use preinstalled dh params file instead of generating a new one which takes a lot of time

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
2022-11-13 15:09:16 +01:00
parent cc1d427a69
commit 6904acc9ea
8 changed files with 8 additions and 16 deletions
--- a/lib/configfiles/bionic.xml
+++ b/lib/configfiles/bionic.xml
@@ -3462,7 +3462,7 @@ ssl_key = <<SSL_KEY_FILE>
 # Generate new params with `openssl dhparam -out /etc/dovecot/dh.pem 4096`
 # Or migrate from old ssl-parameters.dat file with the command dovecot
 # gives on startup when ssl_dh is unset.
-ssl_dh = </etc/dovecot/dh.pem
+ssl_dh = </usr/share/dovecot/dh.pem

 # SSL protocols to use
 #ssl_protocols = !SSLv3
@@ -3911,7 +3911,6 @@ plugin {
 						</file>
 					</files>
 					<commands index="1">
-						<command><![CDATA[openssl dhparam -out /etc/dovecot/dh.pem 4096]]></command>
 						<command><![CDATA[/etc/init.d/dovecot restart]]></command>
 					</commands>
 				</general>
--- a/lib/configfiles/bookworm.xml
+++ b/lib/configfiles/bookworm.xml
@@ -2522,7 +2522,7 @@ service stats {
 ssl = yes
 ssl_cert = <<SSL_CERT_FILE>
 ssl_key = <<SSL_KEY_FILE>
-ssl_dh = </etc/dovecot/dh.pem
+ssl_dh = </usr/share/dovecot/dh.pem

 postmaster_address = postmaster@<SERVERNAME>

@@ -2545,7 +2545,6 @@ plugin {
 						</file>
 					</files>
 					<commands index="1">
-						<command><![CDATA[openssl dhparam -out /etc/dovecot/dh.pem 4096]]></command>
 						<command><![CDATA[service dovecot restart]]></command>
 					</commands>
 				</general>
--- a/lib/configfiles/bullseye.xml
+++ b/lib/configfiles/bullseye.xml
@@ -3500,7 +3500,7 @@ ssl_client_ca_dir = /etc/ssl/certs
 # Generate new params with `openssl dhparam -out /etc/dovecot/dh.pem 4096`
 # Or migrate from old ssl-parameters.dat file with the command dovecot
 # gives on startup when ssl_dh is unset.
-ssl_dh = </etc/dovecot/dh.pem
+ssl_dh = </usr/share/dovecot/dh.pem

 # Minimum SSL protocol version to use. Potentially recognized values are SSLv3,
 # TLSv1, TLSv1.1, and TLSv1.2, depending on the OpenSSL version used.
@@ -4115,7 +4115,6 @@ plugin {
 						</file>
 					</files>
 					<commands index="1">
-						<command><![CDATA[openssl dhparam -out /etc/dovecot/dh.pem 4096]]></command>
 						<command><![CDATA[service dovecot restart]]></command>
 					</commands>
 				</general>
--- a/lib/configfiles/buster.xml
+++ b/lib/configfiles/buster.xml
@@ -3496,7 +3496,7 @@ ssl_client_ca_dir = /etc/ssl/certs
 # Generate new params with `openssl dhparam -out /etc/dovecot/dh.pem 4096`
 # Or migrate from old ssl-parameters.dat file with the command dovecot
 # gives on startup when ssl_dh is unset.
-ssl_dh = </etc/dovecot/dh.pem
+ssl_dh = </usr/share/dovecot/dh.pem

 # Minimum SSL protocol version to use. Potentially recognized values are SSLv3,
 # TLSv1, TLSv1.1, and TLSv1.2, depending on the OpenSSL version used.
@@ -4110,7 +4110,6 @@ plugin {
 						</file>
 					</files>
 					<commands index="1">
-						<command><![CDATA[openssl dhparam -out /etc/dovecot/dh.pem 4096]]></command>
 						<command><![CDATA[/etc/init.d/dovecot restart]]></command>
 					</commands>
 				</general>
--- a/lib/configfiles/focal.xml
+++ b/lib/configfiles/focal.xml
@@ -2878,7 +2878,7 @@ ssl_key = <<SSL_KEY_FILE>
 # Generate new params with `openssl dhparam -out /etc/dovecot/dh.pem 4096`
 # Or migrate from old ssl-parameters.dat file with the command dovecot
 # gives on startup when ssl_dh is unset.
-ssl_dh = </etc/dovecot/dh.pem
+ssl_dh = </usr/share/dovecot/dh.pem

 # SSL protocols to use
 #ssl_protocols = !SSLv3
@@ -3327,7 +3327,6 @@ plugin {
 						</file>
 					</files>
 					<commands index="1">
-						<command><![CDATA[openssl dhparam -out /etc/dovecot/dh.pem 4096]]></command>
 						<command><![CDATA[service dovecot restart]]></command>
 					</commands>
 				</general>
--- a/lib/configfiles/gentoo.xml
+++ b/lib/configfiles/gentoo.xml
@@ -1986,7 +1986,7 @@ sql_select: SELECT password_enc FROM mail_users WHERE username='%u@%r' OR email=
 				<!-- Dovecot -->
 				<daemon name="dovecot_postfix" version="2" title="Dovecot"
 					default="true">
-					<command><![CDATA[echo "net-mail/dovecot mysql managesieve sieve" >> /etc/portage/package.use/froxlor]]></command>
+					<command><![CDATA[echo "net-mail/dovecot argon2 mysql managesieve sieve" >> /etc/portage/package.use/froxlor]]></command>
 					<install><![CDATA[emerge net-mail/dovecot]]></install>
 					<file name="/etc/dovecot/dovecot.conf" chown="root:root"
 						chmod="0640" backup="true">
@@ -2341,7 +2341,7 @@ plugin {
 ]]>
 							</content>
 						</file>
-					<command><![CDATA[openssl dhparam -out /etc/dovecot/dh.pem 4096]]></command>
+					<command><![CDATA[openssl dhparam -out /etc/dovecot/dh.pem 3072]]></command>
 					<command><![CDATA[rc-update add dovecot default]]></command>
 					<command><![CDATA[/etc/init.d/dovecot restart]]></command>
 				</daemon>
--- a/lib/configfiles/jammy.xml
+++ b/lib/configfiles/jammy.xml
@@ -2878,7 +2878,7 @@ ssl_key = <<SSL_KEY_FILE>
 # Generate new params with `openssl dhparam -out /etc/dovecot/dh.pem 4096`
 # Or migrate from old ssl-parameters.dat file with the command dovecot
 # gives on startup when ssl_dh is unset.
-ssl_dh = </etc/dovecot/dh.pem
+ssl_dh = </usr/share/dovecot/dh.pem


 # SSL protocols to use
@@ -3328,7 +3328,6 @@ plugin {
 						</file>
 					</files>
 					<commands index="1">
-						<command><![CDATA[openssl dhparam -out /etc/dovecot/dh.pem 4096]]></command>
 						<command><![CDATA[service dovecot restart]]></command>
 					</commands>
 				</general>