post_install()
{
	if [ ! -f /etc/ssl/private/pure-ftpd-dhparams.pem ]; then
		echo
		openssl dhparam -out /etc/ssl/private/pure-ftpd-dhparams.pem 2048
		chmod 600 /etc/ssl/private/pure-ftpd-dhparams.pem
	fi

	if [ ! -f /etc/ssl/private/pure-ftpd.pem ]; then
		echo
		openssl req -x509 -nodes -newkey rsa:2048 -sha256 -keyout /etc/ssl/private/pure-ftpd.pem -out /etc/ssl/private/pure-ftpd.pem -days 3650 -subj "/C=US/ST=California/L=San Francisco/O=FD/CN=$(hostname -f)"
		echo
		echo "A self-signed SSL certificate has been generated for you."
		echo
		echo "You can generate a new one with the following commands (as root):"
		echo "openssl req -x509 -nodes -newkey rsa:2048 -sha256 -keyout /etc/ssl/private/pure-ftpd.pem -out /etc/ssl/private/pure-ftpd.pem -days 365"
		echo "chmod 600 /etc/ssl/private/pure-ftpd.pem"
		echo
		echo "Note: The Common Name (CN) should be exactly the FQDN of the server."
		echo "The validity can be extended by increasing the '-days' parameter value."
	fi

	echo "With some FTP clients (e.g. Total Commander, AndFTP) you may encounter unexpected"
	echo "closed connections. This can be resolved by enabling 'BrokenClientsCompatibility'"
	echo "in /etc/pure-ftpd/pure-ftpd.conf."
}

post_upgrade() {
    post_install
}
