shell脚本之证书到期监控和企微告警
shell脚本实现ssl证书过期及webhook推送,实战运维脚本。也实现基于fastapi接口方式检查域名证书有需要下次展示。
脚本
https.sh
检测和告警脚本, qyapi.weixin.qq.com/cgi-bin/web…
#!/bin/bash
#****************************************************************************************
#Author: wei
#***************************************************************************************
#!/bin/bash
# 检测https证书有效期
source /etc/profile
while read line; do
end_time=$(echo | timeout 1 openssl s_client -servername $line -connect $line:443 2>/dev/null | openssl x509 -noout -enddate 2> /dev/null | awk -F '=' '{print $2}')
end_times=$(date -d "$end_time" +%s)
current_times=$(date -d "$(date -u '+%b %d %T %Y GMT')" +%s)
echo $end_times $current_times &> /dev/null
let left_time="$end_times - $current_times"
days=$(expr $left_time / 86400)
#echo "$line 剩余天数: ${days}"
#[[ ${days} -lt 30 ]] && echo "https ssl cert 少于 30 days" || echo "${line} 剩余时间是 $days"
if [[ ${days} -eq 0 ]];then
echo "$line DNS解析异常"
elif [[ "${days}" -lt 0 ]];then
echo "$line 证书已过期"
elif [[ "${days}" -lt 40 ]];then
echo "$line 剩余天数: ${days}"
curl -X POST -H "Content-Type: application/json" \
-d '{"msgtype": "text", "text": {"content": "'$line' 证书过期剩余天数: '$days' , 请及时更换!!"}}' \
https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=xxxxxxxxxxxxx
elif [[ "${days}" -lt 4 ]];then
echo "$line 剩余天数: ${days}"
curl -X POST -H "Content-Type: application/json" \
-d '{"msgtype": "text", "text": {"content": "'$line' 证书过期剩余天数: '$days' , 请持续观察和验证证书!!"}}' \
https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=xxxxxxxxxxxxx
fi
done < ./https_list
https_list
检查域名证书列表文件
api.wqyfchina.com
k8s.wqyfchina.com
api.wqyfchina.com
