Add ability to opt-out dh param auto generation

docker-entrypoint.sh

@@ -16,7 +16,8 @@ fi
 
 # Generate dhparam file if required
 # Note: if $DHPARAM_BITS is not defined, generate-dhparam.sh will use 2048 as a default
-/app/generate-dhparam.sh $DHPARAM_BITS
+# Note2: if $GENERATE_DHPARAM is set to false in environment variable, dh param generator will skip completely
+/app/generate-dhparam.sh $DHPARAM_BITS $GENERATE_DHPARAM
 
 # Compute the DNS resolvers for use in the templates
 export RESOLVERS=$(awk '$1 == "nameserver" {print $2}' ORS=' ' /etc/resolv.conf | sed 's/ *$//g')

generate-dhparam.sh

@@ -2,6 +2,7 @@
 
 # The first argument is the bit depth of the dhparam, or 2048 if unspecified
 DHPARAM_BITS=${1:-2048}
+GENERATE_DHPARAM=${2:-true}
 
 # If a dhparam file is not available, use the pre-generated one and generate a new one in the background.
 # Note that /etc/nginx/dhparam is a volume, so this dhparam will persist restarts.
@@ -25,6 +26,11 @@ if [[ -f $DHPARAM_FILE ]]; then
     fi
 fi
 
+if [[ $GENERATE_DHPARAM =~ ^[Ff][Aa][Ll][Ss][Ee]$ ]]; then
+    echo "Skipping Diffie-Hellman parameters generation and Ignoring pre-generated dhparam.pem"
+    exit 0
+fi
+
 cat >&2 <<-EOT
 WARNING: $DHPARAM_FILE was not found. A pre-generated dhparam.pem will be used for now while a new one
 is being generated in the background.  Once the new dhparam.pem is in place, nginx will be reloaded.