Integrate Ladder in YunoHost

2024-09-03 19:26:23 +02:00 · 2023-12-12 15:32:32 +01:00 · 2023-12-12 15:32:32 +01:00 · aba8bcdd7e
commit aba8bcdd7e
parent 0287be30d7
20 changed files with 56 additions and 884 deletions
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@ -1,27 +1,8 @@
 #sub_path_only rewrite ^__PATH__$ __PATH__/ permanent;
 location __PATH__/ {
-  # Path to source
+  proxy_pass http://127.0.0.1:__PORT__;
-  alias __INSTALL_DIR__/;
+  proxy_set_header Host $host;
 ### Example PHP configuration (remove it if not used)
  index index.php;
  # Common parameter to increase upload size limit in conjunction with dedicated php-fpm file
  #client_max_body_size 50M;
  try_files $uri $uri/ index.php;
  location ~ [^/]\.php(/|$) {
    fastcgi_split_path_info ^(.+?\.php)(/.*)$;
    fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock;
    fastcgi_index index.php;
    include fastcgi_params;
    fastcgi_param REMOTE_USER $remote_user;
    fastcgi_param PATH_INFO $fastcgi_path_info;
    fastcgi_param SCRIPT_FILENAME $request_filename;
  }
 ### End of PHP configuration part
  # Include SSOWAT user panel.
  include conf.d/yunohost_panel.conf.inc;
--- a/conf/php-fpm.conf
+++ b/conf/php-fpm.conf
@ -1,430 +0,0 @@
 ; Start a new pool named 'www'.
 ; the variable $pool can be used in any directive and will be replaced by the
 ; pool name ('www' here)
 [__NAMETOCHANGE__]
 ; Per pool prefix
 ; It only applies on the following directives:
 ; - 'access.log'
 ; - 'slowlog'
 ; - 'listen' (unixsocket)
 ; - 'chroot'
 ; - 'chdir'
 ; - 'php_values'
 ; - 'php_admin_values'
 ; When not set, the global prefix (or /usr) applies instead.
 ; Note: This directive can also be relative to the global prefix.
 ; Default Value: none
 ;prefix = /path/to/pools/$pool
 ; Unix user/group of processes
 ; Note: The user is mandatory. If the group is not set, the default user's group
 ;       will be used.
 user = __USER__
 group = __USER__
 ; The address on which to accept FastCGI requests.
 ; Valid syntaxes are:
 ;   'ip.add.re.ss:port'    - to listen on a TCP socket to a specific IPv4 address on
 ;                            a specific port;
 ;   '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
 ;                            a specific port;
 ;   'port'                 - to listen on a TCP socket to all addresses
 ;                            (IPv6 and IPv4-mapped) on a specific port;
 ;   '/path/to/unix/socket' - to listen on a unix socket.
 ; Note: This value is mandatory.
 listen = /var/run/php/php__PHPVERSION__-fpm-__NAMETOCHANGE__.sock
 ; Set listen(2) backlog.
 ; Default Value: 511 (-1 on FreeBSD and OpenBSD)
 ;listen.backlog = 511
 ; Set permissions for unix socket, if one is used. In Linux, read/write
 ; permissions must be set in order to allow connections from a web server. Many
 ; BSD-derived systems allow connections regardless of permissions.
 ; Default Values: user and group are set as the running user
 ;                 mode is set to 0660
 listen.owner = www-data
 listen.group = www-data
 ;listen.mode = 0660
 ; When POSIX Access Control Lists are supported you can set them using
 ; these options, value is a comma separated list of user/group names.
 ; When set, listen.owner and listen.group are ignored
 ;listen.acl_users =
 ;listen.acl_groups =
 ; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect.
 ; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
 ; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
 ; must be separated by a comma. If this value is left blank, connections will be
 ; accepted from any ip address.
 ; Default Value: any
 ;listen.allowed_clients = 127.0.0.1
 ; Specify the nice(2) priority to apply to the pool processes (only if set)
 ; The value can vary from -19 (highest priority) to 20 (lower priority)
 ; Note: - It will only work if the FPM master process is launched as root
 ;       - The pool processes will inherit the master process priority
 ;         unless it specified otherwise
 ; Default Value: no set
 ; process.priority = -19
 ; Set the process dumpable flag (PR_SET_DUMPABLE prctl) even if the process user
 ; or group is differrent than the master process user. It allows to create process
 ; core dump and ptrace the process for the pool user.
 ; Default Value: no
 ; process.dumpable = yes
 ; Choose how the process manager will control the number of child processes.
 ; Possible Values:
 ;   static  - a fixed number (pm.max_children) of child processes;
 ;   dynamic - the number of child processes are set dynamically based on the
 ;             following directives. With this process management, there will be
 ;             always at least 1 children.
 ;             pm.max_children      - the maximum number of children that can
 ;                                    be alive at the same time.
 ;             pm.start_servers     - the number of children created on startup.
 ;             pm.min_spare_servers - the minimum number of children in 'idle'
 ;                                    state (waiting to process). If the number
 ;                                    of 'idle' processes is less than this
 ;                                    number then some children will be created.
 ;             pm.max_spare_servers - the maximum number of children in 'idle'
 ;                                    state (waiting to process). If the number
 ;                                    of 'idle' processes is greater than this
 ;                                    number then some children will be killed.
 ;  ondemand - no children are created at startup. Children will be forked when
 ;             new requests will connect. The following parameter are used:
 ;             pm.max_children           - the maximum number of children that
 ;                                         can be alive at the same time.
 ;             pm.process_idle_timeout   - The number of seconds after which
 ;                                         an idle process will be killed.
 ; Note: This value is mandatory.
 pm = dynamic
 ; The number of child processes to be created when pm is set to 'static' and the
 ; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'.
 ; This value sets the limit on the number of simultaneous requests that will be
 ; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.
 ; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP
 ; CGI. The below defaults are based on a server without much resources. Don't
 ; forget to tweak pm.* to fit your needs.
 ; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand'
 ; Note: This value is mandatory.
 pm.max_children = 5
 ; The number of child processes created on startup.
 ; Note: Used only when pm is set to 'dynamic'
 ; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2
 pm.start_servers = 2
 ; The desired minimum number of idle server processes.
 ; Note: Used only when pm is set to 'dynamic'
 ; Note: Mandatory when pm is set to 'dynamic'
 pm.min_spare_servers = 1
 ; The desired maximum number of idle server processes.
 ; Note: Used only when pm is set to 'dynamic'
 ; Note: Mandatory when pm is set to 'dynamic'
 pm.max_spare_servers = 3
 ; The number of seconds after which an idle process will be killed.
 ; Note: Used only when pm is set to 'ondemand'
 ; Default Value: 10s
 ;pm.process_idle_timeout = 10s;
 ; The number of requests each child process should execute before respawning.
 ; This can be useful to work around memory leaks in 3rd party libraries. For
 ; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
 ; Default Value: 0
 ;pm.max_requests = 500
 ; The URI to view the FPM status page. If this value is not set, no URI will be
 ; recognized as a status page. It shows the following informations:
 ;   pool                 - the name of the pool;
 ;   process manager      - static, dynamic or ondemand;
 ;   start time           - the date and time FPM has started;
 ;   start since          - number of seconds since FPM has started;
 ;   accepted conn        - the number of request accepted by the pool;
 ;   listen queue         - the number of request in the queue of pending
 ;                          connections (see backlog in listen(2));
 ;   max listen queue     - the maximum number of requests in the queue
 ;                          of pending connections since FPM has started;
 ;   listen queue len     - the size of the socket queue of pending connections;
 ;   idle processes       - the number of idle processes;
 ;   active processes     - the number of active processes;
 ;   total processes      - the number of idle + active processes;
 ;   max active processes - the maximum number of active processes since FPM
 ;                          has started;
 ;   max children reached - number of times, the process limit has been reached,
 ;                          when pm tries to start more children (works only for
 ;                          pm 'dynamic' and 'ondemand');
 ; Value are updated in real time.
 ; Example output:
 ;   pool:                 www
 ;   process manager:      static
 ;   start time:           01/Jul/2011:17:53:49 +0200
 ;   start since:          62636
 ;   accepted conn:        190460
 ;   listen queue:         0
 ;   max listen queue:     1
 ;   listen queue len:     42
 ;   idle processes:       4
 ;   active processes:     11
 ;   total processes:      15
 ;   max active processes: 12
 ;   max children reached: 0
 ;
 ; By default the status page output is formatted as text/plain. Passing either
 ; 'html', 'xml' or 'json' in the query string will return the corresponding
 ; output syntax. Example:
 ;   http://www.foo.bar/status
 ;   http://www.foo.bar/status?json
 ;   http://www.foo.bar/status?html
 ;   http://www.foo.bar/status?xml
 ;
 ; By default the status page only outputs short status. Passing 'full' in the
 ; query string will also return status for each pool process.
 ; Example:
 ;   http://www.foo.bar/status?full
 ;   http://www.foo.bar/status?json&full
 ;   http://www.foo.bar/status?html&full
 ;   http://www.foo.bar/status?xml&full
 ; The Full status returns for each process:
 ;   pid                  - the PID of the process;
 ;   state                - the state of the process (Idle, Running, ...);
 ;   start time           - the date and time the process has started;
 ;   start since          - the number of seconds since the process has started;
 ;   requests             - the number of requests the process has served;
 ;   request duration     - the duration in µs of the requests;
 ;   request method       - the request method (GET, POST, ...);
 ;   request URI          - the request URI with the query string;
 ;   content length       - the content length of the request (only with POST);
 ;   user                 - the user (PHP_AUTH_USER) (or '-' if not set);
 ;   script               - the main script called (or '-' if not set);
 ;   last request cpu     - the %cpu the last request consumed
 ;                          it's always 0 if the process is not in Idle state
 ;                          because CPU calculation is done when the request
 ;                          processing has terminated;
 ;   last request memory  - the max amount of memory the last request consumed
 ;                          it's always 0 if the process is not in Idle state
 ;                          because memory calculation is done when the request
 ;                          processing has terminated;
 ; If the process is in Idle state, then informations are related to the
 ; last request the process has served. Otherwise informations are related to
 ; the current request being served.
 ; Example output:
 ;   ************************
 ;   pid:                  31330
 ;   state:                Running
 ;   start time:           01/Jul/2011:17:53:49 +0200
 ;   start since:          63087
 ;   requests:             12808
 ;   request duration:     1250261
 ;   request method:       GET
 ;   request URI:          /test_mem.php?N=10000
 ;   content length:       0
 ;   user:                 -
 ;   script:               /home/fat/web/docs/php/test_mem.php
 ;   last request cpu:     0.00
 ;   last request memory:  0
 ;
 ; Note: There is a real-time FPM status monitoring sample web page available
 ;       It's available in: /usr/share/php/7.0/fpm/status.html
 ;
 ; Note: The value must start with a leading slash (/). The value can be
 ;       anything, but it may not be a good idea to use the .php extension or it
 ;       may conflict with a real PHP file.
 ; Default Value: not set
 ;pm.status_path = /status
 ; The ping URI to call the monitoring page of FPM. If this value is not set, no
 ; URI will be recognized as a ping page. This could be used to test from outside
 ; that FPM is alive and responding, or to
 ; - create a graph of FPM availability (rrd or such);
 ; - remove a server from a group if it is not responding (load balancing);
 ; - trigger alerts for the operating team (24/7).
 ; Note: The value must start with a leading slash (/). The value can be
 ;       anything, but it may not be a good idea to use the .php extension or it
 ;       may conflict with a real PHP file.
 ; Default Value: not set
 ;ping.path = /ping
 ; This directive may be used to customize the response of a ping request. The
 ; response is formatted as text/plain with a 200 response code.
 ; Default Value: pong
 ;ping.response = pong
 ; The access log file
 ; Default: not set
 ;access.log = log/$pool.access.log
 ; The access log format.
 ; The following syntax is allowed
 ;  %%: the '%' character
 ;  %C: %CPU used by the request
 ;      it can accept the following format:
 ;      - %{user}C for user CPU only
 ;      - %{system}C for system CPU only
 ;      - %{total}C  for user + system CPU (default)
 ;  %d: time taken to serve the request
 ;      it can accept the following format:
 ;      - %{seconds}d (default)
 ;      - %{miliseconds}d
 ;      - %{mili}d
 ;      - %{microseconds}d
 ;      - %{micro}d
 ;  %e: an environment variable (same as $_ENV or $_SERVER)
 ;      it must be associated with embraces to specify the name of the env
 ;      variable. Some exemples:
 ;      - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e
 ;      - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e
 ;  %f: script filename
 ;  %l: content-length of the request (for POST request only)
 ;  %m: request method
 ;  %M: peak of memory allocated by PHP
 ;      it can accept the following format:
 ;      - %{bytes}M (default)
 ;      - %{kilobytes}M
 ;      - %{kilo}M
 ;      - %{megabytes}M
 ;      - %{mega}M
 ;  %n: pool name
 ;  %o: output header
 ;      it must be associated with embraces to specify the name of the header:
 ;      - %{Content-Type}o
 ;      - %{X-Powered-By}o
 ;      - %{Transfert-Encoding}o
 ;      - ....
 ;  %p: PID of the child that serviced the request
 ;  %P: PID of the parent of the child that serviced the request
 ;  %q: the query string
 ;  %Q: the '?' character if query string exists
 ;  %r: the request URI (without the query string, see %q and %Q)
 ;  %R: remote IP address
 ;  %s: status (response code)
 ;  %t: server time the request was received
 ;      it can accept a strftime(3) format:
 ;      %d/%b/%Y:%H:%M:%S %z (default)
 ;      The strftime(3) format must be encapsuled in a %{<strftime_format>}t tag
 ;      e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
 ;  %T: time the log has been written (the request has finished)
 ;      it can accept a strftime(3) format:
 ;      %d/%b/%Y:%H:%M:%S %z (default)
 ;      The strftime(3) format must be encapsuled in a %{<strftime_format>}t tag
 ;      e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
 ;  %u: remote user
 ;
 ; Default: "%R - %u %t \"%m %r\" %s"
 ;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"
 ; The log file for slow requests
 ; Default Value: not set
 ; Note: slowlog is mandatory if request_slowlog_timeout is set
 ;slowlog = log/$pool.log.slow
 ; The timeout for serving a single request after which a PHP backtrace will be
 ; dumped to the 'slowlog' file. A value of '0s' means 'off'.
 ; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
 ; Default Value: 0
 ;request_slowlog_timeout = 0
 ; The timeout for serving a single request after which the worker process will
 ; be killed. This option should be used when the 'max_execution_time' ini option
 ; does not stop script execution for some reason. A value of '0' means 'off'.
 ; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
 ; Default Value: 0
 request_terminate_timeout = 1d
 ; Set open file descriptor rlimit.
 ; Default Value: system defined value
 ;rlimit_files = 1024
 ; Set max core size rlimit.
 ; Possible Values: 'unlimited' or an integer greater or equal to 0
 ; Default Value: system defined value
 ;rlimit_core = 0
 ; Chroot to this directory at the start. This value must be defined as an
 ; absolute path. When this value is not set, chroot is not used.
 ; Note: you can prefix with '$prefix' to chroot to the pool prefix or one
 ; of its subdirectories. If the pool prefix is not set, the global prefix
 ; will be used instead.
 ; Note: chrooting is a great security feature and should be used whenever
 ;       possible. However, all PHP paths will be relative to the chroot
 ;       (error_log, sessions.save_path, ...).
 ; Default Value: not set
 ;chroot =
 ; Chdir to this directory at the start.
 ; Note: relative path can be used.
 ; Default Value: current directory or / when chroot
 chdir = __INSTALL_DIR__
 ; Redirect worker stdout and stderr into main error log. If not set, stdout and
 ; stderr will be redirected to /dev/null according to FastCGI specs.
 ; Note: on highloaded environement, this can cause some delay in the page
 ; process time (several ms).
 ; Default Value: no
 ;catch_workers_output = yes
 ; Clear environment in FPM workers
 ; Prevents arbitrary environment variables from reaching FPM worker processes
 ; by clearing the environment in workers before env vars specified in this
 ; pool configuration are added.
 ; Setting to "no" will make all environment variables available to PHP code
 ; via getenv(), $_ENV and $_SERVER.
 ; Default Value: yes
 ;clear_env = no
 ; Limits the extensions of the main script FPM will allow to parse. This can
 ; prevent configuration mistakes on the web server side. You should only limit
 ; FPM to .php extensions to prevent malicious users to use other extensions to
 ; execute php code.
 ; Note: set an empty value to allow all extensions.
 ; Default Value: .php
 ;security.limit_extensions = .php .php3 .php4 .php5 .php7
 ; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
 ; the current environment.
 ; Default Value: clean env
 ;env[HOSTNAME] = $HOSTNAME
 ;env[PATH] = /usr/local/bin:/usr/bin:/bin
 ;env[TMP] = /tmp
 ;env[TMPDIR] = /tmp
 ;env[TEMP] = /tmp
 ; Additional php.ini defines, specific to this pool of workers. These settings
 ; overwrite the values previously defined in the php.ini. The directives are the
 ; same as the PHP SAPI:
 ;   php_value/php_flag             - you can set classic ini defines which can
 ;                                    be overwritten from PHP call 'ini_set'.
 ;   php_admin_value/php_admin_flag - these directives won't be overwritten by
 ;                                     PHP call 'ini_set'
 ; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no.
 ; Defining 'extension' will load the corresponding shared extension from
 ; extension_dir. Defining 'disable_functions' or 'disable_classes' will not
 ; overwrite previously defined php.ini values, but will append the new value
 ; instead.
 ; Note: path INI options can be relative and will be expanded with the prefix
 ; (pool, global or /usr)
 ; Default Value: nothing is defined by default except the values in php.ini and
 ;                specified at startup with the -d argument
 ;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com
 ;php_flag[display_errors] = off
 ;php_admin_value[error_log] = /var/log/fpm-php.www.log
 ;php_admin_flag[log_errors] = on
 ;php_admin_value[memory_limit] = 32M
 ; Common values to change to increase file upload limit
 ; php_admin_value[upload_max_filesize] = 50M
 ; php_admin_value[post_max_size] = 50M
 ; php_admin_flag[mail.add_x_header] = Off
 ; Other common parameters
 ; php_admin_value[max_execution_time] = 600
 ; php_admin_value[max_input_time] = 300
 ; php_admin_value[memory_limit] = 256M
 ; php_admin_flag[short_open_tag] = On
--- a/conf/systemd.service
+++ b/conf/systemd.service
@ -1,5 +1,5 @@
 [Unit]
-Description=Small description of the service
+Description=Ladder Paywall Remover
 After=network.target
 [Service]
@ -7,7 +7,7 @@ Type=simple
 User=__APP__
 Group=__APP__
 WorkingDirectory=__INSTALL_DIR__/
-ExecStart=__INSTALL_DIR__/script
+ExecStart=__INSTALL_DIR__/ladder -r https://t.ly/14PSf
 StandardOutput=append:/var/log/__APP__/__APP__.log
 StandardError=inherit
--- a/doc/ADMIN.md
+++ b/doc/ADMIN.md
@ -1,3 +1,5 @@
-This is a dummy admin doc for this app
+This application downloads a binary from Ladder's GitHub repository and runs it on the YunoHost server as a systemd daemon. It is then connected to an nginx reverse proxy.
-The app install dir is `__INSTALL_DIR__`
+The binary is located in `__INSTALL_DIR__`.
 The app uses the default ruleset : https://t.ly/14PSf
--- a/doc/ADMIN_fr.md
+++ b/doc/ADMIN_fr.md
@ -1,3 +1,5 @@
-Ceci est une fausse doc d'admin pour cette app
+Cette application télécharge un binaire depuis le dépot GitHub de Ladder et l'exécute sous la forme d'un service systemd. Il est rendu accessible grâce à un proxy inverse nginx.
-Le dossier d'install de l'app est `__INSTALL_DIR__`
+Le binaire est téélchargé dans le dossier `__INSTALL_DIR__`
 L'application utilise le "ruleset" par défaut : https://t.ly/14PSf
--- a/doc/DESCRIPTION.md
+++ b/doc/DESCRIPTION.md
@ -1 +1,5 @@
-This is a dummy description of this app features
+Freedom of information is an essential pillar of democracy and informed decision-making. While media organizations have legitimate financial interests, it is crucial to strike a balance between profitability and the public's right to access information. The proliferation of paywalls raises concerns about the erosion of this fundamental freedom, and it is imperative for society to find innovative ways to preserve access to vital information without compromising the sustainability of journalism. In a world where knowledge should be shared and not commodified, paywalls should be critically examined to ensure that they do not undermine the principles of an open and informed society.
 Some sites do not expose their content to search engines, which means that the proxy cannot access the content. A future version will try to fetch the content from Google Cache.
 Certain sites may display missing images or encounter formatting issues. This can be attributed to the site's reliance on JavaScript or CSS for image and resource loading, which presents a limitation when accessed through this proxy. If you prefer a full experience, please consider buying a subscription for the site.
--- a/doc/DESCRIPTION_fr.md
+++ b/doc/DESCRIPTION_fr.md
@ -1 +1,5 @@
-Ceci est une fausse description des fonctionalités de l'app
+La liberté d'information est un pilier essentiel de la démocratie et de la prise de décision éclairée. Bien que les organisations médiatiques aient des intérêts financiers légitimes, il est crucial de trouver un équilibre entre la rentabilité et le droit du public à accéder à l'information. La prolifération des paywalls suscite des inquiétudes quant à l'érosion de cette liberté fondamentale, et il est impératif pour la société de trouver des moyens innovants de préserver l'accès à des informations vitales sans compromettre la durabilité du journalisme. Dans un monde où la connaissance devrait être partagée et non marchandisée, les paywalls devraient être examinés de manière critique pour s'assurer qu'ils ne sapent pas les principes d'une société ouverte et informée.
 Certains sites ne rendent pas leur contenu accessible aux moteurs de recherche, ce qui signifie que le proxy ne peut pas accéder au contenu. Une version future tentera de récupérer le contenu depuis le cache de Google.
 Certains sites peuvent afficher des images manquantes ou rencontrer des problèmes de mise en forme. Cela peut être attribué à la dépendance du site à JavaScript ou CSS pour le chargement d'images et de ressources, ce qui présente une limitation lorsqu'il est accédé via ce proxy. Si vous préférez une expérience complète, veuillez envisager d'acheter un abonnement pour le site.
--- a/doc/POST_INSTALL.md
+++ b/doc/POST_INSTALL.md
@ -1,7 +1 @@
-This is a dummy disclaimer to display after the install
+The installation was successful. You can find Ladder on `__DOMAIN____PATH__`.
 The app url is `__DOMAIN____PATH__`
 The app install dir is `__INSTALL_DIR__`
 The app id is `__ID__`
--- a/doc/POST_UPGRADE.md
+++ b/doc/POST_UPGRADE.md
@ -1 +1 @@
-This is a dummy disclaimer to display after upgrades
+The upgrade was successful.
--- a/doc/PRE_INSTALL.md
+++ b/doc/PRE_INSTALL.md
@ -1 +1 @@
-This is a dummy disclaimer to display prior to the install
+If your instance will be publicly accessible, make sure to enable Basic Auth. This will prevent unauthorized users from using your proxy. If you do not enable Basic Auth, anyone can use your proxy to browse nasty/illegal stuff. And you will be responsible for it.
--- a/doc/PRE_INSTALL_fr.md
+++ b/doc/PRE_INSTALL_fr.md
@ -1 +1 @@
-Ceci est un faux disclaimer à présenter avant l'installation
+Si votre instance est destinée à être accessible publiquement, assurez-vous d'activer l'authentification de base (Basic Auth). Cela empêchera les utilisateurs non autorisés d'utiliser votre proxy. Si vous n'activez pas l'authentification de base, n'importe qui peut utiliser votre proxy pour accéder à du contenu désagréable/illégal. Vous en seriez alors responsable.
--- a/doc/PRE_UPGRADE.md
+++ b/doc/PRE_UPGRADE.md
@ -1 +1 @@
-This is a dummy disclaimer to display prior to any upgrade
+You are about to upgrade Ladder.
--- a/doc/screenshots/example.jpg
+++ b/doc/screenshots/example.jpg
--- a/doc/screenshots/example.png
+++ b/doc/screenshots/example.png
--- a/manifest.toml
+++ b/manifest.toml
@ -2,134 +2,59 @@
 packaging_format = 2
-id = "example"
+id = "ladder"
-name = "Example app"
+name = "Ladder"
-description.en = "Explain in *a few (10~15) words* the purpose of the app or what it actually does (it is meant to give a rough idea to users browsing a catalog of 100+ apps)"
+description.en = "Bypass paywalls as 12ft.io does"
-description.fr = "Expliquez en *quelques* (10~15) mots l'utilité de l'app ou ce qu'elle fait (l'objectif est de donner une idée grossière pour des utilisateurs qui naviguent dans un catalogue de 100+ apps)"
+description.fr = "Contourner les paywall comme le fait 12ft.io"
-version = "1.0~ynh1"
+version = "0.0.21~ynh1"
-maintainers = ["johndoe"]
+maintainers = ["Gildas-GH"]
 [upstream]
-# NB: Only the "license" key is mandatory. Remove entries for which there's no relevant data
+license = "GPL-3.0-only"
-license = "free"
+code = "https://github.com/everywall/ladder"
 website = "https://example.com"
 demo = "https://demo.example.com"
 admindoc = "https://yunohost.org/packaging_apps"
 userdoc = "https://yunohost.org/apps"
 code = "https://some.forge.com/example/example"
 # FIXME: optional but recommended if relevant, this is meant to contain the Common Platform Enumeration, which is
 # sort of a standard id for applications defined by the NIST. In particular, YunoHost may use this is in the future
 # to easily track CVE (=security reports) related to apps. The CPE may be obtained by searching here:
 # https://nvd.nist.gov/products/cpe/search.
 # For example, for Nextcloud, the CPE is 'cpe:2.3:a:nextcloud:nextcloud' (no need to include the version number)
 cpe = "???"
 # FIXME: optional but recommended (or remove if irrelevant / not applicable).
 # This is meant to be an URL where people can financially support this app, especially when its development is based
 # on volunteers and/or financed by its community. YunoHost may later advertise it in the webadmin.
 fund = "???"
 [integration]
 yunohost = ">= 11.1.21"
-# FIXME: can be replaced by a list of supported archs using the dpkg --print-architecture nomenclature (amd64/i386/armhf/arm64), for example: ["amd64", "i386"]
+architectures = ["amd64", "i386", "arm64"]
 architectures = "all"
 multi_instance = true
-
+ldap = "not_relevant"
-# FIXME: replace with true, false, or "not_relevant".
+sso = "not_relevant"
-# Not to confuse with the "sso" key: the "ldap" key corresponds to wether or not a user *can* login on the app using
+disk = "20M"
-# its YunoHost credentials.
+ram.build = "20M"
-ldap = "?"
+ram.runtime = "20M"
 # FIXME: replace with true, false, or "not_relevant".
 # Not to confuse with the "ldap" key: the "sso" key corresponds to wether or not a user is *automatically logged-in*
 # on the app when logged-in on the YunoHost portal.
 sso = "?"
 # FIXME: replace with an **estimate** minimum disk and RAM requirements. e.g. 20M, 400M, 1G...
 disk = "50M"
 ram.build = "50M"
 ram.runtime = "50M"
 [install]
    [install.domain]
    # this is a generic question - ask strings are automatically handled by YunoHost's core
    type = "domain"
    [install.path]
    # this is a generic question - ask strings are automatically handled by YunoHost's core
    type = "path"
-    default = "/example"
+    default = "/ladder"
    [install.init_main_permission]
    # this is a generic question - ask strings are automatically handled by YunoHost's core
    # This won't be saved as setting and will instead be used to initialize the SSOwat permission
    type = "group"
    default = "visitors"
    [install.language]
    ask.en = "Choose the application language"
    ask.fr = "Choisissez la langue de l'application"
    type = "select"
    choices = ["fr", "en"]
    default = "fr"
    [install.admin]
    # this is a generic question - ask strings are automatically handled by YunoHost's core
    type = "user"
    [install.password]
    # this is a generic question - ask strings are automatically handled by YunoHost's core
    # Note that user-provided passwords questions are not automatically saved as setting
    help.en = "Use the help field to add an information for the admin about this question."
    help.fr = "Utilisez le champ aide pour ajouter une information à l'intention de l'administrateur à propos de cette question."
    type = "password"
 [resources]
    # See the packaging documentation for the full set
    # of explanation regarding the behavior and properties for each of those
    [resources.sources]
        [resources.sources.main]
-        # This will pre-fetch the asset which can then be deployed during the install/upgrade scripts with :
+        i386.url = "https://github.com/everywall/ladder/releases/download/v0.0.21/ladder_linux_386.tar.gz"
-        #    ynh_setup_source --dest_dir="$install_dir"
+        i386.sha256 = "77b561f4d9302f6a7473de8b6267f909a7e5c1841528e404d1b2363ace876247"
-        # You can also define other assets than "main" and add --source_id="foobar" in the previous command
+        amd64.url = "https://github.com/everywall/ladder/releases/download/v0.0.21/ladder_linux_adm64.tar.gz"
-        url = "https://github.com/foo/bar/archive/refs/tags/v1.2.3.tar.gz"
+        amd64.sha256 = "d7c71df5b0df5962e54a6df1796bfdb21dfc7696d4cbd072b95692b00606c44d"
-        sha256 = "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"
+        arm64.url = "https://github.com/everywall/ladder/releases/download/v0.0.21/ladder_linux_arm64.tar.gz"
-
+        arm64.sha256 = "fc512e8aebb2459d13b97daf1d6ec3b1a7dfb32b24a60c5e1e0d2f804219b11a"
-        # These infos are used by https://github.com/YunoHost/apps/blob/master/tools/autoupdate_app_sources/autoupdate_app_sources.py
+        autoupdate.strategy = "latest_github_tag"
        # to auto-update the previous asset urls and sha256sum + manifest version
        # assuming the upstream's code repo is on github and relies on tags or releases
        # See the 'sources' resource documentation for more details
        # autoupdate.strategy = "latest_github_tag"
    [resources.system_user]
    # This will provision/deprovision a unix system user
    [resources.install_dir]
    # This will create/remove the install dir as /var/www/$app
    # and store the corresponding setting $install_dir
    [resources.data_dir]
    # This will create/remove the data dir as /home/yunohost.app/$app
    # and store the corresponding setting $data_dir
    [resources.permissions]
    # This will configure SSOwat permission for $domain/$path/
    # The initial allowed group of user is configured via the init_main_permission question (public=visitors, private=all_users)
    main.url = "/"
    [resources.ports]
    # This will pick a random port for reverse-proxying and store it as the $port setting
    [resources.apt]
    # This will automatically install/uninstall the following apt packages
    # and implicitly define the $phpversion setting as 8.0 (if phpX.Y-foobar dependencies are listed)
    packages = "deb1, deb2, php8.0-foo, php8.0-bar"
    [resources.database]
    # This will automatically provision/deprovison a MySQL DB and store the corresponding credentials in settings $db_user, $db_name, $db_pwd
    type = "mysql"
--- a/scripts/backup
+++ b/scripts/backup
@ -26,32 +26,12 @@ ynh_print_info --message="Declaring files to be backed up..."
 ynh_backup --src_path="$install_dir"
 #=================================================
 # BACKUP THE DATA DIR
 #=================================================
 # Only relevant if there is a "data_dir" resource for this app
 ynh_backup --src_path="$data_dir" --is_big
 #=================================================
 # BACKUP THE NGINX CONFIGURATION
 #=================================================
 ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
 #=================================================
 # BACKUP THE PHP-FPM CONFIGURATION
 #=================================================
 ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
 #=================================================
 # BACKUP FAIL2BAN CONFIGURATION
 #=================================================
 ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf"
 ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf"
 #=================================================
 # SPECIFIC BACKUP
 #=================================================
@ -66,24 +46,6 @@ ynh_backup --src_path="/etc/logrotate.d/$app"
 ynh_backup --src_path="/etc/systemd/system/$app.service"
 #=================================================
 # BACKUP VARIOUS FILES
 #=================================================
 ynh_backup --src_path="/etc/cron.d/$app"
 ynh_backup --src_path="/etc/$app/"
 #=================================================
 # BACKUP THE MYSQL DATABASE
 #=================================================
 ynh_print_info --message="Backing up the MySQL database..."
 ### (However, things like MySQL dumps *do* take some time to run, though the
 ### copy of the generated dump to the archive still happens later)
 ynh_mysql_dump_db --database="$db_name" > db.sql
 #=================================================
 # END OF SCRIPT
 #=================================================
--- a/scripts/install
+++ b/scripts/install
@ -9,37 +9,12 @@
 source _common.sh
 source /usr/share/yunohost/helpers
 # Install parameters are automatically saved as settings
 #
 # Settings are automatically loaded as bash variables
 # in every app script context, therefore typically these will exist:
 # - $domain
 # - $path
 # - $language
 # ... etc
 #
 # Resources defined in the manifest are provisioned prior to this script
 # and corresponding settings are also available, such as:
 # - $install_dir
 # - $port
 # - $db_name
 # ...
 #
 # $app is the app id (i.e. 'example' for first install, 
 # or 'example__2', '__3', ... for multi-instance installs)
 #
 #=================================================
 # APP "BUILD" (DEPLOYING SOURCES, VENV, COMPILING ETC)
 #=================================================
 # DOWNLOAD, CHECK AND UNPACK SOURCE
 #=================================================
-ynh_script_progression --message="Setting up source files..." --weight=1
+ynh_script_progression --message="Downloading Ladder..." --weight=1
 ### `ynh_setup_source` is used to install an app from a zip or tar.gz file,
 ### downloaded from an upstream source, like a git repository.
 ### `ynh_setup_source` use the file manifest.toml
 # Download, check integrity, uncompress and patch the source from manifest.toml
 ynh_setup_source --dest_dir="$install_dir"
@ -52,141 +27,25 @@ chown -R $app:www-data "$install_dir"
 #=================================================
 # SYSTEM CONFIGURATION
 #=================================================
-ynh_script_progression --message="Adding system configurations related to $app..." --weight=1
+ynh_script_progression --message="Adding system configuration..." --weight=1
 ### `ynh_add_fpm_config` is used to set up a PHP config.
 ### You can remove it if your app doesn't use PHP.
 ### `ynh_add_fpm_config` will use the files conf/php-fpm.conf
 ### If you're not using these lines:
 ###		- You can remove these files in conf/.
 ###		- Remove the section "BACKUP THE PHP-FPM CONFIGURATION" in the backup script
 ###		- Remove also the section "REMOVE PHP-FPM CONFIGURATION" in the remove script
 ###		- As well as the section "RESTORE THE PHP-FPM CONFIGURATION" in the restore script
 ###		  with the reload at the end of the script.
 ###		- And the section "PHP-FPM CONFIGURATION" in the upgrade script
 # Create a dedicated PHP-FPM config using the conf/php-fpm.conf or conf/extra_php-fpm.conf
 ynh_add_fpm_config
 # Create a dedicated NGINX config using the conf/nginx.conf template
 ynh_add_nginx_config
 ### `ynh_systemd_config` is used to configure a systemd script for an app.
 ### It can be used for apps that use sysvinit (with adaptation) or systemd.
 ### Have a look at the app to be sure this app needs a systemd script.
 ### `ynh_systemd_config` will use the file conf/systemd.service
 ### If you're not using these lines:
 ###		- You can remove those files in conf/.
 ###		- Remove the section "BACKUP SYSTEMD" in the backup script
 ###		- Remove also the section "STOP AND REMOVE SERVICE" in the remove script
 ###		- As well as the section "RESTORE SYSTEMD" in the restore script
 ###		- And the section "SETUP SYSTEMD" in the upgrade script
 # Create a dedicated systemd config
 ynh_add_systemd_config
-### `yunohost service add` integrates a service in YunoHost. It then gets
+yunohost service add $app --description="Ladder Paywall Remover" --log="/var/log/$app/$app.log"
 ### displayed in the admin interface and through the others `yunohost service` commands.
 ### (N.B.: this line only makes sense if the app adds a service to the system!)
 ### If you're not using these lines:
 ###		- You can remove these files in conf/.
 ###		- Remove the section "REMOVE SERVICE INTEGRATION IN YUNOHOST" in the remove script
 ###		- As well as the section "INTEGRATE SERVICE IN YUNOHOST" in the restore script
 ###		- And the section "INTEGRATE SERVICE IN YUNOHOST" in the upgrade script
 yunohost service add $app --description="A short description of the app" --log="/var/log/$app/$app.log"
 ### Additional options starting with 3.8:
 ###
 ### --needs_exposed_ports "$port" a list of ports that needs to be publicly exposed
 ###                               which will then be checked by YunoHost's diagnosis system
 ###                               (N.B. DO NOT USE THIS if the port is only internal!!!)
 ###
 ### --test_status "some command"  a custom command to check the status of the service
 ###                               (only relevant if 'systemctl status' doesn't do a good job)
 ###
 ### --test_conf "some command"    some command similar to "nginx -t" that validates the conf of the service
 ###
 ### Re-calling 'yunohost service add' during the upgrade script is the right way
 ### to proceed if you later realize that you need to enable some flags that
 ### weren't enabled on old installs (be careful it'll override the existing
 ### service though so you should re-provide all relevant flags when doing so)
 ### `ynh_use_logrotate` is used to configure a logrotate configuration for the logs of this app.
 ### Use this helper only if there is effectively a log file for this app.
 ### If you're not using this helper:
 ###		- Remove the section "BACKUP LOGROTATE" in the backup script
 ###		- Remove also the section "REMOVE LOGROTATE CONFIGURATION" in the remove script
 ###		- As well as the section "RESTORE THE LOGROTATE CONFIGURATION" in the restore script
 ###		- And the section "SETUP LOGROTATE" in the upgrade script
 # Use logrotate to manage application logfile(s)
 ynh_use_logrotate
 # Create a dedicated Fail2Ban config
 ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login"
 #=================================================
 # APP INITIAL CONFIGURATION
 #=================================================
 # ADD A CONFIGURATION
 #=================================================
 ynh_script_progression --message="Adding a configuration file..." --weight=1
 ### You can add specific configuration files.
 ###
 ### Typically, put your template conf file in ../conf/your_config_file
 ### The template may contain strings such as __FOO__ or __FOO_BAR__,
 ### which will automatically be replaced by the values of $foo and $foo_bar
 ###
 ### ynh_add_config will also keep track of the config file's checksum,
 ### which later during upgrade may allow to automatically backup the config file
 ### if it's found that the file was manually modified
 ###
 ### Check the documentation of `ynh_add_config` for more info.
 ynh_add_config --template="some_config_file" --destination="$install_dir/some_config_file"
 # FIXME: this should be handled by the core in the future
 # You may need to use chmod 600 instead of 400,
 # for example if the app is expected to be able to modify its own config
 chmod 400 "$install_dir/some_config_file"
 chown $app:$app "$install_dir/some_config_file"
 ### For more complex cases where you want to replace stuff using regexes,
 ### you shoud rely on ynh_replace_string (which is basically a wrapper for sed)
 ### When doing so, you also need to manually call ynh_store_file_checksum
 ###
 ### ynh_replace_string --match_string="match_string" --replace_string="replace_string" --target_file="$install_dir/some_config_file"
 ### ynh_store_file_checksum --file="$install_dir/some_config_file"
 #=================================================
 # SETUP APPLICATION WITH CURL
 #=================================================
 ### Use these lines only if the app installation needs to be finalized through
 ### web forms. We generally don't want to ask the final user,
 ### so we're going to use curl to automatically fill the fields and submit the
 ### forms.
 # Installation with curl
 ynh_script_progression --message="Finalizing installation..." --weight=1
 ynh_local_curl "/INSTALL_PATH" "key1=value1" "key2=value2" "key3=value3"
 #=================================================
 # GENERIC FINALIZATION
 #=================================================
 # START SYSTEMD SERVICE
 #=================================================
-ynh_script_progression --message="Starting a systemd service..." --weight=1
+ynh_script_progression --message="Starting Ladder..." --weight=1
 ### `ynh_systemd_action` is used to start a systemd service for an app.
 ### Only needed if you have configure a systemd service
 ### If you're not using these lines:
 ###		- Remove the section "STOP SYSTEMD SERVICE" and "START SYSTEMD SERVICE" in the backup script
 ###		- As well as the section "START SYSTEMD SERVICE" in the restore script
 ###		- As well as the section"STOP SYSTEMD SERVICE" and "START SYSTEMD SERVICE" in the upgrade script
 ###		- And the section "STOP SYSTEMD SERVICE" and "START SYSTEMD SERVICE" in the change_url script
 # Start a systemd service
 ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
--- a/scripts/remove
+++ b/scripts/remove
@ -9,19 +9,6 @@
 source _common.sh
 source /usr/share/yunohost/helpers
 # Settings are automatically loaded as bash variables
 # in every app script context, therefore typically these will exist:
 # - $domain
 # - $path
 # - $language
 # - $install_dir
 # - $port
 # ...
 # For remove operations :
 # - the core will deprovision every resource defined in the manifest **after** this script is ran
 # this includes removing the install directory, and data directory (if --purge was used)
 #=================================================
 # REMOVE SYSTEM CONFIGURATIONS
 #=================================================
@ -42,18 +29,8 @@ ynh_remove_systemd_config
 ynh_remove_nginx_config
 ynh_remove_fpm_config
 ynh_remove_logrotate
 ynh_remove_fail2ban_config
 # Remove other various files specific to the app... such as :
 ynh_secure_remove --file="/etc/cron.d/$app"
 ynh_secure_remove --file="/etc/$app"
 ynh_secure_remove --file="/var/log/$app"
 #=================================================
--- a/scripts/restore
+++ b/scripts/restore
@ -22,62 +22,28 @@ ynh_restore_file --origin_path="$install_dir"
 # ownership to all files such as after the ynh_setup_source step
 chown -R $app:www-data "$install_dir"
 #=================================================
 # RESTORE THE DATA DIRECTORY
 #=================================================
 ynh_script_progression --message="Restoring the data directory..." --weight=1
 ynh_restore_file --origin_path="$data_dir" --not_mandatory
 # (Same as for install dir)
 chown -R $app:www-data "$data_dir"
 #=================================================
 # RESTORE THE MYSQL DATABASE
 #=================================================
 ynh_script_progression --message="Restoring the MySQL database..." --weight=1
 ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql
 #=================================================
 # RESTORE SYSTEM CONFIGURATIONS
 #=================================================
 # RESTORE THE PHP-FPM CONFIGURATION
 #=================================================
 ynh_script_progression --message="Restoring system configurations related to $app..." --weight=1
 # This should be a symetric version of what happens in the install script
 ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
 ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
 ynh_restore_file --origin_path="/etc/systemd/system/$app.service"
 systemctl enable $app.service --quiet
-yunohost service add $app --description="A short description of the app" --log="/var/log/$app/$app.log"
+yunohost service add $app --description="Ladder Paywall Remover" --log="/var/log/$app/$app.log"
 ynh_restore_file --origin_path="/etc/logrotate.d/$app"
 ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf"
 ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf"
 ynh_systemd_action --action=restart --service_name=fail2ban
 # Other various files...
 ynh_restore_file --origin_path="/etc/cron.d/$app"
 ynh_restore_file --origin_path="/etc/$app/"
 #=================================================
 # GENERIC FINALIZATION
 #=================================================
-# RELOAD NGINX AND PHP-FPM OR THE APP SERVICE
+# RELOAD NGINX AND THE APP SERVICE
 #=================================================
 ynh_script_progression --message="Reloading NGINX web server and $app's service..." --weight=1
 # Typically you only have either $app or php-fpm but not both at the same time...
 ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
 ynh_systemd_action --service_name=php$phpversion-fpm --action=reload
 ynh_systemd_action --service_name=nginx --action=reload
--- a/scripts/upgrade
+++ b/scripts/upgrade
@ -9,51 +9,8 @@
 source _common.sh
 source /usr/share/yunohost/helpers
 # Settings are automatically loaded as bash variables
 # in every app script context, therefore typically these will exist:
 # - $domain
 # - $path
 # - $language
 # - $install_dir
 # - $port
 # ...
 # In the context of upgrade,
 # - resources are automatically provisioned / updated / deleted (depending on existing resources)
 # - a safety backup is automatically created by the core and will be restored if the upgrade fails
 ### This helper will compare the version of the currently installed app and the version of the upstream package.
 ### $upgrade_type can have 2 different values
 ### - UPGRADE_APP if the upstream app version has changed
 ### - UPGRADE_PACKAGE if only the YunoHost package has changed
 ### ynh_check_app_version_changed will stop the upgrade if the app is up to date.
 ### UPGRADE_APP should be used to upgrade the core app only if there's an upgrade to do.
 upgrade_type=$(ynh_check_app_version_changed)
 #=================================================
 # STANDARD UPGRADE STEPS
 #=================================================
 # ENSURE DOWNWARD COMPATIBILITY
 #=================================================
 #ynh_script_progression --message="Ensuring downward compatibility..." --weight=1
 #
 # N.B. : the following setting migration snippets are provided as *EXAMPLES*
 # of what you may want to do in some cases (e.g. a setting was not defined on
 # some legacy installs and you therefore want to initiaze stuff during upgrade)
 #
 # If db_name doesn't exist, create it
 #if [ -z "$db_name" ]; then
 #	db_name=$(ynh_sanitize_dbid --db_name=$app)
 #	ynh_app_setting_set --app=$app --key=db_name --value=$db_name
 #fi
 # If install_dir doesn't exist, create it
 #if [ -z "$install_dir" ]; then
 #	install_dir=/var/www/$app
 #	ynh_app_setting_set --app=$app --key=install_dir --value=$install_dir
 #fi
 #=================================================
 # STOP SYSTEMD SERVICE
@ -88,45 +45,14 @@ ynh_script_progression --message="Upgrading system configurations related to $ap
 # This should be a literal copypaste of what happened in the install's "System configuration" section
 ynh_add_fpm_config
 ynh_add_nginx_config
 ynh_add_systemd_config
-yunohost service add $app --description="A short description of the app" --log="/var/log/$app/$app.log"
+yunohost service add $app --description="Ladder Paywall Remover" --log="/var/log/$app/$app.log"
 ynh_use_logrotate --non-append
 ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login"
 #=================================================
 # RECONFIGURE THE APP (UPDATE CONF, APPLY MIGRATIONS...)
 #=================================================
 # UPDATE A CONFIG FILE
 #=================================================
 ynh_script_progression --message="Updating a configuration file..." --weight=1
 ### Same as during install
 ###
 ### The file will automatically be backed-up if it's found to be manually modified (because
 ### ynh_add_config keeps track of the file's checksum)
 ynh_add_config --template="some_config_file" --destination="$install_dir/some_config_file"
 # FIXME: this should be handled by the core in the future
 # You may need to use chmod 600 instead of 400,
 # for example if the app is expected to be able to modify its own config
 chmod 400 "$install_dir/some_config_file"
 chown $app:$app "$install_dir/some_config_file"
 ### For more complex cases where you want to replace stuff using regexes,
 ### you shoud rely on ynh_replace_string (which is basically a wrapper for sed)
 ### When doing so, you also need to manually call ynh_store_file_checksum
 ###
 ### ynh_replace_string --match_string="match_string" --replace_string="replace_string" --target_file="$install_dir/some_config_file"
 ### ynh_store_file_checksum --file="$install_dir/some_config_file"
 #=================================================
 # START SYSTEMD SERVICE
 #=================================================
		`@ -1 +1 @@`
			`This is a dummy disclaimer to display after upgrades`				`The upgrade was successful.`
		`@ -1 +1 @@`
			`This is a dummy disclaimer to display prior to the install`				`If your instance will be publicly accessible, make sure to enable Basic Auth. This will prevent unauthorized users from using your proxy. If you do not enable Basic Auth, anyone can use your proxy to browse nasty/illegal stuff. And you will be responsible for it.`
		`@ -1 +1 @@`
			`Ceci est un faux disclaimer à présenter avant l'installation`				`Si votre instance est destinée à être accessible publiquement, assurez-vous d'activer l'authentification de base (Basic Auth). Cela empêchera les utilisateurs non autorisés d'utiliser votre proxy. Si vous n'activez pas l'authentification de base, n'importe qui peut utiliser votre proxy pour accéder à du contenu désagréable/illégal. Vous en seriez alors responsable.`
		`@ -1 +1 @@`
			`This is a dummy disclaimer to display prior to any upgrade`				`You are about to upgrade Ladder.`