Merge pull request #59 from YunoHost-Apps/testing

Testing
2024-09-03 19:36:12 +02:00 · 2021-06-22 23:05:00 +02:00 · 2021-06-22 23:05:00 +02:00 · d0628fc10f
commit d0628fc10f
parent 469fb267eb 9580ccd7a8
21 changed files with 474 additions and 234 deletions
--- a/.github/ISSUE_TEMPLATE.md
+++ b/.github/ISSUE_TEMPLATE.md
@ -1,6 +1,6 @@
 ---
 name: Bug report
-about: Create a report to help us debug, it would be nice to fill the template as much as you can to help us, help you and help us all.
+about: When creating a bug report, please use the following template to provide all the relevant information and help debugging efficiently.
 ---
@ -8,28 +8,30 @@ about: Create a report to help us debug, it would be nice to fill the template a
 1. *Read this whole template first.*
 2. *Determine if you are on the right place:*
   - *If you were performing an action on the app from the webadmin or the CLI (install, update, backup, restore, change_url...), you are on the right place!*
-   - *Otherwise, the issue may be due to lstu itself. Refer to its documentation or repository for help.*
+   - *Otherwise, the issue may be due to the app itself. Refer to its documentation or repository for help.*
-   - *If you have a doubt, post here, we will figure it out together.*
+   - *When in doubt, post here and we will figure it out together.*
 3. *Delete the italic comments as you write over them below, and remove this guide.*
 --- 
-**Describe the bug**
+### Describe the bug
 *A clear and concise description of what the bug is.*
-**Versions**
+### Context
 - Hardware: *VPS bought online / Old laptop or computer / Raspberry Pi at home / Internet Cube with VPN / Other ARM board / ...*
 - YunoHost version: x.x.x
 - I have access to my server: *Through SSH | through the webadmin | direct access via keyboard / screen | ...*
- Are you in a special context or did you perform some particular tweaking on your YunoHost instance ?: *no / yes*
+- Are you in a special context or did you perform some particular tweaking on your YunoHost instance?: *no / yes*
  - If yes, please explain:
 - Using, or trying to install package version/branch:
 - If upgrading, current package version: *can be found in the admin, or with `yunohost app info $app_id`*
-**To Reproduce**
+### Steps to reproduce
-*Steps to reproduce the behavior.*
+
 - *If you performed a command from the CLI, the command itself is enough. For example:*
    ```sh
-    sudo yunohost app install lstu
+    sudo yunohost app install the_app
    ```
 - *If you used the webadmin, please perform the equivalent command from the CLI first.*
 - *If the error occurs in your browser, explain what you did:*
@ -38,9 +40,16 @@ about: Create a report to help us debug, it would be nice to fill the template a
   3. *Scroll down to '...'*
   4. *See error*
-**Expected behavior**
+### Expected behavior
 *A clear and concise description of what you expected to happen. You can remove this section if the command above is enough to understand your intent.*
-**Logs**
+### Logs
-*After a failed command, YunoHost makes the log available to you, but also to others, thanks to `yunohost log display [log name] --share`. The actual command, with the correct log name, is displayed at the end of the failed attempt in the CLI. Execute it and copy here the share link it outputs.*
+
 *When an operation fails, YunoHost provides a simple way to share the logs.*
 - *In the webadmin, the error message contains a link to the relevant log page. On that page, you will be able to 'Share with Yunopaste'. If you missed it, the logs of previous operations are also available under Tools > Logs.*
 - *In command line, the command to share the logs is displayed at the end of the operation and looks like `yunohost log display [log name] --share`. If you missed it, you can find the log ID of a previous operation using `yunohost log list`.*
 *After sharing the log, please copypaste directly the link provided by YunoHost (to help readability, no need to copypaste the entire content of the log here, just the link is enough...)*
 *If applicable and useful, add screenshots to help explain your problem.*
--- a/.github/PULL_REQUEST_TEMPLATE.md
+++ b/.github/PULL_REQUEST_TEMPLATE.md
@ -0,0 +1,16 @@
 ## Problem
 - *Description of why you made this PR*
 ## Solution
 - *And how do you fix that problem*
 ## PR Status
 - [ ] Code finished and ready to be reviewed/tested
 - [ ] The fix/enhancement were manually tested (if applicable)
 ## Automatic tests
 Automatic tests can be triggered on https://ci-apps-dev.yunohost.org/ *after creating the PR*, by commenting "!testme", "!gogogadgetoci" or "By the power of systemd, I invoke The Great App CI to test this Pull Request!". (N.B. : for this to work you need to be a member of the Yunohost-Apps organization)
--- a/.gitignore
+++ b/.gitignore
@ -1,2 +0,0 @@
 *~
 *.swp
--- a/.travis.yml
+++ b/.travis.yml
@ -1,7 +0,0 @@
 language: python
 before_install:
  - git clone https://github.com/YunoHost/package_linter /tmp/package_linter
 script:
 - /tmp/package_linter/package_linter.py ./
--- a/README.md
+++ b/README.md
@ -1,51 +1,43 @@
 <!--
 N.B.: This README was automatically generated by https://github.com/YunoHost/apps/tree/master/tools/README-generator
 It shall NOT be edited by hand.
 -->
 # Lstu for YunoHost
 [![Integration level](https://dash.yunohost.org/integration/lstu.svg)](https://dash.yunohost.org/appci/app/lstu) ![](https://ci-apps.yunohost.org/ci/badges/lstu.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/lstu.maintain.svg)  
 [![Install Lstu with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=lstu)
-> *This package allows you to install Lstu quickly and simply on a YunoHost server.  
+*[Lire ce readme en français.](./README_fr.md)*
 > *This package allows you to install Lstu quickly and simply on a YunoHost server.
 If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/install) to learn how to install it.*
 ## Overview
 Lstu means Let's Shorten That URL.
-**Shipped version:** 0.22-0
+URL Shortener
 **Shipped version:** 0.23-0~ynh1
 **Demo:** https://lstu.fr
 ## Screenshots
-![](LSTU_screenshot.png)
+![](./doc/screenshots/LSTU_screenshot.png)
-## Demo
+## Disclaimers / important information
 * [Official demo](https://lstu.fr)
 ## Configuration
 How to configure this app: a plain file at `/var/www/lstu/lstu.conf` with SSH.
-## Documentation
+## Documentation and resources
- * Official documentation: https://framagit.org/fiat-tux/hat-softwares/lstu/wikis/home
+* Official app website: https://lstu.fr
-
+* Official admin documentation: https://framagit.org/fiat-tux/hat-softwares/lstu/wikis/home
-## YunoHost specific features
+* Upstream app code repository: https://framagit.org/fiat-tux/hat-softwares/lstu
-
+* YunoHost documentation for this app: https://yunohost.org/app_lstu
-#### Multi-user support
+* Report a bug: https://github.com/YunoHost-Apps/lstu_ynh/issues
 * Are LDAP and HTTP auth supported? **Yes**  
 * Can the app be used by multiple users? **Yes**
 #### Supported architectures
 * x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/lstu%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/lstu/)
 * ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/lstu%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/lstu/)
 ## Links
 * Report a bug: https://github.com/YunoHost-Apps/lstu_ynh/issues
 * Upstream app repository: https://framagit.org/fiat-tux/hat-softwares/lstu
 * YunoHost website: https://yunohost.org/
 ---
 ## Developer info
@ -58,8 +50,4 @@ or
 sudo yunohost app upgrade lstu -u https://github.com/YunoHost-Apps/lstu_ynh/tree/testing --debug
 ```
-## Todo
+**More info regarding app packaging:** https://yunohost.org/packaging_apps
 - [ ] Allow to choose the database (sqlite or PostgreSQL)
 - [ ] Allow to choose to use Minion
 - [ ] Add CI stuff
--- a/README_fr.md
+++ b/README_fr.md
@ -0,0 +1,49 @@
 # Lstu pour YunoHost
 [![Niveau d'intégration](https://dash.yunohost.org/integration/lstu.svg)](https://dash.yunohost.org/appci/app/lstu) ![](https://ci-apps.yunohost.org/ci/badges/lstu.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/lstu.maintain.svg)  
 [![Installer Lstu avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=lstu)
 *[Read this readme in english.](./README.md)*
 *[Lire ce readme en français.](./README_fr.md)*
 > *Ce package vous permet d'installer Lstu rapidement et simplement sur un serveur YunoHost.
 Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.*
 ## Vue d'ensemble
 Raccourcisseur d'URL
 **Version incluse :** 0.23-0~ynh1
 **Démo :** https://lstu.fr
 ## Captures d'écran
 ![](./doc/screenshots/LSTU_screenshot.png)
 ## Avertissements / informations importantes
 ## Configuration
 Comment configurer cette application : un fichier simple à `/var/www/lstu/lstu.conf` avec SSH.
 ## Documentations et ressources
 * Site officiel de l'app : https://lstu.fr
 * Documentation officielle de l'admin : https://framagit.org/fiat-tux/hat-softwares/lstu/wikis/home
 * Dépôt de code officiel de l'app : https://framagit.org/fiat-tux/hat-softwares/lstu
 * Documentation YunoHost pour cette app : https://yunohost.org/app_lstu
 * Signaler un bug : https://github.com/YunoHost-Apps/lstu_ynh/issues
 ## Informations pour les développeurs
 Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/lstu_ynh/tree/testing).
 Pour essayer la branche testing, procédez comme suit.
 ```
 sudo yunohost app install https://github.com/YunoHost-Apps/lstu_ynh/tree/testing --debug
 ou
 sudo yunohost app upgrade lstu -u https://github.com/YunoHost-Apps/lstu_ynh/tree/testing --debug
 ```
 **Plus d'infos sur le packaging d'applications :** https://yunohost.org/packaging_apps
--- a/18
+++ b/18
@ -1,11 +1,11 @@
 ;; Nom du test
 	auto_remove=1
 	; Manifest
-		domain="domain.tld"	(DOMAIN)
+		domain="domain.tld"
-		path="/path"	(PATH)
+		path="/path"
-		is_public=1 (PUBLIC|public=1|private=0)
+		is_public=1
-		theme="milligram" (THEME)
+		theme="milligram"
-		password="verysecretpassword" (PASSWORD)
+		password="verysecretpassword"
 	; Checks
 		pkg_linter=1
 		setup_sub_dir=1
@ -14,11 +14,11 @@
 		setup_private=1
 		setup_public=1
 		upgrade=1
-		upgrade=1        from_commit=2d33783907d6de4486ac9e954ebc4b4028e11de8
+		#Merge pull request #52
 		upgrade=1        from_commit=469fb267ebc496d2c63b10de35aaf3493ce8124f
 		backup_restore=1
 		multi_instance=1
 		port_already_use=1 (8095)
 		change_url=1
 ;;; Upgrade options
-	; commit=2d33783907d6de4486ac9e954ebc4b4028e11de8
+	; commit=469fb267ebc496d2c63b10de35aaf3493ce8124f
-		name=0.21-4~ynh4
+		name=Merge pull request #52
--- a/conf/app.src
+++ b/conf/app.src
@ -1,5 +1,5 @@
-SOURCE_URL=https://framagit.org/fiat-tux/hat-softwares/lstu/-/archive/0.22-0/lstu-0.22-0.tar.gz
+SOURCE_URL=https://framagit.org/fiat-tux/hat-softwares/lstu/-/archive/0.23-0/lstu-0.23-0.tar.gz
-SOURCE_SUM=644315d3a5af0fb5ec1e44c62fdb4f57d8985db75f70e4055eab5993dd405313
+SOURCE_SUM=77bbe521403da22db2753fbeb4939a2decb220e0a21e88b4754a774a9a217c6d
 SOURCE_SUM_PRG=sha256sum
 SOURCE_FORMAT=tar.gz
 SOURCE_IN_SUBDIR=true
--- a/conf/lstu.conf.ldap
+++ b/conf/lstu.conf.ldap
@ -0,0 +1,268 @@
 # vim:set sw=4 ts=4 sts=4 ft=perl expandtab:
 {
    ####################
    # Hypnotoad settings
    ####################
    # see http://mojolicio.us/perldoc/Mojo/Server/Hypnotoad for a full list of settings
    hypnotoad => {
        # array of IP addresses and ports you want to listen to
        listen => ['http://127.0.0.1:__PORT__'],
        # if you use Lstu behind a reverse proxy like Nginx, you want to set proxy to 1
        # if you use Lstu directly, let it commented
        #proxy  => 1,
    },
    # put a way to contact you here and uncomment it
    # MANDATORY
    contact => 'webmaster@__DOMAIN__',
    # array of random strings used to encrypt cookies
    # optional, default is ['fdjsofjoihrei'], PLEASE, CHANGE IT
    secrets => ['__SECRET__'],
    # secret passphrase to access some admin features
    # If you don't want to have a plain text password in configuration,
    # use hashed_adminpwd instead
    # optional, but you won't have access to admin /stats if not set and if hashed_adminpwd is not set either
    #adminpwd      => 's3cr3T',
    # secret hashed passphrase to access some admin features
    # Hash your password by issuing `echo -n s3cr3T | sha256sum` on your terminal
    # optional, but you won't have access to admin /stats if not set and if adminpwd is not set either
    hashed_adminpwd => '__HASHED_PASSWORD__',
    # choose a theme. See the available themes in `themes` directory
    # optional, default is 'default'
    theme         => '__THEME__', # default or milligram
    # number of URLs to be displayed per page in /stats
    # optional, default is 10
    page_offset   => 10,
    # length of the random URL
    # optional, default is 8
    length            => 8,
    # how many URLs will be provisioned in a batch ?
    # optional, default is 5
    #provis_step       => 5,
    # max number of URLs to be provisioned
    # optional, default is 100
    #provisioning      => 100,
    # URL sub-directory in which you want Lstu to be accessible
    # example: you want to have Lstu under https://example.org/lstu/
    # => set prefix to '/lstu' or to '/lstu/', it doesn't matter
    # optional, defaut is /
    prefix       => '__PATH__',
    # array of authorized domains for API calls.
    # if you want to authorize everyone to use the API: ['*']
    # optional, no domains allowed by default
    #allowed_domains   => ['http://1.example.com', 'http://2.example.com'],
    # if set, the shortened URLs will use this domain
    # optional
    #fixed_domain => 'example.org',
    # choose what database you want to use
    # valid choices are sqlite, postgresql and mysql (all lowercase)
    # optional, default is sqlite
    dbtype => 'postgresql',
    # SQLite ONLY - only used if dbtype is set to sqlite
    # define a path to the SQLite database
    # you can define it relative to lstu directory or set an absolute path
    # remember that it has to be in a directory writable by Lstu user
    # optional, default is lstu.db
    #db_path           => 'lstu.db',
    # PostgreSQL ONLY - only used if dbtype is set to postgresql
    # these are the credentials to access the PostgreSQL database
    # mandatory if you choosed postgresql as dbtype
    pgdb => {
        database => '__DB_NAME__',
        host     => 'localhost',
        # optional, default is 5432
        #port     => 5432,
        user     => '__DB_USER__',
        pwd      => '__DB_PWD__',
        # optional, default is 1
        #max_connections => 1,
    },
    # MySQL ONLY - only used if dbtype is set to mysql
    # these are the credentials to access the MySQL database
    # mandatory if you choosed mysql as dbtype
    #mysqldb => {
    #    database => 'lstu',
    #    host     => 'localhost',
    #    # optional, default is 3306
    #    #port     => 3306,
    #    user     => 'DBUSER',
    #    pwd      => 'DBPASSWORD',
    #    # optional, default is 5 (set to 0 to disable persistent connections)
    #    #max_connections => 5,
    #},
    # Rate-limiting for the API
    # After ban_min_strike requests in a second, the IP address will be
    # banned for one hour.
    # If it continues to query the API during this ban time at least
    # ban_min_strike times, it will be banned for a month.
    # optional, default is 3
    ban_min_strike    => 3,
    # Ban whitelist
    # You can whitelist IP addresses to prevent you from being banned
    # Be careful, the IP addresses are compared as string, not as IP addresses
    # a network range will not work
    # Example of valid input: ban_whitelist => ['198.51.100.42', '2001:0DB8::42'],¬
    # optional, default is an empty array
    #ban_whitelist => [],
    # Ban blacklist
    # You can blacklist IP addresses to always ban those IP addresses
    # Be careful, the IP addresses are compared as string, not as IP addresses
    # a network range will not work
    # Example of valid input: ban_blacklist => ['198.51.100.42', '2001:0DB8::42'],¬
    # optional, default is an empty array
    #ban_blacklist => [],
    # define an URL to the Piwik instance and the ID of a website to track
    # set if you want to track views in Piwik
    # optional, Piwik tracking is disabled by default
    #piwik => {
    #    url    => 'http://piwik.example.com',
    #    idsite => '1',
    #},
    # use Minion instead of directly increase counters
    # need to launch a minion worker service if enabled
    # optional, Minion is disabled by default
    # It will use the same DB type as Lstu: sqlite if you choose sqlite for `dbtype`,
    # postgresql for postgresql, etc.
    #minion => {
    #    enabled => 0,
    #    # SQLite ONLY - only used if if you choose sqlite as DB type,
    #    # define the path to the minion database
    #    # you can define it relative to lstu directory or set an absolute path
    #    # remember that it has to be in a directory writable by Lutim user
    #    # optional, default is minion.db
    #    db_path => 'minion.db',
    #    # PostgreSQL ONLY - only used if you choose postgresql as DB type
    #    # these are the credentials to access the Minion's PostgreSQL database
    #    # mandatory if you choosed postgresql as DB type, no default
    #    pgdb => {
    #        database => 'lstu_minion',
    #        host     => 'localhost',
    #        # optional, default is 5432
    #        #port     => 5432,
    #        user     => 'DBUSER',
    #        pwd      => 'DBPASSWORD'
    #    },
    #    # MySQL ONLY - only used if you choose mysql as DB type
    #    # these are the credentials to access the Minion's MySQL database
    #    # mandatory if you choosed mysql as DB type, no default
    #    mysqldb => {
    #        database => 'lstu_minion',
    #        host     => 'localhost',
    #        # optional, default is 3306
    #        #port     => 3306,
    #        user     => 'DBUSER',
    #        pwd      => 'DBPASSWORD',
    #    },
    #},
    # set `ldap` if you want that only authenticated users can shorten URLs
    # please note that everybody can still use shortend URLs
    # optional, no default
    ldap => {
        uri         => 'ldap://localhost:389',          # server URI
        user_tree   => 'dc=yunohost,dc=org',            # search base DN
        bind_dn     => 'ou=users,dc=yunohost,dc=org',   # search bind DN
    #   bind_pwd    => '',                              # search bind password
        user_attr   => 'uid',                           # user attribute (uid, mail, sAMAccountName, etc.)
    #   user_filter => '(!(uid=ldap_user))',           # user filter (to exclude some users, etc.)
    },
    # set `htpasswd` if you want to use an htpasswd file instead of ldap
    # create the file with `htpasswd -c lstu.passwd user`, update it with `htpasswd lstu.passwd user2`
    # make sure that lstu can read the file!
    # optional, no default
    #htpasswd => 'lstu.passwd',
    # if you've set ldap or htpasswd above, the session will last `session_duration` seconds before
    # the user needs to reauthenticate
    # optional, default is 3600
    #session_duration => 3600,
    # how many redirections are allowed for the shortened URL before considering it as a spam?
    # optional, default is 2. Set to -1 to allow infinite redirections (not recommended)
    #max_redir => 2,
    # spam blacklist regex. All URLs (or redirection) whose host part matches this regex are considered as spam
    # optional, no default
    #spam_blacklist_regex => 'foo|bar',
    # spam path blacklist regex. All URLs (or redirection) whose path part matches this regex are considered as spam
    # optional, no default
    #spam_path_blacklist_regex => 'foo|bar',
    # spam whitelist regex. All URLs (or redirection) whose host part matches this regex will never be considered as spam
    # optional, no default
    #spam_whitelist_regex => 'foo|bar',
    # set to 1 to skip SpamHaus check (not recommended)
    # optional, default is 0
    #skip_spamhaus => 0,
    # put your Google API key to enable Google safebrowsing check
    # This will allow Lstu to download the Google safebrowsing database and use a local copy to check the URLs.
    # Google does not get the URLs that are checked.
    # Instructions to get a key: https://developers.google.com/safe-browsing/v4/get-started
    # TL;DR: https://console.developers.google.com/projectselector/apis/library
    # optional, no default
    #safebrowsing_api_key => '',
    # array of memcached servers to cache URL in order to accelerate responses to often-viewed URL.
    # If set to [], the cache is disabled
    # optional, default is []
    #memcached_servers => [],
    # Content-Security-Policy header that will be sent by Lstu
    # Set to '' to disable CSP header
    # https://content-security-policy.com/ provides a good documentation about CSP.
    # https://report-uri.com/home/generate provides a tool to generate a CSP header.
    # optional, default is "default-src 'none'; script-src 'self'; style-src 'self'; img-src 'self' data:; font-src 'self'; form-action 'self'; base-uri 'self'"
    # the default value is good for `default` and `milligram` themes
    #csp => "default-src 'none'; script-src 'self'; style-src 'self'; img-src 'self' data:; font-src 'self'; form-action 'self'; base-uri 'self'",
    # X-Frame-Options header that will be sent by Lstu
    # Valid values are: 'DENY', 'SAMEORIGIN', 'ALLOW-FROM https://example.com/'
    # Set to '' to disable X-Frame-Options header
    # See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
    # Please note that this will add a "frame-ancestors" directive to the CSP header (see above) accordingly
    # to the chosen setting (See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-ancestors)
    # optional, default is 'DENY'
    #x_frame_options => 'DENY',
    # X-Content-Type-Options that will be sent by Lstu
    # See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
    # Set to '' to disable X-Content-Type-Options header
    # optional, default is 'nosniff'
    #x_content_type_options => 'nosniff',
    # X-XSS-Protection that will be sent by Lstu
    # See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection
    # Set to '' to disable X-XSS-Protection header
    # optional, default is '1; mode=block'
    #x_xss_protection => '1; mode=block',
    # Log creator's IP address
    # Set to 1 if you want to register the IP addresses of URL creators
    # optional, default is 0
    #log_creator_ip => 0,
 };
--- a/conf/lstu.conf.template
+++ b/conf/lstu.conf.template
@ -29,11 +29,11 @@
    # secret hashed passphrase to access some admin features
    # Hash your password by issuing `echo -n s3cr3T | sha256sum` on your terminal
    # optional, but you won't have access to admin /stats if not set and if adminpwd is not set either
-    hashed_adminpwd => '__PASSWORD_HASHED__',
+    hashed_adminpwd => '__HASHED_PASSWORD__',
    # choose a theme. See the available themes in `themes` directory
    # optional, default is 'default'
-    theme         => '__SELECTED_THEME__', # default or milligram
+    theme         => '__THEME__', # default or milligram
    # number of URLs to be displayed per page in /stats
    # optional, default is 10
@ -178,14 +178,14 @@
    # set `ldap` if you want that only authenticated users can shorten URLs
    # please note that everybody can still use shortend URLs
    # optional, no default
-    __IS_PUBLIC__ldap => {
+    #ldap => {
-    __IS_PUBLIC__    uri         => 'ldap://localhost:389',          # server URI
+    #   uri         => 'ldap://localhost:389',          # server URI
-    __IS_PUBLIC__    user_tree   => 'dc=yunohost,dc=org',            # search base DN
+    #    user_tree   => 'dc=yunohost,dc=org',            # search base DN
-    __IS_PUBLIC__    bind_dn     => 'ou=users,dc=yunohost,dc=org',   # search bind DN
+    #    bind_dn     => 'ou=users,dc=yunohost,dc=org',   # search bind DN
-    __IS_PUBLIC__#   bind_pwd    => '',                              # search bind password
+    #    bind_pwd    => '',                              # search bind password
-    __IS_PUBLIC__    user_attr   => 'uid',                           # user attribute (uid, mail, sAMAccountName, etc.)
+    #    user_attr   => 'uid',                           # user attribute (uid, mail, sAMAccountName, etc.)
-    __IS_PUBLIC__#    user_filter => '(!(uid=ldap_user))',           # user filter (to exclude some users, etc.)
+    #    user_filter => '(!(uid=ldap_user))',           # user filter (to exclude some users, etc.)
-    __IS_PUBLIC__},
+    #},
    # set `htpasswd` if you want to use an htpasswd file instead of ldap
    # create the file with `htpasswd -c lstu.passwd user`, update it with `htpasswd lstu.passwd user2`
--- a/doc/DISCLAIMER.md
+++ b/doc/DISCLAIMER.md
@ -0,0 +1,3 @@
 ## Configuration
 How to configure this app: a plain file at `/var/www/lstu/lstu.conf` with SSH.
--- a/doc/DISCLAIMER_fr.md
+++ b/doc/DISCLAIMER_fr.md
@ -0,0 +1,3 @@
 ## Configuration
 Comment configurer cette application : un fichier simple à `/var/www/lstu/lstu.conf` avec SSH.
--- a/doc/screenshots/LSTU_screenshot.png
+++ b/doc/screenshots/LSTU_screenshot.png
--- a/manifest.json
+++ b/manifest.json
@ -4,17 +4,24 @@
 	"packaging_format": 1,
 	"description": {
 		"en": "URL Shortener",
-		"fr": "Raccoursisseur d'URL"
+		"fr": "Raccourcisseur d'URL"
 	},
-	"version": "0.22-0~ynh2",
+	"version": "0.23-0~ynh1",
 	"url": "https://lstu.fr",
 	"upstream": {
        "license": "WTFPL",
        "website": "https://lstu.fr",
        "demo": "https://lstu.fr",
        "admindoc": "https://framagit.org/fiat-tux/hat-softwares/lstu/wikis/home",
        "code": "https://framagit.org/fiat-tux/hat-softwares/lstu"
    },
 	"license": "WTFPL",
 	"maintainer": {
 		"name": "frju365",
 		"email": "abld@abld.info"
 	},
 	"requirements": {
-        "yunohost": ">= 4.0"
+        "yunohost": ">= 4.2.4"
 	},
 	"multi_instance": true,
 	"services": [
@ -25,29 +32,17 @@
 			{
 				"name": "domain",
 				"type": "domain",
 				"ask": {
 					"en": "Choose a domain for Lstu",
 					"fr": "Choisissez un domaine pour Lstu"
 				},
 				"example": "domain.org"
 			},
 			{
 				"name": "path",
 				"type": "path",
 				"ask": {
 					"en": "Choose a path for Lstu",
 					"fr": "Choisissez un chemin pour Lstu"
 				},
 				"example": "/lstu",
 				"default": "/lstu"
 			},
 			{
 				"name": "is_public",
 				"type": "boolean",
 				"ask": {
 					"en": "Is it a public application?",
 					"fr": "Est-ce une application publique ?"
 				},
 				"default": false
 			},
 			{
@ -66,10 +61,7 @@
 			{
 				"name": "password",
 				"type": "password",
-				"ask": {
+				"example": "Choose a password"
 					"en": "Choose a password",
 					"fr": "Choisissez un mot de passe"
 				}
 			}
 		]
 	}
--- a/pull_request_template.md
+++ b/pull_request_template.md
@ -1,18 +0,0 @@
 ## Problem
 - *Description of why you made this PR*
 ## Solution
 - *And how do you fix that problem*
 ## PR Status
 - [ ] Code finished.
 - [ ] Tested with Package_check.
 - [ ] Fix or enhancement tested.
 - [ ] Upgrade from last version tested.
 - [ ] Can be reviewed and tested.
 ## Package_check results
 ---
 *If you have access to [App Continuous Integration for packagers](https://yunohost.org/#/packaging_apps_ci) you can provide a link to the package_check results like below, replacing '-NUM-' in this link by the PR number and USERNAME by your username on the ci-apps-dev. Or you provide a screenshot or a pastebin of the results*
 [![Build Status](https://ci-apps-dev.yunohost.org/jenkins/job/lstu_ynh%20PR-NUM-%20(USERNAME)/badge/icon)](https://ci-apps-dev.yunohost.org/jenkins/job/lstu_ynh%20PR-NUM-%20(USERNAME)/)  
--- a/scripts/actions/change_password
+++ b/scripts/actions/change_password
@ -49,7 +49,7 @@ ynh_app_setting_set $app hashed_password $hashed_password
 # RELOAD NGINX
 #=================================================
-ynh_systemd_action -n $app -a reload -l "Reloaded Shortened URLs service." -p "systemd"
+ynh_systemd_action --service_name=$app --action="reload" --log_path="systemd" --line_match="Server available at"
 #=================================================
 # END OF SCRIPT
--- a/scripts/actions/change_theme
+++ b/scripts/actions/change_theme
@ -48,7 +48,7 @@ ynh_app_setting_set $app theme $theme
 # RELOAD NGINX
 #=================================================
-ynh_systemd_action -n $app -a reload -l "Reloaded Shortened URLs service." -p "systemd"
+ynh_systemd_action --service_name=$app --action="reload" --log_path="systemd" --line_match="Server available at"
 #=================================================
 # END OF SCRIPT
--- a/scripts/actions/public_private
+++ b/scripts/actions/public_private
@ -50,25 +50,12 @@ fi
 # MOVE TO PUBLIC OR PRIVATE
 #=================================================
 ynh_backup_if_checksum_is_different "$final_path/lstu.conf"
 cp conf/lstu.conf.template "${final_path}/lstu.conf"
 ynh_replace_string "__DOMAIN__" "$domain" "${final_path}/lstu.conf"
 ynh_replace_string "__PATH__" "$path_url" "${final_path}/lstu.conf"
 ynh_replace_string "__PORT__" "$port" "${final_path}/lstu.conf"
 ynh_replace_string "__DB_NAME__" "$db_name"  "${final_path}/lstu.conf"
 ynh_replace_string "__DB_USER__" "$db_user"  "${final_path}/lstu.conf"
 ynh_replace_string "__DB_PWD__" "$db_pwd" "${final_path}/lstu.conf"
 ynh_replace_string "__SELECTED_THEME__" "$theme" "${final_path}/lstu.conf"
 ynh_replace_string "__PASSWORD_HASHED__" "$hashed_password" "${final_path}/lstu.conf"
 ynh_replace_string "__SECRET__" "$secret" "${final_path}/lstu.conf"
 if [ $is_public -eq 0 ];
 then
-	ynh_replace_string "__IS_PUBLIC__" "" "${final_path}/lstu.conf"
+	ynh_add_config --template="../conf/lstu.conf.ldap" --destination="$final_path/lstu.conf"
 else
-	ynh_replace_string "__IS_PUBLIC__" "#" "${final_path}/lstu.conf"
+	ynh_add_config --template="../conf/lstu.conf.template" --destination="$final_path/lstu.conf"
 fi
 ynh_store_file_checksum "${final_path}/lstu.conf"
 if [ $is_public -eq 0 ]; then
 	public_private="private"
@ -100,7 +87,7 @@ ynh_app_setting_set $app is_public $is_public
 # RELOAD NGINX
 #=================================================
-ynh_systemd_action -n $app -a reload -l "Reloaded Shortened URLs service." -p "systemd"
+ynh_systemd_action --service_name=$app --action="reload" --log_path="systemd" --line_match="Server available at"
 #=================================================
 # END OF SCRIPT
--- a/scripts/install
+++ b/scripts/install
@ -85,7 +85,14 @@ db_name=$(ynh_sanitize_dbid --db_name=$app)
 db_user=$db_name
 ynh_app_setting_set --app=$app --key=db_name --value=$db_name
 ynh_psql_setup_db --db_user=$db_user --db_name=$db_name
-db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd) # Password created in ynh_psql_setup_db function
+
 #=================================================
 # CREATE DEDICATED USER
 #=================================================
 ynh_script_progression --message="Configuring system user..."
 # Create a system user
 ynh_system_user_create --username=$app --home_dir="$final_path"
 #=================================================
 # DOWNLOAD, CHECK AND UNPACK SOURCE
@ -96,6 +103,10 @@ ynh_app_setting_set --app=$app --key=final_path --value=$final_path
 # Download, check integrity, uncompress and patch the source from app.src
 ynh_setup_source --dest_dir="$final_path"
 chmod 750 "$final_path"
 chmod -R o-rwx "$final_path"
 chown -R $app:www-data "$final_path"
 #=================================================
 # NGINX CONFIGURATION
 #=================================================
@ -104,14 +115,6 @@ ynh_script_progression --message="Configuring NGINX web server..."
 # Create a dedicated nginx config
 ynh_add_nginx_config
 #=================================================
 # CREATE DEDICATED USER
 #=================================================
 ynh_script_progression --message="Configuring system user..."
 # Create a system user
 ynh_system_user_create --username=$app
 #=================================================
 # SPECIFIC SETUP
 #=================================================
@ -119,27 +122,13 @@ ynh_system_user_create --username=$app
 #=================================================
 ynh_script_progression --message="Configuring Lstu..."
 config="${final_path}/lstu.conf"
 cp ../conf/lstu.conf.template "$config"
 ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$config"
 ynh_replace_string --match_string="__PATH__" --replace_string="$path_url" --target_file="$config"
 ynh_replace_string --match_string="__PORT__" --replace_string="$port" --target_file="$config"
 ynh_replace_string --match_string="__DB_NAME__" --replace_string="$db_name" --target_file="$config"
 ynh_replace_string --match_string="__DB_USER__" --replace_string="$db_user" --target_file="$config"
 ynh_replace_string --match_string="__DB_PWD__" --replace_string="$db_pwd" --target_file="$config"
 ynh_replace_string --match_string="__SELECTED_THEME__" --replace_string="$theme" --target_file="$config"
 ynh_replace_string --match_string="__PASSWORD_HASHED__" --replace_string="$hashed_password" --target_file="$config"
 ynh_replace_string --match_string="__SECRET__" --replace_string="$secret" --target_file="$config"
 if [ $is_public -eq 0 ];
 then
-	ynh_replace_string --match_string="__IS_PUBLIC__" --replace_string="" --target_file="$config"
+	ynh_add_config --template="../conf/lstu.conf.ldap" --destination="$final_path/lstu.conf"
 else
-	ynh_replace_string --match_string="__IS_PUBLIC__" --replace_string="#" --target_file="$config"
+	ynh_add_config --template="../conf/lstu.conf.template" --destination="$final_path/lstu.conf"
 fi
 ynh_store_file_checksum --file="$config"
 #=================================================
 # INSTALL LSTU
 #=================================================
@ -157,16 +146,6 @@ ynh_script_progression --message="Configuring a systemd service..."
 # Create a dedicated systemd config
 ynh_add_systemd_config
 #=================================================
 # GENERIC FINALIZATION
 #=================================================
 # SECURE FILES AND DIRECTORIES
 #=================================================
 ynh_script_progression --message="Securing files and directories..."
 # Set permissions to app files
 chown -R $app: $final_path
 #=================================================
 # SETUP LOGROTATE
 #=================================================
@ -193,9 +172,10 @@ ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --l
 #=================================================
 # SETUP SSOWAT
 #=================================================
-ynh_script_progression --message="Configuring SSOwat..."
+ynh_script_progression --message="Configuring permissions..."
 ynh_permission_update --permission="main" --add="visitors"
 ynh_app_setting_set --app=$app --key=unprotected_uris --value="/"
 if [ $is_public -eq 0 ]
 then
 	# If the app is private, only the shortened URLs are publics.
--- a/scripts/restore
+++ b/scripts/restore
@ -53,6 +53,14 @@ ynh_script_progression --message="Restoring the NGINX configuration..."
 ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
 #=================================================
 # RECREATE THE DEDICATED USER
 #=================================================
 ynh_script_progression --message="Recreating the dedicated system user..."
 # Create the dedicated user (if not existing)
 ynh_system_user_create --username=$app --home_dir="$final_path"
 #=================================================
 # RESTORE THE APP MAIN DIR
 #=================================================
@ -60,21 +68,9 @@ ynh_script_progression --message="Restoring the app main directory..."
 ynh_restore_file --origin_path="$final_path"
-#=================================================
+chmod 750 "$final_path"
-# RECREATE THE DEDICATED USER
+chmod -R o-rwx "$final_path"
-#=================================================
+chown -R $app:www-data "$final_path"
 ynh_script_progression --message="Recreating the dedicated system user..."
 # Create the dedicated user (if not existing)
 ynh_system_user_create --username=$app
 #=================================================
 # RESTORE USER RIGHTS
 #=================================================
 ynh_script_progression --message="Restoring user rights..."
 # Restore permissions on app files
 chown -R $app: $final_path
 #=================================================
 # SPECIFIC RESTORATION
@ -115,7 +111,7 @@ yunohost service add $app --log="/var/log/$app.log" --log="/var/www/$app/log/pro
 #=================================================
 ynh_script_progression --message="Starting a systemd service..."
-ynh_systemd_action --service_name=$app --action="start"  --log_path="systemd" --line_match="Server available at"
+ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="Server available at"
 #=================================================
 # RESTORE THE LOGROTATE CONFIGURATION
--- a/scripts/upgrade
+++ b/scripts/upgrade
@ -40,15 +40,6 @@ upgrade_type=$(ynh_check_app_version_changed)
 #=================================================
 ynh_script_progression --message="Ensuring downward compatibility..."
 # Fix is_public as a boolean value
 if [ "$is_public" = "Yes" ]; then
 	ynh_app_setting_set --app=$app --key=is_public --value=1
 	is_public=1
 elif [ "$is_public" = "No" ]; then
 	ynh_app_setting_set --app=$app --key=is_public --value=0
 	is_public=0
 fi
 # If final_path doesn't exist, create it
 if [ -z "$final_path" ]; then
 	final_path=/var/www/$app
@ -97,6 +88,13 @@ then
 	ynh_exec_warn_less yunohost firewall disallow TCP $port
 fi
 # Cleaning legacy permissions
 if ynh_legacy_permissions_exists; then
 	ynh_legacy_permissions_delete_all
 	ynh_app_setting_delete --app=$app --key=is_public
 fi
 #=================================================
 # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
 #=================================================
@ -121,6 +119,14 @@ ynh_script_progression --message="Stopping a systemd service..."
 ynh_systemd_action --service_name=$app --action="stop" --log_path="systemd"
 #=================================================
 # CREATE DEDICATED USER
 #=================================================
 ynh_script_progression --message="Making sure dedicated system user exists..."
 # Create a dedicated user (if not existing)
 ynh_system_user_create --username=$app --home_dir="$final_path"
 #=================================================
 # DOWNLOAD, CHECK AND UNPACK SOURCE
 #=================================================
@ -130,9 +136,13 @@ then
 	ynh_script_progression --message="Upgrading source files..."
 	# Download, check integrity, uncompress and patch the source from app.src
-	ynh_setup_source --dest_dir="$final_path"
+	ynh_setup_source --dest_dir="$final_path" #--keep="$final_path/lstu.conf"
 fi
 chmod 750 "$final_path"
 chmod -R o-rwx "$final_path"
 chown -R $app:www-data "$final_path"
 #=================================================
 # NGINX CONFIGURATION
 #=================================================
@ -149,42 +159,17 @@ ynh_script_progression --message="Upgrading dependencies..."
 ynh_install_app_dependencies $pkg_dependencies
 #=================================================
-# CREATE DEDICATED USER
+# CONFIGURE LSTU
 #=================================================
-ynh_script_progression --message="Making sure dedicated system user exists..."
+ynh_script_progression --message="Configuring Lstu..."
 # Create a dedicated user (if not existing)
 ynh_system_user_create --username=$app
 #=================================================
 # SPECIFIC UPGRADE
 #=================================================
 # UPGRADE LSTU CONFIGURATION
 #=================================================
 ynh_script_progression --message="Upgrading lstu configuration..."
 config="${final_path}/lstu.conf"
 ynh_backup_if_checksum_is_different --file="$config"
 cp ../conf/lstu.conf.template "$config"
 ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$config"
 ynh_replace_string --match_string="__PATH__" --replace_string="$path_url" --target_file="$config"
 ynh_replace_string --match_string="__PORT__" --replace_string="$port" --target_file="$config"
 ynh_replace_string --match_string="__DB_NAME__" --replace_string="$db_name"  --target_file="$config"
 ynh_replace_string --match_string="__DB_USER__" --replace_string="$db_user"  --target_file="$config"
 ynh_replace_string --match_string="__DB_PWD__" --replace_string="$db_pwd" --target_file="$config"
 ynh_replace_string --match_string="__SELECTED_THEME__" --replace_string="$theme" --target_file="$config"
 ynh_replace_string --match_string="__PASSWORD_HASHED__" --replace_string="$hashed_password" --target_file="$config"
 ynh_replace_string --match_string="__SECRET__" --replace_string="$secret" --target_file="$config"
 if [ $is_public -eq 0 ];
 then
-	ynh_replace_string --match_string="__IS_PUBLIC__" --replace_string="" --target_file="$config"
+	ynh_add_config --template="../conf/lstu.conf.ldap" --destination="$final_path/lstu.conf"
 else
-	ynh_replace_string --match_string="__IS_PUBLIC__" --replace_string="#" --target_file="$config"
+	ynh_add_config --template="../conf/lstu.conf.template" --destination="$final_path/lstu.conf"
 fi
 ynh_store_file_checksum --file="$config"
 #=================================================
 # BUILD LSU
 #=================================================
@ -210,16 +195,6 @@ ynh_script_progression --message="Upgrading systemd configuration..."
 # Create a dedicated systemd config
 ynh_add_systemd_config
 #=================================================
 # GENERIC FINALIZATION
 #=================================================
 # SECURING FILES AND DIRECTORIES
 #=================================================
 ynh_script_progression --message="Securing files and directories..."
 # Set permissions on app files
 chown -R $app: $final_path
 #=================================================
 # INTEGRATE SERVICE IN YUNOHOST
 #=================================================
@ -232,7 +207,8 @@ yunohost service add $app --log="/var/log/$app.log" --log="/var/www/$app/log/pro
 #=================================================
 ynh_script_progression --message="Upgrading SSOwat configuration..."
-ynh_app_setting_set --app=$app --key=unprotected_uris --value="/"
+ynh_permission_update --permission="main" --add="visitors"
 if [ $is_public -eq 0 ]
 then
 	# If the app is private, only the shortened URLs are publics.
		`@ -0,0 +1,3 @@`
							`## Configuration`

							How to configure this app: a plain file at `/var/www/lstu/lstu.conf` with SSH.
		`@ -0,0 +1,3 @@`
							`## Configuration`

							Comment configurer cette application : un fichier simple à `/var/www/lstu/lstu.conf` avec SSH.