loading...

Get a Slack notification when your SSL certificate is about to expire

neidiom profile image Nedim Hadzimahmutovic ・1 min read

I was tasked to finish a script to check the expiration of SSL certificates and post the notifications to our Slack channel. I wrote an Ansible playbook just to spice up everything. I had fun doing this so I will share the code hoping someone else might find it useful.

Configure the Ansible playbook

You must define slack_webhook and domains as both variables are required.

Optionally configurable variables

  • ssl_port - standard is 443,
  • ssl_expiry_days_check - the script starts warning if certificate is expiring in less than this period,
  • cron_period_check - when the cron job shuld be run.

Example ansible_ssl_check.yml playbook .

---
- hosts: server_name
  roles:
    - user_group_directories
    - rvm
    - whenever
  vars:
    slack_webhook: "https://hooks.slack.com/services/xxxxxxx/xxxxxxx/xxxxxxxx"
    domains:
      - github.com
      - gitlab.com

Testing

If you want to test things out, and get some false positives, then change following variables

  • ssl_expiry_days_check to something high like '300',
  • cron_period_check to 'hourly'.

Run the playbook

  • Add the server to Ansible inventory file and then run the command below.
ansible-playbook -i hosts playbok.yml


`

This command assumes the hosts inventory file is in the current directory.

Slack notifications

Your notifications will look like this.

Alt Text

Code repository

You can find the Gitub repo here.

Posted on by:

Discussion

markdown guide