd
-    fi
-}
 function reload() {
     #reload/restart relevant services
     if [ -d /etc/nginx/certs/ ]
     then
         systemctl reload nginx
     fi
-    if [ -d /var/lib/ipa/ ]
-    then
-        #restart httpd
-        systemctl start httpd
-        /scripts/setup-le.sh
-        systemctl restart httpd
-        #load cert
-    fi
-
 }
 
 dom=`date +%d`
@@ -39,9 +21,8 @@ do
     if [[ $today > $expires ]]
     then
         echo Certificate for $f is expired, renewing >> $log
-        halt
         certbot renew --cert-name $f >> /var/log/certbot-renewal.log
-        reload
+        reload()
         continue
     fi
     #convert hostname into day of month between 0 and 28 to renew on specific day of month (reduce chance of running out of cert renewals)
@@ -53,9 +34,8 @@ do
         if [[ $dom -eq $rdate ]]
         then
             echo Date falls within renewal window for $f, attempting renewal >> $log
-            halt
             certbot renew --cert-name $f >> $log
-            reload
+            reload()
             break
         fi
     done