#!/usr/bin/env python3
"""Display SSL cert status and relevant dates."""

import datetime
import logging
import os
import subprocess
import sys
import time

supported_services = [
  # 'git', 'plex', 'photoprism', 'nextcloud', 'read', 'www', 'chat']
  'git', 'plex', 'photoprism', 'read', 'www', 'chat']

def get_cert_dates(url, port=443):
  cmd = (
     f'printf "" | /usr/bin/openssl s_client -servername {url} -connect '
     f'{url}:{port} | openssl x509 -noout -dates')

  ps = subprocess.Popen(cmd, shell=True, stdout=subprocess.PIPE,
                        stderr=subprocess.PIPE)
  bstdout, bstderr = ps.communicate()
  exit_code = ps.returncode
  stdout = bstdout.decode('UTF-8').splitlines()
  stderr = bstderr.decode('UTF-8')
  if exit_code > 0:
    sys.exit(f'Error checking state of SSL cert at {url}:{port}: {stderr}')
  start_str = ''
  finish_str = ''
  for line in stdout:
    if 'notBefore' in line:
      start_str = line.split('=')[1]
    if 'notAfter' in line:
      finish_str = line.split('=')[1]
  
  ts = datetime.datetime.now()
  start = datetime.datetime.strptime(start_str, '%b %d %H:%M:%S %Y %Z')
  finish = datetime.datetime.strptime(finish_str, '%b %d %H:%M:%S %Y %Z')
  if ts > start and ts < finish:
    print('Cert is valid')
  else:
    print('Cert is not valid')
  print(f'start: {start}\nnow: {ts}\nfinish: {finish}')


def main(args):
  logging.basicConfig(level=os.environ.get("LOGLEVEL", "INFO"))

  log.info(f'program start: {sys.argv}')
  if len(args) == 0:
    check = supported_services
  else:
    check = args

  for service in check:
    if not '.' in service:
      url = f'{service}.drheck.dev'
    else:
      url = service
    print(80*'-')
    print(url)
    get_cert_dates(url)


log = logging.getLogger(__name__)
if __name__ == '__main__':
  main(sys.argv[1:])