Merge 62a58461e7 into 8fd34e47db

2024-09-03 20:16:14 +02:00 · 2022-11-22 13:50:34 +01:00 · 2022-11-22 13:50:34 +01:00 · 5eed676af4
commit 5eed676af4
parent 8fd34e47db 62a58461e7
25 changed files with 584 additions and 765 deletions
--- a/README.md
+++ b/README.md
@ -5,7 +5,7 @@ It shall NOT be edited by hand.
 # Radicale for YunoHost
-[![Integration level](https://dash.yunohost.org/integration/radicale.svg)](https://dash.yunohost.org/appci/app/radicale) ![](https://ci-apps.yunohost.org/ci/badges/radicale.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/radicale.maintain.svg)  
+[![Integration level](https://dash.yunohost.org/integration/radicale.svg)](https://dash.yunohost.org/appci/app/radicale) ![Working status](https://ci-apps.yunohost.org/ci/badges/radicale.status.svg) ![Maintenance status](https://ci-apps.yunohost.org/ci/badges/radicale.maintain.svg)  
 [![Install Radicale with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=radicale)
 *[Lire ce readme en français.](./README_fr.md)*
@ -18,10 +18,7 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in
 Radicale is a small but powerful CalDAV (calendars, todo-lists) and CardDAV (contacts) server.
-**Shipped version:** 1.1.6~ynh6
+**Shipped version:** 3.1.8~ynh1
 ## Disclaimers / important information
 ## Configuration
@ -46,21 +43,22 @@ Supported, with LDAP and SSO only with radicale, not for InfCloud.
 ## Documentation and resources
-* Official app website: http://radicale.org
+* Official app website: <http://radicale.org>
-* Official admin documentation: https://github.com/Kozea/Radicale/blob/website/pages/user_documentation.rst
+* Official admin documentation: <https://github.com/Kozea/Radicale/blob/website/pages/user_documentation.rst>
-* Upstream app code repository: https://github.com/Kozea/Radicale
+* Upstream app code repository: <https://github.com/Kozea/Radicale>
-* YunoHost documentation for this app: https://yunohost.org/app_radicale
+* YunoHost documentation for this app: <https://yunohost.org/app_radicale>
-* Report a bug: https://github.com/YunoHost-Apps/radicale_ynh/issues
+* Report a bug: <https://github.com/YunoHost-Apps/radicale_ynh/issues>
 ## Developer info
 Please send your pull request to the [testing branch](https://github.com/YunoHost-Apps/radicale_ynh/tree/testing).
 To try the testing branch, please proceed like that.
-```
+
 ``` bash
 sudo yunohost app install https://github.com/YunoHost-Apps/radicale_ynh/tree/testing --debug
 or
 sudo yunohost app upgrade radicale -u https://github.com/YunoHost-Apps/radicale_ynh/tree/testing --debug
 ```
-**More info regarding app packaging:** https://yunohost.org/packaging_apps
+**More info regarding app packaging:** <https://yunohost.org/packaging_apps>
--- a/README_fr.md
+++ b/README_fr.md
@ -1,10 +1,14 @@
 <!--
 N.B.: This README was automatically generated by https://github.com/YunoHost/apps/tree/master/tools/README-generator
 It shall NOT be edited by hand.
 -->
 # Radicale pour YunoHost
-[![Niveau d'intégration](https://dash.yunohost.org/integration/radicale.svg)](https://dash.yunohost.org/appci/app/radicale) ![](https://ci-apps.yunohost.org/ci/badges/radicale.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/radicale.maintain.svg)  
+[![Niveau d'intégration](https://dash.yunohost.org/integration/radicale.svg)](https://dash.yunohost.org/appci/app/radicale) ![Statut du fonctionnement](https://ci-apps.yunohost.org/ci/badges/radicale.status.svg) ![Statut de maintenance](https://ci-apps.yunohost.org/ci/badges/radicale.maintain.svg)  
 [![Installer Radicale avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=radicale)
 *[Read this readme in english.](./README.md)*
 *[Lire ce readme en français.](./README_fr.md)*
 > *Ce package vous permet d'installer Radicale rapidement et simplement sur un serveur YunoHost.
 Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.*
@ -14,10 +18,7 @@ Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour
 Radicale est un petit mais puissant serveur CalDAV (calendriers, listes de tâches) et CardDAV (contacts).
-**Version incluse :** 1.1.6~ynh6
+**Version incluse :** 3.1.8~ynh1
 ## Avertissements / informations importantes
 ## Configuration
@ -42,21 +43,22 @@ Supportée, avec LDAP et SSO seulement avec radicale, pas pour InfCloud.
 ## Documentations et ressources
-* Site officiel de l'app : http://radicale.org
+* Site officiel de l'app : <http://radicale.org>
-* Documentation officielle de l'admin : https://github.com/Kozea/Radicale/blob/website/pages/user_documentation.rst
+* Documentation officielle de l'admin : <https://github.com/Kozea/Radicale/blob/website/pages/user_documentation.rst>
-* Dépôt de code officiel de l'app : https://github.com/Kozea/Radicale
+* Dépôt de code officiel de l'app : <https://github.com/Kozea/Radicale>
-* Documentation YunoHost pour cette app : https://yunohost.org/app_radicale
+* Documentation YunoHost pour cette app : <https://yunohost.org/app_radicale>
-* Signaler un bug : https://github.com/YunoHost-Apps/radicale_ynh/issues
+* Signaler un bug : <https://github.com/YunoHost-Apps/radicale_ynh/issues>
 ## Informations pour les développeurs
 Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/radicale_ynh/tree/testing).
 Pour essayer la branche testing, procédez comme suit.
-```
+
 ``` bash
 sudo yunohost app install https://github.com/YunoHost-Apps/radicale_ynh/tree/testing --debug
 ou
 sudo yunohost app upgrade radicale -u https://github.com/YunoHost-Apps/radicale_ynh/tree/testing --debug
 ```
-**Plus d'infos sur le packaging d'applications :** https://yunohost.org/packaging_apps
+**Plus d'infos sur le packaging d'applications :** <https://yunohost.org/packaging_apps>
--- a/conf/config
+++ b/conf/config
@ -15,41 +15,29 @@
 # IPv4 syntax: address:port
 # IPv6 syntax: [address]:port
 # For example: 0.0.0.0:9999, [::]:9999
-# IPv6 adresses are configured to only allow IPv6 connections
+hosts = localhost:__PORT__
 #hosts = 0.0.0.0:5232
-# Daemon flag
+# Max parallel connections
-#daemon = False
+#max_connections = 8
-# File storing the PID in daemon mode
+# Max size of request body (bytes)
-#pid =
+#max_content_length = 100000000
 # Socket timeout (seconds)
 #timeout = 30
 # SSL flag, enable HTTPS protocol
 #ssl = False
 # SSL certificate path
-#certificate = /etc/apache2/ssl/server.crt
+#certificate = /etc/ssl/radicale.cert.pem
 # SSL private key
-#key = /etc/apache2/ssl/server.key
+#key = /etc/ssl/radicale.key.pem
-# SSL Protocol used. See python's ssl module for available values
+# CA certificate for validating clients. This can be used to secure
-#protocol = PROTOCOL_SSLv23
+# TCP traffic between Radicale and a reverse proxy
-
+#certificate_authority =
 # Ciphers available. See python's ssl module for available ciphers
 #ciphers =
 # Reverse DNS to resolve client address in logs
 dns_lookup = True
 # Root URL of Radicale (starting and ending with a slash)
 base_prefix = __PATH__
 # Possibility to allow URLs cleaned by a HTTP server, without the base_prefix
 #can_skip_base_prefix = False
 # Message displayed in the client when a password is needed
 #realm = Radicale - Password Required
 [encoding]
@ -61,89 +49,63 @@ request = utf-8
 stock = utf-8
 [well-known]
 # Path where /.well-known/caldav/ is redirected
 #caldav = '/%(user)s/caldav/'
 # Path where /.well-known/carddav/ is redirected
 #carddav = '/%(user)s/carddav/'
 [auth]
 # Authentication method
-# Value: None | htpasswd | IMAP | LDAP | PAM | courier | http | remote_user | custom
+# Value: none | htpasswd | remote_user | http_x_remote_user
-type = LDAP
+#type = none
-
+type = htpasswd
 # Custom authentication handler
 #custom_handler =
 # Htpasswd filename
-#htpasswd_filename = /etc/radicale/users
+htpasswd_filename = /etc/radicale/users
 # Htpasswd encryption method
-# Value: plain | sha1 | ssha | crypt
+# Value: plain | bcrypt | md5
-#htpasswd_encryption = crypt
+# bcrypt requires the installation of radicale[bcrypt].
 htpasswd_encryption = bcrypt
 # Incorrect authentication delay (seconds)
 #delay = 1
 # Message displayed in the client when a password is needed
 #realm = Radicale - Password Required
 # LDAP doesn't work for now...
 # type = radicale_auth_ldap
 # LDAP server URL, with protocol and port
-ldap_url = ldap://localhost:389/
+# ldap_url = ldap://localhost:389/
 # LDAP base path
-ldap_base = ou=users,dc=yunohost,dc=org
+# ldap_base = ou=users,dc=yunohost,dc=org
 # LDAP login attribute
-ldap_attribute = uid
+# ldap_attribute = uid
 # LDAP filter string
 # placed as X in a query of the form (&(...)X)
 # example: (objectCategory=Person)(objectClass=User)(memberOf=cn=calenderusers,ou=users,dc=example,dc=org)
-# leave empty if no additional filter is needed
+# ldap_filter = 
 ldap_filter =
 # LDAP dn for initial login, used if LDAP server does not allow anonymous searches
 # Leave empty if searches are anonymous
-#ldap_binddn =
+# ldap_binddn = 
 # LDAP password for initial login, used with ldap_binddn
-#ldap_password =
+# ldap_password = 
 # LDAP scope of the search
-ldap_scope = OneLevel
+# ldap_scope = OneLevel
 # IMAP Configuration
 #imap_hostname = localhost
 #imap_port = 143
 #imap_ssl = False
 # PAM group user should be member of
 #pam_group_membership =
 # Path to the Courier Authdaemon socket
 #courier_socket =
 # HTTP authentication request URL endpoint
 #http_url =
 # POST parameter to use for username
 #http_user_parameter =
 # POST parameter to use for password
 #http_password_parameter =
 [git]
 # Git default options
 #committer = Radicale <radicale@example.com>
 # LDAP extended option
 # If the server is samba, ldap_support_extended is should be no
 # ldap_support_extended = yes
 [rights]
 # Rights backend
-# Value: None | authenticated | owner_only | owner_write | from_file | custom
+# Value: none | authenticated | owner_only | owner_write | from_file
-type = from_file
+#type = owner_only
 # Custom rights handler
 #custom_handler =
 # File for rights management from_file
 file = /etc/radicale/rights
@ -152,37 +114,35 @@ file = /etc/radicale/rights
 [storage]
 # Storage backend
-# -------
+# Value: multifilesystem | multifilesystem_nolock
-# WARNING: ONLY "filesystem" IS DOCUMENTED AND TESTED,
+#type = multifilesystem
 #          OTHER BACKENDS ARE NOT READY FOR PRODUCTION.
 # -------
 # Value: filesystem | multifilesystem | database | custom
 type = filesystem
 # Custom storage handler
 #custom_handler =
 # Folder for storing local collections, created if not present
 filesystem_folder = __FINALPATH__/collections
-# Database URL for SQLAlchemy
+# Delete sync token that are older (seconds)
-# dialect+driver://user:password@host/dbname[?key=value..]
+#max_sync_token_age = 2592000
-# For example: sqlite:///var/db/radicale.db, postgresql://user:password@localhost/radicale
+
-# See http://docs.sqlalchemy.org/en/rel_0_8/core/engines.html#sqlalchemy.create_engine
+# Command that is run after changes to storage
-#database_url =
+# Example: ([ -d .git ] || git init) && git add -A && (git diff --cached --quiet || git commit -m "Changes by "%(user)s)
 #hook =
 [web]
 # Web interface backend
 # Value: none | internal
 #type = internal
 [logging]
-# Logging configuration file
+# Threshold for the logger
-# If no config is given, simple information is printed on the standard output
+# Value: debug | info | warning | error | critical
-# For more information about the syntax of the configuration file, see:
+#level = warning
-# http://docs.python.org/library/logging.config.html
+
-config = /etc/radicale/logging
+# Don't include passwords in logs
-# Set the default logging level to debug
+#mask_passwords = True
 debug = False
 # Store all environment variables (including those set in the shell)
 full_environment = False
 [headers]
@ -192,3 +152,10 @@ Access-Control-Allow-Origin = *
 Access-Control-Allow-Methods = GET, POST, OPTIONS, PROPFIND, PROPPATCH, REPORT, PUT, MOVE, DELETE, LOCK, UNLOCK
 Access-Control-Allow-Headers = User-Agent, Authorization, Content-type, Depth, If-match, If-None-Match, Lock-Token, Timeout, Destination, Overwrite, X-clie$
 Access-Control-Expose-Headers = Etag
 #type = LDAP
 #ldap_url = ldap://localhost:389/
 #ldap_base = ou=users,dc=yunohost,dc=org
 #ldap_attribute = uid
 #ldap_filter =
 #ldap_scope = OneLevel
--- a/conf/logging
+++ b/conf/logging
@ -1,49 +0,0 @@
 # Loggers, handlers and formatters keys
 [loggers]
 # Loggers names, main configuration slots
 keys = root
 [handlers]
 # Logging handlers, defining logging output methods
 keys = console,file
 [formatters]
 # Logging formatters
 keys = simple,full
 # Loggers
 [logger_root]
 # Root logger
 level = INFO
 handlers = console,file
 # Handlers
 [handler_console]
 # Console handler
 class = StreamHandler
 level = INFO
 args = (sys.stdout,)
 formatter = simple
 [handler_file]
 # File handler
 class = FileHandler
 level = INFO
 args = ('/var/log/radicale/radicale.log',)
 formatter = full
 # Formatters
 [formatter_simple]
 # Simple output format
 format = %(message)s
 [formatter_full]
 # Full output format
 format = %(asctime)s - %(levelname)s: %(message)s
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@ -1,26 +1,35 @@
 #sub_path_only rewrite ^__PATH__$ __PATH__/ permanent;
 # location __PATH__/ {
 # 	try_files $uri @radicale;
 # }
 # 
 # location @radicale {
 # 	uwsgi_pass unix:///run/uwsgi/app/radicale/socket;
 # 	include uwsgi_params;
 # 	uwsgi_param  QUERY_STRING       $query_string;
 # 	uwsgi_param  REQUEST_METHOD     $request_method;
 # 	uwsgi_param  CONTENT_TYPE       $content_type;
 # 	uwsgi_param  CONTENT_LENGTH     $content_length;
 # 
 # 	uwsgi_param  REQUEST_URI        $request_uri;
 # 	uwsgi_param  PATH_INFO          $document_uri;
 # 	uwsgi_param  DOCUMENT_ROOT      $document_root;
 # 	uwsgi_param  SERVER_PROTOCOL    $server_protocol;
 # 	uwsgi_param  HTTPS              $https if_not_empty;
 # 
 # 	uwsgi_param  REMOTE_ADDR        $remote_addr;
 # 	uwsgi_param  REMOTE_PORT        $remote_port;
 # 	uwsgi_param  SERVER_PORT        $server_port;
 # 	uwsgi_param  SERVER_NAME        $server_name;
 # }
 location __PATH__/ {
-	try_files $uri @radicale;
+    proxy_pass           http://localhost:__PORT__/;
-}
+    proxy_set_header     X-Script-Name __PATH__;
    proxy_set_header     X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header     Host $http_host;
-location @radicale {
+    proxy_set_header     X-Remote-User $remote_user;
-	uwsgi_pass unix:///run/uwsgi/app/radicale/socket;
+#     proxy_pass_header Authorization;
 	include uwsgi_params;
 	uwsgi_param  QUERY_STRING       $query_string;
 	uwsgi_param  REQUEST_METHOD     $request_method;
 	uwsgi_param  CONTENT_TYPE       $content_type;
 	uwsgi_param  CONTENT_LENGTH     $content_length;
 	uwsgi_param  REQUEST_URI        $request_uri;
 	uwsgi_param  PATH_INFO          $document_uri;
 	uwsgi_param  DOCUMENT_ROOT      $document_root;
 	uwsgi_param  SERVER_PROTOCOL    $server_protocol;
 	uwsgi_param  HTTPS              $https if_not_empty;
 	uwsgi_param  REMOTE_ADDR        $remote_addr;
 	uwsgi_param  REMOTE_PORT        $remote_port;
 	uwsgi_param  SERVER_PORT        $server_port;
 	uwsgi_param  SERVER_NAME        $server_name;
 }
 #INFCLOUD#location __PATH__/infcloud {
--- a/conf/radicale.ini
+++ b/conf/radicale.ini
@ -1,24 +0,0 @@
 [uwsgi]
 # Who will run the code
 uid = radicale
 gid = radicale
 # Number of workers
 workers = 4
 # The right granted on the created socket
 chmod-socket = 666
 # Plugin to use and interpretor config
 single-interpreter = true
 master = true
 plugin = python
 # Application base folder
 base = /opt/yunohost/radicale
 # Virtualenv and python path
 virtualenv = /opt/yunohost/radicale
 pythonpath = /opt/yunohost/radicale
 chdir= /var/www/radicale
 wsgi-file=/var/www/radicale/radicale.wsgi
--- a/conf/radicale.wsgi
+++ b/conf/radicale.wsgi
@ -1,29 +0,0 @@
 #!/usr/bin/env python
 # -*- coding: utf-8 -*-
 #
 # This file is part of Radicale Server - Calendar Server
 # Copyright © 2011-2013 Guillaume Ayoub
 #
 # This library is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation, either version 3 of the License, or
 # (at your option) any later version.
 #
 # This library is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
 #
 # You should have received a copy of the GNU General Public License
 # along with Radicale.  If not, see <http://www.gnu.org/licenses/>.
 """
 Radicale WSGI file (mod_wsgi and uWSGI compliant).
 """
 import radicale
 radicale.log.start()
 application = radicale.Application()
--- a/conf/rights
+++ b/conf/rights
@ -1,12 +1,116 @@
-# Rights are based on a regex-based file whose name is specified in the config (section "right", key "file").
+# -*- mode: conf -*-
 # vim:ft=cfg
 # Rights management file for Radicale - A simple calendar server
 #
-# Authentication login is matched against the "user" key, and collection's path is matched against the "collection" key. You can use Python's ConfigParser interpolation values %(login)s and %(path)s. You can also get groups from the user regex in the collection with {0}, {1}, etc.
+# The default path for this file is /etc/radicale/rights
 # The path can be specified in the rights section of the configuration file
 #
-# For example, for the "user" key, ".+" means "authenticated user" and ".*" means "anybody" (including anonymous users).
+# Section names are used for naming rules and must be unique.
-#
+# The first rule matching both user and collection patterns will be used.
-# Section names are only used for naming the rule.
+
-#
+
-# Leading or ending slashes are trimmed from collection's path.
+# Example: owner_only plugin
 # Allow reading root collection for authenticated users
 #[root]
 #user: .+
 #collection:
 #permissions: R
 # Allow reading and writing principal collection (same as username)
 #[principal]
 #user: .+
 #collection: {user}
 #permissions: RW
 # Allow reading and writing calendars and address books that are direct
 # children of the principal collection
 #[calendars]
 #user: .+
 #collection: {user}/[^/]+
 #permissions: rw
 # Example: owner_write plugin
 # Only listed additional rules for the owner_only plugin example.
 # Allow reading principal collections of all users
 #[read-all-principals]
 #user: .+
 #collection: [^/]+
 #permissions: R
 # Allow reading all calendars and address books that are direct children of any
 # principal collection
 #[read-all-calendars]
 #user: .+
 #collection: [^/]+/[^/]+
 #permissions: r
 # Example: authenticated plugin
 # Allow reading and writing root and principal collections of all users
 #[root-and-principals]
 #user: .+
 #collection: [^/]*
 #permissions: RW
 # Allow reading and writing all calendars and address books that are direct
 # children of any principal collection
 #[calendars]
 #user: .+
 #collection: [^/]+/[^/]+
 #permissions: rw
 # Example: Allow user "admin" to read everything
 #[admin-read-all]
 #user: admin
 #collection: .*
 #permissions: Rr
 # Example: Allow everybody (including unauthenticated users) to read
 # the collection "public"
 # Allow reading collection "public" for authenticated users
 #[public-principal]
 #user: .+
 #collection: public
 #permissions: R
 # Allow reading all calendars and address books that are direct children of
 # the collection "public" for authenticated users
 #[public-calendars]
 #user: .+
 #collection: public/[^/]+
 #permissions: r
 # Allow access to public calendars and address books via HTTP GET for everyone
 #[public-calendars-restricted]
 #user: .*
 #collection: public/[^/]+
 #permissions: i
 # Example: Grant users of the form user@domain.tld read access to the
 # collection "domain.tld"
 # Allow reading the domain collection
 #[read-domain-principal]
 #user: .+@([^@]+)
 #collection: {0}
 #permissions: R
 # Allow reading all calendars and address books that are direct children of
 # the domain collection
 #[read-domain-calendars]
 #user: .+@([^@]+)
 #collection: {0}/[^/]+
 #permissions: r
 # User can read the root of all collection. And discovers your collection.
 [user-read-root-collection]
@ -17,51 +121,5 @@ permission: r
 # Give read and write access to owners
 [owner-read-write]
 user: .+
-collection: ^%(login)s|^%(login)s/.*
+collection: ^{user}|^{user}/.*
 permission: rw
 ### EXAMPLES:
 ## Allow authenticated user to read all collections
 # [allow-everyone-read]
 # user: .+
 # collection: .*
 # permission: r
 ## This means all users starting with "admin" may read any collection
 # [admin]
 # user: ^admin.*$
 # collection: .*
 # permission: r
 ## A little more complex: give read access to users from a domain for all
 # collections of all the users (ie. user@domain.tld can read domain/\*).
 # [domain-wide-access]
 # user: ^.+@(.+)\..+$
 # collection: ^{0}/.+$
 # permission: r
 ## This means all users may read and write any collection starting with public.
 # [public]
 # user: .*
 # collection: ^public(/.+)?$
 # permission: rw
 ## Partage public en lecture seule d'un agenda
 # [public for readonly]
 # user: .*
 # collection: ^utilisateur/nom_calendrier.ics$
 # permission: r
 ## Partage public en lecture/écriture d'un agenda
 # [public for read/write]
 # user: .*
 # collection: ^utilisateur/nom_calendrier.ics$
 # permission: rw
 # [user1 can read and write user2/shared2]
 # user: ^user1$
 # collection: ^user2/shared2.ics$
 # permission: rw
--- a/conf/systemd.service
+++ b/conf/systemd.service
@ -0,0 +1,24 @@
 [Unit]
 Description=A simple CalDAV (calendar) and CardDAV (contact) server
 After=network.target
 Requires=network.target
 [Service]
 ExecStart=/opt/yunohost/__APP__/bin/python3 -m radicale
 Restart=on-failure
 User=radicale
 # Deny other users access to the calendar data
 UMask=0027
 # Optional security settings
 PrivateTmp=true
 ProtectSystem=strict
 ProtectHome=true
 PrivateDevices=true
 ProtectKernelTunables=true
 ProtectKernelModules=true
 ProtectControlGroups=true
 NoNewPrivileges=true
 ReadWritePaths=__FINALPATH__/collections /var/log/__APP__
 [Install]
 WantedBy=multi-user.target
--- a/hooks/post_user_create
+++ b/hooks/post_user_create
@ -1,7 +0,0 @@
 #!/bin/bash
 user=$1
 final_path=__FINALPATH__
 sudo cp -a $final_path/default_collections/USER $final_path/collections/$user
 sudo cp -a $final_path/default_collections/USER.props $final_path/collections/$user.props
--- a/hooks/post_user_delete
+++ b/hooks/post_user_delete
@ -1,6 +0,0 @@
 #!/bin/bash
 user=$1
 final_path=__FINALPATH__
 sudo rm -r $final_path/collections/$user
--- a/manifest.json
+++ b/manifest.json
@ -6,7 +6,7 @@
 		"en": "CalDAV (calendar) and CardDAV (contact) synchronization server",
 		"fr": "Serveur de synchronisation CalDAV et CardDAV"
 	},
-	"version": "1.1.6~ynh6",
+	"version": "3.1.8~ynh1",
 	"url": "http://radicale.org",
    "upstream": {
        "license": "GPL-3.0,AGPL-3.0",
--- a/scripts/_common.sh
+++ b/scripts/_common.sh
@ -6,7 +6,9 @@
 YNH_PHP_VERSION="7.3"
-pkg_dependencies="python-pip python-virtualenv virtualenv python-dev libldap2-dev libsasl2-dev libssl-dev uwsgi uwsgi-plugin-python"
+# pkg_dependencies="python-pip python-virtualenv virtualenv python-dev libldap2-dev libsasl2-dev libssl-dev uwsgi uwsgi-plugin-python"
 pkg_dependencies="python3-pip python3-virtualenv virtualenv python3-dev libldap2-dev libsasl2-dev libssl-dev bcrypt apache2-utils"
 # bcrypt and apache2-utils are used in replacement of ldap...
 #=================================================
 # BOOLEAN CONVERTER
--- a/scripts/backup
+++ b/scripts/backup
@ -71,7 +71,12 @@ ynh_backup --src_path="/etc/logrotate.d/$app"
 # BACKUP SYSTEMD
 #=================================================
-ynh_backup --src_path="/etc/uwsgi/apps-available/radicale.ini"
+if [ -e "/etc/uwsgi/apps-available/radicale.ini" ]
 then
    ynh_backup --src_path="/etc/uwsgi/apps-available/radicale.ini"
 else
    ynh_backup --src_path="/etc/systemd/system/$app.service"
 fi
 #=================================================
 # BACKUP VARIOUS FILES
--- a/scripts/change_url
+++ b/scripts/change_url
@ -28,6 +28,7 @@ ynh_script_progression --message="Loading installation settings..."
 # Needed for helper "ynh_add_nginx_config"
 final_path=$(ynh_app_setting_get --app=$app --key=final_path)
 port=$(ynh_app_setting_get --app=$app --key=port)
 infcloud=$(ynh_app_setting_get --app=$app --key=infcloud)
@ -83,6 +84,11 @@ ynh_script_progression --message="Updating NGINX web server configuration..."
 nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
 # If path_url contains infcloud, remove it
 if [[ "$path_url" =~ "/infcloud" ]]; then
    path_url="${path_url%/*}"
 fi
 # Change the path in the NGINX config file
 if [ $change_path -eq 1 ]
 then
@ -110,26 +116,11 @@ fi
 #=================================================
 # MODIFY CONFIG FILES
 #=================================================
 ynh_replace_string --match_string="^base_prefix = $old_path.*" --replace_string="base_prefix = ${new_path%/}/" --target_file="/etc/$app/config"
 if [ $infcloud -eq 1 ]; then
 	ynh_replace_string --match_string="href: 'https://$old_domain$old_path'," --replace_string="href: 'https://$new_domain${new_path%/}/'," --target_file="$final_path/infcloud/config.js"
 fi
 #=================================================
 # UPDATE SSOWAT
 #=================================================
 if [ $infcloud -eq 1 ]
 then
 	ynh_script_progression --message="Reconfigure SSOwat"
 	# Add /infcloud to the path of radicale to access it from the portal
 	echo "sudo yunohost --verbose app setting $app path -v \"${new_path%/}/infcloud\"; sudo yunohost app ssowatconf" | at now + 1 min >&2
 	domain_regex=$(echo "$new_domain" | sed 's@-@.@g')
 	# Radicale is always accessible (For access to ressources)
 	ynh_app_setting_set --app=$app --key=skipped_regex --value="$domain_regex$new_path"
 fi
 #=================================================
 # GENERIC FINALISATION
 #=================================================
@ -138,7 +129,7 @@ fi
 ynh_script_progression --message="Starting a systemd service..."
 # Start a systemd service
-ynh_systemd_action --service_name=uwsgi --action="restart"
+ynh_systemd_action --service_name=$app --action="restart"
 #=================================================
 # RELOAD NGINX
--- a/scripts/install
+++ b/scripts/install
@ -14,7 +14,7 @@ source /usr/share/yunohost/helpers
 #=================================================
 ynh_clean_setup () {
-	ynh_clean_check_starting
+    ynh_clean_check_starting
 }
 # Exit if an error occurs during the execution of the script
 ynh_abort_if_errors
@ -33,6 +33,7 @@ app=$YNH_APP_INSTANCE_NAME
 # Retrieve the version number in the manifest file.
 version=$(ynh_app_upstream_version)
 ynh_print_warn $version
 #=================================================
 # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
@ -56,15 +57,24 @@ ynh_app_setting_set --app=$app --key=admin --value=$admin
 ynh_app_setting_set --app=$app --key=infcloud --value=$infcloud
 ynh_app_setting_set --app=$app --key=version --value=$version
 ynh_app_setting_set --app=$app --key=overwrite_logging --value="1"
 ynh_app_setting_set --app=$app --key=overwrite_config --value="1"
 ynh_app_setting_set --app=$app --key=overwrite_infcloud --value="1"
 ynh_app_setting_set --app=$app --key=overwrite_nginx --value="1"
 ynh_app_setting_set --app=$app --key=overwrite_systemd --value="1"
 ynh_app_setting_set --app=$app --key=overwrite_phpfpm --value="1"
 ynh_app_setting_set --app=$app --key=admin_mail_html --value="1"
 #=================================================
 # STANDARD MODIFICATIONS
 #=================================================
 # FIND AND OPEN A PORT
 #=================================================
 ynh_script_progression --message="Configuring firewall..."
 # Find a free port
 port=$(ynh_find_port --port=5232)
 ynh_app_setting_set --app=$app --key=port --value=$port
 #=================================================
 # INSTALL DEPENDENCIES
 #=================================================
@ -89,26 +99,15 @@ ynh_app_setting_set --app=$app --key=final_path --value=$final_path
 # Create the directory and set the path in the config
 mkdir -p "$final_path/collections"
 # Copy files to the right place
 cp ../conf/radicale.wsgi $final_path
 # Copy extra files
 cp -a ../sources/extra_files_radicale/. "$final_path"
 if [ $infcloud -eq 1 ]
 then
-	# Download and uncompress the source into final_path
+    # Download and uncompress the source into final_path
-	ynh_setup_source --dest_dir="$final_path/infcloud"
+    ynh_setup_source --dest_dir="$final_path/infcloud"
 fi
-chmod 750 "$final_path"
+chmod 750 -R "$final_path"
 chmod -R o-rwx "$final_path"
 chown -R $app:www-data "$final_path"
 # Set default permissions as radicale do.
 chmod 666 -R $final_path/default_collections
 chmod 777 $final_path/default_collections $final_path/default_collections/USER
 #=================================================
 # NGINX CONFIGURATION
 #=================================================
@ -119,8 +118,8 @@ ynh_add_nginx_config
 if [ $infcloud -eq 1 ]
 then
-	# Add InfCloud in NGINX config
+    # Add InfCloud in NGINX config
-	ynh_replace_string --match_string="#INFCLOUD#" --replace_string="" --target_file="/etc/nginx/conf.d/$domain.d/$app.conf"
+    ynh_replace_string --match_string="#INFCLOUD#" --replace_string="" --target_file="/etc/nginx/conf.d/$domain.d/$app.conf"
 fi
 ynh_store_file_checksum --file="/etc/nginx/conf.d/$domain.d/$app.conf"
@ -130,11 +129,11 @@ ynh_store_file_checksum --file="/etc/nginx/conf.d/$domain.d/$app.conf"
 if [ $infcloud -eq 1 ]
 then
-	ynh_script_progression --message="Configuring PHP-FPM..."
+    ynh_script_progression --message="Configuring PHP-FPM..."
-	# Create a dedicated PHP-FPM config
+    # Create a dedicated PHP-FPM config
-	ynh_add_fpm_config
+    ynh_add_fpm_config
-	phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
+    phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
 fi
 #=================================================
@ -145,14 +144,23 @@ fi
 ynh_script_progression --message="Install Radicale in a virtualenv"
 # Init virtualenv
-virtualenv /opt/yunohost/$app
+virtualenv -p python3 /opt/yunohost/$app
-version=$(ynh_app_setting_get --app=$app --key=version)
+version=$(ynh_app_upstream_version)
-/opt/yunohost/$app/bin/pip install radicale==$version python-ldap
+ynh_app_setting_set --app=$app --key=version --value="$version"
 /opt/yunohost/$app/bin/python3 -m pip install radicale==$version passlib bcrypt
-# regex.py file is patched to fix the awful commit e807c3d35bea9cfcfcacac83b1b17d748ea15a39 that stop the reading of "rights" file after the first match.
+# Add LDAP plugin
-mv "$final_path/regex.py" /opt/yunohost/$app/lib/python*/site-packages/radicale/rights/regex.py
+# (cd /opt/yunohost/$app
 # set +u; source bin/activate
 # # git clone https://github.com/marcoh00/radicale-auth-ldap
 # git clone https://github.com/cloudron-io/radicale-auth-ldap
 # cd radicale-auth-ldap
 # python3 -m pip install .)
 # Use htpasswd instead of ldap
 touch /etc/radicale/users
 # sudo htpasswd -B -c /etc/radicale/users username
 # useradd radicale -d /opt/yunohost/$app
 chown radicale: -R /opt/yunohost/$app
 find /opt/yunohost/$app/ -type d -exec chmod 2755 {} \;
@ -167,8 +175,6 @@ mkdir -p /etc/$app
 ynh_add_config --template="../conf/config" --destination="/etc/$app/config"
 ynh_add_config --template="../conf/logging" --destination="/etc/$app/logging"
 ynh_add_config --template="../conf/rights" --destination="/etc/$app/rights"
 chmod 755 /etc/$app/
@ -176,76 +182,57 @@ chmod 644 /etc/$app/*
 if [ $infcloud -eq 1 ]
 then
-	# InfCloud configuration
+    # InfCloud configuration
-	# Set language
+    # Set language
-	case "$language" in
+    case "$language" in
-		"Czech") language="cs_CZ"
+        "Czech") language="cs_CZ"
-		;;
+        ;;
-		"Danish") language="da_DK"
+        "Danish") language="da_DK"
-		;;
+        ;;
-		"German") language="de_DE"
+        "German") language="de_DE"
-		;;
+        ;;
-		"English/US") language="en_US"
+        "English/US") language="en_US"
-		;;
+        ;;
-		"Spanish") language="es_ES"
+        "Spanish") language="es_ES"
-		;;
+        ;;
-		"French") language="fr_FR"
+        "French") language="fr_FR"
-		;;
+        ;;
-		"Italian") language="it_IT"
+        "Italian") language="it_IT"
-		;;
+        ;;
-		"Japan") language="ja_JP"
+        "Japan") language="ja_JP"
-		;;
+        ;;
-		"Hungarian") language="hu_HU"
+        "Hungarian") language="hu_HU"
-		;;
+        ;;
-		"Dutch") language="nl_NL"
+        "Dutch") language="nl_NL"
-		;;
+        ;;
-		"Slovak") language="sk_SK"
+        "Slovak") language="sk_SK"
-		;;
+        ;;
-		"Turkish") language="tr_TR"
+        "Turkish") language="tr_TR"
-		;;
+        ;;
-		"Russian") language="ru_RU"
+        "Russian") language="ru_RU"
-		;;
+        ;;
-		"Ukrainian") language="uk_UA"
+        "Ukrainian") language="uk_UA"
-		;;
+        ;;
-		"Chinese") language="zh_CN"
+        "Chinese") language="zh_CN"
-		;;
+        ;;
-	esac
+    esac
-	ynh_app_setting_set --app=$app --key=language --value=$language
+    ynh_app_setting_set --app=$app --key=language --value=$language
-	timezone=$(cat /etc/timezone)
+    timezone=$(cat /etc/timezone)
-	ynh_add_config --template="../conf/config.js" --destination="$final_path/infcloud/config.js"
+    ynh_add_config --template="../conf/config.js" --destination="$final_path/infcloud/config.js"
-	chmod 440 "$final_path/infcloud/config.js"
+    chmod 440 "$final_path/infcloud/config.js"
-	chown $app:www-data "$final_path/infcloud/config.js"
+    chown $app:www-data "$final_path/infcloud/config.js"
 fi
 #=================================================
 # GENERATE CALENDARS AND ADDRESS BOOKS FOR ALL USERS
 #=================================================
 ynh_script_progression --message="Generate calendars and address books for all users"
 # Create default calendars and address books for each users
 while read user
 do
 		cp -a $final_path/default_collections/USER $final_path/collections/$user
 		cp -a $final_path/default_collections/USER.props $final_path/collections/$user.props
 # List all users and remove the space after username
 done <<< "$(yunohost user list | grep username | cut -d ":" -f 2 | cut -c 2-)"
 #=================================================
 # PREPARE THE HOOKS
 #=================================================
 # Modify the hooks for create user collections and to remove them.
 ynh_replace_string --match_string="__FINALPATH__" --replace_string="$final_path" --target_file="../hooks/post_user_create"
 ynh_replace_string --match_string="__FINALPATH__" --replace_string="$final_path" --target_file="../hooks/post_user_delete"
 #=================================================
 # SETUP SYSTEMD
 #=================================================
 ynh_script_progression --message="Configuring a systemd service..."
-cp ../conf/radicale.ini /etc/uwsgi/apps-available/
+ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="../conf/systemd.service"
-ln -s /etc/uwsgi/apps-available/radicale.ini /etc/uwsgi/apps-enabled/
+ynh_replace_string --match_string="__FINALPATH__" --replace_string="$final_path" --target_file="../conf/systemd.service"
 # Create a dedicated systemd config
 ynh_add_systemd_config
 #=================================================
 # GENERIC FINALIZATION
@ -266,7 +253,7 @@ ynh_use_logrotate
 #=================================================
 ynh_script_progression --message="Integrating service in YunoHost..."
-yunohost service add $app --log="/var/log/uwsgi/app/radicale.log"
+yunohost service add $app --log="/var/log/$app"
 #=================================================
 # START SYSTEMD SERVICE
@ -274,7 +261,7 @@ yunohost service add $app --log="/var/log/uwsgi/app/radicale.log"
 ynh_script_progression --message="Starting a systemd service..."
 # Start a systemd service
-ynh_systemd_action --service_name=uwsgi --action="restart"
+ynh_systemd_action --service_name=$app --action="restart"
 #=================================================
 # SETUP SSOWAT
@ -283,19 +270,9 @@ ynh_script_progression --message="Configuring permissions..."
 if [ $infcloud -eq 1 ]
 then
-	# Add /infcloud to the path of radicale to access it from the portal
+    ynh_permission_create --permission="infcloud" --url="${path_url%/}/infcloud" --allowed="$admin" --show_tile=true
 	# Replace radicale by InfCloud into YunoHost portal
 	ynh_app_setting_set --app=$app --key=path --value="${path_url%/}/infcloud"
 	# Protect InfCloud access
 	ynh_app_setting_set --app=$app --key=protected_uris --value="/"
 	domain_regex=$(echo "$domain" | sed 's@-@.@g')
 	# Radicale is always accessible (For access to ressources)
 	ynh_app_setting_set --app=$app --key=skipped_regex --value="$domain_regex$path_url"
 else
 	# If only radicale is installed
 	# Radicale is always accessible (For access to ressources)
 	ynh_app_setting_set --app=$app --key=unprotected_uris --value="/"
 fi
 ynh_permission_update --permission="main" --add="visitors" --show_tile=false
 #=================================================
 # RELOAD NGINX
@ -313,15 +290,14 @@ admin_panel="https://$(grep portal_domain /etc/ssowat/conf.json | cut -d'"' -f4)
 if [ $infcloud -eq 1 ]
 then
-	infcloud_config="
+    infcloud_config="
 InfCloud has its own config file, at $final_path/infcloud/config.js
 "
 else
-	infcloud_config=""
+    infcloud_config=""
 fi
 echo "Use the file /etc/radicale/config to change the main configuration of radicale.
 The file /etc/radicale/logging to change the level of logging.
 And the file /etc/radicale/rights to edit the way the calendars will be shared.
 $infcloud_config
 You can configure this app easily by using the experimental __URL_TAG1__config-panel feature__URL_TAG2__$admin_panel/config-panel__URL_TAG3__.
--- a/scripts/remove
+++ b/scripts/remove
@ -37,15 +37,7 @@ fi
 #=================================================
 ynh_script_progression --message="Stopping and removing the systemd service..."
-# Delete uwsgi configuration
+ynh_remove_systemd_config
 if [ -h "/etc/uwsgi/apps-enabled/radicale.ini" ]; then
 	echo "Delete uwsgi config"
 	ynh_secure_remove --file="/etc/uwsgi/apps-enabled/radicale.ini"
 fi
 ynh_secure_remove --file="/etc/uwsgi/apps-available/radicale.ini"
 ynh_systemd_action --action="restart" --service_name=uwsgi
 #=================================================
 # REMOVE LOGROTATE CONFIGURATION
--- a/scripts/restore
+++ b/scripts/restore
@ -118,8 +118,16 @@ ynh_restore_file --origin_path="/etc/$app/"
 #=================================================
 ynh_script_progression --message="Restoring the systemd configuration..."
-ynh_restore_file --origin_path="/etc/uwsgi/apps-available/radicale.ini"
+# if ynh_compare_current_package_version --comparison le --version 1.1.6~ynh6
-ln -s /etc/uwsgi/apps-available/radicale.ini /etc/uwsgi/apps-enabled/
+version=$(ynh_app_upstream_version)
 if [ $version == 1.1.6 ]
 then
    ynh_restore_file --origin_path="/etc/uwsgi/apps-available/radicale.ini"
    ln -s /etc/uwsgi/apps-available/radicale.ini /etc/uwsgi/apps-enabled/
 else
    ynh_restore_file --origin_path="/etc/systemd/system/$app.service"
    systemctl enable $app.service
 fi
 #=================================================
 # RESTORE THE LOGROTATE CONFIGURATION
@ -137,14 +145,14 @@ ynh_restore_file --origin_path="/etc/logrotate.d/$app"
 #=================================================
 ynh_script_progression --message="Integrating service in YunoHost..."
-yunohost service add $app --log="/var/log/uwsgi/app/radicale.log"
+yunohost service add $app --log="/var/log/$app"
 #=================================================
 # START SYSTEMD SERVICE
 #=================================================
 ynh_script_progression --message="Starting a systemd service..."
-ynh_systemd_action --service_name=uwsgi --action=restart
+ynh_systemd_action --service_name=$app --action="restart"
 #=================================================
 # GENERIC FINALIZATION
--- a/scripts/upgrade
+++ b/scripts/upgrade
@ -21,12 +21,13 @@ path_url=$(ynh_app_setting_get --app=$app --key=path)
 language=$(ynh_app_setting_get --app=$app --key=language)
 admin=$(ynh_app_setting_get --app=$app --key=admin)
 final_path=$(ynh_app_setting_get --app=$app --key=final_path)
 port=$(ynh_app_setting_get --app=$app --key=port)
 infcloud=$(ynh_app_setting_get --app=$app --key=infcloud)
 version=$(ynh_app_setting_get --app=$app --key=version)
 overwrite_logging=$(ynh_app_setting_get --app=$app --key=overwrite_logging)
 overwrite_config=$(ynh_app_setting_get --app=$app --key=overwrite_config)
 overwrite_infcloud=$(ynh_app_setting_get --app=$app --key=overwrite_infcloud)
 overwrite_nginx=$(ynh_app_setting_get --app=$app --key=overwrite_nginx)
 overwrite_systemd=$(ynh_app_setting_get --app=$app --key=overwrite_systemd)
 overwrite_phpfpm=$(ynh_app_setting_get --app=$app --key=overwrite_phpfpm)
 # Optional parameters from config-panel feature
@ -52,9 +53,9 @@ ynh_script_progression --message="Backing up the app before upgrading (may take
 # Backup the current version of the app
 ynh_backup_before_upgrade
 ynh_clean_setup () {
-	ynh_clean_check_starting
+    ynh_clean_check_starting
-	# Restore it if the upgrade fails
+    # Restore it if the upgrade fails
-	ynh_restore_upgradebackup
+    ynh_restore_upgradebackup
 }
 # Exit if an error occurs during the execution of the script
 ynh_abort_if_errors
@ -77,63 +78,112 @@ ynh_app_setting_delete --app=$app --key=unprotected_regex
 if [ -d /usr/local/radicale ]
 then
-	mkdir -p /opt/yunohost
+    mkdir -p /opt/yunohost
-	mv /usr/local/radicale /opt/yunohost/
+    mv /usr/local/radicale /opt/yunohost/
 fi
 if [ -z "$version" ]
 then
 	# Retrieve the version number in the manifest file.
 	version=$(ynh_app_upstream_version)
 	ynh_app_setting_set --app=$app --key=version --value="$version"
 fi
 # Fix infcloud as a boolean
 if [ "$infcloud" = "Yes" ]; then
-	ynh_app_setting_set --app=$app --key=infcloud --value=1
+    ynh_app_setting_set --app=$app --key=infcloud --value=1
-	infcloud=1
+    infcloud=1
 elif [ "$infcloud" = "No" ]; then
-	ynh_app_setting_set --app=$app --key=infcloud --value=0
+    ynh_app_setting_set --app=$app --key=infcloud --value=0
-	infcloud=0
+    infcloud=0
 fi
 # If overwrite_logging doesn't exist, create it
 if [ -z "$overwrite_logging" ]; then
 	overwrite_logging=1
 	ynh_app_setting_set --app=$app --key=overwrite_logging --value=$overwrite_logging
 fi
 # If overwrite_config doesn't exist, create it
 if [ -z "$overwrite_config" ]; then
-	overwrite_config=1
+    overwrite_config=1
-	ynh_app_setting_set --app=$app --key=overwrite_config --value=$overwrite_config
+    ynh_app_setting_set --app=$app --key=overwrite_config --value=$overwrite_config
 fi
 # If overwrite_infcloud doesn't exist, create it
 if [ -z "$overwrite_infcloud" ]; then
-	overwrite_infcloud=1
+    overwrite_infcloud=1
-	ynh_app_setting_set --app=$app --key=overwrite_infcloud --value=$overwrite_infcloud
+    ynh_app_setting_set --app=$app --key=overwrite_infcloud --value=$overwrite_infcloud
 fi
 # If overwrite_nginx doesn't exist, create it
 if [ -z "$overwrite_nginx" ]; then
-	overwrite_nginx=1
+    overwrite_nginx=1
-	ynh_app_setting_set --app=$app --key=overwrite_nginx --value=$overwrite_nginx
+    ynh_app_setting_set --app=$app --key=overwrite_nginx --value=$overwrite_nginx
 fi
 # If overwrite_systemd doesn't exist, create it
 if [ -z "$overwrite_systemd" ]; then
    overwrite_systemd=1
    ynh_app_setting_set --app=$app --key=overwrite_systemd --value=$overwrite_systemd
 fi
 # If overwrite_phpfpm doesn't exist, create it
 if [ -z "$overwrite_phpfpm" ]; then
-	overwrite_phpfpm=1
+    overwrite_phpfpm=1
-	ynh_app_setting_set --app=$app --key=overwrite_phpfpm --value=$overwrite_phpfpm
+    ynh_app_setting_set --app=$app --key=overwrite_phpfpm --value=$overwrite_phpfpm
 fi
 # Cleaning legacy permissions
 if ynh_legacy_permissions_exists; then
-	ynh_legacy_permissions_delete_all
+    ynh_legacy_permissions_delete_all
-	ynh_app_setting_delete --app=$app --key=is_public
+    ynh_app_setting_delete --app=$app --key=is_public
 fi
 # If path_url still contains infcloud, then radicale_path doesn't exist
 if [[ "$path_url" =~ "/infcloud" ]]; then
    path_url="${path_url%/*}"
    ynh_app_setting_set --app=$app --key=path --value=$path_url
 fi
 # Migrate to v2
 if ynh_compare_current_package_version --comparison le --version 1.1.6~ynh6
 then
    ynh_print_warn --message="Migration to radicale v2+..."
    # Force nginx upgrade
    overwrite_nginx=1
    # Force systemd upgrade
    overwrite_systemd=1
    # Force config upgrade
    overwrite_config=1
    # Migrate collections to v2 format
    # Init a new temporary virtualenv
    virtualenv -p python3 /opt/yunohost/radicale_v1_temp
    # Install a v1 version
    /opt/yunohost/radicale_v1_temp/bin/pip install radicale==1.1.* python-ldap
    # Force the migration of calendars
    if ! ynh_exec_warn /opt/yunohost/radicale_v1_temp/bin/python3 -m radicale --export-storage "$final_path/collections_new"
    then
        # Clean up if it fails to prevent further failures
        ynh_secure_remove --file="/opt/yunohost/radicale_v1_temp"
        ynh_secure_remove --file="$final_path/collections_new"
    fi
    # Backup the old collection
    mv "$final_path/collections" "$final_path/collections_v1"
    # And replace by the new one
    mv "$final_path/collections_new" "$final_path/collections"
    # Find a free port
    port=$(ynh_find_port --port=5232)
    ynh_app_setting_set --app=$app --key=port --value=$port
    ## Cleanup...
    ynh_secure_remove --file="$final_path/default_collections"
    ynh_secure_remove --file="$final_path/collections.props"
    # Remove the temporary virtualenv
    ynh_secure_remove --file="/opt/yunohost/radicale_v1_temp"
    # Remove uwsgi config
    ynh_secure_remove --file="$final_path/radicale.wsgi"
    ynh_secure_remove --file="/etc/uwsgi/apps-enabled/radicale.ini"
    ynh_secure_remove --file="/etc/uwsgi/apps-available/radicale.ini"
    ynh_systemd_action --service_name=uwsgi --action="restart"
    # Set permissions
    if [ $infcloud -eq 1 ]
    then
        ynh_permission_create --permission="infcloud" --url="${path_url%/}/infcloud" --allowed="$admin" --show_tile=true
    fi
    ynh_permission_update --permission="main" --add="visitors" --show_tile=false
 fi
 #=================================================
 # CREATE DEDICATED USER
 #=================================================
@ -148,31 +198,21 @@ ynh_system_user_create --username=$app --home_dir="$final_path"
 if [ "$upgrade_type" == "UPGRADE_APP" ]
 then
-	ynh_script_progression --message="Upgrading source files..."
+    ynh_script_progression --message="Upgrading source files..."
-	# Copy files to the right place
+    # Copy files to the right place
-	mkdir -p $final_path/collections
+    mkdir -p $final_path/collections
-
+    
-	# Copy files to the right place
+    if [ $infcloud -eq 1 ]
-	cp ../conf/radicale.wsgi $final_path
+    then
-	
+        # Download and uncompress the source into final_path
-	# Copy extra files
+        ynh_setup_source --dest_dir="$final_path/infcloud" --keep="config.js"
-	cp -a ../sources/extra_files_radicale/. "$final_path"
+    fi
 	if [ $infcloud -eq 1 ]
 	then
 		# Download and uncompress the source into final_path
 		ynh_setup_source --dest_dir="$final_path/infcloud" --keep="config.js"
 	fi
 fi
-chmod 750 "$final_path"
+chmod 750 -R "$final_path"
 chmod -R o-rwx "$final_path"
 chown -R $app:www-data "$final_path"
 chmod 666 -R $final_path/default_collections
 chmod 777 $final_path/default_collections $final_path/default_collections/USER
 #=================================================
 # NGINX CONFIGURATION
 #=================================================
@ -180,16 +220,16 @@ chmod 777 $final_path/default_collections $final_path/default_collections/USER
 # Overwrite the NGINX configuration only if it's allowed
 if [ $overwrite_nginx -eq 1 ]
 then
-	ynh_script_progression --message="Upgrading NGINX web server configuration..."
+    ynh_script_progression --message="Upgrading NGINX web server configuration..."
-	# Create a dedicated NGINX config
+    # Create a dedicated NGINX config
-	ynh_add_nginx_config
+    ynh_add_nginx_config
-	if [ $infcloud -eq 1 ]
+    if [ $infcloud -eq 1 ]
-	then
+    then
-		# Add InfCloud in NGINX config
+        # Add InfCloud in NGINX config
-		ynh_replace_string --match_string="#INFCLOUD#" --replace_string="" --target_file="/etc/nginx/conf.d/$domain.d/$app.conf"
+        ynh_replace_string --match_string="#INFCLOUD#" --replace_string="" --target_file="/etc/nginx/conf.d/$domain.d/$app.conf"
-	fi
+    fi
-	ynh_store_file_checksum --file="/etc/nginx/conf.d/$domain.d/$app.conf"
+    ynh_store_file_checksum --file="/etc/nginx/conf.d/$domain.d/$app.conf"
 fi
 #=================================================
@ -206,15 +246,15 @@ ynh_install_app_dependencies $pkg_dependencies
 if [ $infcloud -eq 1 ]
 then
-	# Overwrite the php-fpm configuration only if it's allowed
+    # Overwrite the php-fpm configuration only if it's allowed
-	if [ $overwrite_phpfpm -eq 1 ]
+    if [ $overwrite_phpfpm -eq 1 ]
-	then
+    then
-		ynh_script_progression --message="Upgrading PHP-FPM configuration..."
+        ynh_script_progression --message="Upgrading PHP-FPM configuration..."
-		# Create a dedicated PHP-FPM config
+        # Create a dedicated PHP-FPM config
-		ynh_add_fpm_config
+        ynh_add_fpm_config
-		phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
+        phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
-	fi
+    fi
 fi
 #=================================================
@ -225,18 +265,28 @@ fi
 if [ "$upgrade_type" == "UPGRADE_APP" ]
 then
-	ynh_script_progression --message="Upgrade Radicale in its virtualenv"
+    ynh_script_progression --message="Upgrade Radicale in its virtualenv"
-	# Upgrade pip packages
+    # Upgrade pip packages
-	ynh_secure_remove --file="/opt/yunohost/$app"
+    ynh_secure_remove --file="/opt/yunohost/$app"
-	virtualenv /opt/yunohost/$app
+    virtualenv -p python3 /opt/yunohost/$app
-	version=$(ynh_app_setting_get $app version $version)
+    version=$(ynh_app_upstream_version)
-	bash -c "source /opt/yunohost/radicale/bin/activate && pip install radicale==$version python-ldap"
+    ynh_app_setting_set --app=$app --key=version --value="$version"
    /opt/yunohost/$app/bin/python3 -m pip install radicale==$version passlib bcrypt
-	# regex.py file is patched to fix the awful commit e807c3d35bea9cfcfcacac83b1b17d748ea15a39 that stop the reading of "rights" file after the first match.
+    # Add LDAP plugin
-	mv "$final_path/regex.py" /opt/yunohost/$app/lib/python*/site-packages/radicale/rights/regex.py
+#     (cd /opt/yunohost/$app
 #     set +u; source bin/activate
 # #     git clone https://github.com/marcoh00/radicale-auth-ldap
 #     git clone https://github.com/cloudron-io/radicale-auth-ldap
 #     cd radicale-auth-ldap
 #     python3 -m pip install .)
    # Use htpasswd instead of ldap
    touch /etc/radicale/users
 fi
 chown radicale: -R /opt/yunohost/$app
 find /opt/yunohost/$app/ -type d -exec chmod 2755 {} \;
 find /opt/yunohost/$app/ -type f -exec chmod g+r,o+r {} \;
@ -245,16 +295,10 @@ find /opt/yunohost/$app/ -type f -exec chmod g+r,o+r {} \;
 #=================================================
 ynh_script_progression --message="Reconfigure Radicale"
 # Overwrite the logging config file only if it's allowed
 if [ $overwrite_logging -eq 1 ]
 then
 	ynh_add_config --template="../conf/logging" --destination="/etc/$app/logging"
 fi
 # Overwrite the config file only if it's allowed
 if [ $overwrite_config -eq 1 ]
 then
-	ynh_add_config --template="../conf/config" --destination="/etc/$app/config"
+    ynh_add_config --template="../conf/config" --destination="/etc/$app/config"
 fi
 chmod 755 /etc/$app/
@ -263,86 +307,72 @@ chmod 644 /etc/$app/*
 # Overwrite the InfCloud config file only if it's allowed
 if [ $infcloud -eq 1 ]
 then
-	if [ $overwrite_infcloud -eq 1 ]
+    if [ $overwrite_infcloud -eq 1 ]
-	then
+    then
-		# InfCloud configuration
+        # InfCloud configuration
-		# Set language
+        # Set language
-		case "$language" in
+        case "$language" in
-			"Czech") language="cs_CZ"
+            "Czech") language="cs_CZ"
-			;;
+            ;;
-			"Danish") language="da_DK"
+            "Danish") language="da_DK"
-			;;
+            ;;
-			"German") language="de_DE"
+            "German") language="de_DE"
-			;;
+            ;;
-			"English/US") language="en_US"
+            "English/US") language="en_US"
-			;;
+            ;;
-			"Spanish") language="es_ES"
+            "Spanish") language="es_ES"
-			;;
+            ;;
-			"French") language="fr_FR"
+            "French") language="fr_FR"
-			;;
+            ;;
-			"Italian") language="it_IT"
+            "Italian") language="it_IT"
-			;;
+            ;;
-			"Japan") language="ja_JP"
+            "Japan") language="ja_JP"
-			;;
+            ;;
-			"Hungarian") language="hu_HU"
+            "Hungarian") language="hu_HU"
-			;;
+            ;;
-			"Dutch") language="nl_NL"
+            "Dutch") language="nl_NL"
-			;;
+            ;;
-			"Slovak") language="sk_SK"
+            "Slovak") language="sk_SK"
-			;;
+            ;;
-			"Turkish") language="tr_TR"
+            "Turkish") language="tr_TR"
-			;;
+            ;;
-			"Russian") language="ru_RU"
+            "Russian") language="ru_RU"
-			;;
+            ;;
-			"Ukrainian") language="uk_UA"
+            "Ukrainian") language="uk_UA"
-			;;
+            ;;
-			"Chinese") language="zh_CN"
+            "Chinese") language="zh_CN"
-			;;
+            ;;
-		esac
+        esac
-		ynh_app_setting_set --app=$app --key=language --value=$language
+        ynh_app_setting_set --app=$app --key=language --value=$language
-		timezone=$(cat /etc/timezone)
+        timezone=$(cat /etc/timezone)
-		ynh_add_config --template="../conf/config.js" --destination="$final_path/infcloud/config.js"
+        ynh_add_config --template="../conf/config.js" --destination="$final_path/infcloud/config.js"
-		# Optional parameters from config-panel feature
+        # Optional parameters from config-panel feature
-		if [ -n "$firstdayofweek" ]; then
+        if [ -n "$firstdayofweek" ]; then
-			ynh_replace_string --match_string="\(^var globalDatepickerFirstDayOfWeek=\).*" --replace_string="\1$firstdayofweek;" --target_file="$final_path/infcloud/config.js"
+            ynh_replace_string --match_string="\(^var globalDatepickerFirstDayOfWeek=\).*" --replace_string="\1$firstdayofweek;" --target_file="$final_path/infcloud/config.js"
-		fi
+        fi
-		if [ -n "$activeview" ]; then
+        if [ -n "$activeview" ]; then
-			ynh_replace_string --match_string="\(^var globalActiveView=\).*" --replace_string="\1\'$activeview\';" --target_file="$final_path/infcloud/config.js"
+            ynh_replace_string --match_string="\(^var globalActiveView=\).*" --replace_string="\1\'$activeview\';" --target_file="$final_path/infcloud/config.js"
-		fi
+        fi
-		if [ -n "$openformmode" ]; then
+        if [ -n "$openformmode" ]; then
-			ynh_replace_string --match_string="\(^var globalOpenFormMode=\).*" --replace_string="\1\'$openformmode\';" --target_file="$final_path/infcloud/config.js"
+            ynh_replace_string --match_string="\(^var globalOpenFormMode=\).*" --replace_string="\1\'$openformmode\';" --target_file="$final_path/infcloud/config.js"
-		fi
+        fi
-		if [ -n "$startofbusiness" ]; then
+        if [ -n "$startofbusiness" ]; then
-			ynh_replace_string --match_string="\(^var globalCalendarStartOfBusiness=\).*" --replace_string="\1$startofbusiness;" --target_file="$final_path/infcloud/config.js"
+            ynh_replace_string --match_string="\(^var globalCalendarStartOfBusiness=\).*" --replace_string="\1$startofbusiness;" --target_file="$final_path/infcloud/config.js"
-		fi
+        fi
-		if [ -n "$endofbusiness" ]; then
+        if [ -n "$endofbusiness" ]; then
-			ynh_replace_string --match_string="\(^var globalCalendarEndOfBusiness=\).*" --replace_string="\1$endofbusiness;" --target_file="$final_path/infcloud/config.js"
+            ynh_replace_string --match_string="\(^var globalCalendarEndOfBusiness=\).*" --replace_string="\1$endofbusiness;" --target_file="$final_path/infcloud/config.js"
-		fi
+        fi
-		if [ -n "$defaulteventduration" ]; then
+        if [ -n "$defaulteventduration" ]; then
-			ynh_replace_string --match_string="\(^var globalDefaultEventDuration=\).*" --replace_string="\1$defaulteventduration;" --target_file="$final_path/infcloud/config.js"
+            ynh_replace_string --match_string="\(^var globalDefaultEventDuration=\).*" --replace_string="\1$defaulteventduration;" --target_file="$final_path/infcloud/config.js"
-		fi
+        fi
-		# Recalculate and store the checksum of the file for the next upgrade.
+        # Recalculate and store the checksum of the file for the next upgrade.
-		ynh_store_file_checksum --file="$final_path/infcloud/config.js"
+        ynh_store_file_checksum --file="$final_path/infcloud/config.js"
-		chmod 440 "$final_path/infcloud/config.js"
+        chmod 440 "$final_path/infcloud/config.js"
-		chown $app:www-data "$final_path/infcloud/config.js"
+        chown $app:www-data "$final_path/infcloud/config.js"
-	fi
+    fi
 fi
 #=================================================
 # CONFIGURE UWSGI FOR RADICALE
 #=================================================
 cp ../conf/radicale.ini /etc/uwsgi/apps-available/
 #=================================================
 # PREPARE THE HOOKS
 #=================================================
 # Modify the hooks for create user collections and to remove them.
 ynh_replace_string --match_string="__FINALPATH__" --replace_string="$final_path" --target_file="../hooks/post_user_create"
 ynh_replace_string --match_string="__FINALPATH__" --replace_string="$final_path" --target_file="../hooks/post_user_delete"
 #=================================================
 # GENERIC FINALIZATION
 #=================================================
@ -357,19 +387,33 @@ chown radicale -R /var/log/$app
 # Use logrotate to manage app-specific logfile(s)
 ynh_use_logrotate --non-append
 #=================================================
 # SETUP SYSTEMD
 #=================================================
 ynh_script_progression --message="Upgrading systemd configuration..." --weight=2
 # Overwrite the systemd configuration only if it's allowed
 if [ $overwrite_systemd -eq 1 ]
 then
    ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="../conf/systemd.service"
    ynh_replace_string --match_string="__FINALPATH__" --replace_string="$final_path" --target_file="../conf/systemd.service"
    ynh_add_systemd_config
 fi
 #=================================================
 # INTEGRATE SERVICE IN YUNOHOST
 #=================================================
 ynh_script_progression --message="Integrating service in YunoHost..."
-yunohost service add $app --log="/var/log/uwsgi/app/radicale.log"
+yunohost service add $app --log="/var/log/$app"
 #=================================================
 # START SYSTEMD SERVICE
 #=================================================
 ynh_script_progression --message="Starting a systemd service..."
-ynh_systemd_action --service_name=uwsgi --action="restart"
+# ynh_systemd_action --service_name=uwsgi --action="restart"
 ynh_systemd_action --service_name=$app --action="restart"
 #=================================================
 # RELOAD NGINX
@ -397,15 +441,14 @@ ynh_app_changelog || true
 if [ $infcloud -eq 1 ]
 then
-	infcloud_config="
+    infcloud_config="
 InfCloud has its own config file, at $final_path/infcloud/config.js
 "
 else
-	infcloud_config=""
+    infcloud_config=""
 fi
 echo "Use the file /etc/radicale/config to change the main configuration of radicale.
 The file /etc/radicale/logging to change the level of logging.
 And the file /etc/radicale/rights to edit the way the calendars will be shared.
 $infcloud_config
 You can configure this app easily by using the experimental __URL_TAG1__config-panel feature__URL_TAG2__$admin_panel/config-panel__URL_TAG3__.
--- a/sources/extra_files_radicale/default_collections/USER.props
+++ b/sources/extra_files_radicale/default_collections/USER.props
@ -1 +0,0 @@
 {"ICAL:calendar-color": "#3353fe", "tag": "VCALENDAR"}
--- a/sources/extra_files_radicale/default_collections/USER/calendar.ics
+++ b/sources/extra_files_radicale/default_collections/USER/calendar.ics
@ -1,4 +0,0 @@
 BEGIN:VCALENDAR
 PRODID:-//Radicale//NONSGML Radicale Server//EN
 VERSION:2.0
 END:VCALENDAR
--- a/sources/extra_files_radicale/default_collections/USER/calendar.ics.props
+++ b/sources/extra_files_radicale/default_collections/USER/calendar.ics.props
@ -1 +0,0 @@
 {"ICAL:calendar-color": "#b5036d", "tag": "VCALENDAR"}
--- a/sources/extra_files_radicale/default_collections/USER/contacts.vcf
+++ b/sources/extra_files_radicale/default_collections/USER/contacts.vcf
--- a/sources/extra_files_radicale/default_collections/USER/contacts.vcf.props
+++ b/sources/extra_files_radicale/default_collections/USER/contacts.vcf.props
@ -1 +0,0 @@
 {"tag": "VADDRESSBOOK"}
--- a/sources/extra_files_radicale/regex.py
+++ b/sources/extra_files_radicale/regex.py
@ -1,134 +0,0 @@
 # -*- coding: utf-8 -*-
 #
 # This file is part of Radicale Server - Calendar Server
 # Copyright © 2008 Nicolas Kandel
 # Copyright © 2008 Pascal Halter
 # Copyright © 2008-2013 Guillaume Ayoub
 #
 # This library is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation, either version 3 of the License, or
 # (at your option) any later version.
 #
 # This library is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
 #
 # You should have received a copy of the GNU General Public License
 # along with Radicale.  If not, see <http://www.gnu.org/licenses/>.
 """
 Rights management.
 Rights are based on a regex-based file whose name is specified in the config
 (section "right", key "file").
 Authentication login is matched against the "user" key, and collection's path
 is matched against the "collection" key. You can use Python's ConfigParser
 interpolation values %(login)s and %(path)s. You can also get groups from the
 user regex in the collection with {0}, {1}, etc.
 For example, for the "user" key, ".+" means "authenticated user" and ".*"
 means "anybody" (including anonymous users).
 Section names are only used for naming the rule.
 Leading or ending slashes are trimmed from collection's path.
 """
 import re
 import sys
 import os.path
 from .. import config, log
 # Manage Python2/3 different modules
 if sys.version_info[0] == 2:
    from ConfigParser import ConfigParser
    from StringIO import StringIO
 else:
    from configparser import ConfigParser
    from io import StringIO
 DEFINED_RIGHTS = {
    "authenticated": """
 [rw]
 user:.+
 collection:.*
 permission:rw
    """,
    "owner_write": """
 [w]
 user:.+
 collection:^%(login)s(/.*)?$
 permission:rw
 [r]
 user:.+
 collection:.*
 permission:r
    """,
    "owner_only": """
 [rw]
 user:.+
 collection:^%(login)s(/.*)?$
 permission:rw
    """}
 def _read_from_sections(user, collection_url, permission):
    """Get regex sections."""
    filename = os.path.expanduser(config.get("rights", "file"))
    rights_type = config.get("rights", "type").lower()
    # Prevent "regex injection"
    user_escaped = re.escape(user)
    collection_url_escaped = re.escape(collection_url)
    regex = ConfigParser({"login": user_escaped, "path": collection_url_escaped})
    if rights_type in DEFINED_RIGHTS:
        log.LOGGER.debug("Rights type '%s'" % rights_type)
        regex.readfp(StringIO(DEFINED_RIGHTS[rights_type]))
    elif rights_type == "from_file":
        log.LOGGER.debug("Reading rights from file %s" % filename)
        if not regex.read(filename):
            log.LOGGER.error("File '%s' not found for rights" % filename)
            return False
    else:
        log.LOGGER.error("Unknown rights type '%s'" % rights_type)
        return False
    for section in regex.sections():
        re_user = regex.get(section, "user")
        re_collection = regex.get(section, "collection")
        log.LOGGER.debug(
            "Test if '%s:%s' matches against '%s:%s' from section '%s'" % (
                user, collection_url, re_user, re_collection, section))
        user_match = re.match(re_user, user)
        if user_match:
            re_collection = re_collection.format(*user_match.groups())
            if re.match(re_collection, collection_url):
                log.LOGGER.debug("Section '%s' matches" % section)
 #				Correction du commit https://github.com/Kozea/Radicale/commit/e807c3d35bea9cfcfcacac83b1b17d748ea15a39
 #				Ce commit force l'arrêt de l'analyse du fichier rights à la première règle valide.
                if permission in regex.get(section, "permission"):
                    return True
 #                return permission in regex.get(section, "permission")
            else:
                log.LOGGER.debug("Section '%s' does not match" % section)
    return False
 def authorized(user, collection, permission):
    """Check if the user is allowed to read or write the collection.
    If the user is empty, check for anonymous rights.
    """
    collection_url = collection.url.rstrip("/") or "/"
    if collection_url in (".well-known/carddav", ".well-known/caldav"):
        return permission == "r"
    rights_type = config.get("rights", "type").lower()
    return (
        rights_type == "none" or
        _read_from_sections(user or "", collection_url, permission))
		`@ -1 +0,0 @@`
			`{"ICAL:calendar-color": "#3353fe", "tag": "VCALENDAR"}`
		`@ -1 +0,0 @@`
			`{"ICAL:calendar-color": "#b5036d", "tag": "VCALENDAR"}`