updated subst to comment ssl_dhparam if error generating dhparam

.vscode/numbered-bookmarks.json

@@ -4,15 +4,15 @@
 			"fsPath": "$ROOTPATH$/setup.sh",
 			"bookmarks": [
 				-1,
-				30,
+				19,
-				44,
+				54,
-				701,
+				744,
 				-1,
 				-1,
 				-1,
 				-1,
-				-1,
+				657,
-				611
+				706
 			]
 		}
 	]

setup.sh

@@ -49,6 +49,7 @@ unset phpAddr
 unset phpPort
 unset phpSock
 unset dhsuccess
+unset disableDHParam
 unset copysuccess
 
 # set variables
@@ -63,6 +64,7 @@ useSSL=0
 useCertbot=0
 generateDH=0
 noOSCP=0
+disableDHParam=0
 
 # set tags and files to update
 tag_servernames="<server name(s)>"
@@ -649,7 +651,12 @@ if [ "${generateDH}" -eq 1 ]; then
         DHPath='/etc/ssl/certs/dhparam.pem'
     else
         echo -e "${err}-- error generating dhparam.pem --"
-        echo -e "you should manaully generate this file${norm}"
+        echo -e "you should manually generate this file${norm}"
+        echo -e "\n${warn}The relevant section of the NGINX configuration will be disabled${norm}\n"
+        # set DHPath to default BUT set flag to comment ssl_dhparam in mozModern_ssl.conf
+        DHPath='etc/ssl/certs/dhparam.pem'
+        disableDHParam=1
+
     fi
 fi
 
@@ -696,6 +703,10 @@ if [ "${useSSL}" -eq 1 ]; then
         sed -i 's/^ssl_stapling/#ssl_stapling/g' "${configPath}/${file_mozmodern}"
         sed -i 's/^ssl_trusted/#ssl_trusted/' "${configPath}/${file_mozmodern}"
     fi
+    # comment ssl_dhparam line if error generating dhparam.pem
+    if [ "${disableDHParam}" -eq 1 ]; then
+        sed -i 's/^ssl_dhparam/#ssl_dhparam/' "${configPath}/${file_mozmodern}"
+    fi
 fi
 
 # process LAN IP in nginx.conf