From 228e03dad1ee799a7f84d0d75a5ce76ce15c3e37 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C3=89ric=20Gaspar?=
 <46165813+ericgaspar@users.noreply.github.com>
Date: Mon, 27 Feb 2023 15:42:08 +0100
Subject: [PATCH] Galene v2 (#104)

* v2

* Fix

* Auto-update README

* Fix

* fix

* Fix

* Fix

* Auto-update README

* Fix

* Auto-update README

* Fix

* Auto-update README

* Update tests.toml

* Fix

* Update manifest.toml

* Update manifest.toml

* Update tests.toml

* Update tests.toml

* Update tests.toml

* Update tests.toml

* Update tests.toml

* Update restore

* Update install

* Update upgrade

* Update manifest.toml

* Update ynh_install_go

* Update change_url

* Auto-update README

* Update change_url

* fix

* Update change_url

* Update change_url

* Update manifest.toml

* fix

* Update systemd.service

* Update systemd.service

* Update systemd.service

* Update systemd.service

* Update systemd.service

* Update upgrade

* Update upgrade

* Update install

* Update upgrade

* Update manifest.toml

---------

Co-authored-by: yunohost-bot <yunohost@yunohost.org>
---
 README.md                             |  53 ---------
 README_fr.md                          |  52 ---------
 check_process                         |  30 -----
 conf/galene-ldap.json                 |   2 +-
 conf/ldap.service                     |   4 +-
 conf/nginx.conf                       |   2 +-
 conf/systemd.service                  |  51 +++++----
 doc/{DISCLAIMER.md => ADMIN.md}       |   1 -
 doc/{DISCLAIMER_fr.md => ADMIN_fr.md} |   0
 manifest.json                         |  83 --------------
 manifest.toml                         |  81 +++++++++++++
 scripts/_common.sh                    |   3 -
 scripts/backup                        |  25 +---
 scripts/change_url                    | 106 +++--------------
 scripts/install                       | 159 ++++++--------------------
 scripts/remove                        |  57 +--------
 scripts/restore                       |  72 ++----------
 scripts/upgrade                       | 157 +++++++------------------
 scripts/ynh_install_go                |   6 +-
 tests.toml                            |  23 ++++
 20 files changed, 243 insertions(+), 724 deletions(-)
 delete mode 100644 check_process
 rename doc/{DISCLAIMER.md => ADMIN.md} (99%)
 rename doc/{DISCLAIMER_fr.md => ADMIN_fr.md} (100%)
 delete mode 100644 manifest.json
 create mode 100644 manifest.toml
 create mode 100644 tests.toml

diff --git a/README.md b/README.md
index 4490ad8..58a5889 100644
--- a/README.md
+++ b/README.md
@@ -39,59 +39,6 @@ Galène is a videoconference server (an “SFU”) that is easy to deploy and th
 
 ![Screenshot of Galène](./doc/screenshots/screenshot.png)
 
-## Disclaimers / important information
-
-### Accessing groups
-
-*Galène* meeting rooms are called "groups". Any group is accessible at `https://domain.tld/group/GroupName`, by typing its name in the home page search field, or by selecting it in the public list (if the group is configured as publicly visible, see below).
-During install a group is created with YunoHost LDAP authentication, accessible at `https://domain.tld/group/YunoHost_Users`.
-
-#### Creating and configuring groups
-
-Groups are defined by JSON files located in the folder `/home/yunohost.app/galene/groups`. Each group is represented by a `GroupName.json` file.
-To create a new group, you need to create a `GroupNameExample.json` file and restart Galène service (you can also make subfolder groups, and the groups will be accessible with `https://domain.tld/group/subfolder/GroupName/`). Various configuration options are available (see https://github.com/YunoHost-Apps/galene_ynh/wiki/Configuration-file).
-
-*NB: Spaces are supported in group file names.*
-
-When Galène is removed, the data directory (`/home/yunohost.app/galene/`) is preserved. If you want to remove it along with Galène, use the `--purge` option: `sudo yunohost app remove galene --purge`.
-
-### Configuring your TURN server
-
-#### Using *Galène*'s internal TURN server
-Galène comes with a built-in TURN server that should work out-of-the-box.
-- If your server is behind NAT, allow incoming traffic to TCP/UDP port `1194` (or whatever is configured with the `-turn` option in `/etc/systemd/system/galene.service`)
-
-#### Using your own TURN server
-- Install [coturn_ynh](https://github.com/YunoHost-Apps/coturn_ynh).
-- Add `/opt/yunohost/galene/data/ice-servers.json` with these lines and change `turn.example.org` and `secret`
-
-```
-    [
-        {
-            "urls": [
-                "turn:turn.example.org:5349",
-                "turn:turn.example.org:5349?transport=tcp"
-            ],
-            "username": "galene",
-            "credential": "secret"
-        }
-    ]
-```
-- set `/etc/systemd/system/galene.service` `-turn` option to `-turn auto` (or `-turn ""` to disable the built-in TURN server).
-
-To check if the TURN server is up and running, type `/relay-test` in the chat box. If the TURN server is properly configured, you should see a message saying that the relay test has been successful.
-
-You can also install Galène with an external TURN server with this branch: https://github.com/YunoHost-Apps/galene_ynh/tree/galene+turn 
-
-### Server Statistics page
-
-Statistics are available under `/opt/yunohost/galene/stats.json`, with a human-readable version at `domain.ltd/stats.html`. This is only available to the server administrator (the admin/password is set in the `config.json` file: `/opt/yunohost/galene/data/config.json`).
-
-### How do I record my lecture?
-
-Make sure allow-recording is set in your group configuration. Log-in as an operator, then say `/record` before you start your lecture. Don't forget to say `/unrecord` at the end. You will find your recordings under `https://server.example.com/recordings/groupname/`. The video recordings are stored in `/home/yunohost.app/galene/recordings` folder.
-
-
 ## Documentation and resources
 
 * Official app website: <https://galene.org/>
diff --git a/README_fr.md b/README_fr.md
index 2a0f4b7..fe00a32 100644
--- a/README_fr.md
+++ b/README_fr.md
@@ -37,58 +37,6 @@ Galène est un serveur de visioconférence (un « SFU ») facile à déployer et
 
 ![Capture d’écran de Galène](./doc/screenshots/screenshot.png)
 
-## Avertissements / informations importantes
-
-### Accéder à des groupes
-
-Les salles de réunion *Galène* sont appelées « groupes ». Tout groupe est accessible sur `https://domain.tld/group/GroupName`, en tapant son nom dans le champ de recherche de la page d'accueil, ou en le sélectionnant dans la liste publique (si le groupe est configuré comme visible publiquement, voir ci-dessous).
-Pendant l'installation, un groupe est créé avec l'authentification LDAP de YunoHost, accessible à `https://domain.tld/group/YunoHost_Users`.
-
-#### Ajouter et configurer des groupes
-
-Les groupes sont définis par des fichiers JSON situés dans le dossier `/home/yunohost.app/galene/groups`. Chaque groupe est représenté par un fichier `GroupName.json`.
-Pour créer un nouveau groupe, vous devez créer un fichier `GroupNameExample.json` et redémarrer le service Galène (vous pouvez également créer un sous-dossier, et les groupes seront accessibles avec` https://domain.tld/group/subfolder/GroupName/`). Différentes options de configurations sont disponibles (voir https://github.com/YunoHost-Apps/galene_ynh/wiki/Configuration-file).
-
-*NB : Les espaces sont pris en charge dans les noms de fichiers de groupe.* 
-
-Lorsque Galène est supprimé, le répertoire de données (`/home/yunohost.app/galene/`) est conservé. Si vous souhaitez le supprimer avec Galène, utilisez l'option `--purge` : `sudo yunohost app remove galene --purge`. 
-
-### Configurer votre serveur TURN
-
-#### Utilisation du serveur TURN de *Galène*
-Galène est livré avec un serveur TURN intégré qui devrait fonctionner immédiatement.
-- Si votre serveur est derrière NAT, autorisez le trafic entrant vers le port TCP/UDP `1194` (ou tout ce qui est configuré avec l'option `-turn` dans `/etc/systemd/system/galene.service`)
-
-#### Utilisation de votre propre serveur TURN
-- Installez [coturn_ynh](https://github.com/YunoHost-Apps/coturn_ynh).
-- Ajoutez `/var/www/galene/data/ice-servers.json` avec ces lignes et changez `turn.example.org` et `secret`
-
-```
-    [
-        {
-            "urls": [
-                "turn:turn.example.org:5349",
-                "turn:turn.example.org:5349?transport=tcp"
-            ],
-            "username": "galene",
-            "credential": "secret"
-        }
-    ]
-``` 
-- Dans `/etc/systemd/system/galene.service` changer l'option `-turn auto` (ou `-turn ""` pour désactiver le serveur TURN intégré). 
-
-Pour vérifier si le serveur TURN est opérationnel, tapez `/relay-test` dans la boîte de dialogue du chat de *Galène* ; si le serveur TURN est correctement configuré, vous devriez voir un message indiquant que le test du relai a réussi.
-
-Vous pouvez également installer *Galène* avec un serveur TURN externe avec cette branch : https://github.com/YunoHost-Apps/galene_ynh/tree/galene+turn
-
-### Statistiques du serveur
-
-Les statistiques sont disponibles sous `/opt/yunohost/galene/stats.json`, avec une version lisible sur `domain.ltd/stats.html`. Cette page n'est disponible que pour l'administrateur du serveur (le mot de passe et l'administrateur sont définis dans le fichier `config.json` : `/opt/yunohost/galene/data/config.json`).
-
-### Comment enregistrer ma conférence ?
-
-Assurez-vous que l'autorisation d'enregistrement est définie dans la configuration de votre groupe. Connectez-vous en tant qu'opérateur, puis dites `/record` dans la fenêtre de chat avant de commencer la visio. N'oubliez pas de dire `/unrecord` à la fin. Vous trouverez vos enregistrements sous `https://server.example.com/recordings/groupname/`. Les enregistrements vidéo sont stockés dans le dossier `/home/yunohost.app/galene/recordings`. 
-
 ## Documentations et ressources
 
 * Site officiel de l’app : <https://galene.org/>
diff --git a/check_process b/check_process
deleted file mode 100644
index a7e831f..0000000
--- a/check_process
+++ /dev/null
@@ -1,30 +0,0 @@
-;; Test complet
-	; Manifest
-		domain="domain.tld"
-		path="/path"
-		is_public=1
-		admin="john"
-		password="password"
-		group_name="public with space"
-		group_description="My public space"
-	; Checks
-		pkg_linter=1
-		setup_sub_dir=0
-		setup_root=1
-		setup_nourl=0
-		setup_private=1
-		setup_public=1
-		upgrade=1
-		# 0.6.1~ynh2
-		upgrade=1	from_commit=ed1506fa3eb56358fecb06d832c9684acbf682d9
-		backup_restore=1
-		multi_instance=0
-		port_already_use=0
-		change_url=1
-;;; Options
-Email=
-Notification=none
-;;; Upgrade options
-	; commit=ed1506fa3eb56358fecb06d832c9684acbf682d9
-		name=0.6.1~ynh2
-		manifest_arg=domain=DOMAIN&path=PATH&admin=USER&language=fr&is_public=1&password=pass&port=666&
diff --git a/conf/galene-ldap.json b/conf/galene-ldap.json
index 1480001..c271256 100644
--- a/conf/galene-ldap.json
+++ b/conf/galene-ldap.json
@@ -1,5 +1,5 @@
 {
-	"httpAddress": "127.0.0.1:__LDAP_PORT__",
+	"httpAddress": "127.0.0.1:__PORT_LDAP__",
 	"ldapServer": "ldap://localhost:389",
 	"ldapBase": "ou=users,dc=yunohost,dc=org",
 	"key": __KEY__,
diff --git a/conf/ldap.service b/conf/ldap.service
index 6efb10d..29ca25f 100644
--- a/conf/ldap.service
+++ b/conf/ldap.service
@@ -7,8 +7,8 @@ After=network.target
 Type=simple
 User=__APP__
 Group=__APP__
-WorkingDirectory=__FINALPATH__/live_ldap/
-ExecStart=__FINALPATH__/live_ldap/galene-ldap -data __FINALPATH__/live_ldap/data/
+WorkingDirectory=__INSTALL_DIR__/live_ldap/
+ExecStart=__INSTALL_DIR__/live_ldap/galene-ldap -data __INSTALL_DIR__/live_ldap/data/
 LimitNOFILE=65536
 
 [Install]
diff --git a/conf/nginx.conf b/conf/nginx.conf
index a37e798..087602d 100755
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@@ -1,6 +1,6 @@
 location /auth/ {
 
-  proxy_pass        http://127.0.0.1:__LDAP_PORT__/;
+  proxy_pass        http://127.0.0.1:__PORT_LDAP__/;
   proxy_redirect    off;
   proxy_set_header  Host $host;
   proxy_set_header  X-Real-IP $remote_addr;
diff --git a/conf/systemd.service b/conf/systemd.service
index cdbdbcc..aa4af39 100644
--- a/conf/systemd.service
+++ b/conf/systemd.service
@@ -7,38 +7,43 @@ After=network.target
 Type=simple
 User=__APP__
 Group=__APP__
-WorkingDirectory=__FINALPATH__/live/
-ExecStart=__FINALPATH__/live/galene -http "127.0.0.1:__PORT__" -insecure -turn __PUBLIC_IP4__:__TURN_PORT__ -udp-range 49152-65535 -groups __DATADIR__/groups -recordings __DATADIR__/recordings  -data __FINALPATH__/live/data/
+WorkingDirectory=__INSTALL_DIR__/live/
+ExecStart=__INSTALL_DIR__/live/galene -http "127.0.0.1:__PORT__" -insecure -turn __PUBLIC_IP4__:__PORT_TURN__ -udp-range 49152-65535 -groups __DATA_DIR__/groups -recordings __DATA_DIR__/recordings  -data __INSTALL_DIR__/live/data/
 LimitNOFILE=65536
 
-# various hardening options
-ReadWritePaths=/var/lib/galene/recordings
-CapabilityBoundingSet=
-AmbientCapabilities=
+# Sandboxing options to harden security
+# Depending on specificities of your service/app, you may need to tweak these
+# .. but this should be a good baseline
+# Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html
+NoNewPrivileges=yes
 PrivateTmp=yes
 PrivateDevices=yes
+RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 AF_NETLINK
+RestrictNamespaces=yes
+RestrictRealtime=yes
 DevicePolicy=closed
-ProtectSystem=strict
-ProtectHome=yes
+ProtectClock=yes
+ProtectHostname=yes
+ProtectProc=invisible
+ProtectSystem=full
+ProtectControlGroups=yes
 ProtectKernelModules=yes
 ProtectKernelTunables=yes
-ProtectKernelLogs=yes
-ProtectControlGroups=yes
-ProtectHostname=yes
-ProtectClock=yes
-NoNewPrivileges=yes
-MountFlags=private
 LockPersonality=yes
-RestrictRealtime=yes
-RestrictNamespaces=yes
-RestrictSUIDSGID=yes
-KeyringMode=private
-MemoryDenyWriteExecute=yes
-RemoveIPC=yes
 SystemCallArchitectures=native
-SystemCallFilter=~ @clock @cpu-emulation @debug @keyring @module @mount @raw-io @reboot @swap @obsolete @timer @resources @privileged @pkey @obsolete @setuid
-RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX
-UMask=0077
+SystemCallFilter=~@clock @debug @module @mount @obsolete @reboot @setuid @swap @cpu-emulation @privileged
+
+# Denying access to capabilities that should not be relevant for webapps
+# Doc: https://man7.org/linux/man-pages/man7/capabilities.7.html
+CapabilityBoundingSet=~CAP_RAWIO CAP_MKNOD
+CapabilityBoundingSet=~CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE
+CapabilityBoundingSet=~CAP_SYS_BOOT CAP_SYS_TIME CAP_SYS_MODULE CAP_SYS_PACCT
+CapabilityBoundingSet=~CAP_LEASE CAP_LINUX_IMMUTABLE CAP_IPC_LOCK
+CapabilityBoundingSet=~CAP_BLOCK_SUSPEND CAP_WAKE_ALARM
+CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG
+CapabilityBoundingSet=~CAP_MAC_ADMIN CAP_MAC_OVERRIDE
+CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW
+CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG
 
 [Install]
 WantedBy=multi-user.target
diff --git a/doc/DISCLAIMER.md b/doc/ADMIN.md
similarity index 99%
rename from doc/DISCLAIMER.md
rename to doc/ADMIN.md
index 35f908f..46cd726 100644
--- a/doc/DISCLAIMER.md
+++ b/doc/ADMIN.md
@@ -47,4 +47,3 @@ Statistics are available under `/opt/yunohost/galene/stats.json`, with a human-r
 ### How do I record my lecture?
 
 Make sure allow-recording is set in your group configuration. Log-in as an operator, then say `/record` before you start your lecture. Don't forget to say `/unrecord` at the end. You will find your recordings under `https://server.example.com/recordings/groupname/`. The video recordings are stored in `/home/yunohost.app/galene/recordings` folder.
-
diff --git a/doc/DISCLAIMER_fr.md b/doc/ADMIN_fr.md
similarity index 100%
rename from doc/DISCLAIMER_fr.md
rename to doc/ADMIN_fr.md
diff --git a/manifest.json b/manifest.json
deleted file mode 100644
index e22e81e..0000000
--- a/manifest.json
+++ /dev/null
@@ -1,83 +0,0 @@
-{
-    "name": "Galène",
-    "id": "galene",
-    "packaging_format": 1,
-    "description": {
-        "en": "Videoconferencing server that is easy to deploy",
-        "fr": "Serveur de visioconférence facile à déployer"
-    },
-    "version": "0.6.2~ynh1",
-    "url": "https://galene.org/",
-    "upstream": {
-        "license": "MIT",
-        "website": "https://galene.org/",
-        "demo": "https://galene.org:8443/",
-        "admindoc": "https://galene.org/",
-        "userdoc": "https://galene.org/faq.html",
-        "code": "https://github.com/jech/galene"
-    },
-    "license": "MIT",
-    "maintainer": {
-        "name": "eric_G",
-        "email": ""
-    },
-    "requirements": {
-        "yunohost": ">= 11.0.9"
-    },
-    "multi_instance": false,
-    "services": [
-        "nginx"
-    ],
-    "arguments": {
-        "install": [
-            {
-                "name": "domain",
-                "type": "domain"
-            },
-            {
-                "name": "is_public",
-                "type": "boolean",
-                "help": {
-                    "en": "If enabled, Galène will be accessible by people who do not have an account. This can be changed later via the webadmin.",
-                    "fr": "Si cette case est cochée, Galène sera accessible aux personnes n’ayant pas de compte. Vous pourrez changer ceci plus tard via la webadmin."
-                },
-                "default": true
-            },
-            {
-                "name": "admin",
-                "type": "user"
-            },
-            {
-                "name": "password",
-                "type": "password",
-                "help": {
-                    "en": "Set the administrator password (between 8 and 30 characters)",
-                    "fr": "Définissez le mot de passe administrateur (entre 8 et 30 caractères)"
-                }
-            },
-            {
-                "name": "group_name",
-                "type": "string",
-                "ask": {
-                    "en": "Choose a name for the group you want to create",
-                    "fr": "Choisissez un nom pour le groupe que vous voulez créer"
-                },
-                "default": "public",
-                "example": "public"
-            },
-            {
-                "name": "group_description",
-                "type": "string",
-                "optional": true,
-                "ask": {
-                    "en": "Choose a description for the group you want to create",
-                    "fr": "Décrivez le groupe que vous souhaitez créer"
-                },
-                "help": {
-                    "en": "Add a human-readable description of the group; this is displayed on the landing page for public groups.",
-                    "fr": "Ajoutez une description du groupe; ceci est affiché sur la page de destination des groupes publics."
-                }
-            }
-        ]
-    }
-}
diff --git a/manifest.toml b/manifest.toml
new file mode 100644
index 0000000..bca6d94
--- /dev/null
+++ b/manifest.toml
@@ -0,0 +1,81 @@
+packaging_format = 2
+
+id = "galene"
+name = "Galène"
+description.en = "Videoconferencing server that is easy to deploy"
+description.fr = "Serveur de visioconférence facile à déployer"
+
+version = "0.6.2~ynh1"
+
+maintainers = ["eric_G"]
+
+[upstream]
+license = "MIT"
+website = "https://galene.org/"
+demo = "https://galene.org:8443/"
+admindoc = "https://galene.org/"
+userdoc = "https://galene.org/faq.html"
+code = "https://github.com/jech/galene"
+
+[integration]
+yunohost = ">= 11.1.11"
+architectures = "all"
+multi_instance = false
+ldap = true
+sso = "not_relevant"
+disk = "50M"
+ram.build = "400M"
+ram.runtime = "50M"
+
+[install]
+    [install.domain]
+    type = "domain"
+    full_domain = true
+
+    [install.init_main_permission]
+    help.en = "If Visitors enabled, Galène will be accessible by people who do not have an account. This can be changed later via the webadmin."
+    help.fr = "Si la permission Visiteurs est cochée, Galène sera accessible aux personnes n’ayant pas de compte. Vous pourrez changer ceci plus tard via la webadmin."
+    type = "group"
+    default = "visitors"
+
+    [install.admin]
+    type = "user"
+
+    [install.password]
+    help.en = "Set the administrator password (between 8 and 30 characters)"
+    help.fr = "Définissez le mot de passe administrateur (entre 8 et 30 caractères)"
+    type = "password"
+
+    [install.group_name]
+    ask.en = "Choose a name for the group you want to create"
+    ask.fr = "Choisissez un nom pour le groupe que vous voulez créer"
+    type = "string"
+    default = "public"
+    example = "public"
+
+    [install.group_description]
+    ask.en = "Choose a description for the group you want to create"
+    ask.fr = "Décrivez le groupe que vous souhaitez créer"
+    help.en = "Add a human-readable description of the group; this is displayed on the landing page for public groups."
+    help.fr = "Ajoutez une description du groupe; ceci est affiché sur la page de destination des groupes publics."
+    type = "string"
+    optional = true
+
+[resources]
+    [resources.system_user]
+
+    [resources.install_dir]
+
+    [resources.data_dir]
+
+    [resources.permissions]
+    main.url = "/"
+
+    [resources.ports]
+    main.default = 8095
+    ldap.default = 8096
+    turn.default = 1194
+    turn.exposed = "Both"
+
+    [resources.apt]
+    packages = "jose"
diff --git a/scripts/_common.sh b/scripts/_common.sh
index 87199a3..1f273f5 100755
--- a/scripts/_common.sh
+++ b/scripts/_common.sh
@@ -6,9 +6,6 @@
 
 go_version=1.19
 
-# dependencies used by the app (must be on a single line)
-pkg_dependencies="jose"
-
 #=================================================
 # PERSONAL HELPERS
 #=================================================
diff --git a/scripts/backup b/scripts/backup
index cf11da9..2696784 100755
--- a/scripts/backup
+++ b/scripts/backup
@@ -10,27 +10,6 @@
 source ../settings/scripts/_common.sh
 source /usr/share/yunohost/helpers
 
-#=================================================
-# MANAGE SCRIPT FAILURE
-#=================================================
-
-ynh_clean_setup () {
-	true
-}
-# Exit if an error occurs during the execution of the script
-ynh_abort_if_errors
-
-#=================================================
-# LOAD SETTINGS
-#=================================================
-ynh_print_info --message="Loading installation settings..."
-
-app=$YNH_APP_INSTANCE_NAME
-
-final_path=$(ynh_app_setting_get --app=$app --key=final_path)
-domain=$(ynh_app_setting_get --app=$app --key=domain)
-datadir=$(ynh_app_setting_get --app=$app --key=datadir)
-
 #=================================================
 # DECLARE DATA AND CONF FILES TO BACKUP
 #=================================================
@@ -40,13 +19,13 @@ ynh_print_info --message="Declaring files to be backed up..."
 # BACKUP THE APP MAIN DIR
 #=================================================
 
-ynh_backup --src_path="$final_path"
+ynh_backup --src_path="$install_dir"
 
 #=================================================
 # BACKUP THE DATA DIR
 #=================================================
 
-ynh_backup --src_path="$datadir" --is_big
+ynh_backup --src_path="$data_dir" --is_big
 
 #=================================================
 # BACKUP THE NGINX CONFIGURATION
diff --git a/scripts/change_url b/scripts/change_url
index cb35cc4..fa108f2 100755
--- a/scripts/change_url
+++ b/scripts/change_url
@@ -9,67 +9,16 @@
 source _common.sh
 source /usr/share/yunohost/helpers
 
-#=================================================
-# RETRIEVE ARGUMENTS
-#=================================================
-
-old_domain=$YNH_APP_OLD_DOMAIN
-old_path=$YNH_APP_OLD_PATH
-
-new_domain=$YNH_APP_NEW_DOMAIN
-new_path="/"
-
-app=$YNH_APP_INSTANCE_NAME
-
 #=================================================
 # LOAD SETTINGS
 #=================================================
 ynh_script_progression --message="Loading installation settings..." --weight=1
 
-# Needed for helper "ynh_add_nginx_config"
-final_path=$(ynh_app_setting_get --app=$app --key=final_path)
-
 # Add settings here as needed by your application
-admin=$(ynh_app_setting_get --app=$app --key=admin)
 password=$(ynh_app_setting_get --app=$app --key=password)
 group_name=$(ynh_app_setting_get --app=$app --key=group_name)
-port=$(ynh_app_setting_get --app=$app --key=port)
 ldap_port=$(ynh_app_setting_get --app=$app --key=ldap_port)
 key=$(ynh_app_setting_get --app=$app --key=key)
-datadir=$(ynh_app_setting_get --app=$app --key=datadir)
-
-#=================================================
-# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP
-#=================================================
-ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=1
-
-# Backup the current version of the app
-ynh_backup_before_upgrade
-ynh_clean_setup () {
-	# Remove the new domain config file, the remove script won't do it as it doesn't know yet its location.
-	ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
-
-	# Restore it if the upgrade fails
-	ynh_restore_upgradebackup
-}
-# Exit if an error occurs during the execution of the script
-ynh_abort_if_errors
-
-#=================================================
-# CHECK WHICH PARTS SHOULD BE CHANGED
-#=================================================
-
-change_domain=0
-if [ "$old_domain" != "$new_domain" ]
-then
-	change_domain=1
-fi
-
-change_path=0
-if [ "$old_path" != "$new_path" ]
-then
-	change_path=1
-fi
 
 #=================================================
 # STANDARD MODIFICATIONS
@@ -86,29 +35,7 @@ ynh_systemd_action --service_name=${app}_ldap --action="stop" --log_path="system
 #=================================================
 ynh_script_progression --message="Updating NGINX web server configuration..." --weight=2
 
-nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
-
-# Change the path in the NGINX config file
-if [ $change_path -eq 1 ]
-then
-	# Make a backup of the original NGINX config file if modified
-	ynh_backup_if_checksum_is_different --file="$nginx_conf_path"
-	# Set global variables for NGINX helper
-	domain="$old_domain"
-	path_url="$new_path"
-	# Create a dedicated NGINX config
-	ynh_add_nginx_config
-fi
-
-# Change the domain for NGINX
-if [ $change_domain -eq 1 ]
-then
-	# Delete file checksum for the old conf file location
-	ynh_delete_file_checksum --file="$nginx_conf_path"
-	mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf
-	# Store file checksum for the new config file location
-	ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
-fi
+ynh_change_url_nginx_config
 
 #=================================================
 # SPECIFIC MODIFICATIONS
@@ -119,24 +46,24 @@ ynh_script_progression --message="Updating a configuration file..." --weight=2
 
 domain="$new_domain"
 # Configure Galene
-ynh_add_config --template="../conf/config.json" --destination="$final_path/live/data/config.json"
-chmod 400 "$final_path/live/data/config.json"
-chown $app:$app "$final_path/live/data/config.json"
+ynh_add_config --template="../conf/config.json" --destination="$install_dir/live/data/config.json"
+chmod 400 "$install_dir/live/data/config.json"
+chown $app:$app "$install_dir/live/data/config.json"
 
 # Configure Galene LDAP
-ynh_add_config --template="../conf/galene-ldap.json" --destination="$final_path/live_ldap/data/galene-ldap.json"
-chmod 400 "$final_path/live_ldap/data/galene-ldap.json"
-chown $app:$app "$final_path/live_ldap/data/galene-ldap.json"
+ynh_add_config --template="../conf/galene-ldap.json" --destination="$install_dir/live_ldap/data/galene-ldap.json"
+chmod 400 "$install_dir/live_ldap/data/galene-ldap.json"
+chown $app:$app "$install_dir/live_ldap/data/galene-ldap.json"
 
 # Create a group name config
-ynh_add_config --template="../conf/groupname.json" --destination="$datadir/groups/$group_name.json"
-chmod 400 "$datadir/groups/$group_name.json"
-chown $app:$app "$datadir/groups/$group_name.json"
+ynh_add_config --template="../conf/groupname.json" --destination="$data_dir/groups/$group_name.json"
+chmod 400 "$data_dir/groups/$group_name.json"
+chown $app:$app "$data_dir/groups/$group_name.json"
 
 # Create a group name authenticated on LDAP
-ynh_add_config --template="../conf/groupname-ldap.json" --destination="$datadir/groups/YunoHost_Users.json"
-chmod 400 "$datadir/groups/YunoHost_Users.json"
-chown $app:$app "$datadir/groups/YunoHost_Users.json"
+ynh_add_config --template="../conf/groupname-ldap.json" --destination="$data_dir/groups/YunoHost_Users.json"
+chmod 400 "$data_dir/groups/YunoHost_Users.json"
+chown $app:$app "$data_dir/groups/YunoHost_Users.json"
 
 #=================================================
 # GENERIC FINALISATION
@@ -149,13 +76,6 @@ ynh_script_progression --message="Starting a systemd service..." --weight=3
 ynh_systemd_action --service_name=$app --action="start" --log_path="systemd"
 ynh_systemd_action --service_name=${app}_ldap --action="start" --log_path="systemd"
 
-#=================================================
-# RELOAD NGINX
-#=================================================
-ynh_script_progression --message="Reloading NGINX web server..." --weight=1
-
-ynh_systemd_action --service_name=nginx --action=reload
-
 #=================================================
 # END OF SCRIPT
 #=================================================
diff --git a/scripts/install b/scripts/install
index 591fc3f..0077046 100755
--- a/scripts/install
+++ b/scripts/install
@@ -10,111 +10,49 @@ source _common.sh
 source ynh_install_go
 source /usr/share/yunohost/helpers
 
-#=================================================
-# MANAGE SCRIPT FAILURE
-#=================================================
-
-ynh_clean_setup () {
-	true
-}
-# Exit if an error occurs during the execution of the script
-ynh_abort_if_errors
-
 #=================================================
 # RETRIEVE ARGUMENTS FROM THE MANIFEST
 #=================================================
 
-domain=$YNH_APP_ARG_DOMAIN
-path_url="/"
-is_public=$YNH_APP_ARG_IS_PUBLIC
-admin=$YNH_APP_ARG_ADMIN
-password=$YNH_APP_ARG_PASSWORD
 group_name=$YNH_APP_ARG_GROUP_NAME
 group_description=$YNH_APP_ARG_GROUP_DESCRIPTION
-
-app=$YNH_APP_INSTANCE_NAME
-
-#=================================================
-# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
-#=================================================
-ynh_script_progression --message="Validating installation parameters..." --weight=1
-
-final_path=/var/www/$app
-test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
-
-# Register (book) web path
-ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
+password=$YNH_APP_ARG_PASSWORD
 
 #=================================================
 # STORE SETTINGS FROM MANIFEST
 #=================================================
 ynh_script_progression --message="Storing installation settings..." --weight=4
 
-ynh_app_setting_set --app=$app --key=domain --value=$domain
-ynh_app_setting_set --app=$app --key=path --value=$path_url
-ynh_app_setting_set --app=$app --key=admin --value=$admin
-ynh_app_setting_set --app=$app --key=password --value="$password"
 ynh_app_setting_set --app=$app --key=group_name --value="$group_name"
 ynh_app_setting_set --app=$app --key=group_description --value="$group_description"
+ynh_app_setting_set --app=$app --key=password --value="$password"
 
 #=================================================
 # STANDARD MODIFICATIONS
 #=================================================
 # FIND AND OPEN A PORT
 #=================================================
-ynh_script_progression --message="Finding an available port..." --weight=3
-
-# Find an available port
-port=$(ynh_find_port --port=8095)
-ynh_app_setting_set --app=$app --key=port --value=$port
-
-ldap_port=$(ynh_find_port --port=$(($port + 1)))
-ynh_app_setting_set --app=$app --key=port --value=$ldap_port
-
-# Find an available port for TURN
-turn_port=$(ynh_find_port --port=1194)
-ynh_app_setting_set --app=$app --key=turn_port --value=$turn_port
-
-# Open TURN port
 ynh_script_progression --message="Configuring firewall..." --weight=1
 
-ynh_exec_warn_less yunohost firewall allow Both $turn_port
-
 # Reserve UDP Port range 49152:65535
 ynh_exec_warn_less yunohost firewall allow UDP -4 49152:65535
 
-#=================================================
-# INSTALL DEPENDENCIES
-#=================================================
-ynh_script_progression --message="Installing dependencies..." --weight=1
-
-ynh_install_app_dependencies $pkg_dependencies
-
-#=================================================
-# CREATE DEDICATED USER
-#=================================================
-ynh_script_progression --message="Configuring system user..." --weight=3
-
-# Create a system user
-ynh_system_user_create --username=$app --home_dir="$final_path"
-
 #=================================================
 # DOWNLOAD, CHECK AND UNPACK SOURCE
 #=================================================
 ynh_script_progression --message="Setting up source files..." --weight=1
 
-ynh_app_setting_set --app=$app --key=final_path --value=$final_path
 # Download, check integrity, uncompress and patch the source from app.src
-ynh_setup_source --dest_dir="$final_path/build"
-ynh_setup_source --dest_dir="$final_path/build_ldap" --source_id="ldap"
+ynh_setup_source --dest_dir="$install_dir/build"
+ynh_setup_source --dest_dir="$install_dir/build_ldap" --source_id="ldap"
 
-mkdir -p "$final_path/live/data"
-mkdir -p "$final_path/live_ldap/data"
-cp -r "$final_path/build/static/" "$final_path/live/"
-ynh_replace_string --match_string="<div class=\"galene-header\">Galène</div>" --replace_string="<div class=\"galene-header\" onclick=\"location.href=window.location.origin\" style=\"cursor:pointer\">Galène</div>" --target_file="$final_path/live/static/galene.html"
-chmod 750 "$final_path"
-chmod -R o-rwx "$final_path"
-chown -R $app:www-data "$final_path"
+mkdir -p "$install_dir/live/data"
+mkdir -p "$install_dir/live_ldap/data"
+cp -r "$install_dir/build/static/" "$install_dir/live/"
+ynh_replace_string --match_string="<div class=\"galene-header\">Galène</div>" --replace_string="<div class=\"galene-header\" onclick=\"location.href=window.location.origin\" style=\"cursor:pointer\">Galène</div>" --target_file="$install_dir/live/static/galene.html"
+chmod 750 "$install_dir"
+chmod -R o-rwx "$install_dir"
+chown -R $app:www-data "$install_dir"
 
 #=================================================
 # NGINX CONFIGURATION
@@ -133,32 +71,29 @@ ynh_script_progression --message="Building app..." --weight=1
 
 ynh_exec_warn_less ynh_install_go --go_version=$go_version
 ynh_use_go
-pushd $final_path/build/
-	ynh_exec_warn_less ynh_exec_as $app CGO_ENABLED=0 $ynh_go build -ldflags='-s -w' -o $final_path/live/
+pushd $install_dir/build/
+	ynh_exec_warn_less ynh_exec_as $app CGO_ENABLED=0 $ynh_go build -ldflags='-s -w' -o $install_dir/live/
 popd
-pushd $final_path/build_ldap/
-	ynh_exec_warn_less ynh_exec_as $app CGO_ENABLED=0 $ynh_go build -ldflags='-s -w' -o $final_path/live_ldap/
+pushd $install_dir/build_ldap/
+	ynh_exec_warn_less ynh_exec_as $app CGO_ENABLED=0 $ynh_go build -ldflags='-s -w' -o $install_dir/live_ldap/
 popd
 ynh_remove_go
-ynh_secure_remove --file="$final_path/build/"
-ynh_secure_remove --file="$final_path/build_ldap/"
-ynh_secure_remove --file="$final_path/.cache/"
-ynh_secure_remove --file="$final_path/go/"
-ynh_secure_remove --file="$final_path/.go-version"
+ynh_secure_remove --file="$install_dir/build/"
+ynh_secure_remove --file="$install_dir/build_ldap/"
+ynh_secure_remove --file="$install_dir/.cache/"
+ynh_secure_remove --file="$install_dir/go/"
+ynh_secure_remove --file="$install_dir/.go-version"
 
 #=================================================
 # CREATE DATA DIRECTORY
 #=================================================
 ynh_script_progression --message="Creating a data directory..." --weight=1
 
-datadir=/home/yunohost.app/$app
-ynh_app_setting_set --app=$app --key=datadir --value=$datadir
+mkdir -p $data_dir/{groups,recordings}
 
-mkdir -p $datadir/{groups,recordings}
-
-chmod 750 "$datadir"
-chmod -R o-rwx "$datadir"
-chown -R $app:www-data "$datadir"
+chmod 750 "$data_dir"
+chmod -R o-rwx "$data_dir"
+chown -R $app:www-data "$data_dir"
 
 #=================================================
 # ADD A CONFIGURATION
@@ -166,26 +101,26 @@ chown -R $app:www-data "$datadir"
 ynh_script_progression --message="Adding a configuration file..." --weight=1
 
 # Configure Galène
-ynh_add_config --template="../conf/config.json" --destination="$final_path/live/data/config.json"
-chmod 400 "$final_path/live/data/config.json"
-chown $app:$app "$final_path/live/data/config.json"
+ynh_add_config --template="../conf/config.json" --destination="$install_dir/live/data/config.json"
+chmod 400 "$install_dir/live/data/config.json"
+chown $app:$app "$install_dir/live/data/config.json"
 
 # Configure Galène LDAP
 key=$(jose jwk gen -i '{"kty":"oct","alg":"HS256"}')
 ynh_app_setting_set --app=$app --key=key --value="$key"
-ynh_add_config --template="../conf/galene-ldap.json" --destination="$final_path/live_ldap/data/galene-ldap.json"
-chmod 400 "$final_path/live_ldap/data/galene-ldap.json"
-chown $app:$app "$final_path/live_ldap/data/galene-ldap.json"
+ynh_add_config --template="../conf/galene-ldap.json" --destination="$install_dir/live_ldap/data/galene-ldap.json"
+chmod 400 "$install_dir/live_ldap/data/galene-ldap.json"
+chown $app:$app "$install_dir/live_ldap/data/galene-ldap.json"
 
 # Create a group name config
-ynh_add_config --template="../conf/groupname.json" --destination="$datadir/groups/$group_name.json"
-chmod 400 "$datadir/groups/$group_name.json"
-chown $app:$app "$datadir/groups/$group_name.json"
+ynh_add_config --template="../conf/groupname.json" --destination="$data_dir/groups/$group_name.json"
+chmod 400 "$data_dir/groups/$group_name.json"
+chown $app:$app "$data_dir/groups/$group_name.json"
 
 # Create a group name authenticated on LDAP
-ynh_add_config --template="../conf/groupname-ldap.json" --destination="$datadir/groups/YunoHost_Users.json"
-chmod 400 "$datadir/groups/YunoHost_Users.json"
-chown $app:$app "$datadir/groups/YunoHost_Users.json"
+ynh_add_config --template="../conf/groupname-ldap.json" --destination="$data_dir/groups/YunoHost_Users.json"
+chmod 400 "$data_dir/groups/YunoHost_Users.json"
+chown $app:$app "$data_dir/groups/YunoHost_Users.json"
 
 #=================================================
 # SETUP SYSTEMD
@@ -205,7 +140,7 @@ ynh_add_systemd_config --service=${app}_ldap --template="ldap.service"
 #=================================================
 ynh_script_progression --message="Integrating service in YunoHost..." --weight=2
 
-yunohost service add $app --description="Videoconferencing server" --needs_exposed_ports="$turn_port"
+yunohost service add $app --description="Videoconferencing server" --needs_exposed_ports="$port_turn"
 yunohost service add ${app}_ldap --description="LDAP integration for the videoconferencing server"
 
 #=================================================
@@ -217,26 +152,6 @@ ynh_script_progression --message="Starting a systemd service..." --weight=1
 ynh_systemd_action --service_name=$app --action="start" --log_path="systemd"
 ynh_systemd_action --service_name=${app}_ldap --action="start" --log_path="systemd"
 
-#=================================================
-# SETUP SSOWAT
-#=================================================
-ynh_script_progression --message="Configuring permissions..." --weight=2
-
-# Make app public if necessary
-if [ $is_public -eq 1 ]
-then
-	# Everyone can access the app.
-	# The "main" permission is automatically created before the install script.
-	ynh_permission_update --permission="main" --add="visitors"
-fi
-
-#=================================================
-# RELOAD NGINX
-#=================================================
-ynh_script_progression --message="Reloading NGINX web server..." --weight=2
-
-ynh_systemd_action --service_name=nginx --action=reload
-
 #=================================================
 # END OF SCRIPT
 #=================================================
diff --git a/scripts/remove b/scripts/remove
index dc1df05..23d30bd 100755
--- a/scripts/remove
+++ b/scripts/remove
@@ -9,18 +9,6 @@
 source _common.sh
 source /usr/share/yunohost/helpers
 
-#=================================================
-# LOAD SETTINGS
-#=================================================
-ynh_script_progression --message="Loading installation settings..." --weight=1
-
-app=$YNH_APP_INSTANCE_NAME
-
-domain=$(ynh_app_setting_get --app=$app --key=domain)
-turn_port=$(ynh_app_setting_get --app=$app --key=turn_port)
-final_path=$(ynh_app_setting_get --app=$app --key=final_path)
-datadir=$(ynh_app_setting_get --app=$app --key=datadir)
-
 #=================================================
 # STANDARD REMOVE
 #=================================================
@@ -49,25 +37,6 @@ ynh_script_progression --message="Stopping and removing the systemd service..."
 ynh_remove_systemd_config
 ynh_remove_systemd_config --service=${app}_ldap
 
-#=================================================
-# REMOVE APP MAIN DIR
-#=================================================
-ynh_script_progression --message="Removing app main directory..." --weight=2
-
-# Remove the app directory securely
-ynh_secure_remove --file="$final_path"
-
-#=================================================
-# REMOVE DATA DIR
-#=================================================
-
-# Remove the data directory if --purge option is used
-if [ "${YNH_APP_PURGE:-0}" -eq 1 ]
-then
-	ynh_script_progression --message="Removing app data directory..." --weight=1
-	ynh_secure_remove --file="$datadir"
-fi
-
 #=================================================
 # REMOVE NGINX CONFIGURATION
 #=================================================
@@ -76,22 +45,14 @@ ynh_script_progression --message="Removing NGINX web server configuration..." --
 # Remove the dedicated NGINX config
 ynh_remove_nginx_config
 
-#=================================================
-# REMOVE DEPENDENCIES
-#=================================================
-ynh_script_progression --message="Removing dependencies..." --weight=1
-
-# Remove metapackage and its dependencies
-ynh_remove_app_dependencies
-
 #=================================================
 # CLOSE A PORT
 #=================================================
 
-if yunohost firewall list | grep -q "\- $turn_port$"
+if yunohost firewall list | grep -q "\- $port_turn$"
 then
-	ynh_script_progression --message="Closing port $turn_port..." --weight=1
-	ynh_exec_warn_less yunohost firewall disallow both $turn_port
+	ynh_script_progression --message="Closing port $port_turn..." --weight=1
+	ynh_exec_warn_less yunohost firewall disallow both $port_turn
 fi
 
 if yunohost firewall list | grep -q "\- 49152:65535"
@@ -100,18 +61,6 @@ then
 	ynh_exec_warn_less yunohost firewall disallow UDP 49152:65535
 fi
 
-#=================================================
-# SPECIFIC REMOVE
-#=================================================
-# GENERIC FINALIZATION
-#=================================================
-# REMOVE DEDICATED USER
-#=================================================
-ynh_script_progression --message="Removing the dedicated system user..." --weight=1
-
-# Delete a system user
-ynh_system_user_delete --username=$app
-
 #=================================================
 # END OF SCRIPT
 #=================================================
diff --git a/scripts/restore b/scripts/restore
index 3ab3d80..21e6513 100755
--- a/scripts/restore
+++ b/scripts/restore
@@ -10,81 +10,29 @@
 source ../settings/scripts/_common.sh
 source /usr/share/yunohost/helpers
 
-#=================================================
-# MANAGE SCRIPT FAILURE
-#=================================================
-
-ynh_clean_setup () {
-	true
-}
-# Exit if an error occurs during the execution of the script
-ynh_abort_if_errors
-
-#=================================================
-# LOAD SETTINGS
-#=================================================
-ynh_script_progression --message="Loading installation settings..." --weight=1
-
-app=$YNH_APP_INSTANCE_NAME
-
-domain=$(ynh_app_setting_get --app=$app --key=domain)
-path_url=$(ynh_app_setting_get --app=$app --key=path)
-final_path=$(ynh_app_setting_get --app=$app --key=final_path)
-group_name=$(ynh_app_setting_get --app=$app --key=group_name)
-turn_port=$(ynh_app_setting_get --app=$app --key=turn_port)
-datadir=$(ynh_app_setting_get --app=$app --key=datadir)
-
-#=================================================
-# CHECK IF THE APP CAN BE RESTORED
-#=================================================
-ynh_script_progression --message="Validating restoration parameters..." --weight=1
-
-test ! -d $final_path \
-	|| ynh_die --message="There is already a directory: $final_path "
-
-#=================================================
-# STANDARD RESTORATION STEPS
-#=================================================
-# RECREATE THE DEDICATED USER
-#=================================================
-ynh_script_progression --message="Recreating the dedicated system user..." --weight=2
-
-# Create the dedicated user (if not existing)
-ynh_system_user_create --username=$app --home_dir="$final_path"
-
 #=================================================
 # RESTORE THE APP MAIN DIR
 #=================================================
 ynh_script_progression --message="Restoring the app main directory..." --weight=1
 
-ynh_restore_file --origin_path="$final_path"
+ynh_restore_file --origin_path="$install_dir"
 
-chmod 750 "$final_path"
-chmod -R o-rwx "$final_path"
-chown -R $app:www-data "$final_path"
+chmod 750 "$install_dir"
+chmod -R o-rwx "$install_dir"
+chown -R $app:www-data "$install_dir"
 
 #=================================================
 # RESTORE THE DATA DIRECTORY
 #=================================================
 ynh_script_progression --message="Restoring the data directory..." --weight=1
 
-ynh_restore_file --origin_path="$datadir" --not_mandatory
+ynh_restore_file --origin_path="$data_dir" --not_mandatory
 
-mkdir -p $datadir/{groups,recordings}
+mkdir -p $data_dir/{groups,recordings}
 
-chmod 750 "$datadir"
-chmod -R o-rwx "$datadir"
-chown -R $app:www-data "$datadir"
-
-#=================================================
-# SPECIFIC RESTORATION
-#=================================================
-# REINSTALL DEPENDENCIES
-#=================================================
-ynh_script_progression --message="Reinstalling dependencies..." --weight=1
-
-# Define and install dependencies
-ynh_install_app_dependencies $pkg_dependencies
+chmod 750 "$data_dir"
+chmod -R o-rwx "$data_dir"
+chown -R $app:www-data "$data_dir"
 
 #=================================================
 # RESTORE THE NGINX CONFIGURATION
@@ -107,7 +55,7 @@ systemctl enable $app.service --quiet
 #=================================================
 ynh_script_progression --message="Integrating service in YunoHost..." --weight=2
 
-yunohost service add $app --description="Videoconferencing server" --needs_exposed_ports="$turn_port"
+yunohost service add $app --description="Videoconferencing server" --needs_exposed_ports="$port_turn"
 yunohost service add ${app}_ldap --description="LDAP integration for the videoconferencing server"
 
 #=================================================
diff --git a/scripts/upgrade b/scripts/upgrade
index bcc8364..42e5e65 100644
--- a/scripts/upgrade
+++ b/scripts/upgrade
@@ -15,47 +15,16 @@ source /usr/share/yunohost/helpers
 #=================================================
 ynh_script_progression --message="Loading installation settings..." --weight=1
 
-app=$YNH_APP_INSTANCE_NAME
-
-domain=$(ynh_app_setting_get --app=$app --key=domain)
-path_url=$(ynh_app_setting_get --app=$app --key=path)
-admin=$(ynh_app_setting_get --app=$app --key=admin)
-password=$(ynh_app_setting_get --app=$app --key=password)
-final_path=$(ynh_app_setting_get --app=$app --key=final_path)
 group_name=$(ynh_app_setting_get --app=$app --key=group_name)
 group_description=$(ynh_app_setting_get --app=$app --key=group_description)
-port=$(ynh_app_setting_get --app=$app --key=port)
-ldap_port=$(ynh_app_setting_get --app=$app --key=ldap_port)
-key=$(ynh_app_setting_get --app=$app --key=key)
-turn_port=$(ynh_app_setting_get --app=$app --key=turn_port)
-datadir=$(ynh_app_setting_get --app=$app --key=datadir)
-
-if ynh_compare_current_package_version --comparison le --version 0.3.5~ynh3
-then
-    ynh_die --message="Please, you need to remove the app and reinstall it"
-fi
+password=$(ynh_app_setting_get --app=$app --key=password)
 
 #=================================================
 # CHECK VERSION
 #=================================================
-ynh_script_progression --message="Checking version..." --weight=1
 
 upgrade_type=$(ynh_check_app_version_changed)
 
-#=================================================
-# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
-#=================================================
-ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=1
-
-# Backup the current version of the app
-ynh_backup_before_upgrade
-ynh_clean_setup () {
-	# Restore it if the upgrade fails
-	ynh_restore_upgradebackup
-}
-# Exit if an error occurs during the execution of the script
-ynh_abort_if_errors
-
 #=================================================
 # STANDARD UPGRADE STEPS
 #=================================================
@@ -77,75 +46,34 @@ then
     ynh_exec_warn_less yunohost firewall disallow TCP $port
 fi
 
-# If final_path doesn't exist, create it
-if [ -z "$final_path" ]; then
-	final_path=/var/www/$app
-	mkdir -p $final_path
-	ynh_app_setting_set --app=$app --key=final_path --value=$final_path
-fi
-
-# If ldap_port doesn't exist, create it
-if [ -z "$ldap_port" ]; then
-	ldap_port=$(ynh_find_port --port=$(($port + 1)))
-	ynh_app_setting_set --app=$app --key=port --value=$ldap_port
-fi
-
-# Cleaning legacy permissions
-if ynh_legacy_permissions_exists; then
-	ynh_legacy_permissions_delete_all
-
-	ynh_app_setting_delete --app=$app --key=is_public
-fi
-
-# We remove the old admin/password file if present
-if [ -f "$final_path/data/passwd" ] ; then
-    ynh_secure_remove --file="$final_path/data/passwd"
-fi
-
 # For version 0.6~ynh1 and before
-if [[ ! -d "$final_path/live" ]]
+if [[ ! -d "$install_dir/live" ]]
 then
     tempdir="$(mktemp -d)"
-    mv $final_path $tempdir
-    mkdir -p "$final_path/live"
-    mv $tempdir/$app/galene "$final_path/live/"
-    mv $tempdir/$app/data/ "$final_path/live/"
-    mv $tempdir/$app/static/ "$final_path/live/"
+    mv $install_dir $tempdir
+    mkdir -p "$install_dir/live"
+    mv $tempdir/$app/galene "$install_dir/live/"
+    mv $tempdir/$app/data/ "$install_dir/live/"
+    mv $tempdir/$app/static/ "$install_dir/live/"
     ynh_secure_remove --file="$tempdir"
 fi
 
-#=================================================
-# CREATE DEDICATED USER
-#=================================================
-ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1
-
-# Create a dedicated user (if not existing)
-ynh_system_user_create --username=$app --home_dir="$final_path"
-
 #=================================================
 # DOWNLOAD, CHECK AND UNPACK SOURCE
 #=================================================
-
 ynh_script_progression --message="Upgrading source files..." --weight=2
 
-ynh_setup_source --dest_dir="$final_path/build"
-ynh_setup_source --dest_dir="$final_path/build_ldap" --source_id="ldap"
-mkdir -p "$final_path/live/data"
-mkdir -p "$final_path/live_ldap/data"
-ynh_secure_remove --file="$final_path/live/static/"
-cp -r "$final_path/build/static/" "$final_path/live/"
-ynh_replace_string --match_string="<div class=\"galene-header\">Galène</div>" --replace_string="<div class=\"galene-header\" onclick=\"location.href=window.location.origin\" style=\"cursor:pointer\">Galène</div>" --target_file="$final_path/live/static/galene.html"
+ynh_setup_source --dest_dir="$install_dir/build"
+ynh_setup_source --dest_dir="$install_dir/build_ldap" --source_id="ldap"
+mkdir -p "$install_dir/live/data"
+mkdir -p "$install_dir/live_ldap/data"
+#REMOVEME? ynh_secure_remove --file="$install_dir/live/static/"
+cp -r "$install_dir/build/static/" "$install_dir/live/"
+ynh_replace_string --match_string="<div class=\"galene-header\">Galène</div>" --replace_string="<div class=\"galene-header\" onclick=\"location.href=window.location.origin\" style=\"cursor:pointer\">Galène</div>" --target_file="$install_dir/live/static/galene.html"
 
-chmod 750 "$final_path"
-chmod -R o-rwx "$final_path"
-chown -R $app:www-data "$final_path"
-
-#=================================================
-# UPGRADE DEPENDENCIES
-#=================================================
-ynh_script_progression --message="Upgrading dependencies..." --weight=1
-
-ynh_install_app_dependencies $pkg_dependencies
+chmod 750 "$install_dir"
+chmod -R o-rwx "$install_dir"
+chown -R $app:www-data "$install_dir"
 
 #=================================================
 # NGINX CONFIGURATION
@@ -166,18 +94,18 @@ if [ "$upgrade_type" == "UPGRADE_APP" ]
 then
 	ynh_exec_warn_less ynh_install_go --go_version=$go_version
 	ynh_use_go
-	pushd $final_path/build/
-		ynh_exec_as $app CGO_ENABLED=0 $ynh_go build -ldflags='-s -w' -o $final_path/live/
+	pushd $install_dir/build/
+		ynh_exec_warn_less ynh_exec_as $app CGO_ENABLED=0 $ynh_go build -ldflags='-s -w' -o $install_dir/live/
 	popd
-	pushd $final_path/build_ldap/
-		ynh_exec_as $app CGO_ENABLED=0 $ynh_go build -ldflags='-s -w' -o $final_path/live_ldap/
+	pushd $install_dir/build_ldap/
+		ynh_exec_warn_less ynh_exec_as $app CGO_ENABLED=0 $ynh_go build -ldflags='-s -w' -o $install_dir/live_ldap/
 	popd
 	ynh_remove_go
-	ynh_secure_remove --file="$final_path/build/"
-	ynh_secure_remove --file="$final_path/build_ldap/"
-	ynh_secure_remove --file="$final_path/.cache/"
-	ynh_secure_remove --file="$final_path/go/"
-	ynh_secure_remove --file="$final_path/.go-version"
+	ynh_secure_remove --file="$install_dir/build/"
+	ynh_secure_remove --file="$install_dir/build_ldap/"
+	ynh_secure_remove --file="$install_dir/.cache/"
+	ynh_secure_remove --file="$install_dir/go/"
+	ynh_secure_remove --file="$install_dir/.go-version"
 fi
 
 #=================================================
@@ -186,9 +114,9 @@ fi
 ynh_script_progression --message="Updating a configuration file..." --weight=2
 
 # Configure Galène
-ynh_add_config --template="../conf/config.json" --destination="$final_path/live/data/config.json"
-chmod 400 "$final_path/live/data/config.json"
-chown $app:$app "$final_path/live/data/config.json"
+ynh_add_config --template="../conf/config.json" --destination="$install_dir/live/data/config.json"
+chmod 400 "$install_dir/live/data/config.json"
+chown $app:$app "$install_dir/live/data/config.json"
 
 # Configure Galène LDAP
 # If key doesn't exist, create it
@@ -196,19 +124,19 @@ if [ -z "$key" ]; then
 	key=$(jose jwk gen -i '{"kty":"oct","alg":"HS256"}')
 	ynh_app_setting_set --app=$app --key=key --value=$key
 fi
-ynh_add_config --template="../conf/galene-ldap.json" --destination="$final_path/live_ldap/data/galene-ldap.json"
-chmod 400 "$final_path/live_ldap/data/galene-ldap.json"
-chown $app:$app "$final_path/live_ldap/data/galene-ldap.json"
+ynh_add_config --template="../conf/galene-ldap.json" --destination="$install_dir/live_ldap/data/galene-ldap.json"
+chmod 400 "$install_dir/live_ldap/data/galene-ldap.json"
+chown $app:$app "$install_dir/live_ldap/data/galene-ldap.json"
 
 # Create a group name config
-ynh_add_config --template="../conf/groupname.json" --destination="$datadir/groups/$group_name.json"
-chmod 400 "$datadir/groups/$group_name.json"
-chown $app:$app "$datadir/groups/$group_name.json"
+ynh_add_config --template="../conf/groupname.json" --destination="$data_dir/groups/$group_name.json"
+chmod 400 "$data_dir/groups/$group_name.json"
+chown $app:$app "$data_dir/groups/$group_name.json"
 
 # Create a group name authenticated on LDAP
-ynh_add_config --template="../conf/groupname-ldap.json" --destination="$datadir/groups/YunoHost_Users.json"
-chmod 400 "$datadir/groups/YunoHost_Users.json"
-chown $app:$app "$datadir/groups/YunoHost_Users.json"
+ynh_add_config --template="../conf/groupname-ldap.json" --destination="$data_dir/groups/YunoHost_Users.json"
+chmod 400 "$data_dir/groups/YunoHost_Users.json"
+chown $app:$app "$data_dir/groups/YunoHost_Users.json"
 
 #=================================================
 # SETUP SYSTEMD
@@ -228,7 +156,7 @@ ynh_add_systemd_config --service=${app}_ldap --template="ldap.service"
 #=================================================
 ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
 
-yunohost service add $app --description="Videoconferencing server" --needs_exposed_ports="$turn_port"
+yunohost service add $app --description="Videoconferencing server" --needs_exposed_ports="$port_turn"
 yunohost service add ${app}_ldap --description="LDAP integration for the videoconferencing server"
 
 #=================================================
@@ -239,13 +167,6 @@ ynh_script_progression --message="Starting a systemd service..." --weight=1
 ynh_systemd_action --service_name=$app --action="start" --log_path="systemd"
 ynh_systemd_action --service_name=${app}_ldap --action="start" --log_path="systemd"
 
-#=================================================
-# RELOAD NGINX
-#=================================================
-ynh_script_progression --message="Reloading NGINX web server..." --weight=2
-
-ynh_systemd_action --service_name=nginx --action=reload
-
 #=================================================
 # END OF SCRIPT
 #=================================================
diff --git a/scripts/ynh_install_go b/scripts/ynh_install_go
index 4e0b499..c0dfe12 100644
--- a/scripts/ynh_install_go
+++ b/scripts/ynh_install_go
@@ -30,14 +30,14 @@ export GOENV_ROOT="$goenv_install_dir"
 # However, $PATH is duplicated into $go_path to outlast any manipulation of $PATH
 # You can use the variable `$ynh_go_load_path` to quickly load your Go version
 #  in $PATH for an usage into a separate script.
-# Exemple: $ynh_go_load_path $final_path/script_that_use_gem.sh`
+# Exemple: $ynh_go_load_path $install_dir/script_that_use_gem.sh`
 #
 #
 # Finally, to start a Go service with the correct version, 2 solutions
 #  Either the app is dependent of Go or gem, but does not called it directly.
 #  In such situation, you need to load PATH
 #    `Environment="__YNH_GO_LOAD_PATH__"`
-#    `ExecStart=__FINALPATH__/my_app`
+#    `ExecStart=__INSTALL_DIR__/my_app`
 #     You will replace __YNH_GO_LOAD_PATH__ with $ynh_go_load_path
 #
 #  Or Go start the app directly, then you don't need to load the PATH variable
@@ -72,7 +72,7 @@ ynh_use_go () {
     ynh_go_load_path="PATH=$PATH"
 
     # Sets the local application-specific Go version
-    pushd $final_path
+    pushd $install_dir
         $goenv_install_dir/bin/goenv local $go_version
     popd
 }
diff --git a/tests.toml b/tests.toml
new file mode 100644
index 0000000..8626895
--- /dev/null
+++ b/tests.toml
@@ -0,0 +1,23 @@
+test_format = 1.0
+
+[default]
+
+    # ------------
+    # Tests to run
+    # ------------
+
+    exclude = ["install.subdir"]
+
+    # -------------------------------
+    # Default args to use for install
+    # -------------------------------
+
+    args.group_name = "public with space"
+    args.group_description = "My public space"
+
+    # -------------------------------
+    # Commits to test upgrade from
+    # -------------------------------
+
+    test_upgrade_from.212f4439.name = "Upgrade from 0.6.1~ynh2"
+    
\ No newline at end of file