From 8bac222ea5e3184fe0796eb84f2c71b910bf44dc Mon Sep 17 00:00:00 2001
From: Tomasz Stanczak <tomasz@rtsoftware.com>
Date: Fri, 7 Feb 2025 08:06:59 +0100
Subject: [PATCH] Check if expired certificates matching the file name pattern
 exist before trying to move them into ssl.expired subdirectory.

---
 tools/ssl_cleanup | 20 +++++++++++---------
 1 file changed, 11 insertions(+), 9 deletions(-)

diff --git a/tools/ssl_cleanup b/tools/ssl_cleanup
index 5adfa1be..4df4f93f 100755
--- a/tools/ssl_cleanup
+++ b/tools/ssl_cleanup
@@ -4,14 +4,16 @@
 source /etc/mailinabox.conf
 shopt -s extglob
 
-retain_after="$(date --date="7 days ago" +%Y%m%d)"
+if ls "$STORAGE_ROOT/ssl/"*-+([0-9])-+([0-9a-f]).pem &>/dev/null; then
+  retain_after="$(date --date="7 days ago" +%Y%m%d)"
 
-mkdir -p $STORAGE_ROOT/ssl.expired
-for file in $STORAGE_ROOT/ssl/*-+([0-9])-+([0-9a-f]).pem; do
-  pem="$(basename "$file")"
-  not_valid_after="$(cut -d- -f1 <<< "${pem: -21}")"
+  mkdir -p $STORAGE_ROOT/ssl.expired
+  for file in $STORAGE_ROOT/ssl/*-+([0-9])-+([0-9a-f]).pem; do
+    pem="$(basename "$file")"
+    not_valid_after="$(cut -d- -f1 <<< "${pem: -21}")"
 
-  if [ "$not_valid_after" -lt "$retain_after" ]; then
-    mv "$file" "$STORAGE_ROOT/ssl.expired/${pem}"
-  fi
-done
+    if [ "$not_valid_after" -lt "$retain_after" ]; then
+      mv "$file" "$STORAGE_ROOT/ssl.expired/${pem}"
+    fi
+  done
+fi