merge upstream

Signed-off-by: Zoey <zoey@z0ey.de>
2025-08-03 16:03:38 +00:00 · 2024-01-11 22:19:19 +01:00
parent 93216d93e4
commit 3d7877a4a0
16 changed files with 7 additions and 1175 deletions
--- a/rootfs/usr/local/bin/certbot-cleaner.sh
+++ b/rootfs/usr/local/bin/certbot-cleaner.sh
@@ -0,0 +1,90 @@
+#!/bin/sh
+
+# based on https://github.com/jlesage/docker-nginx-proxy-manager/blob/796734a/rootfs/opt/nginx-proxy-manager/bin/lecleaner
+
+BASE="/data/tls/certbot"
+live_dir="$BASE/live"
+archive_dir="$BASE/archive"
+csr_dir="$BASE/csr"
+key_dir="$BASE/keys"
+
+# Set of certificate paths actively used.
+in_use=""
+
+keep_count=0
+delete_count=0
+error_count=0
+
+remove_file() {
+    f="$1"
+    if rm -f "$f"; then
+        return 0
+    else
+        echo "ERROR: Could not remove $f." >&2
+        return 1
+    fi
+}
+
+# Build the set of certificates in use.
+for domain_dir in "$live_dir"/*; do
+    [ -e "$domain_dir" ] || continue
+    if [ ! -d "$domain_dir" ]; then
+        continue
+    fi
+    for certlink in "$domain_dir"/*; do
+        [ -e "$certlink" ] || continue
+        if [ ! -L "$certlink" ]; then
+            continue
+        fi
+        target=$(readlink -f "$certlink")
+        in_use="$in_use $target"
+    done
+done
+
+echo "----------------------------------------------------------"
+echo "Let's Encrypt certificates cleanup - $(date +"%Y/%m/%d %H:%M:%S")"
+echo "----------------------------------------------------------"
+
+# Remove all unused certificates from the archive directory.
+for domain_dir in "$archive_dir"/*; do
+    [ -e "$domain_dir" ] || continue
+    if [ ! -d "$domain_dir" ]; then
+        continue
+    fi
+    for certfile in "$domain_dir"/*; do
+        [ -e "$certlink" ] || continue
+        if echo "$in_use" | grep -q "$certfile"; then
+            echo "Keeping $certfile."
+            keep_count=$((keep_count+1))
+        else
+            echo "Deleting $certfile."
+            if remove_file "$certfile"; then
+                delete_count=$((delete_count+1))
+            else
+                error_count=$((error_count+1))
+            fi
+        fi
+    done
+done
+
+# Remove all files from the csr and key directories.
+for dir in "$csr_dir" "$key_dir"; do
+    for file in "$dir"/*; do
+        [ -e "$file" ] || continue
+        if [ ! -f "$file" ]; then
+            continue
+        fi
+        echo "Deleting $file."
+        if remove_file "$file"; then
+            delete_count=$((delete_count+1))
+        else
+            error_count=$((error_count+1))
+        fi
+    done
+done
+
+echo "$keep_count file(s) kept."
+echo "$delete_count file(s) deleted."
+if [ "$error_count" -gt 0 ]; then
+    echo "$error_count file(s) failed to be deleted."
+fi