Merge pull request #622 from YunoHost-Apps/testing

Testing / switch to packaging V2 + proper mail config
2024-09-03 19:55:57 +02:00 · 2024-01-11 18:46:14 +01:00 · 2024-01-11 18:46:14 +01:00 · 3e60bacfa5
commit 3e60bacfa5
parent 9c6d1eea8e b4f66f67c5
31 changed files with 443 additions and 934 deletions
--- a/README.md
+++ b/README.md
@ -20,8 +20,7 @@ Nextcloud Hub is a fully open-source on-premises content collaboration platform.
 ### YunoHost-specific features
-In addition to Nextcloud core features, the following are made available with
+In addition to Nextcloud core features, the following are made available with this package:
 this package:
 * Integrate with YunoHost users and SSO - i.e. logout button
 * Allow one user to be the administrator (set at the installation)
@ -30,7 +29,7 @@ this package:
 * Serve `/.well-known` paths for CalDAV and CardDAV on the domain only if it's not already served - i.e. by Baïkal
-**Shipped version:** 27.1.4~ynh1
+**Shipped version:** 28.0.1~ynh1
 **Demo:** https://demo.nextcloud.com/
@ -38,25 +37,6 @@ this package:
 ![Screenshot of Nextcloud](./doc/screenshots/screenshot.png)
 ## Disclaimers / important information
 ### Configure ONLYOFFICE integration
 #### With Nextcloud App (no ARM support, lower performance)
 Starting from Nextcloud 18, it features a direct integration of ONLYOFFICE (an online rich text document editor) through a Nextcloud app.
 To install and configure it:
 - Install *Community Document Server* application in your Nextcloud. That's the part that runs ONLYOFFICE server.
 - Install *ONLYOFFICE* application. That's the client part that will connect to an ONLYOFFICE server.
 - Then in Settings -> ONLYOFFICE (`https://yourdomain.tld/nextcloud/settings/admin/onlyoffice`), if you want to configure which file formats should be opened by ONLYOFFICE.
 - Here you go :) You should be able to create new type of documents and open them.
 *NB: ONLYOFFICE Nextcloud App is only available for x86 architecture - for **ARM** architecture (Raspberry Pi, OLinuXino...), consider the YunoHost App below*
 #### With YunoHost App (ARM64 support, better performance)
 For better performance and ARM64 support, install ONLYOFFICE YunoHost App and connect it to Nextcloud, see the tutorial in the [doc of onlyoffice_ynh package](https://github.com/YunoHost-Apps/onlyoffice_ynh/blob/master/README_fr.md#configuration-de-onlyoffice-server)
 ## Documentation and resources
 * Official app website: <https://nextcloud.com>
--- a/README_fr.md
+++ b/README_fr.md
@ -29,7 +29,7 @@ En plus des fonctionnalités principales de Nextcloud, les fonctionnalités suiv
 * Utilise l'adresse `/.well-known` pour la synchronisation CalDAV et CardDAV du domaine si aucun autre service ne l'utilise déjà - par exemple, Baïkal
-**Version incluse :** 27.1.4~ynh1
+**Version incluse :** 28.0.1~ynh1
 **Démo :** https://demo.nextcloud.com/
@ -37,25 +37,6 @@ En plus des fonctionnalités principales de Nextcloud, les fonctionnalités suiv
 ![Capture d’écran de Nextcloud](./doc/screenshots/screenshot.png)
 ## Avertissements / informations importantes
 ### Configurer l'intégration d'ONLYOFFICE
 #### Avec l'application Nextcloud (pas de support ARM, performances limitées)
 À partir de sa version 18, Nextcloud inclut une intégration directe de ONLYOFFICE (un éditeur de texte enrichi en ligne) via une application Nextcloud.
 Pour l'installer et la configurer :
 - Installez l'application *Community Document Server* dans votre Nextcloud. C'est la partie qui fait tourner un serveur ONLYOFFICE.
 - Installez l'application *ONLYOFFICE*. C'est la partie cliente qui va se connecter au serveur ONLYOFFICE.
 - Ensuite dans les Paramètres -> ONLYOFFICE (`https://yourdomain.tld/nextcloud/settings/admin/onlyoffice`), si vous voulez configurer quels formats de fichier s'ouvrent avec ONLYOFFICE.
 - Et voilà :) Vous devriez pouvoir créer de nouveaux types de documents, et les ouvrir.
 *NB : l'app Nextcloud ONLYOFFICE Community Document Server n'est disponible que sous architecture x86 - Pour un support de l'architecture **ARM** (Raspberry Pi, OLinuXino...), installez plutôt l'App YunoHost, voir ci-dessous*
 #### Avec l'application YunoHost (support ARM64, meilleures performances)
 Pour  de meilleures performances et le support de ARM64, installez l'app YunoHost ONLYOFFICE, voir le tutoriel dans la [doc du paquet onlyoffice_ynh](https://github.com/YunoHost-Apps/onlyoffice_ynh/blob/master/README_fr.md#configuration-de-onlyoffice-server)
 ## Documentations et ressources
 * Site officiel de l’app : <https://nextcloud.com>
--- a/27
+++ b/27
@ -1,27 +0,0 @@
 ;; Test complet
 	; Manifest
 		domain="domain.tld"
 		path="/path"
 		admin="homer"
 		is_public=1
 		user_home="1"
 	; Checks
 		pkg_linter=1
 		setup_sub_dir=1
 		setup_root=1
 		setup_nourl=0
 		setup_private=1
 		setup_public=1
 		upgrade=1
 		#26.0.3
 		upgrade=1	from_commit=d02166a533dcf8aa82d49dbb6a3a2dd9a7411812
 		backup_restore=1
 		multi_instance=1
 		change_url=1
 ;;; Options
 Email=
 Notification=none
 ;;; Upgrade options
 	; commit=d02166a533dcf8aa82d49dbb6a3a2dd9a7411812
 		name=Merge pull request #495 from 26.0.3
 		manifest_arg=domain=DOMAIN&path=PATH&admin=USER&user_home=1&
--- a/conf/config.json
+++ b/conf/config.json
@ -13,7 +13,23 @@
     },
    "hashing_default_password": true,
    "localstorage.allowsymlinks": true,
-    "simpleSignUpLink.shown": false
+    "simpleSignUpLink.shown": false,
    "mail_smtpmode": "smtp",
    "mail_smtpport": "25",
    "mail_smtpauth": 1,
    "mail_smtpname": "__APP__",
    "mail_smtppassword": "__MAIL_PWD__",
    "mail_sendmailmode": "smtp",
    "mail_from_address": "__APP__",
    "mail_domain": "__DOMAIN__",
    "mail_smtphost": "localhost",
    "mail_smtpstreamoptions": {
      "ssl": {
        "allow_self_signed": true,
        "verify_peer": false,
        "verify_peer_name": false
      }
    }
  },
  "apps": {
    "user_ldap": {
--- a/conf/config_install.json
+++ b/conf/config_install.json
@ -1,9 +1,9 @@
-{
+{
-  "system": {
+  "system": {
-    "datadirectory": "__DATADIR__",
+    "datadirectory": "__DATA_DIR__/data/",
-    "trusted_domains": [
+    "trusted_domains": [
-      "localhost",
+      "localhost",
-      "__DOMAIN__"
+      "__DOMAIN__"
-    ]
+    ]
-  }
+  }
-}
+}
--- a/conf/extra_php-fpm.conf
+++ b/conf/extra_php-fpm.conf
@ -14,7 +14,7 @@ php_value[opcache.interned_strings_buffer]=32
 php_value[opcache.max_accelerated_files]=10000
 php_value[opcache.memory_consumption]=128
 php_value[opcache.save_comments]=1
-php_value[opcache.revalidate_freq]=1
+php_value[opcache.revalidate_freq]=60
 ; https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/caching_configuration.html#id1
 php_value[apc.enabled]=1
 php_value[apc.enable_cli]=1
--- a/conf/nextcloud.cron
+++ b/conf/nextcloud.cron
@ -1 +1 @@
-*/5  *  *  *  * __APP__ /usr/bin/php__PHPVERSION__ --define apc.enable_cli=1 -f __FINAL_PATH__/cron.php
+*/5  *  *  *  * __APP__ /usr/bin/php__PHPVERSION__ --define apc.enable_cli=1 -f __INSTALL_DIR__/cron.php
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@ -1,3 +1,12 @@
 # Add .mjs as a file extension for javascript
 # Either include it in the default mime.types list
 # or include you can include that list explicitly and add the file extension
 # only for Nextcloud like below:
 include mime.types;
 types {
    text/javascript js mjs;
 }
 location ^~ /.well-known {
  # The following 6 rules are borrowed from `.htaccess`
@ -9,29 +18,21 @@ location ^~ /.well-known {
  location = /.well-known/carddav     { return 301 __PATH__/remote.php/dav/; }
  location = /.well-known/caldav      { return 301 __PATH__/remote.php/dav/; }
-  location = /.well-known/webfinger     { return 301 __PATH__/index.php$uri; }
+  location = /.well-known/webfinger     { return 301 __PATH__/index.php$request_uri; }
  location = /.well-known/nodeinfo      { return 301 __PATH__/index.php$uri; }
-  try_files $uri $uri/ =404;
+  # Let Nextcloud's API for `/.well-known` URIs handle all other
  # requests by passing them to the front-end controller.
  return 301 __PATH__/index.php$request_uri;
 }
 #sub_path_only rewrite ^__PATH__$ __PATH__/ permanent;
 location ^~ __PATH__/ {
  # Path to source
-  alias __FINALPATH__/;
+  alias __INSTALL_DIR__/;
-  # Add headers to serve security related headers
+  # set max upload size and increase upload timeout:
  more_set_headers "Strict-Transport-Security: max-age=15768000; includeSubDomains; preload;";
  more_set_headers "Referrer-Policy: no-referrer";
  more_set_headers "X-Content-Type-Options: nosniff";
  more_set_headers "X-Download-Options: noopen";
  more_set_headers "X-Frame-Options: SAMEORIGIN";
  more_set_headers "X-Permitted-Cross-Domain-Policies: none";
  more_set_headers "X-Robots-Tag: noindex, nofollow";
  more_set_headers "X-XSS-Protection: 1; mode=block";
  # Set max upload size
  client_max_body_size 10G;
  client_body_timeout 300s;
  fastcgi_buffers 64 4K;
@ -53,6 +54,16 @@ location ^~ __PATH__/ {
  # for tunning hints
  client_body_buffer_size 512k;
  # HTTP response headers borrowed from Nextcloud `.htaccess`
  more_set_headers "Strict-Transport-Security: max-age=15768000; includeSubDomains; preload;";
  more_set_headers "Referrer-Policy: no-referrer";
  more_set_headers "X-Content-Type-Options: nosniff";
  more_set_headers "X-Download-Options: noopen";
  more_set_headers "X-Frame-Options: SAMEORIGIN";
  more_set_headers "X-Permitted-Cross-Domain-Policies: none";
  more_set_headers "X-Robots-Tag: noindex, nofollow";
  more_set_headers "X-XSS-Protection: 1; mode=block";
  # Remove X-Powered-By, which is an information leak
  fastcgi_hide_header X-Powered-By;
@ -80,7 +91,7 @@ location ^~ __PATH__/ {
    log_not_found off;
    access_log off;
  }
-
+  
  # Rules borrowed from `.htaccess` to hide certain paths from clients
  location ~ ^__PATH__/(?:build|tests|config|lib|3rdparty|templates|data)(?:$|/)    { return 404; }
  location ~ ^__PATH__/(?:\.|autotest|occ|issue|indie|db_|console)                  { return 404; }
@ -91,8 +102,6 @@ location ^~ __PATH__/ {
  # `/nextcloud/index.php` to the URI, resulting in a HTTP 500 error response.
  location ~ \.php(?:$|/) {
    # Required for legacy support
    # https://github.com/nextcloud/documentation/pull/2197#issuecomment-721432337
    # This line fix the ldap admin page
    rewrite ^__PATH__/(?!index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|ocs-provider\/.+|.+\/richdocumentscode\/proxy) __PATH__/index.php$request_uri;
    fastcgi_split_path_info ^(.+?\.php)(/.*)$;
@ -107,10 +116,19 @@ location ^~ __PATH__/ {
    fastcgi_param modHeadersAvailable true;         # Avoid sending the security headers twice
    fastcgi_param front_controller_active true;     # Enable pretty urls
-    fastcgi_param HTTP_ACCEPT_ENCODING "";          # Disable encoding of nextcloud response to inject ynh scripts
+    fastcgi_param HTTP_ACCEPT_ENCODING "";          # Disable encoding of Nextcloud response to inject ynh scripts
    fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock;
    fastcgi_intercept_errors on;
    fastcgi_request_buffering off;
    fastcgi_read_timeout 600;
    fastcgi_send_timeout 600;
    fastcgi_connect_timeout 600;
    proxy_connect_timeout 600;
    proxy_send_timeout 600;
    proxy_read_timeout 600;
    send_timeout 600;
  }
  location ~ ^__PATH__/(?:updater|ocs-provider)(?:$|/) {
@ -118,6 +136,7 @@ location ^~ __PATH__/ {
       index index.php;
  }
  # Serve static files
  location ~ \.(?:css|js|mjs|svg|gif|png|jpg|ico|wasm|tflite|map)$ {
    try_files $uri / __PATH__/index.php$request_uri;
    expires 6M;         # Cache-Control policy borrowed from `.htaccess`
@ -134,8 +153,13 @@ location ^~ __PATH__/ {
    access_log off;     # Optional: Don't log access to assets
  }
  # Rule borrowed from `.htaccess`
    location __PATH__/remote {
      return 301 __PATH__/remote.php$request_uri;
    }
  location ~ / {
-    if ($request_method ~ ^(PUT|DELETE|PATCH)$) {
+    if ($request_method ~ ^(PUT|DELETE|PATCH|PROPFIND|PROPPATCH)$) {
        rewrite ^ __PATH__/index.php$request_uri last;
    }
    try_files $uri / __PATH__/index.php$request_uri;
--- a/doc/ADMIN.md
+++ b/doc/ADMIN.md
@ -0,0 +1,24 @@
 ### Manually running Nextcloud commands
 You can run Nextcloud commands from the command line using:
 ```
 sudo -u __APP__ php__YNH_PHP_VERSION__ --define apc.enable_cli=1 __INSTALL_DIR__/occ ...
 ```
 Alternatively, you may open a 'Nextcloud shell' with `sudo yunohost app shell __APP__`, then run `php occ ...`
 ### ONLYOFFICE integration
 ONLYOFFICE is an online rich text document editor which can be integrated in Nextcloud
 #### With YunoHost App (ARM64 support, better performance)
 For better performance and ARM64 support (Raspberry Pi, OLinuXino...), install the [OnlyOffice YunoHost app](https://apps.yunohost.org/app/onlyoffice) and connect it to Nextcloud, see the tutorial in the [doc of onlyoffice_ynh package](https://github.com/YunoHost-Apps/onlyoffice_ynh/blob/master/README_fr.md#configuration-de-onlyoffice-server)
 #### Alternative: With Nextcloud App (no ARM support, lower performance)
 Nextcloud features a direct integration of ONLYOFFICE through a Nextcloud app.
 - Install *Community Document Server* application in your Nextcloud. That's the part that runs ONLYOFFICE server.
 - Install *ONLYOFFICE* application. That's the client part that will connect to an ONLYOFFICE server.
 - Then in Settings -> ONLYOFFICE (`https://__DOMAIN____PATH__/settings/admin/onlyoffice`), if you want to configure which file formats should be opened by ONLYOFFICE.
--- a/doc/ADMIN_fr.md
+++ b/doc/ADMIN_fr.md
@ -0,0 +1,24 @@
 ### Exécuter manuellement des commandes Nextcloud
 Vous pouvez lancer des commandes Nextcloud depuis la ligne de commande avec:
 ```
 sudo -u __APP__ php__YNH_PHP_VERSION__ --define apc.enable_cli=1 __INSTALL_DIR__/occ ...
 ```
 Ou bien, vous pouvez ouvrir un "shell Nextcloud" avec `sudo yunohost app shell __APP__`, puis lancer `php occ ...`
 ### Intégration d'ONLYOFFICE
 ONLYOFFICE est un éditeur de texte enrichi en ligne qui peut s'intégrer dans Nextcloud
 #### Avec l'application YunoHost (support ARM64, meilleures performances)
 Pour de meilleures performances et le support de ARM64 (Raspberry Pi, OLinuXino...), installez l'[app YunoHost OnlyOffice](https://apps.yunohost.org/app/onlyoffice), puis connectez-la à Nextcloud : voir le tutoriel dans la [doc du paquet onlyoffice_ynh](https://github.com/YunoHost-Apps/onlyoffice_ynh/blob/master/README_fr.md#configuration-de-onlyoffice-server)
 #### Alternative: avec l'application Nextcloud (pas de support ARM, performances limitées)
 Nextcloud inclut une intégration directe via une application Nextcloud.
 - Installez l'application *Community Document Server* dans votre Nextcloud. C'est la partie qui fait tourner un serveur ONLYOFFICE.
 - Installez l'application *ONLYOFFICE*. C'est la partie cliente qui va se connecter au serveur ONLYOFFICE.
 - Ensuite dans les Paramètres -> ONLYOFFICE (`https://__DOMAIN____PATH__/settings/admin/onlyoffice`), si vous voulez configurer quels formats de fichier s'ouvrent avec ONLYOFFICE.
--- a/doc/DESCRIPTION.md
+++ b/doc/DESCRIPTION.md
@ -2,8 +2,7 @@ Nextcloud Hub is a fully open-source on-premises content collaboration platform.
 ### YunoHost-specific features
-In addition to Nextcloud core features, the following are made available with
+In addition to Nextcloud core features, the following are made available with this package:
 this package:
 * Integrate with YunoHost users and SSO - i.e. logout button
 * Allow one user to be the administrator (set at the installation)
--- a/doc/DISCLAIMER.md
+++ b/doc/DISCLAIMER.md
@ -1,16 +0,0 @@
 ### Configure ONLYOFFICE integration
 #### With Nextcloud App (no ARM support, lower performance)
 Starting from Nextcloud 18, it features a direct integration of ONLYOFFICE (an online rich text document editor) through a Nextcloud app.
 To install and configure it:
 - Install *Community Document Server* application in your Nextcloud. That's the part that runs ONLYOFFICE server.
 - Install *ONLYOFFICE* application. That's the client part that will connect to an ONLYOFFICE server.
 - Then in Settings -> ONLYOFFICE (`https://yourdomain.tld/nextcloud/settings/admin/onlyoffice`), if you want to configure which file formats should be opened by ONLYOFFICE.
 - Here you go :) You should be able to create new type of documents and open them.
 *NB: ONLYOFFICE Nextcloud App is only available for x86 architecture - for **ARM** architecture (Raspberry Pi, OLinuXino...), consider the YunoHost App below*
 #### With YunoHost App (ARM64 support, better performance)
 For better performance and ARM64 support, install ONLYOFFICE YunoHost App and connect it to Nextcloud, see the tutorial in the [doc of onlyoffice_ynh package](https://github.com/YunoHost-Apps/onlyoffice_ynh/blob/master/README_fr.md#configuration-de-onlyoffice-server)
--- a/doc/DISCLAIMER_fr.md
+++ b/doc/DISCLAIMER_fr.md
@ -1,16 +0,0 @@
 ### Configurer l'intégration d'ONLYOFFICE
 #### Avec l'application Nextcloud (pas de support ARM, performances limitées)
 À partir de sa version 18, Nextcloud inclut une intégration directe de ONLYOFFICE (un éditeur de texte enrichi en ligne) via une application Nextcloud.
 Pour l'installer et la configurer :
 - Installez l'application *Community Document Server* dans votre Nextcloud. C'est la partie qui fait tourner un serveur ONLYOFFICE.
 - Installez l'application *ONLYOFFICE*. C'est la partie cliente qui va se connecter au serveur ONLYOFFICE.
 - Ensuite dans les Paramètres -> ONLYOFFICE (`https://yourdomain.tld/nextcloud/settings/admin/onlyoffice`), si vous voulez configurer quels formats de fichier s'ouvrent avec ONLYOFFICE.
 - Et voilà :) Vous devriez pouvoir créer de nouveaux types de documents, et les ouvrir.
 *NB : l'app Nextcloud ONLYOFFICE Community Document Server n'est disponible que sous architecture x86 - Pour un support de l'architecture **ARM** (Raspberry Pi, OLinuXino...), installez plutôt l'App YunoHost, voir ci-dessous*
 #### Avec l'application YunoHost (support ARM64, meilleures performances)
 Pour  de meilleures performances et le support de ARM64, installez l'app YunoHost ONLYOFFICE, voir le tutoriel dans la [doc du paquet onlyoffice_ynh](https://github.com/YunoHost-Apps/onlyoffice_ynh/blob/master/README_fr.md#configuration-de-onlyoffice-server)
--- a/doc/POST_UPGRADE.md
+++ b/doc/POST_UPGRADE.md
@ -0,0 +1 @@
 Note that if you've installed any third-party Nextcloud applications, they have probably been disabled. If so, you'll need to manually enable them again.
--- a/doc/POST_UPGRADE_fr.md
+++ b/doc/POST_UPGRADE_fr.md
@ -0,0 +1 @@
 Notez que si vous avez installé des applications Nextcloud tierces, elles sont probablement désactivées et vous devrez les réactiver manuellement.
--- a/hooks/post_user_delete
+++ b/hooks/post_user_delete
@ -0,0 +1,16 @@
 #!/bin/bash
 source /usr/share/yunohost/helpers
 user="$1"
 app="$(basename $0 | cut -d- -f 2-)" # Extract the app name from the script name, which is supposed to be something like "50-app_id"
 install_dir=$(ynh_app_setting_get --app=$app --key=install_dir)
 phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
 # Define a function to execute commands with `occ`
 exec_occ() {
  (cd "$install_dir" && ynh_exec_as "$app" \
      php${phpversion} --define apc.enable_cli=1 occ --no-interaction --no-ansi "$@")
 }
 exec_occ user:delete $user
--- a/manifest.json
+++ b/manifest.json
@ -1,70 +0,0 @@
 {
    "id": "nextcloud",
    "name": "Nextcloud",
    "packaging_format": 1,
    "description": {
        "en": "Online storage, file sharing platform and various other applications",
        "fr": "Stockage en ligne, plateforme de partage de fichiers et diverses autres applications"
    },
    "version": "27.1.4~ynh1",
    "url": "https://nextcloud.com",
    "upstream": {
        "license": "AGPL-3.0",
        "website": "https://nextcloud.com",
        "demo": "https://demo.nextcloud.com/",
        "admindoc": "https://docs.nextcloud.com/server/stable/admin_manual/",
        "userdoc": "https://docs.nextcloud.com/server/latest/user_manual/en/",
        "code": "https://github.com/nextcloud/server",
        "cpe": "cpe:2.3:a:nextcloud:nextcloud"
    },
    "license": "AGPL-3.0",
    "maintainer": {
        "name": "kay0u",
        "email": "pierre@kayou.io"
    },
    "requirements": {
        "yunohost": ">= 11.2"
    },
    "multi_instance": true,
    "services": [
        "nginx",
        "php8.1-fpm",
        "mysql"
    ],
    "arguments": {
        "install": [
            {
                "name": "domain",
                "type": "domain"
            },
            {
                "name": "path",
                "type": "path",
                "example": "/nextcloud",
                "default": "/nextcloud"
            },
            {
                "name": "admin",
                "type": "user"
            },
            {
                "name": "is_public",
                "type": "boolean",
                "help": {
                    "en": "You need to enable public if you want to connect Nextcloud Desktop client to Nextcloud server. This can be changed later via the webadmin.",
                    "fr": "Vous devez cocher cette case si vous souhaitez connecter le client Nextcloud Desktop au serveur Nextcloud. Cela peut être modifié ultérieurement via l'administrateur Web."
                },
                "default": true
            },
            {
                "name": "user_home",
                "type": "boolean",
                "ask": {
                    "en": "Access the users home folder from Nextcloud?",
                    "fr": "Accéder au dossier personnel des utilisateurs depuis Nextcloud ?"
                },
                "default": false
            }
        ]
    }
 }
--- a/manifest.toml
+++ b/manifest.toml
@ -0,0 +1,80 @@
 packaging_format = 2
 id = "nextcloud"
 name = "Nextcloud"
 description.en = "Online storage, file sharing platform and various other applications"
 description.fr = "Stockage en ligne, plateforme de partage de fichiers et diverses autres applications"
 version = "28.0.1~ynh1"
 maintainers = ["kay0u"]
 [upstream]
 license = "AGPL-3.0"
 website = "https://nextcloud.com"
 demo = "https://demo.nextcloud.com/"
 admindoc = "https://docs.nextcloud.com/server/stable/admin_manual/"
 userdoc = "https://docs.nextcloud.com/server/latest/user_manual/en/"
 code = "https://github.com/nextcloud/server"
 cpe = "cpe:2.3:a:nextcloud:nextcloud"
 [integration]
 yunohost = ">= 11.2"
 architectures = ["amd64", "arm64", "armhf"]
 multi_instance = true
 ldap = true
 sso = true
 disk = "50M"
 ram.build = "500M"
 ram.runtime = "512M"
 [install]
    [install.domain]
    type = "domain"
    [install.path]
    type = "path"
    default = "/nextcloud"
    [install.admin]
    type = "user"
    [install.init_main_permission]
    help.en = "You must activate 'Visitors' if you want to connect Nextcloud Desktop client to Nextcloud server. This can be changed later via the webadmin."
    help.fr = "Vous devez activer 'Visiteurs' si vous souhaitez connecter le client Nextcloud Desktop au serveur Nextcloud. Cela peut être modifié ultérieurement via l'administrateur Web."
    type = "group"
    default = "visitors"
    [install.user_home]
    ask.en = "Access the users home folder from Nextcloud?"
    ask.fr = "Accéder au dossier personnel des utilisateurs depuis Nextcloud ?"
    type = "boolean"
    default = false
 [resources]
    [resources.system_user]
    allow_email = true
    [resources.install_dir]
    [resources.data_dir]
    subdirs = ["data"]
    [resources.permissions]
    main.url = "/"
    api.url = "re:__DOMAIN__\\/.well-known\\/.*"
    api.auth_header = false
    api.show_tile = false
    api.protected= true
    api.allowed = ["visitors", "all_users"]
    [resources.apt]
    packages = "mariadb-server, imagemagick, libmagickcore-6.q16-6-extra, acl, tar, smbclient, at, php8.2-fpm, php8.2-bz2, php8.2-imap, php8.2-gmp, php8.2-gd, php8.2-intl, php8.2-curl, php8.2-apcu, php8.2-redis, php8.2-ldap, php8.2-imagick, php8.2-zip, php8.2-mbstring, php8.2-xml, php8.2-mysql, php8.2-igbinary, php8.2-bcmath"
    [resources.database]
    type = "mysql"
--- a/scripts/_common.sh
+++ b/scripts/_common.sh
@ -4,12 +4,6 @@
 # COMMON VARIABLES
 #=================================================
 YNH_PHP_VERSION="8.2"
 php_dependencies="php${YNH_PHP_VERSION}-fpm php${YNH_PHP_VERSION}-bz2 php${YNH_PHP_VERSION}-imap php${YNH_PHP_VERSION}-gmp php${YNH_PHP_VERSION}-gd php${YNH_PHP_VERSION}-intl php${YNH_PHP_VERSION}-curl php${YNH_PHP_VERSION}-apcu php${YNH_PHP_VERSION}-redis php${YNH_PHP_VERSION}-ldap php${YNH_PHP_VERSION}-imagick php${YNH_PHP_VERSION}-zip php${YNH_PHP_VERSION}-mbstring php${YNH_PHP_VERSION}-xml php${YNH_PHP_VERSION}-mysql php${YNH_PHP_VERSION}-igbinary php${YNH_PHP_VERSION}-bcmath"
 pkg_dependencies="imagemagick libmagickcore-6.q16-6-extra acl tar smbclient at $php_dependencies"
 #=================================================
 # EXPERIMENTAL HELPERS
 #=================================================
@ -46,7 +40,6 @@ is_url_handled() {
    fi
 }
 #=================================================
 # Check available space before creating a temp directory.
--- a/scripts/backup
+++ b/scripts/backup
@ -10,26 +10,6 @@ source ../settings/scripts/_common.sh
 source /usr/share/yunohost/helpers
 source ../settings/scripts/_ynh_mysql_dump_db.sh
 #=================================================
 # MANAGE SCRIPT FAILURE
 #=================================================
 # Exit if an error occurs during the execution of the script
 ynh_abort_if_errors
 #=================================================
 # LOAD SETTINGS
 #=================================================
 ynh_print_info --message="Loading installation settings..."
 app=$YNH_APP_INSTANCE_NAME
 final_path=$(ynh_app_setting_get --app=$app --key=final_path)
 domain=$(ynh_app_setting_get --app=$app --key=domain)
 db_name=$(ynh_app_setting_get --app=$app --key=db_name)
 phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
 datadir=$(ynh_app_setting_get --app=$app --key=datadir)
 #=================================================
 # DECLARE DATA AND CONF FILES TO BACKUP
 #=================================================
@ -39,7 +19,13 @@ ynh_print_info --message="Declaring files to be backed up..."
 # BACKUP THE APP MAIN DIR
 #=================================================
-ynh_backup --src_path="$final_path"
+ynh_backup --src_path="$install_dir"
 #=================================================
 # BACKUP THE DATA DIRECTORY
 #=================================================
 ynh_backup --src_path="$data_dir" --is_big
 #=================================================
 # BACKUP THE NGINX CONFIGURATION
@ -53,13 +39,6 @@ ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
 ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
 #=================================================
 # BACKUP THE MYSQL DATABASE
 #=================================================
 ynh_print_info --message="Backing up the MySQL database..."
 ynh_mysql_dump_db --database="$db_name" --default_character_set="utf8mb4" > db.sql
 #=================================================
 # SPECIFIC BACKUP
 #=================================================
@ -82,11 +61,11 @@ ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf"
 ynh_backup --src_path="/etc/cron.d/$app"
 #=================================================
-# BACKUP THE DATA DIRECTORY
+# BACKUP THE MYSQL DATABASE
 #=================================================
-ynh_print_info --message="Backing up data directory..."
+ynh_print_info --message="Backing up the MySQL database..."
-ynh_backup --src_path="$datadir" --is_big
+ynh_mysql_dump_db --database="$db_name" --default_character_set="utf8mb4" > db.sql
 #=================================================
 # END OF SCRIPT
--- a/scripts/change_url
+++ b/scripts/change_url
@ -9,132 +9,53 @@
 source _common.sh
 source /usr/share/yunohost/helpers
 #=================================================
 # RETRIEVE ARGUMENTS
 #=================================================
 old_domain=$YNH_APP_OLD_DOMAIN
 old_path=$YNH_APP_OLD_PATH
 new_domain=$YNH_APP_NEW_DOMAIN
 new_path=$YNH_APP_NEW_PATH
 app=$YNH_APP_INSTANCE_NAME
 #=================================================
 # LOAD SETTINGS
 #=================================================
 ynh_script_progression --message="Loading installation settings..."
 # Needed for helper "ynh_add_nginx_config"
 final_path=$(ynh_app_setting_get --app=$app --key=final_path)
 phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
 #=================================================
 # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
 #=================================================
 ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=1
 # Backup the current version of the app
 ynh_backup_before_upgrade
 ynh_clean_setup () {
 	# Remove the new domain config file, the remove script won't do it as it doesn't know yet its location.
 	ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
 	# Restore it if the upgrade fails
 	ynh_restore_upgradebackup
 }
 # Exit if an error occurs during the execution of the script
 ynh_abort_if_errors
 #=================================================
 # CHECK WHICH PARTS SHOULD BE CHANGED
 #=================================================
 change_domain=0
 if [ "$old_domain" != "$new_domain" ]
 then
 	change_domain=1
 fi
 change_path=0
 if [ "$old_path" != "$new_path" ]
 then
 	change_path=1
 fi
 #=================================================
 # STANDARD MODIFICATIONS
 #=================================================
 # MODIFY URL IN NGINX CONF
 #=================================================
 ynh_script_progression --message="Updating NGINX web server configuration..." --weight=2
-nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
+ynh_change_url_nginx_config
 # Change the path in the NGINX config file
 if [ $change_path -eq 1 ]
 then
 	# Make a backup of the original NGINX config file if modified
 	ynh_backup_if_checksum_is_different --file="$nginx_conf_path"
 	# Set global variables for NGINX helper
 	domain="$old_domain"
 	path_url="$new_path"
 	# Create a dedicated NGINX config
 	ynh_add_nginx_config
 fi
 # Change the domain for NGINX
 if [ $change_domain -eq 1 ]
 then
 	# Delete file checksum for the old conf file location
 	ynh_delete_file_checksum --file="$nginx_conf_path"
 	mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf
 	# Store file checksum for the new config file location
 	ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
 fi
 #=================================================
 # SPECIFIC MODIFICATIONS
 #=================================================
-ynh_script_progression --message="Applying Nextcloud specific modifications..." --weight=2
+ynh_script_progression --message="Applying $app specific modifications..." --weight=2
 # Define a function to execute commands with `occ`
 exec_occ() {
-  (cd "$final_path" && ynh_exec_as "$app" \
+  (cd "$install_dir" && ynh_exec_as "$app" \
      php${phpversion} --define apc.enable_cli=1 occ --no-interaction --no-ansi "$@")
 }
 if [ $change_domain -eq 1 ]
 then
-	# Change the trusted domain
+    # Change the trusted domain
-	exec_occ config:system:set trusted_domains 1 --value=$new_domain
+    exec_occ config:system:set trusted_domains 1 --value=$new_domain
-	# Change hostname for activity notifications
+    # Change hostname for activity notifications
-    exec_occ config:system:set overwrite.cli.url --value="https://${new_domain}"
+    exec_occ config:system:set overwrite.cli.url --value="https://${new_domain}${new_path}"
 fi
-if [ $change_domain -eq 1 ]
+    # Reload php fpm, necessary for force nextcloud to re-read config.php, cf opcache.revalidate_freq
-then
+    ynh_systemd_action --service_name=php${phpversion}-fpm --action=reload
 	# Check if .well-known is available for this domain
 	if is_url_handled --domain="$new_domain" --path="/.well-known/caldav" || is_url_handled --domain="$new_domain" --path="/.well-known/carddav"
 	then
 		ynh_print_warn --message="Another app already uses the domain $new_domain to serve a caldav/carddav feature. You may encounter issues when dealing with your calendar or address book."
-		# Remove lines about .well-known/carddav and caldav with sed.
+    # Check if .well-known is available for this domain
-		sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "/etc/nginx/conf.d/$new_domain.d/$app.conf"
+    if is_url_handled --domain="$new_domain" --path="/.well-known/caldav" || is_url_handled --domain="$new_domain" --path="/.well-known/carddav"
-		ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
+    then
-	fi
+        ynh_print_warn --message="Another app already uses the domain $new_domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book."
        # Remove lines about .well-known/carddav and caldav with sed.
        sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "/etc/nginx/conf.d/$new_domain.d/$app.conf"
        ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
    fi
 fi
 #=================================================
-# GENERIC FINALISATION
+# SETUP SSOWAT
 #=================================================
-# RELOAD NGINX
+ynh_script_progression --message="Configuring permissions..."
 #=================================================
 ynh_script_progression --message="Reloading NGINX web server..."
-ynh_systemd_action --service_name=nginx --action=reload
+# Temporary fix for the API permission
 ynh_permission_url --permission="api" --url="re:$new_domain\/.well-known\/.*" --auth_header="false" --clear_urls
 #=================================================
 # END OF SCRIPT
--- a/scripts/config
+++ b/scripts/config
@ -24,7 +24,7 @@ current_fpm_footprint=$(ynh_app_setting_get --app=$app --key=fpm_footprint)
 get__maintenance_mode() {
    # Maintenance mode status
-    maintenance_mode_status="$(cd "$final_path" && ynh_exec_as "$app" \
+    maintenance_mode_status="$(cd "$install_dir" && ynh_exec_as "$app" \
        php${phpversion} --define apc.enable_cli=1 occ --no-interaction --no-ansi maintenance:mode)" 2> /dev/null
    if echo $maintenance_mode_status | grep -q "disabled"
    then
@ -49,7 +49,7 @@ get__fpm_footprint() {
    fi
 }
-get__free_footprint() {
+get__fpm_free_footprint() {
    # Free footprint value for php-fpm
    # Check if current_fpm_footprint is an integer
    if [ "$current_fpm_footprint" -eq "$current_fpm_footprint" ] 2> /dev/null
@ -68,12 +68,12 @@ get__free_footprint() {
 set__maintenance_mode() {
    if [ "$maintenance_mode" -eq "0" ]; then
        # If maintenance_mode was set to 0, disable maintenance mode
-        (cd "$final_path" && ynh_exec_as "$app" \
+        (cd "$install_dir" && ynh_exec_as "$app" \
            php${phpversion} --define apc.enable_cli=1 occ --no-interaction --no-ansi maintenance:mode --off)
        ynh_print_info "Maintenance mode disabled"
    elif [ "$maintenance_mode" -eq "1" ]; then
        # If maintenance_mode was set to 1, enable maintenance mode
-        (cd "$final_path" && ynh_exec_as "$app" \
+        (cd "$install_dir" && ynh_exec_as "$app" \
            php${phpversion} --define apc.enable_cli=1 occ --no-interaction --no-ansi maintenance:mode --on)
        ynh_print_info "Maintenance mode enabled"
    fi
@ -120,7 +120,7 @@ ynh_app_config_validate() {
 ynh_app_config_apply() {
    _ynh_app_config_apply
-    ynh_add_fpm_config --phpversion=$phpversion --usage=$fpm_usage --footprint=$fpm_footprint
+    ynh_add_fpm_config
 }
 ynh_app_config_run $1
--- a/scripts/install
+++ b/scripts/install
@ -1,83 +1,17 @@
 #!/bin/bash
 #=================================================
 # GENERIC START
 #=================================================
 # IMPORT GENERIC HELPERS
 #=================================================
 source _common.sh
 source /usr/share/yunohost/helpers
 source _ynh_mysql_connect_as.sh
-#=================================================
+phpflags="--define apc.enable_cli=1"
 # MANAGE SCRIPT FAILURE
 #=================================================
-# Exit if an error occurs during the execution of the script
+ynh_app_setting_set --app=$app --key=phpflags --value=$phpflags
 ynh_abort_if_errors
 #=================================================
 # RETRIEVE ARGUMENTS FROM THE MANIFEST
 #=================================================
 domain=$YNH_APP_ARG_DOMAIN
 path_url=$YNH_APP_ARG_PATH
 admin=$YNH_APP_ARG_ADMIN
 user_home=$YNH_APP_ARG_USER_HOME
 is_public=$YNH_APP_ARG_IS_PUBLIC
 phpversion=$YNH_PHP_VERSION
 app=$YNH_APP_INSTANCE_NAME
 #=================================================
 # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
 #=================================================
 ynh_script_progression --message="Validating installation parameters..."
 final_path=/var/www/$app
 test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
 # Register (book) web path
 ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
 # Check machine architecture (Nextcloud will soon deprecate 32-bit support)
 if [ $YNH_ARCH == "i386" ] || [ $YNH_ARCH == "armhf" ]
 then
    ynh_print_warn --message="Nextcloud will soon deprecate 32-bit support. It is recommended to upgrade to a 64-bit architecture."
 fi
 #=================================================
 # STORE SETTINGS FROM MANIFEST
 #=================================================
 ynh_script_progression --message="Storing installation settings..."
 ynh_app_setting_set --app=$app --key=domain --value=$domain
 ynh_app_setting_set --app=$app --key=path --value=$path_url
 ynh_app_setting_set --app=$app --key=admin --value=$admin
 ynh_app_setting_set --app=$app --key=user_home --value=$user_home
 maintenance_mode=0
 ynh_app_setting_set --app=$app --key=maintenance_mode --value=$maintenance_mode
 #=================================================
 # STANDARD MODIFICATIONS
 #=================================================
 # INSTALL DEPENDENCIES
 #=================================================
 ynh_script_progression --message="Installing dependencies..." --weight=10
 ynh_install_app_dependencies $pkg_dependencies
 #=================================================
 # CREATE A MYSQL DATABASE
 #=================================================
-ynh_script_progression --message="Creating a MySQL database..." --weight=2
+ynh_script_progression --message="Migrate MySQL database to utf8..." --weight=2
 db_name=$(ynh_sanitize_dbid --db_name=$app)
 db_user=$db_name
 ynh_app_setting_set --app=$app --key=db_name --value=$db_name
 ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name
 ynh_mysql_connect_as --user=$db_user --password="$db_pwd" --database=$db_name \
    <<< "ALTER DATABASE $db_name CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;"
@ -85,7 +19,7 @@ ynh_mysql_connect_as --user=$db_user --password="$db_pwd" --database=$db_name \
 #=================================================
 # DOWNLOAD, CHECK AND UNPACK SOURCE
 #=================================================
-ynh_script_progression --message="Setting up source files..."
+ynh_script_progression --message="Setting up source files..." --weight=5
 # Load the last available version
 source upgrade.d/upgrade.last.sh
@ -99,37 +33,19 @@ SOURCE_FORMAT=tar.bz2
 SOURCE_IN_SUBDIR=true
 EOF
 ynh_app_setting_set --app=$app --key=final_path --value=$final_path
 # Enable YunoHost patches on Nextcloud sources
 cp -a ../sources/patches_last_version/* ../sources/patches
 # Download, check integrity, uncompress and patch the source from app.src
-ynh_setup_source --dest_dir="$final_path"
+ynh_setup_source --dest_dir="$install_dir"
 #=================================================
 # CREATE DEDICATED USER
 #=================================================
 ynh_script_progression --message="Configuring system user..." --weight=3
 # Create a system user
 ynh_system_user_create --username=$app
 #=================================================
 # PHP-FPM CONFIGURATION
 #=================================================
-ynh_script_progression --message="Configuring PHP-FPM..." --weight=50
+ynh_script_progression --message="Configuring PHP-FPM..." --weight=5
-fpm_footprint="high"
+ynh_app_setting_set --app=$app --key=fpm_footprint --value=high
-fpm_free_footprint=0
+ynh_app_setting_set --app=$app --key=fpm_usage --value=medium
-fpm_usage="medium"
+ynh_add_fpm_config
 ynh_app_setting_set --app=$app --key=fpm_footprint --value=$fpm_footprint
 ynh_app_setting_set --app=$app --key=fpm_free_footprint --value=$fpm_free_footprint
 ynh_app_setting_set --app=$app --key=fpm_usage --value=$fpm_usage
 # Create a dedicated php-fpm config
 ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint --phpversion=$YNH_PHP_VERSION
 # Used by ynh_add_nginx_config
 phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
 #=================================================
 # NGINX CONFIGURATION
@ -139,7 +55,7 @@ ynh_script_progression --message="Configuring NGINX web server..." --weight=2
 # Check if .well-known is available for this domain
 if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav"
 then
-    ynh_print_warn --message="Another app already uses the domain $domain to serve a caldav/carddav feature. You may encounter issues when dealing with your calendar or address book."
+    ynh_print_warn --message="Another app already uses the domain $domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book."
    # Remove lines about .well-known/carddav and caldav with sed.
    sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "../conf/nginx.conf"
@ -148,37 +64,23 @@ fi
 # Create a dedicated NGINX config
 ynh_add_nginx_config
 #=================================================
 # SPECIFIC SETUP
 #=================================================
 # CREATE THE DATA DIRECTORY
 #=================================================
 ynh_script_progression --message="Creating a data directory..." --weight=1
 # Define app's data directory
 datadir="/home/yunohost.app/$app/data"
 ynh_app_setting_set --app=$app --key=datadir --value=$datadir
 # Create app folders
 mkdir -p "$datadir"
 #=================================================
 # INSTALL NEXTCLOUD
 #=================================================
-ynh_script_progression --message="Installing Nextcloud..." --weight=30
+ynh_script_progression --message="Installing $app..." --weight=30
 # Define a function to execute commands with `occ`
 exec_occ() {
-  (cd "$final_path" && ynh_exec_as "$app" \
+  (cd "$install_dir" && ynh_exec_as "$app" \
      php${phpversion} --define apc.enable_cli=1 occ --no-interaction --no-ansi "$@")
 }
 # Set write access for the following commands
-chown -R $app: "$final_path" "$datadir"
+chown -R $app: "$install_dir" "$data_dir"
 # Define password in an intermediate var
 # The fact that it's called _password allows it to be
-# picked up by Yunohost's auto-redact mecanism
+# picked up by YunoHost's auto-redact mecanism
 admin_password="$(ynh_string_random --length=6)"
 # Install Nextcloud using a temporary admin user
@ -186,13 +88,13 @@ exec_occ maintenance:install \
    --database "mysql" --database-name $db_name \
    --database-user $db_user --database-pass "$db_pwd" \
    --admin-user "admin" --admin-pass "$admin_password" \
-    --data-dir "$datadir" \
+    --data-dir "$data_dir/data" \
    || ynh_die --message="Unable to install Nextcloud"
 #=================================================
 # CONFIGURE NEXTCLOUD
 #=================================================
-ynh_script_progression --message="Configuring Nextcloud..." --weight=8
+ynh_script_progression --message="Configuring $app..." --weight=8
 # Set the mysql.utf8mb4 config to true in config.php
 exec_occ config:system:set mysql.utf8mb4 --type boolean --value="true"
@ -205,7 +107,7 @@ exec_occ app:enable user_ldap
 exec_occ ldap:create-empty-config
 # Load the installation config file in Nextcloud
-nc_conf="$final_path/config_install.json"
+nc_conf="$install_dir/config_install.json"
 ynh_add_config --template="../conf/config_install.json" --destination="$nc_conf"
 exec_occ config:import "$nc_conf"
@ -214,7 +116,7 @@ exec_occ config:import "$nc_conf"
 ynh_secure_remove --file="$nc_conf"
 # Load the additional config file (used also for upgrade)
-nc_conf="$final_path/config.json"
+nc_conf="$install_dir/config.json"
 ynh_add_config --template="../conf/config.json" --destination="$nc_conf"
 exec_occ config:import "$nc_conf"
@ -237,10 +139,10 @@ exec_occ ldap:test-config '' \
 # Define a function to add an external storage
 # Create the external storage for the given folders and enable sharing
 create_external_storage() {
-  local datadir="$1"
+  local mount_dir="$1"
  local mount_name="$2"
  local mount_id=`exec_occ files_external:create --output=json \
-      "$mount_name" 'local' 'null::null' -c "datadir=$datadir" || true`
+      "$mount_name" 'local' 'null::null' -c "datadir=$mount_dir" || true`
  ! [[ $mount_id =~ ^[0-9]+$ ]] \
      && ynh_print_warn --message="Unable to create external storage" \
      || exec_occ files_external:option "$mount_id" enable_sharing true
@ -269,13 +171,13 @@ exec_occ config:system:get logout_url >/dev/null 2>&1 \
 \$main_domain = exec('cat /etc/yunohost/current_host');
 \$CONFIG['logout_url'] = 'https://'.\$main_domain.'/yunohost/sso/?action=logout';
 //-YunoHost-
-" >> "$final_path/config/config.php"
+" >> "$install_dir/config/config.php"
 #=================================================
 # CHANGE HOSTNAME FOR ACTIVITY NOTIFICATIONS
 #=================================================
-exec_occ config:system:set overwrite.cli.url --value="https://${domain}"
+exec_occ config:system:set overwrite.cli.url --value="https://${domain}${path}"
 #=================================================
 # REMOVE THE TEMPORARY ADMIN AND SET THE TRUE ONE
@ -292,7 +194,7 @@ exec_occ user:delete admin
 #=================================================
 # Calculate and store the config file checksum into the app settings
-ynh_store_file_checksum --file="$final_path/config/config.php"
+ynh_store_file_checksum --file="$install_dir/config/config.php"
 #=================================================
 # ADD A CRON JOB
@ -334,23 +236,23 @@ ynh_multimedia_addaccess $app
 #=================================================
 # Fix app ownerships & permissions
-chown -R $app:www-data "$final_path"
+chown -R $app:www-data "$install_dir"
-chown -R $app: "$datadir"
+chown -R $app: "$data_dir"
-find $final_path/ -type f -print0 | xargs -r0 chmod 0644
+find $install_dir/ -type f -print0 | xargs -r0 chmod 0644
-find $final_path/ -type d -print0 | xargs -r0 chmod 0755
+find $install_dir/ -type d -print0 | xargs -r0 chmod 0755
-find $datadir/ -type f -print0 | xargs -r0 chmod 0640
+find $data_dir/data/ -type f -print0 | xargs -r0 chmod 0640
-find $datadir/ -type d -print0 | xargs -r0 chmod 0750
+find $data_dir/data/ -type d -print0 | xargs -r0 chmod 0750
-chmod 640 "$final_path/config/config.php"
+chmod 640 "$install_dir/config/config.php"
 chmod 755 /home/yunohost.app
-chmod 750 $final_path
+chmod 750 $install_dir
 #=================================================
 # SETUP LOGROTATE
 #=================================================
-ynh_script_progression --message="Configuring log rotation..."
+ynh_script_progression --message="Configuring log rotation..." --weight=1
 # Use logrotate to manage application logfile(s)
-ynh_use_logrotate --logfile="$datadir/nextcloud.log"
+ynh_use_logrotate --logfile="$data_dir/data/nextcloud.log"
 #=================================================
 # SETUP FAIL2BAN
@ -358,27 +260,7 @@ ynh_use_logrotate --logfile="$datadir/nextcloud.log"
 ynh_script_progression --message="Configuring Fail2Ban..." --weight=8
 # Create a dedicated Fail2Ban config
-ynh_add_fail2ban_config --logpath="/home/yunohost.app/$app/data/nextcloud.log" --failregex="^.*Login failed: '.*' \(Remote IP: '<HOST>'.*$" --max_retry=5
+ynh_add_fail2ban_config --logpath="$data_dir/data/nextcloud.log" --failregex="^.*Login failed: '.*' \(Remote IP: '<HOST>'.*$" --max_retry=5
 #=================================================
 # SETUP SSOWAT
 #=================================================
 ynh_script_progression --message="Configuring permissions..."
 # Make app public if necessary
 if [ $is_public -eq 1 ]
 then
  ynh_permission_update --permission="main" --add="visitors"
 fi
 ynh_permission_create --permission="api" --label="api" --url="re:$domain\/.well-known\/.*" --allowed="visitors" "all_users" --auth_header="false" --show_tile="false" --protected="true"
 #=================================================
 # RELOAD NGINX
 #=================================================
 ynh_script_progression --message="Reloading NGINX web server..."
 ynh_systemd_action --service_name=nginx --action=reload
 #=================================================
 # END OF SCRIPT
--- a/scripts/remove
+++ b/scripts/remove
@ -1,126 +1,38 @@
 #!/bin/bash
 #=================================================
 # GENERIC START
 #=================================================
 # IMPORT GENERIC HELPERS
 #=================================================
 source _common.sh
 source /usr/share/yunohost/helpers
 #=================================================
-# LOAD SETTINGS
+# REMOVE SYSTEM CONFIGURATIONS
 #=================================================
-ynh_script_progression --message="Loading installation settings..." --weight=2
+# REMOVE SYSTEMD SERVICE 
 app=$YNH_APP_INSTANCE_NAME
 domain=$(ynh_app_setting_get --app=$app --key=domain)
 db_name=$(ynh_app_setting_get --app=$app --key=db_name)
 db_user=$db_name
 final_path=$(ynh_app_setting_get --app=$app --key=final_path)
 datadir=$(ynh_app_setting_get --app=$app --key=datadir)
 #=================================================
-# STANDARD REMOVE
+ynh_script_progression --message="Removing system configurations related to $app..." --weight=5
 #=================================================
 # REMOVE DEPENDENCIES
 #=================================================
 ynh_script_progression --message="Removing dependencies..." --weight=20
 # Remove metapackage and its dependencies
 ynh_remove_app_dependencies
 #=================================================
 # REMOVE THE MYSQL DATABASE
 #=================================================
 ynh_script_progression --message="Removing the MySQL database..." --weight=5
 # Remove a database if it exists, along with the associated user
 ynh_mysql_remove_db --db_user=$db_user --db_name=$db_name
 #=================================================
 # REMOVE APP MAIN DIR
 #=================================================
 ynh_script_progression --message="Removing app main directory..." --weight=3
 # Remove the app directory securely
 ynh_secure_remove --file="$final_path"
 #=================================================
 # REMOVE DATA DIR
 #=================================================
 # Remove the data directory if --purge option is used
 if [ "${YNH_APP_PURGE:-0}" -eq 1 ]
 then
 	ynh_script_progression --message="Removing app data directory..." --weight=1
 	ynh_secure_remove --file="$datadir"
 fi
 #=================================================
 # REMOVE NGINX CONFIGURATION
 #=================================================
 ynh_script_progression --message="Removing NGINX web server configuration..."
 # Remove the dedicated NGINX config
 ynh_remove_nginx_config
 #=================================================
 # REMOVE PHP-FPM CONFIGURATION
 #=================================================
 ynh_script_progression --message="Removing PHP-FPM configuration..." --weight=2
 # Remove the dedicated PHP-FPM config
 ynh_remove_fpm_config
 #=================================================
 # REMOVE LOGROTATE CONFIGURATION
 #=================================================
 ynh_script_progression --message="Removing logrotate configuration..."
 # Remove the app-specific logrotate config
 ynh_remove_logrotate
 #=================================================
 # REMOVE FAIL2BAN CONFIGURATION
 #=================================================
 ynh_script_progression --message="Removing Fail2Ban configuration..." --weight=8
 # Remove the dedicated Fail2Ban config
 ynh_remove_fail2ban_config
 #=================================================
 # SPECIFIC REMOVE
 #=================================================
 # REMOVE THE CRON FILE
 #=================================================
 # Remove a cron file
 # TODO: Ensure that cron job is not running (How !?)
 ynh_secure_remove --file="/etc/cron.d/$app"
-#=================================================
+# Cleaning ACL in home directories
 # CLEAN ACL IN HOME DIRECTORIES
 #=================================================
 for i in $(ls /home); do
  # Clean ACL in every directories in /home, except those which start with 'yunohost.'
  [[ ! $i == yunohost.* ]] \
    && setfacl --remove g:$app:rwx 2>&1
 done
 #=================================================
 # GENERIC FINALIZATION
 #=================================================
 # REMOVE DEDICATED USER
 #=================================================
 ynh_script_progression --message="Removing the dedicated system user..."
 # Delete a system user
 ynh_system_user_delete --username=$app
 #=================================================
 # END OF SCRIPT
 #=================================================
--- a/scripts/restore
+++ b/scripts/restore
@ -1,48 +1,9 @@
 #!/bin/bash
 #=================================================
 # GENERIC START
 #=================================================
 # IMPORT GENERIC HELPERS
 #=================================================
 source ../settings/scripts/_common.sh
 source /usr/share/yunohost/helpers
 source ../settings/scripts/_ynh_mysql_connect_as.sh
 #=================================================
 # MANAGE SCRIPT FAILURE
 #=================================================
 # Exit if an error occurs during the execution of the script
 ynh_abort_if_errors
 #=================================================
 # LOAD SETTINGS
 #=================================================
 ynh_script_progression --message="Loading settings..."
 app=$YNH_APP_INSTANCE_NAME
 domain=$(ynh_app_setting_get --app=$app --key=domain)
 path_url=$(ynh_app_setting_get --app=$app --key=path)
 final_path=$(ynh_app_setting_get --app=$app --key=final_path)
 db_name=$(ynh_app_setting_get --app=$app --key=db_name)
 db_user=$db_name
 phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
 datadir=$(ynh_app_setting_get --app=$app --key=datadir)
 fpm_footprint=$(ynh_app_setting_get --app=$app --key=fpm_footprint)
 fpm_usage=$(ynh_app_setting_get --app=$app --key=fpm_usage)
 #=================================================
 # CHECK IF THE APP CAN BE RESTORED
 #=================================================
 ynh_script_progression --message="Validating restoration parameters..." --weight=4
 test ! -d $final_path \
 	|| ynh_die --message="There is already a directory: $final_path "
 #=================================================
 # STANDARD RESTORATION STEPS
 #=================================================
@ -50,38 +11,15 @@ test ! -d $final_path \
 #=================================================
 ynh_script_progression --message="Restoring the app main directory..."
-ynh_restore_file --origin_path="$final_path"
+ynh_restore_file --origin_path="$install_dir"
 #=================================================
 # RESTORE THE MYSQL DATABASE
 #=================================================
 ynh_script_progression --message="Restoring the MySQL database..." --weight=9
 db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd)
 ynh_mysql_setup_db --db_user=$db_name --db_name=$db_name --db_pwd=$db_pwd
 ynh_mysql_connect_as --user=$db_name --password="$db_pwd" --database=$db_name \
    <<< "ALTER DATABASE $db_name CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;"
 ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name --default_character_set="utf8mb4" < ./db.sql
 #=================================================
 # RECREATE THE DEDICATED USER
 #=================================================
 ynh_script_progression --message="Recreating the dedicated system user..." --weight=3
 # Create the dedicated user (if not existing)
 ynh_system_user_create --username=$app
 #=================================================
 # SPECIFIC RESTORATION
 #=================================================
 # REINSTALL DEPENDENCIES
 #=================================================
 ynh_script_progression --message="Reinstalling dependencies..." --weight=10
 # Define and install dependencies
 ynh_install_app_dependencies $pkg_dependencies
 #=================================================
 # RESTORE THE PHP-FPM CONFIGURATION
 #=================================================
@ -91,7 +29,7 @@ ynh_script_progression --message="Reconfiguring PHP-FPM..." --weight=50
 ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
 # Recreate a dedicated php-fpm config
-ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint --phpversion=$phpversion
+ynh_add_fpm_config
 #=================================================
 # RESTORE THE NGINX CONFIGURATION
@ -102,9 +40,9 @@ ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
 # Check if .well-known is available for this domain
 if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav"
 then
-    ynh_print_warn --message="Another app already uses the domain $domain to serve a caldav/carddav feature. You may encounter issues when dealing with your calendar or address book."
+    ynh_print_warn --message="Another app already uses the domain $domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book."
-    # Remove lines about .well-known/carddav and caldav with sed.
+    # Remove lines about .well-known/CardDAV and CalDAV with sed.
    sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "/etc/nginx/conf.d/$domain.d/$app.conf"
 fi
@ -128,29 +66,27 @@ ynh_restore_file --origin_path="/etc/logrotate.d/$app"
 ynh_script_progression --message="Restoring data directory..." --weight=2
 # Use --not_mandatory for the data directory, because if the backup has been made with BACKUP_CORE_ONLY, there's no data into the backup.
-ynh_restore_file --origin_path="$datadir" --not_mandatory
+ynh_restore_file --origin_path="$data_dir" --not_mandatory
 mkdir -p "$datadir"
 #=================================================
 # RESTORE USER RIGHTS
 #=================================================
 # Fix app ownerships & permissions
-chown -R $app:www-data "$final_path"
+chown -R $app:www-data "$install_dir"
-chown -R $app: "$datadir"
+chown -R $app: "$data_dir"
-find $final_path/ -type f -print0 | xargs -r0 chmod 0644
+find $install_dir/ -type f -print0 | xargs -r0 chmod 0644
-find $final_path/ -type d -print0 | xargs -r0 chmod 0755
+find $install_dir/ -type d -print0 | xargs -r0 chmod 0755
-find $datadir/ -type f -print0 | xargs -r0 chmod 0640
+find $data_dir/data/ -type f -print0 | xargs -r0 chmod 0640
-find $datadir/ -type d -print0 | xargs -r0 chmod 0750
+find $data_dir/data/ -type d -print0 | xargs -r0 chmod 0750
-chmod 640 "$final_path/config/config.php"
+chmod 640 "$install_dir/config/config.php"
 chmod 755 /home/yunohost.app
-chmod 750 $final_path
+chmod 750 $install_dir
 # Iterate over users to extend their home folder permissions - for the external
 # storage plugin usage - and create relevant Nextcloud directories
 for u in $(ynh_user_list); do
-    mkdir -p "$datadir/$u"
+    mkdir -p "$data_dir/$u"
    setfacl --modify g:$app:rwx "/home/$u" || true
 done
@ -172,8 +108,8 @@ ynh_script_progression --message="Restoring the Fail2Ban configuration..." --wei
 ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf"
 ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf"
-# Make sure a log file exists (mostly for CI tests)
+# Make sure a log file exists (mostly for CI tests)
-logfile="/home/yunohost.app/$app/data/nextcloud.log"
+logfile="$data_dir/data/nextcloud.log"
 if [ ! -f "$logfile" ]; then
 	touch "$logfile"
 	chown $app: "$logfile"
--- a/scripts/upgrade
+++ b/scripts/upgrade
@ -1,105 +1,22 @@
 #!/bin/bash
 #=================================================
 # GENERIC START
 #=================================================
 # IMPORT GENERIC HELPERS
 #=================================================
 source _common.sh
 source /usr/share/yunohost/helpers
 #=================================================
 # LOAD SETTINGS
 #=================================================
 ynh_script_progression --message="Loading installation settings..." --weight=3
 app=$YNH_APP_INSTANCE_NAME
 domain=$(ynh_app_setting_get --app=$app --key=domain)
 path_url=$(ynh_app_setting_get --app=$app --key=path)
 admin=$(ynh_app_setting_get --app=$app --key=admin)
 final_path=$(ynh_app_setting_get --app=$app --key=final_path)
 db_name=$(ynh_app_setting_get --app=$app --key=db_name)
 db_user=$db_name
 user_home=$(ynh_app_setting_get --app=$app --key=user_home)
 maintenance_mode=$(ynh_app_setting_get --app=$app --key=maintenance_mode)
 fpm_footprint=$(ynh_app_setting_get --app=$app --key=fpm_footprint)
 fpm_usage=$(ynh_app_setting_get --app=$app --key=fpm_usage)
 #=================================================
 # CHECK VERSION
 #=================================================
 upgrade_type=$(ynh_check_app_version_changed)
 # Check machine architecture (Nextcloud will soon deprecate 32-bit support)
 if [ $YNH_ARCH == "i386" ] || [ $YNH_ARCH == "armhf" ]
 then
    ynh_print_warn --message="Nextcloud will soon deprecate 32-bit support. It is recommended to upgrade to a 64-bit architecture."
 fi
 #=================================================
 # ENSURE DOWNWARD COMPATIBILITY
 #=================================================
 ynh_script_progression --message="Ensuring downward compatibility..."
 # If db_name doesn't exist, create it
 if [ -z "$db_name" ]; then
 	db_name=$(ynh_sanitize_dbid --db_name=$app)
 	ynh_app_setting_set --app=$app --key=db_name --value=$db_name
 fi
 # If final_path doesn't exist, create it
 if [ -z "$final_path" ]; then
 	final_path=/var/www/$app
 	ynh_app_setting_set --app=$app --key=final_path --value=$final_path
 fi
 # If datadir doesn't exist, create it
 if [ -z "$datadir" ]; then
    datadir=/home/yunohost.app/$app
    ynh_app_setting_set --app=$app --key=datadir --value=$datadir
 fi
 # Remove the option backup_core_only if it's in the settings.yml file
 ynh_app_setting_delete --app=$app --key=backup_core_only
-# If maintenance_mode doesn't exist, create it
+# If phpflags doesn't exist, create it
-if [ -z "$maintenance_mode" ]; then
+if [ -z "${phpflags:-}" ]; then
-	maintenance_mode=0
+	phpflags="--define apc.enable_cli=1"
-	ynh_app_setting_set --app=$app --key=maintenance_mode --value=$maintenance_mode
+	ynh_app_setting_set --app=$app --key=phpflags --value=$phpflags
 fi
 # If fpm_footprint doesn't exist, create it
 if [ -z "$fpm_footprint" ]; then
 	fpm_footprint=high
 	ynh_app_setting_set --app=$app --key=fpm_footprint --value=$fpm_footprint
 fi
 # If fpm_free_footprint doesn't exist, create it
 if [ -z "$fpm_free_footprint" ]; then
 	fpm_free_footprint=0
 	ynh_app_setting_set --app=$app --key=fpm_free_footprint --value=$fpm_free_footprint
 fi
 # If fpm_usage doesn't exist, create it
 if [ -z "$fpm_usage" ]; then
 	fpm_usage=medium
 	ynh_app_setting_set --app=$app --key=fpm_usage --value=$fpm_usage
 fi
 # Cleaning legacy permissions
 if ynh_legacy_permissions_exists; then
    ynh_legacy_permissions_delete_all
    ynh_app_setting_delete --app=$app --key=is_public
 fi
 # Create a permission if needed
 if ! ynh_permission_exists --permission="api"; then
    ynh_permission_create --permission="api" --label="api" --url="re:$domain\/.well-known\/.*" --allowed="visitors" "all_users" --auth_header="false" --show_tile="false" --protected="true"
 fi
 # Delete existing ini configuration file (backward compatibility)
@ -107,97 +24,6 @@ if [ -f /etc/php/$YNH_PHP_VERSION/fpm/conf.d/20-$app.ini ]; then
    ynh_secure_remove --file=/etc/php/$YNH_PHP_VERSION/fpm/conf.d/20-$app.ini
 fi
 #=================================================
 # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
 #=================================================
 ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=30
 # Made a backup only after the version 11.0.0
 # Before, the datas will be always saved.
 # Get the current version number of nextcloud/owncloud
 current_version=$(grep OC_VersionString "$final_path/version.php" | cut -d\' -f2)
 current_major_version=${current_version%%.*}
 if [ $current_major_version -gt 11 ]
 then
    # Inform the backup/restore process that it should not save the data directory
    # Use only for the previous backup script that doesn't set 'is_big'
    ynh_app_setting_set --app=$app --key=backup_core_only --value=1
    # Backup the current version of the app
    ynh_backup_before_upgrade
    # Remove the option backup_core_only after the backup.
    ynh_app_setting_delete $app backup_core_only
    ynh_clean_setup () {
        # restore it if the upgrade fails
        ynh_restore_upgradebackup
    }
 fi
 # Exit if an error occurs during the execution of the script
 ynh_abort_if_errors
 if ynh_legacy_permissions_exists; then
    ynh_legacy_permissions_delete_all
    ynh_permission_create --permission="api" --label="api" --url="re:$domain\/.well-known\/.*" --allowed="visitors" "all_users" --auth_header="false" --show_tile="false" --protected="true"
 fi
 #=================================================
 # UPGRADE DEPENDENCIES
 #=================================================
 ynh_script_progression --message="Upgrading dependencies..." --weight=7
 ynh_install_app_dependencies $pkg_dependencies
 #=================================================
 # STANDARD UPGRADE STEPS
 #=================================================
 # CREATE DEDICATED USER
 #=================================================
 ynh_script_progression --message="Making sure dedicated system user exists..."
 # Create a dedicated user (if not existing)
 ynh_system_user_create --username=$app
 #=================================================
 # PHP-FPM CONFIGURATION
 #=================================================
 ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=2
 # Recreate a dedicated PHP-FPM config
 ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint
 phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
 #=================================================
 # NGINX CONFIGURATION
 #=================================================
 ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=2
 ynh_backup_if_checksum_is_different --file="/etc/nginx/conf.d/$domain.d/$app.conf"
 # Delete current NGINX configuration to be able to check if .well-known is already served.
 ynh_remove_nginx_config
 ynh_app_setting_delete --app=$app --key="checksum__etc_nginx_conf.d_$domain.d_$app.conf"
 # Wait untils NGINX has fully reloaded
 ynh_systemd_action --service_name=nginx --action=reload --line_match="Reloaded" --log_path="systemd"
 # Check if .well-known is available for this domain
 if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav"
 then
    ynh_print_warn --message="Another app already uses the domain $domain to serve a caldav/carddav feature. You may encounter issues when dealing with your calendar or address book."
    # Remove lines about .well-known/carddav and caldav with sed.
    sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "../conf/nginx.conf"
 fi
 # Create a dedicated NGINX config
 ynh_add_nginx_config
 #=================================================
 # SPECIFIC UPGRADE
 #=================================================
@ -205,35 +31,48 @@ ynh_add_nginx_config
 # VERSION TO THE NEXT ONE
 #=================================================
 current_version=$(grep OC_VersionString "$install_dir/version.php" | cut -d\' -f2)
 current_major_version=${current_version%%.*}
 # Define a function to execute commands with `occ`
 exec_occ() {
    # Backward compatibility to upgrade from older versions
-    if [ $current_major_version = "last" ] || [ $current_major_version -ge 24 ]
+    if [ $current_major_version = "last" ] || [ $current_major_version -ge 26 ]
    then
-        NEXTCLOUD_PHP_VERSION=$phpversion
+        NEXTCLOUD_PHP_VERSION="8.2"
-    elif [ $current_major_version -ge 15 ]
+    elif [ $current_major_version -ge 24 ]
    then
        NEXTCLOUD_PHP_VERSION="8.1"
    elif [ $current_major_version -ge 18 ]
    then
        NEXTCLOUD_PHP_VERSION="7.4"
    else
-        NEXTCLOUD_PHP_VERSION="7.0"
+        NEXTCLOUD_PHP_VERSION="7.1"
    fi
-(cd "$final_path" && ynh_exec_as "$app" \
+
    # NB : be super careful when designing this part of the code, because calling ynh_install_app_dependencies 
    # will do magic regarding php configuration and $phpversion when the php version of the dependencies changes ...
    phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
    if [[ "$NEXTCLOUD_PHP_VERSION" != "$phpversion" ]]; then
        local pkg_dependencies="$(dpkg-query --show --showformat='${Depends}' ${app}-ynh-deps)"
        pkg_dependencies="${pkg_dependencies//$phpversion/$NEXTCLOUD_PHP_VERSION}"
        ynh_install_app_dependencies "$pkg_dependencies"
    fi 
 (cd "$install_dir" && ynh_exec_as "$app" \
    php$NEXTCLOUD_PHP_VERSION --define apc.enable_cli=1 occ --no-interaction --no-ansi "$@")
 }
 # Define a function to add an external storage
 # Create the external storage for the given folders and enable sharing
 create_external_storage() {
-local datadir="$1"
+local mount_dir="$1"
 local mount_name="$2"
 local mount_id=$(exec_occ files_external:create --output=json \
-    "$mount_name" 'local' 'null::null' -c "datadir=$datadir" || true)
+    "$mount_name" 'local' 'null::null' -c "datadir=$mount_dir" || true)
 ! [[ $mount_id =~ ^[0-9]+$ ]] \
    && ynh_print_warn --message="Unable to create external storage" \
    || exec_occ files_external:option "$mount_id" enable_sharing true
 }
 # Define app's data directory
 datadir="/home/yunohost.app/$app/data"
 if [ "$upgrade_type" == "UPGRADE_APP" ]
 then
@ -246,13 +85,13 @@ then
    last_major_version=${last_version%%.*}
    # Set write access for the following commands
-    chown -R $app: "$final_path" "$datadir"
+    chown -R $app: "$install_dir" "$data_dir"
    # Print the current version number of Nextcloud
    exec_occ -V
    if [ "$(exec_occ config:system:get mysql.utf8mb4)" != "true" ]; then
-        db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd)
+        db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd)
        # Change your databases character set and collation
        ynh_mysql_connect_as --user=$db_user --password="$db_pwd" --database=$db_name \
        <<< "ALTER DATABASE $db_name CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;"
@ -297,7 +136,7 @@ then
        # Load the value for this version
        source upgrade.d/upgrade.$current_major_version.sh
-        ynh_print_info --message="Upgrade to nextcloud $next_version"
+        ynh_print_info --message="Upgrade to Nextcloud $next_version"
        # Create an app.src for this version of Nextcloud
        cat > ../conf/app.src << EOF
@ -314,17 +153,17 @@ EOF
        # Install the next nextcloud version in $tmpdir
        ynh_setup_source --dest_dir="$tmpdir"
        # Backup the config file in the temp dir
        cp -a "$install_dir/config/config.php" "$tmpdir/config/config.php"
        # Enable maintenance mode
        exec_occ maintenance:mode --on
        # Backup the config file in the temp dir
        cp -a "$final_path/config/config.php" "$tmpdir/config/config.php"
        # Backup 3rd party applications from the current Nextcloud
        # But do not overwrite if there is any upgrade
        # (apps directory already exists in Nextcloud archive)
        (
-        cd $final_path/apps
+        cd $install_dir/apps
        for nc_app_dir in */
        do
          if [ ! -d "$tmpdir/apps/$nc_app_dir" ]
@ -334,13 +173,13 @@ EOF
        done
        )
-        # Replace the old nextcloud by the new one
+        # Replace the old Nextcloud by the new one
-        ynh_secure_remove --file="$final_path"
+        ynh_secure_remove --file="$install_dir"
-        mv "$tmpdir" "$final_path"
+        mv "$tmpdir" "$install_dir"
        ynh_secure_remove --file="$tmpdir"
        # Set write access for the following commands
-        chown -R $app: "$final_path" "$datadir"
+        chown -R $app: "$install_dir" "$data_dir"
        # Upgrade Nextcloud (SUCCESS = 0, UP_TO_DATE = 3)
        exec_occ maintenance:mode --off
@ -348,10 +187,10 @@ EOF
        || [ $? -eq 3 ] || ynh_die --message="Unable to upgrade Nextcloud"
        # Get the new current version number
-        current_version=$(grep OC_VersionString "$final_path/version.php" | cut -d\' -f2)
+        current_version=$(grep OC_VersionString "$install_dir/version.php" | cut -d\' -f2)
        current_major_version=${current_version%%.*}
-        # Print the current version number of nextcloud
+        # Print the current version number of Nextcloud
        exec_occ -V
    done
@ -366,9 +205,9 @@ EOF
    ynh_script_progression --message="Reconfiguring Nextcloud..." --weight=9
    # Verify the checksum and backup the file if it's different
-    ynh_backup_if_checksum_is_different --file="$final_path/config/config.php"
+    ynh_backup_if_checksum_is_different --file="$install_dir/config/config.php"
-    nc_conf="${final_path}/config.json"
+    nc_conf="${install_dir}/config.json"
    ynh_add_config --template="../conf/config.json" --destination="$nc_conf"
    # Reneable the mail app
@ -382,6 +221,9 @@ EOF
    # Enable LDAP plugin
    exec_occ app:enable user_ldap
    # Update all installed apps
    exec_occ app:update --all
    # Load the config file in nextcloud
    exec_occ config:import "$nc_conf"
@ -400,13 +242,13 @@ EOF
    \$main_domain = exec('cat /etc/yunohost/current_host');
    \$CONFIG['logout_url'] = 'https://'.\$main_domain.'/yunohost/sso/?action=logout';
    //-YunoHost-
-    " >> "$final_path/config/config.php"
+    " >> "$install_dir/config/config.php"
    #=================================================
    # CHANGE HOSTNAME FOR ACTIVITY NOTIFICATIONS
    #=================================================
-    exec_occ config:system:set overwrite.cli.url --value="https://${domain}"
+    exec_occ config:system:set overwrite.cli.url --value="https://${domain}${path}"
    #=================================================
    # MOUNT HOME FOLDERS AS EXTERNAL STORAGE
@ -429,13 +271,63 @@ EOF
    #=================================================
    # Calculate and store the config file checksum into the app settings
-    ynh_store_file_checksum --file="${final_path}/config/config.php"
+    ynh_store_file_checksum --file="${install_dir}/config/config.php"
 fi
 #=================================================
-# UPDATE THE CRON JOB
+# REGEN SYSTEM CONFIGURATIONS
 #=================================================
 ynh_script_progression --message="Reapplying file permissions..." --weight=2
 # Fix app ownerships & permissions
 chown -R $app:www-data "$install_dir"
 chown -R $app: "$data_dir"
 find $install_dir/ -type f -print0 | xargs -r0 chmod 0644
 find $install_dir/ -type d -print0 | xargs -r0 chmod 0755
 find $data_dir/data/ -type f -print0 | xargs -r0 chmod 0640
 find $data_dir/data/ -type d -print0 | xargs -r0 chmod 0750
 chmod 640 "$install_dir/config/config.php"
 chmod 755 /home/yunohost.app
 chmod 750 $install_dir
 #=================================================
 # REGEN SYSTEM CONFIGURATIONS
 #=================================================
 ynh_script_progression --message="Regenerating system configurations for $app..." --weight=2
 # -------
 # PHP-FPM
 # -------
 ynh_add_fpm_config
 # -------
 # NGINX
 # -------
 # Delete current NGINX configuration to be able to check if .well-known is already served.
 ynh_backup_if_checksum_is_different --file="/etc/nginx/conf.d/$domain.d/$app.conf"
 ynh_remove_nginx_config
 ynh_app_setting_delete --app=$app --key="checksum__etc_nginx_conf.d_$domain.d_$app.conf"
 # Wait untils NGINX has fully reloaded
 ynh_systemd_action --service_name=nginx --action=reload --line_match="Reloaded" --log_path="systemd"
 # Check if .well-known is available for this domain
 if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav"
 then
    ynh_print_warn --message="Another app already uses the domain $domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book."
    # Remove lines about .well-known/carddav and caldav with sed.
    sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "../conf/nginx.conf"
 fi
 # Create a dedicated NGINX config
 ynh_add_nginx_config
 # -------
 # CRON JOB
 # -------
 cron_path="/etc/cron.d/$app"
 ynh_add_config --template="../conf/nextcloud.cron" --destination="$cron_path"
 chown root: "$cron_path"
@ -443,60 +335,18 @@ chmod 644 "$cron_path"
 exec_occ background:cron
-#=================================================
+# -------
-# GENERIC FINALIZATION
+# LOGROTATE
-#=================================================
+# -------
 # SECURE FILES AND DIRECTORIES
 #=================================================
 # Fix app ownerships & permissions
 chown -R $app:www-data "$final_path"
 chown -R $app: "$datadir"
 find $final_path/ -type f -print0 | xargs -r0 chmod 0644
 find $final_path/ -type d -print0 | xargs -r0 chmod 0755
 find $datadir/ -type f -print0 | xargs -r0 chmod 0640
 find $datadir/ -type d -print0 | xargs -r0 chmod 0750
 chmod 640 "$final_path/config/config.php"
 chmod 755 /home/yunohost.app
 chmod 750 $final_path
 #=================================================
 # WARNING ABOUT THIRD-PARTY APPS
 #=================================================
 if [ "$upgrade_type" == "UPGRADE_APP" ]
 then
    # Warn about possible disabled apps
    ynh_print_warn --message="Note that if you've installed some third-parties Nextcloud applications, \
    they are probably disabled and you'll have to manually enable them again."
 fi
 #=================================================
 # SETUP LOGROTATE
 #=================================================
 ynh_script_progression --message="Upgrading logrotate configuration..."
 # Use logrotate to manage app-specific logfile(s)
 ynh_use_logrotate --non-append
-#=================================================
+# -------
-# SETUP FAIL2BAN
+# FAIL2BAN
-#=================================================
+# -------
 ynh_script_progression --message="Reconfiguring Fail2Ban..." --weight=7
 # Create a dedicated Fail2Ban config
 ynh_add_fail2ban_config --logpath="/home/yunohost.app/$app/data/nextcloud.log" --failregex="^.*Login failed: '.*' \(Remote IP: '<HOST>'.*$" --max_retry=5
 #=================================================
 # GENERIC FINALIZATION
 #=================================================
 # RELOAD NGINX
 #=================================================
 ynh_script_progression --message="Reloading NGINX web server and PHP-FPM..."
 ynh_systemd_action --service_name=nginx --action=reload
 ynh_systemd_action --service_name="php${phpversion}-fpm" --action=reload
 #=================================================
 # END OF SCRIPT
 #=================================================
--- a/scripts/upgrade.d/upgrade.27.sh
+++ b/scripts/upgrade.d/upgrade.27.sh
@ -0,0 +1,7 @@
 #!/bin/bash
 # Last available Nextcloud version
 next_version="28.0.0"
 # Nextcloud tarball checksum sha256
 nextcloud_source_sha256="4e8b0b74b40221e85f92ab869d0873c69a52d7e43889d9259c6259428a6a36f2"
--- a/scripts/upgrade.d/upgrade.last.sh
+++ b/scripts/upgrade.d/upgrade.last.sh
@ -1,7 +1,7 @@
 #!/bin/bash
 # Last available Nextcloud version
-next_version="27.1.4"
+next_version="28.0.1"
 # Nextcloud tarball checksum sha256
-nextcloud_source_sha256="bec65f2166b82c9303baf476c1e424f71aa196dad010ffe4c0c39d03990d594c"
+nextcloud_source_sha256="2f80735b443082272fe6a3b5e32137957f1fc448c75342b94b5200b29725f3a4"
--- a/sources/patches_last_version/app-00-add-logout_url-conf.patch
+++ b/sources/patches_last_version/app-00-add-logout_url-conf.patch
@ -2,17 +2,17 @@ diff --git a/core/Controller/LoginController.php b/core/Controller/LoginControll
 index 13aef8f67a..55d8dbf9d1 100644
 --- a/core/Controller/LoginController.php
 +++ b/core/Controller/LoginController.php
-@@ -119,11 +119,12 @@ class LoginController extends Controller {
+@@ -97,11 +97,12 @@ class LoginController extends Controller {
 		}
 		$this->userSession->logout();
 -		$response = new RedirectResponse($this->urlGenerator->linkToRouteAbsolute(
 -			'core.login.showLoginForm',
-			['clear' => true] // this param the the code in login.js may be removed when the "Clear-Site-Data" is working in the browsers
+-			['clear' => true] // this param the code in login.js may be removed when the "Clear-Site-Data" is working in the browsers
 +		$redirectUrl = $this->config->getSystemValue('logout_url',
 +			$this->urlGenerator->linkToRouteAbsolute(
 +				'core.login.showLoginForm',
-+				['clear' => true] // this param the the code in login.js may be removed when the "Clear-Site-Data" is working in the browsers)
+				['clear' => true] // this param the code in login.js may be removed when the "Clear-Site-Data" is working in the browsers)
 		));
 -
 +		$response = new RedirectResponse($redirectUrl);
--- a/sources/patches_last_version/app-02-Allow-for-eval-in-JS-scripts-for-YunoHost-tile.patch
+++ b/sources/patches_last_version/app-02-Allow-for-eval-in-JS-scripts-for-YunoHost-tile.patch
@ -5,13 +5,13 @@ diff --git a/lib/public/AppFramework/Http/ContentSecurityPolicy.php b/lib/public
 index e9ecf00036..8e69c8d2dc 100644
 --- a/lib/public/AppFramework/Http/ContentSecurityPolicy.php
 +++ b/lib/public/AppFramework/Http/ContentSecurityPolicy.php
-@@ -44,7 +44,8 @@ class ContentSecurityPolicy extends EmptyContentSecurityPolicy {
+@@ -42,7 +42,8 @@ class ContentSecurityPolicy extends EmptyContentSecurityPolicy {
 	/** @var bool Whether inline JS snippets are allowed */
 	protected $inlineScriptAllowed = false;
 	/** @var bool Whether eval in JS scripts is allowed */
 -	protected $evalScriptAllowed = false;
 +	// YunoHost patch: allow for eval in JS scripts for YunoHost tile
 +	protected $evalScriptAllowed = true;
 	/** @var bool Whether WebAssembly compilation is allowed */
 	protected ?bool $evalWasmAllowed = false;
 	/** @var bool Whether strict-dynamic should be set */
 	protected $strictDynamicAllowed = null;
 	/** @var array Domains from which scripts can get loaded */
--- a/tests.toml
+++ b/tests.toml
@ -0,0 +1,12 @@
 test_format = 1.0
 [default]
    # -------------------------------
    # Commits to test upgrade from
    # -------------------------------
    test_upgrade_from.c5cf91ad.name = "Upgrade from 25.0.2"
    test_upgrade_from.caf917f3.name = "Upgrade from 26.0.2"
    test_upgrade_from.9c6d1eea.name = "Upgrade from 27.1.4"
`@ -1 +1 @@`
	`/5 * * * __APP__ /usr/bin/php__PHPVERSION__ --define apc.enable_cli=1 -f __FINAL_PATH__/cron.php`	`/5 * * * __APP__ /usr/bin/php__PHPVERSION__ --define apc.enable_cli=1 -f __INSTALL_DIR__/cron.php`
		`@ -0,0 +1 @@`
							`Note that if you've installed any third-party Nextcloud applications, they have probably been disabled. If so, you'll need to manually enable them again.`
		`@ -0,0 +1 @@`
							`Notez que si vous avez installé des applications Nextcloud tierces, elles sont probablement désactivées et vous devrez les réactiver manuellement.`