Fix

2024-09-03 19:46:18 +02:00 · 2022-01-30 15:41:27 +01:00 · 2022-01-30 15:41:27 +01:00 · a96e5dd161
commit a96e5dd161
parent a391958a43
13 changed files with 39 additions and 316 deletions
--- a/11
+++ b/11
@ -1,17 +1,9 @@
-# See here for more information
-# https://github.com/YunoHost/package_check#syntax-check_process-file
-
-# Move this file from check_process.default to check_process when you have filled it.
-
 ;; Test complet
 	; Manifest
 		domain="domain.tld"
 		path="/"
-		admin="john"
-		language="fr"
 		is_public=1
 		password="1Strong-Password"
-		port="666"
 	; Checks
 		pkg_linter=1
 		setup_sub_dir=0
@ -20,10 +12,9 @@
 		setup_private=1
 		setup_public=1
 		upgrade=1
-		upgrade=1	from_commit=CommitHash
+		#upgrade=1	from_commit=CommitHash
 		backup_restore=1
 		multi_instance=0
-		port_already_use=0
 		change_url=1
 ;;; Options
 Email=
--- a/conf/.env
+++ b/conf/.env
@ -1,4 +1,4 @@
-MINIO_ROOT_USER=__MINIO_ID__
+MINIO_ROOT_USER=__APP__
 MINIO_VOLUMES="__DATADIR__/"
 MINIO_OPTS="-C __FINAL_PATH__/ --address 127.0.0.1:__PORT__ --console-address :__CONSOLE_PORT__"
 MINIO_ROOT_PASSWORD=__MINIO_KEY__
--- a/conf/amd64.src
+++ b/conf/amd64.src
@ -0,0 +1,6 @@
+SOURCE_URL=https://dl.min.io/server/minio/release/linux-amd64/minio
+SOURCE_SUM=d81f52faf6f0626fa4b23964c403bae60ff840577f4d75ec3e208ceb78f19ee2
+SOURCE_SUM_PRG=sha256sum
+SOURCE_IN_SUBDIR=false
+SOURCE_FILENAME=minio
+SOURCE_EXTRACT=false
--- a/conf/app.src
+++ b/conf/app.src
@ -1,7 +0,0 @@
-SOURCE_URL=https://dl.min.io/server/minio/release/linux-amd64/archive/minio.RELEASE.2021-11-05T09-16-26Z
-SOURCE_SUM=6398ef9107d248cc25e4f21aa36d582b5bf74d9b1c671fa79c81c1f4f607531f
-SOURCE_SUM_PRG=sha256sum
-SOURCE_FORMAT=
-SOURCE_IN_SUBDIR=false
-SOURCE_FILENAME=minio
-SOURCE_EXTRACT=false
--- a/conf/arm64.src
+++ b/conf/arm64.src
@ -0,0 +1,6 @@
+SOURCE_URL=https://dl.min.io/server/minio/release/linux-amd64/minio
+SOURCE_SUM=d81f52faf6f0626fa4b23964c403bae60ff840577f4d75ec3e208ceb78f19ee2
+SOURCE_SUM_PRG=sha256sum
+SOURCE_IN_SUBDIR=false
+SOURCE_FILENAME=minio
+SOURCE_EXTRACT=false
--- a/conf/mc.src
+++ b/conf/mc.src
@ -1,7 +1,6 @@
 SOURCE_URL=https://dl.min.io/client/mc/release/linux-amd64/archive/mc.RELEASE.2021-11-05T10-05-06Z
 SOURCE_SUM=9f5ad72fd93678f9f756c6da34a8d4d1e61f7356a96ee327c652ad765975d2b2
 SOURCE_SUM_PRG=sha256sum
-SOURCE_FORMAT=
 SOURCE_IN_SUBDIR=false
 SOURCE_FILENAME=mc
 SOURCE_EXTRACT=false
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@ -1,10 +1,5 @@
 location / {

-  # Force usage of https
-  if ($scheme = http) {
-    rewrite ^ https://$server_name$request_uri? permanent;
-  }
-
  proxy_pass        http://127.0.0.1:__PORT__;
  proxy_redirect    off;
  proxy_set_header  Host $host;
--- a/manifest.json
+++ b/manifest.json
@ -6,13 +6,12 @@
        "en": "High Performance, Kubernetes Native Object Storage",
        "fr": "Serveur de stockage d'objets hautes performances"
    },
-    "version": "2021-11-05T09-16-26Z~ynh1",
+    "version": "2022.01.28~ynh1",
    "url": "https://min.io/",
    "upstream": {
        "license": "AGPL-3.0-only",
        "website": "https://min.io",
-        "admindoc": "https://yunohost.org/packaging_apps",
-        "userdoc": "https://yunohost.org/apps",
+        "admindoc": "https://docs.min.io/",
        "code": "https://github.com/minio/minio"
    },
    "license": "AGPL-3.0-only",
@ -20,7 +19,7 @@
        "name": "Raoul de Limezy"
    },
    "requirements": {
-        "yunohost": ">= 4.1.3"
+        "yunohost": ">= 4.3.0"
    },
    "multi_instance": false,
    "services": [
--- a/scripts/backup
+++ b/scripts/backup
@ -39,11 +39,6 @@ mc_path=$(ynh_app_setting_get --app=$app --key=mc_path)
 #=================================================
 ynh_print_info --message="Declaring files to be backed up..."

-### N.B. : the following 'ynh_backup' calls are only a *declaration* of what needs
-### to be backuped and not an actual copy of any file. The actual backup that
-### creates and fill the archive with the files happens in the core after this
-### script is called. Hence ynh_backups calls takes basically 0 seconds to run.
-
 #=================================================
 # BACKUP THE APP MAIN DIR
 #=================================================
--- a/scripts/install
+++ b/scripts/install
@ -27,38 +27,16 @@ ynh_abort_if_errors
 domain=$YNH_APP_ARG_DOMAIN
 path_url="/"
 is_public=$YNH_APP_ARG_IS_PUBLIC
-#language=$YNH_APP_ARG_LANGUAGE
-
-### If it's a multi-instance app, meaning it can be installed several times independently
-### The id of the app as stated in the manifest is available as $YNH_APP_ID
-### The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2"...)
-### The app instance name is available as $YNH_APP_INSTANCE_NAME
-###    - the first time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample
-###    - the second time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample__2
-###    - ynhexample__{N} for the subsequent installations, with N=3,4...
-### The app instance name is probably what interests you most, since this is
-### guaranteed to be unique. This is a good unique identifier to define installation path,
-### db names...
-app=$YNH_APP_INSTANCE_NAME
-
-minio_id="minio"
 minio_key=$(ynh_string_random)
+architecture=$YNH_ARCH
+
+app=$YNH_APP_INSTANCE_NAME

 #=================================================
 # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
 #=================================================
-### About --weight and --time
-### ynh_script_progression will show to your final users the progression of each scripts.
-### In order to do that, --weight will represent the relative time of execution compared to the other steps in the script.
-### --time is a packager option, it will show you the execution time since the previous call.
-### This option should be removed before releasing your app.
-### Use the execution time, given by --time, to estimate the weight of a step.
-### A common way to do it is to set a weight equal to the execution time in second +1.
-### The execution time is given for the duration since the previous call. So the weight should be applied to this previous call.
 ynh_script_progression --message="Validating installation parameters..." --time --weight=1

-### If the app uses NGINX as web server (written in HTML/PHP in most cases), the final path should be "/var/www/$app".
-### If the app provides an internal web server (or uses another application server such as uWSGI), the final path should be "/opt/yunohost/$app"
 final_path=/opt/yunohost/$app
 test ! -e "$final_path" || ynh_die --message="This path already contains a folder"

@ -67,10 +45,6 @@ mc_path=$final_path/mc
 # Register (book) web path
 ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url

-
-datadir=/home/yunohost.app/$app
-test ! -e "$datadir" || ynh_die --message="This path already contains a folder"
-
 #=================================================
 # STORE SETTINGS FROM MANIFEST
 #=================================================
@ -78,11 +52,9 @@ ynh_script_progression --message="Storing installation settings..." --time --wei

 ynh_app_setting_set --app=$app --key=domain --value=$domain
 ynh_app_setting_set --app=$app --key=path --value=$path_url
-ynh_app_setting_set --app=$app --key=minio_id --value=$minio_id
 ynh_app_setting_set --app=$app --key=minio_key --value=$minio_key
 ynh_app_setting_set --app=$app --key=mc_path --value=$mc_path

-
 #=================================================
 # STANDARD MODIFICATIONS
 #=================================================
@ -90,11 +62,6 @@ ynh_app_setting_set --app=$app --key=mc_path --value=$mc_path
 #=================================================
 ynh_script_progression --message="Finding an available port..." --time --weight=1

-### Use these lines if you have to open a port for the application
-### `ynh_find_port` will find the first available port starting from the given port.
-### If you're not using these lines:
-###		- Remove the section "CLOSE A PORT" in the remove script
-
 # Find an available port
 port=$(ynh_find_port --port=9000)
 ynh_app_setting_set --app=$app --key=port --value=$port
@ -103,29 +70,6 @@ ynh_app_setting_set --app=$app --key=port --value=$port
 console_port=$(ynh_find_port --port=36669)
 ynh_app_setting_set --app=$app --key=console_port --value=$console_port

-# Optional: Expose this port publicly
-# (N.B.: you only need to do this if the app actually needs to expose the port publicly.
-# If you do this and the app doesn't actually need you are CREATING SECURITY HOLES IN THE SERVER !)
-
-# Open the port
-# ynh_script_progression --message="Configuring firewall..." --time --weight=1
-# ynh_exec_warn_less yunohost firewall allow --no-upnp TCP $port
-
-#=================================================
-# INSTALL DEPENDENCIES
-#=================================================
-ynh_script_progression --message="Installing dependencies..." --time --weight=1
-
-### `ynh_install_app_dependencies` allows you to add any "apt" dependencies to the package.
-### Those deb packages will be installed as dependencies of this package.
-### If you're not using this helper:
-###		- Remove the section "REMOVE DEPENDENCIES" in the remove script
-###		- Remove the variable "pkg_dependencies" in _common.sh
-###		- As well as the section "REINSTALL DEPENDENCIES" in the restore script
-###		- And the section "UPGRADE DEPENDENCIES" in the upgrade script
-
-#ynh_install_app_dependencies $pkg_dependencies
-
 #=================================================
 # CREATE DEDICATED USER
 #=================================================
@ -139,24 +83,15 @@ ynh_system_user_create --username=$app --home_dir="$final_path"
 #=================================================
 ynh_script_progression --message="Setting up source files..." --time --weight=1

-### `ynh_setup_source` is used to install an app from a zip or tar.gz file,
-### downloaded from an upstream source, like a git repository.
-### `ynh_setup_source` use the file conf/app.src
-
 ynh_app_setting_set --app=$app --key=final_path --value=$final_path

 # Download, check integrity, uncompress and patch the source from app.src
-ynh_setup_source --dest_dir="$final_path"
+ynh_setup_source --dest_dir="$final_path" --source_id="$architecture"

-# FIXME: this should be managed by the core in the future
-# Here, as a packager, you may have to tweak the ownerhsip/permissions
-# such that the appropriate users (e.g. maybe www-data) can access
-# files in some cases.
-# But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder -
-# this will be treated as a security issue.
 chmod -R 750 "$final_path"
 chmod -R o-rwx "$final_path"
 chown -R $app:www-data "$final_path"
+chmod +x "$final_path/minio"

 #=================================================
 # DOWNLOAD, CHECK AND UNPACK MINIO CLIENT
@ -165,12 +100,6 @@ ynh_script_progression --message="Setting up MinIO client..." --time --weight=1

 ynh_setup_source --dest_dir="$mc_path" --source_id=mc

-# FIXME: this should be managed by the core in the future
-# Here, as a packager, you may have to tweak the ownerhsip/permissions
-# such that the appropriate users (e.g. maybe www-data) can access
-# files in some cases.
-# But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder -
-# this will be treated as a security issue.
 chmod -R 750 "$mc_path"
 chmod -R o-rwx "$mc_path"
 chown -R $app:www-data "$mc_path"
@ -180,29 +109,15 @@ chown -R $app:www-data "$mc_path"
 #=================================================
 ynh_script_progression --message="Configuring NGINX web server..." --time --weight=1

-### `ynh_add_nginx_config` will use the file conf/nginx.conf
-
 # Create a dedicated NGINX config
 ynh_add_nginx_config

-#=================================================
-# SPECIFIC SETUP
-#=================================================
-# ...
-#=================================================
-
 #=================================================
 # CREATE DATA DIRECTORY
 #=================================================
 ynh_script_progression --message="Creating a data directory..." --time --weight=1

-### Use these lines if you need to create a directory to store "persistent files" for the application.
-### Usually this directory is used to store uploaded files or any file that won't be updated during 
-### an upgrade and that won't be deleted during app removal
-### If you're not using these lines:
-###		- Remove the section "BACKUP THE DATA DIR" in the backup script
-###		- As well as the section "RESTORE THE DATA DIRECTORY" in the restore script
-
+datadir=/home/yunohost.app/$app
 ynh_app_setting_set --app=$app --key=datadir --value=$datadir

 mkdir -p $datadir
@ -227,73 +142,14 @@ ynh_add_config --template="../conf/.env" --destination="$final_path/.env"
 chmod 750 "$final_path/.env"
 chown $app:$app "$final_path/.env"

-### You can add specific configuration files.
-###
-### Typically, put your template conf file in ../conf/your_config_file
-### The template may contain strings such as __FOO__ or __FOO_BAR__,
-### which will automatically be replaced by the values of $foo and $foo_bar
-###
-### ynh_add_config will also keep track of the config file's checksum,
-### which later during upgrade may allow to automatically backup the config file
-### if it's found that the file was manually modified
-###
-### Check the documentation of `ynh_add_config` for more info.
-
-#ynh_add_config --template="some_config_file" --destination="$final_path/some_config_file"
-
-# FIXME: this should be handled by the core in the future
-# You may need to use chmod 600 instead of 400,
-# for example if the app is expected to be able to modify its own config
-#chmod 400 "$final_path/some_config_file"
-#chown $app:$app "$final_path/some_config_file"
-
-### For more complex cases where you want to replace stuff using regexes,
-### you shoud rely on ynh_replace_string (which is basically a wrapper for sed)
-### When doing so, you also need to manually call ynh_store_file_checksum
-###
-### ynh_replace_string --match_string="match_string" --replace_string="replace_string" --target_file="$final_path/some_config_file"
-### ynh_store_file_checksum --file="$final_path/some_config_file"
-
 #=================================================
 # SETUP SYSTEMD
 #=================================================
 ynh_script_progression --message="Configuring a systemd service..." --time --weight=1

-### `ynh_systemd_config` is used to configure a systemd script for an app.
-### It can be used for apps that use sysvinit (with adaptation) or systemd.
-### Have a look at the app to be sure this app needs a systemd script.
-### `ynh_systemd_config` will use the file conf/systemd.service
-### If you're not using these lines:
-###		- You can remove those files in conf/.
-###		- Remove the section "BACKUP SYSTEMD" in the backup script
-###		- Remove also the section "STOP AND REMOVE SERVICE" in the remove script
-###		- As well as the section "RESTORE SYSTEMD" in the restore script
-###		- And the section "SETUP SYSTEMD" in the upgrade script
-
 # Create a dedicated systemd config
 ynh_add_systemd_config

-#=================================================
-# SETUP APPLICATION WITH CURL
-#=================================================
-
-### Use these lines only if the app installation needs to be finalized through
-### web forms. We generally don't want to ask the final user,
-### so we're going to use curl to automatically fill the fields and submit the
-### forms.
-
-# Set the app as temporarily public for curl call
-#ynh_script_progression --message="Configuring SSOwat..." --time --weight=1
-# Making the app public for curl
-#ynh_permission_update --permission="main" --add="visitors"
-
-# Installation with curl
-#ynh_script_progression --message="Finalizing installation..." --time --weight=1
-#ynh_local_curl "/INSTALL_PATH" "key1=value1" "key2=value2" "key3=value3"
-
-# Remove the public access
-#ynh_permission_update --permission="main" --remove="visitors"
-
 #=================================================
 # GENERIC FINALIZATION
 #=================================================
@ -301,14 +157,6 @@ ynh_add_systemd_config
 #=================================================
 ynh_script_progression --message="Configuring log rotation..." --time --weight=1

-### `ynh_use_logrotate` is used to configure a logrotate configuration for the logs of this app.
-### Use this helper only if there is effectively a log file for this app.
-### If you're not using this helper:
-###		- Remove the section "BACKUP LOGROTATE" in the backup script
-###		- Remove also the section "REMOVE LOGROTATE CONFIGURATION" in the remove script
-###		- As well as the section "RESTORE THE LOGROTATE CONFIGURATION" in the restore script
-###		- And the section "SETUP LOGROTATE" in the upgrade script
-
 # Use logrotate to manage application logfile(s)
 ynh_use_logrotate

@ -317,57 +165,16 @@ ynh_use_logrotate
 #=================================================
 ynh_script_progression --message="Integrating service in YunoHost..." --time --weight=1

-### `yunohost service add` integrates a service in YunoHost. It then gets
-### displayed in the admin interface and through the others `yunohost service` commands.
-### (N.B.: this line only makes sense if the app adds a service to the system!)
-### If you're not using these lines:
-###		- You can remove these files in conf/.
-###		- Remove the section "REMOVE SERVICE INTEGRATION IN YUNOHOST" in the remove script
-###		- As well as the section "INTEGRATE SERVICE IN YUNOHOST" in the restore script
-###		- And the section "INTEGRATE SERVICE IN YUNOHOST" in the upgrade script
-
 yunohost service add $app --description="A High Performance, Kubernetes Native Object Storage" --log="/var/log/$app/$app.log"

-### Additional options starting with 3.8:
-###
-### --needs_exposed_ports "$port" a list of ports that needs to be publicly exposed
-###                               which will then be checked by YunoHost's diagnosis system
-###                               (N.B. DO NOT USE THIS is the port is only internal!!!)
-###
-### --test_status "some command"  a custom command to check the status of the service
-###                               (only relevant if 'systemctl status' doesn't do a good job)
-###
-### --test_conf "some command"    some command similar to "nginx -t" that validates the conf of the service
-###
-### Re-calling 'yunohost service add' during the upgrade script is the right way
-### to proceed if you later realize that you need to enable some flags that
-### weren't enabled on old installs (be careful it'll override the existing
-### service though so you should re-provide all relevant flags when doing so)
-
 #=================================================
 # START SYSTEMD SERVICE
 #=================================================
 ynh_script_progression --message="Starting a systemd service..." --time --weight=1

-### `ynh_systemd_action` is used to start a systemd service for an app.
-### Only needed if you have configure a systemd service
-### If you're not using these lines:
-###		- Remove the section "STOP SYSTEMD SERVICE" and "START SYSTEMD SERVICE" in the backup script
-###		- As well as the section "START SYSTEMD SERVICE" in the restore script
-###		- As well as the section"STOP SYSTEMD SERVICE" and "START SYSTEMD SERVICE" in the upgrade script
-###		- And the section "STOP SYSTEMD SERVICE" and "START SYSTEMD SERVICE" in the change_url script
-
 # Start a systemd service
 ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"

-#=================================================
-# SETUP FAIL2BAN
-#=================================================
-#ynh_script_progression --message="Configuring Fail2Ban..." --time --weight=1
-
-# Create a dedicated Fail2Ban config
-#ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log"
-
 #=================================================
 # SETUP SSOWAT
 #=================================================
@ -376,22 +183,9 @@ ynh_script_progression --message="Configuring permissions..." --time --weight=1
 # Make app public if necessary
 if [ $is_public -eq 1 ]
 then
-	# Everyone can access the app.
-	# The "main" permission is automatically created before the install script.
 	ynh_permission_update --permission="main" --add="visitors"
 fi

-### N.B. : the following extra permissions only make sense if your app
-### does have for example an admin interface or an API.
-
-# Only the admin can access the admin panel of the app (if the app has an admin panel)
-#ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin
-
-# Everyone can access the API part
-# We don't want to display the tile in the SSO so we put --show_tile="false"
-# And we don't want the YunoHost admin to be able to remove visitors group to this permission, so we put --protected="true"
-#ynh_permission_create --permission="api" --url="/api" --allowed="visitors" --show_tile="false" --protected="true"
-
 #=================================================
 # RELOAD NGINX
 #=================================================
@ -407,7 +201,7 @@ sleep 5
 ynh_script_progression --message="Configuring MinIO client..." --time --weight=1

 pushd $mc_path
-	ynh_exec_warn_less sudo -u minio ./mc alias set minio "https://$domain" "$minio_id" "$minio_key"
+	ynh_exec_warn_less sudo -u minio ./mc alias set minio "https://$domain" "$app" "$minio_key"
 popd

 #=================================================
--- a/scripts/remove
+++ b/scripts/remove
@ -58,7 +58,17 @@ ynh_script_progression --message="Removing app main directory..." --time --weigh

 # Remove the app directory securely
 ynh_secure_remove --file="$final_path"
-ynh_secure_remove --file="$datadir"
+
+#=================================================
+# REMOVE DATA DIR
+#=================================================
+
+# Remove the data directory if --purge option is used
+if [ "${YNH_APP_PURGE:-0}" -eq 1 ]
+then
+	ynh_script_progression --message="Removing app data directory..." --time --weight=1
+	ynh_secure_remove --file="$datadir"
+fi

 #=================================================
 # REMOVE NGINX CONFIGURATION
@ -68,30 +78,6 @@ ynh_script_progression --message="Removing NGINX web server configuration..." --
 # Remove the dedicated NGINX config
 ynh_remove_nginx_config

-#=================================================
-# CLOSE A PORT
-#=================================================
-
-if yunohost firewall list | grep -q "\- $port$"
-then
-	ynh_script_progression --message="Closing port $port..." --time --weight=1
-	ynh_exec_warn_less yunohost firewall disallow TCP $port
-fi
-
-if yunohost firewall list | grep -q "\- $console_port$"
-then
-	ynh_script_progression --message="Closing port $console_port..." --time --weight=1
-	ynh_exec_warn_less yunohost firewall disallow TCP $port
-fi
-
-#=================================================
-# REMOVE FAIL2BAN CONFIGURATION
-#=================================================
-ynh_script_progression --message="Removing Fail2ban configuration..." --time --weight=1
-
-# Remove the dedicated Fail2Ban config
-ynh_remove_fail2ban_config
-
 #=================================================
 # SPECIFIC REMOVE
 #=================================================
--- a/scripts/restore
+++ b/scripts/restore
@ -34,7 +34,6 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path)
 datadir=$(ynh_app_setting_get --app=$app --key=datadir)
 mc_path=$(ynh_app_setting_get --app=$app --key=mc_path)

-
 #=================================================
 # CHECK IF THE APP CAN BE RESTORED
 #=================================================
@ -67,15 +66,10 @@ ynh_script_progression --message="Restoring the app main directory..." --time --

 ynh_restore_file --origin_path="$final_path"

-# FIXME: this should be managed by the core in the future
-# Here, as a packager, you may have to tweak the ownerhsip/permissions
-# such that the appropriate users (e.g. maybe www-data) can access
-# files in some cases.
-# But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder -
-# this will be treated as a security issue.
 chmod 750 "$final_path"
 chmod -R o-rwx "$final_path"
 chown -R $app:$app "$final_path"
+chmod +x "$final_path/minio"

 #=================================================
 # RESTORE THE DATA DIRECTORY
@ -86,25 +80,10 @@ ynh_restore_file --origin_path="$datadir" --not_mandatory

 mkdir -p $datadir

-# FIXME: this should be managed by the core in the future
-# Here, as a packager, you may have to tweak the ownerhsip/permissions
-# such that the appropriate users (e.g. maybe www-data) can access
-# files in some cases.
-# But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder -
-# this will be treated as a security issue.
 chmod 750 "$datadir"
 chmod -R o-rwx "$datadir"
 chown -R $app:www-data "$datadir"

-#=================================================
-# RESTORE FAIL2BAN CONFIGURATION
-#=================================================
-ynh_script_progression --message="Restoring the Fail2Ban configuration..." --time --weight=1
-
-ynh_restore_file "/etc/fail2ban/jail.d/$app.conf"
-ynh_restore_file "/etc/fail2ban/filter.d/$app.conf"
-ynh_systemd_action --action=restart --service_name=fail2ban
-
 #=================================================
 # RESTORE SYSTEMD
 #=================================================
--- a/scripts/upgrade
+++ b/scripts/upgrade
@ -20,20 +20,13 @@ domain=$(ynh_app_setting_get --app=$app --key=domain)
 port=$(ynh_app_setting_get --app=$app --key=port)
 path_url=$(ynh_app_setting_get --app=$app --key=path)
 final_path=$(ynh_app_setting_get --app=$app --key=final_path)
-minio_id=$(ynh_app_setting_get --app=$app --key=minio_id)
 minio_key=$(ynh_app_setting_get --app=$app --key=minio_key)
-
+architecture=$YNH_ARCH

 #=================================================
 # CHECK VERSION
 #=================================================

-### This helper will compare the version of the currently installed app and the version of the upstream package.
-### $upgrade_type can have 2 different values
-### - UPGRADE_APP if the upstream app version has changed
-### - UPGRADE_PACKAGE if only the YunoHost package has changed
-### ynh_check_app_version_changed will stop the upgrade if the app is up to date.
-### UPGRADE_APP should be used to upgrade the core app only if there's an upgrade to do.
 upgrade_type=$(ynh_check_app_version_changed)

 #=================================================
@ -76,18 +69,13 @@ then
 	ynh_script_progression --message="Upgrading source files..." --time --weight=1

 	# Download, check integrity, uncompress and patch the source from app.src
-	ynh_setup_source --dest_dir="$final_path"
+	ynh_setup_source --dest_dir="$final_path" --source_id="$architecture"
 fi

-# FIXME: this should be managed by the core in the future
-# Here, as a packager, you may have to tweak the ownerhsip/permissions
-# such that the appropriate users (e.g. maybe www-data) can access
-# files in some cases.
-# But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder -
-# this will be treated as a security issue.
 chmod 750 "$final_path"
 chmod -R o-rwx "$final_path"
 chown -R $app:$app "$final_path"
+chmod +x "$final_path/minio"

 #=================================================
 # NGINX CONFIGURATION
@ -146,14 +134,6 @@ ynh_script_progression --message="Starting a systemd service..." --time --weight

 ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"

-#=================================================
-# UPGRADE FAIL2BAN
-#=================================================
-ynh_script_progression --message="Reconfiguring Fail2Ban..." --time --weight=1
-
-# Create a dedicated Fail2Ban config
-ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login"
-
 #=================================================
 # RELOAD NGINX
 #=================================================