Skip to content

Commit

Permalink
added pre generated dh parameters
Browse files Browse the repository at this point in the history
  • Loading branch information
@MarvAmBass
MarvAmBass committed Sep 22, 2024
1 parent 96e1a0d commit f6302a5
Show file tree
Hide file tree
Showing 4 changed files with 17 additions and 27 deletions.
7 changes: 1 addition & 6 deletions Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,12 +33,7 @@ RUN apt-get -q -y update \
&& addgroup --gid 5000 vmail \
&& adduser --ingroup vmail --uid 5000 --home /var/vmail --shell /bin/false --disabled-password --gecos "" vmail \
\
&& touch /etc/mtab \
\
&& openssl dhparam -out /etc/postfix/dh4096.pem 4096 \
&& openssl dhparam -out /etc/postfix/dh2048.pem 2048 \
&& openssl dhparam -out /etc/postfix/dh1024.pem 1024 \
&& openssl dhparam -out /etc/postfix/dh512.pem 512
&& touch /etc/mtab

COPY config /etc/

Expand Down
4 changes: 2 additions & 2 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ _maintained by ServerContainers_
* 2024-09-22
* postfix tls fixes
* postfix config fixes
* added pre generated `dh4096.pem` dh parameter file to speed up build time
* 2024-07-18
* dovecot ssl fixes - min version TLSv1.0
* 2023-03-21
Expand Down Expand Up @@ -174,8 +175,7 @@ _for example: to set_ ___mynetworks_style = subnet___ _just add a environment va

- /etc/postfix/tls
- this is where the container looks for:
- dh1024.pem (to overwrite the one generated at container build)
- dh512.pem (to overwrite the one generated at container build)
- dh4096.pem (to overwrite the one generated at container build)
- rootCA.crt (to check valid client certificates against)
- client.crt (outgoing SSL Client cert)
- client.key (outgoing SSL Client key)
Expand Down
13 changes: 13 additions & 0 deletions config/dh-params/dh4096.pem
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
-----BEGIN DH PARAMETERS-----
MIICDAKCAgEArwSOIxD4rcA4QU2p0QQ9YsLYLTqPT+X93syi54VXtRyrujohpfp5
tsqtPLPQpk4MUEZKDZw/iFXc2luPzM5iKGPk0j+5uyo2UtFppkrV1iLei6nqExyM
tSDeTJadCEazAl2W8J62vvmdFxim9veUQp5nBVdye7QAu0awLCxqZ6sEIpRDGhLC
nLTl2T0xI5UEwYhSNv5I97a+hnJUFk2HTkaRYm2pTpBvozmpCYi7EGXfd44JE1YC
XA39xKZeybPjG2xROy59cgYKM4RRtSseUIxvovsmDCYdpXwNIRHEiRTbnFteg8tT
R9wl0ShwzIcpKAjMQbYWHxva8gQ6ksXGf/g6979bIhHhqzf22b9W2b70lqPylHFV
bS/rxqm6UeHG2tgzqVs8UMdGfjNl5OFRr2oPHCxkDPuKQkHuufiiaQw4kTX07pNs
r1Eg5//B0SyN5ovH1wQMto9SMfp4rnXpwfXZ7r9dgGjbrvEM9csLuu43UsR7d45i
3enHaVOoGw5gi15WHw3XX7pluMchDrrSYsldPqc0TzAatUiye0wftVFEnQWpRJjW
VqC2v6zVUd4nDl2/nmtcovFwXRvWPBmOMUJHjA4Ust/W9QfDH09cVsB0m6Y0o2HS
0rXwCgxTMpHWtIQMQ5jukB+zPhwjcyJuz4iLrbK6fZHwXoJHFr5wjz8CAQICAgFF
-----END DH PARAMETERS-----
20 changes: 1 addition & 19 deletions scripts/entrypoint.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -280,25 +280,7 @@ EOF
if [ -f /etc/postfix/tls/dh4096.pem ]; then
echo ">> using dh4096.pem provided in volume"
else
cp /etc/postfix/dh4096.pem /etc/postfix/tls/dh4096.pem
fi

if [ -f /etc/postfix/tls/dh2048.pem ]; then
echo ">> using dh2048.pem provided in volume"
else
cp /etc/postfix/dh2048.pem /etc/postfix/tls/dh2048.pem
fi

if [ -f /etc/postfix/tls/dh1024.pem ]; then
echo ">> using dh1024.pem provided in volume"
else
cp /etc/postfix/dh1024.pem /etc/postfix/tls/dh1024.pem
fi

if [ -f /etc/postfix/tls/dh512.pem ]; then
echo ">> using dh512.pem provided in volume"
else
cp /etc/postfix/dh512.pem /etc/postfix/tls/dh512.pem
cp /container/config/dh-params/dh4096.pem /etc/postfix/tls/dh4096.pem
fi

#
Expand Down

0 comments on commit f6302a5

Please sign in to comment.