From 010e2d6b05f9aaed3adccd72ae1903664a373e96 Mon Sep 17 00:00:00 2001
From: Christian Hesse <mail@eworm.de>
Date: Fri, 18 Dec 2020 16:02:31 +0100
Subject: check-certificates: make the certificate renewal time configurable

---
 check-certificates    | 3 ++-
 global-config         | 3 ++-
 global-config-overlay | 2 +-
 global-config.changes | 1 +
 global-functions      | 2 +-
 5 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/check-certificates b/check-certificates
index f3a8e99..4531c3d 100644
--- a/check-certificates
+++ b/check-certificates
@@ -7,6 +7,7 @@
 # https://git.eworm.de/cgit/routeros-scripts/about/doc/check-certificates.md
 
 :global CertRenewPass;
+:global CertRenewTime;
 :global CertRenewUrl;
 :global Identity;
 
@@ -28,7 +29,7 @@
 
 $WaitFullyConnected;
 
-:foreach Cert in=[ / certificate find where !revoked !ca !scep-url expires-after<3w ] do={
+:foreach Cert in=[ / certificate find where !revoked !ca !scep-url expires-after<$CertRenewTime ] do={
   :local CertVal [ / certificate get $Cert ];
 
   :do {
diff --git a/global-config b/global-config
index 2b1586e..c1f5ec5 100644
--- a/global-config
+++ b/global-config
@@ -8,7 +8,7 @@
 
 # Make sure all configuration properties are up to date and this
 # value is in sync with value in script 'global-functions'!
-:global GlobalConfigVersion 39;
+:global GlobalConfigVersion 40;
 
 # This is used for DNS and backup file.
 :global Domain "example.com";
@@ -142,6 +142,7 @@
 # Use this for certificate auto-renew
 :global CertRenewUrl "";
 #:global CertRenewUrl "https://example.com/certificates/";
+:global CertRenewTime 3w;
 :global CertRenewPass {
   "v3ry-s3cr3t";
   "4n0th3r-s3cr3t";
diff --git a/global-config-overlay b/global-config-overlay
index 93bd84b..aa22167 100644
--- a/global-config-overlay
+++ b/global-config-overlay
@@ -9,7 +9,7 @@
 # Make sure all configuration properties are up to date and this
 # value is in sync with value in script 'global-functions'!
 # Comment or remove to disable change notifications.
-:global GlobalConfigVersion 39;
+:global GlobalConfigVersion 40;
 
 # Copy configuration from global-config here and modify it.
 
diff --git a/global-config.changes b/global-config.changes
index 343f5bf..80fa5d8 100644
--- a/global-config.changes
+++ b/global-config.changes
@@ -48,4 +48,5 @@ $CertificateAvailable "R3";
   37="Implemented simple dependency model in 'netwatch-notify'.";
   38="Imported new Let's Encrypt intermediate certificate 'R3'.";
   39="Added support for interface specific address list entries in 'ipv6-update'.";
+  40="Made the certificate renewal time configurable.";
 };
diff --git a/global-functions b/global-functions
index 51396bf..b2337bc 100644
--- a/global-functions
+++ b/global-functions
@@ -8,7 +8,7 @@
 # https://git.eworm.de/cgit/routeros-scripts/about/
 
 # expected configuration version
-:global ExpectedConfigVersion 39;
+:global ExpectedConfigVersion 40;
 
 # global variables not to be changed by user
 :global GlobalFunctionsReady false;
-- 
cgit v1.2.3-54-g00ecf