projects / discourse_docker.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 0b03a3c)
Use a 2048 dhparam again
authorRafael dos Santos Silva <xfalcox@gmail.com>
Thu, 22 Dec 2016 16:54:21 +0000 (14:54 -0200)
committerGitHub <noreply@github.com>
Thu, 22 Dec 2016 16:54:21 +0000 (14:54 -0200)
4096 takes 16x as long, we can't allow several hours installs

https://meta.discourse.org/t/prime-calculation-for-openssl-just-goes-on/54653/5?u=falco

templates/web.ssl.template.yml patch | blob | blame | history

diff --git a/templates/web.ssl.template.yml b/templates/web.ssl.template.yml
index 17cadad82e2ee003dc92a7e08fa4214ee5389ad9..b1ce92875248d946627916769532c7b7519f84d1 100644 (file)
--- a/templates/web.ssl.template.yml
+++ b/templates/web.ssl.template.yml
@@ -3,7 +3,7 @@ run:
      cmd:
        # Generate strong Diffie-Hellman parameters
        - "mkdir -p /shared/ssl/"
-       - "[ -e /shared/ssl/dhparams.pem ] || openssl dhparam -out /shared/ssl/dhparams.pem 4096"
+       - "[ -e /shared/ssl/dhparams.pem ] || openssl dhparam -out /shared/ssl/dhparams.pem 2048"
   - replace:
      filename: "/etc/nginx/conf.d/discourse.conf"
      from: /server.+{/