#!/usr/bin/env bash
# Generate ssl keys
if [ ! -f /etc/ssl/dovecot/tls.pem ] || [ ! -f /etc/ssl/dovecot/tls.key ]
then
    exit 1
#     mkdir -p /etc/ssl/dovecot/
#     openssl req \
#         -x509 \
#         -newkey rsa:4096 \
#         -sha512 \
#         -nodes \
#         -keyout /etc/ssl/dovecot/tls.key \
#         -out /etc/ssl/dovecot/tls.pem \
#         -subj "/CN=${MYVEMAIL_SUBDOMAIN}.${MYVEMAIL_DOMAIN}" \
#         -days 3650
fi

# dh.pem
[ -f /etc/ssl/dovecot/dh.pem ] || openssl dhparam -out /etc/ssl/dovecot/dh.pem 4096

# Permissions
setfacl -R -m u:${MYVEMAIL_NGINX_USERGROUP}:rx /etc/ssl/dovecot/