Merge pull request #33 from YunoHost-Apps/package_upgrade

Package upgrade
2024-09-03 20:06:03 +02:00 · 2019-03-17 08:54:08 +01:00 · 2019-03-17 08:54:08 +01:00 · 31b85ca9d0
commit 31b85ca9d0
parent e7610d7820 4fd68d7b16
16 changed files with 709 additions and 328 deletions
--- a/README.md
+++ b/README.md
@ -1,19 +1,35 @@
-Piwigo for YunoHost
+# Piwigo for YunoHost
 ---------------------
 [![Integration level](https://dash.yunohost.org/integration/piwigo.svg)](https://dash.yunohost.org/appci/app/piwigo)  
 [![Install Piwigo with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=piwigo)
-[![Integration level](https://dash.yunohost.org/integration/piwigo.svg)](https://ci-apps.yunohost.org/jenkins/job/piwigo%20%28Community%29/lastBuild/consoleFull)  
+> *This package allow you to install Piwigo quickly and simply on a YunoHost server.  
 If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to know how to install and enjoy it.*
-[Piwigo](http://piwigo.org) is a photo gallery software for the web, built by an active community of users and developers.
+## Overview
 [Piwigo](http://piwigo.org) is a photo gallery software for the web, built by an active community of users and developers  
 Extensions make Piwigo easily customizable. Icing on the cake, Piwigo is free and opensource.
 **Shipped version:** 2.9.4
 ## Screenshots
 ![](http://piwigo.org/screenshots/homepage/piwigo-batch-manager.png)
-## Features
+## Demo
 * [YunoHost demo](https://demo.yunohost.org/piwigo/)
 * [Official demo](http://piwigo.org/demo/)
 ## Configuration
 ## Documentation
 * Official documentation: https://piwigo.org/doc/doku.php
 * YunoHost documentation: https://yunohost.org/#/app_piwigo
 ## YunoHost specific features
 In addition to Piwigo core features, the following are made available with
 this package:
@ -25,14 +41,32 @@ this package:
     * allow other users management, and guest mode
 * Allow one YunoHost user to be the administrator (set at the installation)
 #### Supported architectures
 * x86-64b - [![Build Status](https://ci-apps.yunohost.org/ci/logs/piwigo%20%28Official%29.svg)](https://ci-apps.yunohost.org/ci/apps/piwigo/)
 * ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/piwigo%20%28Official%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/piwigo/)
 * Jessie x86-64b - [![Build Status](https://ci-stretch.nohost.me/ci/logs/piwigo%20%28Official%29.svg)](https://ci-stretch.nohost.me/ci/apps/piwigo/)
 ## Limitations
-No limitation known.
+## Additionnal informations
 It has been tested on x86_64 and ARM.
 ## Links
 * Report a bug: https://github.com/YunoHost-Apps/piwigo_ynh/issues
 * Piwigo website: http://piwigo.org/
 * YunoHost website: https://yunohost.org/
 ---
 Developers infos
 ----------------
 Please do your pull request to the [testing branch](https://github.com/YunoHost-Apps/piwigo_ynh/tree/testing).
 To try the testing branch, please proceed like that.
 ```
 sudo yunohost app install https://github.com/YunoHost-Apps/piwigo_ynh/tree/testing --debug
 or
 sudo yunohost app upgrade piwigo -u https://github.com/YunoHost-Apps/piwigo_ynh/tree/testing --debug
 ```
--- a/conf/app.src
+++ b/conf/app.src
@ -1,3 +1,6 @@
 SOURCE_URL=http://piwigo.org/download/dlcounter.php?code=2.9.4
 SOURCE_SUM=00fafe6887af62e34ee97dc9b8e4be0720af9f27ea1cdb16ab6217f462574a3c
 SOURCE_SUM_PRG=sha256sum
 SOURCE_FORMAT=zip
 SOURCE_IN_SUBDIR=true
 SOURCE_FILENAME=
--- a/conf/database.inc.php
+++ b/conf/database.inc.php
@ -1,8 +1,8 @@
 <?php
 $conf['dblayer'] = 'mysqli';
-$conf['db_base'] = 'DBTOCHANGE';
+$conf['db_base'] = '__DBTOCHANGE__';
-$conf['db_user'] = 'USERTOCHANGE';
+$conf['db_user'] = '__USERTOCHANGE__';
-$conf['db_password'] = 'PASSTOCHANGE';
+$conf['db_password'] = '__PASSTOCHANGE__';
 $conf['db_host'] = 'localhost';
 $prefixeTable = '';
--- a/conf/ldap_plugin.src
+++ b/conf/ldap_plugin.src
@ -1,4 +1,6 @@
 SOURCE_URL=https://github.com/VSLCatena/ldap_login/archive/92fa2fc1abc7cd18e8005583855e468b57689616.zip
 SOURCE_SUM=9fe8d2fe3be234939a5dd3a92836202400a38a6d8b8a9b4250a8a522fe53d437
 SOURCE_SUM_PRG=sha256sum
 SOURCE_FORMAT=zip
 SOURCE_IN_SUBDIR=true
 SOURCE_FILENAME=
--- a/conf/log_failed_logins_plugin.src
+++ b/conf/log_failed_logins_plugin.src
@ -1,5 +1,6 @@
 SOURCE_URL=http://piwigo.org/ext/download.php?rid=5525
 SOURCE_SUM=85b9a06f2c7ca8ae9698e6151c7631f519c945f696b02da72f9ff53243d7e4ca
 SOURCE_SUM_PRG=sha256sum
 SOURCE_FORMAT=zip
 SOURCE_IN_SUBDIR=false
-
+SOURCE_FILENAME=
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@ -1,14 +1,20 @@
-location __PATH__ {
+#sub_path_only rewrite ^__PATH__$ __PATH__/ permanent;
-       alias __FINALPATH__/;
+location __PATH__/ {
       # Path to source
       alias __FINALPATH__/ ;
       # Force usage of https
       if ($scheme = http) {
        rewrite ^ https://$server_name$request_uri? permanent;
       }
       client_max_body_size 100M;
       index index.php;
       default_type text/html;
       location ~ [^/]\.php(/|$) {
           fastcgi_split_path_info ^(.+?\.php)(/.*)$;
-           fastcgi_pass unix:/var/run/php5-fpm-__NAME__.sock;
+           fastcgi_pass unix:/var/run/php/php7.0-fpm-__NAME__.sock;
           fastcgi_index index.php;
           include fastcgi_params;
           fastcgi_param REMOTE_USER $remote_user if_not_empty;
--- a/conf/php-fpm.conf
+++ b/conf/php-fpm.conf
@ -1,10 +1,11 @@
 ; Start a new pool named 'www'.
-; the variable $pool can we used in any directive and will be replaced by the
+; the variable $pool can be used in any directive and will be replaced by the
 ; pool name ('www' here)
 [__NAMETOCHANGE__]
 ; Per pool prefix
 ; It only applies on the following directives:
 ; - 'access.log'
 ; - 'slowlog'
 ; - 'listen' (unixsocket)
 ; - 'chroot'
@ -24,17 +25,19 @@ group = __USER__
 ; The address on which to accept FastCGI requests.
 ; Valid syntaxes are:
-;   'ip.add.re.ss:port'    - to listen on a TCP socket to a specific address on
+;   'ip.add.re.ss:port'    - to listen on a TCP socket to a specific IPv4 address on
 ;                            a specific port;
-;   'port'                 - to listen on a TCP socket to all addresses on a
+;   '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
-;                            specific port;
+;                            a specific port;
 ;   'port'                 - to listen on a TCP socket to all addresses
 ;                            (IPv6 and IPv4-mapped) on a specific port;
 ;   '/path/to/unix/socket' - to listen on a unix socket.
 ; Note: This value is mandatory.
-listen = /var/run/php5-fpm-__NAMETOCHANGE__.sock
+listen = /var/run/php/php7.0-fpm-__NAMETOCHANGE__.sock
 ; Set listen(2) backlog.
-; Default Value: 128 (-1 on FreeBSD and OpenBSD)
+; Default Value: 511 (-1 on FreeBSD and OpenBSD)
-;listen.backlog = 128
+;listen.backlog = 511
 ; Set permissions for unix socket, if one is used. In Linux, read/write
 ; permissions must be set in order to allow connections from a web server. Many
@ -44,8 +47,13 @@ listen = /var/run/php5-fpm-__NAMETOCHANGE__.sock
 listen.owner = www-data
 listen.group = www-data
 ;listen.mode = 0660
 ; When POSIX Access Control Lists are supported you can set them using
 ; these options, value is a comma separated list of user/group names.
 ; When set, listen.owner and listen.group are ignored
 ;listen.acl_users =
 ;listen.acl_groups =
-; List of ipv4 addresses of FastCGI clients which are allowed to connect.
+; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect.
 ; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
 ; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
 ; must be separated by a comma. If this value is left blank, connections will be
@ -59,7 +67,13 @@ listen.group = www-data
 ;       - The pool processes will inherit the master process priority
 ;         unless it specified otherwise
 ; Default Value: no set
-; priority = -19
+; process.priority = -19
 ; Set the process dumpable flag (PR_SET_DUMPABLE prctl) even if the process user
 ; or group is differrent than the master process user. It allows to create process
 ; core dump and ptrace the process for the pool user.
 ; Default Value: no
 ; process.dumpable = yes
 ; Choose how the process manager will control the number of child processes.
 ; Possible Values:
@ -96,7 +110,7 @@ pm = dynamic
 ; forget to tweak pm.* to fit your needs.
 ; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand'
 ; Note: This value is mandatory.
-pm.max_children = 10
+pm.max_children = 5
 ; The number of child processes created on startup.
 ; Note: Used only when pm is set to 'dynamic'
@ -122,7 +136,7 @@ pm.max_spare_servers = 3
 ; This can be useful to work around memory leaks in 3rd party libraries. For
 ; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
 ; Default Value: 0
-pm.max_requests = 500
+;pm.max_requests = 500
 ; The URI to view the FPM status page. If this value is not set, no URI will be
 ; recognized as a status page. It shows the following informations:
@ -215,7 +229,7 @@ pm.max_requests = 500
 ;   last request memory:  0
 ;
 ; Note: There is a real-time FPM status monitoring sample web page available
-;       It's available in: ${prefix}/share/fpm/status.html
+;       It's available in: /usr/share/php/7.0/fpm/status.html
 ;
 ; Note: The value must start with a leading slash (/). The value can be
 ;       anything, but it may not be a good idea to use the .php extension or it
@ -275,7 +289,7 @@ pm.max_requests = 500
 ;      - %{megabytes}M
 ;      - %{mega}M
 ;  %n: pool name
-;  %o: ouput header
+;  %o: output header
 ;      it must be associated with embraces to specify the name of the header:
 ;      - %{Content-Type}o
 ;      - %{X-Powered-By}o
@ -291,9 +305,13 @@ pm.max_requests = 500
 ;  %t: server time the request was received
 ;      it can accept a strftime(3) format:
 ;      %d/%b/%Y:%H:%M:%S %z (default)
 ;      The strftime(3) format must be encapsuled in a %{<strftime_format>}t tag
 ;      e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
 ;  %T: time the log has been written (the request has finished)
 ;      it can accept a strftime(3) format:
 ;      %d/%b/%Y:%H:%M:%S %z (default)
 ;      The strftime(3) format must be encapsuled in a %{<strftime_format>}t tag
 ;      e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
 ;  %u: remote user
 ;
 ; Default: "%R - %u %t \"%m %r\" %s"
@ -302,13 +320,13 @@ pm.max_requests = 500
 ; The log file for slow requests
 ; Default Value: not set
 ; Note: slowlog is mandatory if request_slowlog_timeout is set
-slowlog = /var/log/nginx/{POOLNAME}.slow.log
+;slowlog = log/$pool.log.slow
 ; The timeout for serving a single request after which a PHP backtrace will be
 ; dumped to the 'slowlog' file. A value of '0s' means 'off'.
 ; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
 ; Default Value: 0
-request_slowlog_timeout = 5s
+;request_slowlog_timeout = 0
 ; The timeout for serving a single request after which the worker process will
 ; be killed. This option should be used when the 'max_execution_time' ini option
@ -347,15 +365,24 @@ chdir = __FINALPATH__
 ; Note: on highloaded environement, this can cause some delay in the page
 ; process time (several ms).
 ; Default Value: no
-catch_workers_output = yes
+;catch_workers_output = yes
 ; Clear environment in FPM workers
 ; Prevents arbitrary environment variables from reaching FPM worker processes
 ; by clearing the environment in workers before env vars specified in this
 ; pool configuration are added.
 ; Setting to "no" will make all environment variables available to PHP code
 ; via getenv(), $_ENV and $_SERVER.
 ; Default Value: yes
 ;clear_env = no
 ; Limits the extensions of the main script FPM will allow to parse. This can
 ; prevent configuration mistakes on the web server side. You should only limit
 ; FPM to .php extensions to prevent malicious users to use other extensions to
-; exectute php code.
+; execute php code.
 ; Note: set an empty value to allow all extensions.
 ; Default Value: .php
-;security.limit_extensions = .php .php3 .php4 .php5
+;security.limit_extensions = .php .php3 .php4 .php5 .php7
 ; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
 ; the current environment.
@ -389,6 +416,19 @@ catch_workers_output = yes
 ;php_flag[display_errors] = off
 ;php_admin_value[error_log] = /var/log/fpm-php.www.log
 ;php_admin_flag[log_errors] = on
 ;php_admin_value[memory_limit] = 32M
 ; Common values to change to increase file upload limit
 ; php_admin_value[upload_max_filesize] = 50M
 ; php_admin_value[post_max_size] = 50M
 ; php_admin_flag[mail.add_x_header] = Off
 ; Other common parameters
 ; php_admin_value[max_execution_time] = 600
 ; php_admin_value[max_input_time] = 300
 ; php_admin_value[memory_limit] = 256M
 ; php_admin_flag[short_open_tag] = On
 php_admin_value[memory_limit] = 64M
 ; Common values to change to increase file upload limit
--- a/manifest.json
+++ b/manifest.json
@ -15,12 +15,12 @@
        "url": ""
    },
    "requirements": {
-    "yunohost": ">= 2.7.2"
+    "yunohost": ">= 3.4"
    },
    "multi_instance": true,
    "services": [
        "nginx",
-        "php5-fpm",
+        "php7.0-fpm",
        "mysql"
    ],
    "arguments": {
@ -64,6 +64,7 @@
            },
            {
                "name": "language",
                "type": "string",
                "ask": {
                    "en": "Choose the application language",
                    "fr": "Choisissez la langue de l'application"
--- a/scripts/_common.sh
+++ b/scripts/_common.sh
@ -1,35 +1,122 @@
 #!/bin/bash
 #
 # Common variables
 #
-pkg_dependencies="php5-gd php5-imagick imagemagick"
+#=================================================
 # COMMON VARIABLES
 #=================================================
-# ============= FUTURE YUNOHOST HELPERS =============
+pkg_dependencies="php-gd php-imagick imagemagick"
 #=================================================
 # FUTURE OFFICIAL HELPERS
 #=================================================
 # Create a dedicated fail2ban config (jail and filter conf files)
 #
-# usage: ynh_add_fail2ban_config log_file filter [max_retry [ports]]
+# usage 1: ynh_add_fail2ban_config --logpath=log_file --failregex=filter [--max_retry=max_retry] [--ports=ports]
-# | arg: log_file - Log file to be checked by fail2ban
+# | arg: -l, --logpath=   - Log file to be checked by fail2ban
-# | arg: failregex - Failregex to be looked for by fail2ban
+# | arg: -r, --failregex= - Failregex to be looked for by fail2ban
-# | arg: max_retry - Maximum number of retries allowed before banning IP address - default: 3
+# | arg: -m, --max_retry= - Maximum number of retries allowed before banning IP address - default: 3
-# | arg: ports - Ports blocked for a banned IP address - default: http,https
+# | arg: -p, --ports=     - Ports blocked for a banned IP address - default: http,https
 #
 # -----------------------------------------------------------------------------
 #
 # usage 2: ynh_add_fail2ban_config --use_template [--others_var="list of others variables to replace"]
 # | arg: -t, --use_template - Use this helper in template mode
 # | arg: -v, --others_var=  - List of others variables to replace separeted by a space
 # |                           for example : 'var_1 var_2 ...'
 #
 # This will use a template in ../conf/f2b_jail.conf and ../conf/f2b_filter.conf
 #   __APP__      by  $app
 #
 #  You can dynamically replace others variables by example :
 #   __VAR_1__    by $var_1
 #   __VAR_2__    by $var_2
 #
 # Generally your template will look like that by example (for synapse):
 #
 # f2b_jail.conf:
 #     [__APP__]
 #     enabled = true
 #     port = http,https
 #     filter = __APP__
 #     logpath = /var/log/__APP__/logfile.log
 #     maxretry = 3
 #
 # f2b_filter.conf:
 #     [INCLUDES]
 #     before = common.conf
 #     [Definition]
 #
 #     # Part of regex definition (just used to make more easy to make the global regex)
 #     __synapse_start_line = .? \- synapse\..+ \-
 #
 #    # Regex definition.
 #    failregex = ^%(__synapse_start_line)s INFO \- POST\-(\d+)\- <HOST> \- \d+ \- Received request\: POST /_matrix/client/r0/login\??<SKIPLINES>%(__synapse_start_line)s INFO \- POST\-\1\- Got login request with identifier: \{u'type': u'm.id.user', u'user'\: u'(.+?)'\}, medium\: None, address: None, user\: u'\5'<SKIPLINES>%(__synapse_start_line)s WARNING \- \- (Attempted to login as @\5\:.+ but they do not exist|Failed password login for user @\5\:.+)$
 #
 #     ignoreregex =
 #
 # -----------------------------------------------------------------------------
 #
 # Note about the "failregex" option:
 #          regex to match the password failure messages in the logfile. The
 #          host must be matched by a group named "host". The tag "<HOST>" can
 #          be used for standard IP/hostname matching and is only an alias for
 #          (?:::f{4,6}:)?(?P<host>[\w\-.^_]+)
 #
 #          You can find some more explainations about how to make a regex here :
 #          https://www.fail2ban.org/wiki/index.php/MANUAL_0_8#Filters
 #
 # Note that the logfile need to exist before to call this helper !!
 #
 # To validate your regex you can test with this command:
 # fail2ban-regex /var/log/YOUR_LOG_FILE_PATH /etc/fail2ban/filter.d/YOUR_APP.conf
 #
 ynh_add_fail2ban_config () {
-   # Process parameters
+  # Declare an array to define the options of this helper.
-   logpath=$1
+  declare -Ar args_array=( [l]=logpath= [r]=failregex= [m]=max_retry= [p]=ports= [t]=use_template [v]=others_var=)
-   failregex=$2
+  local logpath
-   max_retry=${3:-3}
+  local failregex
-   ports=${4:-http,https}
+  local max_retry
-   
+  local ports
-  test -n "$logpath" || ynh_die "ynh_add_fail2ban_config expects a logfile path as first argument and received nothing."
+  local others_var
-  test -n "$failregex" || ynh_die "ynh_add_fail2ban_config expects a failure regex as second argument and received nothing."
+  local use_template
  # Manage arguments with getopts
  ynh_handle_getopts_args "$@"
  use_template="${use_template:-0}"
  max_retry=${max_retry:-3}
  ports=${ports:-http,https}
  finalfail2banjailconf="/etc/fail2ban/jail.d/$app.conf"
  finalfail2banfilterconf="/etc/fail2ban/filter.d/$app.conf"
-  ynh_backup_if_checksum_is_different "$finalfail2banjailconf" 1
+  ynh_backup_if_checksum_is_different "$finalfail2banjailconf"
-  ynh_backup_if_checksum_is_different "$finalfail2banfilterconf" 1
+  ynh_backup_if_checksum_is_different "$finalfail2banfilterconf"
-  sudo tee $finalfail2banjailconf <<EOF
+  if [ $use_template -eq 1 ]
  then
    # Usage 2, templates
    cp ../conf/f2b_jail.conf $finalfail2banjailconf
    cp ../conf/f2b_filter.conf $finalfail2banfilterconf
    if [ -n "${app:-}" ]
    then
      ynh_replace_string "__APP__" "$app" "$finalfail2banjailconf"
      ynh_replace_string "__APP__" "$app" "$finalfail2banfilterconf"
    fi
    # Replace all other variable given as arguments
    for var_to_replace in ${others_var:-}; do
      # ${var_to_replace^^} make the content of the variable on upper-cases
      # ${!var_to_replace} get the content of the variable named $var_to_replace
      ynh_replace_string "__${var_to_replace^^}__" "${!var_to_replace}" "$finalfail2banjailconf"
      ynh_replace_string "__${var_to_replace^^}__" "${!var_to_replace}" "$finalfail2banfilterconf"
    done
  else
    # Usage 1, no template. Build a config file from scratch.
    test -n "$logpath" || ynh_die "ynh_add_fail2ban_config expects a logfile path as first argument and received nothing."
    test -n "$failregex" || ynh_die "ynh_add_fail2ban_config expects a failure regex as second argument and received nothing."
    tee $finalfail2banjailconf <<EOF
 [$app]
 enabled = true
 port = $ports
@ -38,23 +125,25 @@ logpath = $logpath
 maxretry = $max_retry
 EOF
-  sudo tee $finalfail2banfilterconf <<EOF
+    tee $finalfail2banfilterconf <<EOF
 [INCLUDES]
 before = common.conf
 [Definition]
 failregex = $failregex
 ignoreregex =
 EOF
  fi
  # Common to usage 1 and 2.
  ynh_store_file_checksum "$finalfail2banjailconf"
  ynh_store_file_checksum "$finalfail2banfilterconf"
-  systemctl restart fail2ban
+  systemctl try-reload-or-restart fail2ban
  local fail2ban_error="$(journalctl -u fail2ban | tail -n50 | grep "WARNING.*$app.*")"
-  if [ -n "$fail2ban_error" ]
+  if [[ -n "$fail2ban_error" ]]; then
-  then
+    ynh_print_err "Fail2ban failed to load the jail for $app"
-    echo "[ERR] Fail2ban failed to load the jail for $app" >&2
+    ynh_print_warn "${fail2ban_error#*WARNING}"
    echo "WARNING${fail2ban_error#*WARNING}" >&2
  fi
 }
@ -64,16 +153,44 @@ EOF
 ynh_remove_fail2ban_config () {
  ynh_secure_remove "/etc/fail2ban/jail.d/$app.conf"
  ynh_secure_remove "/etc/fail2ban/filter.d/$app.conf"
-  sudo systemctl restart fail2ban
+  systemctl try-reload-or-restart fail2ban
 }
-# Delete a file checksum from the app settings
+#=================================================
 # Check available space before creating a temp directory.
 #
-# $app should be defined when calling this helper
+# usage: ynh_smart_mktemp --min_size="Min size"
 #
-# usage: ynh_remove_file_checksum file
+# | arg: -s, --min_size= - Minimal size needed for the temporary directory, in Mb
-# | arg: file - The file for which the checksum will be deleted
+ynh_smart_mktemp () {
-ynh_delete_file_checksum () {
+        # Declare an array to define the options of this helper.
-	local checksum_setting_name=checksum_${1//[\/ ]/_}	# Replace all '/' and ' ' by '_'
+        declare -Ar args_array=( [s]=min_size= )
-	ynh_app_setting_delete $app $checksum_setting_name
+        local min_size
        # Manage arguments with getopts
        ynh_handle_getopts_args "$@"
        min_size="${min_size:-300}"
        # Transform the minimum size from megabytes to kilobytes
        min_size=$(( $min_size * 1024 ))
        # Check if there's enough free space in a directory
        is_there_enough_space () {
                local free_space=$(df --output=avail "$1" | sed 1d)
                test $free_space -ge $min_size
        }
        if is_there_enough_space /tmp; then
                local tmpdir=/tmp
        elif is_there_enough_space /var; then
                local tmpdir=/var
        elif is_there_enough_space /; then
                local tmpdir=/   
        elif is_there_enough_space /home; then
                local tmpdir=/home
        else
                ynh_die "Insufficient free space to continue..."
        fi
        echo "$(sudo mktemp --directory --tmpdir="$tmpdir")"
 }
--- a/scripts/backup
+++ b/scripts/backup
@ -1,16 +1,12 @@
 #!/bin/bash
-
+#=================================================
 # GENERIC START
 #=================================================
 # IMPORT GENERIC HELPERS
 #=================================================
-if [ ! -e _common.sh ]; then
+source ../settings/scripts/_common.sh
 	# Fetch helpers file if not in current directory
 	cp ../settings/scripts/_common.sh ./_common.sh
 	chmod a+rx _common.sh
 fi
 source _common.sh
 source /usr/share/yunohost/helpers
 #=================================================
@ -23,6 +19,7 @@ ynh_abort_if_errors
 #=================================================
 # LOAD SETTINGS
 #=================================================
 ynh_print_info "Loading installation settings..."
 app=$YNH_APP_INSTANCE_NAME
@ -33,42 +30,55 @@ db_name=$(ynh_app_setting_get $app db_name)
 #=================================================
 # STANDARD BACKUP STEPS
 #=================================================
-# BACKUP APP MAIN DIR
+# BACKUP THE APP MAIN DIR
 #=================================================
 ynh_print_info "Backing up the main app directory..."
 ynh_backup "$final_path"
 # Copy the data directory
 backup_core_only=$(ynh_app_setting_get "$app" backup_core_only)
 if [ -z $backup_core_only ]	# If backup_core_only setting set, don't backup data directory
 then
  ynh_backup /home/yunohost.app/${app}/upload
 else
  echo "Data dir won't be saved, because backup_core_only is set." >&2
  # Remove the option so that next regular backup will be complete
  ynh_app_setting_delete $app backup_core_only
 fi
 #=================================================
-# BACKUP FAIL2BAN CONFIGURATION
+# BACKUP THE NGINX CONFIGURATION
 #=================================================
 ynh_backup "/etc/fail2ban/jail.d/$app.conf"
 ynh_backup "/etc/fail2ban/filter.d/$app.conf"
 #=================================================
 # BACKUP NGINX CONFIGURATION
 #=================================================
 ynh_print_info "Backing up nginx web server configuration..."
 ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf"
 #=================================================
-# BACKUP PHP-FPM CONFIGURATION
+# BACKUP THE PHP-FPM CONFIGURATION
 #=================================================
 ynh_print_info "Backing up php-fpm configuration..."
-ynh_backup "/etc/php5/fpm/pool.d/$app.conf"
+ynh_backup "/etc/php/7.0/fpm/pool.d/$app.conf"
 #=================================================
-# BACKUP MYSQL DB
+# BACKUP THE MYSQL DATABASE
 #=================================================
 ynh_print_info "Backing up the MySQL database..."
 ynh_mysql_dump_db "$db_name" > db.sql
 #=================================================
 # BACKUP FAIL2BAN CONFIGURATION
 #=================================================
 ynh_print_info "Backing up fail2ban configuration..."
 ynh_backup "/etc/fail2ban/jail.d/$app.conf"
 ynh_backup "/etc/fail2ban/filter.d/$app.conf"
 #=================================================
 # SPECIFIC BACKUP
 #=================================================
 # BACKUP THE DATA DIRECTORY
 #=================================================
 ynh_print_info "Backing up data directory..."
 # The 1 parameter indicates the directory is "big",
 # so that it won't be backed up before upgrade
 # This argument has to be the third one.
 ynh_backup "/home/yunohost.app/${app}/upload" "/home/yunohost.app/${app}/upload" 1
 #=================================================
 # END OF SCRIPT
 #=================================================
 ynh_print_info "Backup script completed for $app. (YunoHost will then actually copy those files to the archive)."
--- a/scripts/change_url
+++ b/scripts/change_url
@ -21,6 +21,14 @@ new_path=$YNH_APP_NEW_PATH
 app=$YNH_APP_INSTANCE_NAME
 #=================================================
 # LOAD SETTINGS
 #=================================================
 ynh_print_info "Loading installation settings..."
 # Needed for helper "ynh_add_nginx_config"
 final_path=$(ynh_app_setting_get $app final_path)
 #=================================================
 # CHECK PATHS SYNTAX
 #=================================================
@ -51,6 +59,7 @@ fi
 #=================================================
 # MODIFY URL IN NGINX CONF FILE
 #=================================================
 ynh_print_info "Updating nginx web server configuration..."
 nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
@ -59,18 +68,17 @@ if [ $change_path -eq 1 ]
 then
 	# Make a backup of the original nginx config file if modified
 	ynh_backup_if_checksum_is_different "$nginx_conf_path"
-  # Replace locations starting with old_path
+	# Set global variables for nginx helper
-  # Look for every location possible patterns (see https://nginx.org/en/docs/http/ngx_http_core_module.html#location)
+	domain="$old_domain"
-  ynh_replace_string "location\( \(=\|~\|~\*\|\^~\)\)\? $old_path" "location\1 $new_path"  "$nginx_conf_path"
+	path_url="$new_path"
-  # Replace path in "return" directives
+	# Create a dedicated nginx config
-  ynh_replace_string "return \([[:digit:]]\{3\}\) $old_path" "return \1 $new_path"  "$nginx_conf_path"
+	ynh_add_nginx_config
  # Calculate and store the nginx config file checksum
  ynh_store_file_checksum "$nginx_conf_path"
 fi
 # Change the domain for nginx
 if [ $change_domain -eq 1 ]
 then
 	# Delete file checksum for the old conf file location
 	ynh_delete_file_checksum "$nginx_conf_path"
 	mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf
 	# Store file checksum for the new config file location
@ -82,5 +90,12 @@ fi
 #=================================================
 # RELOAD NGINX
 #=================================================
 ynh_print_info "Reloading nginx web server..."
 systemctl reload nginx
 #=================================================
 # END OF SCRIPT
 #=================================================
 ynh_print_info "Change of url completed for $app"
--- a/scripts/install
+++ b/scripts/install
@ -1,5 +1,4 @@
 #!/bin/bash
 shopt -s extglob  # sets extended pattern matching options in the bash shell
 #=================================================
 # GENERIC STARTING
@ -14,79 +13,75 @@ source /usr/share/yunohost/helpers
 # MANAGE SCRIPT FAILURE
 #=================================================
-ynh_abort_if_errors	# Stop script if an error is detected
+# Exit if an error occurs during the execution of the script
 ynh_abort_if_errors
 #=================================================
 # RETRIEVE ARGUMENTS FROM THE MANIFEST
 #=================================================
 # Retrieve app id
 app=$YNH_APP_INSTANCE_NAME
 # Retrieve arguments
 domain=$YNH_APP_ARG_DOMAIN
 path_url=$YNH_APP_ARG_PATH
 admin=$YNH_APP_ARG_ADMIN
 is_public=$YNH_APP_ARG_IS_PUBLIC
 language=$YNH_APP_ARG_LANGUAGE
-if [ "$language" = "fr" ] ; then
+app=$YNH_APP_INSTANCE_NAME
  applanguage="fr_FR"
 else
  applanguage="en_UK"
 fi
 #=================================================
 # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
 #=================================================
-
+ynh_print_info "Validating installation parameters..."
 path_url=$(ynh_normalize_url_path $path_url)	# Check and normalize path
 final_path=/var/www/$app
 test ! -e "$final_path" || ynh_die "This path already contains a folder"
-# Check web path availability
+# Normalize the url path syntax
-ynh_webpath_available $domain $path_url
+path_url=$(ynh_normalize_url_path $path_url)
 # Register (book) web path
 ynh_webpath_register $app $domain $path_url
 #=================================================
 # STORE SETTINGS FROM MANIFEST
 #=================================================
 ynh_print_info "Storing installation settings..."
-ynh_app_setting_set $app domain "$domain"
+ynh_app_setting_set $app domain $domain
-ynh_app_setting_set $app path_url "$path_url"
+ynh_app_setting_set $app path $path_url
-ynh_app_setting_set $app admin "$admin"
+ynh_app_setting_set $app admin $admin
-ynh_app_setting_set $app is_public "$is_public"
+ynh_app_setting_set $app is_public $is_public
-ynh_app_setting_set $app language "$language"
+ynh_app_setting_set $app language $language
 #=================================================
 # STANDARD MODIFICATIONS
 #=================================================
 # INSTALL DEPENDENCIES
 #=================================================
 ynh_print_info "Installing dependencies..."
 ynh_install_app_dependencies "$pkg_dependencies"
 #=================================================
 # CREATE A MYSQL DB
 #=================================================
 ynh_print_info "Creating a MySQL database..."
 db_name=$(ynh_sanitize_dbid $app)
-db_user="$db_name"
+ynh_app_setting_set $app db_name $db_name
-ynh_app_setting_set "$app" db_name "$db_name"
+ynh_mysql_setup_db $db_name $db_name
 # Initialize database
 ynh_mysql_setup_db "$db_user" "$db_name"
 #=================================================
 # DOWNLOAD, CHECK AND UNPACK SOURCE
 #=================================================
 ynh_print_info "Setting up source files..."
 ynh_app_setting_set $app final_path $final_path
 ynh_app_setting_set $app final_path "$final_path"
 # Create tmp directory and fetch app inside
-tmpdir=$(mktemp -d)
+tmpdir="$(ynh_smart_mktemp --min_size=300)"
 ynh_setup_source "$tmpdir"
 # Fetch needed plugins
 mkdir -p $tmpdir/plugins/Ldap_Login
 ynh_setup_source "$tmpdir/plugins/Ldap_Login" ldap_plugin
@ -95,12 +90,27 @@ ynh_setup_source "$tmpdir/plugins" log_failed_logins_plugin
 #=================================================
 # CREATE DEDICATED USER
 #=================================================
 ynh_print_info "Configuring system user..."
-ynh_system_user_create $app	# Create a dedicated system user
+# Create a system user
 ynh_system_user_create $app
 #=================================================
 # NGINX CONFIGURATION
 #=================================================
 ynh_print_info "Configuring nginx web server..."
 # Create a dedicated nginx config
 ynh_add_nginx_config
 #=================================================
 # SPECIFIC SETUP
 #=================================================
 # COPY FILES TO $FINAL_PATH
 #=================================================
 # sets extended pattern matching options in the bash shell
 shopt -s extglob
 # Install files and set permissions
 mkdir $final_path
@ -123,69 +133,111 @@ chown -R $app: $final_path
 chown -R $app: $datapath
 chmod 755 -R $final_path/_data
-#=================================================
+ynh_secure_remove "$tmpdir"
 # NGINX AND PHP-FPM CONFIGURATION
 #=================================================
-ynh_add_nginx_config
+#=================================================
 # PHP-FPM CONFIGURATION
 #=================================================
 ynh_print_info "Configuring php-fpm..."
-# Copy and set php-fpm configuration
+# Create a dedicated php-fpm config
 ynh_add_fpm_config
 #=================================================
 # SETUP APPLICATION WITH CURL
 #=================================================
 ynh_print_info "Installing piwigo with Curl..."
 ynh_app_setting_set $app unprotected_uris "/"
 # Reload SSOwat config
 yunohost app ssowatconf
 # Reload Nginx
 systemctl reload nginx
 # Generate random password for admin
 adm_pwd=$(ynh_string_random 24)
 ynh_app_setting_set $app admin_pwd "$adm_pwd"
 if [ "$language" = "fr" ] ; then
  applanguage="fr_FR"
 else
  applanguage="en_UK"
 fi
 # Configure piwigo via curl
 mail="$(ynh_user_get_info $admin mail)"
 # Installation with curl
 ynh_local_curl "/install.php?language=$applanguage" "install=true" "dbuser=$db_name" "dbpasswd=$db_pwd" "dbname=$db_name" "admin_name=$admin" "admin_pass1=$adm_pwd" "admin_pass2=$adm_pwd" "admin_mail=$mail"
 #=================================================
 # CONFIGURE PIWIGO
 #=================================================
-
+ynh_print_info "Configuring piwigo..."
 ynh_app_setting_set "$app" unprotected_uris "/"
 yunohost app ssowatconf
 # Generate random password for admin
 adm_pwd=$(ynh_string_random 24)
 ynh_app_setting_set $app admin_pwd "$adm_pwd"
 # Configure piwigo via curl
 mail="$(ynh_user_get_info $admin mail)"
 ynh_local_curl "/install.php?language=$applanguage" "install=true" "dbuser=$db_user" "dbpasswd=$db_pwd" "dbname=$db_name" "admin_name=$admin" "admin_pass1=$adm_pwd" "admin_pass2=$adm_pwd" "admin_mail=$mail"
 # Change local config
 cp ../conf/config.inc.php $final_path/local/config/
 # Calculate and store the config file checksum
 ynh_store_file_checksum "$final_path/local/config/config.inc.php"
 # Setup database in local/config/database.inc.php
-ynh_replace_string "DBTOCHANGE" "$db_name" ../conf/database.inc.php
+ynh_replace_string "__DBTOCHANGE__" "$db_name" ../conf/database.inc.php
-ynh_replace_string "USERTOCHANGE" "$db_user" ../conf/database.inc.php
+ynh_replace_string "__USERTOCHANGE__" "$db_name" ../conf/database.inc.php
-ynh_replace_string "PASSTOCHANGE" "$db_pwd" ../conf/database.inc.php
+ynh_replace_string "__PASSTOCHANGE__" "$db_pwd" ../conf/database.inc.php
 cp ../conf/database.inc.php $final_path/local/config/database.inc.php
 # Calculate and store the database config file checksum
 ynh_store_file_checksum "$final_path/local/config/database.inc.php"
 #=================================================
-# ADD LDAP & FAIL2BAN PLUGINS
+# ADD LDAP PLUGINS
 #=================================================
 ynh_print_info "Configuring LDAP plugin..."
 # Configure and activate LDAP plugin
-ynh_mysql_connect_as $db_name $db_pwd $db_user <<< "INSERT INTO plugins (id,state,version) VALUES ('Ldap_Login','active','1.1');"
+ynh_mysql_connect_as $db_name $db_pwd $db_name <<< "INSERT INTO plugins (id,state,version) VALUES ('Ldap_Login','active','1.1');"
 cp ../conf/data.dat $final_path/plugins/Ldap_Login
 #=================================================
 # CONFIGURE FAIL2BAN
 #=================================================
 ynh_print_info "Configuring fail2ban..."
 # Configure and activate log_failed_logins plugin
-ynh_mysql_connect_as $db_name $db_pwd $db_user <<< "INSERT INTO plugins (id,state,version) VALUES ('log_failed_logins','active','1.2');"
+ynh_mysql_connect_as $db_name $db_pwd $db_name <<< "INSERT INTO plugins (id,state,version) VALUES ('log_failed_logins','active','1.2');"
-ynh_mysql_connect_as $db_name $db_pwd $db_user <<< "INSERT INTO config (param, value) VALUES ('logFailedLoginsFilename','/var/log/${app}FailedLogins.log');"
+ynh_mysql_connect_as $db_name $db_pwd $db_name <<< "INSERT INTO config (param, value) VALUES ('logFailedLoginsFilename','/var/log/${app}FailedLogins.log');"
 touch "/var/log/${app}FailedLogins.log"
 chown $app: "/var/log/${app}FailedLogins.log"
-# Set-up fail2ban
+ynh_add_fail2ban_config --logpath="/var/log/${app}FailedLogins.log" --failregex="ip=<HOST>" --max_retry=6
-ynh_add_fail2ban_config "/var/log/${app}FailedLogins.log" "ip=<HOST>" 6
+
 #=================================================
 # GENERIC FINALIZATION
 #=================================================
 # SETUP SSOWAT
 #=================================================
 ynh_print_info "Configuring SSOwat..."
 # Protect URIs if private
-if [ $is_public -eq 0 ];
+if [ $is_public -eq 0 ]
 then
-  ynh_app_setting_delete "$app" unprotected_uris
+  ynh_app_setting_delete $app unprotected_uris
-  ynh_app_setting_set "$app" protected_uris "/"
+  ynh_app_setting_set $app protected_uris "/"
 fi
 #=================================================
 # RELOAD NGINX
 #=================================================
 ynh_print_info "Reloading nginx web server..."
 systemctl reload nginx
 #=================================================
 # END OF SCRIPT
 #=================================================
 ynh_print_info "Installation of $app completed"
--- a/scripts/remove
+++ b/scripts/remove
@ -12,48 +12,75 @@ source /usr/share/yunohost/helpers
 #=================================================
 # LOAD SETTINGS
 #=================================================
 ynh_print_info "Loading installation settings..."
 app=$YNH_APP_INSTANCE_NAME
 domain=$(ynh_app_setting_get $app domain)
 db_name=$(ynh_app_setting_get $app db_name)
 final_path=$(ynh_app_setting_get $app final_path)
 #=================================================
 # STANDARD REMOVE
 #=================================================
 # REMOVE DEPENDENCIES
 #=================================================
 ynh_print_info "Removing dependencies"
 # Remove metapackage and its dependencies
 ynh_remove_app_dependencies
 #=================================================
-# REMOVE THE MYSQL DB
+# REMOVE THE MYSQL DATABASE
 #=================================================
 ynh_print_info "Removing the MySQL database"
-ynh_mysql_remove_db "$app" "$db_name"
+# Remove a database if it exists, along with the associated user
 ynh_mysql_remove_db $db_name $db_name
 #=================================================
 # REMOVE APP MAIN DIR
 #=================================================
 ynh_print_info "Removing app main directory"
-ynh_secure_remove "/var/www/$app"
+# Remove the app directory securely
 ynh_secure_remove "$final_path"
 #=================================================
 # REMOVE NGINX CONFIGURATION
 #=================================================
 ynh_print_info "Removing nginx web server configuration"
 # Remove the dedicated nginx config
 ynh_remove_nginx_config
 #=================================================
 # REMOVE PHP-FPM CONFIGURATION
 #=================================================
 ynh_print_info "Removing php-fpm configuration"
 # Remove the dedicated php-fpm config
 ynh_remove_fpm_config
 #=================================================
 # REMOVE FAIL2BAN CONFIGURATION
 #=================================================
 ynh_print_info "Removing fail2ban configuration"
 ynh_remove_fail2ban_config
 #=================================================
-# REMOVE NGINX AND PHP-FPM CONFIGURATION
+# GENERIC FINALIZATION
 #=================================================
 ynh_remove_fpm_config
 ynh_remove_nginx_config
 #=================================================
 # REMOVE DEDICATED USER
 #=================================================
 ynh_print_info "Removing the dedicated system user"
 # Delete a system user
 ynh_system_user_delete $app
 #=================================================
 # END OF SCRIPT
 #=================================================
 ynh_print_info "Removal of $app completed"
--- a/scripts/restore
+++ b/scripts/restore
@ -1,15 +1,12 @@
 #!/bin/bash
 #=================================================
 # GENERIC START
 #=================================================
 # IMPORT GENERIC HELPERS
 #=================================================
-if [ ! -e _common.sh ]; then
+source ../settings/scripts/_common.sh
 	# Fetch helpers file if not in current directory
 	cp ../settings/scripts/_common.sh ./_common.sh
 	chmod a+rx _common.sh
 fi
 source _common.sh
 source /usr/share/yunohost/helpers
 #=================================================
@ -22,6 +19,7 @@ ynh_abort_if_errors
 #=================================================
 # LOAD SETTINGS
 #=================================================
 ynh_print_info "Loading settings..."
 app=$YNH_APP_INSTANCE_NAME
@ -34,6 +32,7 @@ db_name=$(ynh_app_setting_get $app db_name)
 #=================================================
 # CHECK IF THE APP CAN BE RESTORED
 #=================================================
 ynh_print_info "Validating restoration parameters..."
 ynh_webpath_available $domain $path_url \
 	|| ynh_die "Path not available: ${domain}${path_url}"
@ -41,54 +40,48 @@ test ! -d $final_path \
 	|| ynh_die "There is already a directory: $final_path "
 #=================================================
-# STANDARD RESTORE STEPS
+# STANDARD RESTORATION STEPS
 #=================================================
-# RESTORE NGINX CONFIGURATION
+# RESTORE THE NGINX CONFIGURATION
 #=================================================
 ynh_restore_file "/etc/nginx/conf.d/$domain.d/$app.conf"
 #=================================================
-# RESTORE APP MAIN DIR
+# RESTORE THE APP MAIN DIR
 #=================================================
 ynh_print_info "Restoring the app main directory..."
 ynh_restore_file "$final_path"
 # Restore data directory if backed-up
 if [ -d "$YNH_BACKUP_DIR/apps/${app}/backup/home/yunohost.app/${app}/upload" ] ; then
  ynh_restore_file "/home/yunohost.app/${app}/upload"
 else
  # Create app data folder
  mkdir /home/yunohost.app/${app}/upload
 fi
 # Create temporary data folder
 mkdir -p /home/yunohost.app/${app}/_data
 # Remove the option backup_core_only if it's in the settings.yml file
 ynh_app_setting_delete $app backup_core_only
 #=================================================
-# RESTORE MYSQL DB
+# RESTORE THE MYSQL DATABASE
 #=================================================
 ynh_print_info "Restoring the MySQL database..."
 db_pwd=$(ynh_app_setting_get $app mysqlpwd)
-ynh_mysql_create_db $db_name $db_name $db_pwd
+ynh_mysql_setup_db $db_name $db_name $db_pwd
 ynh_mysql_connect_as $db_name $db_pwd $db_name < ./db.sql
 #=================================================
-# RECREATE OF THE DEDICATED USER
+# RECREATE THE DEDICATED USER
 #=================================================
 ynh_print_info "Recreating the dedicated system user..."
-ynh_system_user_create $app	# Recreate the dedicated user, if not existing
+# Create the dedicated user (if not existing)
 ynh_system_user_create $app
 #=================================================
-# RESTORE USER RIGHTS
+# RESTORE THE PHP-FPM CONFIGURATION
 #=================================================
-chown -R $app: $final_path
+ynh_restore_file "/etc/php/7.0/fpm/pool.d/$app.conf"
 chown -R $app: /home/yunohost.app/${app}
 #=================================================
-# RESTORE FAIL2BAN CONFIGURATION
+# RESTORE THE FAIL2BAN CONFIGURATION
 #=================================================
 ynh_print_info "Restoring the fail2ban configuration"
 ynh_restore_file "/etc/fail2ban/jail.d/$app.conf"
 ynh_restore_file "/etc/fail2ban/filter.d/$app.conf"
@ -98,16 +91,43 @@ chown $app: "/var/log/${app}FailedLogins.log"
 systemctl restart fail2ban
 #=================================================
-# RESTORE PHP-FPM CONFIGURATION
+# SPECIFIC RESTORATION
 #=================================================
 # RESTORE THE DATA DIRECTORY
 #=================================================
 ynh_print_info "Restoring data directory..."
 # The data directory will be restored only if it exists in the backup archive
 # So only if it was backup previously.
 if [ -d "$YNH_BACKUP_DIR/apps/$app/backup/home/yunohost.app/${app}/upload" ]
 then
 	ynh_restore_file "/home/yunohost.app/${app}/upload"
 else
 	# Create app folders
 	mkdir -p "/home/yunohost.app/${app}/upload"
 fi
 # Create temporary data folder
 mkdir -p /home/yunohost.app/${app}/_data
 #=================================================
 # RESTORE USER RIGHTS
 #=================================================
-ynh_restore_file /etc/php5/fpm/pool.d/$app.conf
+chown -R $app: $final_path
 chown -R $app: /home/yunohost.app/${app}
 #=================================================
 # GENERIC FINALIZATION
 #=================================================
 # RELOAD NGINX AND PHP-FPM
 #=================================================
 ynh_print_info "Reloading nginx web server and php-fpm..."
-systemctl reload php5-fpm
+systemctl reload php7.0-fpm
 systemctl reload nginx
 #=================================================
 # END OF SCRIPT
 #=================================================
 ynh_print_info "Restoration completed for $app"
--- a/scripts/upgrade
+++ b/scripts/upgrade
@ -1,8 +1,5 @@
 #!/bin/bash
 shopt -s extglob  # sets extended pattern matching options in the bash shell
 # Exit on command errors and treat unset variables as an error
 set -eu
 #=================================================
 # GENERIC STARTING
 #=================================================
@ -15,45 +12,36 @@ source /usr/share/yunohost/helpers
 #=================================================
 # LOAD SETTINGS
 #=================================================
-# Set app specific variables
+ynh_print_info "Loading installation settings..."
 app=$YNH_APP_INSTANCE_NAME
-# Check destination directory
+domain=$(ynh_app_setting_get $app domain)
-destdir="/var/www/$app"
+path_url=$(ynh_app_setting_get $app path)
-[[ ! -d $destdir ]] && ynh_die \
+admin=$(ynh_app_setting_get $app admin)
-"The destination directory '$destdir' does not exist.\
+is_public=$(ynh_app_setting_get $app is_public)
- The app is not correctly installed, you should remove it first."
+final_path=$(ynh_app_setting_get $app final_path)
 language=$(ynh_app_setting_get $app language)
 db_name=$(ynh_app_setting_get $app db_name)
 admin_pwd=$(ynh_app_setting_get $app admin_pwd)
-# Retrieve arguments
+#=================================================
-domain=$(ynh_app_setting_get "$app" domain)
+# ENSURE DOWNWARD COMPATIBILITY
 #=================================================
 ynh_print_info "Ensuring downward compatibility..."
-path_url=$(ynh_app_setting_get "$app" path_url)
+# If db_name doesn't exist, create it
-# Compatibility with previous version
+if [ -z $db_name ]; then
-if [ -z "$path_url" ] ; then
+	db_name=$(ynh_sanitize_dbid $app)
-  path_url=$(ynh_app_setting_get "$app" path)
+	ynh_app_setting_set $app db_name $db_name
  ynh_app_setting_set $app path_url "$path_url"
 fi
 path_url=$(ynh_normalize_url_path $path_url)
 final_path=$(ynh_app_setting_get "$app" final_path)
 # Compatibility with previous version
 if [ -z "$final_path" ] ; then
  final_path="/var/www/$app"
  ynh_app_setting_set $app final_path "$final_path"
 fi
-db_name=$(ynh_app_setting_get "$app" db_name)
+# If final_path doesn't exist, create it
-# Compatibility with previous version
+if [ -z $final_path ]; then
-if [ -z "$db_name" ] ; then
+	final_path=/var/www/$app
-  db_name=$app
+	ynh_app_setting_set $app final_path $final_path
  ynh_app_setting_set "$app" db_name "$db_name"
 fi
 db_user="$db_name"
 db_pwd=$(ynh_app_setting_get "$app" mysqlpwd)
 admin=$(ynh_app_setting_get "$app" admin)
 admin_pwd=$(ynh_app_setting_get "$app" admin_pwd)
 # Compatibility with previous version; password was not set
 if [ -z "$admin_pwd" ] ; then
  # Generate a new password
@ -64,74 +52,104 @@ if [ -z "$admin_pwd" ] ; then
  hashed_password=$(cd $final_path ; php hash_password.php $admin_pwd)
  # Update password hash in database
-  ynh_mysql_connect_as $db_name $db_pwd $db_user <<< "UPDATE users SET password='$hashed_password' WHERE username='$admin';"
+  db_pwd=$(ynh_app_setting_get $app mysqlpwd)
  ynh_mysql_connect_as $db_name $db_pwd $db_name <<< "UPDATE users SET password='$hashed_password' WHERE username='$admin';"
  ynh_app_setting_set $app admin_pwd "$admin_pwd"
  # Remove the temporary hash generation script
  ynh_secure_remove "$final_path/hash_password.php"
 fi
-language=$(ynh_app_setting_get "$app" language)
+# Use path instead of path_url in settings.yml...
-if [ "$language" = "fr" ] ; then
+if [ -z "$path_url" ]
-  applanguage="fr_FR"
+then
-else
+	path_url=$(ynh_app_setting_get $app path_url)
-  applanguage="en_UK"
+	ynh_app_setting_set $app path $path_url
 	ynh_app_setting_delete $app path_url
 fi
 is_public=$(ynh_app_setting_get "$app" is_public)
 #=================================================
-# MANAGE SCRIPT FAILURE
+# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
 #=================================================
 ynh_print_info "Backing up the app before upgrading (may take a while)..."
-# Use prior backup and restore on error only if backup feature
+# Backup the current version of the app
-# exists on installed instance
+ynh_backup_before_upgrade
-if [ -f "/etc/yunohost/apps/$app/scripts/backup" ] ; then
+ynh_clean_setup () {
-  # Notify the backup process that it should not save the data directory
+	# restore it if the upgrade fails
  ynh_app_setting_set $app backup_core_only 1
  ynh_backup_before_upgrade # Backup the current version of the app
  ynh_clean_setup () {
 	ynh_restore_upgradebackup
-  }
+}
-  ynh_abort_if_errors	# Stop script if an error is detected
+# Exit if an error occurs during the execution of the script
-fi
+ynh_abort_if_errors
 #=================================================
-# INSTALL DEPENDENCIES
+# CHECK THE PATH
 #=================================================
-ynh_install_app_dependencies "$pkg_dependencies"
+# Normalize the URL path syntax
 path_url=$(ynh_normalize_url_path $path_url)
 #=================================================
 # STANDARD UPGRADE STEPS
 #=================================================
 # DOWNLOAD, CHECK AND UNPACK SOURCE
 #=================================================
 ynh_print_info "Upgrading source files..."
 # Create tmp directory and fetch app inside
-tmpdir=$(ynh_mkdir_tmp)
+tmpdir="$(ynh_smart_mktemp --min_size=300)"
 ynh_setup_source "$tmpdir"
 # Fetch needed plugins
 mkdir -p $tmpdir/plugins/Ldap_Login
 ynh_setup_source "$tmpdir/plugins/Ldap_Login" ldap_plugin
 ynh_setup_source "$tmpdir/plugins" log_failed_logins_plugin
 #=================================================
 # NGINX CONFIGURATION
 #=================================================
 ynh_print_info "Upgrading nginx web server configuration..."
 # Create a dedicated nginx config
 ynh_add_nginx_config
 #=================================================
 # UPGRADE DEPENDENCIES
 #=================================================
 ynh_print_info "Upgrading dependencies..."
 ynh_install_app_dependencies "$pkg_dependencies"
 #=================================================
 # CREATE DEDICATED USER
 #=================================================
 ynh_print_info "Making sure dedicated system user exists..."
-ynh_system_user_create $app # Create dedicated user if not existing
+# Create a dedicated user (if not existing)
 ynh_system_user_create $app
 #=================================================
-# SPECIFIC SETUP
+# PHP-FPM CONFIGURATION
 #=================================================
 ynh_print_info "Upgrading php-fpm configuration..."
 # Create a dedicated php-fpm config
 ynh_add_fpm_config
 #=================================================
 # SPECIFIC UPGRADE
 #=================================================
 # COPY FILES TO $FINAL_PATH
 #=================================================
-# We store photos (potentially large data) on /home/yunohost.app
+# sets extended pattern matching options in the bash shell
 shopt -s extglob
 datapath=/home/yunohost.app/$app
 # Install files and set permissions
 cp -a $tmpdir/!(upload|_data|galleries) $final_path
 # Backward compatibility:
 # If the _data subdirectory wasn't already moved to /home/yunohost.app/$app,
 # then move it there
@ -152,68 +170,103 @@ chown -R $app: $final_path
 chown -R $app: $datapath
 chmod 755 -R $final_path/_data
-#=================================================
+ynh_secure_remove "$tmpdir"
 # NGINX AND PHP-FPM CONFIGURATION
 #=================================================
-ynh_add_nginx_config
+#=================================================
-ynh_store_file_checksum "/etc/nginx/conf.d/$domain.d/$app.conf"
+# UPGRADE APPLICATION WITH CURL
 #=================================================
 ynh_print_info "Upgrading piwigo with Curl..."
-# Copy and set php-fpm configuration
+ynh_app_setting_set $app unprotected_uris "/"
-ynh_add_fpm_config
+# Reload SSOwat config
 yunohost app ssowatconf
 # Reload Nginx
 systemctl reload nginx
 if [ "$language" = "fr" ] ; then
  applanguage="fr_FR"
 else
  applanguage="en_UK"
 fi
 # Upgrade piwigo via curl
 ynh_local_curl "/upgrade.php?language=$applanguage&now=true" "language=$applanguage" "username=$admin" "password=$admin_pwd"
 #=================================================
 # CONFIGURE PIWIGO
 #=================================================
-
+ynh_print_info "Configuring piwigo..."
 ynh_app_setting_set "$app" unprotected_uris "/"
 yunohost app ssowatconf
 # Configure piwigo via curl
 ynh_local_curl "/upgrade.php?language=$applanguage&now=true" "language=$applanguage" "username=$admin" "password=$admin_pwd"
 # Make a backup of the original config file if modified
 ynh_backup_if_checksum_is_different "$final_path/local/config/config.inc.php"
 # Change local config
 cp ../conf/config.inc.php $final_path/local/config/
 # Calculate and store the config file checksum
 ynh_store_file_checksum "$final_path/local/config/config.inc.php"
 # Make a backup of the original database config file if modified
 ynh_backup_if_checksum_is_different "$final_path/local/config/database.inc.php"
 # Setup database in local/config/database.inc.php
-ynh_replace_string "DBTOCHANGE" "$db_name" ../conf/database.inc.php
+ynh_replace_string "__DBTOCHANGE__" "$db_name" ../conf/database.inc.php
-ynh_replace_string "USERTOCHANGE" "$db_user" ../conf/database.inc.php
+ynh_replace_string "__USERTOCHANGE__" "$db_name" ../conf/database.inc.php
-ynh_replace_string "PASSTOCHANGE" "$db_pwd" ../conf/database.inc.php
+db_pwd=$(ynh_app_setting_get $app mysqlpwd)
 ynh_replace_string "__PASSTOCHANGE__" "$db_pwd" ../conf/database.inc.php
 cp ../conf/database.inc.php $final_path/local/config/database.inc.php
 # Calculate and store the database config file checksum
 ynh_store_file_checksum "$final_path/local/config/database.inc.php"
 #=================================================
-# ADD LDAP & FAIL2BAN PLUGINS
+# ADD LDAP PLUGINS
 #=================================================
 ynh_print_info "Configuring LDAP plugin..."
 # Configure and activate LDAP plugin
-ynh_mysql_connect_as $db_name $db_pwd $db_user <<< "UPDATE plugins SET state='active' WHERE id='Ldap_Login';"
+ynh_mysql_connect_as $db_name $db_pwd $db_name <<< "UPDATE plugins SET state='active' WHERE id='Ldap_Login';"
 cp ../conf/data.dat $final_path/plugins/Ldap_Login
 #=================================================
 # UPGRADE FAIL2BAN
 #=================================================
 ynh_print_info "Upgrading fail2ban..."
 # Configure and activate log_failed_logins plugin
-ynh_mysql_connect_as $db_name $db_pwd $db_user <<< "INSERT INTO plugins (id,state,version) VALUES ('log_failed_logins','active','1.2');" 2>&1 > /dev/null ||ynh_mysql_connect_as $db_name $db_pwd $db_user <<< "UPDATE plugins SET state='active' WHERE id='log_failed_logins';"
+ynh_mysql_connect_as $db_name $db_pwd $db_name <<< "INSERT INTO plugins (id,state,version) VALUES ('log_failed_logins','active','1.2');" 2>&1 > /dev/null ||ynh_mysql_connect_as $db_name $db_pwd $db_name <<< "UPDATE plugins SET state='active' WHERE id='log_failed_logins';"
-ynh_mysql_connect_as $db_name $db_pwd $db_user <<< "INSERT INTO config (param, value) VALUES ('logFailedLoginsFilename','/var/log/${app}FailedLogins.log');" 2>&1 > /dev/null || ynh_mysql_connect_as $db_name $db_pwd $db_user <<< "UPDATE config SET value='/var/log/${app}FailedLogins.log' WHERE param='logFailedLoginsFilename';"
+ynh_mysql_connect_as $db_name $db_pwd $db_name <<< "INSERT INTO config (param, value) VALUES ('logFailedLoginsFilename','/var/log/${app}FailedLogins.log');" 2>&1 > /dev/null || ynh_mysql_connect_as $db_name $db_pwd $db_name <<< "UPDATE config SET value='/var/log/${app}FailedLogins.log' WHERE param='logFailedLoginsFilename';"
 touch "/var/log/${app}FailedLogins.log"
 chown $app: "/var/log/${app}FailedLogins.log"
-# Set-up fail2ban
+ynh_add_fail2ban_config --logpath="/var/log/${app}FailedLogins.log" --failregex="ip=<HOST>" --max_retry=6
-ynh_add_fail2ban_config "/var/log/${app}FailedLogins.log" "ip=<HOST>" 6
+
 #=================================================
 # GENERIC FINALIZATION
 #=================================================
 # SETUP SSOWAT
 #=================================================
 ynh_print_info "Upgrading SSOwat configuration..."
 # Protect URIs if private
-if [ $is_public -eq 0 ];
+if [ $is_public -eq 0 ]
 then
-  ynh_app_setting_delete "$app" unprotected_uris
+  ynh_app_setting_delete $app unprotected_uris
-  ynh_app_setting_set "$app" protected_uris "/"
+  ynh_app_setting_set $app protected_uris "/"
 fi
 #=================================================
 # RELOAD NGINX
 #=================================================
 ynh_print_info "Reloading nginx web server..."
 systemctl reload nginx
 #=================================================
 # END OF SCRIPT
 #=================================================
 ynh_print_info "Upgrade of $app completed"