diff --git a/actions.toml b/actions.toml
new file mode 100644
index 0000000..32d6c58
--- /dev/null
+++ b/actions.toml
@@ -0,0 +1,45 @@
+[sftp]
+name = "Enable or disable the sftp access"
+command = "/bin/bash scripts/actions/sftp"
+# user = "root" # optional
+# cwd = "/" # optional
+# accepted_return_codes = [0, 1, 2, 3] # optional
+accepted_return_codes = [0]
+
+ [sftp.arguments]
+ [sftp.arguments.with_sftp]
+ type = "boolean"
+ ask = "Do you need a SFTP access?"
+ default = true
+
+[public_private]
+name = "Move to public or private"
+command = "/bin/bash scripts/actions/public_private"
+# user = "root" # optional
+# cwd = "/" # optional
+# accepted_return_codes = [0, 1, 2, 3] # optional
+accepted_return_codes = [0]
+description = "Change the public access of the app."
+
+ [public_private.arguments]
+ [public_private.arguments.is_public]
+ type = "boolean"
+ ask = "Is it a public app ?"
+ default = true
+
+[create_database]
+name = "Create a database"
+command = "/bin/bash scripts/actions/create_database"
+# user = "root" # optional
+# cwd = "/" # optional
+# accepted_return_codes = [0, 1, 2, 3] # optional
+accepted_return_codes = [0]
+description = "Create a database or replace a previous one."
+
+[remove_database]
+name = "Remove a database"
+command = "/bin/bash scripts/actions/remove_database"
+# user = "root" # optional
+# cwd = "/" # optional
+# accepted_return_codes = [0, 1, 2, 3] # optional
+accepted_return_codes = [0]
diff --git a/config_panel.toml b/config_panel.toml
new file mode 100644
index 0000000..3ce3d75
--- /dev/null
+++ b/config_panel.toml
@@ -0,0 +1,65 @@
+version = "0.1"
+name = "My webapp configuration panel"
+
+[main]
+name = "My webapp configuration"
+
+ [main.sftp]
+ name = "SFTP access"
+
+ [main.sftp.sftp]
+ ask = "Do you need a SFTP access ?"
+ type = "boolean"
+ default = true
+
+ [main.sftp.password]
+ ask = "Set a password for the SFTP access. ≥ 5 character"
+ type = "password"
+ optional = true
+ help = "If a password already exist, it will not be replaced."
+
+ [main.is_public]
+ name = "Public access"
+
+ [main.is_public.is_public]
+ ask = "Is it a public website ?"
+ type = "boolean"
+ default = true
+
+
+ [main.overwrite_files]
+ name = "Overwriting config files"
+
+ [main.overwrite_files.overwrite_nginx]
+ ask = "Overwrite the nginx config file ?"
+ type = "boolean"
+ default = false
+ help = "If the file is overwritten, a backup will be created."
+
+ [main.overwrite_files.overwrite_phpfpm]
+ ask = "Overwrite the php-fpm config file ?"
+ type = "boolean"
+ default = true
+ help = "If the file is overwritten, a backup will be created."
+
+
+ [main.php_fpm_config]
+ name = "PHP-FPM configuration"
+
+ [main.php_fpm_config.footprint]
+ ask = "Memory footprint of the service ?"
+ choices = ["low", "medium", "high", "specific"]
+ default = "low"
+ help = "low <= 20Mb per pool. medium between 20Mb and 40Mb per pool. high > 40Mb per pool.
Use specific to set a value with the following option."
+
+ [main.php_fpm_config.free_footprint]
+ ask = "Memory footprint of the service ?"
+ type = "number"
+ default = "0"
+ help = "Free field to specify exactly the footprint in Mb if you don't want to use one of the three previous values."
+
+ [main.php_fpm_config.usage]
+ ask = "Expected usage of the service ?"
+ choices = ["low", "medium", "high"]
+ default = "low"
+ help = "low: Personal usage, behind the sso. No RAM footprint when not used, but the impact on the processor can be high if many users are using the service.
medium: Low usage, few people or/and publicly accessible. Low RAM footprint, medium processor footprint when used.
high: High usage, frequently visited website. High RAM footprint, but lower on processor usage and quickly responding."
diff --git a/manifest.json b/manifest.json
index 8ad12ff..2ce99c7 100644
--- a/manifest.json
+++ b/manifest.json
@@ -14,7 +14,7 @@
"email": "apps@yunohost.org"
},
"requirements": {
- "yunohost": ">= 3.5.0"
+ "yunohost": ">= 3.6.0"
},
"multi_instance": true,
"services": [
diff --git a/scripts/actions/create_database b/scripts/actions/create_database
new file mode 100755
index 0000000..f8ddb6f
--- /dev/null
+++ b/scripts/actions/create_database
@@ -0,0 +1,64 @@
+#!/bin/bash
+
+#=================================================
+# GENERIC STARTING
+#=================================================
+# IMPORT GENERIC HELPERS
+#=================================================
+
+source scripts/_common.sh
+source /usr/share/yunohost/helpers
+
+#=================================================
+# RETRIEVE ARGUMENTS
+#=================================================
+
+with_mysql=$(ynh_app_setting_get --app=$app --key=with_mysql)
+final_path=$(ynh_app_setting_get --app=$app --key=final_path)
+
+app=${YNH_APP_INSTANCE_NAME:-$YNH_APP_ID}
+
+#=================================================
+# CHECK IF ARGUMENTS ARE CORRECT
+#=================================================
+
+#=================================================
+# CHECK IF AN ACTION HAS TO BE DONE
+#=================================================
+
+#=================================================
+# SPECIFIC ACTION
+#=================================================
+# REMOVE THE PREVIOUS DATABASE
+#=================================================
+ynh_script_progression --message="Removing the previous database..." --weight=6
+
+if [ $with_mysql -eq 1 ]
+then
+ yunohost app action run $app remove_database
+fi
+
+#=================================================
+# CREATE A NEW DATABASE
+#=================================================
+ynh_script_progression --message="Creating a new database..." --weight=4
+
+db_name=$(ynh_sanitize_dbid --db_name=$app)
+
+# Reuse the previous password if existing
+db_pwd=$(grep "pass:" "$final_path/db_access.txt" | cut -d' ' -f2 2> /dev/null)
+
+ynh_mysql_setup_db --db_user=$db_name --db_name=$db_name --db_pwd=$db_pwd
+
+echo -e "# MySQL Database
+ name: ${db_name}\nuser: ${db_name}\npass: ${db_pwd}" > "$final_path/db_access.txt"
+
+# Update the config of the app
+ynh_app_setting_set --app=$app --key=with_mysql --value=1
+ynh_app_setting_set --app=$app --key=db_name --value=$db_name
+
+#=================================================
+# END OF SCRIPT
+#=================================================
+
+ynh_script_progression --message="Execution completed" --last
diff --git a/scripts/actions/public_private b/scripts/actions/public_private
new file mode 100755
index 0000000..778a6a3
--- /dev/null
+++ b/scripts/actions/public_private
@@ -0,0 +1,74 @@
+#!/bin/bash
+
+#=================================================
+# GENERIC STARTING
+#=================================================
+# IMPORT GENERIC HELPERS
+#=================================================
+
+source scripts/_common.sh
+source /usr/share/yunohost/helpers
+
+#=================================================
+# RETRIEVE ARGUMENTS
+#=================================================
+
+# Get is_public
+is_public=${YNH_ACTION_IS_PUBLIC}
+
+app=${YNH_APP_INSTANCE_NAME:-$YNH_APP_ID}
+
+#=================================================
+# CHECK IF ARGUMENTS ARE CORRECT
+#=================================================
+
+#=================================================
+# CHECK IF AN ACTION HAS TO BE DONE
+#=================================================
+
+is_public_old=$(ynh_app_setting_get --app=$app --key=is_public)
+
+if [ $is_public -eq $is_public_old ]
+then
+ ynh_die --message="is_public is already set as $is_public." --ret_code=0
+fi
+
+#=================================================
+# SPECIFIC ACTION
+#=================================================
+# MOVE TO PUBLIC OR PRIVATE
+#=================================================
+
+if [ $is_public -eq 0 ]; then
+ public_private="private"
+else
+ public_private="public"
+fi
+ynh_script_progression --message="Moving the application to $public_private..." --weight=3
+
+if [ $is_public -eq 0 ]
+then
+ ynh_app_setting_delete --app=$app --key=skipped_uris
+else
+ ynh_app_setting_set --app=$app --key=skipped_uris --value="/"
+fi
+
+ynh_script_progression --message="Upgrading SSOwat configuration..."
+# Regen ssowat configuration
+yunohost app ssowatconf
+
+# Update the config of the app
+ynh_app_setting_set --app=$app --key=is_public --value=$is_public
+
+#=================================================
+# RELOAD NGINX
+#=================================================
+ynh_script_progression --message="Reloading nginx web server..."
+
+ynh_systemd_action --service_name=nginx --action=reload
+
+#=================================================
+# END OF SCRIPT
+#=================================================
+
+ynh_script_progression --message="Execution completed" --last
diff --git a/scripts/actions/remove_database b/scripts/actions/remove_database
new file mode 100755
index 0000000..d7c4477
--- /dev/null
+++ b/scripts/actions/remove_database
@@ -0,0 +1,50 @@
+#!/bin/bash
+
+#=================================================
+# GENERIC STARTING
+#=================================================
+# IMPORT GENERIC HELPERS
+#=================================================
+
+source scripts/_common.sh
+source /usr/share/yunohost/helpers
+
+#=================================================
+# RETRIEVE ARGUMENTS
+#=================================================
+
+with_mysql=$(ynh_app_setting_get --app=$app --key=with_mysql)
+
+app=${YNH_APP_INSTANCE_NAME:-$YNH_APP_ID}
+
+#=================================================
+# CHECK IF ARGUMENTS ARE CORRECT
+#=================================================
+
+#=================================================
+# CHECK IF AN ACTION HAS TO BE DONE
+#=================================================
+
+if [ $with_mysql -eq 0 ]
+then
+ ynh_die --message="There's no database to remove." --ret_code=0
+fi
+
+#=================================================
+# SPECIFIC ACTION
+#=================================================
+# REMOVE THE DATABASE
+#=================================================
+ynh_script_progression --message="Removing the database..." --weight=9
+
+db_name=$(ynh_app_setting_get --app=$app --key=db_name)
+ynh_mysql_remove_db --db_user=$db_name --db_name=$db_name
+
+# Update the config of the app
+ynh_app_setting_set --app=$app --key=with_mysql --value=0
+
+#=================================================
+# END OF SCRIPT
+#=================================================
+
+ynh_script_progression --message="Execution completed" --last
diff --git a/scripts/actions/sftp b/scripts/actions/sftp
new file mode 100755
index 0000000..da2aede
--- /dev/null
+++ b/scripts/actions/sftp
@@ -0,0 +1,73 @@
+#!/bin/bash
+
+#=================================================
+# GENERIC STARTING
+#=================================================
+# IMPORT GENERIC HELPERS
+#=================================================
+
+source scripts/_common.sh
+source /usr/share/yunohost/helpers
+
+#=================================================
+# RETRIEVE ARGUMENTS
+#=================================================
+
+app=${YNH_APP_INSTANCE_NAME:-$YNH_APP_ID}
+
+with_sftp=${YNH_ACTION_WITH_SFTP}
+user=$(ynh_app_setting_get --app=$app --key=user)
+
+#=================================================
+# CHECK IF ARGUMENTS ARE CORRECT
+#=================================================
+
+#=================================================
+# CHECK IF AN ACTION HAS TO BE DONE
+#=================================================
+
+with_sftp_old=$(ynh_app_setting_get --app=$app --key=with_sftp)
+
+if [ $with_sftp -eq $with_sftp_old ]
+then
+ ynh_die --message="with_sftp is already set as $with_sftp." --ret_code=0
+fi
+
+#=================================================
+# SPECIFIC ACTION
+#=================================================
+# MOVE TO PUBLIC OR PRIVATE
+#=================================================
+
+if [ $with_sftp -eq 1 ]
+then
+ ynh_script_progression --message="Configuring ssh to add a SFTP access..." --weight=3
+
+ cp -R conf/ssh_regenconf_hook /usr/share/yunohost/hooks/conf_regen/90-ssh_$app
+
+ ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file=/usr/share/yunohost/hooks/conf_regen/90-ssh_$app
+ ynh_replace_string --match_string="__USER__" --replace_string="$user" --target_file=/usr/share/yunohost/hooks/conf_regen/90-ssh_$app
+ yunohost tools regen-conf ssh
+else
+ ynh_script_progression --message="Removing the custom ssh config for the SFTP access..." --weight=3
+
+ sed -i "/##-> ${app}/,/##<- ${app}/d" /etc/ssh/sshd_config
+ # Remove regen-conf hook
+ ynh_secure_remove --file="/usr/share/yunohost/hooks/conf_regen/90-ssh_$app"
+fi
+
+# Update the config of the app
+ynh_app_setting_set --app=$app --key=with_sftp --value=$with_sftp
+
+#=================================================
+# RELOAD SSH
+#=================================================
+ynh_script_progression --message="Reloading SSH..."
+
+ynh_systemd_action --service_name=ssh --action=reload
+
+#=================================================
+# END OF SCRIPT
+#=================================================
+
+ynh_script_progression --message="Execution completed" --last
diff --git a/scripts/config b/scripts/config
new file mode 100644
index 0000000..94463cd
--- /dev/null
+++ b/scripts/config
@@ -0,0 +1,159 @@
+#!/bin/bash
+
+#=================================================
+# GENERIC STARTING
+#=================================================
+# IMPORT GENERIC HELPERS
+#=================================================
+
+source _common.sh
+source /usr/share/yunohost/helpers
+
+#=================================================
+# RETRIEVE ARGUMENTS
+#=================================================
+
+app=${YNH_APP_INSTANCE_NAME:-$YNH_APP_ID}
+
+#=================================================
+# SPECIFIC CODE
+#=================================================
+# LOAD VALUES
+#=================================================
+
+# Load the real value from the app config or elsewhere.
+# Then get the value from the form.
+# If the form has a value for a variable, take the value from the form,
+# Otherwise, keep the value from the app config.
+
+# with_sftp
+old_with_sftp="$(ynh_app_setting_get --app=$app --key=with_sftp)"
+with_sftp="${YNH_CONFIG_MAIN_SFTP_SFTP:-$old_with_sftp}"
+
+# sftp password
+is_password_exist=0
+ynh_print_OFF; password=$(ynh_app_setting_get --app=$app --key=password)
+if [ -n "$password" ]
+then
+ ynh_print_warn --memssage="A password already exist, it will not be replaced."
+ # If a password already exist, unset the variable password and to not change it.
+ unset password
+ is_password_exist=1
+else
+ # Otherwise, get the new password
+ password="$YNH_CONFIG_MAIN_SFTP_PASSWORD"
+fi
+ynh_print_ON
+
+
+# is_public
+old_is_public="$(ynh_app_setting_get --app=$app --key=is_public)"
+is_public="${YNH_CONFIG_MAIN_IS_PUBLIC_IS_PUBLIC:-$old_is_public}"
+
+
+# Overwrite nginx configuration
+old_overwrite_nginx="$(ynh_app_setting_get --app=$app --key=overwrite_nginx)"
+overwrite_nginx="${YNH_CONFIG_MAIN_OVERWRITE_FILES_OVERWRITE_NGINX:-$old_overwrite_nginx}"
+
+# Overwrite php-fpm configuration
+old_overwrite_phpfpm="$(ynh_app_setting_get --app=$app --key=overwrite_phpfpm)"
+overwrite_phpfpm="${YNH_CONFIG_MAIN_OVERWRITE_FILES_OVERWRITE_PHPFPM:-$old_overwrite_phpfpm}"
+
+
+# Footprint for php-fpm
+old_fpm_footprint="$(ynh_app_setting_get --app=$app --key=fpm_footprint)"
+fpm_footprint="${YNH_CONFIG_MAIN_PHP_FPM_CONFIG_FOOTPRINT:-$old_fpm_footprint}"
+
+# Free footprint value for php-fpm
+# Check if fpm_footprint is an integer
+if [ "$fpm_footprint" -eq "$fpm_footprint" ] 2> /dev/null
+then
+ # If fpm_footprint is an integer, that's a numeric value for the footprint
+ old_free_footprint=$fpm_footprint
+else
+ old_free_footprint=0
+fi
+free_footprint="${YNH_CONFIG_MAIN_PHP_FPM_CONFIG_FREE_FOOTPRINT:-$old_free_footprint}"
+
+# Usage for php-fpm
+old_fpm_usage="$(ynh_app_setting_get --app=$app --key=fpm_usage)"
+fpm_usage="${YNH_CONFIG_MAIN_PHP_FPM_CONFIG_USAGE:-$old_fpm_usage}"
+
+#=================================================
+# SHOW_CONFIG FUNCTION FOR 'SHOW' COMMAND
+#=================================================
+
+show_config() {
+ # here you are supposed to read some config file/database/other then print the values
+ # ynh_return "YNH_CONFIG_${PANEL_ID}_${SECTION_ID}_${OPTION_ID}=value"
+ ynh_return "YNH_CONFIG_MAIN_SFTP_SFTP=$with_sftp"
+# ynh_print_OFF; ynh_return "YNH_CONFIG_MAIN_SFTP_PASSWORD=$password"; ynh_print_ON
+
+ ynh_return "YNH_CONFIG_MAIN_IS_PUBLIC_IS_PUBLIC=$is_public"
+
+ ynh_return "YNH_CONFIG_MAIN_PHP_FPM_CONFIG_FOOTPRINT=$fpm_footprint"
+ ynh_return "YNH_CONFIG_MAIN_PHP_FPM_CONFIG_FREE_FOOTPRINT=$free_footprint"
+ ynh_return "YNH_CONFIG_MAIN_PHP_FPM_CONFIG_USAGE=$fpm_usage"
+}
+
+#=================================================
+# MODIFY THE CONFIGURATION
+#=================================================
+
+apply_config() {
+ # Change public accessibility
+ if [ "$is_public" = "1" ]
+ then
+ yunohost app action run $app public_private --args is_public=1
+ else
+ yunohost app action run $app public_private --args is_public=0
+ fi
+
+ #=================================================
+ # REMOVE OR ADD SFTP ACCESS
+ #=================================================
+
+ if [ "$with_sftp" != "$old_with_sftp" ]
+ then
+ yunohost app action run $app sftp --args with_sftp=$with_sftp
+
+ # Change the password only if none was already set for the user
+ if [ $is_password_exist -eq 0 ] && [ $with_sftp -eq 1 ]
+ then
+ # Check password strength
+ if [ ${#password} -le 5 ]
+ then
+ ynh_print_err --message="The password is too weak, it must be longer than 5 characters."
+ # Disable the sftp access, as the password is incorrect
+ yunohost app action run $app sftp --args with_sftp=0
+ else
+ user=$(ynh_app_setting_get --app=$app --key=user)
+ # Add the password to the user
+ ynh_print_OFF
+ chpasswd <<< "${user}:${password}"
+ ynh_app_setting_set --app=$app --key=password --value="$password"
+ ynh_print_ON
+ fi
+ fi
+ fi
+
+ #=================================================
+ # RECONFIGURE PHP-FPM
+ #=================================================
+
+ if [ "$fpm_usage" != "$old_fpm_usage" ] || [ "$fpm_footprint" != "$old_fpm_footprint" ]
+ then
+ ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint
+ fi
+}
+
+#=================================================
+# GENERIC FINALIZATION
+#=================================================
+# SELECT THE ACTION FOLLOWING THE GIVEN ARGUMENT
+#=================================================
+
+case $1 in
+ show) show_config;;
+ apply) apply_config;;
+esac
diff --git a/scripts/install b/scripts/install
index b1bdd3f..facdddb 100644
--- a/scripts/install
+++ b/scripts/install
@@ -66,6 +66,8 @@ ynh_app_setting_set --app=$app --key=with_sftp --value=$with_sftp
ynh_app_setting_set --app=$app --key=user --value=$user
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
+ynh_app_setting_set --app=$app --key=overwrite_nginx --value=0
+ynh_app_setting_set --app=$app --key=overwrite_phpfpm --value=1
ynh_app_setting_set --app=$app --key=admin_mail_html --value=1
#=================================================
diff --git a/scripts/upgrade b/scripts/upgrade
index 1a97251..67714ca 100644
--- a/scripts/upgrade
+++ b/scripts/upgrade
@@ -27,6 +27,8 @@ password=$(ynh_app_setting_get --app=$app --key=password)
with_sftp=$(ynh_app_setting_get --app=$app --key=with_sftp)
user=$(ynh_app_setting_get --app=$app --key=user)
+overwrite_nginx=$(ynh_app_setting_get --app=$app --key=overwrite_nginx)
+overwrite_phpfpm=$(ynh_app_setting_get --app=$app --key=overwrite_phpfpm)
admin_mail_html=$(ynh_app_setting_get --app=$app --key=admin_mail_html)
fpm_footprint=$(ynh_app_setting_get --app=$app --key=fpm_footprint)
@@ -58,6 +60,23 @@ if [ -z "$final_path" ]; then
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
fi
+# If overwrite_nginx doesn't exist, create it
+if [ -z "$overwrite_nginx" ]; then
+ overwrite_nginx=0
+ ynh_app_setting_set --app=$app --key=overwrite_nginx --value=$overwrite_nginx
+fi
+
+# If overwrite_phpfpm doesn't exist, create it
+if [ -z "$overwrite_phpfpm" ]; then
+ overwrite_phpfpm=1
+ ynh_app_setting_set --app=$app --key=overwrite_phpfpm --value=$overwrite_phpfpm
+fi
+
+# If admin_mail_html doesn't exist, create it
+if [ -z "$admin_mail_html" ]; then
+ admin_mail_html=1
+ ynh_app_setting_set --app=$app --key=admin_mail_html --value=$admin_mail_html
+fi
# If fpm_footprint doesn't exist, create it
if [ -z "$fpm_footprint" ]; then
@@ -104,9 +123,8 @@ path_url=$(ynh_normalize_url_path --path_url=$path_url)
# NGINX CONFIGURATION
#=================================================
-modified_config=$(ynh_backup_if_checksum_is_different --file="/etc/nginx/conf.d/$domain.d/$app.conf")
-# Replace nginx config only if it wasn't modified.
-if [ -z "$modified_config" ]
+# Overwrite the nginx configuration only if it's allowed
+if [ $overwrite_nginx -eq 1 ]
then
ynh_script_progression --message="Upgrading nginx web server configuration..." --weight=2
@@ -136,9 +154,8 @@ usermod -g "$user" "$user"
# PHP-FPM CONFIGURATION
#=================================================
-modified_config=$(ynh_backup_if_checksum_is_different --file="/etc/php/7.0/fpm/pool.d/$app.conf")
-# Replace nginx config only if it wasn't modified.
-if [ -z "$modified_config" ]
+# Overwrite the php-fpm configuration only if it's allowed
+if [ $overwrite_phpfpm -eq 1 ]
then
ynh_script_progression --message="Upgrading php-fpm configuration..." --weight=2