Current File : //scripts/check_domains_log.sh

#!/bin/bash

PORT=80
WEBSERVER="java"  # Change this to "litespeed" if using LiteSpeed
LSOF_LIB=`whereis lsof | awk '{print $2}'`
HTTPD_LISTEN=`$LSOF_LIB -i tcp:80 | awk '{print$1}' | awk 'END{print}'`
if [[ $HTTPD_LISTEN = "java" ]]
then
echo "java running 80" 
exit
fi

# Path to the Certbot executable
CERTBOT_PATH="/usr/bin/certbot"

# Check if Certbot is installed
if ! command -v $CERTBOT_PATH &> /dev/null; then
    echo "Certbot not found. Please install Certbot."
    exit 1
fi

# Function to check if a date is less than N days away
is_less_than_n_days() {
    target_date=$(date -d "$1" +%s)
    current_date=$(date +%s)
    threshold=$((6 * 24 * 60 * 60))  # 6 days in seconds
    [ "$((target_date - current_date))" -lt "$threshold" ]
}

# Directory where Let's Encrypt certificates are stored
CERTS_DIR="/etc/letsencrypt/live/"
update_flag=false
# Iterate through certificate directories
for cert_dir in $CERTS_DIR/*; do
    cert_name=$(basename "$cert_dir")
	echo "trying $cert_name"
    expiration_date=$(openssl x509 -dates -noout -in "$cert_dir/cert.pem" | grep "notAfter" | cut -d= -f2-)
    
    if is_less_than_n_days "$expiration_date"; then

     server_ip=$(/usr/bin/setso --show server_ip)  # Replace with your actual server's IP address
     ip_address=$(getent ahosts "$cert_name" | awk '{print $1}' | sort -u)
     if [[ "$ip_address" == "$server_ip" ]]; then
        echo "Domain $cert_name is pointing to this server."
	echo "Renewing certificate $cert_name - $expiration_date"
	certbot_process=$(pgrep certbot)
        if [[ -n "$certbot_process" ]]; then
            echo "Killing Certbot processes..."
            #pkill -9 certbot
            kill -9 $certbot_process
            # Wait for all Certbot processes to terminate
            while pgrep certbot &>/dev/null; do
                sleep 1
            done
            echo "Certbot processes killed."
        fi

		configFile="/etc/sentora/configs/apache/domains/$cert_name.conf"

		if [ -f "$configFile" ]; then
		    docRoot=$(grep -i -R 'DocumentRoot' "$configFile" | awk '{print $2}' | sed 's/^"//;s/"$//')
			renewFile="/etc/letsencrypt/renewal/$cert_name.conf"
                    webroot_path=$(grep "webroot_path" "$renewFile" | awk '{print $3}' | tr -d ',')
                    if [ "$docRoot" != "$webroot_path" ]; then
                    sed -i "s|$webroot_path|$docRoot|g" "$renewFile"
                    echo "Replaced $webroot_path with $docRoot in $renewFile"
	                fi

		    htaccessFile="$docRoot/.htaccess"
		    if [ -f "$htaccessFile" ]; then
        		timestamp=$(date +%Y%m%d%H%M%S)
		        mv "$htaccessFile" "$docRoot/.htaccess_$timestamp"
        		echo "Renamed .htaccess to .htaccess_$timestamp"
		        $CERTBOT_PATH renew --cert-name $cert_name
        		# If you want to move it back, uncomment the following line:
		         mv "$docRoot/.htaccess_$timestamp" "$htaccessFile"
		    else
        		#echo ".htaccess file does not exist in $docRoot"
		        $CERTBOT_PATH renew --cert-name $cert_name
    		fi
		else
			$CERTBOT_PATH renew --cert-name $cert_name
		fi

        #$CERTBOT_PATH renew --cert-name $cert_name

		server_hostname=$(hostname) 
		if [[ "$cert_name" == "$server_hostname" ]]; then
		cat /etc/letsencrypt/live/$cert_name/cert.pem /etc/letsencrypt/live/$cert_name/privkey.pem > /etc/letsencrypt/live/$cert_name/web.pem	
		/usr/sbin/service lighttpd restart
		fi

	update_flag=true
      fi
    fi
done
LOG_FILE="/scripts/check_domains_log.log"
if [ -f "$LOG_FILE" ]; then
    echo "Log file exists."

    # Check if the renewals succeeded line exists in the log.log file
 if grep -q "renewals succeeded" "$LOG_FILE"; then

if [ "$update_flag" = true ]; then
    # Reload Apache
#    systemctl reload apache2   # Use the appropriate command for your system
PORT=80
WEBSERVER="httpd"  # Change this to "litespeed" if using LiteSpeed

# Check if the web server process is running
if pgrep -x "$WEBSERVER" > /dev/null; then
    # Check if the port is being used by the web server process
    if ss -tuln | grep -q ":$PORT\b"; then
        echo "$WEBSERVER is running and using port $PORT."
	    /usr/sbin/service httpd reload
	else
        echo "$WEBSERVER is running, but not using port $PORT."
    fi
else
    echo "$WEBSERVER is not running."
fi

PORT=80
WEBSERVER="litespeed"  # Change this to "litespeed" if using LiteSpeed

# Check if the web server process is running
if pgrep -x "$WEBSERVER" > /dev/null; then
    # Check if the port is being used by the web server process
    if ss -tuln | grep -q ":$PORT\b"; then
        echo "$WEBSERVER is running and using port $PORT."
	/usr/local/lsws/bin/lswsctrl restart
    else
        echo "$WEBSERVER is running, but not using port $PORT."
    fi
else
    echo "$WEBSERVER is not running."
fi

#echo "reloading apache"
#service httpd reload
PORT=80
WEBSERVER="nginx"  # Change this to "litespeed" if using LiteSpeed

# Check if the web server process is running
if pgrep -x "$WEBSERVER" > /dev/null; then
    # Check if the port is being used by the web server process
    if ss -tuln | grep -q ":$PORT\b"; then
        echo "$WEBSERVER is running and using port $PORT."
            /usr/sbin/service nginx reload
        else
        echo "$WEBSERVER is running, but not using port $PORT."
    fi
else
    echo "$WEBSERVER is not running."
fi

fi
fi
fi