1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/acropolis_ynh.git synced 2024-09-03 18:06:22 +02:00

Switch to integrated conf files

This commit is contained in:
yalh76 2022-07-15 15:33:09 +02:00
parent 792d7c446e
commit fb4edf295e
4 changed files with 673 additions and 19 deletions

53
conf/database.yml.example Normal file
View file

@ -0,0 +1,53 @@
postgresql: &postgresql
adapter: postgresql
host: "localhost"
port: 5432
username: "__DB_USER__"
password: "__DB_PWD__"
encoding: unicode
mysql: &mysql
adapter: mysql2
host: "localhost"
port: 3306
username: "root"
password: "root"
# socket: /tmp/mysql.sock
encoding: utf8mb4
collation: utf8mb4_bin
# Comment the postgresql line and uncomment the mysql line
# if you want to use mysql
common: &common
# Choose one of the following
<<: *postgresql
#<<: *mysql
# Should match environment.sidekiq.concurrency
#pool: 25
##################################################
#### CONFIGURE ABOVE #############################
##################################################
# Normally you don't need to touch anything here
combined: &combined
<<: *common
development:
<<: *combined
database: diaspora_development
production:
<<: *combined
database: __DB_NAME__
test:
<<: *combined
database: diaspora_test
integration1:
<<: *combined
database: diaspora_integration1
integration2:
<<: *combined
database: diaspora_integration2

614
conf/diaspora.toml.example Normal file
View file

@ -0,0 +1,614 @@
## Some notes about this file:
## - All comments start with a double #
## - All settings are commented out with a single #
## To change the default settings, you need both to uncomment the lines
## AND, in most cases, to change the value that is given.
## - Take care to keep proper quoting. All " must have a matching " at
## the end of the same line. The same goes for '
## - The values true, false and numbers should have no quote marks.
## Everything else should.
##
## You can set and/or override all these settings through environment variables
## with the following conversion rules:
## - Strip the top level namespace (configuration, production, etc.)
## - Build the path to the setting, for example environment.s3.enable
## - Replace the dots with underscores: environment_s3_enable
## - Convert to upper case: ENVIRONMENT_S3_ENABLE
## - Specify lists/arrays as comma-separated values
##
## - For example, on Heroku:
## heroku config:set SERVICES_TWITTER_KEY=yourkey SERVICES_TWITTER_SECRET=yoursecret
## You need to change or at least review the settings in this section
## in order for your pod to work.
[configuration.environment]
## Set the hostname of the machine you're running Diaspora on, as seen
## from the internet. This should be the URL you want to use to
## access the pod. So if you plan to use a reverse proxy, it should be
## the URL the proxy listens on. DO NOT CHANGE THIS AFTER INITIAL SETUP!
## However changing http to https is okay and has no consequences.
## If you do change the URL, you will have to start again as the URL
## will be hardcoded into the database.
#url = "https://example.org/"
## Set the bundle of certificate authorities (CA) certificates.
## This is specific to your operating system.
## Examples (uncomment the relevant one or add your own):
## For Debian, Ubuntu, Archlinux, Gentoo (package ca-certificates):
certificate_authorities = "/etc/ssl/certs/ca-certificates.crt"
## For CentOS, Fedora:
#certificate_authorities = "/etc/pki/tls/certs/ca-bundle.crt"
## URL for a remote Redis (default="localhost").
## Don't forget to restrict IP access if you uncomment these!
#redis = "redis://example_host"
#redis = "redis://username:password@host:6379/0"
#redis = "unix:///tmp/redis.sock"
## Require SSL (default=true).
## When set, your pod will force the use of HTTPS in production mode.
## Since OAuth2 requires SSL, Diaspora's future API might not work if
## you're not using SSL. Also there is no guarantee that posting to
## services will be possible if SSL is disabled.
## Do not change this default unless you are sure!
#require_ssl = true
## Single-process mode (default=false).
## If set to true, Diaspora will work with just the appserver (Unicorn by
## default) running. However, this makes it quite slow as intensive jobs
## must be run all the time inside the request cycle. We strongly
## recommended you leave this disabled for production setups.
## Set to true to enable.
#single_process_mode = false
## Set redirect URL for an external image host (Amazon S3 or other).
## If hosting images for your pod on an external server (even your own),
## add its URL here. All requests made to images under /uploads/images
## will be redirected to https://images.example.org/uploads/images/
#image_redirect_url = "https://images.example.org"
## Pubsub server (default="https://pubsubhubbub.appspot.com/"").
## Diaspora is only tested against the default pubsub server.
## You probably don't want to uncomment or change this.
#pubsub_server = "https://pubsubhubbub.appspot.com/"
## Sidekiq - background processing
[configuration.environment.sidekiq]
## Number of parallel threads Sidekiq uses (default=5).
## If you touch this, please set the pool setting in your database.yml
## to a value that's at minimum close to this! You can safely increase
## it to 25 and more on a medium-sized pod. This applies per started
## Sidekiq worker, so if you set it to 25 and start two workers, you'll
## process up to 50 jobs in parallel.
#concurrency = 5
## Number of times a job is retried (default=10).
## There's an exponential effect to this: if you set this too high you
## might get too many jobs building up in the queue.
## Set it to 0 to disable it completely.
#retry = 10
## Lines of backtrace that are stored on failure (default=15).
## Set n to the required value. Set this to false to reduce Redis memory
## usage (and log size) if you're not interested in this data.
#backtrace = 15
## Number of jobs to keep in the dead queue (default=5000).
## Jobs get into the dead queue after they failed and exhausted all retries.
## Increasing this setting will increase the memory usage of Redis.
## Once gone from the dead queue, a failed job is permanently lost and
## cannot be retried manually.
#dead_jobs_limit = 1000
## Number of seconds a job remains in the dead queue (default=3628800 (six weeks)).
## Jobs get into the dead queue after they failed and exhausted all retries.
## Increasing this setting will increase the memory usage of Redis.
## Once gone from the dead queue, a failed job is permanently lost and
## cannot be retried manually.
#dead_jobs_timeout = 15552000 # 6 months
## Log file for Sidekiq (default="log/sidekiq.log")
#log = "log/sidekiq.log"
## Use Amazon S3 instead of your local filesystem
## to handle uploaded pictures (disabled by default).
[configuration.environment.s3]
#enable = true
#key = "change_me"
#secret = "change_me"
#bucket = "my_photos"
#region = "us-east-1"
## Use max-age header on Amazon S3 resources (default=true).
## When true, this allows locally cached images to be served for up to
## one year. This can improve load speed and save requests to the image
## host. Set to false to revert to browser defaults (usually less than
## one year).
#cache = true
[configuration.environment.assets]
## Serve static assets via the appserver (default=false).
## This is highly discouraged for production use. Let your reverse
## proxy/webserver do it by serving the files under public/ directly.
#serve = false
## Upload your assets to S3 (default=false).
#upload = false
## Specify an asset host. Ensure it does not have a trailing slash (/).
#host = "http://cdn.example.org/diaspora"
## Logger configuration
[configuration.environment.logging]
## Roll the application log on a daily basis (default=true).
#logrotate.enable = true
## The number of days to keep (default=7)
#logrotate.days = 7
## Enables the debug-logging for SQL (default=false)
## This logs every SQL-statement!
#debug.sql = true
## Enables the federation-debug-log (default=false)
## This logs all XMLs that are used for the federation
#debug.federation = true
## Settings affecting how ./script/server behaves.
[configuration.server]
## Where the appserver should listen to (default="unix:tmp/diaspora.sock")
#listen = "unix:tmp/diaspora.sock"
#listen = "unix:/run/diaspora/diaspora.sock"
#listen = "127.0.0.1:3000"
## Set the path for the PID file of the unicorn master process (default=tmp/pids/web.pid)
#pid = "tmp/pids/web.pid"
## Rails environment (default="development").
## The environment in which the server should be started by default.
## Change this to "production" if you wish to run a production environment.
#rails_environment = "production"
## Write unicorn stderr and stdout log.
#stderr_log = "log/unicorn-stderr.log"
#stdout_log = "log/unicorn-stdout.log"
## Number of Unicorn worker processes (default=2).
## Increase this if you have many users.
#unicorn_worker = 2
## Number of seconds before a request is aborted (default=90).
## Increase if you get empty responses, or if large image uploads fail.
## Decrease if you're under heavy load and don't care if some
## requests fail.
#unicorn_timeout = 90
## Embed a Sidekiq worker inside the unicorn process (default=false).
## Useful for minimal Heroku setups.
#embed_sidekiq_worker = false
## Number of Sidekiq worker processes (default=1).
## In most cases it is better to
## increase environment.sidekiq.concurrency instead!
#sidekiq_workers = 1
## Displays the location of a post in a map.
## If you enable this setting you use the map tiles of https://www.mapbox.com
## which is reliable. There you have to create an account to get
## an access token which is limited. If you want to get an unlimited account
## you can write an email to team@diasporafoundation.org.
## Please enable mapbox and fill out your access_token.
[configuration.map.mapbox]
#enabled = false
#access_token = "youraccesstoken"
#style = "mapbox/streets-v11"
## Settings potentially affecting the privacy of your users.
[configuration.privacy]
## Include jQuery from jquery.com's CDN (default=false).
## Enabling this can reduce traffic and speed up load time since most
## clients already have this one cached. When set to false (the default),
## the jQuery library will be loaded from your pod's own resources.
#jquery_cdn = false
## Google Analytics (disabled by default).
## Provide a key to enable tracking by Google Analytics.
#google_analytics_key = "yourkey"
## Piwik Tracking (disabled by default).
## Provide a site ID and the host piwik is running on to enable
## tracking through Piwik.
#piwik.enable = true
#piwik.host = "stats.example.org"
#piwik.site_id = 1
## Statistics
## Your pod will report its name, software version and whether
## or not registrations are open via /statistics and NodeInfo.
## Uncomment the options below to enable more statistics.
[configuration.privacy.statistics]
## Local user total and 6 month active counts.
#user_counts = true
## Local post total count.
#post_counts = true
#comment_counts = true
## Use Camo to proxy embedded remote images.
## Do not enable this setting unless you have a working Camo setup. Using
## camo to proxy embedded images will improve the privacy and security of
## your pod's frontend, but it will increase the traffic on your server.
## Check out https://wiki.diasporafoundation.org/Installation/Camo for
## more details and installation instructions.
[configuration.privacy.camo]
## Proxy images embedded via markdown (default=false).
## Embedded images are quite often from non-SSL sites and may cause a
## partial content warning, so this is recommended.
#proxy_markdown_images = true
## Proxy Open Graph thumbnails (default=false).
## Open Graph thumbnails may or may not be encrypted and loaded from
## servers outside the network. Recommended.
#proxy_opengraph_thumbnails = true
## Proxy remote pod's images (default=false).
## Profile pictures and photos from other pods usually are encrypted,
## so enabling this is only useful if you want to avoid HTTP requests to
## third-party servers. This will create a lot of traffic on your camo
## instance. You have been warned.
#proxy_remote_pod_images = true
## Root of your Camo installation
#root = "https://example.com/camo/"
## Shared key of your Camo installation
#key = "example123example456example!"
## General settings
[configuration.settings]
## Pod name (default="Acropolis")
## The pod name displayed in various locations, including the header.
#pod_name = "Acropolis"
## Allow registrations (default=true)
## Set this to false to prevent people from signing up to your pod
## without an invitation. Note that this needs to be set to true
## (or commented out) to enable the first registration (you).
#enable_registrations = true
## Show local posts stream (default="disabled")
## If any other setting than disabled local public posts
## created on this pod can be shown.
## Setting this to admins shows the local posts stream only to users with the admin role.
## Setting this to moderators shows the local posts stream only to users with the moderator or admin role.
## Setting this to everyone shows the local posts stream to all users.
# enable_local_posts_stream= "disabled"|"admins"|"moderators"|"everyone"
## Auto-follow on sign-up (default=false)
## Users will automatically follow a specified account on creation.
## Set this to false if you don't want your users to automatically
## follow an account upon creation.
#autofollow_on_join = false
## Auto-follow account (default="hq@pod.diaspora.software")
## The diaspora* HQ account keeps users up to date with news about Diaspora.
## If you set another auto-follow account (for example your podmin account),
## please consider resharing diaspora* HQ's posts for your pod's users!
#autofollow_on_join_user = "hq@pod.diaspora.software"
## Liberapay.com is a free platform which allow donations like patreon
## Set your username to include your Liberapay button
#liberapay_username = "change_me"
## Bitcoin donations
## You can provide a bitcoin address here to allow your users to provide
## donations towards the running of their pod.
#bitcoin_address = "change_me"
## Source code URL
## URL to the source code your pod is currently running.
## If not set your pod will provide a downloadable archive.
#source_url = "https://example.org/username/diaspora"
## Changelog URL
## URL to the changelog of the diaspora-version your pod is currently running.
## If not set an auto-generated url to github is used.
#changelog_url = "https://github.com/diaspora/diaspora/blob/master/Changelog.md"
## Default color theme
## You can change which color theme is displayed when a user is not signed in
## or has not selected any color theme from the available ones. You simply have
## to enter the name of the theme's folder in "app/assets/stylesheets/color_themes/".
## ("original" for the theme in "app/assets/stylesheets/color_themes/original/", for
## example).
#default_color_theme = "original"
## CURL debug (default=false)
## Turn on extra verbose output when sending stuff. Note: you
## don't need to touch this unless explicitly told to.
#typhoeus_verbose = false
## Maximum number of parallel HTTP requests made to other pods (default=20)
## Be careful, raising this setting will heavily increase the memory usage
## of your Sidekiq workers.
#typhoeus_concurrency = 20
## Maximum number of parallel user data export jobs (default=1)
## Be careful, exports of big/old profiles can use a lot of memory, running
## many of them in parallel can be a problem for small servers.
#export_concurrency = 1
## Welcome Message settings
[configuration.settings.welcome_message]
## Welcome Message on registration (default=false)
## Send a message to new users after registration
## to tell them about your pod and how things
## are handled on it.
#enabled = false
## Welcome Message subject (default="Welcome Message")
## The subject of the conversation that is started
## by your welcome message.
#subject = "Welcome Message"
## Welcome Message text (default="Hello %{username}, welcome to Acropolis and the diaspora* network.")
## The content of your welcome message.
## The placeholder "%{username}" will be replaced by the username
## of the new user.
#text = "Hello %{username}, welcome to Acropolis and the diaspora* network."
## Invitation settings
[configuration.settings.invitations]
## Enable invitations (default=true)
## Set this to false if you don't want users to be able to send invites.
#open = true
## Number of invitations per invite link (default=25)
## Every user will see such a link if you have enabled
## invitations on your pod.
#count = 25
## Paypal donations (disabled by default)
## You can set details for a Paypal button here to allow donations
## towards running the pod.
## First, enable the function, then set the currency in which you
## wish to receive donations, and **either** a hosted button id
## **or** an encrypted key for an unhosted button.
[configuration.settings.paypal_donations]
#enable = false
## Currency used (USD, EUR...)
#currency = "USD"
## Hosted Paypal button ID
#paypal_hosted_button_id = "change_me"
## OR encrypted key of unhosted button
#paypal_unhosted_button_encrypted = "-----BEGIN PKCS7-----"
## Community spotlight (disabled by default)
## The community spotlight shows new users public posts from people you
## think are interesting in Diaspora's community. To add an account
## to the community spotlight add the "spotlight" role to it.
[configuration.settings.community_spotlight]
#enable = true
## E-mail address to which users can make suggestions about who
## should be in the community spotlight (optional).
#suggest_email = "admin@example.org"
## Captcha settings
[configuration.settings.captcha]
## Enable captcha (default=true)
## Set this to false if you don't want to use captcha for signup process.
#enable = true
## Captcha image size (default="120x20")
#image_size = "120x20"
## Length of captcha text (default=5)(max=12)
#captcha_length = 5
## Captcha image style (default="simply_green")
## Available options for captcha image styles are: "simply_blue",
## "simply_red" "simply_green", "charcoal_grey", "embossed_silver",
## "all_black", "distorted_black", "almost_invisible", "random".
#image_style = "simply_green"
## Captcha image distortion (default="low")
## Sets the level of image distortion used in the captcha.
## Available options are: "low", "medium", "high", "random".
#distortion = "low"
## Terms of Service
## Show a default or customized terms of service for users.
## You can create a custom Terms of Service by placing a template
## as app/views/terms/terms.haml or app/views/terms/terms.erb
## The default terms of service that can be extended is
## at app/views/terms/default.haml
## NOTE! The default terms have not been checked over by a lawyer and
## thus are unlikely to provide full legal protection for all situations
## for a podmin using them. They are also not specific to all countries
## and jurisdictions. If you are unsure, please check with a lawyer.
## We provide these for podmins as some basic rules that podmins
## can communicate to users easily via the diaspora* server software.
## Uncomment to enable this feature.
[configuration.settings.terms]
## First enable it by uncommenting below.
#enable = true
## Important! If you enable the terms, you should always
## set a location under which laws any disputes are governed
## under. For example, country or state/country, depending
## on the country in question.
## If this is not set, the whole paragraph about governing
## laws *is not shown* in the terms page.
#jurisdiction = ""
## Age limit for signups.
## Set a number to activate this setting. This age limit is shown
## in the default ToS document.
#minimum_age = false
## Maintenance
## Various pod maintenance related settings are controlled from here.
[configuration.settings.maintenance]
## Removing old inactive users can be done automatically by background
## processing. The amount of inactivity is set by `after_days`. A warning
## email will be sent to the user and after an additional `warn_days`, the
## account will be automatically closed.
## This maintenance is not enabled by default.
#remove_old_users.enable = true
#remove_old_users.after_days = 730
#remove_old_users.warn_days = 30
#remove_old_users.limit_removals_to_per_day = 100 ## Limit queuing for removal per day.
## Default meta tags
## You can change here the default meta tags content included on the pages of your pod.
## Title will be used for the opengraph og:site_name property while description will be used
## for description and og:description.
[configuration.settings.default_metas]
#title = "Acropolis"
#description = "This pod is compatible with the diaspora* social network, where you are in control."
## CSP (Content Security Policy) header
## CSP allows limiting origins from where resources are allowed to be loaded. This
## improves security, since it helps to detect and mitigate cross-site scripting
## and data injection attacks. The default policy of diaspora* allows all third
## party domains from services that are included in diaspora*, like OEmbed
## scripts, so you can safely activate it by setting `report_only` to false. If
## you customized diaspora* (edited templates or added own JS), additional work
## may be required. You can test the policy with the `report_uri`. Our default CSP
## does not work with Google analytics or Piwik, because they inject JS code that
## is blocked by CSP.
[configuration.settings.csp]
## Report-Only header (default=false)
## By default diaspora* adds a "Content-Security-Policy" header. If you set
## this to true, the "Content-Security-Policy-Report-Only" header is added instead.
#report_only = true
## CSP report URI
## You can set an URI here, where the user agent reports violations as JSON document via a POST request.
#report_uri = "/csp_violation_reports"
## Posting from Diaspora to external services (all are disabled by default).
[configuration.services]
## OAuth credentials for Twitter
#twitter.enable = true
#twitter.key = "change_me"
#twitter.secret = "change_me"
## OAuth credentials for Tumblr
#tumblr.enable = true
#tumblr.key = "change_me"
#tumblr.secret = "change_me"
## OAuth credentials for Wordpress
#wordpress.enable = true
#wordpress.client_id = "change_me"
#wordpress.secret = "change_me"
## Allow your pod to send emails for notifications, password recovery
## and other purposes (disabled by default).
[configuration.mail]
## First you need to enable it.
#enable = true
## Sender address used in mail sent by Diaspora.
#sender_address = "no-reply@example.org"
## This selects which mailer should be used. Use "smtp" for a smtp
## connection or "sendmail" to use the sendmail binary.
#method = "smtp"
## Ignored if method isn't "smtp".
[configuration.mail.smtp]
## Host and port of the smtp server handling outgoing mail.
## This should match the common name of the certificate sent by
## the SMTP server, if it sends one. (default port=587)
#host = "smtp.example.org"
#port = 587
## Authentication required to send mail (default="plain").
## Use one of "plain", "login" or "cram_md5". Use "none"
## if server does not support authentication.
#authentication = "plain"
## Credentials to log in to the SMTP server.
## May be necessary if authentication is not "none".
#username = "change_me"
#password = "change_me"
## Automatically enable TLS (default=true).
## Leave this commented out if authentication is set to "none".
#starttls_auto = true
## The domain for the HELO command, if needed.
#domain = "smtp.example.org"
## OpenSSL verify mode used when connecting to a SMTP server with TLS (default="peer").
## Set this to "none" if and only if you have a self-signed certificate.
## Possible values: "none", "peer".
#openssl_verify_mode = "none"
## Ignored if method isn't "sendmail".
[configuration.mail.sendmail]
## The path to the sendmail binary (default="/usr/sbin/sendmail")
#location = "/usr/sbin/sendmail"
## Use exim and sendmail (default=false)
#exim_fix = false
## Administrator settings
[configuration.admins]
## Set the admin account.
## This doesn't make the user an admin but is used when a generic
## admin contact is needed, much like the postmaster role in mail
## systems. Set only the username, NOT the full ID.
#account = "podmin"
## E-mail address via which the administrator can be contacted.
#podmin_email = "podmin@example.org"
## Advanced - ignore unless you know better
## You can override settings defined above if you need
## them to be different in different environments. "configuration"
## in the namespaces above refers to all environments, replace it with a
## specific environment here.
[production]
#environment.redis = "redis://production.example.org:6379"
[production.mail.sendmail]
#location = "/usr/local/bin/sendmail"
[development]
#environment.redis = "redis://dev.example.org:6379"
[development.mail.sendmail]
#location = "/opt/bin/sendmail"

View file

@ -85,9 +85,8 @@ ynh_system_user_create --username=$app --home_dir="$final_path"
#=================================================
ynh_script_progression --message="Creating a PostgreSQL database..."
db_name=$(ynh_sanitize_dbid --db_name="diaspora_production")
db_user=$(ynh_sanitize_dbid --db_name=$app)
db_name=$(ynh_sanitize_dbid --db_name=$app)
db_user=$db_name
ynh_app_setting_set --app=$app --key=db_name --value=$db_name
ynh_app_setting_set --app=$app --key=db_user --value=$db_user
ynh_psql_test_if_first_run
@ -148,7 +147,6 @@ pushd "$final_path"
ynh_exec_as $app chmod +x script/server
popd
#=================================================
# ADD A CONFIGURATION
#=================================================
@ -163,13 +161,8 @@ ynh_app_setting_set --app="$app" --key=redis_namespace --value="$redis_namespace
secret_key_base=$(ynh_string_random --length=128)
ynh_app_setting_set --app="$app" --key=secret_key_base --value="$secret_key_base"
ynh_add_config --template="$database_yml.example" --destination="$database_yml"
ynh_add_config --template="$diaspora_toml.example" --destination="$diaspora_toml"
ynh_replace_string --match_string="#certificate_authorities = \"/etc/ssl/" --replace_string="certificate_authorities = \"/etc/ssl/" --target_file=$diaspora_toml
ynh_replace_string --match_string="username: \"postgres\"" --replace_string="username: \"$db_user\"" --target_file=$database_yml
ynh_replace_string --match_string="password: \"postgres\"" --replace_string="password: \"$db_pwd\"" --target_file=$database_yml
ynh_add_config --template="../conf/database_yml.example" --destination="$database_yml"
ynh_add_config --template="../conf/diaspora_toml.example" --destination="$diaspora_toml"
chmod 400 "$database_yml"
chown $app:$app "$database_yml"

View file

@ -163,7 +163,6 @@ ynh_script_progression --message="Updating a configuration file..." --weight=1
database_yml="$final_path/config/database.yml"
diaspora_toml="$final_path/config/diaspora.toml"
language="$(echo $language | head -c 2)"
redis_namespace=${app}_production
ynh_app_setting_set --app="$app" --key=redis_namespace --value="$redis_namespace"
@ -171,13 +170,8 @@ ynh_app_setting_set --app="$app" --key=redis_namespace --value="$redis_namespace
secret_key_base=$(ynh_string_random --length=128)
ynh_app_setting_set --app="$app" --key=secret_key_base --value="$secret_key_base"
ynh_add_config --template="$database_yml.example" --destination="$database_yml"
ynh_add_config --template="$diaspora_toml.example" --destination="$diaspora_toml"
ynh_replace_string --match_string="#certificate_authorities = \"/etc/ssl/" --replace_string="certificate_authorities = \"/etc/ssl/" --target_file=$diaspora_toml
ynh_replace_string --match_string="username: \"postgres\"" --replace_string="username: \"$db_user\"" --target_file=$database_yml
ynh_replace_string --match_string="password: \"postgres\"" --replace_string="password: \"$db_pwd\"" --target_file=$database_yml
ynh_add_config --template="../conf/database_yml.example" --destination="$database_yml"
ynh_add_config --template="../conf/diaspora_toml.example" --destination="$diaspora_toml"
chmod 400 "$database_yml"
chown $app:$app "$database_yml"