Merge pull request #78 from YunoHost-Apps/testing

Testing
2024-09-03 19:26:21 +02:00 · 2021-08-09 19:26:22 +02:00 · 2021-08-09 19:26:22 +02:00 · f71b1ffaa3
commit f71b1ffaa3
parent 8ad57cef7e 60b4f39ae7
15 changed files with 292 additions and 154 deletions
--- a/README.md
+++ b/README.md
@ -1,29 +1,31 @@
 <!--
 N.B.: This README was automatically generated by https://github.com/YunoHost/apps/tree/master/tools/README-generator
 It shall NOT be edited by hand.
 -->
 # Hubzilla for YunoHost
 [![Integration level](https://dash.yunohost.org/integration/hubzilla.svg)](https://dash.yunohost.org/appci/app/hubzilla) ![](https://ci-apps.yunohost.org/ci/badges/hubzilla.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/hubzilla.maintain.svg)  
 [![Install Hubzilla with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=hubzilla)
 *[Lire ce readme en français.](./README_fr.md)*
-> *This package allow you to install Hubzilla quickly and simply on a YunoHost server.
+> *This package allows you to install Hubzilla quickly and simply on a YunoHost server.
-If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to know how to install and enjoy it.*
+If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/install) to learn how to install it.*
 ## Overview
 [Hubzilla](https://hub.libranet.de/directory?f=&global=1&pubforums=1) is a social networking platform built with control of your privacy at center stage. Your online communications can be as public as you wish or as private as you require. Private conversations, private photos, private videos. Your media isn't hidden behind an obscure URL which can be guessed, it is protected by state-of-the-art cross-domain authentication. What this all means for you: **less drama**.
-**Shipped version:**  5.6
+Decentralized publication platform and social network.
 **Shipped version:** 6.0~ynh1
 ## Screenshots
-![](https://fediverse.party/img/screenshots/hubzilla-1.png)
+![](./doc/screenshots/hubzilla-1.png)
-## This app claims following features:
+## Disclaimers / important information
 - [X] LDAP integration
 - [X] Multi-instance
 - [X] Adeed php.log in the root folder for debugging PHP, with logrotate applied on it (can be accesssed by **admin->logs** and entering the **php.log**).
 - [X] Fail2Ban
 - [X] Option to choose between **Mysql** and **PostgreSQL** for the Hubzilla
 ## Installation
 Before installing, read the [Hubzilla installation instructions](https://framagit.org/hubzilla/core/blob/master/install/INSTALL.txt) for important information about:
@ -43,19 +45,12 @@ Before installing, read the [Hubzilla installation instructions](https://framagi
 - **Failed Database after Upgrade:** Some times databse upgrade fails after version upgrade. You can go to hub eg. `https://hubzilla.example.com/admin/dbsync/` and check the numbers of failled update. These updates will have to be ran manually by **phpMyAdmin**.
-#### Supported architectures
+## Documentation and resources
 * x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/hubzilla%20%28Official%29.svg)](https://ci-apps.yunohost.org/ci/apps/hubzilla/)
 * ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/hubzilla%20%28Official%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/hubzilla/)
 ## Links
 * Official app website: https://zotlabs.org/page/hubzilla/hubzilla-project
 * Upstream app code repository: https://framagit.org/hubzilla/core
 * YunoHost documentation for this app: https://yunohost.org/app_hubzilla
 * Report a bug: https://github.com/YunoHost-Apps/hubzilla_ynh/issues
 * App website: https://zotlabs.org/page/hubzilla/hubzilla-project
 * Upstream app repository: https://framagit.org/hubzilla/core
 * YunoHost website: https://yunohost.org/
 ---
 ## Developer info
@ -67,3 +62,5 @@ sudo yunohost app install https://github.com/YunoHost-Apps/hubzilla_ynh/tree/tes
 or
 sudo yunohost app upgrade hubzilla -u https://github.com/YunoHost-Apps/hubzilla_ynh/tree/testing --debug
 ```
 **More info regarding app packaging:** https://yunohost.org/packaging_apps
--- a/README_fr.md
+++ b/README_fr.md
@ -0,0 +1,62 @@
 # Hubzilla pour YunoHost
 [![Niveau d'intégration](https://dash.yunohost.org/integration/hubzilla.svg)](https://dash.yunohost.org/appci/app/hubzilla) ![](https://ci-apps.yunohost.org/ci/badges/hubzilla.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/hubzilla.maintain.svg)  
 [![Installer Hubzilla avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=hubzilla)
 *[Read this readme in english.](./README.md)*
 *[Lire ce readme en français.](./README_fr.md)*
 > *Ce package vous permet d'installer Hubzilla rapidement et simplement sur un serveur YunoHost.
 Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.*
 ## Vue d'ensemble
 Plateforme de publication décentralisée et un réseau social.
 **Version incluse :** 6.0~ynh1
 ## Captures d'écran
 ![](./doc/screenshots/hubzilla-1.png)
 ## Avertissements / informations importantes
 ## Installation
 Before installing, read the [Hubzilla installation instructions](https://framagit.org/hubzilla/core/blob/master/install/INSTALL.txt) for important information about:
 ### Register a new domain and add it to YunoHost
 - Hubzilla requires a dedicated domain, so obtain one and add it using the YunoHost admin panel. **Domains -> Add domain**. As Hubzilla uses the full domain and is installed on the root, you can create a subdomain such as hubzilla.domain.tld. Don't forget to update your DNS if you manage them manually.
 ## Ldap Admin user rights, logs and failed database updates
 - **For admin rights**: When installation is complete, you will need to visit your new hub's page and login with the **admin account username** which was entered at the time of installation process. You should then be able to create your first channel and have the **admin rights** for the hub.
 - **For normal YunoHost users**: Normal LDAP users can login through LDAP authentication and create there channels.
 - **Failing to get admin rights**: If the admin cannot access the admin settings at `https://hubzilla.example.com/admin` then you have to **manually add 4096** to the **account_roles** under **accounts** for that user in the **database through phpMyAdmin**.
 - **For logs**: Go to **admin->logs** and enter the file name **php.log**.
 - **Failed Database after Upgrade:** Some times databse upgrade fails after version upgrade. You can go to hub eg. `https://hubzilla.example.com/admin/dbsync/` and check the numbers of failled update. These updates will have to be ran manually by **phpMyAdmin**.
 ## Documentations et ressources
 * Site officiel de l'app : https://zotlabs.org/page/hubzilla/hubzilla-project
 * Dépôt de code officiel de l'app : https://framagit.org/hubzilla/core
 * Documentation YunoHost pour cette app : https://yunohost.org/app_hubzilla
 * Signaler un bug : https://github.com/YunoHost-Apps/hubzilla_ynh/issues
 ## Informations pour les développeurs
 Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/hubzilla_ynh/tree/testing).
 Pour essayer la branche testing, procédez comme suit.
 ```
 sudo yunohost app install https://github.com/YunoHost-Apps/hubzilla_ynh/tree/testing --debug
 ou
 sudo yunohost app upgrade hubzilla -u https://github.com/YunoHost-Apps/hubzilla_ynh/tree/testing --debug
 ```
 **Plus d'infos sur le packaging d'applications :** https://yunohost.org/packaging_apps
--- a/12
+++ b/12
@ -1,13 +1,8 @@
 # See here for more information
 # https://github.com/YunoHost/package_check#syntax-check_process-file
 # Move this file from check_process.default to check_process when you have filled it.
 ;; Test complet
 	; Manifest
-		domain="domain.tld"	(DOMAIN)
+		domain="domain.tld"
-		admin="john"	(USER)
+		admin="john"
-		database="1"   (STRING)
+		database="1"
 	; Checks
 		pkg_linter=1
 		setup_sub_dir=0
@ -19,7 +14,6 @@
 		upgrade=1	from_commit=3642c110f0e927ba36ee32e738a81e6afce958f7
 		backup_restore=1
 		multi_instance=1
 		port_already_use=0
 		change_url=0
 ;;; Options
 Email=anmol@datamol.org
--- a/conf/app.src
+++ b/conf/app.src
@ -1,5 +1,5 @@
-SOURCE_URL=https://framagit.org/hubzilla/core/-/archive/5.6/core-5.6.tar.gz
+SOURCE_URL=https://framagit.org/hubzilla/core/-/archive/6.0/core-6.0.tar.gz
-SOURCE_SUM=2c01d4ccbc9db590090f6b2bfc7878726380d2da81b085d28e720c73c8b69cb7
+SOURCE_SUM=d1982e69694c4b296f04a6fb7b029190964d28abb2d7964a985e55fcf711cce2
 SOURCE_SUM_PRG=sha256sum
 SOURCE_FORMAT=tar.gz
 SOURCE_IN_SUBDIR=
--- a/conf/app_addons.src
+++ b/conf/app_addons.src
@ -1,5 +1,5 @@
-SOURCE_URL=https://framagit.org/hubzilla/addons/-/archive/5.6/addons-5.6.tar.gz
+SOURCE_URL=https://framagit.org/hubzilla/addons/-/archive/6.0/addons-6.0.tar.gz
-SOURCE_SUM=3a78bc901bc49bb9afca0422418dfcc2f5c6eb04daef6686ea4e95e71e0ee9af
+SOURCE_SUM=e728d832c2993c5cd2bb66f5151919fb948338336205dbd865af0b94bb06c53e
 SOURCE_SUM_PRG=sha256sum
 SOURCE_FORMAT=tar.gz
 SOURCE_IN_SUBDIR=
--- a/conf/htconfig.sample.php
+++ b/conf/htconfig.sample.php
@ -0,0 +1,94 @@
 <?php
 // If automatic system installation fails: 
 // Copy or rename this file to .htconfig.php in the top level 
 // Hubzilla directory
 // Why .htconfig.php? Because it contains sensitive information which could
 // give somebody complete control of your database. Apache's default 
 // configuration denies access to and refuses to serve any file beginning 
 // with .ht
 // Then set the following for your MySQL installation
 $db_host = 'localhost'; // Use 'localhost' or ':/path/to/socket.file' if you aren't using a remote server
 $db_port = 0;                    // leave 0 for default or set your port
 $db_user = '__DB_NAME__';
 $db_pass = '__DB_PWD';
 $db_data = '__DB_NAME__';
 $db_type = 0; // use 1 for postgres, 0 for mysql
 /*
 * Notice: Many of the following settings will be available in the admin panel 
 * after a successful site install. Once they are set in the admin panel, they
 * are stored in the DB - and the DB setting will over-ride any corresponding
 * setting in this file
 *
 * The command-line tool util/config is able to query and set the DB items 
 * directly if for some reason the admin panel is not available and a system
 * setting requires modification. 
 *
 */ 
 // Choose a legal default timezone. If you are unsure, use "America/Los_Angeles".
 // It can be changed later and only applies to timestamps for anonymous viewers.
 App::$config['system']['timezone'] = 'America/Los_Angeles';
 // What is your site name? DO NOT ADD A TRAILING SLASH!
 App::$config['system']['baseurl'] = 'https://mysite.example';
 App::$config['system']['sitename'] = "Hubzilla";
 App::$config['system']['location_hash'] = 'if the auto install failed, put a unique random string here';
 // These lines set additional security headers to be sent with all responses
 // You may wish to set transport_security_header to 0 if your server already sends
 // this header. content_security_policy may need to be disabled if you wish to
 // run the piwik analytics plugin or include other offsite resources on a page
 App::$config['system']['transport_security_header'] = 1;
 App::$config['system']['content_security_policy'] = 1;
 App::$config['system']['ssl_cookie_protection'] = 1;
 // Your choices are REGISTER_OPEN, REGISTER_APPROVE, or REGISTER_CLOSED.
 // Be certain to create your own personal account before setting 
 // REGISTER_CLOSED. 'register_text' (if set) will be displayed prominently on 
 // the registration page. REGISTER_APPROVE requires you set 'admin_email'
 // to the email address of an already registered person who can authorise
 // and/or approve/deny the request. 
 // In order to perform system administration via the admin panel, admin_email
 // must precisely match the email address of the person logged in.
 App::$config['system']['register_policy'] = REGISTER_OPEN;
 App::$config['system']['register_text'] = '';
 App::$config['system']['admin_email'] = '';
 // Location of PHP command line processor
 App::$config['system']['php_path'] = 'php';
 // Configure how we communicate with directory servers.
 // DIRECTORY_MODE_NORMAL     = directory client, we will find a directory (all of your member's queries will be directed elsewhere)
 // DIRECTORY_MODE_SECONDARY  = caching directory or mirror (keeps in sync with realm primary [adds significant cron execution time])
 // DIRECTORY_MODE_PRIMARY    = main directory server (you do not want this unless you are operating your own realm. one per realm.)
 // DIRECTORY_MODE_STANDALONE = "off the grid" or private directory services (only local site members in directory)
 App::$config['system']['directory_mode']  = DIRECTORY_MODE_NORMAL;
 // PHP error logging setup
 // Before doing this ensure that the webserver has permission
 // to create and write to php.out in the top level Red directory,
 // or change the name (below) to a file/path where this is allowed.
 // Uncomment the following 4 lines to turn on PHP error logging.
 //error_reporting(E_ERROR | E_WARNING | E_PARSE ); 
 //ini_set('error_log','php.out'); 
 //ini_set('log_errors','1'); 
 //ini_set('display_errors', '0');
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@ -1,18 +1,14 @@
 #sub_path_only rewrite ^__PATH__$ __PATH__/ permanent; 
 location __PATH__/ {
    alias __FINALPATH__/;
 	# Force https
 	if ($scheme = http)
-	{
+	# Force https
 	if ($scheme = http) {
 		rewrite ^ https://$server_name$request_uri? permanent;
 	}
-	if (!-e $request_filename)
+	if (!-e $request_filename) {
 	{
 		rewrite ^(.*)$ /index.php?q=$1;
 	}
@ -21,10 +17,9 @@ location __PATH__/ {
    # Default indexes and catch-all
    index  index.php;
    charset utf-8;
 	# Example PHP configuration
 	location ~* \.php$
 	{
 	try_files $uri =404;
@ -36,11 +31,9 @@ location __PATH__/ {
 	# make sure webfinger and other well known services aren't blocked
 	# by denying dot files and rewrite request to the front controller
-	location ^~ /.well-known/
+	location ^~ /.well-known/ {
 	{
 		allow all;
-		if (!-e $request_filename)
+		if (!-e $request_filename) {
 		{
 			rewrite ^(.*)$ /index.php?q=$1;
 		}
 	}
@ -55,20 +48,17 @@ location __PATH__/ {
 	# }
 	# block these file types
-	location ~* \.(tpl|md|tgz|log|out)$
+	location ~* \.(tpl|md|tgz|log|out)$ {
 	{
 		deny all;
 	}
 	# deny access to all dot files
-	location ~ /\.
+	location ~ /\. {
 	{
 		deny all;
 	}
 	#deny access to store
-	location ~ /store
+	location ~ /store {
 	{
 		deny  all;
 	}
@ -76,5 +66,4 @@ location __PATH__/ {
 	location ~ /util {
        deny  all;
 	}
 }
--- a/conf/poller-cron
+++ b/conf/poller-cron
@ -1,2 +1,2 @@
 # Run poller periodically to update Hubzilla
-*/10 * * * * __USER__ cd YNH_WWW_PATH; /usr/bin/php__PHP_VERSION__ Zotlabs/Daemon/Master.php Cron > /dev/null 2>&1
+*/10 * * * * __APP__ /usr/bin/php__PHPVERSION__ -f __FINALPATH__/Zotlabs/Daemon/Master.php Cron > /dev/null 2>&1
--- a/doc/DISCLAIMER.md
+++ b/doc/DISCLAIMER.md
@ -0,0 +1,17 @@
 ## Installation
 Before installing, read the [Hubzilla installation instructions](https://framagit.org/hubzilla/core/blob/master/install/INSTALL.txt) for important information about:
 ### Register a new domain and add it to YunoHost
 - Hubzilla requires a dedicated domain, so obtain one and add it using the YunoHost admin panel. **Domains -> Add domain**. As Hubzilla uses the full domain and is installed on the root, you can create a subdomain such as hubzilla.domain.tld. Don't forget to update your DNS if you manage them manually.
 ## Ldap Admin user rights, logs and failed database updates
 - **For admin rights**: When installation is complete, you will need to visit your new hub's page and login with the **admin account username** which was entered at the time of installation process. You should then be able to create your first channel and have the **admin rights** for the hub.
 - **For normal YunoHost users**: Normal LDAP users can login through LDAP authentication and create there channels.
 - **Failing to get admin rights**: If the admin cannot access the admin settings at `https://hubzilla.example.com/admin` then you have to **manually add 4096** to the **account_roles** under **accounts** for that user in the **database through phpMyAdmin**.
 - **For logs**: Go to **admin->logs** and enter the file name **php.log**.
 - **Failed Database after Upgrade:** Some times databse upgrade fails after version upgrade. You can go to hub eg. `https://hubzilla.example.com/admin/dbsync/` and check the numbers of failled update. These updates will have to be ran manually by **phpMyAdmin**.
--- a/doc/screenshots/hubzilla-1.png
+++ b/doc/screenshots/hubzilla-1.png
--- a/manifest.json
+++ b/manifest.json
@ -6,20 +6,25 @@
        "en": "Decentralized publication platform and social network.",
        "fr": "Plateforme de publication décentralisée et un réseau social."
    },
    "version": "6.0~ynh1",
    "url": "https://zotlabs.org/page/hubzilla/hubzilla-project",
    "upstream": {
        "license": "MIT",
        "website": "https://zotlabs.org/page/hubzilla/hubzilla-project",
        "code": "https://framagit.org/hubzilla/core"
    },
    "license": "MIT",
    "version": "5.6~ynh1",
    "maintainer": {
        "name": "Anmol Sharma"
    },
    "services": [
        "nginx",
-        "php7.0-fpm",
+        "php7.3-fpm",
        "mysql",
        "postgresql"
    ],
    "requirements": {
-        "yunohost": ">= 4.0.0"
+        "yunohost": ">= 4.2.0"
    },
    "previous_maintainers": {
        "name": "Andrew Manning",
@ -30,19 +35,11 @@
        "install" : [
            {
                "name": "domain",
-                "type": "domain",
+                "type": "domain"
                "ask": {
                    "en": "Choose a domain for your Hubzilla. Hubzilla must run in the root of this domain. It means no other app can be accessed/run from this domain. We advise to use a dedicated subdomain such as hubzilla.domain.tld",
                    "fr": "Indiquez un domain pour Hubzilla. Hubzilla doit être installé à la racine du domaine. Cela implique qu'aucune autre app ne pourra être installée ou accessible sur ce domain. Nous conseillons un sous-domaine dédié par exemple hubzilla.domain.tld."
                }
            },
            {
                "name": "admin",
-                "type": "user",
+                "type": "user"
                "ask": {
                    "en": "Choose the Hubzilla administrator (must be an existing YunoHost user)",
                    "fr": "Choisissez l'administrateur de Hubzilla (doit être un utilisateur YunoHost existant)"
                }
            },
            {
                "name": "database",
@ -53,6 +50,7 @@
                },
                "choices": ["1", "2"],
                "default": "1"
-            }       ]
+            }
        ]
    }
 }
--- a/scripts/backup
+++ b/scripts/backup
@ -23,7 +23,8 @@ ynh_abort_if_errors
 #=================================================
 # LOAD SETTINGS
 #=================================================
-ynh_script_progression --message="Loading installation settings..."
+ynh_print_info --message="Loading installation settings..."
 app=$YNH_APP_INSTANCE_NAME
 final_path=$(ynh_app_setting_get --app=$app --key=final_path)
--- a/scripts/install
+++ b/scripts/install
@ -27,7 +27,7 @@ ynh_abort_if_errors
 domain=$YNH_APP_ARG_DOMAIN
 path_url="/"
 admin=$YNH_APP_ARG_ADMIN
-email=$(ynh_user_get_info $admin 'mail')
+email=$(ynh_user_get_info --username=$admin --key=mail)
 upload="256M"
 random_string="$(ynh_string_random)$(ynh_string_random)$(ynh_string_random)"
 database=`expr $YNH_APP_ARG_DATABASE`
@ -58,6 +58,14 @@ ynh_app_setting_set --app=$app --key=upload   --value=$upload
 ynh_app_setting_set --app=$app --key=database --value=$database
 ynh_app_setting_set --app=$app --key=random_string --value=$random_string
 #=================================================
 # CREATE DEDICATED USER
 #=================================================
 ynh_script_progression --message="Configuring system user..."
 # Create a system user
 ynh_system_user_create --username=$app --home_dir="$final_path"
 #=================================================
 # STANDARD MODIFICATIONS
 #=================================================
@ -76,7 +84,7 @@ fi
 # 1 - Hubzilla
 ynh_script_progression --message="Setting up Hubzilla source files..."
-git clone https://framagit.org/hubzilla/core.git "$final_path"
+git clone --quiet https://framagit.org/hubzilla/core.git "$final_path"
 ynh_app_setting_set --app=$app --key=final_path --value=$final_path
 # Download, check integrity, uncompress and patch the source from app.src
@ -94,7 +102,7 @@ ynh_script_progression --message="Create addon directory inside Hubzilla root fo
 pushd "$final_path"
 	mkdir -p extend/addon/hzaddons
 	mkdir addon
-	git clone https://framagit.org/hubzilla/addons.git $final_path/extend/addon/hzaddons
+	git clone --quiet https://framagit.org/hubzilla/addons.git $final_path/extend/addon/hzaddons
 	filelist=(`ls extend/addon/hzaddons`)
 	cd addon
 	for a in "${filelist[@]}" ; do
@ -123,10 +131,11 @@ popd
 ynh_script_progression --message="Creating smarty3 folder for personal data..."
 mkdir -p "${final_path}/store/[data]/smarty3"
-chmod -R 777 $final_path/store
+chmod -R 775 $final_path/store
 # Copy the template install/htconfig.sample.php to .htconfig.php
 ynh_script_progression --message="Moving .htconfig.php to root of Hubzilla ..."
 config="$final_path/.htconfig.php"
 cp $final_path/install/htconfig.sample.php $config
@ -134,6 +143,10 @@ cp $final_path/install/htconfig.sample.php $config
 ynh_script_progression --message="Create php.log for the Hubzilla debuging..."
 touch "$final_path/php.log"
 chmod 750 "$final_path"
 chmod -R o-rwx "$final_path"
 chown -R $app:www-data "$final_path"
 #=================================================
 # CREATE A  DATABASE
 #=================================================
@ -144,6 +157,7 @@ if [  $database -eq 1 ]; then
 	db_user=$db_name
 	ynh_app_setting_set --app=$app --key=db_name --value=$db_name
 	ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name
 	ynh_script_progression --message="Importing database..."
 	ynh_mysql_connect_as --user="$db_name" --password="$db_pwd" --database="$db_name" < $final_path/install/schema_mysql.sql
 elif [ $database -eq 2 ]; then
@ -166,6 +180,7 @@ fi
 #=================================================
 phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
 ynh_replace_string --match_string="your.mysqlhost.com" --replace_string="localhost" --target_file="$config"
 ynh_replace_string --match_string= "mysqlpassword" --replace_string="$db_pwd" --target_file="$config"
 ynh_replace_string --match_string="mysqlusername" --replace_string="$db_name" --target_file="$config"
@ -179,6 +194,10 @@ ynh_replace_string --match_string= "//ini_set('log_errors','1');" --replace_stri
 ynh_replace_string --match_string= "//ini_set('display_errors', '0');" --replace_string="ini_set('display_errors', '0');" --target_file="$config"
 sed -i "s/\['php_path'\] = 'php';/\['php_path'\] = 'php$phpversion';/g" "$config"
 #ynh_add_config --template="../conf/htconfig.sample.php" --destination="$final_path/.htconfig.php"
 # addon ldap config
 ynh_script_progression --message="Push LDAP configuration to .htconfig.php..."
@ -188,19 +207,10 @@ cat ../conf/ldap_conf.php >> $final_path/.htconfig.php
 # NGINX CONFIGURATION
 #=================================================
 ynh_script_progression --message="Configuring NGINX web server..."
 ### `ynh_add_nginx_config` will use the file conf/nginx.conf
 # Create a dedicated NGINX config
 ynh_add_nginx_config
 #=================================================
 # CREATE DEDICATED USER
 #=================================================
 ynh_script_progression --message="Configuring system user..."
 # Create a system user
 ynh_system_user_create --username=$app
 #=================================================
 # PHP-FPM CONFIGURATION
 #=================================================
@ -209,23 +219,10 @@ ynh_script_progression --message="Configuring PHP-FPM..."
 # Create a dedicated PHP-FPM config
 ynh_add_fpm_config --package="$extra_php_dependencies"
 # Set right permissions for Hubzilla
 ynh_script_progression --message="Set right for Hubzilla..."
 chown -R $app: $final_path
 # Set up cron job
-ynh_script_progression --message="Setting up cron job..."
+ynh_add_config --template="../conf/poller-cron" --destination="/etc/cron.d/$app"
-ynh_replace_string --match_string="YNH_WWW_PATH" --replace_string="$final_path"  --target_file="../conf/poller-cron"
+chown root: "/etc/cron.d/$app"
-ynh_replace_string --match_string="__USER__" --replace_string="$app"  --target_file="../conf/poller-cron"
+chmod 644 "/etc/cron.d/$app"
 ynh_replace_string --match_string="__PHP_VERSION__" --replace_string="$phpversion"  --target_file="../conf/poller-cron"
 cp ../conf/poller-cron /etc/cron.d/$app
 #=================================================
 # STORE THE CONFIG FILE CHECKSUM
 #=================================================
 # Calculate and store the config file checksum into the app settings
 ynh_store_file_checksum --file="$config"
 #=================================================
 # SETUP LOGROTATE
@ -239,15 +236,16 @@ ynh_use_logrotate "$final_path/php.log"
 # SETUP FAIL2BAN
 #=================================================
 ynh_script_progression --message="Add Fail2Ban..."
 ynh_add_fail2ban_config --logpath="$final_path/php.log" --failregex="^.*auth\.php.*failed login attempt.*from IP <HOST>.*$" --max_retry="5"
 #=================================================
 # SETUP SSOWAT
 #=================================================
 # As Hubzilla is social network and have its own permission there is no need to keep Hubzilla behind SSO
-ynh_script_progression --message="Configuring SSOwat..."
+ynh_script_progression --message="Configuring permissions..."
 ynh_permission_update --permission="main" --add="visitors"
 ynh_permission_update --permission="main" --add="visitors"
 #=================================================
 # RELOAD NGINX
--- a/scripts/restore
+++ b/scripts/restore
@ -55,6 +55,14 @@ test ! -d $final_path \
 ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
 #=================================================
 # RECREATE THE DEDICATED USER
 #=================================================
 ynh_print_info "Recreating the dedicated system user..."
 # Create the dedicated user (if not existing)
 ynh_system_user_create --username=$app --home_dir="$final_path"
 #=================================================
 # RESTORE THE APP MAIN DIR
 #=================================================
@ -62,6 +70,10 @@ ynh_script_progression --message="Restoring the app main directory..."
 ynh_restore_file --origin_path="$final_path"
 chmod 750 "$final_path"
 chmod -R o-rwx "$final_path"
 chown -R $app:www-data "$final_path"
 #=================================================
 # RESTORE THE MYSQL DATABASE
 #=================================================
@ -84,14 +96,6 @@ elif [ $database -eq 2 ]; then
 	ynh_psql_execute_file_as_root --file="./db.sql" --database="$db_name"
 fi
 #=================================================
 # RECREATE THE DEDICATED USER
 #=================================================
 ynh_print_info "Recreating the dedicated system user..."
 # Create the dedicated user (if not existing)
 ynh_system_user_create $app
 #=================================================
 # RESTORE THE PHP-FPM CONFIGURATION
 #=================================================
--- a/scripts/upgrade
+++ b/scripts/upgrade
@ -35,6 +35,19 @@ if [ -z "$db_name" ]; then
 	ynh_app_setting_set --app=$app --key=db_name --value=$db_name
 fi
 # If final_path doesn't exist, create it
 if [ -z "$final_path" ]; then
 	final_path=/var/www/$app
 	ynh_app_setting_set --app=$app --key=final_path --value=$final_path
 fi
 # Cleaning legacy permissions
 if ynh_legacy_permissions_exists; then
 	ynh_legacy_permissions_delete_all
 	ynh_app_setting_delete --app=$app --key=is_public
 fi
 #=================================================
 # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
 #=================================================
@ -50,27 +63,12 @@ ynh_clean_setup () {
 ynh_abort_if_errors
 #=================================================
-# Migrate legacy permissions to new system
+# CREATE DEDICATED USER
 #=================================================
-if ynh_legacy_permissions_exists
+ynh_script_progression --message="Making sure dedicated system user exists..."
 then
 	ynh_legacy_permissions_delete_all
-	ynh_app_setting_delete --app=$app --key=is_public
+# Create a dedicated user (if not existing)
-fi
+ynh_system_user_create --username=$app --home_dir="$final_path"
 #=================================================
 # STANDARD UPGRADE STEPS
 #=================================================
 # REMOVE APP MAIN DIR
 #=================================================
 ynh_print_info "Upgrading source files..."
 # If final_path doesn't exist, create it
 if [ -z "$final_path" ]; then
 	final_path=/var/www/$app
 	ynh_app_setting_set --app=$app --key=final_path --value=$final_path
 fi
 #=================================================
 # STANDARD UPGRADE STEPS
@ -113,7 +111,7 @@ if [ `cd $final_path && git rev-parse --is-inside-work-tree` ]; then
 			fi;
 		done
 	popd
-	chmod -R 777 $final_path/store
+	chmod -R 775 $final_path/store
 else
    # Create a temporary directory
@ -133,13 +131,14 @@ else
 	cp -a "$tmpdir/.htconfig.php" "${final_path}"
 	cp -a "$tmpdir/php.log" "${final_path}"
 	ynh_secure_remove "$tmpdir"
-	chmod -R 777 $final_path/store
+	chmod -R 775 $final_path/store
 	mkdir $final_path/addon
 	ynh_setup_source --dest_dir="$final_path/addon" --source_id="app_addons"
 fi
-
+chmod 750 "$final_path"
 chmod -R o-rwx "$final_path"
 chown -R $app:www-data "$final_path"
 #=================================================
 # NGINX CONFIGURATION
@ -149,17 +148,6 @@ ynh_script_progression --message="Upgrading NGINX web server configuration..."
 # Create a dedicated NGINX config
 ynh_add_nginx_config
 #=================================================
 # CREATE DEDICATED USER
 #=================================================
 ynh_script_progression --message="Making sure dedicated system user exists..."
 # Create a dedicated user (if not existing)
 ynh_system_user_create --username=$app
 # Set right permissions for curl install
 chown -R $app: $final_path
 #=================================================
 # PHP-FPM CONFIGURATION
 #=================================================
@ -188,12 +176,8 @@ ynh_script_progression --message="Re-configure Fail2Ban..."
 ynh_add_fail2ban_config --logpath="$final_path/php.log" --failregex="^.*auth\.php.*failed login attempt.*from IP <HOST>.*$" --max_retry="5"
-# Set cron job
+# Set up cron job
-ynh_print_info "Setting up cron job..."
+ynh_add_config --template="../conf/poller-cron" --destination="/etc/cron.d/$app"
 ynh_replace_string  --match_string="YNH_WWW_PATH" --replace_string="$final_path" --target_file="../conf/poller-cron"
 ynh_replace_string --match_string="__USER__" --replace_string="$app"  --target_file="../conf/poller-cron"
 ynh_replace_string --match_string="__PHP_VERSION__" --replace_string="$phpversion"  --target_file="../conf/poller-cron"
 cp -f ../conf/poller-cron /etc/cron.d/$app
 #=================================================
 # UPGRADE DEPENDENCIES
`@ -1,2 +1,2 @@`
	`# Run poller periodically to update Hubzilla`	`# Run poller periodically to update Hubzilla`
	`/10 * * * __USER__ cd YNH_WWW_PATH; /usr/bin/php__PHP_VERSION__ Zotlabs/Daemon/Master.php Cron > /dev/null 2>&1`	`/10 * * * __APP__ /usr/bin/php__PHPVERSION__ -f __FINALPATH__/Zotlabs/Daemon/Master.php Cron > /dev/null 2>&1`