Use a predefined dhparam.pem, This fixes issue #322

master
Greg Fitzgerald 7 years ago committed by kaiyou
parent 7a9d2c9725
commit f1ad2cf4d0

@ -5,4 +5,6 @@ RUN apk add --no-cache nginx nginx-mod-mail python py-jinja2 certbot openssl
COPY conf /conf
COPY *.py /
COPY dhparam.pem /certs/dhparam.pem
CMD /start.py

@ -0,0 +1,13 @@
-----BEGIN DH PARAMETERS-----
MIICCAKCAgEA//////////+t+FRYortKmq/cViAnPTzx2LnFg84tNpWp4TZBFGQz
+8yTnc4kmz75fS/jY2MMddj2gbICrsRhetPfHtXV/WVhJDP1H18GbtCFY2VVPe0a
87VXE15/V8k1mE8McODmi3fipona8+/och3xWKE2rec1MKzKT0g6eXq8CrGCsyT7
YdEIqUuyyOP7uWrat2DX9GgdT0Kj3jlN9K5W7edjcrsZCwenyO4KbXCeAvzhzffi
7MA0BM0oNC9hkXL+nOmFg/+OTxIy7vKBg8P+OxtMb61zO7X8vC7CIAXFjvGDfRaD
ssbzSibBsu/6iGtCOGEfz9zeNVs7ZRkDW7w09N75nAI4YbRvydbmyQd62R0mkff3
7lmMsPrBhtkcrv4TCYUTknC0EwyTvEN5RPT9RFLi103TZPLiHnH1S/9croKrnJ32
nuhtK8UiNjoNq8Uhl5sN6todv5pC1cRITgq80Gv6U93vPBsg7j/VnXwl5B0rZp4e
8W5vUsMWTfT7eTDp5OWIV7asfV9C1p9tGHdjzx1VA0AEh/VbpX4xzHpxNciG77Qx
iu1qHgEtnmgyqQdgCpGBMMRtx3j5ca0AOAkpmaMzy4t6Gh25PXFAADwqTs6p+Y0K
zAqCkc3OyX3Pjsm1Wn+IpGtNtahR9EGC4caKAH5eZV9q//////////8CAQI=
-----END DH PARAMETERS-----

@ -7,10 +7,6 @@ import subprocess
if os.path.exists("/var/log/nginx.pid"):
os.remove("/var/log/nginx.pid")
# Actual startup script
if not os.path.exists("/certs/dhparam.pem") and os.environ["TLS_FLAVOR"] != "notls":
os.system("openssl dhparam -out /certs/dhparam.pem 4096")
if os.environ["TLS_FLAVOR"] == "letsencrypt":
subprocess.Popen(["/letsencrypt.py"])

Loading…
Cancel
Save