about summary refs log tree commit diff

Scadere

Scadere is a TLS certificate renewal reminder. It checks for certificates that are about to expire and provides an Atom feed for notification.

Installation

The recommended installation method is through your distribution. Installing from source should only be considered as a last resort; if you are capable of doing so, please also package scadere for your distribution.

Scadere requires Python 3.11 or later, and uses flit 3.12 or above as the PEP 517 build backend. Installation can be done with flit install or pip install ..

With scadere-check and scadere-listen under $prefix/bin, the manual pages can be built and installed using make(1p), GNU help2man and install(1):

cd doc
make PREFIX=$prefix
make install PREFIX=$prefix

(FYI, GNU make has an extension that allows specifying --directory=doc, which can save you from having to change the directory.)

Usage

Expiration checking

$ scadere-check --help
Usage: scadere-check [-h] [-v] [-d DAYS] [-o PATH] HOST[:PORT]...

Check TLS certificate expiration of HOST, where PORT defaults to 443.

Options:
  -h, --help            show this help message and exit
  -v, --version         show program's version number and exit
  -d DAYS, --days=DAYS  days before expiration (default to 7)
  -o PATH, --output=PATH
                        output file (default to stdout)

It is recommended to schedule scadere-check chronically. See contrib/scadere-check.* for an example systemd timer configuration.

Expiration notification

$ scadere-listen --help
Usage: scadere-listen [-h] [-v] [-t TITLE] PATH URL [[HOST][:PORT]]

Serve at URL Atom feeds for TLS certificate renewal reminder.
It is possible for clients to filter domains
using one or more "domain" URL queries.

The certificate information is read from the file at PATH,
which is generated by scadere-check(1).

The server listens for TCP connections coming to HOST:PORT,
where HOST defaults to localhost and PORT is selected randomly
if not specified.

Options:
  -h, --help            show this help message and exit
  -v, --version         show program's version number and exit
  -t TITLE, --title=TITLE
                        title of Atom feeds (default to PATH's filename)

A sample scadere-listen.service for systemd is also available under the contrib directory.

Hacking

Unit testing is done with pytest, pytest-asyncio, Hypothesis and trustme. Since scadere itself does not depend on any Python package, it is safe to be tested in-tree:

PYTHONPATH=src pytest

Contributing

Issues should be reported to chung@loa.loang.net.

The mailing list also welcomes patches. Please maintain a full branch coverage, keep the hobgoblins happy, and ensure the software is easy to reuse:

PYTHONPATH=src coverage run && coverage report
flake8
reuse lint

Patches should be sent using git send-email with the following configuration:

git config sendemail.to 'chung@loa.loang.net'
git config format.subjectPrefix 'PATCH scadere'

Copying

AGPLv3

Scadere is free software: you can redistribute and/or modify it under the terms of the GNU Affero General Public License version 3 or later.

generated by cgit-pink 1.4.1 (git 2.36.1) at 2025-08-28 07:09:21 +0000