From 7a4ff0b673be24cf2d0bd0c71c3b3762b182659e Mon Sep 17 00:00:00 2001
From: Fabio Rauber <fabiorauber@gmail.com>
Date: Thu, 19 Oct 2017 11:08:01 -0200
Subject: [PATCH] Added LE_KEYSIZE environment variable

---
 config               | 4 ++--
 docker-entrypoint.sh | 8 ++++++++
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/config b/config
index 1a066d9..5238acc 100644
--- a/config
+++ b/config
@@ -46,7 +46,7 @@ CERTDIR="/etc/ssl"
 WELLKNOWN="/var/www/.well-known/acme-challenge"
 
 # Default keysize for private keys (default: 4096)
-#KEYSIZE="4096"
+KEYSIZE="4096"
 
 # Path to openssl config file (default: <unset> - tries to figure out system default)
 #OPENSSL_CNF=
@@ -85,4 +85,4 @@ KEY_ALGO=secp384r1
 #LOCKFILE="${BASEDIR}/lock"
 
 # Option to add CSR-flag indicating OCSP stapling to be mandatory (default: no)
-OCSP_MUST_STAPLE="yes"
\ No newline at end of file
+OCSP_MUST_STAPLE="yes"
diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
index 9b9aed2..6398315 100755
--- a/docker-entrypoint.sh
+++ b/docker-entrypoint.sh
@@ -37,5 +37,13 @@ else
     fi
 fi
 
+if [ "${LE_KEYSIZE}" == '2048' ]; then
+    echo "***** KEY SIZE ${LE_KEYSIZE} bits *****"
+    sed -i 's@KEYSIZE=.*@KEYSIZE="2048"@g' /etc/dehydrated/config
+else
+    echo "***** KEY SIZE 4096 bits *****"
+fi
+
+
 echo "${@}"
 exec "${@}"