Merge pull request #31 from YunoHost-Apps/testing

Testing
2024-09-03 18:36:09 +02:00 · 2018-02-27 23:02:33 +01:00 · 2018-02-27 23:02:33 +01:00 · 9292a65948
commit 9292a65948
parent 5006e0316c decb3588e4
13 changed files with 156 additions and 262 deletions
--- a/README.md
+++ b/README.md
@ -36,12 +36,11 @@ Supported, **without LDAP nor SSO**.

 #### Supported architectures

-* Tested on x86_64
+* x86-64b - [![Build Status](https://ci-apps.yunohost.org/jenkins/job/etherpad_mypads%20(Community)/badge/icon)](https://ci-apps.yunohost.org/jenkins/job/etherpad_mypads%20(Community)/)
+* ARMv8-A - [![Build Status](https://ci-apps.yunohost.org/jenkins/job/etherpad_mypads%20(Community)%20(%7EARM%7E)/badge/icon)](https://ci-apps.yunohost.org/jenkins/job/etherpad_mypads%20(Community)%20(%7EARM%7E)/)

 ## Limitations

-* If you ask to install the plugin mypads, you have to install in the root of a dedicated domain or a sub domain. Else, mypads will be inaccessible.
-
 ## Additionnal informations

 * This package will install the following plugins:
@ -62,10 +61,6 @@ Supported, **without LDAP nor SSO**.
  * ep_table_of_contents - *View a table of contents for your pad*
  * ep_user_font_size - *User Pad Contents font size can be set in settings, this does not effect other peoples views*

-* Because there's no ldap support with mypads plugin, no user is created at the installation.  
-You have to connect to the admin panel to create the first users.  
-Login and password are those you chose during the installation.
-
 ## Links

 * Report a bug: https://github.com/YunoHost-Apps/etherpad_mypads_ynh/issues
--- a/README_fr.md
+++ b/README_fr.md
@ -36,12 +36,11 @@ Supportée, **sans LDAP ni SSO**.

 #### Architectures supportées.

-* Testé sur x86_64
+* x86-64b - [![Build Status](https://ci-apps.yunohost.org/jenkins/job/etherpad_mypads%20(Community)/badge/icon)](https://ci-apps.yunohost.org/jenkins/job/etherpad_mypads%20(Community)/)
+* ARMv8-A - [![Build Status](https://ci-apps.yunohost.org/jenkins/job/etherpad_mypads%20(Community)%20(%7EARM%7E)/badge/icon)](https://ci-apps.yunohost.org/jenkins/job/etherpad_mypads%20(Community)%20(%7EARM%7E)/)

 ## Limitations

-* Si vous demandez d'installer le plugin mypads, vous devez installer à la racine d'un domaine ou d'un sous-domaine dédié. Sinon, mypads sera inaccessible.
-
 ## Informations additionnelles

 * Ce paquet installera les plugins suivants:
@ -62,10 +61,6 @@ Supportée, **sans LDAP ni SSO**.
  * ep_table_of_contents - *Voir une table des matières pour votre pad*
  * ep_user_font_size - *Permet de définir taille de la police dans les paramètres, cela n'affecte pas les vues des autres personnes*.

-* Parce qu'il n'y a pas de support ldap avec le plugin mypads, aucun utilisateur n'est créé lors de l'installation.  
-Vous devez vous connecter au panneau d'administration pour créer les premiers utilisateurs.  
-Login et mot de passe sont ceux que vous avez choisis lors de l'installation.
-
 ## Liens

 * Reporter un bug: https://github.com/YunoHost-Apps/etherpad_mypads_ynh/issues
--- a/19
+++ b/19
@ -1,5 +1,4 @@
-;; Test complet avec libreoffice sans mypads
-	auto_remove=1
+;; Test complet avec libreoffice et mypads
 	; Manifest
 		domain="domain.tld"	(DOMAIN)
 		path="/path"	(PATH)
@ -8,7 +7,8 @@
 		language="en"
 		is_public=1	(PUBLIC|public=1|private=0)
 		export="libreoffice"
-		mypads=0
+		mypads=1
+		useldap=1
 	; Checks
 		pkg_linter=1
 		setup_sub_dir=1
@ -22,8 +22,7 @@
 		incorrect_path=1
 		port_already_use=1	(9001)
 		change_url=1
-;; Test avec mypads
-	auto_remove=1
+;; Test sans mypads
 	; Manifest
 		domain="domain.tld"	(DOMAIN)
 		path="/path"	(PATH)
@ -32,14 +31,14 @@
 		language="en"
 		is_public=1	(PUBLIC|public=1|private=0)
 		export="libreoffice"
-		mypads=1
+		mypads=0
+		useldap=0
 	; Checks
+		setup_sub_dir=1
 		setup_root=1
 		upgrade=1
-		upgrade=1	from_commit=8bf300413ec3adcb416d168d2e9e98975dd9405b
 		backup_restore=1
 ;; Test abiword
-	auto_remove=1
 	; Manifest
 		domain="domain.tld"	(DOMAIN)
 		path="/path"	(PATH)
@ -49,10 +48,11 @@
 		is_public=1	(PUBLIC|public=1|private=0)
 		export="abiword"
 		mypads=1
+		useldap=0
 	; Checks
 		setup_root=1
+		upgrade=1	from_commit=8bf300413ec3adcb416d168d2e9e98975dd9405b
 ;; Test sans export
-	auto_remove=1
 	; Manifest
 		domain="domain.tld"	(DOMAIN)
 		path="/path"	(PATH)
@ -62,6 +62,7 @@
 		is_public=1	(PUBLIC|public=1|private=0)
 		export="none"
 		mypads=1
+		useldap=0
 	; Checks
 		setup_root=1
 ;;; Levels
--- a/conf/settings.json
+++ b/conf/settings.json
@ -87,6 +87,30 @@
 		"ep_comments_page": {
 			"highlightSelectedText": false
 		},
+		// ep_mypads
+//noldap		"ep_mypads": {
+//noldap			"ldap": {
+//noldap				// Your LDAP URL
+//noldap				"url": "ldap://127.0.0.1",
+//noldap				// Where to search your users
+//noldap				"searchBase": "ou=users,dc=yunohost,dc=org",
+//noldap				// A LDAP filter ({{username}} is replaced by user's login)
+//noldap				"searchFilter": "(&(|(objectclass=posixAccount))(uid={{username}}))",
+//noldap				// LDAP properties mapping for MyPads
+//noldap				"properties": {
+//noldap					// Which LDAP property will be used as user's login?
+//noldap					"login": "uid",
+//noldap					// as user's email
+//noldap					"email": "mail",
+//noldap					// as user's firstname
+//noldap					"firstname": "givenName",
+//noldap					// as users's lastname
+//noldap					"lastname": "sn"
+//noldap				},
+//noldap				// Default langage for LDAP created users
+//noldap				"defaultLang": "__LANGUAGE__"
+//noldap			}
+//noldap		},

  /* Should we suppress errors from being visible in the default Pad Text? */
  "suppressErrorsInPadText" : false,
--- a/manifest.json
+++ b/manifest.json
@ -6,7 +6,7 @@
 		"en": "Framapad clone, a online editor providing collaborative editing in real-time.",
 		"fr": "Clone de Framapad, un éditeur en ligne fournissant l'édition collaborative en temps réel."
 	},
-	"version": "1.6.3~ynh1",
+	"version": "1.6.3~ynh2",
 	"url": "https://framapad.org",
 	"license": "Apache-2.0",
 	"maintainer": {
@ -39,12 +39,8 @@
 					"en": "Choose a path for Etherpad",
 					"fr": "Choisissez un chemin pour Etherpad"
 				},
-				"help": {
-					"en": "If you choose to install mypads plugin, etherpad has to be on /",
-					"fr": "Si vous choisissez d'installer le plugin mypads, etherpad doit être sur /"
-				},
-				"example": "/",
-				"default": "/"
+				"example": "/pad",
+				"default": "/pad"
 			},
 			{
 				"name": "admin",
@ -102,6 +98,19 @@
 					"en": "<a href=https://git.framasoft.org/framasoft/ep_mypads target=_blank>mypads plugin</a>"
 				},
 				"default": true
+			},
+			{
+				"name": "useldap",
+				"type": "boolean",
+				"ask": {
+					"en": "Do you want to use ldap with mypads ?",
+					"fr": "Voulez-vous utiliser ldap avec mypads ?"
+				},
+				"help": {
+					"en": "Using ldap won't let you add new user aside from YunoHost users.",
+					"fr": "Utiliser ldap ne vous permettra pas d'ajouter un nouvel utilisateur en dehors des utilisateurs de YunoHost."
+				},
+				"default": true
 			}
 		]
 	}
--- a/scripts/_common.sh
+++ b/scripts/_common.sh
@ -22,14 +22,6 @@ CHECK_SIZE () {	# Vérifie avant chaque backup que l'espace est suffisant
 	fi
 }

-#=================================================
-# PACKAGE CHECK BYPASSING...
-#=================================================
-
-IS_PACKAGE_CHECK () {	# Détermine une exécution en conteneur (Non testé)
-	return $(uname -n | grep -c 'pchecker_lxc')
-}
-
 #=================================================
 # EXPERIMENTAL HELPERS
 #=================================================
@ -212,15 +204,17 @@ EOF

 # Start or restart a service and follow its booting
 #
-# usage: ynh_check_starting "Line to match" [Log file] [Timeout]
+# usage: ynh_check_starting "Line to match" [Log file] [Timeout] [Service name]
 #
 # | arg: Line to match - The line to find in the log to attest the service have finished to boot.
 # | arg: Log file - The log file to watch
+# | arg: Service name
 # /var/log/$app/$app.log will be used if no other log is defined.
 # | arg: Timeout - The maximum time to wait before ending the watching. Defaut 300 seconds.
 ynh_check_starting () {
 	local line_to_match="$1"
-	local app_log="${2:-/var/log/$app/$app.log}"
+	local service_name="${4:-$app}"
+	local app_log="${2:-/var/log/$service_name/$service_name.log}"
 	local timeout=${3:-300}

 	ynh_clean_check_starting () {
@ -229,13 +223,14 @@ ynh_check_starting () {
 		ynh_secure_remove "$templog" 2>&1
 	}

-	echo "Starting of $app" >&2
-	systemctl restart $app
+	echo "Starting of $service_name" >&2
+	systemctl stop $service_name
 	local templog="$(mktemp)"
 	# Following the starting of the app in its log
-	tail -f -n1 "$app_log" > "$templog" &
+	tail -F -n0 "$app_log" > "$templog" &
 	# Get the PID of the tail command
 	local pid_tail=$!
+	systemctl start $service_name

 	local i=0
 	for i in `seq 1 $timeout`
@ -243,7 +238,7 @@ ynh_check_starting () {
 		# Read the log until the sentence is found, that means the app finished to start. Or run until the timeout
 		if grep --quiet "$line_to_match" "$templog"
 		then
-			echo "The service $app has correctly started." >&2
+			echo "The service $service_name has correctly started." >&2
 			break
 		fi
 		echo -n "." >&2
@ -251,7 +246,7 @@ ynh_check_starting () {
 	done
 	if [ $i -eq $timeout ]
 	then
-		echo "The service $app didn't fully started before the timeout." >&2
+		echo "The service $service_name didn't fully started before the timeout." >&2
 	fi

 	echo ""
@ -272,14 +267,6 @@ ynh_print_info () {
  ynh_print_log "[INFO] ${1}"
 }

-# Print a warning on stderr
-#
-# usage: ynh_print_warn "Text to print"
-# | arg: text - The text to print
-ynh_print_warn () {
-  ynh_print_log "[WARN] ${1}" >&2
-}
-
 # Print a error on stderr
 #
 # usage: ynh_print_err "Text to print"
@ -288,61 +275,6 @@ ynh_print_err () {
  ynh_print_log "[ERR] ${1}" >&2
 }

-# Execute a command and print the result as an error
-#
-# usage: ynh_exec_err command to execute
-# usage: ynh_exec_err "command to execute | following command"
-# In case of use of pipes, you have to use double quotes. Otherwise, this helper will be executed with the first command, then be send to the next pipe.
-#
-# | arg: command - command to execute
-ynh_exec_err () {
-	ynh_print_err "$(eval $@)"
-}
-
-# Execute a command and print the result as a warning
-#
-# usage: ynh_exec_warn command to execute
-# usage: ynh_exec_warn "command to execute | following command"
-# In case of use of pipes, you have to use double quotes. Otherwise, this helper will be executed with the first command, then be send to the next pipe.
-#
-# | arg: command - command to execute
-ynh_exec_warn () {
-	ynh_print_warn "$(eval $@)"
-}
-
-# Execute a command and force the result to be printed on stdout
-#
-# usage: ynh_exec_warn_less command to execute
-# usage: ynh_exec_warn_less "command to execute | following command"
-# In case of use of pipes, you have to use double quotes. Otherwise, this helper will be executed with the first command, then be send to the next pipe.
-#
-# | arg: command - command to execute
-ynh_exec_warn_less () {
-	eval $@ 2>&1
-}
-
-# Execute a command and redirect stdout in /dev/null
-#
-# usage: ynh_exec_quiet command to execute
-# usage: ynh_exec_quiet "command to execute | following command"
-# In case of use of pipes, you have to use double quotes. Otherwise, this helper will be executed with the first command, then be send to the next pipe.
-#
-# | arg: command - command to execute
-ynh_exec_quiet () {
-	eval $@ > /dev/null
-}
-
-# Execute a command and redirect stdout and stderr in /dev/null
-#
-# usage: ynh_exec_fully_quiet command to execute
-# usage: ynh_exec_fully_quiet "command to execute | following command"
-# In case of use of pipes, you have to use double quotes. Otherwise, this helper will be executed with the first command, then be send to the next pipe.
-#
-# | arg: command - command to execute
-ynh_exec_fully_quiet () {
-	eval $@ > /dev/null 2>&1
-}
-
 # Remove any logs for all the following commands.
 #
 # usage: ynh_print_OFF
@ -362,55 +294,6 @@ ynh_print_ON () {

 #=================================================

-# Install or update the main directory yunohost.multimedia
-#
-# usage: ynh_multimedia_build_main_dir
-ynh_multimedia_build_main_dir () {
-	wget -nv https://github.com/YunoHost-Apps/yunohost.multimedia/archive/master.zip 2>&1
-	unzip -q master.zip
-	./yunohost.multimedia-master/script/ynh_media_build.sh
-}
-
-# Add a directory in yunohost.multimedia
-# This "directory" will be a symbolic link to a existing directory.
-#
-# usage: ynh_multimedia_addfolder "Source directory" "Destination directory"
-#
-# | arg: Source directory - The real directory which contains your medias.
-# | arg: Destination directory - The name and the place of the symbolic link, relative to "/home/yunohost.multimedia"
-ynh_multimedia_addfolder () {
-	local source_dir="$1"
-	local dest_dir="$2"
-	./yunohost.multimedia-master/script/ynh_media_addfolder.sh --source="$source_dir" --dest="$dest_dir"
-}
-
-# Move a directory in yunohost.multimedia, and replace by a symbolic link
-#
-# usage: ynh_multimedia_movefolder "Source directory" "Destination directory"
-#
-# | arg: Source directory - The real directory which contains your medias.
-# It will be moved to "Destination directory"
-# A symbolic link will replace it.
-# | arg: Destination directory - The new name and place of the directory, relative to "/home/yunohost.multimedia"
-ynh_multimedia_movefolder () {
-	local source_dir="$1"
-	local dest_dir="$2"
-	./yunohost.multimedia-master/script/ynh_media_addfolder.sh --inv --source="$source_dir" --dest="$dest_dir"
-}
-
-# Allow an user to have an write authorisation in multimedia directories
-#
-# usage: ynh_multimedia_addaccess user_name
-#
-# | arg: user_name - The name of the user which gain this access.
-ynh_multimedia_addaccess () {
-	local user_name=$1
-	groupadd -f multimedia
-	usermod -a -G multimedia $user_name
-}
-
-#=================================================
-
 # Create a dedicated fail2ban config (jail and filter conf files)
 #
 # usage: ynh_add_fail2ban_config log_file filter [max_retry [ports]]
@ -419,55 +302,56 @@ ynh_multimedia_addaccess () {
 # | arg: max_retry - Maximum number of retries allowed before banning IP address - default: 3
 # | arg: ports - Ports blocked for a banned IP address - default: http,https
 ynh_add_fail2ban_config () {
-	# Process parameters
-	logpath=$1
-	failregex=$2
-	max_retry=${3:-3}
-	ports=${4:-http,https}
-
-	test -n "$logpath" || ynh_die "ynh_add_fail2ban_config expects a logfile path as first argument and received nothing."
-	test -n "$failregex" || ynh_die "ynh_add_fail2ban_config expects a failure regex as second argument and received nothing."
-
-	finalfail2banjailconf="/etc/fail2ban/jail.d/$app.conf"
-	finalfail2banfilterconf="/etc/fail2ban/filter.d/$app.conf"
-	ynh_backup_if_checksum_is_different "$finalfail2banjailconf" 1
-	ynh_backup_if_checksum_is_different "$finalfail2banfilterconf" 1
-
-	sudo tee $finalfail2banjailconf <<EOF
+   # Process parameters
+   logpath=$1
+   failregex=$2
+   max_retry=${3:-3}
+   ports=${4:-http,https}
+   
+  test -n "$logpath" || ynh_die "ynh_add_fail2ban_config expects a logfile path as first argument and received nothing."
+  test -n "$failregex" || ynh_die "ynh_add_fail2ban_config expects a failure regex as second argument and received nothing."
+  
+  finalfail2banjailconf="/etc/fail2ban/jail.d/$app.conf"
+  finalfail2banfilterconf="/etc/fail2ban/filter.d/$app.conf"
+  ynh_backup_if_checksum_is_different "$finalfail2banjailconf" 1
+  ynh_backup_if_checksum_is_different "$finalfail2banfilterconf" 1
+  
+  sudo tee $finalfail2banjailconf <<EOF
 [$app]
 enabled = true
 port = $ports
 filter = $app
 logpath = $logpath
-maxretry = $max_retry" 
+maxretry = $max_retry
 EOF

-	sudo tee $finalfail2banfilterconf <<EOF
+  sudo tee $finalfail2banfilterconf <<EOF
 [INCLUDES]
 before = common.conf
 [Definition]
 failregex = $failregex
-ignoreregrex =" 
+ignoreregex =
 EOF

-	ynh_store_file_checksum "$finalfail2banjailconf"
-	ynh_store_file_checksum "$finalfail2banfilterconf"
-
-	sudo systemctl restart fail2ban
-	if local fail2ban_error="$(tail -n50 /var/log/fail2ban.log | grep "WARNING Command.*$app.*addfailregex")"
-	then
-		echo "[ERR] Fail2ban fail to load the jail for $app" >&2
-		echo "WARNING${fail2ban_error#*WARNING}" >&2
-	fi
+  ynh_store_file_checksum "$finalfail2banjailconf"
+  ynh_store_file_checksum "$finalfail2banfilterconf"
+  
+  systemctl restart fail2ban
+  local fail2ban_error="$(journalctl -u fail2ban | tail -n50 | grep "WARNING.*$app.*")"
+  if [ -n "$fail2ban_error" ]
+  then
+    echo "[ERR] Fail2ban failed to load the jail for $app" >&2
+    echo "WARNING${fail2ban_error#*WARNING}" >&2
+  fi
 }

 # Remove the dedicated fail2ban config (jail and filter conf files)
 #
 # usage: ynh_remove_fail2ban_config
 ynh_remove_fail2ban_config () {
-	ynh_secure_remove "/etc/fail2ban/jail.d/$app.conf"
-	ynh_secure_remove "/etc/fail2ban/filter.d/$app.conf"
-	sudo systemctl restart fail2ban
+  ynh_secure_remove "/etc/fail2ban/jail.d/$app.conf"
+  ynh_secure_remove "/etc/fail2ban/filter.d/$app.conf"
+  sudo systemctl restart fail2ban
 }

 #=================================================
@ -525,7 +409,7 @@ ynh_abort_if_up_to_date () {
 #	If you give the name of a YunoHost user, ynh_send_readme_to_admin will find its email adress for you
 #	example: "root admin@domain user1 user2"
 ynh_send_readme_to_admin() {
-	local app_message="${1:-...No specific informations...}"
+	local app_message="${1:-...No specific information...}"
 	local recipients="${2:-root}"

 	# Retrieve the email of users
@ -556,7 +440,7 @@ ynh_send_readme_to_admin() {

 	local mail_message="This is an automated message from your beloved YunoHost server.

-Specific informations for the application $app.
+Specific information for the application $app.

 $app_message

--- a/scripts/_sed
+++ b/scripts/_sed
@ -1,51 +0,0 @@
-#!/bin/bash
-
-# https://github.com/YunoHost/yunohost/pull/394
-
-# Substitute/replace a string (or expression) by another in a file
-#
-# usage: ynh_replace_string match_string replace_string target_file
-# | arg: match_string - String to be searched and replaced in the file
-# | arg: replace_string - String that will replace matches
-# | arg: target_file - File in which the string will be replaced.
-#
-# As this helper is based on sed command, regular expressions and
-# references to sub-expressions can be used
-# (see sed manual page for more information)
-ynh_replace_string () {
-	local delimit=@
-	local match_string=$1
-	local replace_string=$2
-	local workfile=$3
-
-	# Escape the delimiter if it's in the string.
-	match_string=${match_string//${delimit}/"\\${delimit}"}
-	replace_string=${replace_string//${delimit}/"\\${delimit}"}
-
-	sudo sed --in-place "s${delimit}${match_string}${delimit}${replace_string}${delimit}g" "$workfile"
-}
-
-# Substitute/replace a password by another in a file
-#
-# usage: ynh_replace_password_string match_string replace_string target_file
-# | arg: match_string - String to be searched and replaced in the file
-# | arg: replace_string - String that will replace matches
-# | arg: target_file - File in which the string will be replaced.
-#
-# This helper will use ynh_replace_string, but as you can use special
-# characters, you can't use some regular expressions and sub-expressions.
-ynh_replace_password_string () {
-	local match_string=$1
-	local replace_string=$2
-	local workfile=$3
-
-	# Escape any backslash to preserve them as simple backslash.
-	match_string=${match_string//\\/"\\\\"}
-	replace_string=${replace_string//\\/"\\\\"}
-
-	# Escape the & character, who has a special function in sed.
-	match_string=${match_string//&/"\&"}
-	replace_string=${replace_string//&/"\&"}
-
-	ynh_replace_string "$match_string" "$replace_string" "$workfile"
-}
--- a/scripts/backup
+++ b/scripts/backup
@ -66,3 +66,10 @@ ynh_backup "/etc/logrotate.d/$app"
 #=================================================

 ynh_backup "/etc/systemd/system/$app.service"
+
+#=================================================
+# BACKUP FAIL2BAN CONFIGURATION
+#=================================================
+
+ynh_backup "/etc/fail2ban/jail.d/$app.conf"
+ynh_backup "/etc/fail2ban/filter.d/$app.conf"
--- a/scripts/change_url
+++ b/scripts/change_url
@ -8,7 +8,6 @@

 source _common.sh
 source /usr/share/yunohost/helpers
-source _sed

 #=================================================
 # RETRIEVE ARGUMENTS
@ -33,15 +32,6 @@ test -n "$new_path" || new_path="/"
 new_path=$(ynh_normalize_url_path $new_path)
 old_path=$(ynh_normalize_url_path $old_path)

-#=================================================
-# CHECK IF THE PATH CAN BE CHANGED
-#=================================================
-
-if [ "$new_path" != "/" ] && [ $mypads -eq 1 ]
-then
-	ynh_die "Mypads needs to be installed on the root of a domain or a subdomain."
-fi
-
 #=================================================
 # CHECK WHICH PARTS SHOULD BE CHANGED
 #=================================================
--- a/scripts/install
+++ b/scripts/install
@ -10,7 +10,6 @@ source _common.sh
 source /usr/share/yunohost/helpers
 # Load common variables for all scripts.
 source _variables
-source _sed

 #=================================================
 # MANAGE FAILURE OF THE SCRIPT
@ -34,6 +33,7 @@ language=$YNH_APP_ARG_LANGUAGE
 is_public=$YNH_APP_ARG_IS_PUBLIC
 export=$YNH_APP_ARG_EXPORT
 mypads=$YNH_APP_ARG_MYPADS
+useldap=$YNH_APP_ARG_USELDAP

 app=$YNH_APP_INSTANCE_NAME

@ -48,11 +48,6 @@ then
 fi
 ynh_print_ON

-if [ "$path_url" != "/" ] && [ $mypads -eq 1 ]
-then
-	ynh_die "Mypads needs to be installed on the root of a domain or a subdomain."
-fi
-
 final_path=/var/www/$app
 test ! -e "$final_path" || ynh_die "This path already contains a folder"

@ -76,6 +71,7 @@ ynh_print_OFF; ynh_app_setting_set $app password $password; ynh_print_ON
 ynh_app_setting_set $app language $language
 ynh_app_setting_set $app export $export
 ynh_app_setting_set $app mypads $mypads
+ynh_app_setting_set $app useldap $useldap

 #=================================================
 # STANDARD MODIFICATIONS
@ -169,7 +165,7 @@ ynh_replace_string "__PORT__" "$port" "$final_path/settings.json"
 ynh_replace_string "__DB_USER__" "$db_name" "$final_path/credentials.json"
 ynh_replace_string "__DB_PWD__" "$db_pwd" "$final_path/credentials.json"
 ynh_replace_string "__ADMIN__" "$admin" "$final_path/credentials.json"
-ynh_print_OFF; ynh_replace_password_string "__PASSWD__" "$password" "$final_path/credentials.json"; ynh_print_ON
+ynh_print_OFF; ynh_replace_special_string "__PASSWD__" "$password" "$final_path/credentials.json"; ynh_print_ON
 if [ "$export" = "abiword" ]
 then
 	abiword_path=`which abiword`	# Récupère l'emplacement de l'exécutable de abiword
@ -180,10 +176,16 @@ then
 	ynh_replace_string "\"soffice\" : null" "\"soffice\" : \"$soffice_path\"" "$final_path/settings.json"	# Renseigne l'emplacement de abiword dans la config de etherpad
 fi
 ynh_replace_string "__LANGUAGE__" "$language" "$final_path/settings.json"
+
+# Use ldap for mypads
+if [ $mypads -eq 1 ] && [ $useldap -eq 1 ]
+then
+	ynh_replace_string "//noldap" "" "$final_path/settings.json"
+fi
+
 ynh_store_file_checksum "$final_path/settings.json"	# Enregistre la somme de contrôle du fichier de config
 ynh_store_file_checksum "$final_path/credentials.json"	# Enregistre la somme de contrôle du fichier de config

-
 #=================================================
 # SECURING FILES AND DIRECTORIES
 #=================================================
@ -246,9 +248,15 @@ then
 	ynh_replace_string "^ *\"FOOTER\": .*2.0" "& | <a href='../admin'>Etherpad admin</a>" $final_path/node_modules/ep_mypads/static/l10n/fr.json

 	mod_line=$(grep -nA5 "index.createOpenPad" $final_path/src/templates/index.html | grep "</div>" | cut -d '-' -f 1)	# Recherche le /div situé sous le champs d'ouverture de pad.
-	sed -i "$mod_line s@div>@&\n\t<center><br><font size="5"><a href="./mypads">Mypads</a></font></center>@" $final_path/src/templates/index.html	# Pour ajouter un lien vers le plugin mypads depuis la page d'Etherpad.
+	sed -i "$mod_line s@div>@&\n\t<center><br><font size="5"><a href="./mypads/">Mypads</a></font></center>@" $final_path/src/templates/index.html	# Pour ajouter un lien vers le plugin mypads depuis la page d'Etherpad.
 fi

+#=================================================
+# SETUP FAIL2BAN
+#=================================================
+
+ynh_add_fail2ban_config "/var/log/nginx/$domain-access.log" "<HOST> .* \"POST /mypads/api/auth/login HTTP/1.1\" 400" 5
+
 #=================================================
 # SETUP SSOWAT
 #=================================================
--- a/scripts/remove
+++ b/scripts/remove
@ -77,6 +77,12 @@ ynh_remove_nginx_config	# Suppression de la configuration nginx

 ynh_remove_logrotate	# Suppression de la configuration de logrotate

+#=================================================
+# REMOVE FAIL2BAN CONFIGURATION
+#=================================================
+
+ynh_remove_fail2ban_config
+
 #=================================================
 # GENERIC FINALISATION
 #=================================================
--- a/scripts/restore
+++ b/scripts/restore
@ -133,6 +133,14 @@ ynh_restore_file "/etc/systemd/system/$app.service"
 ## Démarrage auto du service
 systemctl enable $app.service

+#=================================================
+# RESTORE FAIL2BAN CONFIGURATION
+#=================================================
+
+ynh_restore_file "/etc/fail2ban/jail.d/$app.conf"
+ynh_restore_file "/etc/fail2ban/filter.d/$app.conf"
+systemctl restart fail2ban
+
 #=================================================
 # RELOAD NGINX
 #=================================================
--- a/scripts/upgrade
+++ b/scripts/upgrade
@ -10,7 +10,6 @@ source _common.sh
 source /usr/share/yunohost/helpers
 # Load common variables for all scripts.
 source _variables
-source _sed

 #=================================================
 # LOAD SETTINGS
@ -28,6 +27,7 @@ port=$(ynh_app_setting_get $app port)
 export=$(ynh_app_setting_get $app export)
 db_name=$(ynh_app_setting_get $app db_name)
 mypads=$(ynh_app_setting_get $app mypads)
+useldap=$(ynh_app_setting_get $app useldap)

 #=================================================
 # CHECK VERSION
@ -78,6 +78,11 @@ if [ -z $mypads ]; then	# Si mypads n'est pas renseigné dans app setting
 	ynh_app_setting_set $app mypads $mypads
 fi

+if [ -z $useldap ]; then	# If useldap doesn't exist yet in settings.yml
+	useldap=0
+	ynh_app_setting_set $app useldap $useldap
+fi
+
 if [ -z $path_url ]; then	# Si path_url n'est pas renseigné dans app setting
 	path_url="/"
 	ynh_app_setting_set $app path $path_url
@ -161,7 +166,7 @@ db_pwd=$(ynh_app_setting_get $app mysqlpwd)
 ynh_print_OFF; password=$(ynh_app_setting_get $app password); ynh_print_ON
 ynh_replace_string "__DB_PWD__" "$db_pwd" "$final_path/credentials.json"
 ynh_replace_string "__ADMIN__" "$admin" "$final_path/credentials.json"
-ynh_print_OFF; ynh_replace_password_string "__PASSWD__" "$password" "$final_path/credentials.json"; ynh_print_ON
+ynh_print_OFF; ynh_replace_special_string "__PASSWD__" "$password" "$final_path/credentials.json"; ynh_print_ON
 if [ "$export" = "abiword" ]
 then
 	abiword_path=`which abiword`	# Récupère l'emplacement de l'exécutable de abiword
@ -176,6 +181,13 @@ if test -z $language; then
 	ynh_app_setting_set $app language $language
 fi
 ynh_replace_string "__LANGUAGE__" "$language" "$final_path/settings.json"
+
+# Use ldap for mypads
+if [ $mypads -eq 1 ] && [ $useldap -eq 1 ]
+then
+	ynh_replace_string "//noldap" "" "$final_path/settings.json"
+fi
+
 ynh_store_file_checksum "$final_path/settings.json"	# Réenregistre la somme de contrôle du fichier de config
 ynh_store_file_checksum "$final_path/credentials.json"	# Réenregistre la somme de contrôle du fichier de config

@ -194,6 +206,12 @@ chown -R $app: $final_path
 chmod 600 "$final_path/credentials.json"	# Restreint l'accès à credentials.json
 chown $app -R /var/log/$app/etherpad.log

+#=================================================
+# UPGRADE FAIL2BAN
+#=================================================
+
+ynh_add_fail2ban_config "/var/log/nginx/$domain-access.log" "<HOST> .* \"POST /mypads/api/auth/login HTTP/1.1\" 400" 5
+
 #=================================================
 # SETUP LOGROTATE
 #=================================================
@ -215,7 +233,7 @@ ynh_add_systemd_config
 if [ $mypads -eq 1 ]
 then
 	mod_line=$(grep -nA5 "index.createOpenPad" $final_path/src/templates/index.html | grep "</div>" | cut -d '-' -f 1)	# Recherche le /div situé sous le champs d'ouverture de pad.
-	sed -i "$mod_line s@div>@&\n\t<center><br><font size="5"><a href="./mypads">Mypads</a></font></center>@" $final_path/src/templates/index.html	# Pour ajouter un lien vers le plugin mypads depuis la page d'Etherpad.
+	sed -i "$mod_line s@div>@&\n\t<center><br><font size="5"><a href="./mypads/">Mypads</a></font></center>@" $final_path/src/templates/index.html	# Pour ajouter un lien vers le plugin mypads depuis la page d'Etherpad.
 fi

 #=================================================