From 0fcdaa46ba552f03315f0a0399a4f39c2cf51c33 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Wed, 13 Jan 2021 16:59:26 +0100 Subject: [PATCH 01/12] Upgrade sources --- conf/arm.src | 2 +- conf/arm64.src | 2 +- conf/x86-64.src | 2 +- manifest.json | 6 +++--- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/conf/arm.src b/conf/arm.src index 6f6b58f..6fd73a2 100644 --- a/conf/arm.src +++ b/conf/arm.src @@ -1,5 +1,5 @@ SOURCE_URL=https://github.com/YunoHost-Apps/galene_ynh/releases/download/v0.2/galene_0.2_Linux_arm.tar.gz -SOURCE_SUM=a7da5ff9a34422732fea1bbe9fb591c42813875ff7fcd4c30590a54c786bdf19 +SOURCE_SUM=f1c498b1897e548a69e56392a63e5a20c72a2115a8c6112725a9005ee55c0fae SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true diff --git a/conf/arm64.src b/conf/arm64.src index 0ede6a8..cfe42c2 100644 --- a/conf/arm64.src +++ b/conf/arm64.src @@ -1,5 +1,5 @@ SOURCE_URL=https://github.com/YunoHost-Apps/galene_ynh/releases/download/v0.2/galene_0.2_Linux_arm64.tar.gz -SOURCE_SUM=8e755dc9779c5301d9f63e8120e2bd307118fd2ebc1bdc003e2c2c0ce905f9c7 +SOURCE_SUM=b7d045f3df8268dab52b307152cb88be79e50b5363c1a98ca20def9021d16541 SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true diff --git a/conf/x86-64.src b/conf/x86-64.src index c236676..1ae76ef 100644 --- a/conf/x86-64.src +++ b/conf/x86-64.src @@ -1,5 +1,5 @@ SOURCE_URL=https://github.com/YunoHost-Apps/galene_ynh/releases/download/v0.2/galene_0.2_Linux_x86_64.tar.gz -SOURCE_SUM=4878741a204a35e900cf75399093f121a56f9e32b6a08a60fff254d561c18444 +SOURCE_SUM=6676942015ada1ddf5e136dfa7cd0af883ac988f117c88df64b2cb0db75b1d7d SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true diff --git a/manifest.json b/manifest.json index f969fe7..ee21141 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "Videoconferencing server that is easy to deploy", "fr": "Serveur de visioconférence facile à déployer" }, - "version": "0.2~ynh1", + "version": "0.2~ynh2", "url": "https://galene.org/", "license": "MIT", "maintainer": { @@ -73,8 +73,8 @@ "en": "Choose a name for the group you want to create", "fr": "Choisissez un nom pour le groupe que vous voulez créer" }, - "default": "groupname", - "example": "groupname" + "default": "public", + "example": "public" } ] } From 83a9ffda37fe7c1a20c2a75b0a74677049c9d19f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=89ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Wed, 13 Jan 2021 21:58:03 +0100 Subject: [PATCH 02/12] Coturn server (#13) * Add coturn server --- README.md | 1 + README_fr.md | 2 + conf/coturn-galene.service | 27 ++++++ conf/coturn/default_coturn | 5 ++ conf/coturn/turnserver.conf | 28 ++++++ conf/groupname.json | 14 ++- conf/ice-servers.json | 15 ++++ manifest.json | 8 +- scripts/_common.sh | 143 +++++++++++++++++++++++++++++- scripts/backup | 19 +++- scripts/install | 145 +++++++++++++++++++++++++++---- scripts/remove | 44 +++++++--- scripts/restore | 129 +++++++++++++++++++++++----- scripts/upgrade | 148 ++++++++++++++++++++++++++++++-- sources/Coturn_config_rotate.sh | 33 +++++++ 15 files changed, 698 insertions(+), 63 deletions(-) create mode 100644 conf/coturn-galene.service create mode 100644 conf/coturn/default_coturn create mode 100644 conf/coturn/turnserver.conf create mode 100644 conf/ice-servers.json create mode 100644 sources/Coturn_config_rotate.sh diff --git a/README.md b/README.md index 287320d..f1154eb 100644 --- a/README.md +++ b/README.md @@ -23,6 +23,7 @@ Galène is a videoconferencing server that is easy to deploy (just copy a few fi ## Configuration +To check if the TURN server is up and running, type `/relay-test` in the chat box; if the TURN server is properly configured, you should see a message saying that the relay test has been successful. ## Documentation diff --git a/README_fr.md b/README_fr.md index 22f3ab1..682d3cc 100644 --- a/README_fr.md +++ b/README_fr.md @@ -23,6 +23,8 @@ Galène est un serveur de visioconférence facile à déployer (il suffit de cop ## Configuration +Pour vérifier si le serveur TURN est opérationnel, tapez `/relay-test` dans la boîte de dialogue; si le serveur TURN est correctement configuré, vous devriez voir un message indiquant que le test du relais a réussi. + ## Documentation * Documentation officielle : https://galene.org/ diff --git a/conf/coturn-galene.service b/conf/coturn-galene.service new file mode 100644 index 0000000..5cf8abb --- /dev/null +++ b/conf/coturn-galene.service @@ -0,0 +1,27 @@ +[Unit] +Description=coturn +Documentation=man:coturn(1) man:turnadmin(1) man:turnserver(1) +After=syslog.target network.target + +[Service] +User=turnserver +Group=turnserver +Type=forking +EnvironmentFile=/etc/default/coturn-__APP__ +PIDFile=/run/coturn-__APP__/turnserver.pid +RuntimeDirectory=coturn-__APP__ +RuntimeDirectoryMode=0755 +ExecStart=/usr/bin/turnserver -o -c /etc/__APP__/coturn.conf $EXTRA_OPTIONS +ExecStopPost=/bin/rm -f /run/coturn-__APP__/turnserver.pid +Restart=on-abort + +LimitCORE=infinity +LimitNOFILE=999999 +LimitNPROC=60000 +LimitRTPRIO=infinity +LimitRTTIME=7000000 +CPUSchedulingPolicy=other +UMask=0007 + +[Install] +WantedBy=multi-user.target diff --git a/conf/coturn/default_coturn b/conf/coturn/default_coturn new file mode 100644 index 0000000..fc87269 --- /dev/null +++ b/conf/coturn/default_coturn @@ -0,0 +1,5 @@ +# +# Uncomment it if you want to have the turnserver running as +# an automatic system service daemon +# +TURNSERVER_ENABLED=1 diff --git a/conf/coturn/turnserver.conf b/conf/coturn/turnserver.conf new file mode 100644 index 0000000..da267fb --- /dev/null +++ b/conf/coturn/turnserver.conf @@ -0,0 +1,28 @@ +lt-cred-mech +use-auth-secret +static-auth-secret=__TURNPWD__ +realm=__DOMAIN__ + +tls-listening-port=__TLS_PORT__ +alt-tls-listening-port=__TLS_ALT_PORT__ +min-port=49153 +max-port=49193 +cli-port=__CLI_PORT__ + +cert=/etc/yunohost/certs/__DOMAIN__/crt.pem +pkey=/etc/yunohost/certs/__DOMAIN__/key.pem +dh-file=/etc/ssl/private/dh2048.pem + +no-sslv2 +no-sslv3 +no-tlsv1 +no-tlsv1_1 + +no-loopback-peers +no-multicast-peers + +no-cli + +log-file=/var/log/__APP__/turnserver.log +pidfile=/run/coturn-__APP__/turnserver.pid +simple-log diff --git a/conf/groupname.json b/conf/groupname.json index 9751310..4752322 100644 --- a/conf/groupname.json +++ b/conf/groupname.json @@ -1,4 +1,16 @@ { "op": [{"username": "__ADMIN__", "password": "__PASSWORD__"}], - "presenter": [{}] + "presenter": [ + {"username": "", "password": ""}, + {"username": "", "password": ""} + ], + "public": "true", + "description": "This is displayed on the landing page for public groups.", + "max-clients": 20, + "max-history-age": 14400, + "allow-recording": "true", + "allow-anonymous": "true", + "allow-subgroups": "true", + "redirect": "", + "codecs": ["vp8", "opus"] } diff --git a/conf/ice-servers.json b/conf/ice-servers.json new file mode 100644 index 0000000..320489d --- /dev/null +++ b/conf/ice-servers.json @@ -0,0 +1,15 @@ +[ + { + "urls": [ + "turn:__DOMAIN__:__TLS_PORT__", + "turn:__DOMAIN__:__TLS_ALT_PORT__", + "turn:__DOMAIN__:__TLS_PORT__?transport=tcp", + "turn:__DOMAIN__:__TLS_ALT_PORT__?transport=tcp", + "turn:__DOMAIN__:__TLS_PORT__?transport=udp", + "turn:__DOMAIN__:__TLS_ALT_PORT__?transport=udp" + ], + "username": "__APP__", + "credential": "__TURNPWD__", + "credentialType": "hmac-sha1" + } +] diff --git a/manifest.json b/manifest.json index ee21141..743d823 100644 --- a/manifest.json +++ b/manifest.json @@ -48,8 +48,8 @@ "fr": "Définissez le mot de passe administrateur" }, "help": { - "en": "Use the help field to add an information for the admin about this question.", - "fr": "Utilisez le champ aide pour ajouter une information à l'intention de l'administrateur à propos de cette question." + "en": "Set the administrator password (between 8 and 30 characters)", + "fr": "Définissez le mot de passe administrateur (entre 8 et 30 caractères)" }, "example": "Choose a password" }, @@ -73,6 +73,10 @@ "en": "Choose a name for the group you want to create", "fr": "Choisissez un nom pour le groupe que vous voulez créer" }, + "help": { + "en": "The name will be used as filename (do not use space, dots or / in your name group).", + "fr": "Le nom sera utilisé comme nom de fichier (n'utilisez pas d'espace, de points ou / dans votre groupe de noms)." + }, "default": "public", "example": "public" } diff --git a/scripts/_common.sh b/scripts/_common.sh index 24e8305..fb6b70c 100755 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -5,7 +5,7 @@ #================================================= # dependencies used by the app -pkg_dependencies="" +pkg_dependencies="coturn acl" #================================================= # PERSONAL HELPERS @@ -15,6 +15,145 @@ pkg_dependencies="" # EXPERIMENTAL HELPERS #================================================= +# Send an email to inform the administrator +# +# usage: ynh_send_readme_to_admin --app_message=app_message [--recipients=recipients] [--type=type] +# | arg: -m --app_message= - The file with the content to send to the administrator. +# | arg: -r, --recipients= - The recipients of this email. Use spaces to separate multiples recipients. - default: root +# example: "root admin@domain" +# If you give the name of a YunoHost user, ynh_send_readme_to_admin will find its email adress for you +# example: "root admin@domain user1 user2" +# | arg: -t, --type= - Type of mail, could be 'backup', 'change_url', 'install', 'remove', 'restore', 'upgrade' +ynh_send_readme_to_admin() { + # Declare an array to define the options of this helper. + declare -Ar args_array=( [m]=app_message= [r]=recipients= [t]=type= ) + local app_message + local recipients + local type + # Manage arguments with getopts + + ynh_handle_getopts_args "$@" + app_message="${app_message:-}" + recipients="${recipients:-root}" + type="${type:-install}" + + # Get the value of admin_mail_html + admin_mail_html=$(ynh_app_setting_get $app admin_mail_html) + admin_mail_html="${admin_mail_html:-0}" + + # Retrieve the email of users + find_mails () { + local list_mails="$1" + local mail + local recipients=" " + # Read each mail in argument + for mail in $list_mails + do + # Keep root or a real email address as it is + if [ "$mail" = "root" ] || echo "$mail" | grep --quiet "@" + then + recipients="$recipients $mail" + else + # But replace an user name without a domain after by its email + if mail=$(ynh_user_get_info "$mail" "mail" 2> /dev/null) + then + recipients="$recipients $mail" + fi + fi + done + echo "$recipients" + } + recipients=$(find_mails "$recipients") + + # Subject base + local mail_subject="☁️🆈🅽🅷☁️: \`$app\`" + + # Adapt the subject according to the type of mail required. + if [ "$type" = "backup" ]; then + mail_subject="$mail_subject has just been backup." + elif [ "$type" = "change_url" ]; then + mail_subject="$mail_subject has just been moved to a new URL!" + elif [ "$type" = "remove" ]; then + mail_subject="$mail_subject has just been removed!" + elif [ "$type" = "restore" ]; then + mail_subject="$mail_subject has just been restored!" + elif [ "$type" = "upgrade" ]; then + mail_subject="$mail_subject has just been upgraded!" + else # install + mail_subject="$mail_subject has just been installed!" + fi + + local mail_message="This is an automated message from your beloved YunoHost server. + +Specific information for the application $app. + +$(if [ -n "$app_message" ] +then + cat "$app_message" +else + echo "...No specific information..." +fi) + +--- +Automatic diagnosis data from YunoHost + +__PRE_TAG1__$(yunohost tools diagnosis | grep -B 100 "services:" | sed '/services:/d')__PRE_TAG2__" + + # Store the message into a file for further modifications. + echo "$mail_message" > mail_to_send + + # If a html email is required. Apply html tags to the message. + if [ "$admin_mail_html" -eq 1 ] + then + # Insert 'br' tags at each ending of lines. + ynh_replace_string "$" "
" mail_to_send + + # Insert starting HTML tags + sed --in-place '1s@^@\n\n\n\n@' mail_to_send + + # Keep tabulations + ynh_replace_string " " "\ \ " mail_to_send + ynh_replace_string "\t" "\ \ " mail_to_send + + # Insert url links tags + ynh_replace_string "__URL_TAG1__\(.*\)__URL_TAG2__\(.*\)__URL_TAG3__" "\1" mail_to_send + + # Insert pre tags + ynh_replace_string "__PRE_TAG1__" "
" mail_to_send
+                ynh_replace_string "__PRE_TAG2__" "<\pre>" mail_to_send
+
+                # Insert finishing HTML tags
+                echo -e "\n\n" >> mail_to_send
+
+        # Otherwise, remove tags to keep a plain text.
+        else
+                # Remove URL tags
+                ynh_replace_string "__URL_TAG[1,3]__" "" mail_to_send
+                ynh_replace_string "__URL_TAG2__" ": " mail_to_send
+
+                # Remove PRE tags
+                ynh_replace_string "__PRE_TAG[1-2]__" "" mail_to_send
+        fi
+
+        # Define binary to use for mail command
+        if [ -e /usr/bin/bsd-mailx ]
+        then
+                local mail_bin=/usr/bin/bsd-mailx
+        else
+                local mail_bin=/usr/bin/mail.mailutils
+        fi
+
+        if [ "$admin_mail_html" -eq 1 ]
+        then
+                content_type="text/html"
+        else
+                content_type="text/plain"
+        fi
+
+        # Send the email to the recipients
+        cat mail_to_send | $mail_bin -a "Content-Type: $content_type; charset=UTF-8" -s "$mail_subject" "$recipients"
+}
+
 #=================================================
 # FUTURE OFFICIAL HELPERS
 #=================================================
@@ -43,4 +182,4 @@ ynh_detect_arch(){
                 architecture="unknown"
         fi
         echo $architecture
-}
\ No newline at end of file
+}
diff --git a/scripts/backup b/scripts/backup
index 94a5224..6ae700f 100755
--- a/scripts/backup
+++ b/scripts/backup
@@ -39,6 +39,15 @@ ynh_print_info --message="Declaring files to be backed up..."
 #=================================================
 
 ynh_backup --src_path="$final_path"
+ynh_backup --src_path="/etc/$app"
+
+#=================================================
+# BACKUP SYSTEMD
+#=================================================
+
+ynh_backup --src_path="/etc/systemd/system/$app.service"
+ynh_backup --src_path="/etc/default/coturn-$app"
+ynh_backup --src_path="/etc/systemd/system/coturn-$app.service"
 
 #=================================================
 # BACKUP THE NGINX CONFIGURATION
@@ -52,13 +61,21 @@ ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
 # BACKUP LOGROTATE
 #=================================================
 
-#ynh_backup --src_path="/etc/logrotate.d/$app"
+ynh_backup --src_path="/etc/logrotate.d/$app"
+
+#=================================================
+# BACKUP GALÈNE LOG
+#=================================================
+
+ynh_backup --src_path="/var/log/$app"
 
 #=================================================
 # BACKUP SYSTEMD
 #=================================================
 
 ynh_backup --src_path="/etc/systemd/system/$app.service"
+ynh_backup --src_path="/etc/default/coturn-$app"
+ynh_backup --src_path="/etc/systemd/system/coturn-$app.service"
 
 #=================================================
 # END OF SCRIPT
diff --git a/scripts/install b/scripts/install
index 763b6b6..ab2463f 100755
--- a/scripts/install
+++ b/scripts/install
@@ -27,7 +27,9 @@ domain=$YNH_APP_ARG_DOMAIN
 path_url="/"
 admin=$YNH_APP_ARG_ADMIN
 is_public=$YNH_APP_ARG_IS_PUBLIC
+ynh_print_OFF
 password=$YNH_APP_ARG_PASSWORD
+ynh_print_ON
 group_name=$YNH_APP_ARG_GROUP_NAME
 architecture=$(ynh_detect_arch)
 
@@ -54,6 +56,23 @@ ynh_app_setting_set --app=$app --key=path --value=$path_url
 ynh_app_setting_set --app=$app --key=admin --value=$admin
 ynh_app_setting_set --app=$app --key=is_public --value=$is_public
 ynh_app_setting_set --app=$app --key=group_name --value=$group_name
+ynh_app_setting_set --app=$app --key=password --value=$password
+
+#=================================================
+# CREATE A DH FILE
+#=================================================
+ynh_script_progression --message="Creating a dhparam file..." --weight=3
+
+# WARNING : theses command are used in INSTALL, UPGRADE, RESTORE
+# For any update do it in all files
+
+# Make dh cert for Galène if it doesn't exist
+if [ ! -e /etc/ssl/private/dh2048.pem ]
+then
+    ynh_exec_warn_less openssl dhparam -out /etc/ssl/private/dh2048.pem -outform PEM -2 2048 -dsaparam
+    chown root:ssl-cert /etc/ssl/private/dh2048.pem
+    chmod 640 /etc/ssl/private/dh2048.pem
+fi
 
 #=================================================
 # STANDARD MODIFICATIONS
@@ -64,17 +83,28 @@ ynh_script_progression --message="Finding an available port..." --weight=3
 
 # Find an available port
 port=$(ynh_find_port --port=8443)
+turnserver_tls_port=$(ynh_find_port --port=5349)
+turnserver_alt_tls_port=$(ynh_find_port --port=$((turnserver_tls_port+1)))
+cli_port=$(ynh_find_port --port=5766)
+
 ynh_app_setting_set --app=$app --key=port --value=$port
 
 # Open the port
-# ynh_exec_warn_less yunohost firewall allow --no-upnp TCP $port
+ynh_exec_warn_less yunohost firewall allow Both $turnserver_tls_port
+ynh_exec_warn_less yunohost firewall allow Both $turnserver_alt_tls_port
+
+# Store opened ports
+ynh_app_setting_set --app=$app --key=port --value=$port
+ynh_app_setting_set --app=$app --key=turnserver_tls_port --value=$turnserver_tls_port
+ynh_app_setting_set --app=$app --key=turnserver_alt_tls_port --value=$turnserver_alt_tls_port
+ynh_app_setting_set --app=$app --key=cli_port --value=$cli_port
 
 #=================================================
 # INSTALL DEPENDENCIES
 #=================================================
-#ynh_script_progression --message="Installing dependencies..." --time --weight=1
+ynh_script_progression --message="Installing dependencies..." --weight=5
 
-#ynh_install_app_dependencies $pkg_dependencies
+ynh_install_app_dependencies $pkg_dependencies
 
 #=================================================
 # DOWNLOAD, CHECK AND UNPACK SOURCE
@@ -110,6 +140,7 @@ ynh_script_progression --message="Configuring system user..." --weight=3
 
 # Create a system user
 ynh_system_user_create --username=$app
+adduser turnserver ssl-cert
 
 #=================================================
 # SETUP SYSTEMD
@@ -119,19 +150,79 @@ ynh_script_progression --message="Configuring a systemd service..." --weight=1
 # Create a dedicated systemd config
 ynh_add_systemd_config
 
+mkdir -p /var/log/$app
+mkdir -p /etc/$app
+# Create systemd service for turnserver
+cp ../conf/coturn/default_coturn /etc/default/coturn-$app
+ynh_add_systemd_config --service=coturn-$app --template=coturn-galene.service
+
+#=================================================
+# SET COTURN CONFIG
+#=================================================
+ynh_script_progression --message="Configuring coturn..." --weight=1
+
+# WARNING : theses command are used in INSTALL, UPGRADE
+# For any update do it in all files
+
+# Find password for turnserver
+ynh_print_OFF
+turnserver_pwd=$(ynh_string_random --length=30)
+ynh_app_setting_set --app=$app --key=turnserver_pwd --value=$turnserver_pwd
+ynh_print_ON
+
+coturn_config_path="/etc/$app/coturn.conf"
+
+cp ../conf/coturn/turnserver.conf "$coturn_config_path"
+
+ynh_replace_string --match_string=__APP__ --replace_string=$app --target_file="$coturn_config_path"
+ynh_replace_string --match_string=__DOMAIN__ --replace_string=$domain --target_file="$coturn_config_path"
+ynh_replace_string --match_string=__TLS_PORT__ --replace_string=$turnserver_tls_port --target_file="$coturn_config_path"
+ynh_replace_string --match_string=__TLS_ALT_PORT__ --replace_string=$turnserver_alt_tls_port --target_file="$coturn_config_path"
+ynh_replace_string --match_string=__CLI_PORT__ --replace_string=$cli_port --target_file="$coturn_config_path"
+ynh_print_OFF
+ynh_replace_string --match_string=__TURNPWD__ --replace_string=$turnserver_pwd --target_file="$coturn_config_path"
+ynh_print_ON
+
+# Get public IP and set as external IP for coturn
+# note : '|| true' is used to ignore the errors if we can't get the public ipv4 or ipv6
+public_ip4="$(curl ip.yunohost.org)" || true
+public_ip6="$(curl ipv6.yunohost.org)" || true
+
+if [ -n "$public_ip4" ] && ynh_validate_ip4 --ip_address="$public_ip4"
+then
+    echo "external-ip=$public_ip4" >> "$coturn_config_path"
+fi
+
+if [ -n "$public_ip6" ] && ynh_validate_ip6 --ip_address="$public_ip6"
+then
+    echo "external-ip=$public_ip6" >> "$coturn_config_path"
+fi
+
+ynh_store_file_checksum --file="$coturn_config_path"
+
 #=================================================
 # MODIFY A CONFIG FILE
 #=================================================
 
 cp ../conf/passwd $final_path/data/passwd
 
-ynh_replace_string --match_string="__ADMIN__" --replace_string="$admin" --target_file="$final_path/data/passwd"
-ynh_replace_string --match_string="__PASSWORD__" --replace_string="$password" --target_file="$final_path/data/passwd"
+ynh_replace_string --match_string=__ADMIN__ --replace_string=$admin --target_file="$final_path/data/passwd"
+ynh_replace_string --match_string=__PASSWORD__ --replace_string=$password --target_file="$final_path/data/passwd"
 
-mv -f $final_path/groups/groupname.json $final_path/groups/$group_name.json
+mv $final_path/groups/groupname.json $final_path/groups/$group_name.json
 
-ynh_replace_string --match_string="__ADMIN__" --replace_string="$admin" --target_file="$final_path/groups/$group_name.json"
-ynh_replace_string --match_string="__PASSWORD__" --replace_string="$password" --target_file="$final_path/groups/$group_name.json"
+ynh_replace_string --match_string=__ADMIN__ --replace_string=$admin --target_file="$final_path/groups/$group_name.json"
+ynh_replace_string --match_string=__PASSWORD__ --replace_string=$password --target_file="$final_path/groups/$group_name.json"
+
+cp ../conf/ice-servers.json $final_path/data/ice-servers.json
+
+ynh_replace_string --match_string=__DOMAIN__ --replace_string=$domain --target_file="$final_path/data/ice-servers.json"
+ynh_replace_string --match_string=__APP__ --replace_string=$app --target_file="$final_path/data/ice-servers.json"
+ynh_replace_string --match_string=__TLS_PORT__ --replace_string=$turnserver_tls_port --target_file="$final_path/data/ice-servers.json"
+ynh_replace_string --match_string=__TLS_ALT_PORT__ --replace_string=$turnserver_alt_tls_port --target_file="$final_path/data/ice-servers.json"
+ynh_print_OFF
+ynh_replace_string --match_string=__TURNPWD__ --replace_string=$turnserver_pwd --target_file="$final_path/data/ice-servers.json"
+ynh_print_ON
 
 #=================================================
 # STORE THE CONFIG FILE CHECKSUM
@@ -140,6 +231,24 @@ ynh_replace_string --match_string="__PASSWORD__" --replace_string="$password" --
 # Calculate and store the config file checksum into the app settings
 ynh_store_file_checksum --file="$final_path/data/passwd"
 ynh_store_file_checksum --file="$final_path/groups/$group_name.json"
+ynh_store_file_checksum --file="$final_path/data/ice-servers.json"
+
+#=================================================
+# SETUP LOGROTATE
+#=================================================
+ynh_script_progression --message="Configuring log rotation..." --weight=1
+
+ynh_use_logrotate --logfile "/var/log/$app"
+
+#=================================================
+# ADD SCRIPT FOR COTURN CRON AND APP SERVICE
+#=================================================
+
+# WARNING : theses command are used in INSTALL, UPGRADE
+# For any update do it in all files
+
+cp ../sources/Coturn_config_rotate.sh $final_path/
+ynh_replace_string --match_string=__APP__ --replace_string=$app --target_file="$final_path/Coturn_config_rotate.sh"
 
 #=================================================
 # GENERIC FINALIZATION
@@ -148,16 +257,14 @@ ynh_store_file_checksum --file="$final_path/groups/$group_name.json"
 #=================================================
 
 # Set permissions to app files
-chown -R $app: $final_path
+chown -R $app:root $final_path
 chmod -R 755 $final_path
-
-#=================================================
-# SETUP LOGROTATE
-#=================================================
-#ynh_script_progression --message="Configuring log rotation..." --time --weight=1
-
-# Use logrotate to manage application logfile(s)
-#ynh_use_logrotate
+chown -R $app:root /var/log/$app
+chown -R $app:root /etc/$app
+chmod -R u=rwX,g=rX,o= /etc/$app
+chmod 770 $final_path/Coturn_config_rotate.sh
+setfacl -R -m user:turnserver:rX  /etc/$app
+setfacl -R -m user:turnserver:rwX  /var/log/$app
 
 #=================================================
 # INTEGRATE SERVICE IN YUNOHOST
@@ -165,6 +272,7 @@ chmod -R 755 $final_path
 ynh_script_progression --message="Integrating service in YunoHost..." --weight=2
 
 yunohost service add $app --description="Videoconferencing server" --log="/var/log/$app/$app.log"
+yunohost service add coturn-$app --needs_exposed_ports $turnserver_tls_port
 
 #=================================================
 # START SYSTEMD SERVICE
@@ -172,7 +280,8 @@ yunohost service add $app --description="Videoconferencing server" --log="/var/l
 ynh_script_progression --message="Starting a systemd service..." --weight=1
 
 # Start a systemd service
-ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
+ynh_systemd_action --service_name=$app --action=restart --log_path="/var/log/$app/$app.log"
+ynh_systemd_action --service_name=coturn-$app.service --action=restart
 
 #=================================================
 # SETUP SSOWAT
diff --git a/scripts/remove b/scripts/remove
index a1ec6fb..c1c0bc8 100755
--- a/scripts/remove
+++ b/scripts/remove
@@ -17,22 +17,29 @@ ynh_script_progression --message="Loading installation settings..." --weight=1
 app=$YNH_APP_INSTANCE_NAME
 
 domain=$(ynh_app_setting_get --app=$app --key=domain)
-port=$(ynh_app_setting_get --app=$app --key=port)
 final_path=$(ynh_app_setting_get --app=$app --key=final_path)
+port=$(ynh_app_setting_get --app=$app --key=port)
+turnserver_tls_port=$(ynh_app_setting_get --app=$app --key=turnserver_tls_port)
+turnserver_alt_tls_port=$(ynh_app_setting_get --app=$app --key=turnserver_alt_tls_port)
 
 #=================================================
 # STANDARD REMOVE
 #=================================================
 # REMOVE SERVICE INTEGRATION IN YUNOHOST
 #=================================================
+ynh_script_progression --message="Removing $app service integration..." --weight=1
 
 # Remove the service from the list of services known by YunoHost (added from `yunohost service add`)
 if ynh_exec_warn_less yunohost service status $app >/dev/null
 then
-	ynh_script_progression --message="Removing $app service integration..." --weight=1
 	yunohost service remove $app
 fi
 
+if ynh_exec_warn_less yunohost service status coturn-$app >/dev/null
+then
+	yunohost service remove coturn-$app
+fi
+
 #=================================================
 # STOP AND REMOVE SERVICE
 #=================================================
@@ -40,14 +47,15 @@ ynh_script_progression --message="Stopping and removing the systemd service..."
 
 # Remove the dedicated systemd config
 ynh_remove_systemd_config
+ynh_remove_systemd_config --service=coturn-$app
 
 #=================================================
 # REMOVE DEPENDENCIES
 #=================================================
-#ynh_script_progression --message="Removing dependencies..." --time --weight=1
+ynh_script_progression --message="Removing dependencies..." --weight=1
 
 # Remove metapackage and its dependencies
-#ynh_remove_app_dependencies
+ynh_remove_app_dependencies
 
 #=================================================
 # REMOVE APP MAIN DIR
@@ -55,7 +63,9 @@ ynh_remove_systemd_config
 ynh_script_progression --message="Removing app main directory..." --weight=2
 
 # Remove the app directory securely
-ynh_secure_remove --file="$final_path"
+ynh_secure_remove --file=$final_path
+ynh_secure_remove --file=/var/log/$app
+ynh_secure_remove --file=/etc/default/coturn-$app
 
 #=================================================
 # REMOVE NGINX CONFIGURATION
@@ -68,20 +78,30 @@ ynh_remove_nginx_config
 #=================================================
 # REMOVE LOGROTATE CONFIGURATION
 #=================================================
-#ynh_script_progression --message="Removing logrotate configuration..." --time --weight=1
+ynh_script_progression --message="Removing logrotate configuration..." --weight=1
 
 # Remove the app-specific logrotate config
-#ynh_remove_logrotate
+ynh_remove_logrotate
 
 #=================================================
 # CLOSE A PORT
 #=================================================
 
-# if yunohost firewall list | grep -q "\- $port$"
-# then
-# 	ynh_script_progression --message="Closing port $port..." --time --weight=1
-# 	ynh_exec_warn_less yunohost firewall disallow TCP $port
-# fi
+closeport() {
+    local port=$1
+    if yunohost firewall list | grep -q "\- $$turnserver_tls_port$"
+    then
+            ynh_script_progression --message="Closing port $turnserver_tls_port port"
+            ynh_exec_warn_less yunohost firewall disallow Both $turnserver_tls_port  
+    elif yunohost firewall list | grep -q "\- $turnserver_alt_tls_port$"
+    then
+    	ynh_script_progression --message="Closing port $turnserver_alt_tls_port port"
+    	ynh_exec_warn_less yunohost firewall disallow Both $turnserver_alt_tls_port
+    fi
+}
+
+#closeport $turnserver_tls_port
+#closeport $turnserver_alt_tls_port
 
 #=================================================
 # GENERIC FINALIZATION
diff --git a/scripts/restore b/scripts/restore
index 43e1834..643b8ed 100755
--- a/scripts/restore
+++ b/scripts/restore
@@ -31,6 +31,8 @@ domain=$(ynh_app_setting_get --app=$app --key=domain)
 path_url=$(ynh_app_setting_get --app=$app --key=path)
 final_path=$(ynh_app_setting_get --app=$app --key=final_path)
 group_name=$(ynh_app_setting_get --app=$app --key=group_name)
+turnserver_tls_port=$(ynh_app_setting_get --app=$app --key=turnserver_tls_port)
+turnserver_alt_tls_port=$(ynh_app_setting_get --app=$app --key=turnserver_alt_tls_port)
 
 #=================================================
 # CHECK IF THE APP CAN BE RESTORED
@@ -43,7 +45,15 @@ test ! -d $final_path \
 	|| ynh_die --message="There is already a directory: $final_path "
 
 #=================================================
-# STANDARD RESTORATION STEPS
+# SPECIFIC RESTORATION
+#=================================================
+# REINSTALL DEPENDENCIES
+#=================================================
+ynh_script_progression --message="Reinstalling dependencies..." --weight=1
+
+# Define and install dependencies
+ynh_install_app_dependencies $pkg_dependencies
+
 #=================================================
 # RESTORE THE NGINX CONFIGURATION
 #=================================================
@@ -56,6 +66,8 @@ ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
 ynh_script_progression --message="Restoring the app main directory..." --weight=1
 
 ynh_restore_file --origin_path="$final_path"
+ynh_restore_file --origin_path="/etc/$app"
+ynh_restore_file --origin_path="/var/log/$app"
 
 #=================================================
 # RECREATE THE DEDICATED USER
@@ -64,24 +76,8 @@ ynh_script_progression --message="Recreating the dedicated system user..." --wei
 
 # Create the dedicated user (if not existing)
 ynh_system_user_create --username=$app
-
-#=================================================
-# RESTORE USER RIGHTS
-#=================================================
-
-# Restore permissions on app files
-chown -R $app: $final_path
-chmod -R 755 $final_path
-
-#=================================================
-# SPECIFIC RESTORATION
-#=================================================
-# REINSTALL DEPENDENCIES
-#=================================================
-#ynh_script_progression --message="Reinstalling dependencies..." --weight=1
-
-# Define and install dependencies
-#ynh_install_app_dependencies $pkg_dependencies
+ynh_system_user_create --username=turnserver ssl-cert
+#adduser turnserver ssl-cert
 
 #=================================================
 # RESTORE SYSTEMD
@@ -89,7 +85,10 @@ chmod -R 755 $final_path
 ynh_script_progression --message="Restoring the systemd configuration..." --weight=1
 
 ynh_restore_file --origin_path="/etc/systemd/system/$app.service"
+ynh_restore_file --origin_path="/etc/default/coturn-$app"
+ynh_restore_file --origin_path="/etc/systemd/system/coturn-$app.service"
 systemctl enable $app.service --quiet
+systemctl enable coturn-$app.service --quiet
 
 #=================================================
 # INTEGRATE SERVICE IN YUNOHOST
@@ -97,6 +96,7 @@ systemctl enable $app.service --quiet
 ynh_script_progression --message="Integrating service in YunoHost..." --weight=2
 
 yunohost service add $app --description="Videoconferencing server" --log="/var/log/$app/$app.log"
+yunohost service add coturn-$app --needs_exposed_ports $turnserver_tls_port
 
 #=================================================
 # START SYSTEMD SERVICE
@@ -104,12 +104,101 @@ yunohost service add $app --description="Videoconferencing server" --log="/var/l
 ynh_script_progression --message="Starting a systemd service..." --weight=3
 
 ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
+yunohost service add coturn-$app --needs_exposed_ports $turnserver_tls_port
+
+#=================================================
+# CREATE A DH FILE
+#=================================================
+ynh_script_progression --message="Creating a dhparam file..." --weight=3
+
+# WARNING : theses command are used in INSTALL, UPGRADE, RESTORE
+# For any update do it in all files
+
+# Make dh cert for synapse if it doesn't exist
+if [ ! -e /etc/ssl/private/dh2048.pem ]
+then
+    ynh_exec_warn_less openssl dhparam -out /etc/ssl/private/dh2048.pem -outform PEM -2 2048 -dsaparam
+    chown root:ssl-cert /etc/ssl/private/dh2048.pem
+    chmod 640 /etc/ssl/private/dh2048.pem
+fi
+
+#=================================================
+# RECONFIGURE THE TURNSERVER
+#=================================================
+ynh_script_progression --message="Reconfiguring coturn..." --weight=23
+
+# To be sure that at the restoration the IP address in coturn config is the same as the real address we remake the coturn config
+
+# Retrieve specific settings
+turnserver_tls_port=$(ynh_app_setting_get --app=$app --key=turnserver_tls_port)
+turnserver_alt_tls_port=$(ynh_app_setting_get --app=$app --key=turnserver_alt_tls_port)
+cli_port=$(ynh_app_setting_get --app=$app --key=cli_port)
+ynh_print_OFF
+turnserver_pwd=$(ynh_app_setting_get --app=$app --key=turnserver_pwd)
+ynh_print_ON
+
+# WARNING : these commands are used in INSTALL, UPGRADE
+# For any update do it in all files
+
+coturn_config_path="/etc/$app/coturn.conf"
+
+cp ../settings/conf/coturn/turnserver.conf "$coturn_config_path"
+
+ynh_replace_string --match_string=__APP__ --replace_string=$app --target_file="$coturn_config_path"
+ynh_replace_string --match_string=__DOMAIN__ --replace_string=$domain --target_file="$coturn_config_path"
+ynh_replace_string --match_string=__TLS_PORT__ --replace_string=$turnserver_tls_port --target_file="$coturn_config_path"
+ynh_replace_string --match_string=__TLS_ALT_PORT__ --replace_string=$turnserver_alt_tls_port --target_file="$coturn_config_path"
+ynh_replace_string --match_string=__CLI_PORT__ --replace_string=$cli_port --target_file="$coturn_config_path"
+ynh_print_OFF
+ynh_replace_string --match_string=__TURNPWD__ --replace_string=$turnserver_pwd --target_file="$coturn_config_path"
+ynh_print_ON
+
+# Get public IP and set as external IP for coturn
+# note : '|| true' is used to ignore the errors if we can't get the public ipv4 or ipv6
+public_ip4="$(curl ip.yunohost.org)" || true
+public_ip6="$(curl ipv6.yunohost.org)" || true
+
+if [ -n "$public_ip4" ] && ynh_validate_ip4 --ip_address="$public_ip4"
+then
+    echo "external-ip=$public_ip4" >> "$coturn_config_path"
+fi
+
+if [ -n "$public_ip6" ] && ynh_validate_ip6 --ip_address="$public_ip6"
+then
+    echo "external-ip=$public_ip6" >> "$coturn_config_path"
+fi
+
+ynh_store_file_checksum --file="$coturn_config_path"
+
+#=================================================
+# OPEN THE PORT
+#=================================================
+
+# Ouvre le port dans le firewall
+ynh_exec_warn_less yunohost firewall allow Both $turnserver_tls_port
+ynh_exec_warn_less yunohost firewall allow Both $turnserver_alt_tls_port
+
+#=================================================
+# RESTORE USER RIGHTS
+#=================================================
+ynh_script_progression --message="Restoring permissions..." --weight=1
+
+# Restore permissions on app files
+# Set permissions on app files
+chown -R $app:root $final_path
+chmod -R 755 $final_path
+chown -R $app:root /var/log/$app
+chown -R $app:root /etc/$app
+chmod -R u=rwX,g=rX,o= /etc/$app
+chmod 770 $final_path/Coturn_config_rotate.sh
+setfacl -R -m user:turnserver:rX  /etc/$app
+setfacl -R -m user:turnserver:rwX  /var/log/$app
 
 #=================================================
 # RESTORE THE LOGROTATE CONFIGURATION
 #=================================================
 
-#ynh_restore_file --origin_path="/etc/logrotate.d/$app"
+ynh_restore_file --origin_path="/etc/logrotate.d/$app"
 
 #=================================================
 # GENERIC FINALIZATION
diff --git a/scripts/upgrade b/scripts/upgrade
index 2c849ed..5504fd3 100755
--- a/scripts/upgrade
+++ b/scripts/upgrade
@@ -21,8 +21,13 @@ path_url=$(ynh_app_setting_get --app=$app --key=path)
 admin=$(ynh_app_setting_get --app=$app --key=admin)
 is_public=$(ynh_app_setting_get --app=$app --key=is_public)
 final_path=$(ynh_app_setting_get --app=$app --key=final_path)
+password=$(ynh_app_setting_get --app=$app --key=password)
 group_name=$(ynh_app_setting_get --app=$app --key=group_name)
 port=$(ynh_app_setting_get --app=$app --key=port)
+turnserver_tls_port=$(ynh_app_setting_get --app=$app --key=turnserver_tls_port)
+turnserver_alt_tls_port=$(ynh_app_setting_get --app=$app --key=turnserver_alt_tls_port)
+cli_port=$(ynh_app_setting_get --app=$app --key=cli_port)
+turnserver_pwd=$(ynh_app_setting_get --app=$app --key=turnserver_pwd)
 architecture=$(ynh_detect_arch)
 
 #=================================================
@@ -98,6 +103,126 @@ then
     popd
 fi
 
+#=================================================
+# MULTINSTANCE SUPPORT
+#=================================================
+
+if [ ! -e /etc/$app/coturn.conf ]
+then
+    ynh_script_progression --message="Creating an independant service for coturn..." --weight=1
+
+    #=================================================
+    # CREATE AN INDEPENDANT SERVICE FOR COTURN
+    #=================================================
+
+    # Disable default config for turnserver and create a new service
+    systemctl stop coturn.service
+
+    # Set by default the system config for coturn
+    echo "" > /etc/turnserver.conf
+    ynh_replace_string --match_string="TURNSERVER_ENABLED=1" --replace_string="TURNSERVER_ENABLED=0" --target_file=/etc/default/coturn
+
+    # Set a port for each service in turnserver
+    turnserver_alt_tls_port=$(ynh_find_port --port=$((turnserver_tls_port+1)))
+    cli_port=$(ynh_find_port --port=5766)
+
+    ynh_app_setting_set --app=$app --key=turnserver_alt_tls_port --value=$turnserver_alt_tls_port
+    ynh_app_setting_set --app=$app --key=cli_port --value=$cli_port
+
+    yunohost firewall allow Both $turnserver_alt_tls_port > /dev/null 2>&1
+
+    #=================================================
+    # MAKE A CLEAN LOGROTATE CONFIG
+    #=================================================
+
+    ynh_use_logrotate --logfile /var/log/$app --nonappend
+fi
+
+#=================================================
+# CREATE A DH FILE
+#=================================================
+ynh_script_progression --message="Creating a dhparam file..." --weight=3
+
+# WARNING : theses command are used in INSTALL, UPGRADE, RESTORE
+# For any update do it in all files
+
+# Make dh cert for Galène if it doesn't exist
+if [ ! -e /etc/ssl/private/dh2048.pem ]
+then
+    ynh_exec_warn_less openssl dhparam -out /etc/ssl/private/dh2048.pem -outform PEM -2 2048 -dsaparam
+    chown root:ssl-cert /etc/ssl/private/dh2048.pem
+    chmod 640 /etc/ssl/private/dh2048.pem
+fi
+
+#=================================================
+# SPECIFIC UPGRADE
+#=================================================
+# UPDATE COTURN CONFIG
+#=================================================
+ynh_script_progression --message="Updating coturn config..." --weight=1
+
+# WARNING : theses command are used in INSTALL, UPGRADE
+# For any update do it in all files
+
+coturn_config_path="/etc/$app/coturn.conf"
+
+cp ../conf/coturn/turnserver.conf "$coturn_config_path"
+
+ynh_replace_string --match_string=__APP__ --replace_string=$app --target_file="$coturn_config_path"
+ynh_replace_string --match_string=__DOMAIN__ --replace_string=$domain --target_file="$coturn_config_path"
+ynh_replace_string --match_string=__TLS_PORT__ --replace_string=$turnserver_tls_port --target_file="$coturn_config_path"
+ynh_replace_string --match_string=__TLS_ALT_PORT__ --replace_string=$turnserver_alt_tls_port --target_file="$coturn_config_path"
+ynh_replace_string --match_string=__CLI_PORT__ --replace_string=$cli_port --target_file="$coturn_config_path"
+ynh_print_OFF
+ynh_replace_string --match_string=__TURNPWD__ --replace_string=$turnserver_pwd --target_file="$coturn_config_path"
+ynh_print_ON
+
+# Get public IP and set as external IP for coturn
+# note : '|| true' is used to ignore the errors if we can't get the public ipv4 or ipv6
+public_ip4="$(curl ip.yunohost.org)" || true
+public_ip6="$(curl ipv6.yunohost.org)" || true
+
+if [ -n "$public_ip4" ] && ynh_validate_ip4 --ip_address="$public_ip4"
+then
+    echo "external-ip=$public_ip4" >> "$coturn_config_path"
+fi
+
+if [ -n "$public_ip6" ] && ynh_validate_ip6 --ip_address="$public_ip6"
+then
+    echo "external-ip=$public_ip6" >> "$coturn_config_path"
+fi
+
+ynh_store_file_checksum --file="$coturn_config_path"
+
+#=================================================
+# ADD SCRIPT FOR COTURN CRON AND APP SERVICE
+#=================================================
+
+# WARNING : theses command are used in INSTALL, UPGRADE
+# For any update do it in all files
+
+cp ../sources/Coturn_config_rotate.sh $final_path/
+ynh_replace_string --match_string=__APP__ --replace_string=$app --target_file="$final_path/Coturn_config_rotate.sh"
+
+#=================================================
+# MODIFY A CONFIG FILE
+#=================================================
+
+cp ../conf/passwd $final_path/data/passwd
+
+ynh_replace_string --match_string=__ADMIN__ --replace_string=$admin --target_file="$final_path/data/passwd"
+ynh_replace_string --match_string=__PASSWORD__ --replace_string=$password --target_file="$final_path/data/passwd"
+
+cp ../conf/ice-servers.json $final_path/data/ice-servers.json
+
+ynh_replace_string --match_string=__DOMAIN__ --replace_string=$domain --target_file="$final_path/data/ice-servers.json"
+ynh_replace_string --match_string=__APP__ --replace_string=$app --target_file="$final_path/data/ice-servers.json"
+ynh_replace_string --match_string=__TLS_PORT__ --replace_string=$turnserver_tls_port --target_file="$final_path/data/ice-servers.json"
+ynh_replace_string --match_string=__TLS_ALT_PORT__ --replace_string=$turnserver_alt_tls_port --target_file="$final_path/data/ice-servers.json"
+ynh_print_OFF
+ynh_replace_string --match_string=__TURNPWD__ --replace_string=$turnserver_pwd --target_file="$final_path/data/ice-servers.json"
+ynh_print_ON
+
 #=================================================
 # NGINX CONFIGURATION
 #=================================================
@@ -109,9 +234,9 @@ ynh_add_nginx_config
 #=================================================
 # UPGRADE DEPENDENCIES
 #=================================================
-#ynh_script_progression --message="Upgrading dependencies..." --weight=1
+ynh_script_progression --message="Upgrading dependencies..." --weight=1
 
-#ynh_install_app_dependencies $pkg_dependencies
+ynh_install_app_dependencies $pkg_dependencies
 
 #=================================================
 # CREATE DEDICATED USER
@@ -120,6 +245,7 @@ ynh_script_progression --message="Making sure dedicated system user exists..." -
 
 # Create a dedicated user (if not existing)
 ynh_system_user_create --username=$app
+adduser turnserver ssl-cert
 
 #=================================================
 # SETUP SYSTEMD
@@ -136,30 +262,38 @@ ynh_add_systemd_config
 #=================================================
 
 # Set permissions on app files
-chown -R $app: $final_path
+chown -R $app:root $final_path
 chmod -R 755 $final_path
+chown -R $app:root /var/log/$app
+chown -R $app:root /etc/$app
+chmod -R u=rwX,g=rX,o= /etc/$app
+chmod 770 $final_path/Coturn_config_rotate.sh
+setfacl -R -m user:turnserver:rX  /etc/$app
+setfacl -R -m user:turnserver:rwX  /var/log/$app
 
 #=================================================
 # SETUP LOGROTATE
 #=================================================
-# ynh_script_progression --message="Upgrading logrotate configuration..." --time --weight=1
+ynh_script_progression --message="Upgrading logrotate configuration..." --weight=1
 
 # # Use logrotate to manage app-specific logfile(s)
-# ynh_use_logrotate --non-append
+ynh_use_logrotate --non-append
 
 #=================================================
 # INTEGRATE SERVICE IN YUNOHOST
 #=================================================
-ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
+ynh_script_progression --message="Integrating service in YunoHost..." --weight=2
 
 yunohost service add $app --description="Videoconferencing server" --log="/var/log/$app/$app.log"
+yunohost service add coturn-$app --needs_exposed_ports $turnserver_tls_port
 
 #=================================================
 # START SYSTEMD SERVICE
 #=================================================
 ynh_script_progression --message="Starting a systemd service..." --weight=1
 
-ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
+ynh_systemd_action --service_name=coturn-$app.service --action=restart
+ynh_systemd_action --service_name=$app --action=restart --log_path="/var/log/$app/$app.log"
 
 #=================================================
 # RELOAD NGINX
diff --git a/sources/Coturn_config_rotate.sh b/sources/Coturn_config_rotate.sh
new file mode 100644
index 0000000..7c2d704
--- /dev/null
+++ b/sources/Coturn_config_rotate.sh
@@ -0,0 +1,33 @@
+#!/bin/bash
+
+app_instance=__APP__
+
+source /usr/share/yunohost/helpers
+
+external_IP_line="external-ip=__IPV4__,__IPV6__"
+
+public_ip4="$(curl ip.yunohost.org)" || true
+public_ip6="$(curl ipv6.yunohost.org)" || true
+
+if [ -n "$public_ip4" ] && ynh_validate_ip4 --ip_address="$public_ip4"
+then
+    echo "external-ip=$public_ip4" >> "$coturn_config_path"
+fi
+
+if [ -n "$public_ip6" ] && ynh_validate_ip6 --ip_address="$public_ip6"
+then
+    echo "external-ip=$public_ip6" >> "$coturn_config_path"
+fi
+
+old_config_line=$(egrep "^external-ip=.*\$" "/etc/matrix-$app_instance/coturn.conf")
+ynh_replace_string "^external-ip=.*\$" "$external_IP_line" "/etc/matrix-$app_instance/coturn.conf"
+new_config_line=$(egrep "^external-ip=.*\$" "/etc/matrix-$app_instance/coturn.conf")
+
+setfacl -R -m user:turnserver:rX  /etc/matrix-$app_instance
+
+if [ "$old_config_line" != "$new_config_line" ]
+then
+    systemctl restart coturn-$app_instance.service
+fi
+
+exit 0

From 246bfe9d8101610921e487a43808cb2f8c8c8f2c Mon Sep 17 00:00:00 2001
From: ericgaspar 
Date: Wed, 13 Jan 2021 22:25:23 +0100
Subject: [PATCH 03/12] Update install

---
 scripts/install | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/install b/scripts/install
index ab2463f..00236b0 100755
--- a/scripts/install
+++ b/scripts/install
@@ -209,7 +209,7 @@ cp ../conf/passwd $final_path/data/passwd
 ynh_replace_string --match_string=__ADMIN__ --replace_string=$admin --target_file="$final_path/data/passwd"
 ynh_replace_string --match_string=__PASSWORD__ --replace_string=$password --target_file="$final_path/data/passwd"
 
-mv $final_path/groups/groupname.json $final_path/groups/$group_name.json
+mv -f $final_path/groups/groupname.json $final_path/groups/$group_name.json
 
 ynh_replace_string --match_string=__ADMIN__ --replace_string=$admin --target_file="$final_path/groups/$group_name.json"
 ynh_replace_string --match_string=__PASSWORD__ --replace_string=$password --target_file="$final_path/groups/$group_name.json"

From 261b3b84787c68180c6f406febae5b36769ecb95 Mon Sep 17 00:00:00 2001
From: ericgaspar 
Date: Wed, 13 Jan 2021 22:30:55 +0100
Subject: [PATCH 04/12] Update install

---
 scripts/install | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/scripts/install b/scripts/install
index 00236b0..497e8c3 100755
--- a/scripts/install
+++ b/scripts/install
@@ -209,11 +209,12 @@ cp ../conf/passwd $final_path/data/passwd
 ynh_replace_string --match_string=__ADMIN__ --replace_string=$admin --target_file="$final_path/data/passwd"
 ynh_replace_string --match_string=__PASSWORD__ --replace_string=$password --target_file="$final_path/data/passwd"
 
+cp -f $final_path/groups/groupname.json $final_path/groups/groupname.json
+
+ynh_replace_string --match_string=__ADMIN__ --replace_string=$admin --target_file="$final_path/groups/groupname.json"
+ynh_replace_string --match_string=__PASSWORD__ --replace_string=$password --target_file="$final_path/groups/groupnamejson"
+
 mv -f $final_path/groups/groupname.json $final_path/groups/$group_name.json
-
-ynh_replace_string --match_string=__ADMIN__ --replace_string=$admin --target_file="$final_path/groups/$group_name.json"
-ynh_replace_string --match_string=__PASSWORD__ --replace_string=$password --target_file="$final_path/groups/$group_name.json"
-
 cp ../conf/ice-servers.json $final_path/data/ice-servers.json
 
 ynh_replace_string --match_string=__DOMAIN__ --replace_string=$domain --target_file="$final_path/data/ice-servers.json"

From 5abfd49afb8a10e69280332d20fcf176ff31aeb8 Mon Sep 17 00:00:00 2001
From: ericgaspar 
Date: Wed, 13 Jan 2021 22:37:15 +0100
Subject: [PATCH 05/12] Update install

---
 scripts/install | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/scripts/install b/scripts/install
index 497e8c3..07a0223 100755
--- a/scripts/install
+++ b/scripts/install
@@ -209,12 +209,11 @@ cp ../conf/passwd $final_path/data/passwd
 ynh_replace_string --match_string=__ADMIN__ --replace_string=$admin --target_file="$final_path/data/passwd"
 ynh_replace_string --match_string=__PASSWORD__ --replace_string=$password --target_file="$final_path/data/passwd"
 
-cp -f $final_path/groups/groupname.json $final_path/groups/groupname.json
+mv ../conf/groupname.json $final_path/groups/$group_name.json
 
-ynh_replace_string --match_string=__ADMIN__ --replace_string=$admin --target_file="$final_path/groups/groupname.json"
-ynh_replace_string --match_string=__PASSWORD__ --replace_string=$password --target_file="$final_path/groups/groupnamejson"
+ynh_replace_string --match_string=__ADMIN__ --replace_string=$admin --target_file="$final_path/groups/$group_name.json"
+ynh_replace_string --match_string=__PASSWORD__ --replace_string=$password --target_file="$final_path/groups/$group_name.json"
 
-mv -f $final_path/groups/groupname.json $final_path/groups/$group_name.json
 cp ../conf/ice-servers.json $final_path/data/ice-servers.json
 
 ynh_replace_string --match_string=__DOMAIN__ --replace_string=$domain --target_file="$final_path/data/ice-servers.json"

From 1959123d53f6bd25c08b7207eb9cb6cb5c1ecbd2 Mon Sep 17 00:00:00 2001
From: ericgaspar 
Date: Wed, 13 Jan 2021 22:42:50 +0100
Subject: [PATCH 06/12] Update groupname.json

---
 conf/groupname.json | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/conf/groupname.json b/conf/groupname.json
index 4752322..1d9aadf 100644
--- a/conf/groupname.json
+++ b/conf/groupname.json
@@ -4,13 +4,13 @@
         {"username": "", "password": ""},
         {"username": "", "password": ""}
     ],
-    "public": "true",
+    "public": true,
     "description": "This is displayed on the landing page for public groups.",
     "max-clients": 20,
     "max-history-age": 14400,
-    "allow-recording": "true",
-    "allow-anonymous": "true",
-    "allow-subgroups": "true",
+    "allow-recording": true,
+    "allow-anonymous": true,
+    "allow-subgroups": true,
     "redirect": "",
     "codecs": ["vp8", "opus"]
 }

From 99c0070f256e5ca39bb6b4d975422acfbb312953 Mon Sep 17 00:00:00 2001
From: ericgaspar 
Date: Wed, 13 Jan 2021 22:53:36 +0100
Subject: [PATCH 07/12] Update manifest.json

---
 manifest.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/manifest.json b/manifest.json
index 743d823..3deffad 100644
--- a/manifest.json
+++ b/manifest.json
@@ -6,7 +6,7 @@
         "en": "Videoconferencing server that is easy to deploy",
         "fr": "Serveur de visioconférence facile à déployer"
     },
-    "version": "0.2~ynh2",
+    "version": "0.2~ynh3",
     "url": "https://galene.org/",
     "license": "MIT",
     "maintainer": {

From 4e0e3a4d739b7e8a9f4ad799d30ee146844f3c62 Mon Sep 17 00:00:00 2001
From: ericgaspar 
Date: Wed, 13 Jan 2021 23:06:38 +0100
Subject: [PATCH 08/12] Update install

---
 scripts/install | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/scripts/install b/scripts/install
index 07a0223..e0dd280 100755
--- a/scripts/install
+++ b/scripts/install
@@ -161,7 +161,7 @@ ynh_add_systemd_config --service=coturn-$app --template=coturn-galene.service
 #=================================================
 ynh_script_progression --message="Configuring coturn..." --weight=1
 
-# WARNING : theses command are used in INSTALL, UPGRADE
+# WARNING: theses command are used in INSTALL, UPGRADE
 # For any update do it in all files
 
 # Find password for turnserver
@@ -184,7 +184,7 @@ ynh_replace_string --match_string=__TURNPWD__ --replace_string=$turnserver_pwd -
 ynh_print_ON
 
 # Get public IP and set as external IP for coturn
-# note : '|| true' is used to ignore the errors if we can't get the public ipv4 or ipv6
+# note: '|| true' is used to ignore the errors if we can't get the public ipv4 or ipv6
 public_ip4="$(curl ip.yunohost.org)" || true
 public_ip6="$(curl ipv6.yunohost.org)" || true
 
@@ -209,7 +209,7 @@ cp ../conf/passwd $final_path/data/passwd
 ynh_replace_string --match_string=__ADMIN__ --replace_string=$admin --target_file="$final_path/data/passwd"
 ynh_replace_string --match_string=__PASSWORD__ --replace_string=$password --target_file="$final_path/data/passwd"
 
-mv ../conf/groupname.json $final_path/groups/$group_name.json
+cp ../conf/groupname.json $final_path/groups/$group_name.json
 
 ynh_replace_string --match_string=__ADMIN__ --replace_string=$admin --target_file="$final_path/groups/$group_name.json"
 ynh_replace_string --match_string=__PASSWORD__ --replace_string=$password --target_file="$final_path/groups/$group_name.json"

From ecc34afa8cacd6f116a327f1e54986b0298f96a5 Mon Sep 17 00:00:00 2001
From: ericgaspar 
Date: Fri, 15 Jan 2021 14:36:51 +0100
Subject: [PATCH 09/12] Add send email

---
 README.md       | 29 ++++++++++++++++++++++++++++-
 scripts/install | 18 ++++++++++++++++++
 scripts/restore | 15 +++++++++++++++
 3 files changed, 61 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index f1154eb..9b39d0e 100644
--- a/README.md
+++ b/README.md
@@ -23,7 +23,34 @@ Galène is a videoconferencing server that is easy to deploy (just copy a few fi
 
 ## Configuration
 
-To check if the TURN server is up and running, type `/relay-test` in the chat box; if the TURN server is properly configured, you should see a message saying that the relay test has been successful.
+### Turnserver
+
+For Voip and video conferencing a turnserver is also installed (and configured). The turnserver listens on two UDP and TCP ports. You can get them with these commands:
+
+```
+sudo yunohost app setting galene turnserver_tls_port
+sudo yunohost app setting galene turnserver_alt_tls_port
+```
+
+The turnserver will also choose a port dynamically when a new call starts. The range is between 49153 - 49193.
+
+For some security reason the ports range (49153 - 49193) isn't automatically open by default. If you want to use the synapse server for voip or conferencing you will need to open this port range manually. To do this just run this command:
+
+```
+sudo yunohost firewall allow Both 49153:49193
+```
+
+You might also need to open these ports (if it is not automatically done) on your ISP box.
+
+To prevent the situation when the server is behind a NAT, the public IP is written in the turnserver config. By this the turnserver can send its real public IP to the client. For more information see [the coturn example config file](https://github.com/coturn/coturn/blob/master/examples/etc/turnserver.conf#L102-L120).So if your IP changes, you could run the script `/opt/yunohost/__GALENE_INSTANCE_NAME__/Coturn_config_rotate.sh` to update your config.
+
+If you have a dynamic IP address, you also might need to update this config automatically. To do that just edit a file named `/etc/cron.d/coturn_config_rotate` and add the following content (just adapt the __SYNAPSE_INSTANCE_NAME__ which could be `galene` or maybe `galene__2`).
+
+```
+*/15 * * * * root bash /opt/yunohost/__GALENE_INSTANCE_NAME__/Coturn_config_rotate.sh;
+```
+
+To check if the TURN server is up and running in Galène, connect as operator and type `/relay-test` in the chat box; if the TURN server is properly configured, you should see a message saying that the relay test has been successful.
 
 ## Documentation
 
diff --git a/scripts/install b/scripts/install
index e0dd280..51df491 100755
--- a/scripts/install
+++ b/scripts/install
@@ -301,6 +301,24 @@ ynh_script_progression --message="Reloading NGINX web server..." --weight=2
 
 ynh_systemd_action --service_name=nginx --action=reload
 
+#=================================================
+# SEND A README FOR THE ADMIN
+#=================================================
+
+# WARNING : theses command are used in INSTALL, RESTORE
+# For any update do it in all files
+
+echo "
+You also need to open the TCP port $synapse_tls_port on your ISP box if it's not automatically done.
+
+Your Galène server also implements a turnserver (for VoIP), to have this fully functional please read the 'Turnserver' section in the README available here: https://github.com/YunoHost-Apps/galene_ynh .
+
+If you're facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/galene_ynh
+
+You also need a valid TLS certificate for the domain used by Galène. To do that you can refer to the documentation here: https://yunohost.org/#/certificate_en" > mail_to_send
+
+ynh_send_readme_to_admin --app_message="mail_to_send" --type="install"
+
 #=================================================
 # END OF SCRIPT
 #=================================================
diff --git a/scripts/restore b/scripts/restore
index 643b8ed..2b08f92 100755
--- a/scripts/restore
+++ b/scripts/restore
@@ -200,6 +200,21 @@ setfacl -R -m user:turnserver:rwX  /var/log/$app
 
 ynh_restore_file --origin_path="/etc/logrotate.d/$app"
 
+#=================================================
+# SEND A README FOR THE ADMIN
+#=================================================
+
+# WARNING : theses command are used in INSTALL, RESTORE
+# For any update do it in all files
+
+echo "
+
+Your Galène server also implements a turnserver (for VoIP), to have this fully functional please read the 'Turnserver' section in the README available here: https://github.com/YunoHost-Apps/galene_ynh .
+
+If you're facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/galene_ynh" > mail_to_send
+
+ynh_send_readme_to_admin --app_message="mail_to_send" --type="restore"
+
 #=================================================
 # GENERIC FINALIZATION
 #=================================================

From b181711c08f1fcab6dee933b0ad05820da2abe8c Mon Sep 17 00:00:00 2001
From: ericgaspar 
Date: Fri, 15 Jan 2021 16:01:14 +0100
Subject: [PATCH 10/12] Fix

---
 README.md                  | 12 ++++++------
 conf/coturn-galene.service |  2 +-
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/README.md b/README.md
index 9b39d0e..8378274 100644
--- a/README.md
+++ b/README.md
@@ -25,16 +25,16 @@ Galène is a videoconferencing server that is easy to deploy (just copy a few fi
 
 ### Turnserver
 
-For Voip and video conferencing a turnserver is also installed (and configured). The turnserver listens on two UDP and TCP ports. You can get them with these commands:
+For VoIP and video conferencing a TURN server is also installed (and configured). The TURN server listens on two UDP and TCP ports. You can get them with these commands:
 
 ```
 sudo yunohost app setting galene turnserver_tls_port
 sudo yunohost app setting galene turnserver_alt_tls_port
 ```
 
-The turnserver will also choose a port dynamically when a new call starts. The range is between 49153 - 49193.
+The TURN server will also choose a port dynamically when a new call starts. The range is between 49153 - 49193.
 
-For some security reason the ports range (49153 - 49193) isn't automatically open by default. If you want to use the synapse server for voip or conferencing you will need to open this port range manually. To do this just run this command:
+For some security reason the ports range (49153 - 49193) isn't automatically open by default. If you want to use Galène server for VoIP or conferencing you will need to open this port range manually. To do this, just run this command:
 
 ```
 sudo yunohost firewall allow Both 49153:49193
@@ -42,15 +42,15 @@ sudo yunohost firewall allow Both 49153:49193
 
 You might also need to open these ports (if it is not automatically done) on your ISP box.
 
-To prevent the situation when the server is behind a NAT, the public IP is written in the turnserver config. By this the turnserver can send its real public IP to the client. For more information see [the coturn example config file](https://github.com/coturn/coturn/blob/master/examples/etc/turnserver.conf#L102-L120).So if your IP changes, you could run the script `/opt/yunohost/__GALENE_INSTANCE_NAME__/Coturn_config_rotate.sh` to update your config.
+To prevent the situation when the server is behind a NAT, the public IP is written in the TURN server config. By this the TURN server can send its real public IP to the client. For more information see [the coturn example config file](https://github.com/coturn/coturn/blob/master/examples/etc/turnserver.conf#L56-L62).So if your IP changes, you could run the script `/opt/yunohost/__GALENE_INSTANCE_NAME__/Coturn_config_rotate.sh` to update your config.
 
-If you have a dynamic IP address, you also might need to update this config automatically. To do that just edit a file named `/etc/cron.d/coturn_config_rotate` and add the following content (just adapt the __SYNAPSE_INSTANCE_NAME__ which could be `galene` or maybe `galene__2`).
+If you have a dynamic IP address, you also might need to update this config automatically. To do that just edit a file named `/etc/cron.d/coturn_config_rotate` and add the following content (just adapt the __GALENE_INSTANCE_NAME__ which could be `galene` or maybe `galene__2`).
 
 ```
 */15 * * * * root bash /opt/yunohost/__GALENE_INSTANCE_NAME__/Coturn_config_rotate.sh;
 ```
 
-To check if the TURN server is up and running in Galène, connect as operator and type `/relay-test` in the chat box; if the TURN server is properly configured, you should see a message saying that the relay test has been successful.
+To check if Galène can connect to the TURN server, connect to Galène as operator and type `/relay-test` in the chat box; if the TURN server is properly configured, you should see a message saying that the relay test has been successful.
 
 ## Documentation
 
diff --git a/conf/coturn-galene.service b/conf/coturn-galene.service
index 5cf8abb..09d9cc4 100644
--- a/conf/coturn-galene.service
+++ b/conf/coturn-galene.service
@@ -1,5 +1,5 @@
 [Unit]
-Description=coturn
+Description=Coturn STUN/TURN Server
 Documentation=man:coturn(1) man:turnadmin(1) man:turnserver(1)
 After=syslog.target network.target
 

From 2e91ae1ada23ab7443585bddea8f666baa9093ec Mon Sep 17 00:00:00 2001
From: ericgaspar 
Date: Fri, 15 Jan 2021 16:27:56 +0100
Subject: [PATCH 11/12] Fix

---
 scripts/install | 11 ++++++++---
 scripts/restore |  4 +---
 2 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/scripts/install b/scripts/install
index 51df491..3ee5bf3 100755
--- a/scripts/install
+++ b/scripts/install
@@ -308,10 +308,15 @@ ynh_systemd_action --service_name=nginx --action=reload
 # WARNING : theses command are used in INSTALL, RESTORE
 # For any update do it in all files
 
-echo "
-You also need to open the TCP port $synapse_tls_port on your ISP box if it's not automatically done.
+echo "Galène was successfully installed :)
 
-Your Galène server also implements a turnserver (for VoIP), to have this fully functional please read the 'Turnserver' section in the README available here: https://github.com/YunoHost-Apps/galene_ynh .
+Galène is now accesible at this adress: https://$domain
+
+Your operator credentials:
+Username: $admin
+Password: $password
+
+Galène implements a TURN server (for VoIP), to have this fully functional please read the 'TURN server' section in the README available here: https://github.com/YunoHost-Apps/galene_ynh .
 
 If you're facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/galene_ynh
 
diff --git a/scripts/restore b/scripts/restore
index 2b08f92..8903707 100755
--- a/scripts/restore
+++ b/scripts/restore
@@ -207,9 +207,7 @@ ynh_restore_file --origin_path="/etc/logrotate.d/$app"
 # WARNING : theses command are used in INSTALL, RESTORE
 # For any update do it in all files
 
-echo "
-
-Your Galène server also implements a turnserver (for VoIP), to have this fully functional please read the 'Turnserver' section in the README available here: https://github.com/YunoHost-Apps/galene_ynh .
+echo "Galène also implements a TURN server (for VoIP), to have this fully functional please read the 'Turnserver' section in the README available here: https://github.com/YunoHost-Apps/galene_ynh .
 
 If you're facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/galene_ynh" > mail_to_send
 

From f16c8744f6f173c202c75f3f0874445a766e783d Mon Sep 17 00:00:00 2001
From: ericgaspar 
Date: Fri, 15 Jan 2021 16:34:46 +0100
Subject: [PATCH 12/12] Fix

---
 scripts/backup     |  2 +-
 scripts/change_url |  4 ++--
 scripts/install    |  8 ++------
 scripts/remove     | 11 ++++-------
 scripts/restore    |  6 +++---
 scripts/upgrade    | 10 ++++------
 6 files changed, 16 insertions(+), 25 deletions(-)

diff --git a/scripts/backup b/scripts/backup
index 6ae700f..c0f1b6d 100755
--- a/scripts/backup
+++ b/scripts/backup
@@ -81,4 +81,4 @@ ynh_backup --src_path="/etc/systemd/system/coturn-$app.service"
 # END OF SCRIPT
 #=================================================
 
-ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)."
+ynh_print_info --message="Backup script completed for Galène. (YunoHost will then actually copy those files to the archive)."
diff --git a/scripts/change_url b/scripts/change_url
index 10d80ee..0dbac85 100755
--- a/scripts/change_url
+++ b/scripts/change_url
@@ -33,7 +33,7 @@ port=$(ynh_app_setting_get --app=$app --key=port)
 #=================================================
 # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
 #=================================================
-ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=1
+ynh_script_progression --message="Backing up Galène before changing its URL (may take a while)..." --weight=1
 
 # Backup the current version of the app
 ynh_backup_before_upgrade
@@ -121,4 +121,4 @@ ynh_systemd_action --service_name=nginx --action=reload
 # END OF SCRIPT
 #=================================================
 
-ynh_script_progression --message="Change of URL completed for $app" --last
+ynh_script_progression --message="Change of URL completed for Galène" --last
diff --git a/scripts/install b/scripts/install
index 3ee5bf3..85e6c06 100755
--- a/scripts/install
+++ b/scripts/install
@@ -159,7 +159,7 @@ ynh_add_systemd_config --service=coturn-$app --template=coturn-galene.service
 #=================================================
 # SET COTURN CONFIG
 #=================================================
-ynh_script_progression --message="Configuring coturn..." --weight=1
+ynh_script_progression --message="Configuring Coturn..." --weight=1
 
 # WARNING: theses command are used in INSTALL, UPGRADE
 # For any update do it in all files
@@ -173,7 +173,6 @@ ynh_print_ON
 coturn_config_path="/etc/$app/coturn.conf"
 
 cp ../conf/coturn/turnserver.conf "$coturn_config_path"
-
 ynh_replace_string --match_string=__APP__ --replace_string=$app --target_file="$coturn_config_path"
 ynh_replace_string --match_string=__DOMAIN__ --replace_string=$domain --target_file="$coturn_config_path"
 ynh_replace_string --match_string=__TLS_PORT__ --replace_string=$turnserver_tls_port --target_file="$coturn_config_path"
@@ -205,17 +204,14 @@ ynh_store_file_checksum --file="$coturn_config_path"
 #=================================================
 
 cp ../conf/passwd $final_path/data/passwd
-
 ynh_replace_string --match_string=__ADMIN__ --replace_string=$admin --target_file="$final_path/data/passwd"
 ynh_replace_string --match_string=__PASSWORD__ --replace_string=$password --target_file="$final_path/data/passwd"
 
 cp ../conf/groupname.json $final_path/groups/$group_name.json
-
 ynh_replace_string --match_string=__ADMIN__ --replace_string=$admin --target_file="$final_path/groups/$group_name.json"
 ynh_replace_string --match_string=__PASSWORD__ --replace_string=$password --target_file="$final_path/groups/$group_name.json"
 
 cp ../conf/ice-servers.json $final_path/data/ice-servers.json
-
 ynh_replace_string --match_string=__DOMAIN__ --replace_string=$domain --target_file="$final_path/data/ice-servers.json"
 ynh_replace_string --match_string=__APP__ --replace_string=$app --target_file="$final_path/data/ice-servers.json"
 ynh_replace_string --match_string=__TLS_PORT__ --replace_string=$turnserver_tls_port --target_file="$final_path/data/ice-servers.json"
@@ -328,4 +324,4 @@ ynh_send_readme_to_admin --app_message="mail_to_send" --type="install"
 # END OF SCRIPT
 #=================================================
 
-ynh_script_progression --message="Installation of $app completed" --last
+ynh_script_progression --message="Installation of Galène completed" --last
diff --git a/scripts/remove b/scripts/remove
index c1c0bc8..66f2e7e 100755
--- a/scripts/remove
+++ b/scripts/remove
@@ -27,7 +27,7 @@ turnserver_alt_tls_port=$(ynh_app_setting_get --app=$app --key=turnserver_alt_tl
 #=================================================
 # REMOVE SERVICE INTEGRATION IN YUNOHOST
 #=================================================
-ynh_script_progression --message="Removing $app service integration..." --weight=1
+ynh_script_progression --message="Removing Galène service integration..." --weight=1
 
 # Remove the service from the list of services known by YunoHost (added from `yunohost service add`)
 if ynh_exec_warn_less yunohost service status $app >/dev/null
@@ -60,7 +60,7 @@ ynh_remove_app_dependencies
 #=================================================
 # REMOVE APP MAIN DIR
 #=================================================
-ynh_script_progression --message="Removing app main directory..." --weight=2
+ynh_script_progression --message="Removing Galène main directory..." --weight=2
 
 # Remove the app directory securely
 ynh_secure_remove --file=$final_path
@@ -89,7 +89,7 @@ ynh_remove_logrotate
 
 closeport() {
     local port=$1
-    if yunohost firewall list | grep -q "\- $$turnserver_tls_port$"
+    if yunohost firewall list | grep -q "\- $turnserver_tls_port$"
     then
             ynh_script_progression --message="Closing port $turnserver_tls_port port"
             ynh_exec_warn_less yunohost firewall disallow Both $turnserver_tls_port  
@@ -100,9 +100,6 @@ closeport() {
     fi
 }
 
-#closeport $turnserver_tls_port
-#closeport $turnserver_alt_tls_port
-
 #=================================================
 # GENERIC FINALIZATION
 #=================================================
@@ -117,4 +114,4 @@ ynh_system_user_delete --username=$app
 # END OF SCRIPT
 #=================================================
 
-ynh_script_progression --message="Removal of $app completed" --last
+ynh_script_progression --message="Removal of Galène completed" --last
diff --git a/scripts/restore b/scripts/restore
index 8903707..d515607 100755
--- a/scripts/restore
+++ b/scripts/restore
@@ -63,7 +63,7 @@ ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
 #=================================================
 # RESTORE THE APP MAIN DIR
 #=================================================
-ynh_script_progression --message="Restoring the app main directory..." --weight=1
+ynh_script_progression --message="Restoring Galène main directory..." --weight=1
 
 ynh_restore_file --origin_path="$final_path"
 ynh_restore_file --origin_path="/etc/$app"
@@ -125,7 +125,7 @@ fi
 #=================================================
 # RECONFIGURE THE TURNSERVER
 #=================================================
-ynh_script_progression --message="Reconfiguring coturn..." --weight=23
+ynh_script_progression --message="Reconfiguring Coturn..." --weight=23
 
 # To be sure that at the restoration the IP address in coturn config is the same as the real address we remake the coturn config
 
@@ -226,4 +226,4 @@ ynh_systemd_action --service_name=nginx --action=reload
 # END OF SCRIPT
 #=================================================
 
-ynh_script_progression --message="Restoration completed for $app" --last
+ynh_script_progression --message="Restoration completed for Galène" --last
diff --git a/scripts/upgrade b/scripts/upgrade
index 5504fd3..21babbb 100755
--- a/scripts/upgrade
+++ b/scripts/upgrade
@@ -50,7 +50,7 @@ fi
 #=================================================
 # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
 #=================================================
-ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=1
+ynh_script_progression --message="Backing up Galène before upgrading (may take a while)..." --weight=1
 
 # Backup the current version of the app
 ynh_backup_before_upgrade
@@ -109,7 +109,7 @@ fi
 
 if [ ! -e /etc/$app/coturn.conf ]
 then
-    ynh_script_progression --message="Creating an independant service for coturn..." --weight=1
+    ynh_script_progression --message="Creating an independant service for Coturn..." --weight=1
 
     #=================================================
     # CREATE AN INDEPENDANT SERVICE FOR COTURN
@@ -159,7 +159,7 @@ fi
 #=================================================
 # UPDATE COTURN CONFIG
 #=================================================
-ynh_script_progression --message="Updating coturn config..." --weight=1
+ynh_script_progression --message="Updating Coturn config..." --weight=1
 
 # WARNING : theses command are used in INSTALL, UPGRADE
 # For any update do it in all files
@@ -209,12 +209,10 @@ ynh_replace_string --match_string=__APP__ --replace_string=$app --target_file="$
 #=================================================
 
 cp ../conf/passwd $final_path/data/passwd
-
 ynh_replace_string --match_string=__ADMIN__ --replace_string=$admin --target_file="$final_path/data/passwd"
 ynh_replace_string --match_string=__PASSWORD__ --replace_string=$password --target_file="$final_path/data/passwd"
 
 cp ../conf/ice-servers.json $final_path/data/ice-servers.json
-
 ynh_replace_string --match_string=__DOMAIN__ --replace_string=$domain --target_file="$final_path/data/ice-servers.json"
 ynh_replace_string --match_string=__APP__ --replace_string=$app --target_file="$final_path/data/ice-servers.json"
 ynh_replace_string --match_string=__TLS_PORT__ --replace_string=$turnserver_tls_port --target_file="$final_path/data/ice-servers.json"
@@ -306,4 +304,4 @@ ynh_systemd_action --service_name=nginx --action=reload
 # END OF SCRIPT
 #=================================================
 
-ynh_script_progression --message="Upgrade of $app completed" --last
+ynh_script_progression --message="Upgrade of Galène completed" --last