Due to postconf -n outputting any errors to /dev/null, this sort of information is omitted from the logs

As long as annoying errors are not expected, 2>/dev/null should be removed:

As long as annoying errors are not expected

What do you consider annoying?

I gave an example log line (warning), you get those as well for any duplicate parameters configured IIRC (due to postfix-main.cf appending overrides).

I can commit your suggestion if you think the added noise is worthwhile? (here is why we originally did this)

Probably I misunderstood something.

By moving the postfix master part at the top, the mentioned error should be fixed? Therefore postconf -n should run fine without errors. If that's the case, stderr should not be redirected to dev/null.

By moving the postfix master part at the top, the mentioned error should be fixed?

The log line example shown in this PR would be avoided if the setting is in master.cf yes.

Therefore postconf -n should run fine without errors. If that's the case, stderr should not be redirected to dev/null.

See the link to the original reason we added 2>/dev/null to avoid log spam due to a different condition. I assume that behaviour can still be reproduced and don't see how it would be desirable to show it.

EDIT: Confirmed, this can still be reproduced when removing 2>/dev/null.

While that output is very spammy for me (as the linked comment reports).. during actual container startup with a config file, the postconf command on this line only displayed a single warning line emitted per duplicate parameter in the produced main.cf file:

postconf: warning: /etc/postfix/main.cf, line 131: overriding earlier entry: max_idle=300

Still that is expected for each parameter in postfix-main.cf that has one already defined in main.cf, thus that noise isn't helpful in logs 🤷‍♂️

I suppose we could filter it out, so that other warnings are visible like the one this PR mentions:

postconf: warning: /etc/postfix/main.cf: unused parameter: some_custom_parameter=value

Process substitution seems to handle that. Not sure if this is optimal, but it works 😅

postconf -n >/tmp/postfix-main-new.cf 2> >(grep -v 'overriding earlier entry')

This is the main change I added since the last round of reviews.

It should allow for retaining other output from postconf that may be of interest when something unexpected happens, as opposed to the more blunt 2>/dev/null approach we have 👍

You're both more comfortable with shell syntax than I am, so if you have any feedback here, happy to go with that instead 😎

You're both more comfortable with shell syntax than I am, so if you have any feedback here, happy to go with that instead 😎

No, looks all good to me!

The test adds this postfix-main.cf custom parameter, which postfix-master.cf uses for smtpd_client_restrictions value. This is the same as what the referenced discussion was using, it just prepends that cidr inline table to reject any IP that is not 172.16.0.42.

With the postfix.sh change to swap the order we apply postfix-main.cf and postfix-master.cf, the test demonstrates that we can correctly resolve/expand the $custom_parameter value in the updated /etc/postfix/master.cf file 👍

Maintainer docs reference for this test file, since there's a few different options used with the postconf command in the test cases below, probably helpful to have here 😅