From 84776ad57bf81d09f0940aad2675129bb79188e7 Mon Sep 17 00:00:00 2001
From: John Lancaster <32917998+jsl12@users.noreply.github.com>
Date: Sun, 28 Dec 2025 18:12:52 -0600
Subject: [PATCH] status check script

---
 scripts/check_status.sh | 57 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 57 insertions(+)
 create mode 100755 scripts/check_status.sh

diff --git a/scripts/check_status.sh b/scripts/check_status.sh
new file mode 100755
index 0000000..c4e09a0
--- /dev/null
+++ b/scripts/check_status.sh
@@ -0,0 +1,57 @@
+#!/bin/bash
+
+# Colors
+GREEN='\033[0;32m'
+RED='\033[0;31m'
+NC='\033[0m' # No Color
+
+print_status() {
+    local item="$1"
+    local status="$2"
+    if [ "$status" -eq 0 ]; then
+        echo -e "${item}: ${GREEN}OK${NC}"
+    else
+        echo -e "${item}: ${RED}FAIL${NC}"
+        EXIT_CODE=1
+    fi
+}
+
+EXIT_CODE=0
+
+# Determine Project Directory
+if [ -d "certs" ] && [ -f "Caddyfile" ]; then
+    PROJECT_DIR="$PWD"
+else
+    PROJECT_DIR="/home/john/soteria"
+fi
+
+CERTS_DIR="$PROJECT_DIR/certs"
+SERVER_CERT="$CERTS_DIR/soteria.crt"
+SERVER_KEY="$CERTS_DIR/soteria.key"
+TIMER_NAME="cert-renewer.timer"
+
+# 1. Check Certificates Existence
+if [ -f "$SERVER_CERT" ] && [ -f "$SERVER_KEY" ]; then
+    print_status "Certificate Files" 0
+else
+    print_status "Certificate Files" 1
+fi
+
+# 2. Check Certificate Validity (Is it valid NOW?)
+if [ -f "$SERVER_CERT" ] && command -v openssl &> /dev/null; then
+    # Check if valid for at least 60 seconds
+    if openssl x509 -checkend 60 -noout -in "$SERVER_CERT" &> /dev/null; then
+        print_status "Certificate Validity" 0
+    else
+        print_status "Certificate Validity" 1
+    fi
+fi
+
+# 3. Check Timer Status
+if systemctl is-active "$TIMER_NAME" &> /dev/null; then
+    print_status "Renewal Timer" 0
+else
+    print_status "Renewal Timer" 1
+fi
+
+exit $EXIT_CODE