diff --git a/setup/dkim.sh b/setup/dkim.sh index 78a38a7..06aa5ec 100644 --- a/setup/dkim.sh +++ b/setup/dkim.sh @@ -54,6 +54,6 @@ tools/editconf.py /etc/postfix/main.cf \ milter_default_action=accept # Restart services. -service opendkim restart -service postfix restart +restart_service opendkim +restart_service postfix diff --git a/setup/functions.sh b/setup/functions.sh index 210113a..5d33b53 100644 --- a/setup/functions.sh +++ b/setup/functions.sh @@ -1,22 +1,58 @@ +function hide_output { + # This function hides the output of a command unless the command fails + # and returns a non-zero exit code. + + # Get a temporary file. + OUTPUT=$(tempfile) + + # Execute command, redirecting stderr/stdout to the temporary file. + $@ &> $OUTPUT + + # If the command failed, show the output that was captured in the temporary file. + if [ $? != 0 ]; then + # Something failed. + echo + echo FAILED: $@ + echo ----------------------------------------- + cat $OUTPUT + echo ----------------------------------------- + fi + + # Remove temporary file. + rm -f $OUTPUT +} + function apt_install { # Report any packages already installed. PACKAGES=$@ TO_INSTALL="" + ALREADY_INSTALLED="" for pkg in $PACKAGES; do if dpkg -s $pkg 2>/dev/null | grep "^Status: install ok installed" > /dev/null; then - echo $pkg is already installed \(`dpkg -s $pkg | grep ^Version: | sed -e "s/.*: //"`\) + if [[ ! -z "$ALREADY_INSTALLED" ]]; then ALREADY_INSTALLED="$ALREADY_INSTALLED, "; fi + ALREADY_INSTALLED="$ALREADY_INSTALLED$pkg (`dpkg -s $pkg | grep ^Version: | sed -e 's/.*: //'`)" else TO_INSTALL="$TO_INSTALL""$pkg " fi done + # List the packages already installed. + if [[ ! -z "$ALREADY_INSTALLED" ]]; then + echo already installed: $ALREADY_INSTALLED + fi + # List the packages about to be installed. if [[ ! -z "$TO_INSTALL" ]]; then echo installing $TO_INSTALL... fi # 'DEBIAN_FRONTEND=noninteractive' is to prevent dbconfig-common from asking you questions. - DEBIAN_FRONTEND=noninteractive apt-get -qq -y install $PACKAGES > /dev/null; + # Although we could pass -qq to apt-get to make output quieter, many packages write to stdout + # and stderr things that aren't really important. Use our hide_output function to capture + # all of that and only show it if there is a problem (i.e. if apt_get returns a failure exit status). + DEBIAN_FRONTEND=noninteractive \ + hide_output \ + apt-get -y install $PACKAGES } function get_default_hostname { @@ -101,3 +137,6 @@ function ufw_allow { fi } +function restart_service { + hide_output service $1 restart +} diff --git a/setup/mail-dovecot.sh b/setup/mail-dovecot.sh index 003a20b..9caf91b 100755 --- a/setup/mail-dovecot.sh +++ b/setup/mail-dovecot.sh @@ -133,6 +133,4 @@ chown -R mail.mail $STORAGE_ROOT/mail/sieve ufw_allow imaps # Restart services. -service dovecot restart - - +restart_service dovecot diff --git a/setup/mail-postfix.sh b/setup/mail-postfix.sh index 2905a56..23c6c64 100755 --- a/setup/mail-postfix.sh +++ b/setup/mail-postfix.sh @@ -137,4 +137,4 @@ ufw_allow submission # Restart services -service postfix restart +restart_service postfix \ No newline at end of file diff --git a/setup/mail-users.sh b/setup/mail-users.sh index 09e1670..d790559 100755 --- a/setup/mail-users.sh +++ b/setup/mail-users.sh @@ -100,7 +100,7 @@ EOF # Restart Services ################## -service postfix restart -service dovecot restart +restart_service postfix +restart_service dovecot diff --git a/setup/management.sh b/setup/management.sh index 84f452a..0f6e4d0 100755 --- a/setup/management.sh +++ b/setup/management.sh @@ -3,7 +3,7 @@ source setup/functions.sh apt_install python3-flask links duplicity libyaml-dev python3-dnspython -pip3 install rtyaml +hide_output pip3 install rtyaml # Create a backup directory and a random key for encrypting backups. mkdir -p $STORAGE_ROOT/backup @@ -19,7 +19,7 @@ ln -s `pwd`/management/daemon.py /usr/local/bin/mailinabox-daemon # running after a reboot. rm -f /etc/init.d/mailinabox ln -s $(pwd)/conf/management-initscript /etc/init.d/mailinabox -update-rc.d mailinabox defaults +hide_output update-rc.d mailinabox defaults # Perform a daily backup. cat > /etc/cron.daily/mailinabox-backup << EOF; @@ -31,4 +31,4 @@ EOF chmod +x /etc/cron.daily/mailinabox-backup # Start it. -service mailinabox restart +restart_service mailinabox diff --git a/setup/spamassassin.sh b/setup/spamassassin.sh index 23eb091..bad777d 100644 --- a/setup/spamassassin.sh +++ b/setup/spamassassin.sh @@ -19,7 +19,7 @@ tools/editconf.py /etc/default/spamassassin \ CRON=1 # Configure pyzor. -pyzor discover +hide_output pyzor discover # Pass messages on to docevot on port 10026. # This is actually the default setting but we don't want to lose track of it. @@ -58,6 +58,6 @@ EOF # sa-learn --spam storage/mail/mailboxes/*/*/.Spam/cur/ # Kick services. -sudo service spampd restart -sudo service dovecot restart +restart_service spampd +restart_service dovecot diff --git a/setup/ssl.sh b/setup/ssl.sh index 12cc8b1..e096620 100755 --- a/setup/ssl.sh +++ b/setup/ssl.sh @@ -24,20 +24,24 @@ mkdir -p $STORAGE_ROOT/ssl if [ ! -f $STORAGE_ROOT/ssl/ssl_certificate.pem ]; then # Generate a new private key if one doesn't already exist. # Set the umask so the key file is not world-readable. - (umask 077; openssl genrsa -out $STORAGE_ROOT/ssl/ssl_private_key.pem 2048) + (umask 077; hide_output \ + openssl genrsa -out $STORAGE_ROOT/ssl/ssl_private_key.pem 2048) fi if [ ! -f $STORAGE_ROOT/ssl/ssl_cert_sign_req.csr ]; then # Generate a certificate signing request if one doesn't already exist. + hide_output \ openssl req -new -key $STORAGE_ROOT/ssl/ssl_private_key.pem -out $STORAGE_ROOT/ssl/ssl_cert_sign_req.csr \ -subj "/C=$CSR_COUNTRY/ST=/L=/O=/CN=$PRIMARY_HOSTNAME" fi if [ ! -f $STORAGE_ROOT/ssl/ssl_certificate.pem ]; then # Generate a SSL certificate by self-signing if a SSL certificate doesn't yet exist. + hide_output \ openssl x509 -req -days 365 \ -in $STORAGE_ROOT/ssl/ssl_cert_sign_req.csr -signkey $STORAGE_ROOT/ssl/ssl_private_key.pem -out $STORAGE_ROOT/ssl/ssl_certificate.pem fi echo echo "Your SSL certificate's fingerpint is:" -openssl x509 -in $STORAGE_ROOT/ssl/ssl_certificate.pem -noout -fingerprint +openssl x509 -in $STORAGE_ROOT/ssl/ssl_certificate.pem -noout -fingerprint \ + | sed "s/SHA1 Fingerprint=//" echo diff --git a/setup/system.sh b/setup/system.sh index 38c6a6e..4736663 100755 --- a/setup/system.sh +++ b/setup/system.sh @@ -2,8 +2,9 @@ source setup/functions.sh # load our functions # Base system configuration. -apt-get -qq update -apt-get -qq -y upgrade +echo Updating system packages... +hide_output apt-get update +hide_output apt-get -y upgrade # Install basic utilities. @@ -60,4 +61,4 @@ if ! grep -q "listen-on " /etc/bind/named.conf.options; then sed -i "s/^}/\n\tlisten-on { 127.0.0.1; };\n}/" /etc/bind/named.conf.options fi -service bind9 restart +restart_service bind9 diff --git a/setup/web.sh b/setup/web.sh index 8366bef..383bea4 100755 --- a/setup/web.sh +++ b/setup/web.sh @@ -34,7 +34,7 @@ chown -R $STORAGE_USER $STORAGE_ROOT/www # running after a reboot. Allows us to serve Roundcube for webmail. rm -f /etc/init.d/php-fastcgi ln -s $(pwd)/conf/phpfcgi-initscript /etc/init.d/php-fastcgi -update-rc.d php-fastcgi defaults +hide_output update-rc.d php-fastcgi defaults # Put our webfinger and Exchange autodiscover.xml server scripts # into a well-known location. @@ -48,8 +48,8 @@ mkdir -p $STORAGE_ROOT/webfinger/acct; chown -R $STORAGE_USER $STORAGE_ROOT/webfinger # Start services. -service nginx restart -service php-fastcgi restart +restart_service nginx +restart_service php-fastcgi # Open ports. ufw_allow http diff --git a/setup/webmail.sh b/setup/webmail.sh index 4f803e5..f3ca1b6 100755 --- a/setup/webmail.sh +++ b/setup/webmail.sh @@ -29,7 +29,7 @@ apt-get purge -qq -y roundcube* # TODO: Check version? if [ ! -d /usr/local/lib/roundcubemail ]; then rm -f /tmp/roundcube.tgz - wget -O /tmp/roundcube.tgz http://downloads.sourceforge.net/project/roundcubemail/roundcubemail/1.0.1/roundcubemail-1.0.1.tar.gz + wget -qO /tmp/roundcube.tgz http://downloads.sourceforge.net/project/roundcubemail/roundcubemail/1.0.1/roundcubemail-1.0.1.tar.gz tar -C /usr/local/lib -zxf /tmp/roundcube.tgz mv /usr/local/lib/roundcubemail-1.0.1/ /usr/local/lib/roundcubemail rm -f /tmp/roundcube.tgz @@ -100,4 +100,4 @@ chmod 664 $STORAGE_ROOT/mail/users.sqlite # Enable PHP modules. php5enmod mcrypt -service php-fastcgi restart +restart_service php-fastcgi \ No newline at end of file diff --git a/setup/zpush.sh b/setup/zpush.sh index a7347eb..3213549 100755 --- a/setup/zpush.sh +++ b/setup/zpush.sh @@ -22,7 +22,7 @@ php5enmod imap if [ ! -d /usr/local/lib/z-push ]; then ZPUSH=z-push-2.1.3-1892 - wget -O /tmp/zpush.tgz http://download.z-push.org/final/2.1/$ZPUSH.tar.gz + wget -qO /tmp/zpush.tgz http://download.z-push.org/final/2.1/$ZPUSH.tar.gz tar -C /tmp -zxf /tmp/zpush.tgz mv /tmp/$ZPUSH /usr/local/lib/z-push ln -s /usr/local/lib/z-push/z-push-admin.php /usr/sbin/z-push-admin @@ -50,5 +50,4 @@ chown www-data:www-data /var/lib/z-push # Restart service. -service php-fastcgi restart - +restart_service php-fastcgi