DEV Community

Nedim Hadzimahmutovic
Nedim Hadzimahmutovic

Posted on

Get a Slack notification when your SSL certificate is about to expire

I was tasked to finish a script to check the expiration of SSL certificates and post the notifications to our Slack channel. I wrote an Ansible playbook just to spice up everything. I had fun doing this so I will share the code hoping someone else might find it useful.

Configure the Ansible playbook

You must define slack_webhook and domains as both variables are required.

Optionally configurable variables

  • ssl_port - standard is 443,
  • ssl_expiry_days_check - the script starts warning if certificate is expiring in less than this period,
  • cron_period_check - when the cron job shuld be run.

Example ansible_ssl_check.yml playbook .

---
- hosts: server_name
  roles:
    - user_group_directories
    - rvm
    - whenever
  vars:
    slack_webhook: "https://hooks.slack.com/services/xxxxxxx/xxxxxxx/xxxxxxxx"
    domains:
      - github.com
      - gitlab.com
Enter fullscreen mode Exit fullscreen mode

Testing

If you want to test things out, and get some false positives, then change following variables

  • ssl_expiry_days_check to something high like '300',
  • cron_period_check to 'hourly'.

Run the playbook

  • Add the server to Ansible inventory file and then run the command below.
ansible-playbook -i hosts playbok.yml
```

`

This command assumes the hosts inventory file is in the current directory.

### Slack notifications

Your notifications will look like this.

![Alt Text](https://thepracticaldev.s3.amazonaws.com/i/9iqwr9ylae8xj3fpybp5.png)

### Code repository

You can find the Gitub repo [here](https://github.com/neidiom/ansible_ssl_expiry_check).
Enter fullscreen mode Exit fullscreen mode

Top comments (0)