I was tasked to finish a script to check the expiration of SSL certificates and post the notifications to our Slack channel. I wrote an Ansible playbook just to spice up everything. I had fun doing this so I will share the code hoping someone else might find it useful.
Configure the Ansible playbook
You must define slack_webhook
and domains
as both variables are required.
Optionally configurable variables
- ssl_port - standard is 443,
- ssl_expiry_days_check - the script starts warning if certificate is expiring in less than this period,
- cron_period_check - when the cron job shuld be run.
Example ansible_ssl_check.yml
playbook .
---
- hosts: server_name
roles:
- user_group_directories
- rvm
- whenever
vars:
slack_webhook: "https://hooks.slack.com/services/xxxxxxx/xxxxxxx/xxxxxxxx"
domains:
- github.com
- gitlab.com
Testing
If you want to test things out, and get some false positives, then change following variables
-
ssl_expiry_days_check
to something high like'300'
, -
cron_period_check
to'hourly'
.
Run the playbook
- Add the server to Ansible inventory file and then run the command below.
ansible-playbook -i hosts playbok.yml
```
`
This command assumes the hosts inventory file is in the current directory.
### Slack notifications
Your notifications will look like this.
![Alt Text](https://thepracticaldev.s3.amazonaws.com/i/9iqwr9ylae8xj3fpybp5.png)
### Code repository
You can find the Gitub repo [here](https://github.com/neidiom/ansible_ssl_expiry_check).
Top comments (0)