dovecot2: added ssl_dh using security.dhparams

The 18.03 channel includes dovecot 2.3, which requires ssl_dh to be set.
-> fixes https://github.com/nixcloud/nixcloud-webservices/issues/21

nixos/modules/services/mail/dovecot.nix

@@ -25,6 +25,7 @@ let
       ssl_cert = <${cfg.sslServerCert}
       ssl_key = <${cfg.sslServerKey}
       ${optionalString (!(isNull cfg.sslCACert)) ("ssl_ca = <" + cfg.sslCACert)}
+      ssl_dh = <${config.security.dhparams.path}/dovecot2.pem
       disable_plaintext_auth = yes
     '')
 
@@ -297,10 +298,15 @@ in
 
 
   config = mkIf cfg.enable {
-
     security.pam.services.dovecot2 = mkIf cfg.enablePAM {};
 
-    services.dovecot2.protocols =
+    security.dhparams = mkIf (! isNull cfg.sslServerCert) {
+      enable = true;
+      params = {
+        dovecot2 = 2048;
+      };
+    };
+   services.dovecot2.protocols =
      optional cfg.enableImap "imap"
      ++ optional cfg.enablePop3 "pop3"
      ++ optional cfg.enableLmtp "lmtp";