From e413680f6289dc2d174b8f1d1c2f78c58a27a9e3 Mon Sep 17 00:00:00 2001
From: Joshua Tauberer <jt@occams.info>
Date: Thu, 1 May 2014 19:35:18 +0000
Subject: [PATCH] add a bash function ufw_allow which calls 'ufw allow' but
 hides its totally useless output

---
 scripts/dns.sh       | 2 +-
 scripts/functions.sh | 5 +++++
 scripts/mail.sh      | 6 +++---
 scripts/system.sh    | 2 +-
 scripts/web.sh       | 4 ++--
 5 files changed, 12 insertions(+), 7 deletions(-)

diff --git a/scripts/dns.sh b/scripts/dns.sh
index 4ac77902..bad17086 100644
--- a/scripts/dns.sh
+++ b/scripts/dns.sh
@@ -43,5 +43,5 @@ chown -R $STORAGE_USER.$STORAGE_USER $STORAGE_ROOT/dns
 
 # Permit DNS queries on TCP/UDP in the firewall.
 
-ufw allow domain
+ufw_allow domain
 
diff --git a/scripts/functions.sh b/scripts/functions.sh
index 2cf8e151..f1bcaf28 100644
--- a/scripts/functions.sh
+++ b/scripts/functions.sh
@@ -19,3 +19,8 @@ function apt_install {
 	DEBIAN_FRONTEND=noninteractive apt-get -qq -y install $PACKAGES > /dev/null;
 }
 
+function ufw_allow {
+	# ufw has completely unhelpful output
+	ufw allow $1 > /dev/null;
+}
+
diff --git a/scripts/mail.sh b/scripts/mail.sh
index e43fc9db..7dd48d08 100755
--- a/scripts/mail.sh
+++ b/scripts/mail.sh
@@ -234,7 +234,7 @@ service postfix restart
 service dovecot restart
 
 # Allow mail-related ports in the firewall.
-ufw allow smtp
-ufw allow submission
-ufw allow imaps
+ufw_allow smtp
+ufw_allow submission
+ufw_allow imaps
 
diff --git a/scripts/system.sh b/scripts/system.sh
index 293549bf..a31be43b 100755
--- a/scripts/system.sh
+++ b/scripts/system.sh
@@ -35,6 +35,6 @@ apt_install ntp fail2ban
 # Turn on the firewall. First allow incoming SSH, then turn on the firewall.
 # Other ports will be opened at the point where we set up those services.
 apt_install ufw
-ufw allow ssh;
+ufw_allow ssh;
 ufw --force enable;
 
diff --git a/scripts/web.sh b/scripts/web.sh
index 9277e9fb..cc0c1b4a 100755
--- a/scripts/web.sh
+++ b/scripts/web.sh
@@ -39,6 +39,6 @@ service nginx restart
 service php-fastcgi restart
 
 # Open ports.
-ufw allow http
-ufw allow https
+ufw_allow http
+ufw_allow https