diff --git a/README.md b/README.md
index 19a56b5..abbb063 100644
--- a/README.md
+++ b/README.md
@@ -5,7 +5,8 @@ It shall NOT be edited by hand.
# OpenTracker for YunoHost
-[](https://dash.yunohost.org/appci/app/opentracker)  
+[](https://dash.yunohost.org/appci/app/opentracker)  
+
[](https://install-app.yunohost.org/?app=opentracker)
*[Lire ce readme en français.](./README_fr.md)*
@@ -20,16 +21,6 @@ Bittorrent tracker
**Shipped version:** 1.0~ynh3
**Demo:** https://dispatch.khlieng.com/connect
-## Disclaimers / important information
-
-## Configuration
-
-`udp://serverIP:6969`
-
-by default the tracker will run on 6969 port on both UDP and TCP.
-
-visit `http://serverIP:6969/stats` to view the tracker stats.
-
## Documentation and resources
* Official app website:
diff --git a/README_fr.md b/README_fr.md
index dcd5d5a..af75b29 100644
--- a/README_fr.md
+++ b/README_fr.md
@@ -5,35 +5,26 @@ It shall NOT be edited by hand.
# OpenTracker pour YunoHost
-[](https://dash.yunohost.org/appci/app/opentracker)  
+[](https://dash.yunohost.org/appci/app/opentracker)  
+
[](https://install-app.yunohost.org/?app=opentracker)
*[Read this readme in english.](./README.md)*
-> *Ce package vous permet d'installer OpenTracker rapidement et simplement sur un serveur YunoHost.
-Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.*
+> *Ce package vous permet d’installer OpenTracker rapidement et simplement sur un serveur YunoHost.
+Si vous n’avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l’installer et en profiter.*
-## Vue d'ensemble
+## Vue d’ensemble
-Tracker Bittorrent
+Bittorrent tracker
**Version incluse :** 1.0~ynh3
**Démo :** https://dispatch.khlieng.com/connect
-## Avertissements / informations importantes
-
-## Configuration
-
-`udp://serverIP:6969`
-
-par défaut, le tracker s'exécutera sur le port 6969 à la fois sur UDP et TCP.
-
-visitez `http://serverIP:6969/stats` pour afficher les statistiques du tracker.
-
## Documentations et ressources
-* Site officiel de l'app :
-* Documentation officielle de l'admin :
+* Site officiel de l’app :
+* Documentation officielle de l’admin :
* Documentation YunoHost pour cette app :
* Signaler un bug :
@@ -49,4 +40,4 @@ ou
sudo yunohost app upgrade opentracker -u https://github.com/YunoHost-Apps/opentracker_ynh/tree/testing --debug
```
-**Plus d'infos sur le packaging d'applications :**
+**Plus d’infos sur le packaging d’applications :**
\ No newline at end of file
diff --git a/conf/systemd.service b/conf/systemd.service
index 59ff1b9..1bff240 100644
--- a/conf/systemd.service
+++ b/conf/systemd.service
@@ -7,10 +7,44 @@ User=__APP__
Group=__APP__
Type=simple
UMask=000
-WorkingDirectory=__FINALPATH__
-ExecStart=__FINALPATH__/opentracker &
+WorkingDirectory=__INSTALL_DIR__
+ExecStart=__INSTALL_DIR__/opentracker &
RestartSec=15
Restart=always
+# Sandboxing options to harden security
+# Depending on specificities of your service/app, you may need to tweak these
+# .. but this should be a good baseline
+# Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html
+NoNewPrivileges=yes
+PrivateTmp=yes
+PrivateDevices=yes
+RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 AF_NETLINK
+RestrictNamespaces=yes
+RestrictRealtime=yes
+DevicePolicy=closed
+ProtectClock=yes
+ProtectHostname=yes
+ProtectProc=invisible
+ProtectSystem=full
+ProtectControlGroups=yes
+ProtectKernelModules=yes
+ProtectKernelTunables=yes
+LockPersonality=yes
+SystemCallArchitectures=native
+SystemCallFilter=~@clock @debug @module @mount @obsolete @reboot @setuid @swap @cpu-emulation @privileged
+
+# Denying access to capabilities that should not be relevant for webapps
+# Doc: https://man7.org/linux/man-pages/man7/capabilities.7.html
+CapabilityBoundingSet=~CAP_RAWIO CAP_MKNOD
+CapabilityBoundingSet=~CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE
+CapabilityBoundingSet=~CAP_SYS_BOOT CAP_SYS_TIME CAP_SYS_MODULE CAP_SYS_PACCT
+CapabilityBoundingSet=~CAP_LEASE CAP_LINUX_IMMUTABLE CAP_IPC_LOCK
+CapabilityBoundingSet=~CAP_BLOCK_SUSPEND CAP_WAKE_ALARM
+CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG
+CapabilityBoundingSet=~CAP_MAC_ADMIN CAP_MAC_OVERRIDE
+CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW
+CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG
+
[Install]
WantedBy=multi-user.target
diff --git a/doc/DISCLAIMER.md b/doc/ADMIN.md
similarity index 100%
rename from doc/DISCLAIMER.md
rename to doc/ADMIN.md
diff --git a/doc/DISCLAIMER_fr.md b/doc/ADMIN_fr.md
similarity index 100%
rename from doc/DISCLAIMER_fr.md
rename to doc/ADMIN_fr.md
diff --git a/doc/DESCRIPTION.md b/doc/DESCRIPTION.md
new file mode 100644
index 0000000..727b391
--- /dev/null
+++ b/doc/DESCRIPTION.md
@@ -0,0 +1 @@
+Bittorrent tracker
\ No newline at end of file
diff --git a/manifest.json b/manifest.json
deleted file mode 100644
index 46be125..0000000
--- a/manifest.json
+++ /dev/null
@@ -1,33 +0,0 @@
-{
- "name": "OpenTracker",
- "id": "opentracker",
- "packaging_format": 1,
- "description": {
- "en": "Bittorrent tracker",
- "fr": "Tracker Bittorrent"
- },
- "version": "1.0~ynh3",
- "url": "http://erdgeist.org/arts/software/opentracker/",
- "upstream": {
- "license": "Beerware",
- "website": "http://erdgeist.org/arts/software/opentracker/",
- "demo": "https://dispatch.khlieng.com/connect",
- "admindoc": "http://erdgeist.org/arts/software/opentracker/"
- },
- "license": "Beerware",
- "maintainer": {
- "name": "liberodark",
- "email": "liberodark@gmail.com"
- },
- "requirements": {
- "yunohost": ">= 4.3.0"
- },
- "multi_instance": false,
- "services": [
- "nginx"
- ],
- "arguments": {
- "install": [
- ]
- }
-}
diff --git a/manifest.toml b/manifest.toml
new file mode 100644
index 0000000..4403c99
--- /dev/null
+++ b/manifest.toml
@@ -0,0 +1,44 @@
+packaging_format = 2
+
+id = "opentracker"
+name = "OpenTracker"
+description.en = "Bittorrent tracker"
+description.fr = "Tracker Bittorrent"
+
+version = "1.0~ynh3"
+
+maintainers = ["liberodark"]
+
+[upstream]
+license = "Beerware"
+website = "http://erdgeist.org/arts/software/opentracker/"
+demo = "https://dispatch.khlieng.com/connect"
+admindoc = "http://erdgeist.org/arts/software/opentracker/"
+
+[integration]
+yunohost = ">= 11.1.18"
+architectures = "all"
+multi_instance = false
+ldap = false
+sso = false
+disk = "50M"
+ram.build = "50M"
+ram.runtime = "50M"
+
+[install]
+
+[resources]
+
+ [resources.ports]
+
+ main.default = 6969
+ main.exposed = "Both"
+
+ [resources.system_user]
+
+ [resources.install_dir]
+
+ [resources.permissions]
+
+ [resources.apt]
+ packages = "libowfat-dev zlib1g-dev make build-essential"
diff --git a/scripts/_common.sh b/scripts/_common.sh
index 6119194..944a65e 100644
--- a/scripts/_common.sh
+++ b/scripts/_common.sh
@@ -4,9 +4,6 @@
# COMMON VARIABLES
#=================================================
-# dependencies used by the app
-pkg_dependencies="libowfat-dev zlib1g-dev make build-essential"
-
#=================================================
# PERSONAL HELPERS
#=================================================
diff --git a/scripts/backup b/scripts/backup
index cc98370..ac5b947 100644
--- a/scripts/backup
+++ b/scripts/backup
@@ -10,26 +10,6 @@
source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
-#=================================================
-# MANAGE SCRIPT FAILURE
-#=================================================
-
-ynh_clean_setup () {
- ynh_clean_check_starting
-}
-# Exit if an error occurs during the execution of the script
-ynh_abort_if_errors
-
-#=================================================
-# LOAD SETTINGS
-#=================================================
-ynh_print_info --message="Loading installation settings..."
-
-app=$YNH_APP_INSTANCE_NAME
-
-final_path=$(ynh_app_setting_get --app=$app --key=final_path)
-port=$(ynh_app_setting_get --app=$app --key=port)
-
#=================================================
# DECLARE DATA AND CONF FILES TO BACKUP
#=================================================
@@ -39,7 +19,7 @@ ynh_print_info --message="Declaring files to be backed up..."
# BACKUP THE APP MAIN DIR
#=================================================
-ynh_backup --src_path="$final_path"
+ynh_backup --src_path="$install_dir"
#=================================================
# BACKUP SYSTEMD
diff --git a/scripts/install b/scripts/install
index be8668e..5c8ee36 100644
--- a/scripts/install
+++ b/scripts/install
@@ -9,76 +9,15 @@
source _common.sh
source /usr/share/yunohost/helpers
-#=================================================
-# MANAGE SCRIPT FAILURE
-#=================================================
-
-ynh_clean_setup () {
- ynh_clean_check_starting
-}
-# Exit if an error occurs during the execution of the script
-ynh_abort_if_errors
-
-#=================================================
-# RETRIEVE ARGUMENTS FROM THE MANIFEST
-#=================================================
-
-# Retrieve arguments
-#domain=$YNH_APP_ARG_DOMAIN
-app=$YNH_APP_INSTANCE_NAME
-
-#=================================================
-# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
-#=================================================
-ynh_script_progression --message="Validating installation parameters..." --weight=1
-
-final_path=/opt/yunohost/$app
-test ! -e "$final_path" || ynh_die "This path already contains a folder"
-
-#=================================================
-# STORE SETTINGS FROM MANIFEST
-#=================================================
-ynh_script_progression --message="Storing installation settings..." --weight=1
-
-#ynh_app_setting_set --app=$app --key=domain --value=$domain
-
-#=================================================
-# FIND AND OPEN A PORT
-#=================================================
-ynh_script_progression --message="Finding an available port..." --weight=1
-
-# Find a free port
-port=$(ynh_find_port --port=6969)
-ynh_app_setting_set --app=$app --key=port --value=$port
-
-# Open the port
-ynh_exec_warn_less yunohost firewall allow Both $port
-
-#=================================================
-# INSTALL DEPENDENCIES
-#=================================================
-ynh_script_progression --message="Installing dependencies..." --weight=2
-
-ynh_install_app_dependencies $pkg_dependencies
-
-#=================================================
-# CREATE DEDICATED USER
-#=================================================
-ynh_script_progression --message="Configuring system user..." --weight=1
-
-# Create a system user
-ynh_system_user_create --username=$app --home_dir="$final_path"
-
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_script_progression --message="Installing OpenTracker..." --weight=5
-ynh_app_setting_set --app=$app --key=final_path --value=$final_path
-git clone git://erdgeist.org/opentracker "$final_path" --quiet
-cp ../conf/Makefile $final_path/Makefile
-cp ../conf/opentracker.conf.sample $final_path/opentracker.conf
-pushd $final_path
+git clone git://erdgeist.org/opentracker "$install_dir" --quiet
+cp ../conf/Makefile $install_dir/Makefile
+cp ../conf/opentracker.conf.sample $install_dir/opentracker.conf
+pushd $install_dir
ynh_exec_warn_less make
popd
@@ -97,8 +36,8 @@ ynh_add_systemd_config
#=================================================
# Set permissions to app files
-chown -R $app: $final_path
-chmod +x $final_path/$app
+chown -R $app: $install_dir
+chmod +x $install_dir/$app
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
diff --git a/scripts/remove b/scripts/remove
index 11f4b5c..7288418 100644
--- a/scripts/remove
+++ b/scripts/remove
@@ -9,17 +9,6 @@
source _common.sh
source /usr/share/yunohost/helpers
-#=================================================
-# LOAD SETTINGS
-#=================================================
-ynh_script_progression --message="Loading installation settings..." --weight=1
-
-app=$YNH_APP_INSTANCE_NAME
-
-#domain=$(ynh_app_setting_get --app=$app --key=domain)
-port=$(ynh_app_setting_get --app=$app --key=port)
-final_path=$(ynh_app_setting_get --app=$app --key=final_path)
-
#=================================================
# STANDARD REMOVE
#=================================================
@@ -41,42 +30,6 @@ ynh_script_progression --message="Stopping and removing the systemd service..."
# Remove the dedicated systemd config
ynh_remove_systemd_config
-#=================================================
-# REMOVE DEPENDENCIES
-#=================================================
-ynh_script_progression --message="Removing dependencies..." --weight=2
-
-# Remove metapackage and its dependencies
-ynh_remove_app_dependencies
-
-#=================================================
-# REMOVE APP MAIN DIR
-#=================================================
-ynh_script_progression --message="Removing app main directory..." --weight=1
-
-# Remove the app directory securely
-ynh_secure_remove --file="$final_path"
-
-#=================================================
-# CLOSE A PORT
-#=================================================
-
-if yunohost firewall list | grep -q "\- $port$"
-then
- ynh_script_progression --message="Closing port $port..." --weight=1
- ynh_exec_warn_less yunohost firewall disallow Both $port
-fi
-
-#=================================================
-# GENERIC FINALIZATION
-#=================================================
-# REMOVE DEDICATED USER
-#=================================================
-ynh_script_progression --message="Removing the dedicated system user..." --weight=2
-
-# Delete a system user
-ynh_system_user_delete --username=$app
-
#=================================================
# END OF SCRIPT
#=================================================
diff --git a/scripts/restore b/scripts/restore
index 7d4c56b..f3bd89e 100644
--- a/scripts/restore
+++ b/scripts/restore
@@ -9,57 +9,20 @@
source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
-#=================================================
-# MANAGE SCRIPT FAILURE
-#=================================================
-
-ynh_clean_setup () {
- ynh_clean_check_starting
-}
-# Exit if an error occurs during the execution of the script
-ynh_abort_if_errors
-
-#=================================================
-# LOAD SETTINGS
-#=================================================
-ynh_script_progression --message="Loading installation settings..." --weight=1
-
-app=$YNH_APP_INSTANCE_NAME
-port=$(ynh_app_setting_get --app=$app --key=port)
-final_path=$(ynh_app_setting_get --app=$app --key=final_path)
-
#=================================================
# RESTORE THE APP MAIN DIR
#=================================================
ynh_script_progression --message="Restoring the app main directory..." --weight=2
-ynh_restore_file --origin_path="$final_path"
-
-#=================================================
-# RECREATE THE DEDICATED USER
-#=================================================
-ynh_script_progression --message="Recreating the dedicated system user..." --weight=1
-
-# Create the dedicated user (if not existing)
-ynh_system_user_create --username=$app
+ynh_restore_file --origin_path="$install_dir"
#=================================================
# RESTORE USER RIGHTS
#=================================================
# Restore permissions on app files
-chown -R $app: $final_path
-chmod +x $final_path/$app
-
-#=================================================
-# SPECIFIC RESTORATION
-#=================================================
-# REINSTALL DEPENDENCIES
-#=================================================
-ynh_script_progression --message="Reinstalling dependencies..." --weight=2
-
-# Define and install dependencies
-ynh_install_app_dependencies $pkg_dependencies
+chown -R $app: $install_dir
+chmod +x $install_dir/$app
#=================================================
# RESTORE SYSTEMD
diff --git a/scripts/upgrade b/scripts/upgrade
index 8607eb4..5b72ccf 100644
--- a/scripts/upgrade
+++ b/scripts/upgrade
@@ -9,36 +9,12 @@
source _common.sh
source /usr/share/yunohost/helpers
-#=================================================
-# LOAD SETTINGS
-#=================================================
-ynh_script_progression --message="Loading installation settings..." --weight=1
-
-app=$YNH_APP_INSTANCE_NAME
-
-final_path=$(ynh_app_setting_get --app=$app --key=final_path)
-port=$(ynh_app_setting_get --app=$app --key=port)
-
#=================================================
# CHECK VERSION
#=================================================
upgrade_type=$(ynh_check_app_version_changed)
-#=================================================
-# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
-#=================================================
-ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=1
-
-# Backup the current version of the app
-ynh_backup_before_upgrade
-ynh_clean_setup () {
- # Restore it if the upgrade fails
- ynh_restore_upgradebackup
-}
-# Exit if an error occurs during the execution of the script
-ynh_abort_if_errors
-
#=================================================
# STANDARD UPGRADE STEPS
#=================================================
@@ -48,14 +24,6 @@ ynh_script_progression --message="Stopping a systemd service..." --weight=5
ynh_systemd_action --service_name=$app --action=stop --log_path="/var/log/$app/$app.log"
-#=================================================
-# CREATE DEDICATED USER
-#=================================================
-ynh_script_progression --message="Making sure dedicated system user exists..." --weight=5
-
-# Create a dedicated user (if not existing)
-ynh_system_user_create --username=$app --home_dir="$final_path"
-
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
@@ -63,23 +31,16 @@ ynh_system_user_create --username=$app --home_dir="$final_path"
if [ "$upgrade_type" == "UPGRADE_APP" ]
then
ynh_script_progression --message="Upgrading source files..." --weight=1
- ynh_secure_remove --file="$final_path"
+ ynh_secure_remove --file="$install_dir"
# Download, check integrity, uncompress and patch the source from app.src
- git clone git://erdgeist.org/opentracker "$final_path" --quiet
- cp ../conf/Makefile $final_path/Makefile
- cp ../conf/opentracker.conf.sample $final_path/opentracker.conf
- pushd $final_path
+ git clone git://erdgeist.org/opentracker "$install_dir" --quiet
+ cp ../conf/Makefile $install_dir/Makefile
+ cp ../conf/opentracker.conf.sample $install_dir/opentracker.conf
+ pushd $install_dir
ynh_exec_warn_less make
popd
fi
-#=================================================
-# UPGRADE DEPENDENCIES
-#=================================================
-ynh_script_progression --message="Upgrading dependencies..." --weight=2
-
-ynh_install_app_dependencies $pkg_dependencies
-
#=================================================
# SETUP SYSTEMD
#=================================================
@@ -95,8 +56,8 @@ ynh_add_systemd_config
#=================================================
# Set permissions on app files
-chown -R $app: $final_path
-chmod +x $final_path/$app
+chown -R $app: $install_dir
+chmod +x $install_dir/$app
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
diff --git a/tests.toml b/tests.toml
new file mode 100644
index 0000000..55d5cb2
--- /dev/null
+++ b/tests.toml
@@ -0,0 +1,8 @@
+test_format = 1.0
+
+[default]
+
+ # ------------
+ # Tests to run
+ # ------------
+
\ No newline at end of file