hide lots of unnecessary and scary output during setup

setup/dkim.sh

@@ -54,6 +54,6 @@ tools/editconf.py /etc/postfix/main.cf \
 	milter_default_action=accept
 
 # Restart services.
-service opendkim restart
-service postfix restart
+restart_service opendkim
+restart_service postfix
 

setup/functions.sh

@@ -1,22 +1,58 @@
+function hide_output {
+	# This function hides the output of a command unless the command fails
+	# and returns a non-zero exit code.
+
+	# Get a temporary file.
+	OUTPUT=$(tempfile)
+
+	# Execute command, redirecting stderr/stdout to the temporary file.
+	$@ &> $OUTPUT
+
+	# If the command failed, show the output that was captured in the temporary file.
+	if [ $? != 0 ]; then
+		# Something failed.
+		echo
+		echo FAILED: $@
+		echo -----------------------------------------
+		cat $OUTPUT
+		echo -----------------------------------------
+	fi
+
+	# Remove temporary file.
+	rm -f $OUTPUT
+}
+
 function apt_install {
 	# Report any packages already installed.
 	PACKAGES=$@
 	TO_INSTALL=""
+	ALREADY_INSTALLED=""
 	for pkg in $PACKAGES; do
 		if dpkg -s $pkg 2>/dev/null | grep "^Status: install ok installed" > /dev/null; then
-			echo $pkg is already installed \(`dpkg -s $pkg | grep ^Version: | sed -e "s/.*: //"`\)
+			if [[ ! -z "$ALREADY_INSTALLED" ]]; then ALREADY_INSTALLED="$ALREADY_INSTALLED, "; fi
+			ALREADY_INSTALLED="$ALREADY_INSTALLED$pkg (`dpkg -s $pkg | grep ^Version: | sed -e 's/.*: //'`)"
 		else
 			TO_INSTALL="$TO_INSTALL""$pkg "
 		fi
 	done
 
+	# List the packages already installed.
+	if [[ ! -z "$ALREADY_INSTALLED" ]]; then
+		echo already installed: $ALREADY_INSTALLED
+	fi
+
 	# List the packages about to be installed.
 	if [[ ! -z "$TO_INSTALL" ]]; then
 		echo installing $TO_INSTALL...
 	fi
 
 	# 'DEBIAN_FRONTEND=noninteractive' is to prevent dbconfig-common from asking you questions.
-	DEBIAN_FRONTEND=noninteractive apt-get -qq -y install $PACKAGES > /dev/null;
+	# Although we could pass -qq to apt-get to make output quieter, many packages write to stdout
+	# and stderr things that aren't really important. Use our hide_output function to capture
+	# all of that and only show it if there is a problem (i.e. if apt_get returns a failure exit status).
+	DEBIAN_FRONTEND=noninteractive \
+	hide_output \
+	apt-get -y install $PACKAGES
 }
 
 function get_default_hostname {
@@ -101,3 +137,6 @@ function ufw_allow {
 	fi
 }
 
+function restart_service {
+	hide_output service $1 restart
+}

setup/mail-dovecot.sh

@@ -133,6 +133,4 @@ chown -R mail.mail $STORAGE_ROOT/mail/sieve
 ufw_allow imaps
 
 # Restart services.
-service dovecot restart
-
-
+restart_service dovecot

setup/mail-postfix.sh

@@ -137,4 +137,4 @@ ufw_allow submission
 
 # Restart services
 
-service postfix restart
+restart_service postfix

setup/mail-users.sh

@@ -100,7 +100,7 @@ EOF
 # Restart Services
 ##################
 
-service postfix restart
-service dovecot restart
+restart_service postfix
+restart_service dovecot
 
 

setup/management.sh

@@ -3,7 +3,7 @@
 source setup/functions.sh
 
 apt_install python3-flask links duplicity libyaml-dev python3-dnspython
-pip3 install rtyaml
+hide_output pip3 install rtyaml
 
 # Create a backup directory and a random key for encrypting backups.
 mkdir -p $STORAGE_ROOT/backup
@@ -19,7 +19,7 @@ ln -s `pwd`/management/daemon.py /usr/local/bin/mailinabox-daemon
 # running after a reboot.
 rm -f /etc/init.d/mailinabox
 ln -s $(pwd)/conf/management-initscript /etc/init.d/mailinabox
-update-rc.d mailinabox defaults
+hide_output update-rc.d mailinabox defaults
 
 # Perform a daily backup.
 cat > /etc/cron.daily/mailinabox-backup << EOF;
@@ -31,4 +31,4 @@ EOF
 chmod +x /etc/cron.daily/mailinabox-backup
 
 # Start it.
-service mailinabox restart
+restart_service mailinabox

setup/spamassassin.sh

@@ -19,7 +19,7 @@ tools/editconf.py /etc/default/spamassassin \
 	CRON=1
 
 # Configure pyzor.
-pyzor discover
+hide_output pyzor discover
 
 # Pass messages on to docevot on port 10026.
 # This is actually the default setting but we don't want to lose track of it.
@@ -58,6 +58,6 @@ EOF
 # sa-learn --spam storage/mail/mailboxes/*/*/.Spam/cur/
 
 # Kick services.
-sudo service spampd restart
-sudo service dovecot restart
+restart_service spampd
+restart_service dovecot
 

setup/ssl.sh

@@ -24,20 +24,24 @@ mkdir -p $STORAGE_ROOT/ssl
 if [ ! -f $STORAGE_ROOT/ssl/ssl_certificate.pem ]; then
 	# Generate a new private key if one doesn't already exist.
 	# Set the umask so the key file is not world-readable.
-	(umask 077; openssl genrsa -out $STORAGE_ROOT/ssl/ssl_private_key.pem 2048)
+	(umask 077; hide_output \
+		openssl genrsa -out $STORAGE_ROOT/ssl/ssl_private_key.pem 2048)
 fi
 if [ ! -f $STORAGE_ROOT/ssl/ssl_cert_sign_req.csr ]; then
 	# Generate a certificate signing request if one doesn't already exist.
+	hide_output \
 	openssl req -new -key $STORAGE_ROOT/ssl/ssl_private_key.pem -out $STORAGE_ROOT/ssl/ssl_cert_sign_req.csr \
 	  -subj "/C=$CSR_COUNTRY/ST=/L=/O=/CN=$PRIMARY_HOSTNAME"
 fi
 if [ ! -f $STORAGE_ROOT/ssl/ssl_certificate.pem ]; then
 	# Generate a SSL certificate by self-signing if a SSL certificate doesn't yet exist.
+	hide_output \
 	openssl x509 -req -days 365 \
 	  -in $STORAGE_ROOT/ssl/ssl_cert_sign_req.csr -signkey $STORAGE_ROOT/ssl/ssl_private_key.pem -out $STORAGE_ROOT/ssl/ssl_certificate.pem
 fi
 
 echo
 echo "Your SSL certificate's fingerpint is:"
-openssl x509 -in $STORAGE_ROOT/ssl/ssl_certificate.pem -noout -fingerprint
+openssl x509 -in $STORAGE_ROOT/ssl/ssl_certificate.pem -noout -fingerprint \
+	| sed "s/SHA1 Fingerprint=//"
 echo

setup/system.sh

@@ -2,8 +2,9 @@ source setup/functions.sh # load our functions
 
 # Base system configuration.
 
-apt-get -qq update
-apt-get -qq -y upgrade
+echo Updating system packages...
+hide_output apt-get update
+hide_output apt-get -y upgrade
 
 # Install basic utilities.
 
@@ -60,4 +61,4 @@ if ! grep -q "listen-on " /etc/bind/named.conf.options; then
 	sed -i "s/^}/\n\tlisten-on { 127.0.0.1; };\n}/" /etc/bind/named.conf.options
 fi
 
-service bind9 restart
+restart_service bind9

setup/web.sh

@@ -34,7 +34,7 @@ chown -R $STORAGE_USER $STORAGE_ROOT/www
 # running after a reboot. Allows us to serve Roundcube for webmail.
 rm -f /etc/init.d/php-fastcgi
 ln -s $(pwd)/conf/phpfcgi-initscript /etc/init.d/php-fastcgi
-update-rc.d php-fastcgi defaults
+hide_output update-rc.d php-fastcgi defaults
 
 # Put our webfinger and Exchange autodiscover.xml server scripts
 # into a well-known location.
@@ -48,8 +48,8 @@ mkdir -p $STORAGE_ROOT/webfinger/acct;
 chown -R $STORAGE_USER $STORAGE_ROOT/webfinger
 
 # Start services.
-service nginx restart
-service php-fastcgi restart
+restart_service nginx
+restart_service php-fastcgi
 
 # Open ports.
 ufw_allow http

setup/webmail.sh

@@ -29,7 +29,7 @@ apt-get purge -qq -y roundcube*
 # TODO: Check version?
 if [ ! -d /usr/local/lib/roundcubemail ]; then
 	rm -f /tmp/roundcube.tgz
-	wget -O /tmp/roundcube.tgz http://downloads.sourceforge.net/project/roundcubemail/roundcubemail/1.0.1/roundcubemail-1.0.1.tar.gz
+	wget -qO /tmp/roundcube.tgz http://downloads.sourceforge.net/project/roundcubemail/roundcubemail/1.0.1/roundcubemail-1.0.1.tar.gz
 	tar -C /usr/local/lib -zxf /tmp/roundcube.tgz
 	mv /usr/local/lib/roundcubemail-1.0.1/ /usr/local/lib/roundcubemail
 	rm -f /tmp/roundcube.tgz
@@ -100,4 +100,4 @@ chmod 664 $STORAGE_ROOT/mail/users.sqlite
 
 # Enable PHP modules.
 php5enmod mcrypt
-service php-fastcgi restart
+restart_service php-fastcgi

setup/zpush.sh

@@ -22,7 +22,7 @@ php5enmod imap
 
 if [ ! -d /usr/local/lib/z-push ]; then
 	ZPUSH=z-push-2.1.3-1892
-	wget -O /tmp/zpush.tgz http://download.z-push.org/final/2.1/$ZPUSH.tar.gz
+	wget -qO /tmp/zpush.tgz http://download.z-push.org/final/2.1/$ZPUSH.tar.gz
 	tar -C /tmp -zxf /tmp/zpush.tgz
 	mv /tmp/$ZPUSH /usr/local/lib/z-push
 	ln -s /usr/local/lib/z-push/z-push-admin.php /usr/sbin/z-push-admin
@@ -50,5 +50,4 @@ chown www-data:www-data /var/lib/z-push
 
 # Restart service.
 
-service php-fastcgi restart
-
+restart_service php-fastcgi