cert renewal script functional

scripts/cert.sh

@@ -1,16 +1,26 @@
 #!/bin/sh
 
 # Initial check for certificates
-#TODO check if `certbot certonly` can automatically skip renewal (eliminated need for document here operator)
+certbot certonly --manual --preferred-challenges dns --manual-auth-hook \
-certbot certonly --manual --preferred-challenges dns --manual-auth-hook /scripts/auth \
+  /scripts/auth.sh --manual-cleanup-hook /scripts/cleanup.sh \
-	--manual-cleanup-hook /scripts/cleanup -m "${LETSENCRYPT_EMAIL}" --no-eff-email \
+  -m "${LETSENCRYPT_EMAIL}" --no-eff-email -d "${DUCKDNS_DOMAIN}" \
-	-d "${LETSENCRYPT_DOMAIN}" --agree-tos --manual-public-ip-logging-ok << EOF
+  --agree-tos --manual-public-ip-logging-ok << EOF
 1
 EOF
 
-# Loop generation at a random time every 12 hours
+# Basic check for successful certificate generation
+if [ ! -d "/etc/letsencrypt/live" ]; then
+  echo ERROR: Failed to create SSL certificates
+  exit 1
+fi
+
+# Check if certificates require renewal twice a day
 while :; do
-	# Generate random delay within 12 hours of seconds
+  # Wait for a random period within the next 12 hours
-	# sleep the required time
+  LETSENCRYPT_DELAY=$(shuf -i 1-720 -n 1)
-	# Run renew command
+  echo Sleeping for $(($LETSENCRYPT_DELAY / 60)) hour\(s\) and $(($LETSENCRYPT_DELAY % 60)) minute\(s\)
+  sleep $((${LETSENCRYPT_DELAY} * 60))
+
+  echo Attempting SSL certificate renewal
+  certbot --manual-public-ip-logging-ok renew
 done