Add GENERATE_DHPARAM

Dockerfile

@@ -18,6 +18,7 @@ ENV EMAIL=
 ENV INTERVAL="0 */6 * * *"
 ENV STAGING=false
 ENV PROPOGATION_TIME=10
+ENV GENERATE_DHPARAM=true
 
 ENTRYPOINT ["/usr/bin/tini", "-s", "/run.sh"]
 

README.md

@@ -25,8 +25,9 @@ docker run -d --name certbot-cron \
 | EMAIL | None | Email address for renewal information & other communications |
 | DOMAINS | None | Domains to be included in the certificate. Comma separated list, no spaces. Wildcards supported |
 | INTERVAL | 0 */6 * * * | How often certbot attempts to renew the certificate. Cron syntax |
-| STAGING | false | Uses the LetsEncrypt staging endpoint for testing - avoids the aggressive rate-limiting of the production endpoint |
+| STAGING | false | (case-sensitive) Uses the LetsEncrypt staging endpoint for testing - avoids the aggressive rate-limiting of the production endpoint |
 | PROPOGATION_TIME | 10 | The amount of time (seconds) that certbot waits for the TXT records to propogate to Cloudflare before verifying - the more domains in the certificate, the longer you might need |
+| GENERATE_DHPARAM | true | (case-sensitive) Generate Diffie-Hellman keys in /config/letsencrypt/keys |
 
 
 ## Volumes

run.sh

@@ -71,6 +71,12 @@ else
     exit 8
 fi
 
+if [[ $GENERATE_DHPARAM = true ]]
+then
+    echo "Generating Diffie-Hellman keys, saved to /config/letsencrypt/keys"
+    openssl dhparam -out /config/letsencrypt/keys/ssl-dhparams.pem 4096
+fi
+
 echo "$INTERVAL /renew.sh > /proc/1/fd/1 2>/proc/1/fd/2" > /crontab.txt
 
 echo "Starting automatic renewal job. Schedule is $INTERVAL"