server: Derive the server key from a seed

Fixes #504.

lldap_config.docker_template.toml

@@ -93,8 +93,15 @@ database_url = "sqlite:///data/users.db?mode=rwc"
 ## would still have to perform an (expensive) brute force attack to find
 ## each password.
 ## Randomly generated on first run if it doesn't exist.
+## Alternatively, you can use key_seed to override this instead of relying on
+## a file.
 key_file = "/data/private_key"
 
+## Seed to generate the server private key, see key_file above.
+## This can be any random string, the recommendation is that it's at least 12
+## characters long.
+#key_seed = "RanD0m STR1ng"
+
 ## Ignored attributes.
 ## Some services will request attributes that are not present in LLDAP. When it
 ## is the case, LLDAP will warn about the attribute being unknown. If you want
@@ -106,7 +113,7 @@ key_file = "/data/private_key"
 ## Options to configure SMTP parameters, to send password reset emails.
 ## To set these options from environment variables, use the following format
 ## (example with "password"): LLDAP_SMTP_OPTIONS__PASSWORD
-#[smtp_options]
+[smtp_options]
 ## Whether to enabled password reset via email, from LLDAP.
 #enable_password_reset=true
 ## The SMTP server.
@@ -128,7 +135,7 @@ key_file = "/data/private_key"
 ## Options to configure LDAPS.
 ## To set these options from environment variables, use the following format
 ## (example with "port"): LLDAP_LDAPS_OPTIONS__PORT
-#[ldaps_options]
+[ldaps_options]
 ## Whether to enable LDAPS.
 #enabled=true
 ## Port on which to listen.