#!/usr/bin/env bash redbold="\033[1;31m" red="\033[0;31m" greenbold="\033[1;32m" green="\033[0;32m" yellowbold="\033[1;33m" yellow="\033[0;33m" bold="\033[1m" #bold_under="\033[1;4m" italic="\033[3m" underline="\033[4m" reset="\033[0m" # Requierements: # - script must run with sudo # - jq 1.7.1 mini (/bin/jq = 1.5 (dsm 7.2.2); /opt/bin/jq = 1.7.1 (opkg)) if [[ $EUID -ne 0 ]]; then echo "$0 is not running as root. Try using sudo." exit 2 fi dsm=$(cat /etc.defaults/VERSION) build=$(echo "$dsm" | grep buildnumber | awk -F"=" '{print $2}') os=$(echo "$dsm" | grep os_name | awk -F"=" '{print $2}') version=$(echo "$dsm" | grep productversion | awk -F"=" '{print $2}') information="${os//\"/} ${version//\"/} build ${build//\"/}" echo -e "$information" # Supprimer les "" #display_name="${display_name//\"/}" vers_jq=$(jq -V | awk -F"-" '{print $2}') echo -e "jq version ${vers_jq}\n" # GNU sort version_greater_equal() { printf '%s\n%s\n' "$2" "$1" | sort --check=quiet --version-sort } version_greater_equal "${vers_jq}" 1.7.1 || { echo -e "Need ${italic}jq v1.7.1${reset} or above !"; echo -e "Maybe you should use ${italic}opkg install jq${reset}"; exit 1; } certifs_archive=/usr/syno/etc/certificate/_archive #certifs_archive=/Users/bruno/Downloads #services="$certifs_archive/SERVICES" #[ -f "$services" ] && ser=$(cat "$services") || { echo -e "${red}No $services file found !${reset}"; exit 1; } info="$certifs_archive/INFO" [ -f "$info" ] && inf=$(cat "$info") || { echo -e "${red}No $info file found !${reset}"; exit 1; } default="$certifs_archive/DEFAULT" [ -f "$default" ] && def=$(cat "$default") || { echo -e "${red}No $default file found !${reset}"; exit 1; } rp=() ap=() ot=() echo -e "${greenbold}Reading $info${reset}\n" echo -e "${yellow}Certificates's list...${reset}\n" liste_cert=$(echo "$inf" | jq -r 'keys[]') printf "| ${bold}%-7s${reset} | ${bold}%-53s${reset} | ${bold}%-25s${reset} \n" "Certif." "Description" "Date limite" while read certif; do filter=".$certif" desc=$(echo "$inf" | jq -r $filter | jq -r '.desc') ssl=$(openssl x509 -enddate -subject -noout -in $certifs_archive/$certif/cert.pem) notafter=$(echo "$ssl" | grep notAfter | awk -F"=" '{print $2}') subject=$(echo "$ssl" | grep subject | awk -F"=" '{print $1}') timestamp_current=$(date +"%s") timestamp_end=$(date --date="$notafter" +"%s") left=$(($((timestamp_end - timestamp_current))/(60*60*24))) end="$notafter ($left days left)" [ "$certif" == "$def" ] && printf "| ${green}%-7s${reset} | ${green}%-53s${reset} | ${green}%-25s${reset} \n" "$certif" "$desc" "$end (default)" || printf "| %-7s | %-53s | %-25s \n" "$certif" "$desc" "$end" if [ "$certif" == "$def" ]; then echo ls -ld "$certifs_archive/$def"/* # ls -ld * .* echo echo -e "${italic}cert.pem${reset} est le certificat de l'utilisateur final." echo -e "${italic}chain.pem${reset} est le reste de la chaîne. Il s'agit uniquement du certificat racine de LetsEncrypt." echo -e "${italic}fullchain.pem${reset} est cert.pem et chain.pem combinés." echo -e "${italic}privkey.pem${reset} est une clé privée RSA générée avec le certificat." fi done <<< "$liste_cert" echo -e "\n\n${yellow}Certificates and Subscriber...${reset}\n" while read certif; do filter=".$certif" desc=$(echo "$inf" | jq -r $filter | jq -r '.desc') printf "| ${yellowbold}%-7s${reset} | ${yellowbold}%-60s${reset} \n" "Certif." "Description" printf "| ${yellowbold}%-7s${reset} | ${yellowbold}%-60s${reset} \n\n" "$certif" "$desc" # ok serv=$(echo "$inf" | jq -r $filter | jq -r '.services[]') printf "|${bold} %-40s ${reset}|${bold} %-20s ${reset}|${bold} %-60s ${reset}\n" "Display_name" "Subscriber" "Service" while read line; do display_name=$(echo "$line" | jq -r '.display_name') service=$(echo "$line" | jq -r '.service') subscriber=$(echo "$line" | jq -r '.subscriber') #echo "$display_name" #echo "$service" #echo "$subscriber" printf "| %-40s | %-20s | %-60s \n" "$display_name" "$subscriber" "$service" if [[ "$subscriber" == *ReverseProxy* ]]; then rp+=("$display_name") elif [[ "$subscriber" == *AppPortal* ]]; then if [[ "$display_name" == *photos-nas.ovh* ]]; then a=$(echo "$display_name" | awk -F" - " '{print $1}' | xargs) b=$(echo "$display_name" | awk -F" - " '{print $2}' | xargs) ap+=("$a") rp+=("$b") fi else if [[ "$display_name" == *photos-nas.ovh* ]]; then if [[ "$display_name" =~ :[0-9]{1,5}$ ]]; then c=$(echo "$display_name" | awk -F":" '{print $1}') rp+=("$c") else rp+=("$display_name") fi else ot+=("$display_name") fi fi done < <(jq -c <<< "$serv") echo -e "\n\n" done <<< "$liste_cert" echo -e "\n\n" IFS=$'\n' reverseproxy=($(sort <<<"${rp[*]}")) appportal=($(sort <<<"${ap[*]}")) others=($(sort <<<"${ot[*]}")) unset IFS printf "| %-3s | ${bold}%-60s${reset} \n" "" "Reverse Proxy" i=1 for val in ${!reverseproxy[@]} do printf "| %-3s | %-60s \n" "$i" "${reverseproxy[$val]}" ((i++)) done echo -e "${italic}${#reverseproxy[@]} lines${reset}\n" printf "| %-3s | ${bold}%-60s${reset} \n" "" "AppPortal" i=1 for val in ${!appportal[@]} do printf "| %-3s | %-60s \n" "$i" "${appportal[$val]}" ((i++)) done echo -e "${italic}${#appportal[@]} lines${reset}\n" printf "| %-3s | ${bold}%-60s${reset} \n" "" "Others" i=1 for val in ${!others[@]} do printf "| %-3s | %-60s \n" "$i" "${others[$val]}" ((i++)) done echo -e "${italic}${#others[@]} lines${reset}\n"