commit 692852c125f9c2e29824bb3d5fb2daf2a43f7216
Author: nd <git@notandy.de>
Date:   Sat Oct 7 03:19:30 2017 +0200

    initial commit with empty 8192 bit key

diff --git a/files/dh-1024.pem b/files/dh-1024.pem
new file mode 100644
index 0000000..f15c6f7
--- /dev/null
+++ b/files/dh-1024.pem
@@ -0,0 +1,5 @@
+-----BEGIN DH PARAMETERS-----
+MIGHAoGBANT1Mq4Em+/oCNi4HTmM0/WBvmu01NXbQTAlfQt7KoEicyFTgFaZP1Kq
+6QK8srTyHKcZamtpSpSnm5zJXowYpcby5/ftZqll90WpKY1lFad21cXtf+GfzmSP
+8EUNkA0yrguHWgeYS1GEWYil6NoNUaB2q6jZWhi4PdH1Ujd+Xm67AgEC
+-----END DH PARAMETERS-----
diff --git a/files/dh-2048.pem b/files/dh-2048.pem
new file mode 100644
index 0000000..4b36496
--- /dev/null
+++ b/files/dh-2048.pem
@@ -0,0 +1,8 @@
+-----BEGIN DH PARAMETERS-----
+MIIBCAKCAQEAvVPfuft6GGqKkLPvbX01zlMM0QCaRdOiZI0guwXZUgEgPxCcTcwv
+GICqTv8SfblBvaOzkl8AYFXpAkskUU9LTiZJbS552zYBZhzOYJ9okPzZNtzIAaTV
+1lh9GjHhZcn3UK+6edf/CySiihBnQpPruH/qrojgAY8UPtxM/ZAOAiktrsj317Gt
+PapWXZW6V+xx5iyzKIBrhYKmLkr6FtA2/yM0txfqb89ny4OJECn213TW2n8xmEvG
+iB9nL7tzheNLAmU9phee1XzRMYzzocHIFKGYVmwZNgp1dV/fzTBMs8NBp7NHoNqf
+capxMTVeniCiKqhSE2ycNxLtNgj5mwAZYwIBAg==
+-----END DH PARAMETERS-----
diff --git a/files/dh-4096.pem b/files/dh-4096.pem
new file mode 100644
index 0000000..4bff813
--- /dev/null
+++ b/files/dh-4096.pem
@@ -0,0 +1,13 @@
+-----BEGIN DH PARAMETERS-----
+MIICCAKCAgEAi3NbVOVxMy2uf8Rl2FdK5XRHL/hcsq5wxdMLcBIo3SQzwwxnwMuf
+XqgOC5Yl0THewKoGWZ9KLlAlNLUEntBdO+Q0dMl0QF3TUjMSZ6dDh4H2I5yAeuwd
+XAv2vTLteOjXXBsHvlxnU3FxippkQexp+7/Znosp9laMWyl9T9rUFwNktu1j/nuO
+E7ZIvDsvAOcq14iVEIiYOgcv4/S4r3S9BlN0Zj3aq4Dea31EAP/jS98vaw93Pi/j
+Ll2sa9AEa/xizlk9W5NGqUx5e5zXkifxjfxRlTpWx+ukbJ2TETCnH8v9EL22SS5L
+IxN/I2r+eopUdLFZfCA46HpWmpParbgKwpvCYgxHTs7CiFUi2myy20L2Rr1EKIzW
+7dr6aUl/5FAuTfazX0mJhBhXdjjpbgKWuGmZQ1fLha6FzBWQeZpNTirczsvqswR7
+TjADxqxfbk1c48eLklcWMmVDHoZMjVJhAYncerNCo95Pqowy001cmA+SngAPbBqD
+lw0ZfNZfOyeQ5emDArON5b3wnAJUj+wbOkVwICvhWOE7u/EChKO4mGyAZMI+IotE
+Al80MUAVbaJpGpQ2eWglE/pEsIcAdaTF4neA6baJIKjcS3qm61SRZmX9t9yjISfH
+CJq9Y7m9kDkJbhBcQpwkzK6oe4tIuLD9pSprFb6GPgQu34yg65Ki/nsCAQI=
+-----END DH PARAMETERS-----
diff --git a/files/dh-8192.pem b/files/dh-8192.pem
new file mode 100644
index 0000000..e69de29
diff --git a/files/regeneratekeys.sh b/files/regeneratekeys.sh
new file mode 100755
index 0000000..a416ee8
--- /dev/null
+++ b/files/regeneratekeys.sh
@@ -0,0 +1,5 @@
+#!/bin/sh
+openssl dhparam 1024 > dh-1024.pem &
+openssl dhparam 2048 > dh-2048.pem &
+openssl dhparam 4096 > dh-4096.pem &
+openssl dhparam 8192 > dh-8192.pem
diff --git a/tasks/main.yml b/tasks/main.yml
new file mode 100644
index 0000000..08cbf0d
--- /dev/null
+++ b/tasks/main.yml
@@ -0,0 +1,19 @@
+- name: copy dh param
+  copy:
+    src: "dh-{{ item }}.pem"
+    dest: "/etc/ssl/dh-{{ item }}.pem"
+  with_items:
+    - 1024
+    - 2048
+    - 4096
+    - 8192
+
+- name: create link to default dh param
+  file:
+    src: /etc/ssl/dh-4096.pem
+    dest: /etc/ssl/dhparams.pem
+    owner: root
+    group: root
+    state: link
+    mode: 0644
+