1 files changed, 11 insertions, 5 deletions

diff --git a/freeipa-cert-alert.py b/freeipa-cert-alert.py
index cd757ea..ab2c39e 100755
--- a/freeipa-cert-alert.py
+++ b/freeipa-cert-alert.py
@@ -7,8 +7,9 @@
 # Title: Script that Alerts For Expiring Certs
 # Purpose: Send me alerts for certs that are about to expire
 # History:
+#    2022-12-18 added PASTDAYS option
 # Usage:
-#    Set env: FREEIPA_SERVER FREEIPA_USERNAME FREEIPA_PASSWORD DAYS
+#    Set env: FREEIPA_SERVER FREEIPA_USERNAME FREEIPA_PASSWORD DAYS PASTDAYS
 # References:
 #    https://python-freeipa.readthedocs.io/en/latest/
 #    https://stackoverflow.com/questions/72899/how-do-i-sort-a-list-of-dictionaries-by-a-value-of-the-dictionary/73050#73050
@@ -45,19 +46,24 @@ def show_list(inlist):
 # Main
 DAYS = os.getenv("DAYS",default=60)
 try:
-    DAYS = int(DAYS)
+   DAYS = int(DAYS)
 except:
-    DAYS = 60
+   DAYS = 60
+PASTDAYS = os.getenv("PASTDAYS",default=0)
+try:
+   PASTDAYS = int(PASTDAYS)
+except:
+   PASTDAYS = 60
 
 client = python_freeipa.ClientMeta(os.getenv("FREEIPA_SERVER"))
 client.login(os.getenv("FREEIPA_USERNAME"),os.getenv("FREEIPA_PASSWORD"))
 
-today = str(datetime.date.today( ))
+today = str(datetime.date.today() + datetime.timedelta(days=-PASTDAYS))
 future = str(datetime.date.today() + datetime.timedelta(days=DAYS))
 results = client.cert_find(o_validnotafter_from=today,o_validnotafter_to=future)
 certs = results['result']
 # Sort
 certs = sorted(certs,key=lambda d: int(dparser.parse(d['valid_not_after']).strftime('%s')))
 if len(certs) > 0:
-    print(f"Certificates expiring within {DAYS} days from {today}")
+    print(f"Certificates expiring within {DAYS+PASTDAYS} days from {today}")
 show_list(certs)