#!/usr/bin/env bash
__Author__="liy"

# 傳送釘釘告警
function DingDing(){
    curl 'https://oapi.dingtalk.com/robot/send?access_token=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' \
    -H 'Content-Type: application/json' \
    -d '{"msgtype": "text",
        "text": {
        "content":" '$1' "
        },
        "at": {
        "atMobiles": [
            "1xxxxxxxxxx",
        ],
        "isAtAll": false
        }
        }'
}

function checkCerts(){
    host=$1

    SSL_OVER_TIMESTAMP=$(date +%s -d "$(openssl s_client -servername ${host} -connect ${host}:443 2>/dev/null | openssl x509 -noout -dates|grep -Po "(?<=After=).*(?=GMT)")")
    NOW_TIMESTAMP=$(date +%s)
    OVER_TIMESTAMP=$(echo ${SSL_OVER_TIMESTAMP} - ${NOW_TIMESTAMP} | bc)
    OVER_DAYS=$(echo ${OVER_TIMESTAMP} / 86400 | bc)

    if [ $OVER_DAYS -le 30 ];then
        text="${host}的證書將於${OVER_DAYS}天后過期，注意續費和配置更新！\n報警源:192.168.171.201"
        DingDing ${text}
    fi
}

function main(){
    while read line
    do
        checkCerts $line
    done < ssl.list
}

main