Merge pull request #55 from YunoHost-Apps/patch

0.23
2024-09-03 19:36:12 +02:00 · 2021-06-22 08:42:24 +02:00 · 2021-06-22 08:42:24 +02:00 · 9580ccd7a8
commit 9580ccd7a8
parent 47721e8411 d38e85e871
18 changed files with 436 additions and 203 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,2 +0,0 @@
 *~
 *.swp
--- a/.travis.yml
+++ b/.travis.yml
@ -1,7 +0,0 @@
 language: python
 before_install:
  - git clone https://github.com/YunoHost/package_linter /tmp/package_linter
 script:
 - /tmp/package_linter/package_linter.py ./
--- a/README.md
+++ b/README.md
@ -1,51 +1,43 @@
 <!--
 N.B.: This README was automatically generated by https://github.com/YunoHost/apps/tree/master/tools/README-generator
 It shall NOT be edited by hand.
 -->
 # Lstu for YunoHost
 [![Integration level](https://dash.yunohost.org/integration/lstu.svg)](https://dash.yunohost.org/appci/app/lstu) ![](https://ci-apps.yunohost.org/ci/badges/lstu.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/lstu.maintain.svg)  
 [![Install Lstu with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=lstu)
 *[Lire ce readme en français.](./README_fr.md)*
 > *This package allows you to install Lstu quickly and simply on a YunoHost server.
 If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/install) to learn how to install it.*
 ## Overview
 Lstu means Let's Shorten That URL.
-**Shipped version:** 0.22-0
+URL Shortener
 **Shipped version:** 0.23-0~ynh1
 **Demo:** https://lstu.fr
 ## Screenshots
-![](LSTU_screenshot.png)
+![](./doc/screenshots/LSTU_screenshot.png)
-## Demo
+## Disclaimers / important information
 * [Official demo](https://lstu.fr)
 ## Configuration
 How to configure this app: a plain file at `/var/www/lstu/lstu.conf` with SSH.
-## Documentation
+## Documentation and resources
- * Official documentation: https://framagit.org/fiat-tux/hat-softwares/lstu/wikis/home
+* Official app website: https://lstu.fr
-
+* Official admin documentation: https://framagit.org/fiat-tux/hat-softwares/lstu/wikis/home
-## YunoHost specific features
+* Upstream app code repository: https://framagit.org/fiat-tux/hat-softwares/lstu
-
+* YunoHost documentation for this app: https://yunohost.org/app_lstu
-#### Multi-user support
+* Report a bug: https://github.com/YunoHost-Apps/lstu_ynh/issues
 * Are LDAP and HTTP auth supported? **Yes**  
 * Can the app be used by multiple users? **Yes**
 #### Supported architectures
 * x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/lstu%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/lstu/)
 * ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/lstu%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/lstu/)
 ## Links
 * Report a bug: https://github.com/YunoHost-Apps/lstu_ynh/issues
 * Upstream app repository: https://framagit.org/fiat-tux/hat-softwares/lstu
 * YunoHost website: https://yunohost.org/
 ---
 ## Developer info
@ -58,8 +50,4 @@ or
 sudo yunohost app upgrade lstu -u https://github.com/YunoHost-Apps/lstu_ynh/tree/testing --debug
 ```
-## Todo
+**More info regarding app packaging:** https://yunohost.org/packaging_apps
 - [ ] Allow to choose the database (sqlite or PostgreSQL)
 - [ ] Allow to choose to use Minion
 - [ ] Add CI stuff
--- a/README_fr.md
+++ b/README_fr.md
@ -0,0 +1,49 @@
 # Lstu pour YunoHost
 [![Niveau d'intégration](https://dash.yunohost.org/integration/lstu.svg)](https://dash.yunohost.org/appci/app/lstu) ![](https://ci-apps.yunohost.org/ci/badges/lstu.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/lstu.maintain.svg)  
 [![Installer Lstu avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=lstu)
 *[Read this readme in english.](./README.md)*
 *[Lire ce readme en français.](./README_fr.md)*
 > *Ce package vous permet d'installer Lstu rapidement et simplement sur un serveur YunoHost.
 Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.*
 ## Vue d'ensemble
 Raccourcisseur d'URL
 **Version incluse :** 0.23-0~ynh1
 **Démo :** https://lstu.fr
 ## Captures d'écran
 ![](./doc/screenshots/LSTU_screenshot.png)
 ## Avertissements / informations importantes
 ## Configuration
 Comment configurer cette application : un fichier simple à `/var/www/lstu/lstu.conf` avec SSH.
 ## Documentations et ressources
 * Site officiel de l'app : https://lstu.fr
 * Documentation officielle de l'admin : https://framagit.org/fiat-tux/hat-softwares/lstu/wikis/home
 * Dépôt de code officiel de l'app : https://framagit.org/fiat-tux/hat-softwares/lstu
 * Documentation YunoHost pour cette app : https://yunohost.org/app_lstu
 * Signaler un bug : https://github.com/YunoHost-Apps/lstu_ynh/issues
 ## Informations pour les développeurs
 Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/lstu_ynh/tree/testing).
 Pour essayer la branche testing, procédez comme suit.
 ```
 sudo yunohost app install https://github.com/YunoHost-Apps/lstu_ynh/tree/testing --debug
 ou
 sudo yunohost app upgrade lstu -u https://github.com/YunoHost-Apps/lstu_ynh/tree/testing --debug
 ```
 **Plus d'infos sur le packaging d'applications :** https://yunohost.org/packaging_apps
--- a/18
+++ b/18
@ -1,11 +1,11 @@
 ;; Nom du test
 	auto_remove=1
 	; Manifest
-		domain="domain.tld"	(DOMAIN)
+		domain="domain.tld"
-		path="/path"	(PATH)
+		path="/path"
-		is_public=1 (PUBLIC|public=1|private=0)
+		is_public=1
-		theme="milligram" (THEME)
+		theme="milligram"
-		password="verysecretpassword" (PASSWORD)
+		password="verysecretpassword"
 	; Checks
 		pkg_linter=1
 		setup_sub_dir=1
@ -14,11 +14,11 @@
 		setup_private=1
 		setup_public=1
 		upgrade=1
-		upgrade=1        from_commit=2d33783907d6de4486ac9e954ebc4b4028e11de8
+		#Merge pull request #52
 		upgrade=1        from_commit=469fb267ebc496d2c63b10de35aaf3493ce8124f
 		backup_restore=1
 		multi_instance=1
 		port_already_use=1 (8095)
 		change_url=1
 ;;; Upgrade options
-	; commit=2d33783907d6de4486ac9e954ebc4b4028e11de8
+	; commit=469fb267ebc496d2c63b10de35aaf3493ce8124f
-		name=0.21-4~ynh4
+		name=Merge pull request #52
--- a/conf/app.src
+++ b/conf/app.src
@ -1,5 +1,5 @@
-SOURCE_URL=https://framagit.org/fiat-tux/hat-softwares/lstu/-/archive/0.22-0/lstu-0.22-0.tar.gz
+SOURCE_URL=https://framagit.org/fiat-tux/hat-softwares/lstu/-/archive/0.23-0/lstu-0.23-0.tar.gz
-SOURCE_SUM=644315d3a5af0fb5ec1e44c62fdb4f57d8985db75f70e4055eab5993dd405313
+SOURCE_SUM=77bbe521403da22db2753fbeb4939a2decb220e0a21e88b4754a774a9a217c6d
 SOURCE_SUM_PRG=sha256sum
 SOURCE_FORMAT=tar.gz
 SOURCE_IN_SUBDIR=true
--- a/conf/lstu.conf.ldap
+++ b/conf/lstu.conf.ldap
@ -0,0 +1,268 @@
 # vim:set sw=4 ts=4 sts=4 ft=perl expandtab:
 {
    ####################
    # Hypnotoad settings
    ####################
    # see http://mojolicio.us/perldoc/Mojo/Server/Hypnotoad for a full list of settings
    hypnotoad => {
        # array of IP addresses and ports you want to listen to
        listen => ['http://127.0.0.1:__PORT__'],
        # if you use Lstu behind a reverse proxy like Nginx, you want to set proxy to 1
        # if you use Lstu directly, let it commented
        #proxy  => 1,
    },
    # put a way to contact you here and uncomment it
    # MANDATORY
    contact => 'webmaster@__DOMAIN__',
    # array of random strings used to encrypt cookies
    # optional, default is ['fdjsofjoihrei'], PLEASE, CHANGE IT
    secrets => ['__SECRET__'],
    # secret passphrase to access some admin features
    # If you don't want to have a plain text password in configuration,
    # use hashed_adminpwd instead
    # optional, but you won't have access to admin /stats if not set and if hashed_adminpwd is not set either
    #adminpwd      => 's3cr3T',
    # secret hashed passphrase to access some admin features
    # Hash your password by issuing `echo -n s3cr3T | sha256sum` on your terminal
    # optional, but you won't have access to admin /stats if not set and if adminpwd is not set either
    hashed_adminpwd => '__HASHED_PASSWORD__',
    # choose a theme. See the available themes in `themes` directory
    # optional, default is 'default'
    theme         => '__THEME__', # default or milligram
    # number of URLs to be displayed per page in /stats
    # optional, default is 10
    page_offset   => 10,
    # length of the random URL
    # optional, default is 8
    length            => 8,
    # how many URLs will be provisioned in a batch ?
    # optional, default is 5
    #provis_step       => 5,
    # max number of URLs to be provisioned
    # optional, default is 100
    #provisioning      => 100,
    # URL sub-directory in which you want Lstu to be accessible
    # example: you want to have Lstu under https://example.org/lstu/
    # => set prefix to '/lstu' or to '/lstu/', it doesn't matter
    # optional, defaut is /
    prefix       => '__PATH__',
    # array of authorized domains for API calls.
    # if you want to authorize everyone to use the API: ['*']
    # optional, no domains allowed by default
    #allowed_domains   => ['http://1.example.com', 'http://2.example.com'],
    # if set, the shortened URLs will use this domain
    # optional
    #fixed_domain => 'example.org',
    # choose what database you want to use
    # valid choices are sqlite, postgresql and mysql (all lowercase)
    # optional, default is sqlite
    dbtype => 'postgresql',
    # SQLite ONLY - only used if dbtype is set to sqlite
    # define a path to the SQLite database
    # you can define it relative to lstu directory or set an absolute path
    # remember that it has to be in a directory writable by Lstu user
    # optional, default is lstu.db
    #db_path           => 'lstu.db',
    # PostgreSQL ONLY - only used if dbtype is set to postgresql
    # these are the credentials to access the PostgreSQL database
    # mandatory if you choosed postgresql as dbtype
    pgdb => {
        database => '__DB_NAME__',
        host     => 'localhost',
        # optional, default is 5432
        #port     => 5432,
        user     => '__DB_USER__',
        pwd      => '__DB_PWD__',
        # optional, default is 1
        #max_connections => 1,
    },
    # MySQL ONLY - only used if dbtype is set to mysql
    # these are the credentials to access the MySQL database
    # mandatory if you choosed mysql as dbtype
    #mysqldb => {
    #    database => 'lstu',
    #    host     => 'localhost',
    #    # optional, default is 3306
    #    #port     => 3306,
    #    user     => 'DBUSER',
    #    pwd      => 'DBPASSWORD',
    #    # optional, default is 5 (set to 0 to disable persistent connections)
    #    #max_connections => 5,
    #},
    # Rate-limiting for the API
    # After ban_min_strike requests in a second, the IP address will be
    # banned for one hour.
    # If it continues to query the API during this ban time at least
    # ban_min_strike times, it will be banned for a month.
    # optional, default is 3
    ban_min_strike    => 3,
    # Ban whitelist
    # You can whitelist IP addresses to prevent you from being banned
    # Be careful, the IP addresses are compared as string, not as IP addresses
    # a network range will not work
    # Example of valid input: ban_whitelist => ['198.51.100.42', '2001:0DB8::42'],¬
    # optional, default is an empty array
    #ban_whitelist => [],
    # Ban blacklist
    # You can blacklist IP addresses to always ban those IP addresses
    # Be careful, the IP addresses are compared as string, not as IP addresses
    # a network range will not work
    # Example of valid input: ban_blacklist => ['198.51.100.42', '2001:0DB8::42'],¬
    # optional, default is an empty array
    #ban_blacklist => [],
    # define an URL to the Piwik instance and the ID of a website to track
    # set if you want to track views in Piwik
    # optional, Piwik tracking is disabled by default
    #piwik => {
    #    url    => 'http://piwik.example.com',
    #    idsite => '1',
    #},
    # use Minion instead of directly increase counters
    # need to launch a minion worker service if enabled
    # optional, Minion is disabled by default
    # It will use the same DB type as Lstu: sqlite if you choose sqlite for `dbtype`,
    # postgresql for postgresql, etc.
    #minion => {
    #    enabled => 0,
    #    # SQLite ONLY - only used if if you choose sqlite as DB type,
    #    # define the path to the minion database
    #    # you can define it relative to lstu directory or set an absolute path
    #    # remember that it has to be in a directory writable by Lutim user
    #    # optional, default is minion.db
    #    db_path => 'minion.db',
    #    # PostgreSQL ONLY - only used if you choose postgresql as DB type
    #    # these are the credentials to access the Minion's PostgreSQL database
    #    # mandatory if you choosed postgresql as DB type, no default
    #    pgdb => {
    #        database => 'lstu_minion',
    #        host     => 'localhost',
    #        # optional, default is 5432
    #        #port     => 5432,
    #        user     => 'DBUSER',
    #        pwd      => 'DBPASSWORD'
    #    },
    #    # MySQL ONLY - only used if you choose mysql as DB type
    #    # these are the credentials to access the Minion's MySQL database
    #    # mandatory if you choosed mysql as DB type, no default
    #    mysqldb => {
    #        database => 'lstu_minion',
    #        host     => 'localhost',
    #        # optional, default is 3306
    #        #port     => 3306,
    #        user     => 'DBUSER',
    #        pwd      => 'DBPASSWORD',
    #    },
    #},
    # set `ldap` if you want that only authenticated users can shorten URLs
    # please note that everybody can still use shortend URLs
    # optional, no default
    ldap => {
        uri         => 'ldap://localhost:389',          # server URI
        user_tree   => 'dc=yunohost,dc=org',            # search base DN
        bind_dn     => 'ou=users,dc=yunohost,dc=org',   # search bind DN
    #   bind_pwd    => '',                              # search bind password
        user_attr   => 'uid',                           # user attribute (uid, mail, sAMAccountName, etc.)
    #   user_filter => '(!(uid=ldap_user))',           # user filter (to exclude some users, etc.)
    },
    # set `htpasswd` if you want to use an htpasswd file instead of ldap
    # create the file with `htpasswd -c lstu.passwd user`, update it with `htpasswd lstu.passwd user2`
    # make sure that lstu can read the file!
    # optional, no default
    #htpasswd => 'lstu.passwd',
    # if you've set ldap or htpasswd above, the session will last `session_duration` seconds before
    # the user needs to reauthenticate
    # optional, default is 3600
    #session_duration => 3600,
    # how many redirections are allowed for the shortened URL before considering it as a spam?
    # optional, default is 2. Set to -1 to allow infinite redirections (not recommended)
    #max_redir => 2,
    # spam blacklist regex. All URLs (or redirection) whose host part matches this regex are considered as spam
    # optional, no default
    #spam_blacklist_regex => 'foo|bar',
    # spam path blacklist regex. All URLs (or redirection) whose path part matches this regex are considered as spam
    # optional, no default
    #spam_path_blacklist_regex => 'foo|bar',
    # spam whitelist regex. All URLs (or redirection) whose host part matches this regex will never be considered as spam
    # optional, no default
    #spam_whitelist_regex => 'foo|bar',
    # set to 1 to skip SpamHaus check (not recommended)
    # optional, default is 0
    #skip_spamhaus => 0,
    # put your Google API key to enable Google safebrowsing check
    # This will allow Lstu to download the Google safebrowsing database and use a local copy to check the URLs.
    # Google does not get the URLs that are checked.
    # Instructions to get a key: https://developers.google.com/safe-browsing/v4/get-started
    # TL;DR: https://console.developers.google.com/projectselector/apis/library
    # optional, no default
    #safebrowsing_api_key => '',
    # array of memcached servers to cache URL in order to accelerate responses to often-viewed URL.
    # If set to [], the cache is disabled
    # optional, default is []
    #memcached_servers => [],
    # Content-Security-Policy header that will be sent by Lstu
    # Set to '' to disable CSP header
    # https://content-security-policy.com/ provides a good documentation about CSP.
    # https://report-uri.com/home/generate provides a tool to generate a CSP header.
    # optional, default is "default-src 'none'; script-src 'self'; style-src 'self'; img-src 'self' data:; font-src 'self'; form-action 'self'; base-uri 'self'"
    # the default value is good for `default` and `milligram` themes
    #csp => "default-src 'none'; script-src 'self'; style-src 'self'; img-src 'self' data:; font-src 'self'; form-action 'self'; base-uri 'self'",
    # X-Frame-Options header that will be sent by Lstu
    # Valid values are: 'DENY', 'SAMEORIGIN', 'ALLOW-FROM https://example.com/'
    # Set to '' to disable X-Frame-Options header
    # See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
    # Please note that this will add a "frame-ancestors" directive to the CSP header (see above) accordingly
    # to the chosen setting (See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-ancestors)
    # optional, default is 'DENY'
    #x_frame_options => 'DENY',
    # X-Content-Type-Options that will be sent by Lstu
    # See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
    # Set to '' to disable X-Content-Type-Options header
    # optional, default is 'nosniff'
    #x_content_type_options => 'nosniff',
    # X-XSS-Protection that will be sent by Lstu
    # See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection
    # Set to '' to disable X-XSS-Protection header
    # optional, default is '1; mode=block'
    #x_xss_protection => '1; mode=block',
    # Log creator's IP address
    # Set to 1 if you want to register the IP addresses of URL creators
    # optional, default is 0
    #log_creator_ip => 0,
 };
--- a/conf/lstu.conf.template
+++ b/conf/lstu.conf.template
@ -29,11 +29,11 @@
    # secret hashed passphrase to access some admin features
    # Hash your password by issuing `echo -n s3cr3T | sha256sum` on your terminal
    # optional, but you won't have access to admin /stats if not set and if adminpwd is not set either
-    hashed_adminpwd => '__PASSWORD_HASHED__',
+    hashed_adminpwd => '__HASHED_PASSWORD__',
    # choose a theme. See the available themes in `themes` directory
    # optional, default is 'default'
-    theme         => '__SELECTED_THEME__', # default or milligram
+    theme         => '__THEME__', # default or milligram
    # number of URLs to be displayed per page in /stats
    # optional, default is 10
@ -178,14 +178,14 @@
    # set `ldap` if you want that only authenticated users can shorten URLs
    # please note that everybody can still use shortend URLs
    # optional, no default
-    __IS_PUBLIC__ldap => {
+    #ldap => {
-    __IS_PUBLIC__    uri         => 'ldap://localhost:389',          # server URI
+    #   uri         => 'ldap://localhost:389',          # server URI
-    __IS_PUBLIC__    user_tree   => 'dc=yunohost,dc=org',            # search base DN
+    #    user_tree   => 'dc=yunohost,dc=org',            # search base DN
-    __IS_PUBLIC__    bind_dn     => 'ou=users,dc=yunohost,dc=org',   # search bind DN
+    #    bind_dn     => 'ou=users,dc=yunohost,dc=org',   # search bind DN
-    __IS_PUBLIC__#   bind_pwd    => '',                              # search bind password
+    #    bind_pwd    => '',                              # search bind password
-    __IS_PUBLIC__    user_attr   => 'uid',                           # user attribute (uid, mail, sAMAccountName, etc.)
+    #    user_attr   => 'uid',                           # user attribute (uid, mail, sAMAccountName, etc.)
-    __IS_PUBLIC__#    user_filter => '(!(uid=ldap_user))',           # user filter (to exclude some users, etc.)
+    #    user_filter => '(!(uid=ldap_user))',           # user filter (to exclude some users, etc.)
-    __IS_PUBLIC__},
+    #},
    # set `htpasswd` if you want to use an htpasswd file instead of ldap
    # create the file with `htpasswd -c lstu.passwd user`, update it with `htpasswd lstu.passwd user2`
--- a/doc/DISCLAIMER.md
+++ b/doc/DISCLAIMER.md
@ -0,0 +1,3 @@
 ## Configuration
 How to configure this app: a plain file at `/var/www/lstu/lstu.conf` with SSH.
--- a/doc/DISCLAIMER_fr.md
+++ b/doc/DISCLAIMER_fr.md
@ -0,0 +1,3 @@
 ## Configuration
 Comment configurer cette application : un fichier simple à `/var/www/lstu/lstu.conf` avec SSH.
--- a/doc/screenshots/LSTU_screenshot.png
+++ b/doc/screenshots/LSTU_screenshot.png
--- a/manifest.json
+++ b/manifest.json
@ -6,15 +6,22 @@
 		"en": "URL Shortener",
 		"fr": "Raccourcisseur d'URL"
 	},
-	"version": "0.22-0~ynh2",
+	"version": "0.23-0~ynh1",
 	"url": "https://lstu.fr",
 	"upstream": {
        "license": "WTFPL",
        "website": "https://lstu.fr",
        "demo": "https://lstu.fr",
        "admindoc": "https://framagit.org/fiat-tux/hat-softwares/lstu/wikis/home",
        "code": "https://framagit.org/fiat-tux/hat-softwares/lstu"
    },
 	"license": "WTFPL",
 	"maintainer": {
 		"name": "frju365",
 		"email": "abld@abld.info"
 	},
 	"requirements": {
-        "yunohost": ">= 4.0"
+        "yunohost": ">= 4.2.4"
 	},
 	"multi_instance": true,
 	"services": [
@ -25,29 +32,17 @@
 			{
 				"name": "domain",
 				"type": "domain",
 				"ask": {
 					"en": "Choose a domain for Lstu",
 					"fr": "Choisissez un domaine pour Lstu"
 				},
 				"example": "domain.org"
 			},
 			{
 				"name": "path",
 				"type": "path",
 				"ask": {
 					"en": "Choose a path for Lstu",
 					"fr": "Choisissez un chemin pour Lstu"
 				},
 				"example": "/lstu",
 				"default": "/lstu"
 			},
 			{
 				"name": "is_public",
 				"type": "boolean",
 				"ask": {
 					"en": "Is it a public application?",
 					"fr": "Est-ce une application publique ?"
 				},
 				"default": false
 			},
 			{
@ -66,10 +61,7 @@
 			{
 				"name": "password",
 				"type": "password",
-				"ask": {
+				"example": "Choose a password"
 					"en": "Choose a password",
 					"fr": "Choisissez un mot de passe"
 				}
 			}
 		]
 	}
--- a/scripts/actions/change_password
+++ b/scripts/actions/change_password
@ -49,7 +49,7 @@ ynh_app_setting_set $app hashed_password $hashed_password
 # RELOAD NGINX
 #=================================================
-ynh_systemd_action -n $app -a reload -l "Reloaded Shortened URLs service." -p "systemd"
+ynh_systemd_action --service_name=$app --action="reload" --log_path="systemd" --line_match="Server available at"
 #=================================================
 # END OF SCRIPT
--- a/scripts/actions/change_theme
+++ b/scripts/actions/change_theme
@ -48,7 +48,7 @@ ynh_app_setting_set $app theme $theme
 # RELOAD NGINX
 #=================================================
-ynh_systemd_action -n $app -a reload -l "Reloaded Shortened URLs service." -p "systemd"
+ynh_systemd_action --service_name=$app --action="reload" --log_path="systemd" --line_match="Server available at"
 #=================================================
 # END OF SCRIPT
--- a/scripts/actions/public_private
+++ b/scripts/actions/public_private
@ -50,25 +50,12 @@ fi
 # MOVE TO PUBLIC OR PRIVATE
 #=================================================
 ynh_backup_if_checksum_is_different "$final_path/lstu.conf"
 cp conf/lstu.conf.template "${final_path}/lstu.conf"
 ynh_replace_string "__DOMAIN__" "$domain" "${final_path}/lstu.conf"
 ynh_replace_string "__PATH__" "$path_url" "${final_path}/lstu.conf"
 ynh_replace_string "__PORT__" "$port" "${final_path}/lstu.conf"
 ynh_replace_string "__DB_NAME__" "$db_name"  "${final_path}/lstu.conf"
 ynh_replace_string "__DB_USER__" "$db_user"  "${final_path}/lstu.conf"
 ynh_replace_string "__DB_PWD__" "$db_pwd" "${final_path}/lstu.conf"
 ynh_replace_string "__SELECTED_THEME__" "$theme" "${final_path}/lstu.conf"
 ynh_replace_string "__PASSWORD_HASHED__" "$hashed_password" "${final_path}/lstu.conf"
 ynh_replace_string "__SECRET__" "$secret" "${final_path}/lstu.conf"
 if [ $is_public -eq 0 ];
 then
-	ynh_replace_string "__IS_PUBLIC__" "" "${final_path}/lstu.conf"
+	ynh_add_config --template="../conf/lstu.conf.ldap" --destination="$final_path/lstu.conf"
 else
-	ynh_replace_string "__IS_PUBLIC__" "#" "${final_path}/lstu.conf"
+	ynh_add_config --template="../conf/lstu.conf.template" --destination="$final_path/lstu.conf"
 fi
 ynh_store_file_checksum "${final_path}/lstu.conf"
 if [ $is_public -eq 0 ]; then
 	public_private="private"
@ -100,7 +87,7 @@ ynh_app_setting_set $app is_public $is_public
 # RELOAD NGINX
 #=================================================
-ynh_systemd_action -n $app -a reload -l "Reloaded Shortened URLs service." -p "systemd"
+ynh_systemd_action --service_name=$app --action="reload" --log_path="systemd" --line_match="Server available at"
 #=================================================
 # END OF SCRIPT
--- a/scripts/install
+++ b/scripts/install
@ -85,7 +85,14 @@ db_name=$(ynh_sanitize_dbid --db_name=$app)
 db_user=$db_name
 ynh_app_setting_set --app=$app --key=db_name --value=$db_name
 ynh_psql_setup_db --db_user=$db_user --db_name=$db_name
-db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd) # Password created in ynh_psql_setup_db function
+
 #=================================================
 # CREATE DEDICATED USER
 #=================================================
 ynh_script_progression --message="Configuring system user..."
 # Create a system user
 ynh_system_user_create --username=$app --home_dir="$final_path"
 #=================================================
 # DOWNLOAD, CHECK AND UNPACK SOURCE
@ -96,6 +103,10 @@ ynh_app_setting_set --app=$app --key=final_path --value=$final_path
 # Download, check integrity, uncompress and patch the source from app.src
 ynh_setup_source --dest_dir="$final_path"
 chmod 750 "$final_path"
 chmod -R o-rwx "$final_path"
 chown -R $app:www-data "$final_path"
 #=================================================
 # NGINX CONFIGURATION
 #=================================================
@ -104,14 +115,6 @@ ynh_script_progression --message="Configuring NGINX web server..."
 # Create a dedicated nginx config
 ynh_add_nginx_config
 #=================================================
 # CREATE DEDICATED USER
 #=================================================
 ynh_script_progression --message="Configuring system user..."
 # Create a system user
 ynh_system_user_create --username=$app
 #=================================================
 # SPECIFIC SETUP
 #=================================================
@ -119,27 +122,13 @@ ynh_system_user_create --username=$app
 #=================================================
 ynh_script_progression --message="Configuring Lstu..."
 config="${final_path}/lstu.conf"
 cp ../conf/lstu.conf.template "$config"
 ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$config"
 ynh_replace_string --match_string="__PATH__" --replace_string="$path_url" --target_file="$config"
 ynh_replace_string --match_string="__PORT__" --replace_string="$port" --target_file="$config"
 ynh_replace_string --match_string="__DB_NAME__" --replace_string="$db_name" --target_file="$config"
 ynh_replace_string --match_string="__DB_USER__" --replace_string="$db_user" --target_file="$config"
 ynh_replace_string --match_string="__DB_PWD__" --replace_string="$db_pwd" --target_file="$config"
 ynh_replace_string --match_string="__SELECTED_THEME__" --replace_string="$theme" --target_file="$config"
 ynh_replace_string --match_string="__PASSWORD_HASHED__" --replace_string="$hashed_password" --target_file="$config"
 ynh_replace_string --match_string="__SECRET__" --replace_string="$secret" --target_file="$config"
 if [ $is_public -eq 0 ];
 then
-	ynh_replace_string --match_string="__IS_PUBLIC__" --replace_string="" --target_file="$config"
+	ynh_add_config --template="../conf/lstu.conf.ldap" --destination="$final_path/lstu.conf"
 else
-	ynh_replace_string --match_string="__IS_PUBLIC__" --replace_string="#" --target_file="$config"
+	ynh_add_config --template="../conf/lstu.conf.template" --destination="$final_path/lstu.conf"
 fi
 ynh_store_file_checksum --file="$config"
 #=================================================
 # INSTALL LSTU
 #=================================================
@ -157,16 +146,6 @@ ynh_script_progression --message="Configuring a systemd service..."
 # Create a dedicated systemd config
 ynh_add_systemd_config
 #=================================================
 # GENERIC FINALIZATION
 #=================================================
 # SECURE FILES AND DIRECTORIES
 #=================================================
 ynh_script_progression --message="Securing files and directories..."
 # Set permissions to app files
 chown -R $app: $final_path
 #=================================================
 # SETUP LOGROTATE
 #=================================================
@ -193,9 +172,10 @@ ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --l
 #=================================================
 # SETUP SSOWAT
 #=================================================
-ynh_script_progression --message="Configuring SSOwat..."
+ynh_script_progression --message="Configuring permissions..."
 ynh_permission_update --permission="main" --add="visitors"
 ynh_app_setting_set --app=$app --key=unprotected_uris --value="/"
 if [ $is_public -eq 0 ]
 then
 	# If the app is private, only the shortened URLs are publics.
--- a/scripts/restore
+++ b/scripts/restore
@ -53,6 +53,14 @@ ynh_script_progression --message="Restoring the NGINX configuration..."
 ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
 #=================================================
 # RECREATE THE DEDICATED USER
 #=================================================
 ynh_script_progression --message="Recreating the dedicated system user..."
 # Create the dedicated user (if not existing)
 ynh_system_user_create --username=$app --home_dir="$final_path"
 #=================================================
 # RESTORE THE APP MAIN DIR
 #=================================================
@ -60,21 +68,9 @@ ynh_script_progression --message="Restoring the app main directory..."
 ynh_restore_file --origin_path="$final_path"
-#=================================================
+chmod 750 "$final_path"
-# RECREATE THE DEDICATED USER
+chmod -R o-rwx "$final_path"
-#=================================================
+chown -R $app:www-data "$final_path"
 ynh_script_progression --message="Recreating the dedicated system user..."
 # Create the dedicated user (if not existing)
 ynh_system_user_create --username=$app
 #=================================================
 # RESTORE USER RIGHTS
 #=================================================
 ynh_script_progression --message="Restoring user rights..."
 # Restore permissions on app files
 chown -R $app: $final_path
 #=================================================
 # SPECIFIC RESTORATION
--- a/scripts/upgrade
+++ b/scripts/upgrade
@ -40,15 +40,6 @@ upgrade_type=$(ynh_check_app_version_changed)
 #=================================================
 ynh_script_progression --message="Ensuring downward compatibility..."
 # Fix is_public as a boolean value
 if [ "$is_public" = "Yes" ]; then
 	ynh_app_setting_set --app=$app --key=is_public --value=1
 	is_public=1
 elif [ "$is_public" = "No" ]; then
 	ynh_app_setting_set --app=$app --key=is_public --value=0
 	is_public=0
 fi
 # If final_path doesn't exist, create it
 if [ -z "$final_path" ]; then
 	final_path=/var/www/$app
@ -97,6 +88,13 @@ then
 	ynh_exec_warn_less yunohost firewall disallow TCP $port
 fi
 # Cleaning legacy permissions
 if ynh_legacy_permissions_exists; then
 	ynh_legacy_permissions_delete_all
 	ynh_app_setting_delete --app=$app --key=is_public
 fi
 #=================================================
 # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
 #=================================================
@ -121,6 +119,14 @@ ynh_script_progression --message="Stopping a systemd service..."
 ynh_systemd_action --service_name=$app --action="stop" --log_path="systemd"
 #=================================================
 # CREATE DEDICATED USER
 #=================================================
 ynh_script_progression --message="Making sure dedicated system user exists..."
 # Create a dedicated user (if not existing)
 ynh_system_user_create --username=$app --home_dir="$final_path"
 #=================================================
 # DOWNLOAD, CHECK AND UNPACK SOURCE
 #=================================================
@ -130,9 +136,13 @@ then
 	ynh_script_progression --message="Upgrading source files..."
 	# Download, check integrity, uncompress and patch the source from app.src
-	ynh_setup_source --dest_dir="$final_path"
+	ynh_setup_source --dest_dir="$final_path" #--keep="$final_path/lstu.conf"
 fi
 chmod 750 "$final_path"
 chmod -R o-rwx "$final_path"
 chown -R $app:www-data "$final_path"
 #=================================================
 # NGINX CONFIGURATION
 #=================================================
@ -149,42 +159,17 @@ ynh_script_progression --message="Upgrading dependencies..."
 ynh_install_app_dependencies $pkg_dependencies
 #=================================================
-# CREATE DEDICATED USER
+# CONFIGURE LSTU
 #=================================================
-ynh_script_progression --message="Making sure dedicated system user exists..."
+ynh_script_progression --message="Configuring Lstu..."
 # Create a dedicated user (if not existing)
 ynh_system_user_create --username=$app
 #=================================================
 # SPECIFIC UPGRADE
 #=================================================
 # UPGRADE LSTU CONFIGURATION
 #=================================================
 ynh_script_progression --message="Upgrading lstu configuration..."
 config="${final_path}/lstu.conf"
 ynh_backup_if_checksum_is_different --file="$config"
 cp ../conf/lstu.conf.template "$config"
 ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$config"
 ynh_replace_string --match_string="__PATH__" --replace_string="$path_url" --target_file="$config"
 ynh_replace_string --match_string="__PORT__" --replace_string="$port" --target_file="$config"
 ynh_replace_string --match_string="__DB_NAME__" --replace_string="$db_name"  --target_file="$config"
 ynh_replace_string --match_string="__DB_USER__" --replace_string="$db_user"  --target_file="$config"
 ynh_replace_string --match_string="__DB_PWD__" --replace_string="$db_pwd" --target_file="$config"
 ynh_replace_string --match_string="__SELECTED_THEME__" --replace_string="$theme" --target_file="$config"
 ynh_replace_string --match_string="__PASSWORD_HASHED__" --replace_string="$hashed_password" --target_file="$config"
 ynh_replace_string --match_string="__SECRET__" --replace_string="$secret" --target_file="$config"
 if [ $is_public -eq 0 ];
 then
-	ynh_replace_string --match_string="__IS_PUBLIC__" --replace_string="" --target_file="$config"
+	ynh_add_config --template="../conf/lstu.conf.ldap" --destination="$final_path/lstu.conf"
 else
-	ynh_replace_string --match_string="__IS_PUBLIC__" --replace_string="#" --target_file="$config"
+	ynh_add_config --template="../conf/lstu.conf.template" --destination="$final_path/lstu.conf"
 fi
 ynh_store_file_checksum --file="$config"
 #=================================================
 # BUILD LSU
 #=================================================
@ -210,16 +195,6 @@ ynh_script_progression --message="Upgrading systemd configuration..."
 # Create a dedicated systemd config
 ynh_add_systemd_config
 #=================================================
 # GENERIC FINALIZATION
 #=================================================
 # SECURING FILES AND DIRECTORIES
 #=================================================
 ynh_script_progression --message="Securing files and directories..."
 # Set permissions on app files
 chown -R $app: $final_path
 #=================================================
 # INTEGRATE SERVICE IN YUNOHOST
 #=================================================
@ -232,7 +207,8 @@ yunohost service add $app --log="/var/log/$app.log" --log="/var/www/$app/log/pro
 #=================================================
 ynh_script_progression --message="Upgrading SSOwat configuration..."
-ynh_app_setting_set --app=$app --key=unprotected_uris --value="/"
+ynh_permission_update --permission="main" --add="visitors"
 if [ $is_public -eq 0 ]
 then
 	# If the app is private, only the shortened URLs are publics.
		`@ -0,0 +1,3 @@`
							`## Configuration`

							How to configure this app: a plain file at `/var/www/lstu/lstu.conf` with SSH.
		`@ -0,0 +1,3 @@`
							`## Configuration`

							Comment configurer cette application : un fichier simple à `/var/www/lstu/lstu.conf` avec SSH.