Update manifestv2

2024-09-03 19:35:57 +02:00 · 2024-01-18 16:39:14 +01:00 · 2024-01-18 16:39:14 +01:00 · 1e3108a85a
commit 1e3108a85a
parent b7f9e1ab9f
6 changed files with 164 additions and 461 deletions
--- a/scripts/_common.sh
+++ b/scripts/_common.sh
@ -8,11 +8,30 @@
 # PERSONAL HELPERS
 #=================================================

-ynh_version_gt ()
-{
-    dpkg --compare-versions "$1" gt "$2"
+_setup_sources() {
+    # Download, check integrity, uncompress and patch the source from app.src
+    declare -A packages=(
+        [jitsi-jicofo]="jicofo"
+        [jitsi-meet-prosody]="jitsi-meet/prosody-plugins"
+        [jitsi-meet-web]="jitsi-meet"
+        [jitsi-videobridge]="jitsi-videobridge"
+    )
+
+    for package in "${!packages[@]}"; do
+        ynh_setup_source --dest_dir="$install_dir/temp" --source_id="$package"
+        pushd "$install_dir/temp"
+            ar x "$package.deb" data.tar.xz
+            tar xf data.tar.xz
+        popd
+
+        mv "$install_dir/temp/usr/share/${packages[$package]}/" "$install_dir/$package/"
+        ynh_secure_remove --file="$install_dir/temp"
+    done
+
+    ynh_setup_source --dest_dir="$install_dir/jitsi-meet-prosody" --source_id=mod_auth_ldap
 }

+
 ynh_jniwrapper_armhf ()
 {

@ -27,14 +46,12 @@ ynh_jniwrapper_armhf ()
    packages_arm[jitsi-sctp]="jitsi-sctp"
    packages_arm[usrsctp]="jitsi-sctp/usrsctp/usrsctp"

-    for package_arm in "${!packages_arm[@]}"
-    do
+    for package_arm in "${!packages_arm[@]}"; do
        ynh_setup_source --dest_dir="$tempdir/${packages_arm[$package_arm]}" --source_id=$package_arm
    done

    # needed to make compile works
-    if [ ! -d "$tempdir/jitsi-sctp/jniwrapper/native/src/main/resources/lib/linux-arm/" ]
-    then
+    if [ ! -d "$tempdir/jitsi-sctp/jniwrapper/native/src/main/resources/lib/linux-arm/" ]; then
        mkdir -p $tempdir/jitsi-sctp/jniwrapper/native/src/main/resources/lib/linux-arm/
    fi

--- a/scripts/backup
+++ b/scripts/backup
@ -22,26 +22,24 @@ ynh_print_info --message="Declaring files to be backed up..."
 ynh_backup --src_path="$install_dir"

 #=================================================
-# BACKUP THE NGINX CONFIGURATION
+# SYSTEM CONFIGURATION
 #=================================================

+# Backup the nginx configuration
 ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"

-#=================================================
-# SPECIFIC BACKUP
-#=================================================
-# BACKUP LOGROTATE
-#=================================================
-
-ynh_backup --src_path="/etc/logrotate.d/$app"
-
-#=================================================
-# BACKUP SYSTEMD
-#=================================================
-
+# Backup the systemd service units
 ynh_backup --src_path="/etc/systemd/system/$app-videobridge.service"
 ynh_backup --src_path="/etc/systemd/system/$app-jicofo.service"

+# Backup the logrotate configuration
+ynh_backup --src_path="/etc/logrotate.d/$app"
+
+# Backup the Fail2Ban config
+ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf"
+ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf"
+
+
 #=================================================
 # BACKUP VARIOUS FILES
 #=================================================
@ -50,6 +48,8 @@ ynh_backup --src_path="/etc/$app/"

 ynh_backup --src_path="/etc/prosody/conf.avail/$domain.cfg.lua"

+ynh_backup --src_path="/var/log/$app/"
+
 #=================================================
 # END OF SCRIPT
 #=================================================
--- a/scripts/install
+++ b/scripts/install
@ -10,95 +10,57 @@ source _common.sh
 source /usr/share/yunohost/helpers

 #=================================================
-# RETRIEVE ARGUMENTS FROM THE MANIFEST
+# INITIALIZE AND STORE SETTINGS
 #=================================================

-#YOURSECRET3
-focus_password=$(ynh_string_random --length=8)
-#YOURSECRET1
-videobridge_secret=$(ynh_string_random --length=8)
-#YOURSECRET2
-focus_secret=$(ynh_string_random --length=8)
-
-#OTHER SECRET
-turn_secret=$(ynh_string_random --length=8)
-
 focus_user="focus"
+focus_password=$(ynh_string_random --length=8)
+ynh_app_setting_set --app="$app" --key=focus_user --value="$focus_user"
+ynh_app_setting_set --app="$app" --key=focus_password --value="$focus_password"

 videobridge_user="jvb"
+videobridge_secret=$(ynh_string_random --length=8)
+ynh_app_setting_set --app="$app" --key=videobridge_user --value="$videobridge_user"
+ynh_app_setting_set --app="$app" --key=videobridge_secret --value="$videobridge_secret"
+
+focus_secret=$(ynh_string_random --length=8)
+turn_secret=$(ynh_string_random --length=8)
+ynh_app_setting_set --app="$app" --key=focus_secret --value="$focus_secret"
+ynh_app_setting_set --app="$app" --key=turn_secret --value="$turn_secret"

 max_memory=200 #125 mib with no user +1,5*50 users=75 mib
+ynh_app_setting_set --app="$app" --key=max_memory --value="$max_memory"

-#=================================================
-# STORE SETTINGS FROM MANIFEST
-#=================================================
-ynh_script_progression --message="Storing installation settings..." --weight=1
-
-ynh_app_setting_set --app=$app --key=max_memory --value=$max_memory
-ynh_app_setting_set --app=$app --key=focus_user --value=$focus_user
-ynh_app_setting_set --app=$app --key=focus_password --value=$focus_password
-ynh_app_setting_set --app=$app --key=focus_secret --value=$focus_secret
-ynh_app_setting_set --app=$app --key=videobridge_user --value=$videobridge_user
-ynh_app_setting_set --app=$app --key=videobridge_secret --value=$videobridge_secret
-ynh_app_setting_set --app=$app --key=turn_secret --value=$turn_secret
-
-#=================================================
-# INSTALL DEPENDENCIES
-#=================================================
-ynh_script_progression --message="Installing dependencies..." --weight=1
-
-if [ $YNH_ARCH == "armhf" ] 
-then
-	ynh_script_progression --message="Installing specific arm dependencies..."
-	ynh_install_extra_app_dependencies --repo="deb http://security.debian.org/debian-security stretch/updates main" --package="$pkg_extra_depedencies_arm" --key="https://ftp-master.debian.org/keys/archive-key-9-security.asc"
-fi
+muc_nickname=$(uuidgen)
+ynh_app_setting_set --app="$app" --key=muc_nickname --value="$muc_nickname"

 #=================================================
 # CREATE DEDICATED USER
 #=================================================
 ynh_script_progression --message="Configuring system user..." --weight=1

-# Create a system user
-gpasswd --add prosody $app
-gpasswd --add www-data $app
+gpasswd --add prosody "$app"
+gpasswd --add www-data "$app"

 #=================================================
 # DOWNLOAD, CHECK AND UNPACK SOURCE
 #=================================================
 ynh_script_progression --message="Setting up source files..." --weight=1

-# Download, check integrity, uncompress and patch the source from app.src
-declare -A packages
-packages[jitsi-jicofo]="jicofo"
-packages[jitsi-meet-prosody]="jitsi-meet/prosody-plugins"
-packages[jitsi-meet-web]="jitsi-meet"
-packages[jitsi-videobridge]="jitsi-videobridge"
-
-for package in "${!packages[@]}"
-do
-	ynh_setup_source --dest_dir="$install_dir/${package}_temp" --source_id=$package
-	pushd "$install_dir/${package}_temp"
-		ar x $package.deb data.tar.xz
-		tar xf data.tar.xz
-	popd
-
-	mv "$install_dir/${package}_temp/usr/share/${packages[$package]}/" "$install_dir/${package}/"
-	ynh_secure_remove --file="$install_dir/${package}_temp"
-done
-
-ynh_setup_source --dest_dir="$install_dir/jitsi-meet-prosody" --source_id=mod_auth_ldap
+_setup_sources

 chmod 750 "$install_dir"
 chmod -R o-rwx "$install_dir"
-chown -R $app:$app "$install_dir"
+chown -R "$app:$app" "$install_dir"

 #=================================================
-# NGINX CONFIGURATION
+# REPLACE JNIWRAPPER FOR ARMHF ARCHITECTURE IN JITSI-VIDEOBRIDGE
 #=================================================
-ynh_script_progression --message="Configuring NGINX web server..." --weight=1

-# Create a dedicated NGINX config
-ynh_add_nginx_config
+if [ "$YNH_ARCH" == "armhf" ]; then
+    ynh_script_progression --message="Configuring jniwrapper for armhf ..." --weight=1
+    ynh_jniwrapper_armhf
+fi

 #=================================================
 # SPECIFIC SETUP
@ -111,12 +73,12 @@ ynh_add_config --template="prosody.cfg.lua" --destination="/etc/prosody/conf.ava
 chmod 644 "/etc/prosody/conf.avail/$domain.cfg.lua"
 ln -s "/etc/prosody/conf.avail/$domain.cfg.lua" "/etc/prosody/conf.d/$domain.cfg.lua"

-echo | prosodyctl cert generate $domain
+ynh_exec_warn_less prosodyctl cert generate "$domain"
 ln -sf "/var/lib/prosody/$domain.key" "/etc/prosody/certs/$domain.key"
 ln -sf "/var/lib/prosody/$domain.crt" "/etc/prosody/certs/$domain.crt"
 ln -sf "/var/lib/prosody/$domain.crt" "/usr/local/share/ca-certificates/$domain.crt"

-echo | prosodyctl cert generate "auth.$domain"
+ynh_exec_warn_less prosodyctl cert generate "auth.$domain"
 ln -sf "/var/lib/prosody/auth.$domain.key" "/etc/prosody/certs/auth.$domain.key"
 ln -sf "/var/lib/prosody/auth.$domain.crt" "/etc/prosody/certs/auth.$domain.crt"
 ln -sf "/var/lib/prosody/auth.$domain.crt" "/usr/local/share/ca-certificates/auth.$domain.crt"
@ -126,10 +88,8 @@ update-ca-certificates -f
 ynh_systemd_action --service_name="prosody" --action="restart"

 prosodyctl register "$focus_user" "auth.$domain" "$focus_password"
-
 prosodyctl register "$videobridge_user" "auth.$domain" "$videobridge_secret"
-
-prosodyctl mod_roster_command subscribe $focus_user.$domain $focus_user@auth.$domain
+prosodyctl mod_roster_command subscribe "$focus_user.$domain" "$focus_user@auth.$domain"

 #=================================================
 # CONFIGURE JITSI-VIDEOBRIDGE
@ -139,31 +99,14 @@ ynh_script_progression --message="Configuring Jitsi-Videobridge..." --weight=1
 public_ipv4="$(curl ip.yunohost.org)" || true
 private_ipv4="$(ip route get 1 | sed -n 's/^.*src \([0-9.]*\) .*$/\1/p')" || true

-muc_nickname=$(uuidgen)
-ynh_app_setting_set --app=$app --key=muc_nickname --value=$muc_nickname
-
 mkdir -p "/etc/$app/videobridge"

 ynh_add_config --template="jitsi-videobridge-callstats-java-sdk.properties" --destination="/etc/$app/videobridge/callstats-java-sdk.properties"
-
 ynh_add_config --template="jitsi-videobridge-jvb.conf" --destination="/etc/$app/videobridge/jvb.conf"
-
 ynh_add_config --template="jitsi-videobridge-logging.properties" --destination="/etc/$app/videobridge/logging.properties"
-
 ynh_add_config --template="jitsi-videobridge-sip-communicator.properties" --destination="/etc/$app/videobridge/sip-communicator.properties"
-
 ynh_add_config --template="jitsi-videobridge.config" --destination="/etc/$app/videobridge/config"

-#=================================================
-# REPLACE JNIWRAPPER FOR ARMHF ARCHITECTURE IN JITSI-VIDEOBRIDGE
-#=================================================
-
-if [ $YNH_ARCH == "armhf" ] 
-then
-	ynh_script_progression --message="Configuring jniwrapper for armhf ..." --weight=1
-	ynh_jniwrapper_armhf
-fi
-
 #=================================================
 # CONFIGURE JITSI-JICOFO
 #=================================================
@ -172,9 +115,7 @@ ynh_script_progression --message="Configuring Jitsi-Jicofo..." --weight=1
 mkdir -p "/etc/$app/jicofo"

 ynh_add_config --template="jitsi-jicofo-config" --destination="/etc/$app/jicofo/config"
-
 ynh_add_config --template="jitsi-jicofo-jicofo.conf" --destination="/etc/$app/jicofo/jicofo.conf"
-
 ynh_add_config --template="jitsi-jicofo-logging.properties" --destination="/etc/$app/jicofo/logging.properties"

 #=================================================
@ -187,49 +128,34 @@ mkdir -p "/etc/$app/meet"
 ynh_add_config --template="jitsi-meet-config.js" --destination="/etc/$app/meet/$domain-config.js"
 chmod 644 "/etc/$app/meet/$domain-config.js"

-#=================================================
-# CREATE LOG DIR
-#=================================================
-ynh_script_progression --message="Creating log dir..." --weight=1
-
-mkdir -p "/var/log/$app"
-chown -R $app: /var/log/$app
-chmod -R 770 /var/log/$app
-
 #=================================================
 # SECURE FILES AND DIRECTORIES
 #=================================================
 ynh_script_progression --message="Securing files and directories..." --weight=1

 # Set permissions to app files
-chown -R $app: /etc/$app
+chown -R "$app:" "/etc/$app"

 #=================================================
-# SETUP SYSTEMD
+# SYSTEM CONFIGURATION
 #=================================================
-ynh_script_progression --message="Configuring a systemd service..." --weight=1
+ynh_script_progression --message="Adding system configurations related to $app..." --weight=1
+
+# Create a dedicated NGINX config
+ynh_add_nginx_config

 # Create a dedicated systemd config
-ynh_add_systemd_config --service=$app-videobridge --template="jitsi-videobridge.service"
-ynh_add_systemd_config --service=$app-jicofo --template="jitsi-jicofo.service"
+ynh_add_systemd_config --service="$app-videobridge" --template="jitsi-videobridge.service"
+yunohost service add "$app-videobridge" --log "/var/log/$app/$app-videobridge.log" --needs_exposed_ports "$port" "$port_videobridge"

-#=================================================
-# GENERIC FINALIZATION
-#=================================================
-# SETUP LOGROTATE
-#=================================================
-ynh_script_progression --message="Configuring log rotation..." --weight=1
+ynh_add_systemd_config --service="$app-jicofo" --template="jitsi-jicofo.service"
+yunohost service add "$app-jicofo" --log "/var/log/$app/$app-jicofo.log"

 # Use logrotate to manage application logfile(s)
 ynh_use_logrotate

-#=================================================
-# INTEGRATE SERVICE IN YUNOHOST
-#=================================================
-ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
-
-yunohost service add $app-videobridge --log "/var/log/$app/$app-videobridge.log" --needs_exposed_ports $port $port_videobridge
-yunohost service add $app-jicofo --log "/var/log/$app/$app-jicofo.log"
+chown -R "$app:" "/var/log/$app"
+chmod -R 770 "/var/log/$app"

 #=================================================
 # START SYSTEMD SERVICE
@ -237,8 +163,8 @@ yunohost service add $app-jicofo --log "/var/log/$app/$app-jicofo.log"
 ynh_script_progression --message="Starting a systemd service..." --weight=1

 # Start a systemd service
-ynh_systemd_action --service_name=$app-jicofo --action="start" --log_path="/var/log/$app/$app-jicofo.log"
-ynh_systemd_action --service_name=$app-videobridge --action="start" --log_path="/var/log/$app/$app-videobridge.log"
+ynh_systemd_action --service_name="$app-jicofo" --action="start" --log_path="/var/log/$app/$app-jicofo.log"
+ynh_systemd_action --service_name="$app-videobridge" --action="start" --log_path="/var/log/$app/$app-videobridge.log"

 #=================================================
 # END OF SCRIPT
--- a/scripts/remove
+++ b/scripts/remove
@ -10,38 +10,36 @@ source _common.sh
 source /usr/share/yunohost/helpers

 #=================================================
-# STANDARD REMOVE
-#=================================================
-# REMOVE SERVICE INTEGRATION IN YUNOHOST
+# REMOVE SYSTEM CONFIGURATIONS
 #=================================================
+ynh_script_progression --message="Removing system configurations related to $app..." --weight=1

 # Remove the service from the list of services known by YunoHost (added from `yunohost service add`)
-if ynh_exec_warn_less yunohost service status $app-videobridge >/dev/null
-then
-	ynh_script_progression --message="Removing $app-videobridge service..." --weight=1
-	yunohost service remove $app-videobridge
+if ynh_exec_warn_less yunohost service status "$app-videobridge" >/dev/null; then
+    yunohost service remove "$app-videobridge"
 fi

-if ynh_exec_warn_less yunohost service status $app-jicofo >/dev/null
-then
-	ynh_script_progression --message="Removing $app-jicofo service..." --weight=1
-	yunohost service remove $app-jicofo
+if ynh_exec_warn_less yunohost service status "$app-jicofo" >/dev/null; then
+    yunohost service remove "$app-jicofo"
 fi

 # Remove the dedicated systemd config
-ynh_remove_systemd_config --service=$app-videobridge
-ynh_remove_systemd_config --service=$app-jicofo
+ynh_remove_systemd_config --service="$app-videobridge"
+ynh_remove_systemd_config --service="$app-jicofo"

 # Remove the app-specific logrotate config
 ynh_remove_logrotate

+# Remove the dedicated NGINX config
+ynh_remove_nginx_config
+
 #=================================================
 # RECONFIGURE PROSODY
 #=================================================
 ynh_script_progression --message="Reconfiguring Prosody..." --weight=1

-prosodyctl deluser $focus_user@auth.$domain || true
-prosodyctl deluser $videobridge_user@auth.$domain || true
+prosodyctl deluser "$focus_user@auth.$domain" || true
+prosodyctl deluser "$videobridge_user@auth.$domain" || true

 # Remove domain conf template
 ynh_secure_remove --file="/etc/prosody/conf.d/$domain.cfg.lua"
@ -60,24 +58,16 @@ ynh_secure_remove --file="/usr/local/share/ca-certificates/auth.$domain.crt"

 update-ca-certificates -f

+gpasswd --delete prosody "$app"
+
 ynh_systemd_action --service_name=prosody --action=restart

-#=================================================
-# REMOVE NGINX CONFIGURATION
-#=================================================
-ynh_script_progression --message="Removing NGINX web server configuration..." --weight=1
-
-# Remove the dedicated NGINX config
-ynh_remove_nginx_config
-
 #=================================================
 # REMOVE DEPENDENCIES
 #=================================================
 ynh_script_progression --message="Removing dependencies..." --weight=1

-# Remove Prosody
-ynh_app_setting_delete --app=$app --key=require_prosody
-gpasswd --delete prosody $app
+ynh_app_setting_delete --app="$app" --key=require_prosody

 ynh_remove_apps

@ -94,15 +84,6 @@ ynh_secure_remove --file="/etc/$app"
 # Remove the log files
 ynh_secure_remove --file="/var/log/$app"

-#=================================================
-# GENERIC FINALIZATION
-#=================================================
-# REMOVE DEDICATED USER
-#=================================================
-ynh_script_progression --message="Removing the dedicated system user..." --weight=1
-
-gpasswd --delete www-data $app
-
 #=================================================
 # END OF SCRIPT
 #=================================================
--- a/scripts/restore
+++ b/scripts/restore
@ -15,10 +15,10 @@ source /usr/share/yunohost/helpers
 #=================================================
 # RECREATE THE DEDICATED USER
 #=================================================
-ynh_script_progression --message="Recreating the dedicated system user..." --weight=1
+ynh_script_progression --message="Reconfiguring the dedicated system user..." --weight=1

-# Create the dedicated user (if not existing)
-gpasswd --add www-data $app
+gpasswd --add prosody "$app"
+gpasswd --add www-data "$app"

 #=================================================
 # RESTORE THE APP MAIN DIR
@ -29,42 +29,7 @@ ynh_restore_file --origin_path="$install_dir"

 chmod 750 "$install_dir"
 chmod -R o-rwx "$install_dir"
-chown -R $app:$app "$install_dir"
-
-#=================================================
-# SPECIFIC RESTORATION
-#=================================================
-# REINSTALL DEPENDENCIES
-#=================================================
-#REMOVEME? ynh_script_progression --message="Reinstalling dependencies..." --weight=1
-
-# Define and install dependencies
-ynh_install_apps --apps="$ynh_app_dependencies"
-	ynh_install_app_dependencies $pkg_dependencies
-
-if [ $YNH_ARCH == "armhf" ] 
-then
-	ynh_script_progression --message="Installing specific arm dependencies..." --weight=1
-	ynh_install_extra_app_dependencies --repo="deb http://security.debian.org/debian-security stretch/updates main" --package="$pkg_extra_depedencies_arm" --key="https://ftp-master.debian.org/keys/archive-key-9-security.asc"
-fi
-
-gpasswd --add prosody $app
-
-#=================================================
-# RESTORE THE NGINX CONFIGURATION
-#=================================================
-ynh_script_progression --message="Restoring the NGINX web server configuration..." --weight=1
-
-ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
-
-#=================================================
-# CONFIGURE FIREWALL
-#=================================================
-ynh_script_progression --message="Configuring firewall..." --weight=1
-
-# Open this port
-ynh_exec_warn_less yunohost firewall allow TCP $port
-ynh_exec_warn_less yunohost firewall allow UDP $port_videobridge
+chown -R "$app:$app" "$install_dir"

 #=================================================
 # CONFIGURE PROSODY
@ -75,9 +40,11 @@ ynh_restore_file --origin_path="/etc/prosody/conf.avail/$domain.cfg.lua"
 chmod 644 "/etc/prosody/conf.avail/$domain.cfg.lua"
 ln -s "/etc/prosody/conf.avail/$domain.cfg.lua" "/etc/prosody/conf.d/$domain.cfg.lua"

-ln -sf /var/lib/prosody/$domain.key /etc/prosody/certs/$domain.key
-ln -sf /var/lib/prosody/$domain.crt /etc/prosody/certs/$domain.crt
+ynh_exec_warn_less prosodyctl cert generate "$domain"
+ln -sf "/var/lib/prosody/$domain.key" "/etc/prosody/certs/$domain.key"
+ln -sf "/var/lib/prosody/$domain.crt" "/etc/prosody/certs/$domain.crt"

+ynh_exec_warn_less prosodyctl cert generate "auth.$domain"
 ln -sf "/var/lib/prosody/auth.$domain.key" "/etc/prosody/certs/auth.$domain.key"
 ln -sf "/var/lib/prosody/auth.$domain.crt" "/etc/prosody/certs/auth.$domain.crt"
 ln -sf "/var/lib/prosody/auth.$domain.crt" "/usr/local/share/ca-certificates/auth.$domain.crt"
@ -87,67 +54,42 @@ update-ca-certificates -f
 ynh_systemd_action --service_name="prosody" --action="restart"

 prosodyctl register "$focus_user" "auth.$domain" "$focus_password"
-
 prosodyctl register "$videobridge_user" "auth.$domain" "$videobridge_secret"
-
-prosodyctl mod_roster_command subscribe $focus_user.$domain $focus_user@auth.$domain
+prosodyctl mod_roster_command subscribe "$focus_user.$domain" "$focus_user@auth.$domain"

 #=================================================
-# RESTORE THE APP CONFIG
+# RESTORE SYSTEM CONFIGURATIONS
 #=================================================
-ynh_script_progression --message="Restoring the app config..." --weight=1
+ynh_script_progression --message="Restoring system configurations related to $app..." --weight=1

-ynh_restore_file --origin_path="/etc/$app"
-
-chmod 644 "/etc/$app/meet/$domain-config.js"
-
-#=================================================
-# CREATE LOG DIR
-#=================================================
-ynh_script_progression --message="Creating log dir..." --weight=1
-
-mkdir -p "/var/log/$app"
-chown -R $app: /var/log/$app
-
-#=================================================
-# RESTORE SYSTEMD
-#=================================================
-ynh_script_progression --message="Restoring the systemd configuration..." --weight=1
+ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"

 ynh_restore_file --origin_path="/etc/systemd/system/$app-videobridge.service"
-systemctl enable $app-videobridge.service --quiet
-ynh_restore_file --origin_path="/etc/systemd/system/$app-jicofo.service"
-systemctl enable $app-jicofo.service --quiet
+systemctl enable "$app-videobridge.service" --quiet
+yunohost service add "$app-videobridge" --log "/var/log/$app/$app-videobridge.log" --needs_exposed_ports $port $port_videobridge

-#=================================================
-# RESTORE THE LOGROTATE CONFIGURATION
-#=================================================
-ynh_script_progression --message="Restoring the logrotate configuration..." --weight=1
+ynh_restore_file --origin_path="/etc/systemd/system/$app-jicofo.service"
+systemctl enable "$app-jicofo.service" --quiet
+yunohost service add "$app-jicofo" --log "/var/log/$app/$app-jicofo.log"

 ynh_restore_file --origin_path="/etc/logrotate.d/$app"

 #=================================================
-# INTEGRATE SERVICE IN YUNOHOST
+# RESTORE VARIOUS FILES
 #=================================================
-ynh_script_progression --message="Integrating service in YunoHost..." --weight=1

-yunohost service add $app-videobridge --log "/var/log/$app/$app-videobridge.log" --needs_exposed_ports $port $port_videobridge
-yunohost service add $app-jicofo --log "/var/log/$app/$app-jicofo.log"
+ynh_restore_file --origin_path="/etc/$app/"
+chmod 644 "/etc/$app/meet/$domain-config.js"
+
+ynh_restore_file --origin_path="/var/log/$app/"

 #=================================================
 # START SYSTEMD SERVICE
 #=================================================
-ynh_script_progression --message="Starting a systemd service..." --weight=1
+ynh_script_progression --message="Reloading NGINX web server and $app's service..." --weight=1

-ynh_systemd_action --service_name=$app-jicofo --action="start" --log_path="/var/log/$app/$app-jicofo.log"
-ynh_systemd_action --service_name=$app-videobridge --action="start" --log_path="/var/log/$app/$app-videobridge.log"
-
-#=================================================
-# GENERIC FINALIZATION
-#=================================================
-# RELOAD NGINX AND PHP-FPM
-#=================================================
-ynh_script_progression --message="Reloading NGINX web server..." --weight=1
+ynh_systemd_action --service_name="$app-jicofo" --action="start" --log_path="/var/log/$app/$app-jicofo.log"
+ynh_systemd_action --service_name="$app-videobridge" --action="start" --log_path="/var/log/$app/$app-videobridge.log"

 ynh_systemd_action --service_name=nginx --action=reload

--- a/scripts/upgrade
+++ b/scripts/upgrade
@ -9,55 +9,6 @@
 source _common.sh
 source /usr/share/yunohost/helpers

-#=================================================
-# LOAD SETTINGS
-#=================================================
-ynh_script_progression --message="Loading settings..." --weight=1
-
-#REMOVEME? app=$YNH_APP_INSTANCE_NAME
-
-#REMOVEME? domain=$(ynh_app_setting_get --app=$app --key=domain)
-#REMOVEME? path=$(ynh_app_setting_get --app=$app --key=path)
-#REMOVEME? #REMOVEME? install_dir=$(ynh_app_setting_get --app=$app --key=install_dir)
-
-#REMOVEME? max_memory=$(ynh_app_setting_get --app=$app --key=max_memory)
-
-#REMOVEME? focus_user=$(ynh_app_setting_get --app=$app --key=focus_user)
-#REMOVEME? focus_password=$(ynh_app_setting_get --app=$app --key=focus_password)
-#REMOVEME? focus_secret=$(ynh_app_setting_get --app=$app --key=focus_secret)
-
-#REMOVEME? videobridge_user=$(ynh_app_setting_get --app=$app --key=videobridge_user)
-#REMOVEME? videobridge_secret=$(ynh_app_setting_get --app=$app --key=videobridge_secret)
-
-#REMOVEME? turn_secret=$(ynh_app_setting_get --app=$app --key=turn_secret)
-#REMOVEME? muc_nickname=$(ynh_app_setting_get --app=$app --key=muc_nickname)
-
-#REMOVEME? port=$(ynh_app_setting_get --app=$app --key=port)
-#REMOVEME? port_videobridge=$(ynh_app_setting_get --app=$app --key=port_videobridge)
-#REMOVEME? port_component=$(ynh_app_setting_get --app=$app --key=port_component)
-
-#=================================================
-# CHECK VERSION
-#=================================================
-ynh_script_progression --message="Checking version..." --weight=1
-
-upgrade_type=$(ynh_check_app_version_changed)
-current_version=$(ynh_read_manifest --manifest="/etc/yunohost/apps/$app/manifest.json" --manifest_key="version" || echo 1.0)
-
-#=================================================
-# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
-#=================================================
-#REMOVEME? ynh_script_progression --message="Backing up the app before upgrading (may take a while)..."
-
-# Backup the current version of the app
-#REMOVEME? ynh_backup_before_upgrade
-#REMOVEME? ynh_clean_setup () {
-	# Restore it if the upgrade fails
-#REMOVEME? 	ynh_restore_upgradebackup
-}
-# Exit if an error occurs during the execution of the script
-#REMOVEME? ynh_abort_if_errors
-
 #=================================================
 # STANDARD UPGRADE STEPS
 #=================================================
@ -65,182 +16,81 @@ current_version=$(ynh_read_manifest --manifest="/etc/yunohost/apps/$app/manifest
 #=================================================
 ynh_script_progression --message="Stopping a systemd service..." --weight=1

-ynh_systemd_action --service_name=$app-videobridge --action="stop" --log_path="/var/log/$app/$app-videobridge.log"
-ynh_systemd_action --service_name=$app-jicofo --action="stop" --log_path="/var/log/$app/$app-jicofo.log"
+ynh_systemd_action --service_name="$app-videobridge" --action="stop" --log_path="/var/log/$app/$app-videobridge.log"
+ynh_systemd_action --service_name="$app-jicofo" --action="stop" --log_path="/var/log/$app/$app-jicofo.log"

 #=================================================
 # ENSURE DOWNWARD COMPATIBILITY
 #=================================================
 ynh_script_progression --message="Ensuring downward compatibility..." --weight=1

-# If install_dir doesn't exist, create it
-if [ -z "$install_dir" ]; then
-#REMOVEME? 	install_dir=/var/www/$app
-#REMOVEME? 	ynh_app_setting_set --app=$app --key=install_dir --value=$install_dir
-fi
-
 # If max_memory doesn't exist, create it and set to default 75 mb value
 if [ -z "$max_memory" ]; then
    max_memory=200
-	ynh_app_setting_set --app=$app --key=max_memory --value=$max_memory
+    ynh_app_setting_set --app="$app" --key=max_memory --value="$max_memory"
 fi

-#=================================================
-# CREATE DEDICATED USER
-#=================================================
-#REMOVEME? ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1
-
-# Create a dedicated user (if not existing)
-#REMOVEME? ynh_system_user_create --username=$app --home_dir="$install_dir"
-gpasswd --add www-data $app
+gpasswd --add prosody "$app"
+gpasswd --add www-data "$app"

 #=================================================
 # DOWNLOAD, CHECK AND UNPACK SOURCE
 #=================================================
-
-if [ "$upgrade_type" == "UPGRADE_APP" ]
-then
 ynh_script_progression --message="Upgrading source files..." --weight=1

-	# Download, check integrity, uncompress and patch the source from app.src
-	declare -A packages
-	packages[jitsi-jicofo]="jicofo"
-	packages[jitsi-meet-prosody]="jitsi-meet/prosody-plugins"
-	packages[jitsi-meet-web]="jitsi-meet"
-	packages[jitsi-videobridge]="jitsi-videobridge"
-
-	for package in "${!packages[@]}"
-	do
-#REMOVEME? 		ynh_secure_remove --file="$install_dir/${package}"
-		ynh_setup_source --dest_dir="$install_dir/${package}_temp" --source_id=$package
-		pushd "$install_dir/${package}_temp"
-			ar x $package.deb data.tar.xz
-			tar xf data.tar.xz
-		popd
-
-		mv "$install_dir/${package}_temp/usr/share/${packages[$package]}/" "$install_dir/${package}/"
-#REMOVEME? 		ynh_secure_remove --file="$install_dir/${package}_temp"
-	done
-
-	ynh_setup_source --dest_dir="$install_dir/jitsi-meet-prosody" --source_id=mod_auth_ldap
-fi
+_setup_sources

 chmod 750 "$install_dir"
 chmod -R o-rwx "$install_dir"
-chown -R $app:$app "$install_dir"
+chown -R "$app:$app" "$install_dir"

 #=================================================
-# UPGRADE DEPENDENCIES
+# REPLACE JNIWRAPPER FOR ARMHF ARCHITECTURE IN JITSI-VIDEOBRIDGE
 #=================================================
-#REMOVEME? ynh_script_progression --message="Upgrading dependencies..." --weight=1

-ynh_install_apps --apps="$ynh_app_dependencies"
-#REMOVEME? ynh_install_app_dependencies $pkg_dependencies
-
-if [ $YNH_ARCH == "armhf" ] 
-then
-#REMOVEME? 	ynh_script_progression --message="Installing specific arm dependencies..." --weight=1
-#REMOVEME? 	ynh_install_extra_app_dependencies --repo="deb http://security.debian.org/debian-security stretch/updates main" --package="$pkg_extra_depedencies_arm" --key="https://ftp-master.debian.org/keys/archive-key-9-security.asc"
+if [ "$YNH_ARCH" == "armhf" ]; then
+    ynh_script_progression --message="Configuring jniwrapper for armhf ..." --weight=1
+    ynh_jniwrapper_armhf
 fi

-gpasswd --add prosody $app
-
-#=================================================
-# NGINX CONFIGURATION
-#=================================================
-ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=1
-
-# Create a dedicated NGINX config
-ynh_add_nginx_config
-
-#=================================================
-# SPECIFIC UPGRADE
-#=================================================
-# CONFIGURE FIREWALL
-#=================================================
-ynh_script_progression --message="Configuring firewall..." --weight=1
-
-# Open this port
-ynh_exec_warn_less yunohost firewall allow TCP $port
-ynh_exec_warn_less yunohost firewall allow UDP $port_videobridge
-
 #=================================================
 # CONFIGURE PROSODY
 #=================================================
 ynh_script_progression --message="Configuring Prosody..." --weight=1

-if [ "$upgrade_type" == "UPGRADE_APP" ]
-then
 ynh_add_config --template="../conf/prosody.cfg.lua" --destination="/etc/prosody/conf.avail/$domain.cfg.lua"
 chmod 644 "/etc/prosody/conf.avail/$domain.cfg.lua"
-fi

 #=================================================
 # CONFIGURE JITSI-VIDEOBRIDGE
 #=================================================
 ynh_script_progression --message="Configuring Jitsi-Videobridge..." --weight=1

-if [ "$upgrade_type" == "UPGRADE_APP" ]
-then
 public_ipv4="$(curl ip.yunohost.org)" || true
 private_ipv4="$(ip route get 1 | sed -n 's/^.*src \([0-9.]*\) .*$/\1/p')" || true

 ynh_add_config --template="../conf/jitsi-videobridge-callstats-java-sdk.properties" --destination="/etc/$app/videobridge/callstats-java-sdk.properties"
-
 ynh_add_config --template="../conf/jitsi-videobridge-jvb.conf" --destination="/etc/$app/videobridge/jvb.conf"
-
 ynh_add_config --template="../conf/jitsi-videobridge-logging.properties" --destination="/etc/$app/videobridge/logging.properties"
-
 ynh_add_config --template="../conf/jitsi-videobridge-sip-communicator.properties" --destination="/etc/$app/videobridge/sip-communicator.properties"
-
 ynh_add_config --template="../conf/jitsi-videobridge.config" --destination="/etc/$app/videobridge/config"
-fi
-
-
-#=================================================
-# REPLACE JNIWRAPPER FOR ARMHF ARCHITECTURE IN JITSI-VIDEOBRIDGE
-#=================================================
-
-if [ $YNH_ARCH == "armhf" ] 
-then
-	ynh_script_progression --message="Configuring jniwrapper for armhf ..." --weight=1
-	ynh_jniwrapper_armhf
-    
-fi

 #=================================================
 # CONFIGURE JITSI-JICOFO
 #=================================================
 ynh_script_progression --message="configuring Jitsi-Jicofo..." --weight=1

-if [ "$upgrade_type" == "UPGRADE_APP" ]
-then
 ynh_add_config --template="../conf/jitsi-jicofo-config" --destination="/etc/$app/jicofo/config"
-
 ynh_add_config --template="../conf/jitsi-jicofo-jicofo.conf" --destination="/etc/$app/jicofo/jicofo.conf"
-
 ynh_add_config --template="../conf/jitsi-jicofo-logging.properties" --destination="/etc/$app/jicofo/logging.properties"
-fi

 #=================================================
 # CONFIGURE JITSI-MEET
 #=================================================
 ynh_script_progression --message="Configuring Jitsi-Meet..." --weight=1

-if [ "$upgrade_type" == "UPGRADE_APP" ]
-then
 ynh_add_config --template="../conf/jitsi-meet-config.js" --destination="/etc/$app/meet/$domain-config.js"
 chmod 644 "/etc/$app/meet/$domain-config.js"
-fi
-
-#=================================================
-# CREATE LOG DIR
-#=================================================
-ynh_script_progression --message="Creating log dir..." --weight=1
-
-mkdir -p "/var/log/$app"
-chown -R $app: /var/log/$app
-chmod -R 770 /var/log/$app

 #=================================================
 # SECURE FILES AND DIRECTORIES
@ -248,49 +98,36 @@ chmod -R 770 /var/log/$app
 ynh_script_progression --message="Securing files and directories..." --weight=1

 # Set permissions on app files
-chown -R $app: /etc/$app
+chown -R "$app:" "/etc/$app"

 #=================================================
-# SETUP SYSTEMD
+# REAPPLY SYSTEM CONFIGURATIONS
 #=================================================
-ynh_script_progression --message="Upgrading systemd configuration..." --weight=1
+ynh_script_progression --message="Upgrading system configurations related to $app..." --weight=1
+
+# Create a dedicated NGINX config
+ynh_add_nginx_config

 # Create a dedicated systemd config
-ynh_add_systemd_config --service=$app-videobridge --template="jitsi-videobridge.service"
-ynh_add_systemd_config --service=$app-jicofo --template="jitsi-jicofo.service"
+ynh_add_systemd_config --service="$app-videobridge" --template="jitsi-videobridge.service"
+yunohost service add "$app-videobridge" --log "/var/log/$app/$app-videobridge.log" --needs_exposed_ports "$port" "$port_videobridge"

-#=================================================
-# GENERIC FINALIZATION
-#=================================================
-# SETUP LOGROTATE
-#=================================================
-ynh_script_progression --message="Upgrading logrotate configuration..." --weight=1
+ynh_add_systemd_config --service="$app-jicofo" --template="jitsi-jicofo.service"
+yunohost service add "$app-jicofo" --log "/var/log/$app/$app-jicofo.log"

 # Use logrotate to manage app-specific logfile(s)
 ynh_use_logrotate --non-append

-#=================================================
-# INTEGRATE SERVICE IN YUNOHOST
-#=================================================
-ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
-
-yunohost service add $app-videobridge --log "/var/log/$app/$app-videobridge.log" --needs_exposed_ports $port $port_videobridge
-yunohost service add $app-jicofo --log "/var/log/$app/$app-jicofo.log"
+chown -R "$app:" "/var/log/$app"
+chmod -R 770 "/var/log/$app"

 #=================================================
 # START SYSTEMD SERVICE
 #=================================================
 ynh_script_progression --message="Starting a systemd service..." --weight=1

-ynh_systemd_action --service_name=$app-jicofo --action="start" --log_path="/var/log/$app/$app-jicofo.log"
-ynh_systemd_action --service_name=$app-videobridge --action="start" --log_path="/var/log/$app/$app-videobridge.log"
-
-#=================================================
-# RELOAD NGINX
-#=================================================
-#REMOVEME? ynh_script_progression --message="Reloading NGINX web server..." --weight=1
-
-#REMOVEME? ynh_systemd_action --service_name=nginx --action=reload
+ynh_systemd_action --service_name="$app-jicofo" --action="start" --log_path="/var/log/$app/$app-jicofo.log"
+ynh_systemd_action --service_name="$app-videobridge" --action="start" --log_path="/var/log/$app/$app-videobridge.log"

 #=================================================
 # END OF SCRIPT