From fe94f74b0e3ee75fb698068b79395cc7c02edea0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Vladim=C3=ADr=20Dudr?= <vladimir@tango-dj.cz>
Date: Fri, 13 May 2022 12:03:47 +0200
Subject: [PATCH] cert tools

---
 bin/executable_make_certs | 42 +++++++++++++++++++++++++++++++++++++++
 bin/executable_showcert   | 27 ++++++++++++++++++++++++-
 2 files changed, 68 insertions(+), 1 deletion(-)
 create mode 100644 bin/executable_make_certs

diff --git a/bin/executable_make_certs b/bin/executable_make_certs
new file mode 100644
index 0000000..e358eac
--- /dev/null
+++ b/bin/executable_make_certs
@@ -0,0 +1,42 @@
+#!/bin/zsh
+
+set -e
+
+doms=(
+    'localhost'
+    'djinn1.localhost'
+    '*.gdpr.localhost'
+    '*.up123.localhost'
+    '*.caves.localhost'
+    '*.eno.localhost'
+    '*.adminer.localhost'
+    '*.laya-server.localhost'
+    '*.eshop.localhost'
+    '*.teastarter.localhost'
+    '*.aikido.localhost'
+    '*.trailguide.localhost'
+    '*.mytango.localhost'
+    '*.invoicing.localhost'
+    '*.layaweb.localhost'
+    '*.asqix.localhost'
+    '*.statistix.localhost'
+    '*.booking.localhost'
+    '*.kotmel.localhost'
+    '*.baterie-grohe.localhost'
+    '*.zdravotniregistr.cz'
+    '*.katalogy.localhost'
+    '*.vizit-core.localhost'
+    '*.vizit.localhost'
+    '*.booking-core.localhost'
+    '*.nicerice.localhost'
+    '*.jopixel-support.localhost'
+    '*.eno-statistix.localhost'
+)
+
+mkcert -cert-file $HOME/.config/nginx/ssl/localhost.crt -key-file $HOME/.config/nginx/ssl/localhost.key $doms
+
+if [[ $(systemctl --user is-active nginx) = active ]]
+then
+    echo "reloading nginx"
+    systemctl --user reload-or-restart --user nginx 
+fi
diff --git a/bin/executable_showcert b/bin/executable_showcert
index c6d1ae7..229acde 100644
--- a/bin/executable_showcert
+++ b/bin/executable_showcert
@@ -1,6 +1,23 @@
 #!/bin/zsh
 
-coproc  ( : | openssl s_client -connect $1:443 2>/dev/null| awk '/BEGIN CERTIFICATE/,/END CERTIFICATE/' | openssl x509 -in - -noout -startdate -enddate -ext subjectAltName | sed '/X509v3 Subject Alternative Name/ {n ; s/DNS://g ; s/, /\n    /g;}' )
+fetch() {
+    if [[ -f $1 ]]
+    then
+        fetch_file $1
+    else
+        fetch_remote $1
+    fi
+}
+
+fetch_remote() {
+    : | openssl s_client -connect $1:443 2>/dev/null| awk '/BEGIN CERTIFICATE/,/END CERTIFICATE/'
+}
+
+fetch_file() {
+    cat $1
+}
+
+coproc fetch $1 | openssl x509 -in - -noout -subject -issuer -startdate -enddate -ext subjectAltName | sed '/X509v3 Subject Alternative Name/ {n ; s/DNS://g ; s/, /\n    /g;}'
 
 exec 3> >(LC_ALL=C sort)
 
@@ -9,6 +26,14 @@ while read -p line
 do
     if [[ $line = notBefore=* ]]
     then
+        date -d ${line#notBefore=} '+Since: %d.%m.%Y %T'
+        continue
+    elif [[ $line = notAfter=* ]]
+    then
+        date -d ${line#notAfter=} '+Until: %d.%m.%Y %T'
+        continue
+    fi
+
 
     if (( sort == 1 ))
     then