Merge 144d77df0d into 7681b4cd66

2024-09-03 18:06:23 +02:00 · 2024-08-31 13:08:55 +02:00 · 2024-08-31 13:08:55 +02:00 · 76e3326517
commit 76e3326517
parent 7681b4cd66 144d77df0d
9 changed files with 147 additions and 219 deletions
--- a/manifest.toml
+++ b/manifest.toml
@ -26,7 +26,8 @@ multi_instance = false
 ram.build = "200M"
 ram.runtime = "200M"
 sso = false
-yunohost = ">= 11.2"
+yunohost = ">= 11.2.18"
+helpers_version = "2.1"

 [install]
    [install.domain]
--- a/scripts/_common.sh
+++ b/scripts/_common.sh
@ -1,11 +1,7 @@
 #!/bin/bash

 #=================================================
-# COMMON VARIABLES
-#=================================================
-
-#=================================================
-# PERSONAL HELPERS
+# COMMON VARIABLES AND CUSTOM HELPERS
 #=================================================

 get_network_interface(){
@ -18,7 +14,8 @@ get_network_interface(){
        # shellcheck disable=SC2005
        echo "$(echo "$(ip -4 route get 1.2.3.4 2> /dev/null)" | head -n1 | grep -oP '(?<=dev )\w+' || true)"
    else
-        # shellcheck disable=SC2005 
+        # shellcheck disable=SC2005
+
        echo "$(echo "$(ip -6 route get ::1.2.3.4 2> /dev/null)" | head -n1 | grep -oP '(?<=dev )\w+' || true)"
    fi
 }
@ -30,7 +27,7 @@ configure_network_interface_dnsmasq(){
    local ipv6_interface="$2"

    if [ -z "$ipv4_interface" ] && [ -z "$ipv6_interface" ]; then
-            ynh_die --message="Impossible to find the main network interface, please report this issue."
+            ynh_die "Impossible to find the main network interface, please report this issue."
    elif [ "$ipv4_interface" != "$ipv6_interface" ]; then
            if [ -z "$ipv4_interface" ]; then
                    echo -e "bind-interfaces\nexcept-interface=$ipv6_interface" > "/etc/dnsmasq.d/$app"
@ -45,7 +42,7 @@ configure_network_interface_dnsmasq(){

    systemctl restart dnsmasq

-    ynh_store_file_checksum --file="/etc/dnsmasq.d/$app"
+    ynh_store_file_checksum "/etc/dnsmasq.d/$app"
 }

 is_public_ip(){
@ -79,7 +76,7 @@ process_ips(){
    # for each IP
    for ip in $ips; do
        # check if the so-called IP really is one
-        if ynh_validate_ip4 --ip_address="$ip" || ynh_validate_ip6 --ip_address="$ip"; then
+        if ynh_validate_ip --family=4 --ip_address="$ip" || ynh_validate_ip6 --ip_address="$ip"; then
            # we can't use IPv6 LLA for DNS: https://github.com/AdguardTeam/AdGuardHome/issues/2926#issuecomment-1284489380
            # if we try to bind port 53 on a fe80:: address, AGH crashes
            if ! [[ "$ip" =~ ^fe80:* ]]; then
@ -105,11 +102,12 @@ if [ -z "${ipv4_addr:-}" ] && [ -z "${ipv6_addr:-}" ]; then
    if [ -z "${expose_port_53:-}" ] || [[ "$expose_port_53" = "false" ]]; then
        # if the variable 'expose_port_53' is unset or false, maybe the machine
        # doesn't have any private IP? User guidance is relevant...
-        ynh_die --message="At leat one IP adress is required to run AdGuard Home. Please report this error. 
+        ynh_die "At leat one IP adress is required to run AdGuard Home. Please report this error.
+
        (You can refer to [the troubleshooting page](https://github.com/YunoHost-Apps/adguardhome_ynh/blob/master/doc/TROUBLESHOOTING.md) to get help)"
    else
        # else, do not show the message under parenthesis, because it's irrelevant
-        ynh_die --message="At leat one IP adress is required to run AdGuard Home. Please report this error."
+        ynh_die "At leat one IP adress is required to run AdGuard Home. Please report this error."
    fi
 fi

@ -132,11 +130,3 @@ with open(\"$install_dir/AdGuardHome.yaml\", 'w') as file:
    yaml.dump(conf_file, file)
 "
 }
-
-#=================================================
-# EXPERIMENTAL HELPERS
-#=================================================
-
-#=================================================
-# FUTURE OFFICIAL HELPERS
-#=================================================
--- a/scripts/backup
+++ b/scripts/backup
@ -1,48 +1,38 @@
 #!/bin/bash

-#=================================================
-# GENERIC START
-#=================================================
-# IMPORT GENERIC HELPERS
-#=================================================
-
 # Keep this path for calling _common.sh inside the execution's context of backup and restore scripts
 source ../settings/scripts/_common.sh
 source /usr/share/yunohost/helpers

-#=================================================
-# DECLARE DATA AND CONF FILES TO BACKUP
-#=================================================
-
-ynh_print_info --message="Declaring files to be backed up..."
+ynh_print_info "Declaring files to be backed up..."

 #=================================================
 # BACKUP THE APP MAIN DIR
 #=================================================

-ynh_backup --src_path="$install_dir"
+ynh_backup "$install_dir"

 #=================================================
 # BACKUP THE NGINX CONFIGURATION
 #=================================================

-ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
+ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf"

 #=================================================
 # BACKUP SYSTEMD
 #=================================================

-ynh_backup --src_path="/etc/systemd/system/$app.service"
+ynh_backup "/etc/systemd/system/$app.service"

 #=================================================
 # BACKUP VARIOUS FILES
 #=================================================

 # backup the kernel config file for DoQ
-ynh_backup --src_path="/etc/sysctl.d/10-adguardhome.conf"
+ynh_backup "/etc/sysctl.d/10-adguardhome.conf"

 #=================================================
 # END OF SCRIPT
 #=================================================

-ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)."
+ynh_print_info "Backup script completed for $app. (YunoHost will then actually copy those files to the archive)."
--- a/scripts/change_url
+++ b/scripts/change_url
@ -1,50 +1,40 @@
 #!/bin/bash

-#=================================================
-# GENERIC STARTING
-#=================================================
-# IMPORT GENERIC HELPERS
-#=================================================
-
 source _common.sh
 source /usr/share/yunohost/helpers

-#=================================================
-# STANDARD MODIFICATIONS
 #=================================================
 # STOP SYSTEMD SERVICE
 #=================================================
-ynh_script_progression --message="Stopping a systemd service..." --weight=1
+ynh_script_progression "Stopping $app's systemd service..."

-ynh_systemd_action --service_name="$app" --action="stop" --log_path="systemd"
+ynh_systemctl --service="$app" --action="stop" --log_path="systemd"

 #=================================================
 # MODIFY URL IN NGINX CONF
 #=================================================
-ynh_script_progression --message="Updating NGINX web server configuration..." --weight=1
+ynh_script_progression "Updating NGINX web server configuration..."

-ynh_change_url_nginx_config
+ynh_config_change_url_nginx

 #=================================================
 # SETUP SSOWAT
 #=================================================
-ynh_script_progression --message="Configuring permissions..."
+ynh_script_progression "Configuring permissions..."

 # Temporary fix for the API permission (workaround for https://github.com/YunoHost/issues/issues/2294 )
 ynh_permission_url --permission="api" --url="re:$new_domain\/control" --auth_header="false" --clear_urls
 ynh_permission_url --permission="doh" --url="re:$new_domain\/dns-query" --auth_header="false" --clear_urls

-#=================================================
-# GENERIC FINALISATION
 #=================================================
 # START SYSTEMD SERVICE
 #=================================================
-ynh_script_progression --message="Starting a systemd service..." --weight=1
+ynh_script_progression "Starting $app's systemd service..."

-ynh_systemd_action --service_name="$app" --action="start" --log_path="systemd"
+ynh_systemctl --service="$app" --action="start" --log_path="systemd"

 #=================================================
 # END OF SCRIPT
 #=================================================

-ynh_script_progression --message="Change of URL completed for $app" --last
+ynh_script_progression "Change of URL completed for $app"
--- a/scripts/config
+++ b/scripts/config
@ -1,19 +1,13 @@
 #!/bin/bash

-#=================================================
-# GENERIC STARTING
-#=================================================
-# IMPORT GENERIC HELPERS
-#=================================================
-
 source _common.sh
 source /usr/share/yunohost/helpers

-ynh_abort_if_errors
+#REMOVEME? ynh_abort_if_errors

 # import needed settings
-port_dns_over_tls=$(ynh_app_setting_get --app="$app" --key=port_dns_over_tls)
-port_dns_over_quic=$(ynh_app_setting_get --app="$app" --key=port_dns_over_quic)
+port_dns_over_tls=$(ynh_app_setting_get --key=port_dns_over_tls)
+port_dns_over_quic=$(ynh_app_setting_get --key=port_dns_over_quic)

 #=================================================
 # SPECIFIC SETTERS
@ -23,7 +17,7 @@ set__expose_port_53() {

    # regenerate config, needed to add or delete public IPs following the user's choice

-    ynh_print_info --message="Obtaining IP addresses for the AGH config file..."
+    ynh_print_info "Obtaining IP addresses for the AGH config file..."

    # get the name of the network interface in IPv4 and IPv6
    ipv4_interface="$(get_network_interface 4)"
@ -37,11 +31,11 @@ set__expose_port_53() {
    ipv6_addr=$(process_ips "$(ip -6 address show "$ipv6_interface" 2> /dev/null | grep inet | sed 's&/.*&&')")

    # update the IP adresses in the AGH config file
-    ynh_print_info --message="Updating the AGH config file..."
+    ynh_print_info "Updating the AGH config file..."
    update_agh_ip_config

    # declare needs_exposed_ports according to real user need
-    ynh_print_info --message="Updating the YunoHost service for AdGuard Home..."
+    ynh_print_info "Updating the YunoHost service for AdGuard Home..."
    if [ "$dns_over_https" == "true" ] && [ "$expose_port_53" == "true" ]; then
        yunohost service add "$app" --description="Ads & trackers blocking DNS server" --needs_exposed_ports "53" "$port_dns_over_tls"
    elif [ "$dns_over_https" == "true" ]; then
@ -53,28 +47,28 @@ set__expose_port_53() {
    fi

    # save the new setting
-    ynh_app_setting_set --app="$app" --key=expose_port_53 --value="$expose_port_53"
+    ynh_app_setting_set --key=expose_port_53 --value="$expose_port_53"
 }

 set__dns_over_https() {

    if [ "$dns_over_https" == "true" ]; then
-        ynh_print_info --message="Opening DoH and DoQ ports..."
+        ynh_print_info "Opening DoH and DoQ ports..."
        # if DNS over HTTPS/QUIC is activated, open the associated ports
-        ynh_exec_warn_less yunohost firewall allow Both "$port_dns_over_tls" --no-reload
-        ynh_exec_warn_less yunohost firewall allow UDP "$port_dns_over_quic"
+        ynh_hide_warnings yunohost firewall allow Both "$port_dns_over_tls" --no-reload
+        ynh_hide_warnings yunohost firewall allow UDP "$port_dns_over_quic"
    elif [ "$dns_over_https" == "false" ]; then
        # else if false, close them
-        ynh_print_info --message="Closing DoH and DoQ ports..."
-        ynh_exec_warn_less yunohost firewall disallow Both "$port_dns_over_tls" --no-reload
-        ynh_exec_warn_less yunohost firewall disallow UDP "$port_dns_over_quic"
+        ynh_print_info "Closing DoH and DoQ ports..."
+        ynh_hide_warnings yunohost firewall disallow Both "$port_dns_over_tls" --no-reload
+        ynh_hide_warnings yunohost firewall disallow UDP "$port_dns_over_quic"
    else
        # else, throw error
-        ynh_print_warn --message="The variable 'dns_over_https' should be 'true' or 'false' but isn't, please report this."
+        ynh_print_warn "The variable 'dns_over_https' should be 'true' or 'false' but isn't, please report this."
    fi

    # declare needs_exposed_ports according to real user need
-    ynh_print_info --message="Updating the YunoHost service for AdGuard Home..."
+    ynh_print_info "Updating the YunoHost service for AdGuard Home..."
    if [ "$dns_over_https" == "true" ] && [ "$expose_port_53" == "true" ]; then
        yunohost service add "$app" --description="Ads & trackers blocking DNS server" --needs_exposed_ports "53" "$port_dns_over_tls"
    elif [ "$dns_over_https" == "true" ]; then
@ -89,23 +83,21 @@ set__dns_over_https() {
    ynh_write_var_in_file --file="$install_dir/AdGuardHome.yaml" --key="enabled" --after="tls:" --value="$dns_over_https"

    # save the new setting in YNH
-    ynh_app_setting_set --app="$app" --key=dns_over_https --value="$dns_over_https"
+    ynh_app_setting_set --key=dns_over_https --value="$dns_over_https"
 }

 set__new_password() {

    # user's password encryption
-    ynh_print_info --message="Encrypting the new password..."
+    ynh_print_info "Encrypting the new password..."
    password=$(python3 -c "import bcrypt; print(bcrypt.hashpw(b\"$new_password\", bcrypt.gensalt(rounds=10)).decode())")
-    ynh_app_setting_set --app="$app" --key=password --value="$password"
+    ynh_app_setting_set --key=password --value="$password"

    # save the new setting in the AGH config file
-    ynh_print_info --message="Saving the new password in the AGH configuration..."
+    ynh_print_info "Saving the new password in the AGH configuration..."
    ynh_write_var_in_file --file="$install_dir/AdGuardHome.yaml" --key="password" --value="$password"
 }

-#=================================================
-# GENERIC FINALIZATION
 #=================================================

 ynh_app_config_run "$1"
--- a/scripts/install
+++ b/scripts/install
@ -1,18 +1,12 @@
 #!/bin/bash

-#=================================================
-# GENERIC START
-#=================================================
-# IMPORT GENERIC HELPERS
-#=================================================
-
 source _common.sh
 source /usr/share/yunohost/helpers

 #=================================================
 # STORE SETTINGS FROM MANIFEST
 #=================================================
-ynh_script_progression --message="Storing installation settings..." --weight=2
+ynh_script_progression "Storing installation settings..."

 if [[ $dns_over_https == 0 ]]; then
    dns_over_https="true"
@ -20,7 +14,7 @@ else
    dns_over_https="false"
 fi

-ynh_app_setting_set --app="$app" --key=dns_over_https --value="$dns_over_https"
+ynh_app_setting_set --key=dns_over_https --value="$dns_over_https"

 if [[ $expose_port_53 == 0 ]]; then
    expose_port_53="true"
@ -28,59 +22,58 @@ else
    expose_port_53="false"
 fi

-ynh_app_setting_set --app="$app" --key=expose_port_53 --value="$expose_port_53"
+ynh_app_setting_set --key=expose_port_53 --value="$expose_port_53"

-ynh_app_setting_set --app="$app" --key=new_password --value=""
+ynh_app_setting_set --key=new_password --value=""

 #=================================================
 # PROCESS OPENING/CLOSING PORTS
 #=================================================
-ynh_script_progression --message="Process opening & closing ports..." --weight=2
+ynh_script_progression "Process opening & closing ports..."

 # if the port 53 is not open, open it, it's mandatory to use AGH
 if ! yunohost firewall list | grep -q " 53$"; then
-    ynh_print_info --message="Opening port 53..."
-    ynh_exec_warn_less yunohost firewall allow Both 53
+    ynh_print_info "Opening port 53..."
+    ynh_hide_warnings yunohost firewall allow Both 53
 fi

 if [ "${dns_over_https:-}" = true ]; then
 	# if DoH and DoQ are closed
 	if ! yunohost firewall list | grep -q " $port_dns_over_tls$" && ! yunohost firewall list | grep -q " $port_dns_over_quic$"; then
-		ynh_print_info --message="Opening DoH and DoQ ports..."
-		ynh_exec_warn_less yunohost firewall allow Both "$port_dns_over_tls" --no-reload
-		ynh_exec_warn_less yunohost firewall allow UDP "$port_dns_over_quic"
+		ynh_print_info "Opening DoH and DoQ ports..."
+		ynh_hide_warnings yunohost firewall allow Both "$port_dns_over_tls" --no-reload
+		ynh_hide_warnings yunohost firewall allow UDP "$port_dns_over_quic"
 	else
 		# no need to open the ports, as they were opened at the 'Provisioning ports' step
-		ynh_print_info --message="DoH and DoQ ports are open."
+		ynh_print_info "DoH and DoQ ports are open."
 	fi
 else
    # if dns_over_https is false, we need to close ports,
    # as they were opened at the 'Provisioning ports' step
-    ynh_print_info --message="Closing DoH and DoQ ports..."
-    ynh_exec_warn_less yunohost firewall disallow Both "$port_dns_over_tls" --no-reload
-    ynh_exec_warn_less yunohost firewall disallow UDP "$port_dns_over_quic"
+    ynh_print_info "Closing DoH and DoQ ports..."
+    ynh_hide_warnings yunohost firewall disallow Both "$port_dns_over_tls" --no-reload
+    ynh_hide_warnings yunohost firewall disallow UDP "$port_dns_over_quic"
 fi

 #=================================================
 # DOWNLOAD, CHECK AND UNPACK SOURCE
 #=================================================
-ynh_script_progression --message="Setting up source files..." --weight=4
+ynh_script_progression "Setting up source files..."

 # Download, check integrity, uncompress and patch the source from app.src
 ynh_setup_source --dest_dir="$install_dir"

-chmod -R o-rwx "$install_dir"
-chown -R "$app:$app" "$install_dir"
-
+#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod -R o-rwx "$install_dir"
+#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R "$app:$app" "$install_dir"
 setcap 'CAP_NET_BIND_SERVICE=+eip CAP_NET_RAW=+eip' "$install_dir/AdGuardHome"

 #=================================================
 # NGINX CONFIGURATION
 #=================================================
-ynh_script_progression --message="Configuring NGINX web server..." --weight=3
+ynh_script_progression "Configuring NGINX web server..."

 # Create a dedicated NGINX config
-ynh_add_nginx_config
+ynh_config_add_nginx

 #=================================================
 # SPECIFIC SETUP
@ -91,19 +84,19 @@ ynh_add_nginx_config
 usermod -a -G ssl-cert "$app"

 # adding a kernel config file for DoQ
-ynh_add_config --template="10-adguardhome.conf" --destination="/etc/sysctl.d/10-adguardhome.conf"
+ynh_config_add --template="10-adguardhome.conf" --destination="/etc/sysctl.d/10-adguardhome.conf"

 #=================================================
 # ADD A CONFIGURATION
 #=================================================
-ynh_script_progression --message="Adding a configuration file..." --weight=1
+ynh_script_progression "Adding $app's configuration..."

 # user's password encryption
 password=$(python3 -c "import bcrypt; print(bcrypt.hashpw(b\"$password\", bcrypt.gensalt(rounds=10)).decode())")
-ynh_app_setting_set --app="$app" --key=password --value="$password"
+ynh_app_setting_set --key=password --value="$password"

 # Main config File
-ynh_add_config --template="AdGuardHome.yaml" --destination="$install_dir/AdGuardHome.yaml"
+ynh_config_add --template="AdGuardHome.yaml" --destination="$install_dir/AdGuardHome.yaml"

 # get the name of the network interface in IPv4 and IPv6
 ipv4_interface="$(get_network_interface 4)"
@ -129,10 +122,10 @@ chown -R "$app:$app" "$install_dir/AdGuardHome.yaml"
 #=================================================
 # SETUP SYSTEMD
 #=================================================
-ynh_script_progression --message="Configuring a systemd service..." --weight=1
+ynh_script_progression "Configuring $app's systemd service..."

 # Create a dedicated systemd config
-ynh_add_systemd_config
+ynh_config_add_systemd

 # declare needs_exposed_ports according to real user need
 if [ "$dns_over_https" == "true" ] && [ "$expose_port_53" == "true" ]; then
@ -148,13 +141,13 @@ fi
 #=================================================
 # START SYSTEMD SERVICE
 #=================================================
-ynh_script_progression --message="Starting a systemd service..." --weight=2
+ynh_script_progression "Starting $app's systemd service..."

 # Start a systemd service
-ynh_systemd_action --service_name="$app" --action="restart" --log_path=systemd
+ynh_systemctl --service="$app" --action="restart" --log_path=systemd

 #=================================================
 # END OF SCRIPT
 #=================================================

-ynh_script_progression --message="Installation of $app completed" --last
+ynh_script_progression "Installation of $app completed"
--- a/scripts/remove
+++ b/scripts/remove
@ -1,26 +1,20 @@
 #!/bin/bash

-#=================================================
-# GENERIC START
-#=================================================
-# IMPORT GENERIC HELPERS
-#=================================================
-
 source _common.sh
 source /usr/share/yunohost/helpers

 #=================================================
 # PROCESS CLOSING PORTS
 #=================================================
-ynh_script_progression --message="Closing ports..." --weight=2
+ynh_script_progression "Closing ports..."

 # close ports
-ynh_print_info --message="Closing port 53..."
-ynh_exec_warn_less yunohost firewall disallow Both 53
+ynh_print_info "Closing port 53..."
+ynh_hide_warnings yunohost firewall disallow Both 53
 if [ "$dns_over_https" == "true" ]; then
-    ynh_print_info --message="Closing DoH and DoQ ports..."
-    ynh_exec_warn_less yunohost firewall disallow Both "$port_dns_over_tls" --no-reload
-    ynh_exec_warn_less yunohost firewall disallow UDP "$port_dns_over_quic"
+    ynh_print_info "Closing DoH and DoQ ports..."
+    ynh_hide_warnings yunohost firewall disallow Both "$port_dns_over_tls" --no-reload
+    ynh_hide_warnings yunohost firewall disallow UDP "$port_dns_over_quic"
 fi

 #=================================================
@ -30,26 +24,26 @@ fi
 #=================================================

 # Remove the service from the list of services known by YunoHost (added from `yunohost service add`)
-ynh_script_progression --message="Removing $app service integration..." --weight=1
+ynh_script_progression "Removing $app service integration..."
 yunohost service remove "$app"

-ynh_script_progression --message="Removing system configurations related to $app..." --weight=1
+ynh_script_progression "Removing system configurations related to $app..."

 # Remove the dedicated systemd config
-ynh_remove_systemd_config
+ynh_config_remove_systemd

 # Remove the dedicated NGINX config
-ynh_remove_nginx_config
+ynh_config_remove_nginx

 #=================================================
 # REMOVE VARIOUS FILES specific to the app...
 #=================================================

 # remove the kernel config file for DoQ
-ynh_secure_remove --file="/etc/sysctl.d/10-adguardhome.conf"
+ynh_safe_rm "/etc/sysctl.d/10-adguardhome.conf"

 # Remove the dedicated dnsmasq config for AdGuardHome
-ynh_secure_remove --file="/etc/dnsmasq.d/$app"
+ynh_safe_rm "/etc/dnsmasq.d/$app"

 systemctl restart dnsmasq

@ -57,4 +51,4 @@ systemctl restart dnsmasq
 # END OF SCRIPT
 #=================================================

-ynh_script_progression --message="Removal of $app completed" --last
+ynh_script_progression "Removal of $app completed"
--- a/scripts/restore
+++ b/scripts/restore
@ -1,11 +1,5 @@
 #!/bin/bash

-#=================================================
-# GENERIC START
-#=================================================
-# IMPORT GENERIC HELPERS
-#=================================================
-
 # Keep this path for calling _common.sh inside the execution's context of backup and restore scripts
 source ../settings/scripts/_common.sh
 source /usr/share/yunohost/helpers
@ -13,30 +7,30 @@ source /usr/share/yunohost/helpers
 #=================================================
 # PROCESS OPENING/CLOSING PORTS
 #=================================================
-ynh_script_progression --message="Process opening & closing ports..." --weight=2
+ynh_script_progression "Process opening & closing ports..."

 # if the port 53 is not open, open it, it's mandatory to use AGH
 if ! yunohost firewall list | grep -q " 53$"; then
-    ynh_print_info --message="Opening port 53..."
-    ynh_exec_warn_less yunohost firewall allow Both 53
+    ynh_print_info "Opening port 53..."
+    ynh_hide_warnings yunohost firewall allow Both 53
 fi

 if [ "${dns_over_https:-}" = true ]; then
 	# if DoH and DoQ are closed
 	if ! yunohost firewall list | grep -q " $port_dns_over_tls$" && ! yunohost firewall list | grep -q " $port_dns_over_quic$"; then
-		ynh_print_info --message="Opening DoH and DoQ ports..."
-		ynh_exec_warn_less yunohost firewall allow Both "$port_dns_over_tls" --no-reload
-		ynh_exec_warn_less yunohost firewall allow UDP "$port_dns_over_quic"
+		ynh_print_info "Opening DoH and DoQ ports..."
+		ynh_hide_warnings yunohost firewall allow Both "$port_dns_over_tls" --no-reload
+		ynh_hide_warnings yunohost firewall allow UDP "$port_dns_over_quic"
 	else
 		# no need to open the ports, as they were opened at the 'Provisioning ports' step
-		ynh_print_info --message="DoH and DoQ ports are open."
+		ynh_print_info "DoH and DoQ ports are open."
 	fi
 else
    # if dns_over_https is false, we need to close ports,
    # as they were opened at the 'Provisioning ports' step
-    ynh_print_info --message="Closing DoH and DoQ ports..."
-    ynh_exec_warn_less yunohost firewall disallow Both "$port_dns_over_tls" --no-reload
-    ynh_exec_warn_less yunohost firewall disallow UDP "$port_dns_over_quic"
+    ynh_print_info "Closing DoH and DoQ ports..."
+    ynh_hide_warnings yunohost firewall disallow Both "$port_dns_over_tls" --no-reload
+    ynh_hide_warnings yunohost firewall disallow UDP "$port_dns_over_quic"
 fi

 #=================================================
@ -47,9 +41,9 @@ fi
 # use of the Let's Encrypt certs for DOT/DOQ
 usermod -a -G ssl-cert "$app"

-ynh_script_progression --message="Restoring the app main directory..." --weight=1
+ynh_script_progression "Restoring the app main directory..."

-ynh_restore_file --origin_path="$install_dir"
+ynh_restore "$install_dir"

 # we need to refresh IP adresses in case the backup is restored in a different
 # environment, else AGH will try to bind port 53 on non-existent IPs and crash
@ -72,12 +66,10 @@ ipv6_addr=$(process_ips "$(ip -6 address show "$ipv6_interface" 2> /dev/null | g
 # update the IP adresses in the AGH config file
 update_agh_ip_config

-
 # this will be treated as a security issue.
-chmod 750 "$install_dir"
-chmod -R o-rwx "$install_dir"
-chown -R "$app:$app" "$install_dir"
-
+#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 750 "$install_dir"
+#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod -R o-rwx "$install_dir"
+#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R "$app:$app" "$install_dir"
 setcap 'CAP_NET_BIND_SERVICE=+eip CAP_NET_RAW=+eip' "$install_dir/AdGuardHome"

 systemctl restart dnsmasq
@ -85,11 +77,11 @@ systemctl restart dnsmasq
 #=================================================
 # RESTORE THE NGINX CONFIGURATION
 #=================================================
-ynh_script_progression --message="Restoring the NGINX web server configuration..." --weight=1
+ynh_script_progression "Restoring the NGINX web server configuration..."

-ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
+ynh_restore "/etc/nginx/conf.d/$domain.d/$app.conf"

-ynh_restore_file --origin_path="/etc/systemd/system/$app.service"
+ynh_restore "/etc/systemd/system/$app.service"
 systemctl enable "$app.service" --quiet

 # declare needs_exposed_ports according to real user need
@ -108,19 +100,19 @@ fi
 #=================================================

 # restore the kernel config file for DoQ
-ynh_restore_file --origin_path="/etc/sysctl.d/10-adguardhome.conf"
+ynh_restore "/etc/sysctl.d/10-adguardhome.conf"

 #=================================================
 # START SYSTEMD SERVICE
 #=================================================
-ynh_script_progression --message="Starting a systemd service..." --weight=1
+ynh_script_progression "Starting $app's systemd service..."

-ynh_systemd_action --service_name="$app" --action="restart" --log_path="systemd"
+ynh_systemctl --service="$app" --action="restart" --log_path="systemd"

-ynh_systemd_action --service_name=nginx --action=reload
+ynh_systemctl --service=nginx --action=reload

 #=================================================
 # END OF SCRIPT
 #=================================================

-ynh_script_progression --message="Restoration completed for $app" --last
+ynh_script_progression "Restoration completed for $app"
--- a/scripts/upgrade
+++ b/scripts/upgrade
@ -1,33 +1,19 @@
 #!/bin/bash

-#=================================================
-# GENERIC START
-#=================================================
-# IMPORT GENERIC HELPERS
-#=================================================
-
 source _common.sh
 source /usr/share/yunohost/helpers

-#=================================================
-# CHECK VERSION
-#=================================================
-
-upgrade_type=$(ynh_check_app_version_changed)
-
-#=================================================
-# STANDARD UPGRADE STEPS
 #=================================================
 # STOP SYSTEMD SERVICE
 #=================================================
-ynh_script_progression --message="Stopping a systemd service..." --weight=1
+ynh_script_progression "Stopping $app's systemd service..."

-ynh_systemd_action --service_name="$app" --action="stop"
+ynh_systemctl --service="$app" --action="stop"

 #=================================================
 # ENSURE DOWNWARD COMPATIBILITY
 #=================================================
-ynh_script_progression --message="Ensuring downward compatibility..." --weight=1
+ynh_script_progression "Ensuring downward compatibility..."

 # to remove some time in the future (DoH PR during testing phase residual)
 if ! grep -q "port_https: 0" "$install_dir/AdGuardHome.yaml"; then
@ -35,26 +21,28 @@ if ! grep -q "port_https: 0" "$install_dir/AdGuardHome.yaml"; then
 fi

 if [ -z "${expose_port_53:-}" ] || [ "${expose_port_53:-}" = false ]; then
-	# if 'expose_port_53' doesn't exist or is false 
+	# if 'expose_port_53' doesn't exist or is false
+
    expose_port_53="false"
-	ynh_app_setting_set --app="$app" --key=expose_port_53 --value="$expose_port_53"
+	ynh_app_setting_set --key=expose_port_53 --value="$expose_port_53"
 elif [ "${expose_port_53:-}" = true ]; then
    expose_port_53="true"
-	ynh_app_setting_set --app="$app" --key=expose_port_53 --value="$expose_port_53"
+	ynh_app_setting_set --key=expose_port_53 --value="$expose_port_53"
 fi

 if [ -z "${dns_over_https:-}" ] || [ "${dns_over_https:-}" = false ]; then
-	# if 'dns_over_https' doesn't exist or is false 
+	# if 'dns_over_https' doesn't exist or is false
+
 	dns_over_https="false"
-	ynh_app_setting_set --app="$app" --key=dns_over_https --value=$dns_over_https
+	ynh_app_setting_set --key=dns_over_https --value=$dns_over_https
 elif [ "${dns_over_https:-}" = true ]; then
 	dns_over_https="true"
-	ynh_app_setting_set --app="$app" --key=dns_over_https --value=$dns_over_https
+	ynh_app_setting_set --key=dns_over_https --value=$dns_over_https
 fi

 # about all those 'ynh_write_var_in_file':
 # AGH modifies by itself the config file when an user modifies it using the front-end
-# so if we're using 'ynh_add_config' to process the config file, each
+# so if we're using 'ynh_config_add' to process the config file, each
 # regeneration of the config would break the user's changes :/ (yeah ik...)
 # maybe one day we'll use python3 -c "import yaml" in place of this shit, but not today

@ -73,74 +61,74 @@ ynh_write_var_in_file --file="$install_dir/AdGuardHome.yaml" --key="port_dns_ove
 ynh_write_var_in_file --file="$install_dir/AdGuardHome.yaml" --key="port_dns_over_quic" --value="$port_dns_over_quic"

 # remove setting no longer required
-ynh_app_setting_delete --app="$app" --key=port_adguard
+ynh_app_setting_delete --key=port_adguard

 if [ -z "${new_password:-}" ]; then
-	ynh_app_setting_set --app="$app" --key=new_password --value=""
+	ynh_app_setting_set --key=new_password --value=""
 fi

 #=================================================
 # PROCESS OPENING/CLOSING PORTS
 #=================================================
-ynh_script_progression --message="Process opening & closing ports..." --weight=2
+ynh_script_progression "Process opening & closing ports..."

 # if the DNS port in the AGH config is not 53, make sure it is...
 if ! [ "$(ynh_read_var_in_file --file="$install_dir/AdGuardHome.yaml" --key="port" --after="dns")" == "53" ]; then
-	ynh_print_info --message="Fixing port 53 in the AGH config file..."
+	ynh_print_info "Fixing port 53 in the AGH config file..."
 	ynh_write_var_in_file --file="$install_dir/AdGuardHome.yaml" --key="port" --after="dns" --value="53"
 fi

 # if the port 53 is not open, open it, it's mandatory to use AGH
 if ! yunohost firewall list | grep -q " 53$"; then
-    ynh_print_info --message="Opening port 53..."
-    ynh_exec_warn_less yunohost firewall allow Both 53
+    ynh_print_info "Opening port 53..."
+    ynh_hide_warnings yunohost firewall allow Both 53
 fi

 if [ "${dns_over_https:-}" = true ]; then
 	# if DoH and DoQ are closed
 	if ! yunohost firewall list | grep -q " $port_dns_over_tls$" || ! yunohost firewall list | grep -q " $port_dns_over_quic$"; then
-		ynh_print_info --message="Opening DoH and DoQ ports..."
-		ynh_exec_warn_less yunohost firewall allow Both "$port_dns_over_tls" --no-reload
-		ynh_exec_warn_less yunohost firewall allow UDP "$port_dns_over_quic"
+		ynh_print_info "Opening DoH and DoQ ports..."
+		ynh_hide_warnings yunohost firewall allow Both "$port_dns_over_tls" --no-reload
+		ynh_hide_warnings yunohost firewall allow UDP "$port_dns_over_quic"
 	else
 		# no need to open the ports, as they were opened at the 'Provisioning ports' step
-		ynh_print_info --message="DoH and DoQ ports are open."
+		ynh_print_info "DoH and DoQ ports are open."
 	fi
 else
    # if dns_over_https is false, we need to close ports,
    # as they were opened at the 'Provisioning ports' step
-    ynh_print_info --message="Closing DoH and DoQ ports..."
-    ynh_exec_warn_less yunohost firewall disallow Both "$port_dns_over_tls" --no-reload
-    ynh_exec_warn_less yunohost firewall disallow UDP "$port_dns_over_quic"
+    ynh_print_info "Closing DoH and DoQ ports..."
+    ynh_hide_warnings yunohost firewall disallow Both "$port_dns_over_tls" --no-reload
+    ynh_hide_warnings yunohost firewall disallow UDP "$port_dns_over_quic"
 fi

 #=================================================
 # DOWNLOAD, CHECK AND UNPACK SOURCE
 #=================================================

-if [ "$upgrade_type" == "UPGRADE_APP" ]
+# FIXME: this is still supported but the recommendation is now to *always* re-setup the app sources wether or not the upstream sources changed
+if ynh_app_upstream_version_changed
 then
-	ynh_script_progression --message="Upgrading source files..." --weight=1
+	ynh_script_progression "Upgrading source files..."

 	# Download, check integrity, uncompress and patch the source from app.src
-	ynh_setup_source --dest_dir="$install_dir" --full_replace=1 --keep="data AdGuardHome.yaml"
+	ynh_setup_source --dest_dir="$install_dir" --full_replace --keep="data AdGuardHome.yaml"
 fi

-chmod -R o-rwx "$install_dir"
-chown -R "$app:$app" "$install_dir"
-
+#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod -R o-rwx "$install_dir"
+#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R "$app:$app" "$install_dir"
 setcap 'CAP_NET_BIND_SERVICE=+eip CAP_NET_RAW=+eip' "$install_dir/AdGuardHome"

 #=================================================
 # NGINX CONFIGURATION
 #=================================================
-ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=1
+ynh_script_progression "Upgrading NGINX web server configuration..."

 # Create a dedicated NGINX config
-ynh_add_nginx_config
+ynh_config_add_nginx

 # Create a dedicated systemd config
-ynh_add_systemd_config
+ynh_config_add_systemd

 # declare needs_exposed_ports according to real user need
 if [ "$dns_over_https" == "true" ] && [ "$expose_port_53" == "true" ]; then
@ -153,8 +141,6 @@ else
    yunohost service add "$app" --description="Ads & trackers blocking DNS server"
 fi

-#=================================================
-# SPECIFIC UPGRADE
 #=================================================

 # adding the adguardhome dedicated user to the 'ssl-cert' group to permit the
@ -162,12 +148,12 @@ fi
 usermod -a -G ssl-cert "$app"

 # adding a kernel config file for DoQ
-ynh_add_config --template="10-adguardhome.conf" --destination="/etc/sysctl.d/10-adguardhome.conf"
+ynh_config_add --template="10-adguardhome.conf" --destination="/etc/sysctl.d/10-adguardhome.conf"

 #=================================================
 # UPDATE A CONFIG FILE
 #=================================================
-ynh_script_progression --message="Updating a configuration file..." --weight=1
+ynh_script_progression "Updating configuration..."

 # get the name of the network interface in IPv4 and IPv6
 ipv4_interface="$(get_network_interface 4)"
@ -190,12 +176,12 @@ chown -R "$app:$app" "$install_dir/AdGuardHome.yaml"
 #=================================================
 # START SYSTEMD SERVICE
 #=================================================
-ynh_script_progression --message="Starting a systemd service..." --weight=1
+ynh_script_progression "Starting $app's systemd service..."

-ynh_systemd_action --service_name="$app" --action="restart" --log_path="systemd"
+ynh_systemctl --service="$app" --action="restart" --log_path="systemd"

 #=================================================
 # END OF SCRIPT
 #=================================================

-ynh_script_progression --message="Upgrade of $app completed" --last
+ynh_script_progression "Upgrade of $app completed"