Merge pull request #67 from ericgaspar/v.0.17.0

Upgrade to V.0.17.0

README.md

@@ -10,7 +10,7 @@ If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to
 
 Searx is a privacy-respecting, hackable metasearch engine.
 
-**Shipped version:** 0.16.0
+**Shipped version:** 0.17.0
 
 ## Screenshots
 
@@ -22,7 +22,7 @@ Searx is a privacy-respecting, hackable metasearch engine.
 
 ## Documentation
 
- * Official documentation: https://github.com/asciimoo/searx/wiki
+ * Official documentation: https://github.com/searx/searx/wiki
 
 ## YunoHost specific features
 
@@ -30,29 +30,26 @@ Searx is a privacy-respecting, hackable metasearch engine.
 
 #### Supported architectures
 
-* x86-64b - [![Build Status](https://ci-apps.yunohost.org/ci/logs/searx%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/searx/)
+* x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/searx%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/searx/)
 * ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/searx%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/searx/)
-* Jessie x86-64b - [![Build Status](https://ci-stretch.nohost.me/ci/logs/searx%20%28Apps%29.svg)](https://ci-stretch.nohost.me/ci/apps/searx/)
 
 ## Limitations
 
 ## Additional information
 
-- [Search syntax](https://asciimoo.github.io/searx/user/search_syntax.html)
+- [Search syntax](https://searx.github.io/searx/user/search_syntax.html)
 
 ## Links
 
  * Report a bug: https://github.com/YunoHost-Apps/searx_ynh/issues
- * Searx website: https://asciimoo.github.io/searx/
- * Searx repository: https://github.com/asciimoo/searx
+ * Searx website: https://searx.github.io/searx/
+ * Searx repository: https://github.com/searx/searx
  * YunoHost website: https://yunohost.org/
 
 ---
 
-Developers info
-----------------
+## Developers info
 
-**Only if you want to use a testing branch for coding, instead of merging directly into master.**
 Please do your pull request to the [testing branch](https://github.com/YunoHost-Apps/searx_ynh/tree/testing).
 
 To try the testing branch, please proceed like that.

conf/app.src

@@ -1,6 +1,6 @@
-SOURCE_URL=https://github.com/asciimoo/searx/archive/v0.16.0.tar.gz
-SOURCE_SUM=4ea6d5a3cce8fb2b49d873f1ac16401ae7fb83672e5fe1e1b443b7b8563befeaa61e79e7383b85ff4360cbcf0a4bdf90e16cc7a16394f8b40c364d814404b03b
-SOURCE_SUM_PRG=sha512sum
+SOURCE_URL=https://github.com/searx/searx/archive/v0.17.0.tar.gz
+SOURCE_SUM=1e5a6427403711fb103332c6faeb99cb1df64a5349530c360d23615ec24ae6b0
+SOURCE_SUM_PRG=sha256sum
 SOURCE_FORMAT=tar.gz
 SOURCE_IN_SUBDIR=true
 SOURCE_FILENAME=searx.tar.gz

conf/nginx.conf

@@ -9,7 +9,7 @@ location __PATH__/ {
 	uwsgi_param SCRIPT_NAME '__PATH_NO_ROOT__';
 	include uwsgi_params;
 	uwsgi_modifier1 30;
-	uwsgi_pass unix:///run/uwsgi/app/searx/socket;
+	uwsgi_pass unix:///var/run/__NAME__/app.socket;
 
 	# Include SSOWAT user panel.
 	include conf.d/yunohost_panel.conf.inc;

conf/uwsgi.ini

@@ -12,13 +12,16 @@ chmod-socket = 666
 # Plugin to use and interpretor config
 single-interpreter = true
 master = true
-plugin = python
+plugin = python3
 lazy-apps = true
 enable-threads = true
 
 # Application base folder
 base = __FINALPATH__
 
+# Support running the module from a webserver subdirectory.
+route-run = fixpathinfo:
+
 # Module to import
 module = __APP__.webapp
 

manifest.json

@@ -3,19 +3,19 @@
 	"id": "searx",
 	"packaging_format": 1,
 	"description": {
-		"en": "A privacy-respecting, hackable metasearch engine",
-		"fr": "Un méta-moteur de recherche respectueux de la vie privée et bidouillable", 
-		"de": "Eine Meta-Suchmaschine, die den Privatsphäre wahrt und 'hackable' ist."
+		"en": "Privacy-respecting, hackable metasearch engine",
+		"fr": "Méta-moteur de recherche respectueux de la vie privée et bidouillable", 
+		"de": "Meta-Suchmaschine, die den Privatsphäre wahrt und 'hackable' ist."
 	},
-	"version": "0.16.0~ynh1",
-	"url": "https://asciimoo.github.io/searx/",
+	"version": "0.17.0~ynh1",
+	"url": "https://searx.github.io/searx/",
 	"license": "AGPL-3.0-or-later",
 	"maintainer": {
 		"name": "opi",
 		"email": "opi@zeropi.net"
 	},
 	"requirements": {
-        "yunohost": ">= 3.5.0"
+        "yunohost": ">= 3.8.1"
 	},
 	"multi_instance": false,
 	"services": [
@@ -49,10 +49,15 @@
 				"name": "is_public",
 				"type": "boolean",
 				"ask": {
-					"en": "Is it a public Searx site ?",
+					"en": "Is it a public Searx site?",
 					"fr": "Est-ce un site public ?",
 					"de": "Ist es eine öffentliche Applikation ?"
 				},
+                "help": {
+                    "en": "If enabled, Searx will be accessible by people who do not have an account. This can be changed later via the webadmin.",
+                    "fr": "Si cette case est cochée, Searx sera accessible aux personnes n’ayant pas de compte. Vous pourrez changer ceci plus tard via la webadmin.",
+                    "de": "Wenn aktiviert, ist Searx für Personen zugänglich, die kein Konto haben. Dies kann später über den Webadmin geändert werden"
+                },
 				"default": true
 			}
 		]

scripts/_common.sh

@@ -5,4 +5,129 @@
 #=================================================
 
 # dependencies used by the app
-pkg_dependencies="git build-essential libxslt-dev python-dev python-virtualenv python-cffi virtualenv python-babel zlib1g-dev libffi-dev libssl-dev python-lxml uwsgi uwsgi-plugin-python"
+pkg_dependencies="git build-essential libxslt-dev python3-dev python3-venv python3-cffi python3-babel zlib1g-dev libffi-dev libssl-dev python3-lxml uwsgi uwsgi-plugin-python3"
+
+#=================================================
+# UWSGI HELPERS
+#=================================================
+
+# Check if system wide templates are available and correcly configured
+#
+# usage: ynh_check_global_uwsgi_config
+ynh_check_global_uwsgi_config () {
+    uwsgi --version || ynh_die --message "You need to add uwsgi (and appropriate plugin) as a dependency"
+
+    cat > /etc/systemd/system/uwsgi-app@.service <<EOF
+[Unit]
+Description=%i uWSGI app
+After=syslog.target
+
+[Service]
+RuntimeDirectory=%i
+ExecStart=/usr/bin/uwsgi \
+        --ini /etc/uwsgi/apps-available/%i.ini \
+        --socket /var/run/%i/app.socket \
+        --logto /var/log/uwsgi/%i/%i.log
+User=%i
+Group=www-data
+Restart=on-failure
+KillSignal=SIGQUIT
+Type=notify
+StandardError=syslog
+NotifyAccess=all
+
+[Install]
+WantedBy=multi-user.target
+EOF
+
+    systemctl daemon-reload
+}
+
+# Create a dedicated uwsgi ini file to use with generic uwsgi service
+#
+# This will use a template in ../conf/uwsgi.ini
+# and will replace the following keywords with
+# global variables that should be defined before calling
+# this helper :
+#
+#   __APP__       by  $app
+#   __PATH__      by  $path_url
+#   __FINALPATH__ by  $final_path
+#
+#  And dynamic variables (from the last example) :
+#   __PATH_2__    by $path_2
+#   __PORT_2__    by $port_2
+#
+# To be able to customise the settings of the systemd unit you can override the rules with the file "conf/uwsgi-app@override.service".
+# This file will be automatically placed on the good place
+#
+# usage: ynh_add_uwsgi_service
+#
+# to interact with your service: `systemctl <action> uwsgi-app@app`
+ynh_add_uwsgi_service () {
+    ynh_check_global_uwsgi_config
+
+    local others_var=${1:-}
+    local finaluwsgiini="/etc/uwsgi/apps-available/$app.ini"
+
+    # www-data group is needed since it is this nginx who will start the service
+    usermod --append --groups www-data "$app" || ynh_die --message "It wasn't possible to add user $app to group www-data"
+
+    ynh_backup_if_checksum_is_different "$finaluwsgiini"
+    cp ../conf/uwsgi.ini "$finaluwsgiini"
+
+    # To avoid a break by set -u, use a void substitution ${var:-}. If the variable is not set, it's simply set with an empty variable.
+    # Substitute in a nginx config file only if the variable is not empty
+    if test -n "${final_path:-}"; then
+        ynh_replace_string --match_string "__FINALPATH__" --replace_string "$final_path" --target_file "$finaluwsgiini"
+    fi
+    if test -n "${path_url:-}"; then
+        ynh_replace_string --match_string "__PATH__" --replace_string "$path_url" --target_file "$finaluwsgiini"
+    fi
+    if test -n "${app:-}"; then
+        ynh_replace_string --match_string "__APP__" --replace_string "$app" --target_file "$finaluwsgiini"
+    fi
+
+    # Replace all other variable given as arguments
+    for var_to_replace in $others_var
+    do
+        # ${var_to_replace^^} make the content of the variable on upper-cases
+        # ${!var_to_replace} get the content of the variable named $var_to_replace 
+        ynh_replace_string --match_string "__${var_to_replace^^}__" --replace_string "${!var_to_replace}" --target_file "$finaluwsgiini"
+    done
+
+    ynh_store_file_checksum --file "$finaluwsgiini"
+
+    chown $app:root "$finaluwsgiini"
+
+    # make sure the folder for logs exists and set authorizations
+    mkdir -p /var/log/uwsgi/$app
+    chown $app:root /var/log/uwsgi/$app
+    chmod -R u=rwX,g=rX,o= /var/log/uwsgi/$app
+
+    # Setup specific Systemd rules if necessary
+    test -e ../conf/uwsgi-app@override.service && \
+        mkdir /etc/systemd/system/uwsgi-app@$app.service.d && \
+        cp ../conf/uwsgi-app@override.service /etc/systemd/system/uwsgi-app@$app.service.d/override.conf
+
+    systemctl daemon-reload
+    systemctl enable "uwsgi-app@$app.service"
+
+    # Add as a service
+    yunohost service add "uwsgi-app@$app" --log "/var/log/uwsgi/$app/$app.log"
+}
+
+# Remove the dedicated uwsgi ini file
+#
+# usage: ynh_remove_uwsgi_service
+ynh_remove_uwsgi_service () {
+    local finaluwsgiini="/etc/uwsgi/apps-available/$app.ini"
+    if [ -e "$finaluwsgiini" ]; then
+        yunohost service remove "uwsgi-app@$app"
+        systemctl disable "uwsgi-app@$app.service"
+
+        ynh_secure_remove --file="$finaluwsgiini"
+        ynh_secure_remove --file="/var/log/uwsgi/$app"
+        ynh_secure_remove --file="/etc/systemd/system/uwsgi-app@$app.service.d"
+    fi
+}

scripts/_ynh_secure_remove.sh

@@ -0,0 +1,100 @@
+#!/bin/bash
+
+#=================================================
+# EXPERIMENTAL HELPERS
+#=================================================
+
+# Remove a file or a directory securely
+#
+# usage: ynh_secure_remove --file=path_to_remove [--regex=regex to append to $file] [--non_recursive] [--dry_run]
+# | arg: -f, --file - File or directory to remove
+# | arg: -r, --regex - Regex to append to $file to filter the files to remove
+# | arg: -n, --non_recursive - Perform a non recursive rm and a non recursive search with the regex
+# | arg: -d, --dry_run - Do not remove, only list the files to remove
+#
+# Requires YunoHost version 2.6.4 or higher.
+ynh_secure_remove () {
+    # Declare an array to define the options of this helper.
+    local legacy_args=frnd
+    declare -Ar args_array=( [f]=file= [r]=regex= [n]=non_recursive [d]=dry_run )
+    local file
+    local regex
+    local dry_run
+    local non_recursive
+    # Manage arguments with getopts
+    ynh_handle_getopts_args "$@"
+    regex=${regex:-}
+    dry_run=${dry_run:-0}
+    non_recursive=${non_recursive:-0}
+
+    local forbidden_path="
+/var/www \
+/home/yunohost.app"
+
+    # Fail if no argument is provided to the helper.
+    if [ -z "$file" ]
+    then
+        ynh_print_warn --message="ynh_secure_remove called with no argument --file, ignoring."
+        return 0
+    fi
+
+    if [ -n "$regex" ]
+    then
+        if [ -e "$file" ]
+        then
+            if [ $non_recursive -eq 1 ]; then
+                local recursive="-maxdepth 1"
+            else
+                local recursive=""
+            fi
+            # Use find to list the files in $file and grep to filter with the regex
+            files_to_remove="$(find -P "$file" $recursive -name ".." -prune -o -print | grep --extended-regexp "$regex")"
+        else
+            ynh_print_info --message="'$file' wasn't deleted because it doesn't exist."
+            return 0
+        fi
+    else
+        files_to_remove="$file"
+    fi
+
+    # Check each file before removing it
+    while read file_to_remove
+    do
+        if [ -n "$file_to_remove" ]
+        then
+            # Check all forbidden path before removing anything
+            # First match all paths or subpaths in $forbidden_path
+            if [[ "$forbidden_path" =~ "$file_to_remove" ]] || \
+                # Match all first level paths from / (Like /var, /root, etc...)
+                [[ "$file_to_remove" =~ ^/[[:alnum:]]+$ ]] || \
+                # Match if the path finishes by /. Because it seems there is an empty variable
+                [ "${file_to_remove:${#file_to_remove}-1}" = "/" ]
+            then
+                ynh_print_err --message="Not deleting '$file_to_remove' because this path is forbidden !!!"
+
+            # If the file to remove exists
+            elif [ -e "$file_to_remove" ]
+            then
+                if [ $dry_run -eq 1 ]
+                then
+                    ynh_print_warn --message="File to remove: $file_to_remove"
+                else
+                    if [ $non_recursive -eq 1 ]; then
+                        local recursive=""
+                    else
+                        local recursive="--recursive"
+                    fi
+
+                    # Remove a file or a directory
+                    rm --force $recursive "$file_to_remove"
+                fi
+            else
+                # Ignore non existent files with regex, as we likely remove the parent directory before its content is listed.
+                if [ -z "$regex" ]
+                then
+                    ynh_print_info --message="'$file_to_remove' wasn't deleted because it doesn't exist."
+                fi  
+            fi
+        fi
+    done <<< "$(echo "$files_to_remove")"
+}

scripts/backup

@@ -19,7 +19,7 @@ ynh_abort_if_errors
 #=================================================
 # LOAD SETTINGS
 #=================================================
-ynh_script_progression --message="Loading installation settings..." --weight=2
+ynh_print_info --message="Loading installation settings..."
 
 app=$YNH_APP_INSTANCE_NAME
 
@@ -27,18 +27,19 @@ domain=$(ynh_app_setting_get --app=$app --key=domain)
 final_path=$(ynh_app_setting_get --app=$app --key=final_path)
 
 #=================================================
-# STANDARD BACKUP STEPS
+# DECLARE DATA AND CONF FILES TO BACKUP
+#=================================================
+ynh_print_info --message="Declaring files to be backed up..."
+
 #=================================================
 # BACKUP OF THE MAIN DIR OF THE APP
 #=================================================
-ynh_script_progression --message="Backing up the main app directory..."
 
 ynh_backup --src_path="$final_path"
 
 #=================================================
 # BACKUP OF THE NGINX CONFIGURATION
 #=================================================
-ynh_script_progression --message="Backing up nginx web server configuration..."
 
 ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
 
@@ -47,12 +48,12 @@ ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
 #=================================================
 # BACKUP OF THE UWSGI CONFIG
 #=================================================
-ynh_script_progression --message="Backing up uWSGI configuration..."
 
-ynh_backup --src_path="/etc/uwsgi/apps-available/$app.ini"
+ynh_backup --src_path "/etc/uwsgi/apps-available/$app.ini"
+ynh_backup --src_path "/var/log/uwsgi/$app"
 
 #=================================================
 # END OF SCRIPT
 #=================================================
 
-ynh_script_progression --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." --last
+ynh_print_info --message="Backup script completed for Searx. (YunoHost will then actually copy those files to the archive)."

scripts/change_url

@@ -50,32 +50,32 @@ fi
 #=================================================
 # STOP SYSTEMD SERVICE
 #=================================================
-ynh_script_progression --message="Stopping searx..." --weight=10
+ynh_script_progression --message="Stopping Searx..." --weight=10
 
 ynh_systemd_action --service_name=uwsgi --action=stop
 
 #=================================================
 # MODIFY URL IN NGINX CONF
 #=================================================
-ynh_script_progression --message="Updating nginx web server configuration..." --weight=2
+ynh_script_progression --message="Updating NGINX web server configuration..." --weight=2
 
 nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
 
-# Change the path in the nginx config file
+# Change the path in the NGINX config file
 if [ $change_path -eq 1 ]
 then
-	# Make a backup of the original nginx config file if modified
+	# Make a backup of the original NGINX config file if modified
 	ynh_backup_if_checksum_is_different --file="$nginx_conf_path"
-	# Set global variables for nginx helper
+	# Set global variables for NGINX helper
 	domain="$old_domain"
 	path_url="$new_path"
 
 	path_no_root=${path_url%/}
-	# Create a dedicated nginx config
+	# Create a dedicated NGINX config
 	ynh_add_nginx_config "path_no_root"
 fi
 
-# Change the domain for nginx
+# Change the domain for NGINX
 if [ $change_domain -eq 1 ]
 then
 	# Delete file checksum for the old conf file location
@@ -101,12 +101,12 @@ ynh_replace_string --match_string="base_url : https://${old_domain}${old_path%/}
 #=================================================
 ynh_script_progression --message="Starting Searx..." --weight=2
 
-ynh_systemd_action --service_name=uwsgi --action=restart --line_match="spawned uWSGI master process" --log_path="/var/log/uwsgi/app/$app.log"
+ynh_systemd_action --service_name=uwsgi-app@$app.service --action=restart --line_match="spawned uWSGI master process" --log_path="/var/log/uwsgi/$app/$app.log"
 
 #=================================================
 # RELOAD NGINX
 #=================================================
-ynh_script_progression --message="Reloading nginx web server..."
+ynh_script_progression --message="Reloading NGINX web server..."
 
 ynh_systemd_action --service_name=nginx --action=reload
 
@@ -114,4 +114,4 @@ ynh_systemd_action --service_name=nginx --action=reload
 # END OF SCRIPT
 #=================================================
 
-ynh_script_progression --message="Change of URL completed for $app" --last
+ynh_script_progression --message="Change of URL completed for Searx" --last

scripts/install

@@ -61,10 +61,10 @@ ynh_install_app_dependencies $pkg_dependencies
 #=================================================
 # NGINX CONFIGURATION
 #=================================================
-ynh_script_progression --message="Configuring nginx web server..."
+ynh_script_progression --message="Configuring NGINX web server..."
 
 path_no_root=${path_url%/}
-# Create a dedicated nginx config
+# Create a dedicated NGINX config
 ynh_add_nginx_config "path_no_root"
 
 #=================================================
@@ -84,13 +84,6 @@ ynh_app_setting_set --app=$app --key=final_path --value=$final_path
 # Download, check integrity, uncompress and patch the source from app.src
 ynh_setup_source --dest_dir="$final_path"
 
-#=================================================
-# PATCH VERSION 0.16.0
-#=================================================
-
-# Apply fix https://github.com/asciimoo/searx/pull/1831 on the current 0.16.0 release.
-ynh_replace_string --match_string="werkzeug.contrib.fixers" --replace_string="werkzeug.middleware.proxy_fix" --target_file="$final_path/searx/webapp.py"
-
 #=================================================
 # SPECIFIC SETUP
 #=================================================
@@ -98,10 +91,10 @@ ynh_replace_string --match_string="werkzeug.contrib.fixers" --replace_string="we
 #=================================================
 ynh_script_progression --message="Installing Searx..."
 
-virtualenv --system-site-packages "$final_path"
+python3 -m venv --system-site-packages "$final_path"
 set +u; source $final_path/bin/activate; set -u
-pip install -U setuptools
-pip install --requirement $final_path/requirements-ynh.txt
+pip3 install -U setuptools
+pip3 install --requirement $final_path/requirements-ynh.txt
 
 #=================================================
 # CONFIGURE SEARX
@@ -123,23 +116,20 @@ ynh_store_file_checksum --file="$final_path/searx/settings.yml"
 # SET PERMISSIONS ON SEARX DIRECTORY
 #=================================================
 
-chown $app: --recursive "$final_path"
+chown -R $app: "$final_path"
 
 #=================================================
 # CONFIGURE UWSGI FOR SEARX
 #=================================================
 ynh_script_progression --message="Configuring uWSGI for Searx..."
 
-cp ../conf/searx.ini /etc/uwsgi/apps-available/$app.ini
-ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file=/etc/uwsgi/apps-available/$app.ini
-ynh_replace_string --match_string="__FINALPATH__" --replace_string="$final_path" --target_file=/etc/uwsgi/apps-available/$app.ini
-ln -s /etc/uwsgi/apps-available/$app.ini /etc/uwsgi/apps-enabled/$app.ini
+ynh_add_uwsgi_service
 
 #=================================================
 # ADVERTISE SERVICE IN ADMIN PANEL
 #=================================================
 
-# Ajoute le service au monitoring de Yunohost.
+# Ajoute le service au monitoring de YunoHost.
 yunohost service add uwsgi --log "/var/log/uwsgi/app/$app.log"
 
 #=================================================
@@ -147,8 +137,8 @@ yunohost service add uwsgi --log "/var/log/uwsgi/app/$app.log"
 #=================================================
 ynh_script_progression --message="Starting Searx..." --weight=4
 
-# Wait for searx to be fully started
-ynh_systemd_action --service_name=uwsgi --action=restart --line_match="spawned uWSGI master process" --log_path="/var/log/uwsgi/app/$app.log"
+# Wait for Searx to be fully started
+ynh_systemd_action --service_name=uwsgi-app@$app.service --action=start --line_match="spawned uWSGI master process" --log_path="/var/log/uwsgi/$app/$app.log"
 
 #=================================================
 # GENERIC FINALISATION
@@ -157,16 +147,16 @@ ynh_systemd_action --service_name=uwsgi --action=restart --line_match="spawned u
 #=================================================
 ynh_script_progression --message="Configuring SSOwat..."
 
-# Make app public if necessary
+# Make app public if necessary or protect it
 if [ $is_public -eq 1 ]
 then
-	ynh_app_setting_set --app=$app --key=skipped_uris --value="/"
+	ynh_permission_update --permission "main" --add "visitors"
 fi
 
 #=================================================
 # RELOAD NGINX
 #=================================================
-ynh_script_progression --message="Reloading nginx web server..."
+ynh_script_progression --message="Reloading NGINX web server..."
 
 ynh_systemd_action --service_name=nginx --action=reload
 
@@ -174,4 +164,4 @@ ynh_systemd_action --service_name=nginx --action=reload
 # END OF SCRIPT
 #=================================================
 
-ynh_script_progression --message="Installation of $app completed" --last
+ynh_script_progression --message="Installation of Searx completed" --last

scripts/remove

@@ -27,13 +27,8 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path)
 ynh_script_progression --message="Stopping and removing the systemd service..."
 
 # Remove the uwsgi configuration
-ynh_systemd_action --service_name=uwsgi --action=stop
-if [ -h "/etc/uwsgi/apps-enabled/$app.ini" ]
-then
-	ynh_print_info --message="Delete uwsgi config for $app"
-	ynh_secure_remove --file="/etc/uwsgi/apps-enabled/$app.ini"
-fi
-ynh_secure_remove --file="/etc/uwsgi/apps-available/$app.ini"
+ynh_systemd_action --service_name "uwsgi-app@$app.service" --action stop
+ynh_remove_uwsgi_service
 
 #=================================================
 # REMOVE DEPENDENCIES
@@ -52,9 +47,9 @@ ynh_secure_remove --file="$final_path"
 #=================================================
 # REMOVE THE NGINX CONFIGURATION
 #=================================================
-ynh_script_progression --message="Removing nginx web server configuration..." --weight=2
+ynh_script_progression --message="Removing NGINX web server configuration..." --weight=2
 
-# Remove the dedicated nginx config
+# Remove the dedicated NGINX config
 ynh_remove_nginx_config
 
 #=================================================
@@ -87,4 +82,4 @@ ynh_system_user_delete --username=$app
 # END OF SCRIPT
 #=================================================
 
-ynh_script_progression --message="Removal of $app completed" --last
+ynh_script_progression --message="Removal of Searx completed" --last

scripts/restore

@@ -76,21 +76,31 @@ ynh_system_user_create --username=$app
 # RESTORE USER RIGHTS
 #=================================================
 
-chown $app: --recursive "$final_path"
+chown -R $app: "$final_path"
 
 #=================================================
 # RESTORE THE UWSGI CONFIG
 #=================================================
 
 ynh_restore_file --origin_path="/etc/uwsgi/apps-available/$app.ini"
-ln -s /etc/uwsgi/apps-available/$app.ini /etc/uwsgi/apps-enabled/$app.ini
+ynh_restore_file --origin_path "/var/log/uwsgi/$app"
+chown $app:root /var/log/uwsgi/$app
+ynh_check_global_uwsgi_config
+systemctl enable "uwsgi-app@$app.service"
+
+#=================================================
+# ADVERTISE SERVICE IN ADMIN PANEL
+#=================================================
+
+# Ajoute le service au monitoring de YunoHost.
+yunohost service add uwsgi --log "/var/log/uwsgi/app/$app.log"
 
 #=================================================
 # GENERIC FINALISATION
 #=================================================
 # RELOAD NGINX
 #=================================================
-ynh_script_progression --message="Reloading nginx web server..."
+ynh_script_progression --message="Reloading NGINX web server..."
 
 ynh_systemd_action --service_name=nginx --action=reload
 
@@ -100,10 +110,10 @@ ynh_systemd_action --service_name=nginx --action=reload
 ynh_script_progression --message="Starting Searx..." --weight=4
 
 # Wait for searx to be fully started
-ynh_systemd_action --service_name=uwsgi --action=restart --line_match="spawned uWSGI master process" --log_path="/var/log/uwsgi/app/$app.log"
+ynh_systemd_action --service_name=uwsgi-app@$app.service --action=start --line_match="spawned uWSGI master process" --log_path="/var/log/uwsgi/$app/$app.log"
 
 #=================================================
 # END OF SCRIPT
 #=================================================
 
-ynh_script_progression --message="Restoration completed for $app" --last
+ynh_script_progression --message="Restoration completed for Searx" --last

scripts/upgrade

@@ -8,6 +8,7 @@
 
 source _common.sh
 source /usr/share/yunohost/helpers
+source _ynh_secure_remove.sh
 
 #=================================================
 # LOAD SETTINGS
@@ -61,13 +62,6 @@ ynh_clean_setup () {
 # Exit if an error occurs during the execution of the script
 ynh_abort_if_errors
 
-#=================================================
-# CHECK THE PATH
-#=================================================
-
-# Normalize the URL path syntax
-path_url=$(ynh_normalize_url_path --path_url=$path_url)
-
 #=================================================
 # STANDARD UPGRADE STEPS
 #=================================================
@@ -90,22 +84,15 @@ then
 
 	# Download, check integrity, uncompress and patch the source from app.src
 	ynh_setup_source --dest_dir="$final_path"
-
-    #=================================================
-    # PATCH VERSION 0.16.0
-    #=================================================
-
-    # Apply fix https://github.com/asciimoo/searx/pull/1831 on the current 0.16.0 release.
-    ynh_replace_string --match_string="werkzeug.contrib.fixers" --replace_string="werkzeug.middleware.proxy_fix" --target_file="$final_path/searx/webapp.py"
 fi
 
 #=================================================
 # NGINX CONFIGURATION
 #=================================================
-ynh_script_progression --message="Upgrading nginx web server configuration..."
+ynh_script_progression --message="Upgrading NGINX web server configuration..."
 
 path_no_root=${path_url%/}
-# Create a dedicated nginx config
+# Create a dedicated NGINX config
 ynh_add_nginx_config "path_no_root"
 
 #=================================================
@@ -123,16 +110,21 @@ ynh_system_user_create --username=$app
 #=================================================
 ynh_script_progression --message="Upgrading Searx..." --weight=7
 
-ynh_secure_remove $final_path/lib/python2.7/site-packages/setuptools
-for FILE in $final_path/lib/python2.7/site-packages/setuptools-*
-do
-    ynh_secure_remove $FILE
-done
+# Clean venv if it still on python2
+if [ ! -e $final_path/bin/python3 ]
+then
+    ynh_secure_remove --file=$final_path/lib/ --regex='python[^/.]*'
+    ynh_secure_remove --file=$final_path/lib64/ --regex='python[^/.]*'
+    ynh_secure_remove --file=$final_path/share/python-wheels
+fi
+ynh_secure_remove --file=$final_path/lib/python3/site-packages/setuptools
+ynh_secure_remove --file=$final_path/lib/python3/site-packages/ --regex='setuptools-[^/.]*'
+
+python3 -m venv --system-site-packages "$final_path"
 
-virtualenv --system-site-packages "$final_path"
 set +u; source $final_path/bin/activate; set -u
-pip install -U setuptools
-pip install --requirement $final_path/requirements-ynh.txt --upgrade
+pip3 install -U setuptools
+pip3 install --requirement $final_path/requirements-ynh.txt --upgrade
 
 #=================================================
 # CONFIGURE SEARX
@@ -156,16 +148,24 @@ ynh_store_file_checksum --file="$final_path/searx/settings.yml"
 # SECURING FILES AND DIRECTORIES
 #=================================================
 
-chown $app: --recursive "$final_path"
+chown -R $app: "$final_path"
 
 #=================================================
 # CONFIGURE UWSGI FOR SEARX
 #=================================================
 ynh_script_progression --message="Reconfiguring uWSGI for Searx..."
 
-cp ../conf/searx.ini /etc/uwsgi/apps-available/$app.ini
-ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file=/etc/uwsgi/apps-available/$app.ini
-ynh_replace_string --match_string="__FINALPATH__" --replace_string="$final_path" --target_file=/etc/uwsgi/apps-available/$app.ini
+# Clean old files
+ynh_secure_remove --file="/etc/uwsgi/apps-enabled/$app.ini"
+ynh_secure_remove --file="/etc/uwsgi/apps-available/$app.ini"
+ynh_add_uwsgi_service
+
+#=================================================
+# INTEGRATE SERVICE WITH YUNOHOST
+#=================================================
+
+# Ajoute le service au monitoring de YunoHost.
+yunohost service add uwsgi --log "/var/log/uwsgi/app/$app.log"
 
 #=================================================
 # CHECK SEARX STARTING
@@ -173,23 +173,12 @@ ynh_replace_string --match_string="__FINALPATH__" --replace_string="$final_path"
 ynh_script_progression --message="Restarting Searx..." --weight=3
 
 # Wait for searx to be fully started
-ynh_systemd_action --service_name=uwsgi --action=restart --line_match="spawned uWSGI master process" --log_path="/var/log/uwsgi/app/$app.log"
-
-#=================================================
-# SETUP SSOWAT
-#=================================================
-ynh_script_progression --message="Upgrading SSOwat configuration..."
-
-# Make app public if necessary
-if [ $is_public -eq 1 ]
-then
-	ynh_app_setting_set --app=$app --key=skipped_uris --value="/"
-fi
+ynh_systemd_action --service_name=uwsgi-app@$app.service --action=restart --line_match="spawned uWSGI master process" --log_path="/var/log/uwsgi/$app/$app.log"
 
 #=================================================
 # RELOAD NGINX
 #=================================================
-ynh_script_progression --message="Reloading nginx web server..."
+ynh_script_progression --message="Reloading NGINX web server..."
 
 ynh_systemd_action --service_name=nginx --action=reload
 
@@ -197,4 +186,4 @@ ynh_systemd_action --service_name=nginx --action=reload
 # END OF SCRIPT
 #=================================================
 
-ynh_script_progression --message="Upgrade of $app completed" --last
+ynh_script_progression --message="Upgrade of Searx completed" --last

sources/extra_files/app/requirements-ynh.txt

@@ -1,16 +1,16 @@
-# Have a look to https://github.com/asciimoo/searx/blob/master/requirements.txt for each upgrade of Searx
-certifi==2019.3.9
-#babel==2.7.0
+# Have a look to https://github.com/searx/searx/blob/master/requirements.txt
+certifi==2020.4.5.1
+babel==2.7.0
 flask-babel==1.0.0
-flask==1.0.2
-idna==2.8
-jinja2==2.10.1
-#lxml==4.3.3
+flask==1.1.2
+idna==2.9
+jinja2==2.11.1
+lxml==4.5.0
 pygments==2.1.3
-pyopenssl==19.0.0
+pyopenssl==19.1.0
 python-dateutil==2.8.0
-pyyaml==5.1
-requests[socks]==2.22.0
+pyyaml==5.3.1
+requests[socks]==2.23.0
 
 # Additionnals requirements
 markupsafe>=0.23