Nouveaux helpers

2024-09-03 18:36:09 +02:00 · 2017-04-22 19:17:59 +02:00 · 2017-04-22 19:17:59 +02:00 · b75f52b86f
commit b75f52b86f
parent abea28447d
9 changed files with 323 additions and 232 deletions
--- a/conf/app.src
+++ b/conf/app.src
@ -1,2 +1,3 @@
-SOURCE_URL>https://github.com/ether/etherpad-lite/archive/1.6.0.tar.gz
+SOURCE_URL=https://github.com/ether/etherpad-lite/archive/1.6.0.tar.gz
 SOURCE_SUM=9ff1ef760e8285a1cd117d9bb576398b
+ARCH_FORMAT=tar.gz
--- a/conf/etherpad.service
+++ b/conf/etherpad.service
@ -6,7 +6,7 @@ After=network.target
 Type=simple
 User=__APP__
 Group=__APP__
-ExecStart=__FINALPATH__bin/safeRun.sh /var/log/__APP__/etherpad.log
+ExecStart=__FINALPATH__/bin/safeRun.sh /var/log/__APP__/etherpad.log

 [Install]
 WantedBy=multi-user.target
--- a/scripts/_common.sh
+++ b/scripts/_common.sh
@ -1,14 +1,229 @@
 #!/bin/bash

+#=================================================
+#=================================================
+# TESTING
+#=================================================
+#=================================================
+
+# Remove a file or a directory securely
+#
+# usage: ynh_secure_remove path_to_remove
+# | arg: path_to_remove - File or directory to remove
+ynh_secure_remove () {
+	path_to_remove=$1
+	forbidden_path=" \
+	/var/www \
+	/home/yunohost.app"
+
+	if [[ "$forbidden_path" =~ "$path_to_remove" \
+		# Match all path or subpath in $forbidden_path
+		|| "$path_to_remove" =~ ^/[[:alnum:]]+$ \
+		# Match all first level path from / (Like /var, /root, etc...)
+		|| "${path_to_remove:${#path_to_remove}-1}" = "/" ]]
+		# Match if the path finish by /. Because it's seems there is an empty variable
+	then
+		echo "Avoid deleting of $path_to_remove." >&2
+	else
+		if [ -e "$path_to_remove" ]
+		then
+			sudo rm -R "$path_to_remove"
+		else
+			echo "$path_to_remove doesn't deleted because it's not exist." >&2
+		fi
+	fi
+}
+
+ynh_setup_source () {
+	src_url=$(cat ../conf/app.src | grep SOURCE_URL | cut -d= -f2-)
+	src_checksum=$(cat ../conf/app.src | grep SOURCE_SUM | cut -d= -f2-)
+	arch_format=$(cat ../conf/app.src | grep ARCH_FORMAT | cut -d= -f2-)
+	local_source="/opt/yunohost-apps-src/$YNH_APP_ID/source.$arch_format"
+
+	if test -e "$local_source"
+	then	# Use the local source file if it is present
+		cp $local_source source.$arch_format
+	else	# If not, download the source
+		wget -nv -O source.$arch_format $src_url
+    fi
+
+	# Check the control sum
+	echo "$src_checksum source.$arch_format" \
+		| md5sum -c --status || ynh_die "Corrupt source"
+
+	# Extract source into the app dir
+	sudo mkdir -p "$final_path"
+	if [ $(echo "$arch_format" | tr '[:upper:]' '[:lower:]') = "zip" ]
+	then # Zip format
+		# Using of a temp directory, because unzip doesn't manage --strip-components
+		temp_dir=$(mktemp -d)
+		unzip -quo source.zip -d "$temp_dir"
+		sudo cp -a $temp_dir/*/. "$final_path"
+		ynh_secure_remove "$temp_dir"
+	elif [ $(echo "$arch_format" | tr '[:upper:]' '[:lower:]') = "tar.gz" ]; then
+		sudo tar -x -f source.tar.gz -C "$final_path" --strip-components 1
+	else
+		ynh_die "Format d'archive non reconnu."
+	fi
+
+	# Apply patches
+	if test -f ../sources/patches/*.patch; then
+		(cd "$DEST" \
+			&& for p in ${PKG_DIR}/patches/*.patch; do \
+				sudo patch -p1 < $p; done) \
+			|| ynh_die "Unable to apply patches"
+	fi
+
+	# Add supplementary files
+	if test -e "../sources/extra_files"; then
+		sudo cp -a ../sources/extra_files/. "$final_path"
+	fi
+}
+
+ynh_backup_abstract () {
+	# A intégrer à ynh_backup directement.
+	ynh_backup "$@"
+	echo "$2" "$1" >> backup_list
+}
+
+ynh_restore_file () {
+	file_and_dest=$(grep "^$1" backup_list)
+	backup_file=${file_and_dest%% *}
+	backup_dest=${file_and_dest#* }
+	if [ -f "$backup_dest" ]; then
+		ynh_die "There is already a file at this path: $backup_dest"
+	fi
+	if test -d "$backup_file"; then
+		sudo cp -a "$backup_file/." "$backup_dest"
+	else
+		sudo cp -a "$backup_file" "$backup_dest"
+	fi
+}
+
+ynh_fpm_config () {
+	finalphpconf="/etc/php5/fpm/pool.d/$app.conf"
+	ynh_compare_checksum_config "$finalphpconf" 1
+	sudo cp ../conf/php-fpm.conf "$finalphpconf"
+	ynh_replace_string "__NAMETOCHANGE__" "$app" "$finalphpconf"
+	ynh_replace_string "__FINALPATH__" "$final_path" "$finalphpconf"
+	ynh_replace_string "__USER__" "$app" "$finalphpconf"
+	sudo chown root: "$finalphpconf"
+	ynh_store_checksum_config "$finalphpconf"
+
+	if [ -e "../conf/php-fpm.ini" ]
+	then
+		finalphpini="/etc/php5/fpm/conf.d/20-$app.ini"
+		ynh_compare_checksum_config "$finalphpini" 1
+		sudo cp ../conf/php-fpm.ini "$finalphpini"
+		sudo chown root: "$finalphpini"
+		ynh_store_checksum_config "$finalphpini"
+	fi
+
+	sudo systemctl reload php5-fpm
+}
+
+ynh_remove_fpm_config () {
+	ynh_secure_remove "/etc/php5/fpm/pool.d/$app.conf"
+	ynh_secure_remove "/etc/php5/fpm/conf.d/20-$app.ini"
+	sudo systemctl reload php5-fpm
+}
+
+ynh_nginx_config () {
+	finalnginxconf="/etc/nginx/conf.d/$domain.d/$app.conf"
+	ynh_compare_checksum_config "$finalnginxconf" 1
+	sudo cp ../conf/nginx.conf "$finalnginxconf"
+
+	# To avoid a break by set -u, use a void substitution ${var:-}. If the variable is not set, it's simply set with an empty variable.
+	# Substitute in a nginx config file only if the variable is not empty
+	if test -n "${path_url:-}"; then
+		ynh_replace_string "__PATH__" "$path_url" "$finalnginxconf"
+	fi
+	if test -n "${domain:-}"; then
+		ynh_replace_string "__DOMAIN__" "$domain" "$finalnginxconf"
+	fi
+	if test -n "${port:-}"; then
+		ynh_replace_string "__PORT__" "$port" "$finalnginxconf"
+	fi
+	if test -n "${app:-}"; then
+		ynh_replace_string "__NAME__" "$app" "$finalnginxconf"
+	fi
+	if test -n "${final_path:-}"; then
+		ynh_replace_string "__FINALPATH__" "$final_path" "$finalnginxconf"
+	fi
+	ynh_store_checksum_config "$finalnginxconf"
+
+	sudo systemctl reload nginx
+}
+
+ynh_remove_nginx_config () {
+	ynh_secure_remove "/etc/nginx/conf.d/$domain.d/$app.conf"
+	sudo systemctl reload nginx
+}
+
+ynh_store_checksum_config () {
+	config_file_checksum=checksum_${1//[\/ ]/_}	# Replace all '/' and ' ' by '_'
+	ynh_app_setting_set $app $config_file_checksum $(sudo md5sum "$1" | cut -d' ' -f1)
+}
+
+ynh_compare_checksum_config () {
+	current_config_file=$1
+	compress_backup=${2:-0}	# If $2 is empty, compress_backup will set at 0
+	config_file_checksum=checksum_${current_config_file//[\/ ]/_}	# Replace all '/' and ' ' by '_'
+	checksum_value=$(ynh_app_setting_get $app $config_file_checksum)
+	if [ -n "$checksum_value" ]
+	then	# Proceed only if a value was stocked into the app config
+		if ! echo "$checksum_value $current_config_file" | sudo md5sum -c --status
+		then	# If the checksum is now different
+			backup_config_file="$current_config_file.backup.$(date '+%d.%m.%y_%Hh%M,%Ss')"
+			if [ $compress_backup -eq 1 ]
+			then
+				sudo tar --create --gzip --file "$backup_config_file.tar.gz" "$current_config_file"	# Backup the current config file and compress
+				backup_config_file="$backup_config_file.tar.gz"
+			else
+				sudo cp -a "$current_config_file" "$backup_config_file"	# Backup the current config file
+			fi
+			echo "Config file $current_config_file has been manually modified since the installation or last upgrade. So it has been duplicated in $backup_config_file" >&2
+			echo "$backup_config_file"	# Return the name of the backup file
+		fi
+	fi
+}
+
+ynh_systemd_config () {
+	finalsystemdconf="/etc/systemd/system/$app.service"
+	ynh_compare_checksum_config "$finalsystemdconf" 1
+	sudo cp ../conf/systemd.service "$finalsystemdconf"
+
+	# To avoid a break by set -u, use a void substitution ${var:-}. If the variable is not set, it's simply set with an empty variable.
+	# Substitute in a nginx config file only if the variable is not empty
+	if test -n "${final_path:-}"; then
+		ynh_replace_string "__FINALPATH__" "$final_path" "$finalsystemdconf"
+	fi
+	if test -n "${app:-}"; then
+		ynh_replace_string "__APP__" "$app" "$finalsystemdconf"
+	fi
+	ynh_store_checksum_config "$finalsystemdconf"
+
+	sudo chown root: "$finalsystemdconf"
+	sudo systemctl enable $app
+	sudo systemctl daemon-reload
+}
+
+ynh_remove_systemd_config () {
+	finalsystemdconf="/etc/systemd/system/$app.service"
+	if [ -e "$finalsystemdconf" ]; then
+		sudo systemctl stop $app
+		sudo systemctl disable $app
+		ynh_secure_remove "$finalsystemdconf"
+	fi
+}
+
+#=================================================
+#=================================================
+
 #=================================================
 # CHECKING
 #=================================================

-CHECK_USER () {	# Vérifie la validité de l'user admin
-# $1 = Variable de l'user admin.
-	ynh_user_exists "$1" || ynh_die "Wrong user"
-}
-
 CHECK_DOMAINPATH () {	# Vérifie la disponibilité du path et du domaine.
 	sudo yunohost app checkurl $domain$path_url -a $app
 }
@ -44,117 +259,6 @@ ALL_QUIET () {	# Redirige la sortie standard et d'erreur dans /dev/null
 	$@ > /dev/null 2>&1
 }

-#=================================================
-# SETUP
-#=================================================
-
-SETUP_SOURCE () {	# Télécharge la source, décompresse et copie dans $final_path
-	src_url=$(cat ../conf/app.src | grep SOURCE_URL | cut -d'>' -f2)
-	src_checksum=$(cat ../conf/app.src | grep SOURCE_SUM | cut -d= -f2)
-	# Download sources from the upstream
-	wget -nv -O source.tar.gz $src_url
-	# Vérifie la somme de contrôle de la source téléchargée.
-	echo "$src_checksum source.tar.gz" | md5sum -c --status || ynh_die "Corrupt source"
-	# Extract source into the app dir
-	sudo mkdir -p $final_path
-	sudo tar -x -f source.tar.gz -C $final_path --strip-components 1
-	# Copie les fichiers additionnels ou modifiés.
-	if test -e "../sources/ajouts"; then
-		sudo cp -a ../sources/ajouts/. "$final_path"
-	fi
-}
-
-SETUP_SOURCE_ZIP () {	# Télécharge la source, décompresse et copie dans $final_path
-	src_url=$(cat ../conf/app.src | grep SOURCE_URL | cut -d'>' -f2)
-	src_checksum=$(cat ../conf/app.src | grep SOURCE_SUM | cut -d= -f2)
-	# Download sources from the upstream
-	wget -nv -O source.zip $src_url
-	# Vérifie la somme de contrôle de la source téléchargée.
-	echo "$src_checksum source.zip" | md5sum -c --status || ynh_die "Corrupt source"
-	# Extract source into the app dir
-	sudo mkdir -p $final_path
-	temp_dir=$(mktemp -d)
-	unzip -quo source.zip -d $temp_dir	# On passe par un dossier temporaire car unzip ne permet pas d'ignorer le dossier parent.
-	sudo cp -a $temp_dir/*/. $final_path
-	rm -r $temp_dir
-	# Copie les fichiers additionnels ou modifiés.
-	if test -e "../sources/ajouts"; then
-		sudo cp -a ../sources/ajouts/. "$final_path"
-	fi
-}
-
-POOL_FPM () {	# Créer le fichier de configuration du pool php-fpm et le configure.
-	sed -i "s@__NAMETOCHANGE__@$app@g" ../conf/php-fpm.conf
-	sed -i "s@__FINALPATH__@$final_path@g" ../conf/php-fpm.conf
-	sed -i "s@__USER__@$app@g" ../conf/php-fpm.conf
-	finalphpconf=/etc/php5/fpm/pool.d/$app.conf
-	sudo cp ../conf/php-fpm.conf $finalphpconf
-	sudo chown root: $finalphpconf
-	finalphpini=/etc/php5/fpm/conf.d/20-$app.ini
-	sudo cp ../conf/php-fpm.ini $finalphpini
-	sudo chown root: $finalphpini
-	sudo systemctl reload php5-fpm
-}
-
-YNH_CURL () {
-	data_post=$1
-	url_access=$2
-	sleep 1
-	curl -kL -H "Host: $domain" --resolve $domain:443:127.0.0.1 --data "$data_post" "https://localhost$path_url$url_access" 2>&1
-}
-
-#=================================================
-# REMOVE
-#=================================================
-
-REMOVE_NGINX_CONF () {	# Suppression de la configuration nginx
-	if [ -e "/etc/nginx/conf.d/$domain.d/$app.conf" ]; then	# Delete nginx config
-		echo "Delete nginx config"
-		sudo rm "/etc/nginx/conf.d/$domain.d/$app.conf"
-		sudo systemctl reload nginx
-	fi
-}
-
-REMOVE_FPM_CONF () {	# Suppression de la configuration du pool php-fpm
-	if [ -e "/etc/php5/fpm/pool.d/$app.conf" ]; then	# Delete fpm config
-		echo "Delete fpm config"
-		sudo rm "/etc/php5/fpm/pool.d/$app.conf"
-	fi
-	if [ -e "/etc/php5/fpm/conf.d/20-$app.ini" ]; then	# Delete php config
-		echo "Delete php config"
-		sudo rm "/etc/php5/fpm/conf.d/20-$app.ini"
-	fi
-	sudo systemctl reload php5-fpm
-}
-
-SECURE_REMOVE () {      # Suppression de dossier avec vérification des variables
-	chaine="$1"	# L'argument doit être donné entre quotes simple '', pour éviter d'interpréter les variables.
-	no_var=0
-	while (echo "$chaine" | grep -q '\$')	# Boucle tant qu'il y a des $ dans la chaine
-	do
-		no_var=1
-		global_var=$(echo "$chaine" | cut -d '$' -f 2)	# Isole la première variable trouvée.
-		only_var=\$$(expr "$global_var" : '\([A-Za-z0-9_]*\)')	# Isole complètement la variable en ajoutant le $ au début et en gardant uniquement le nom de la variable. Se débarrasse surtout du / et d'un éventuel chemin derrière.
-		real_var=$(eval "echo ${only_var}")		# `eval "echo ${var}` permet d'interpréter une variable contenue dans une variable.
-		if test -z "$real_var" || [ "$real_var" = "/" ]; then
-			WARNING echo "Variable $only_var is empty, suppression of $chaine cancelled."
-			return 1
-		fi
-		chaine=$(echo "$chaine" | sed "s@$only_var@$real_var@")	# remplace la variable par sa valeur dans la chaine.
-	done
-	if [ "$no_var" -eq 1 ]
-	then
-		if [ -e "$chaine" ]; then
-			echo "Delete directory $chaine"
-			sudo rm -r "$chaine"
-		fi
-		return 0
-	else
-		WARNING echo "No detected variable."
-		return 1
-	fi
-}
-
 #=================================================
 # BACKUP
 #=================================================
@ -206,30 +310,12 @@ CHECK_SIZE () {	# Vérifie avant chaque backup que l'espace est suffisant
 	fi
 }

-#=================================================
-# CONFIGURATION
-#=================================================
-
-STORE_MD5_CONFIG () {	# Enregistre la somme de contrôle du fichier de config
-# $1 = Nom du fichier de conf pour le stockage dans settings.yml
-# $2 = Nom complet et chemin du fichier de conf.
-	ynh_app_setting_set $app $1_file_md5 $(sudo md5sum "$2" | cut -d' ' -f1)
-}
-
-CHECK_MD5_CONFIG () {	# Créé un backup du fichier de config si il a été modifié.
-# $1 = Nom du fichier de conf pour le stockage dans settings.yml
-# $2 = Nom complet et chemin du fichier de conf.
-	if [ "$(ynh_app_setting_get $app $1_file_md5)" != $(sudo md5sum "$2" | cut -d' ' -f1) ]; then
-		sudo cp -a "$2" "$2.backup.$(date '+%d.%m.%y_%Hh%M,%Ss')"	# Si le fichier de config a été modifié, créer un backup.
-	fi
-}
-
 #=================================================
 # PACKAGE CHECK BYPASSING...
 #=================================================

 IS_PACKAGE_CHECK () {	# Détermine une exécution en conteneur (Non testé)
-	return uname -n | grep -c 'pchecker_lxc'
+	return $(uname -n | grep -c 'pchecker_lxc')
 }

 #=================================================
@ -240,19 +326,6 @@ IS_PACKAGE_CHECK () {	# Détermine une exécution en conteneur (Non testé)
 # Ainsi, les officiels prendront le pas sur ceux-ci le cas échéant
 #=================================================

-# Ignore the yunohost-cli log to prevent errors with conditionals commands
-# usage: ynh_no_log COMMAND
-# Simply duplicate the log, execute the yunohost command and replace the log without the result of this command
-# It's a very badly hack...
-ynh_no_log() {
-  ynh_cli_log=/var/log/yunohost/yunohost-cli.log
-  sudo cp -a ${ynh_cli_log} ${ynh_cli_log}-move
-  eval $@
-  exit_code=$?
-  sudo mv ${ynh_cli_log}-move ${ynh_cli_log}
-  return $?
-}
-
 # Normalize the url path syntax
 # Handle the slash at the beginning of path and its absence at ending
 # Return a normalized url path
@ -261,6 +334,7 @@ ynh_no_log() {
 #          ynh_normalize_url_path example -> /example
 #          ynh_normalize_url_path /example -> /example
 #          ynh_normalize_url_path /example/ -> /example
+#          ynh_normalize_url_path / -> /
 #
 # usage: ynh_normalize_url_path path_to_normalize
 # | arg: url_path_to_normalize - URL path to normalize before using it
@ -333,7 +407,7 @@ ynh_make_valid_dbid () {
 # }
 # This function is optionnal.
 #
-# Usage: ynh_exit_properly is used only by the helper ynh_check_error.
+# Usage: ynh_exit_properly is used only by the helper ynh_abort_if_errors.
 # You must not use it directly.
 ynh_exit_properly () {
 	exit_code=$?
@ -364,7 +438,8 @@ ynh_abort_if_errors () {
 	trap ynh_exit_properly EXIT	# Capturing exit signals on shell script
 }

-# Install dependencies with a equivs control file
+# Define and install dependencies with a equivs control file
+# This helper can/should only be called once per app
 #
 # usage: ynh_install_app_dependencies dep [dep [...]]
 # | arg: dep - the package name to install in dependence
@ -380,7 +455,7 @@ ynh_install_app_dependencies () {
    if ynh_package_is_installed "${dep_app}-ynh-deps"; then
 		echo "A package named ${dep_app}-ynh-deps is already installed" >&2
    else
-		cat > ./${dep_app}-ynh-deps.control << EOF	# Make a control file for equivs-build
+        cat > ./${dep_app}-ynh-deps.control << EOF	# Make a control file for equivs-build
 Section: misc
 Priority: optional
 Package: ${dep_app}-ynh-deps
@ -390,10 +465,10 @@ Architecture: all
 Description: Fake package for ${app} (YunoHost app) dependencies
 This meta-package is only responsible of installing its dependencies.
 EOF
-		ynh_package_install_from_equivs ./${dep_app}-ynh-deps.control \
-			|| ynh_die "Unable to install dependencies"	# Install the fake package and its dependencies
-		ynh_app_setting_set $app apt_dependencies $dependencies
-	fi
+        ynh_package_install_from_equivs ./${dep_app}-ynh-deps.control \
+            || ynh_die "Unable to install dependencies"	# Install the fake package and its dependencies
+        ynh_app_setting_set $app apt_dependencies $dependencies
+    fi
 }

 # Remove fake package and its dependencies
@ -506,3 +581,46 @@ ynh_system_user_delete () {
 		echo "The user $1 was not found" >&2
    fi
 }
+
+# Curl abstraction to help with POST requests to local pages (such as installation forms)
+#
+# $domain and $path_url should be defined externally (and correspond to the domain.tld and the /path (of the app?))
+#
+# example: ynh_local_curl "/install.php?installButton" "foo=$var1" "bar=$var2"
+# 
+# usage: ynh_local_curl "page_uri" "key1=value1" "key2=value2" ...
+# | arg: page_uri    - Path (relative to $path_url) of the page where POST data will be sent
+# | arg: key1=value1 - (Optionnal) POST key and corresponding value
+# | arg: key2=value2 - (Optionnal) Another POST key and corresponding value
+# | arg: ...         - (Optionnal) More POST keys and values
+ynh_local_curl () {
+	# Define url of page to curl
+	full_page_url=https://localhost$path_url$1
+
+	# Concatenate all other arguments with '&' to prepare POST data
+	POST_data=""
+	for arg in "${@:2}"
+	do
+		POST_data="${POST_data}${arg}&"
+	done
+	# (Remove the last character, which is an unecessary '&')
+	POST_data=${POST_data::-1}
+
+	# Curl the URL
+	curl -kL -H "Host: $domain" --resolve $domain:443:127.0.0.1 --data "$POST_data" "$full_page_url" 2>&1
+}
+
+# Substitute/replace a string by another in a file
+#
+# usage: ynh_replace_string match_string replace_string target_file
+# | arg: match_string - String to be searched and replaced in the file
+# | arg: replace_string - String that will replace matches
+# | arg: target_file - File in which the string will be replaced.
+ynh_replace_string () {
+	delimit=@
+	match_string=${1//${delimit}/"\\${delimit}"}	# Escape the delimiter if it's in the string.
+	replace_string=${2//${delimit}/"\\${delimit}"}
+	workfile=$3
+
+	sudo sed --in-place "s${delimit}${match_string}${delimit}${replace_string}${delimit}g" "$workfile"
+}
--- a/scripts/backup
+++ b/scripts/backup
@ -38,13 +38,13 @@ db_name=$(ynh_app_setting_get $app db_name)
 #=================================================

 CHECK_SIZE "$final_path"
-ynh_backup "$final_path" "sources"
+ynh_backup_abstract "$final_path" "sources"

 #=================================================
 # BACKUP OF THE NGINX CONFIGURATION
 #=================================================

-ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf" "nginx.conf"
+ynh_backup_abstract "/etc/nginx/conf.d/$domain.d/$app.conf" "nginx.conf"

 #=================================================
 # BACKUP OF THE SQL BDD
@ -52,7 +52,7 @@ ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf" "nginx.conf"

 ynh_mysql_dump_db "$db_name" > dump.sql
 CHECK_SIZE "dump.sql"
-ynh_backup "dump.sql" "db.sql"
+ynh_backup_abstract "dump.sql" "db.sql"

 #=================================================
 # SPECIFIC BACKUP
@ -60,10 +60,10 @@ ynh_backup "dump.sql" "db.sql"
 # BACKUP LOGROTATE
 #=================================================

-ynh_backup "/etc/logrotate.d/$app" "logrotate"
+ynh_backup_abstract "/etc/logrotate.d/$app" "logrotate"

 #=================================================
 # BACKUP SYSTEMD
 #=================================================

-ynh_backup "/etc/systemd/system/$app.service" "systemd"
+ynh_backup_abstract "/etc/systemd/system/$app.service" "systemd"
--- a/scripts/install
+++ b/scripts/install
@ -18,7 +18,7 @@ ynh_clean_setup () {
 	if test -n "$PID_TAIL"
 	then
 		SUPPRESS_WARNING kill -s 15 $PID_TAIL	# Arrête l'exécution de tail.
-		sudo rm -f "$tempfile"
+		ynh_secure_remove "$tempfile"
 	fi
 	echo ""
 }
@ -42,8 +42,6 @@ app=$YNH_APP_INSTANCE_NAME
 # CHECK IF THE APP CAN BE INSTALLED WITH THIS ARGS
 #=================================================

-CHECK_USER "$admin"	# Vérifie la validité de l'user admin
-
 if [ "${#password}" -lt 8 ] || [ "${#password}" -gt 30 ]
 then
 	ynh_die "The password must be between 8 and 30 characters."
@ -104,16 +102,13 @@ ynh_mysql_generate_db $db_name $db_name
 #=================================================

 ynh_app_setting_set $app final_path $final_path
-SETUP_SOURCE	# Télécharge la source, décompresse et copie dans $final_path
+ynh_setup_source	# Télécharge la source, décompresse et copie dans $final_path

 #=================================================
 # NGINX CONFIGURATION
 #=================================================

-# Et copie le fichier de config nginx
-sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf
-# Modifie les variables dans le fichier de configuration nginx
-sudo sed -i "s@__PORT__@$port@g" /etc/nginx/conf.d/$domain.d/$app.conf
+ynh_nginx_config

 #=================================================
 # CREATE DEDICATED USER
@ -152,19 +147,19 @@ sudo npm install forever -g >> $install_log 2>&1

 sudo cp ../conf/settings.json "$final_path/settings.json"
 sudo cp ../conf/credentials.json "$final_path/credentials.json"
-sudo sed -i "s/__PORT__/$port/g" "$final_path/settings.json"
-sudo sed -i "s/__DB_USER__/$db_name/g" "$final_path/credentials.json"
-sudo sed -i "s/__DB_PWD__/$db_pwd/g" "$final_path/credentials.json"
-sudo sed -i "s/__ADMIN__/$admin/g" "$final_path/credentials.json"
-sudo sed -i "s/__PASSWD__/$password/g" "$final_path/credentials.json"
+ynh_replace_string "__PORT__" "$port" "$final_path/settings.json"
+ynh_replace_string "__DB_USER__" "$db_name" "$final_path/credentials.json"
+ynh_replace_string "__DB_PWD__" "$db_pwd" "$final_path/credentials.json"
+ynh_replace_string "__ADMIN__" "$admin" "$final_path/credentials.json"
+ynh_replace_string "__PASSWD__" "$password" "$final_path/credentials.json"
 if [ "$abiword" -eq 1 ]
 then
 	abiword_path=`which abiword`	# Récupère l'emplacement de l'exécutable de abiword
-	sudo sed -i "s@\"abiword\" : null@\"abiword\" : \"$abiword_path\"@" "$final_path/settings.json"	# Renseigne l'emplacement de abiword dans la config de etherpad
+	ynh_replace_string "\"abiword\" : null" "\"abiword\" : \"$abiword_path\"" "$final_path/settings.json"	# Renseigne l'emplacement de abiword dans la config de etherpad
 fi
-sudo sed -i "s/__LANGUAGE__/$language/g" "$final_path/settings.json"
-STORE_MD5_CONFIG "settings.json" "$final_path/settings.json"	# Enregistre la somme de contrôle du fichier de config
-STORE_MD5_CONFIG "credentials.json" "$final_path/credentials.json"	# Enregistre la somme de contrôle du fichier de config
+ynh_replace_string "__LANGUAGE__" "$language" "$final_path/settings.json"
+ynh_store_checksum_config "$final_path/settings.json"	# Enregistre la somme de contrôle du fichier de config
+ynh_store_checksum_config "$final_path/credentials.json"	# Enregistre la somme de contrôle du fichier de config


 #=================================================
@ -179,12 +174,7 @@ sudo chmod 600 $final_path/credentials.json	# Restreint l'accès à credentials.
 # SETUP SYSTEMD
 #=================================================

-sudo cp ../conf/etherpad.service /etc/systemd/system/$app.service
-sudo chown root: /etc/systemd/system/$app.service
-sudo sed -i "s@__FINALPATH__@$final_path/@g" /etc/systemd/system/$app.service
-sudo sed -i "s@__APP__@$app@g" /etc/systemd/system/$app.service
-## Démarrage auto du service
-sudo systemctl enable $app
+ynh_systemd_config

 #=================================================
 # ENABLE SERVICE IN ADMIN PANEL
@ -222,10 +212,11 @@ sudo chown -R $app: $final_path/node_modules
 #=================================================

 # Ajoute un lien vers etherpad pour créer des pads anonymes depuis Mypads.
-sudo sed -i "s@^ *\"DESCRIPTION\": .*</ul>@&<a href=../>Pads anonymes</a>@g" $final_path/node_modules/ep_mypads/static/l10n/fr.json
-sudo sed -i "s@^ *\"DESCRIPTION\": .*</ul>@&<a href=../>Anonymous pads</a>@g" $final_path/node_modules/ep_mypads/static/l10n/en.json
+ynh_replace_string "^ *\"DESCRIPTION\": .*</ul>" "&<a href=../>Pads anonymes</a>" $final_path/node_modules/ep_mypads/static/l10n/fr.json
+ynh_replace_string "^ *\"DESCRIPTION\": .*</ul>" "&<a href=../>Anonymous pads</a>" $final_path/node_modules/ep_mypads/static/l10n/en.json
 # Et un lien vers l'admin etherpad depuis Mypads.
-sudo sed -i "s@^ *\"FOOTER\": .*2.0@& | <a href='../admin'>Etherpad admin</a>@g" $final_path/node_modules/ep_mypads/static/l10n/en.json $final_path/node_modules/ep_mypads/static/l10n/fr.json
+ynh_replace_string "^ *\"FOOTER\": .*2.0" "& | <a href='../admin'>Etherpad admin</a>" $final_path/node_modules/ep_mypads/static/l10n/en.json
+ynh_replace_string "^ *\"FOOTER\": .*2.0" "& | <a href='../admin'>Etherpad admin</a>" $final_path/node_modules/ep_mypads/static/l10n/fr.json

 mod_line=$(grep -nA5 "index.createOpenPad" $final_path/src/templates/index.html | grep "</div>" | cut -d '-' -f 1)	# Recherche le /div situé sous le champs d'ouverture de pad.
 sudo sed -i "$mod_line s@div>@&\n\t<center><br><font size="5"><a href="./mypads">Mypads</a></font></center>@" $final_path/src/templates/index.html	# Pour ajouter un lien vers le plugin mypads depuis la page d'Etherpad.
@ -266,7 +257,7 @@ do	# La boucle attend le démarrage d'etherpad. Ou 2 minutes. Cette boucle évit
 	if grep -q "You can access your Etherpad instance at" "$tempfile" && [ "$lang_OK" -eq 0 ] ; then
 		# Si le log annonce une première fois le démarrage d'etherpad, applique la langue de mypads et redémarre le service.
 		WARNING echo "Le service $app a démarré correctement."
-		sudo sed -i "s/__LANGUAGE__/$language/g" "$script_dir/../conf/lang_mypads.sql"
+		ynh_replace_string "__LANGUAGE__" "$language" "$script_dir/../conf/lang_mypads.sql"
 		mysql -u $db_name -p$db_pwd $db_name < "$script_dir/../conf/lang_mypads.sql"
 		echo ""
 		sudo systemctl restart $app
@ -282,4 +273,4 @@ do	# La boucle attend le démarrage d'etherpad. Ou 2 minutes. Cette boucle évit
 	sleep 1
 done
 SUPPRESS_WARNING kill -s 15 $PID_TAIL	# Arrête l'exécution de tail.
-sudo rm "$tempfile"
+ynh_secure_remove "$tempfile"
--- a/scripts/remove
+++ b/scripts/remove
@ -25,12 +25,7 @@ db_name=$(ynh_app_setting_get $app db_name)
 # STOP AND REMOVE SERVICE
 #=================================================

-if [ -e "/etc/systemd/system/$app.service" ]; then
-	echo "Delete systemd script"
-	sudo systemctl stop $app
-	sudo systemctl disable $app.service
-	sudo rm "/etc/systemd/system/$app.service"
-fi
+ynh_remove_systemd_config

 #=================================================
 # DISABLE SERVICE IN ADMIN PANEL
@ -58,13 +53,13 @@ ynh_mysql_remove_db $db_name $db_name	# Suppression de la base de donnée et de
 # REMOVE THE MAIN DIR OF THE APP
 #=================================================

-SECURE_REMOVE '/var/www/$app'	# Suppression du dossier de l'application
+ynh_secure_remove "/var/www/$app"	# Suppression du dossier de l'application

 #=================================================
 # REMOVE THE NGINX CONFIGURATION
 #=================================================

-REMOVE_NGINX_CONF	# Suppression de la configuration nginx
+ynh_remove_nginx_config	# Suppression de la configuration nginx

 #=================================================
 # REMOVE THE LOGROTATE CONFIG
--- a/scripts/restore
+++ b/scripts/restore
@ -48,17 +48,13 @@ test ! -d $final_path \
 # RESTORE OF THE NGINX CONFIGURATION
 #=================================================

-conf=/etc/nginx/conf.d/$domain.d/$app.conf
-if [ -f $conf ]; then
-	ynh_die "There is already a nginx conf file at this path: $conf "
-fi
-sudo cp -a ./nginx.conf $conf
+ynh_restore_file nginx.conf

 #=================================================
 # RESTORE OF THE MAIN DIR OF THE APP
 #=================================================

-sudo cp -a ./sources/. $final_path
+ynh_restore_file sources

 #=================================================
 # RESTORE OF THE SQL BDD
@ -88,7 +84,7 @@ sudo chown $app -R /var/log/$app
 sudo chown admin -R $install_log

 # Restaure la configuration de logrotate
-sudo cp -a ./logrotate /etc/logrotate.d/$app
+ynh_restore_file logrotate

 #=================================================
 # INSTALL DEPENDENCIES
@ -117,7 +113,7 @@ sudo yunohost service add $app --log "/var/log/$app/etherpad.log"
 # RESTORE SYSTEMD
 #=================================================

-sudo cp -a ./systemd /etc/systemd/system/$app.service
+ynh_restore_file systemd
 ## Démarrage auto du service
 sudo systemctl enable $app.service

@ -153,4 +149,4 @@ do	# La boucle attend le démarrage d'etherpad. Ou 1 minute. Cette boucle évite
 done
 echo ""
 kill -s 15 $PID_TAIL > /dev/null	# Arrête l'exécution de tail.
-sudo rm "$tempfile"
+ynh_secure_remove "$tempfile"
--- a/scripts/upgrade
+++ b/scripts/upgrade
@ -57,16 +57,13 @@ ynh_abort_if_errors	# Active trap pour arrêter le script si une erreur est dét
 # DOWNLOAD, CHECK AND UNPACK SOURCE
 #=================================================

-SETUP_SOURCE	# Télécharge la source, décompresse et copie dans $final_path
+ynh_setup_source	# Télécharge la source, décompresse et copie dans $final_path

 #=================================================
 # NGINX CONFIGURATION
 #=================================================

-# Copie le fichier de config nginx
-sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf
-# Modifie les variables dans le fichier de configuration nginx
-sudo sed -i "s@__PORT__@$port@g" /etc/nginx/conf.d/$domain.d/$app.conf
+ynh_nginx_config

 #=================================================
 # SPECIFIC UPGRADE
@ -75,29 +72,29 @@ sudo sed -i "s@__PORT__@$port@g" /etc/nginx/conf.d/$domain.d/$app.conf
 #=================================================

 # Copie ou modification d'un fichier de config
-CHECK_MD5_CONFIG "settings.json" "$final_path/settings.json"	# Créé un backup du fichier de config si il a été modifié.
-CHECK_MD5_CONFIG "credentials.json" "$final_path/credentials.json"	# Créé un backup du fichier de config si il a été modifié.
+ynh_compare_checksum_config "$final_path/settings.json"	# Créé un backup du fichier de config si il a été modifié.
+ynh_compare_checksum_config "$final_path/credentials.json"	# Créé un backup du fichier de config si il a été modifié.
 sudo cp ../conf/settings.json "$final_path/settings.json"
 sudo cp ../conf/credentials.json "$final_path/credentials.json"
-sudo sed -i "s/__PORT__/$port/g" "$final_path/settings.json"
-sudo sed -i "s/__DB_USER__/$app/g" "$final_path/credentials.json"
+ynh_replace_string "__PORT__" "$port" "$final_path/settings.json"
+ynh_replace_string "__DB_USER__" "$app" "$final_path/credentials.json"
 db_pwd=$(ynh_app_setting_get $app mysqlpwd)
 password=$(ynh_app_setting_get $app password)
-sudo sed -i "s/__DB_PWD__/$db_pwd/g" "$final_path/credentials.json"
-sudo sed -i "s/__ADMIN__/$admin/g" "$final_path/credentials.json"
-sudo sed -i "s/__PASSWD__/$password/g" "$final_path/credentials.json"
+ynh_replace_string "__DB_PWD__" "$db_pwd" "$final_path/credentials.json"
+ynh_replace_string "__ADMIN__" "$admin" "$final_path/credentials.json"
+ynh_replace_string "__PASSWD__" "$password" "$final_path/credentials.json"
 if [ "$abiword" -eq 1 ]
 then
 	abiword_path=`which abiword`	# Récupère l'emplacement de l'exécutable de abiword
-	sudo sed -i "s@\"abiword\" : null@\"abiword\" : \"$abiword_path\"@" "$final_path/settings.json"	# Renseigne l'emplacement de abiword dans la config de etherpad
+	ynh_replace_string "\"abiword\" : null" "\"abiword\" : \"$abiword_path\"" "$final_path/settings.json"	# Renseigne l'emplacement de abiword dans la config de etherpad
 fi
 if test -z $language; then
 	language=en # En cas d'upgrade d'une version ne gérant pas la langue, la langue est anglais par défaut
 	ynh_app_setting_set $app language $language
 fi
-sudo sed -i "s/__LANGUAGE__/$language/g" "$final_path/settings.json"
-STORE_MD5_CONFIG "settings.json" "$final_path/settings.json"	# Réenregistre la somme de contrôle du fichier de config
-STORE_MD5_CONFIG "credentials.json" "$final_path/credentials.json"	# Réenregistre la somme de contrôle du fichier de config
+ynh_replace_string "__LANGUAGE__" "$language" "$final_path/settings.json"
+ynh_store_checksum_config "$final_path/settings.json"	# Réenregistre la somme de contrôle du fichier de config
+ynh_store_checksum_config "$final_path/credentials.json"	# Réenregistre la somme de contrôle du fichier de config

 #=================================================
 # CREATE DEDICATED USER
@ -124,14 +121,7 @@ ynh_use_logrotate
 # SETUP SYSTEMD
 #=================================================

-# Mise en place du script systemd
-sudo systemctl stop $app
-sudo cp ../conf/etherpad.service /etc/systemd/system/$app.service
-sudo chown root: /etc/systemd/system/$app.service
-sudo sed -i "s@__FINALPATH__@$final_path/@g" /etc/systemd/system/$app.service
-sudo sed -i "s@__APP__@$app@g" /etc/systemd/system/$app.service
-## Démarrage auto du service
-sudo systemctl enable $app
+ynh_systemd_config

 #=================================================
 # SOME HACKS
@ -183,4 +173,4 @@ do	# La boucle attend le démarrage d'etherpad. Ou 1 minute. Cette boucle évite
 done
 echo ""
 QUIET kill -s 15 $PID_TAIL	# Arrête l'exécution de tail.
-sudo rm "$tempfile"
+ynh_secure_remove "$tempfile"
--- a/sources/extra_files/.gitignore
+++ b/sources/extra_files/.gitignore