Change dh param gen to function

src/ansible-semaphore/install-service.sh

@@ -212,7 +212,7 @@ echo "source <(semaphore completion bash)" >> /root/.bashrc
 semaphore user add --admin --login ${SEMAPHORE_ADMIN} --name ${SEMAPHORE_ADMIN_DISPLAY_NAME} --email ${SEMAPHORE_ADMIN_EMAIL} --password ${SEMAPHORE_ADMIN_PASSWORD} --config /etc/semaphore/config.json
 
 
-openssl dhparam -out /etc/nginx/dhparam.pem 4096
+generate_dhparam
 
 systemctl daemon-reload
 systemctl enable --now semaphore.service

src/gitea/install-service.sh

@@ -181,7 +181,7 @@ server {
 }
 
 EOF
-openssl dhparam -out /etc/nginx/dhparam.pem 4096
+generate_dhparam
 
 systemctl daemon-reload
 systemctl enable --now gitea

src/kopano-core/install-service.sh

@@ -149,7 +149,7 @@ sed -i "s/define('LANG', 'en_US.UTF-8')/define('LANG', 'de_DE.UTF-8')/" /etc/kop
 #### Adjust nginx settings ####
 
 openssl req -x509 -nodes -days 3650 -newkey rsa:4096 -keyout /etc/ssl/private/kopano.key -out /etc/ssl/certs/kopano.crt -subj "/CN=$KOPANO_FQDN" -addext "subjectAltName=DNS:$KOPANO_FQDN"
-openssl dhparam -dsaparam -out /etc/ssl/certs/dhparam.pem 4096
+generate_dhparam
 
 #mv /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak
 

src/nextcloud/install-service.sh

@@ -90,7 +90,7 @@ sed -i "s/rights=\"none\" pattern=\"XPS\"/rights=\"read|write\" pattern=\"XPS\"/
 
 mkdir -p /etc/nginx/ssl
 openssl req -x509 -nodes -days 3650 -newkey rsa:4096 -keyout /etc/ssl/private/nextcloud.key -out /etc/ssl/certs/nextcloud.crt -subj "/CN=$NEXTCLOUD_FQDN" -addext "subjectAltName=DNS:$NEXTCLOUD_FQDN"
-openssl dhparam -dsaparam -out /etc/ssl/certs/dhparam.pem 4096
+generate_dhparam
 
 mv /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak
 

src/vaultwarden/install-service.sh

@@ -40,7 +40,7 @@ ORG_CREATION_USERS=admin@$LXC_DOMAIN
 # Use `openssl rand -base64 48` to generate
 ADMIN_TOKEN=$admin_token
 # Uncomment this once vaults restored
-SIGNUPS_ALLOWED=false
+SIGNUPS_ALLOWED=$VW_SIGNUPS_ALLOWED
 SMTP_HOST=$VW_SMTP_HOST
 SMTP_FROM=$VW_SMTP_FROM
 SMTP_FROM_NAME="$VW_SMTP_FROM_NAME"
@@ -154,7 +154,10 @@ server {
 }
 
 EOF
-openssl dhparam -out /etc/nginx/dhparam.pem 4096
+
+generate_dhparam
+
+unlink /etc/nginx/sites-enabled/default
 
 systemctl daemon-reload
 systemctl enable --now vaultwarden

src/zabbix/install-service.sh

@@ -222,7 +222,7 @@ zcat /usr/share/zabbix-sql-scripts/postgresql/server.sql.gz | sudo -u zabbix psq
 
 echo "DBPassword=${ZABBIX_DB_PWD}" >> /etc/zabbix/zabbix_server.conf
 
-openssl dhparam -out /etc/nginx/dhparam.pem 4096
+generate_dhparam
 
 systemctl enable --now zabbix-server zabbix-agent nginx php8.2-fpm 
 

src/zammad/install-service.sh

@@ -157,7 +157,7 @@ EOF
 
 ln -sf /etc/nginx/sites-available/zammad.conf /etc/nginx/sites-enabled/
 
-openssl dhparam -out /etc/nginx/dhparam.pem 4096
+generate_dhparam
 
 /usr/share/elasticsearch/bin/elasticsearch-plugin install -b ingest-attachment