Merge pull request #2 from YunoHost-Apps/example

Example
2024-09-03 20:26:14 +02:00 · 2022-03-03 02:17:40 +01:00 · 2022-03-03 02:17:40 +01:00 · a48771cd0c
commit a48771cd0c
parent 56bf6e46c4 13bc45054e
18 changed files with 114 additions and 196 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,2 +0,0 @@
-*~
-*.sw[op]
--- a/README.md
+++ b/README.md
@ -17,7 +17,8 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in

 A web based, real time, collaborative whiteboard application with rich media support

-**Shipped version:** 2021-08-10~ynh1
+
+**Shipped version:** 2021.08.10~ynh1



@ -31,7 +32,7 @@ A web based, real time, collaborative whiteboard application with rich media sup
 * There is no integration with YunoHost SSO
 ## Documentation and resources

-* Official app website: https://spacedeck.com/
+* Official app website: https://spacedeck.com
 * Upstream app code repository: https://github.com/spacedeck/spacedeck-open
 * YunoHost documentation for this app: https://yunohost.org/app_spacedeck
 * Report a bug: https://github.com/YunoHost-Apps/spacedeck_ynh/issues
--- a/README_fr.md
+++ b/README_fr.md
@ -11,9 +11,10 @@ Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour

 ## Vue d'ensemble

+A web based, real time, collaborative whiteboard application with rich media support


-**Version incluse :** 2021-08-10~ynh1
+**Version incluse :** 2021.08.10~ynh1



@ -27,7 +28,7 @@ Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour
 * There is no integration with YunoHost SSO
 ## Documentations et ressources

-* Site officiel de l'app : https://spacedeck.com/
+* Site officiel de l'app : https://spacedeck.com
 * Dépôt de code officiel de l'app : https://github.com/spacedeck/spacedeck-open
 * Documentation YunoHost pour cette app : https://yunohost.org/app_spacedeck
 * Signaler un bug : https://github.com/YunoHost-Apps/spacedeck_ynh/issues
--- a/6
+++ b/6
@ -1,12 +1,6 @@
-# See here for more information
-# https://github.com/YunoHost/package_check#syntax-check_process-file
-
-# Move this file from check_process.default to check_process when you have filled it.
-
 ;; Test complet
 	; Manifest
 		domain="domain.tld"
-		path="/"
 		is_public=1
 	; Checks
 		pkg_linter=1
--- a/conf/default.json
+++ b/conf/default.json
@ -4,7 +4,7 @@
  
    "host": "localhost",
    "port": __PORT__,
-    "endpoint": "https://__DOMAIN__/__PATH__",
+    "endpoint": "https://__DOMAIN____PATH__",
    "invite_code": "__INVITE_SECRET__",
  
    "storage_dialect": "sqlite",
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@ -1,11 +1,6 @@
 #sub_path_only rewrite ^__PATH__$ __PATH__/ permanent;
 location __PATH__/ {

-  # Force usage of https
-  if ($scheme = http) {
-    rewrite ^ https://$server_name$request_uri? permanent;
-  }
-
  proxy_pass        http://127.0.0.1:__PORT__/;
  proxy_redirect    off;
  proxy_set_header  Host $host;
--- a/conf/systemd.service
+++ b/conf/systemd.service
@ -16,31 +16,31 @@ StandardError=inherit
 # Depending on specificities of your service/app, you may need to tweak these 
 # .. but this should be a good baseline
 # Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html
-NoNewPrivileges=yes
-PrivateTmp=yes
-PrivateDevices=yes
-RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
-RestrictNamespaces=yes
-RestrictRealtime=yes
-DevicePolicy=closed
-ProtectSystem=full
-ProtectControlGroups=yes
-ProtectKernelModules=yes
-ProtectKernelTunables=yes
-LockPersonality=yes
-SystemCallFilter=~@clock @debug @module @mount @obsolete @reboot @setuid @swap
+#NoNewPrivileges=yes
+#PrivateTmp=yes
+#PrivateDevices=yes
+#RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
+#RestrictNamespaces=yes
+#RestrictRealtime=yes
+#DevicePolicy=closed
+#ProtectSystem=full
+#ProtectControlGroups=yes
+#ProtectKernelModules=yes
+#ProtectKernelTunables=yes
+#LockPersonality=yes
+#SystemCallFilter=~@clock @debug @module @mount @obsolete @reboot @setuid @swap

 # Denying access to capabilities that should not be relevant for webapps
 # Doc: https://man7.org/linux/man-pages/man7/capabilities.7.html
-CapabilityBoundingSet=~CAP_RAWIO CAP_MKNOD
-CapabilityBoundingSet=~CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE
-CapabilityBoundingSet=~CAP_SYS_BOOT CAP_SYS_TIME CAP_SYS_MODULE CAP_SYS_PACCT
-CapabilityBoundingSet=~CAP_LEASE CAP_LINUX_IMMUTABLE CAP_IPC_LOCK
-CapabilityBoundingSet=~CAP_BLOCK_SUSPEND CAP_WAKE_ALARM
-CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG
-CapabilityBoundingSet=~CAP_MAC_ADMIN CAP_MAC_OVERRIDE
-CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW
-CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG 
+#CapabilityBoundingSet=~CAP_RAWIO CAP_MKNOD
+#CapabilityBoundingSet=~CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE
+#CapabilityBoundingSet=~CAP_SYS_BOOT CAP_SYS_TIME CAP_SYS_MODULE CAP_SYS_PACCT
+#CapabilityBoundingSet=~CAP_LEASE CAP_LINUX_IMMUTABLE CAP_IPC_LOCK
+#CapabilityBoundingSet=~CAP_BLOCK_SUSPEND CAP_WAKE_ALARM
+#CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG
+#CapabilityBoundingSet=~CAP_MAC_ADMIN CAP_MAC_OVERRIDE
+#CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW
+#CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG 

 [Install]
 WantedBy=multi-user.target
--- a/doc/DESCRIPTION.md
+++ b/doc/DESCRIPTION.md
@ -0,0 +1 @@
+A web based, real time, collaborative whiteboard application with rich media support
--- a/manifest.json
+++ b/manifest.json
@ -5,11 +5,11 @@
    "description": {
        "en": "A web based, real time, collaborative whiteboard application with rich media support"
    },
-    "version": "2021-08-10~ynh1",
-    "url": "https://spacedeck.com/",
+    "version": "2021.08.10~ynh1",
+    "url": "https://spacedeck.com",
    "upstream": {
        "license": "AGPL-3.0-only",
-        "website": "https://spacedeck.com/",
+        "website": "https://spacedeck.com",
        "code": "https://github.com/spacedeck/spacedeck-open"
    },
    "license": "AGPL-3.0-only",
@ -18,26 +18,22 @@
        "email": "tituspijean@outlook.com"
    },
    "requirements": {
-        "yunohost": ">= 4.1.7"
+        "yunohost": ">= 4.3.0"
    },
    "multi_instance": true,
    "services": [
        "nginx"
    ],
    "arguments": {
-        "install" : [
+        "install": [
            {
                "name": "domain",
-                "type": "domain",
-                "example": "example.com"
+                "type": "domain"
            },
            {
                "name": "is_public",
                "type": "boolean",
-                "default": true,
-                "help": {
-                    "en": "Should any visitor be allowed to access Spacedeck without being a YunoHost user?"
-                }
+                "default": true
            }
        ]
    }
--- a/scripts/_common.sh
+++ b/scripts/_common.sh
@ -4,6 +4,8 @@
 # COMMON VARIABLES
 #=================================================

+NODEJS_VERSION=10
+
 # dependencies used by the app
 pkg_dependencies="graphicsmagick ffmpeg ghostscript"

--- a/scripts/backup
+++ b/scripts/backup
@ -15,7 +15,6 @@ source /usr/share/yunohost/helpers
 #=================================================

 ynh_clean_setup () {
-	### Remove this function if there's nothing to clean before calling the remove script.
 	true
 }
 # Exit if an error occurs during the execution of the script
@ -37,11 +36,6 @@ datadir=$(ynh_app_setting_get --app=$app --key=datadir)
 #=================================================
 ynh_print_info --message="Declaring files to be backed up..."

-### N.B. : the following 'ynh_backup' calls are only a *declaration* of what needs
-### to be backuped and not an actual copy of any file. The actual backup that
-### creates and fill the archive with the files happens in the core after this
-### script is called. Hence ynh_backups calls takes basically 0 seconds to run.
-
 #=================================================
 # BACKUP THE APP MAIN DIR
 #=================================================
--- a/scripts/change_url
+++ b/scripts/change_url
@ -28,6 +28,11 @@ ynh_script_progression --message="Loading installation settings..." --time --wei

 # Needed for helper "ynh_add_nginx_config"
 final_path=$(ynh_app_setting_get --app=$app --key=final_path)
+domain=$(ynh_app_setting_get --app=$app --key=domain)
+port=$(ynh_app_setting_get --app=$app --key=port)
+datadir=$(ynh_app_setting_get --app=$app --key=datadir)
+api_secret=$(ynh_app_setting_get --app=$app --key=api_secret)
+invite_secret=$(ynh_app_setting_get --app=$app --key=invite_secret)

 # Add settings here as needed by your application
 #db_name=$(ynh_app_setting_get --app=$app --key=db_name)
@ -108,10 +113,14 @@ fi
 #=================================================
 # SPECIFIC MODIFICATIONS
 #=================================================
-# ADD A CONFIGURATION
+# UPDATE A CONFIG FILE
 #=================================================
+ynh_script_progression --message="Updating a config file..."

-ynh_add_config --template="default.json" --destination="$final_path/config/default.json"
+domain=$new_domain
+path_url=$new_path
+
+ynh_add_config --template="../conf/default.json" --destination="$final_path/config/default.json"

 chmod 400 "$final_path/config/default.json"
 chown $app:$app "$final_path/config/default.json"
@ -123,6 +132,7 @@ chown $app:$app "$final_path/config/default.json"
 #=================================================
 ynh_script_progression --message="Starting a systemd service..." --time --weight=1

+# Start a systemd service
 ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"

 #=================================================
--- a/scripts/install
+++ b/scripts/install
@ -14,7 +14,7 @@ source /usr/share/yunohost/helpers
 #=================================================

 ynh_clean_setup () {
-	read -p "debug me"
+	ynh_clean_check_starting
 }
 # Exit if an error occurs during the execution of the script
 ynh_abort_if_errors
@ -24,7 +24,7 @@ ynh_abort_if_errors
 #=================================================

 domain=$YNH_APP_ARG_DOMAIN
-path_url="/" #$YNH_APP_ARG_PATH
+path_url="/"
 is_public=$YNH_APP_ARG_IS_PUBLIC

 app=$YNH_APP_INSTANCE_NAME
@ -66,7 +66,7 @@ ynh_script_progression --message="Installing dependencies..." --time --weight=1

 ynh_install_app_dependencies $pkg_dependencies

-ynh_install_nodejs --nodejs_version=10
+ynh_install_nodejs --nodejs_version=$NODEJS_VERSION

 #=================================================
 # CREATE DEDICATED USER
@ -104,12 +104,6 @@ ynh_add_nginx_config
 #=================================================
 ynh_script_progression --message="Installing NodeJS dependencies..." --time --weight=1

-invite_secret=$(ynh_string_random --length=32)
-api_secret=$(ynh_string_random --length=32)
-
-ynh_app_setting_set --app=$app --key=invite_secret --value=$invite_secret
-ynh_app_setting_set --app=$app --key=api_secret --value=$api_secret
-
 pushd $final_path
 	ynh_exec_as $app $ynh_node_load_PATH $ynh_npm --loglevel=error install
 	ynh_exec_as $app $ynh_node_load_PATH $ynh_npm --loglevel=error audit fix
@ -120,24 +114,11 @@ popd
 #=================================================
 ynh_script_progression --message="Creating a data directory..." --time --weight=1

-### Use these lines if you need to create a directory to store "persistent files" for the application.
-### Usually this directory is used to store uploaded files or any file that won't be updated during 
-### an upgrade and that won't be deleted during app removal
-### If you're not using these lines:
-###		- Remove the section "BACKUP THE DATA DIR" in the backup script
-###		- As well as the section "RESTORE THE DATA DIRECTORY" in the restore script
-
 datadir=/home/yunohost.app/$app
 ynh_app_setting_set --app=$app --key=datadir --value=$datadir

 mkdir -p $datadir/storage

-# FIXME: this should be managed by the core in the future
-# Here, as a packager, you may have to tweak the ownerhsip/permissions
-# such that the appropriate users (e.g. maybe www-data) can access
-# files in some cases.
-# But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder -
-# this will be treated as a security issue.
 chmod 750 "$datadir"
 chmod -R o-rwx "$datadir"
 chown -R $app:www-data "$datadir"
@ -147,7 +128,13 @@ chown -R $app:www-data "$datadir"
 #=================================================
 ynh_script_progression --message="Adding a configuration file..." --time --weight=1

-ynh_add_config --template="default.json" --destination="$final_path/config/default.json"
+invite_secret=$(ynh_string_random --length=32)
+api_secret=$(ynh_string_random --length=32)
+
+ynh_app_setting_set --app=$app --key=invite_secret --value=$invite_secret
+ynh_app_setting_set --app=$app --key=api_secret --value=$api_secret
+
+ynh_add_config --template="../conf/default.json" --destination="$final_path/config/default.json"

 chmod 400 "$final_path/config/default.json"
 chown $app:$app "$final_path/config/default.json"
--- a/scripts/remove
+++ b/scripts/remove
@ -18,6 +18,7 @@ app=$YNH_APP_INSTANCE_NAME

 domain=$(ynh_app_setting_get --app=$app --key=domain)
 final_path=$(ynh_app_setting_get --app=$app --key=final_path)
+datadir=$(ynh_app_setting_get --app=$app --key=datadir)

 #=================================================
 # STANDARD REMOVE
@ -41,12 +42,12 @@ ynh_script_progression --message="Stopping and removing the systemd service..."
 ynh_remove_systemd_config

 #=================================================
-# REMOVE DEPENDENCIES
+# REMOVE LOGROTATE CONFIGURATION
 #=================================================
-ynh_script_progression --message="Removing dependencies..." --time --weight=1
+ynh_script_progression --message="Removing logrotate configuration..." --time --weight=1

-# Remove metapackage and its dependencies
-ynh_remove_app_dependencies
+# Remove the app-specific logrotate config
+ynh_remove_logrotate

 #=================================================
 # REMOVE APP MAIN DIR
@ -56,6 +57,17 @@ ynh_script_progression --message="Removing app main directory..." --time --weigh
 # Remove the app directory securely
 ynh_secure_remove --file="$final_path"

+#=================================================
+# REMOVE DATA DIR
+#=================================================
+
+# Remove the data directory if --purge option is used
+if [ "${YNH_APP_PURGE:-0}" -eq 1 ]
+then
+	ynh_script_progression --message="Removing app data directory..."
+	ynh_secure_remove --file="$datadir"
+fi
+
 #=================================================
 # REMOVE NGINX CONFIGURATION
 #=================================================
@ -65,12 +77,13 @@ ynh_script_progression --message="Removing NGINX web server configuration..." --
 ynh_remove_nginx_config

 #=================================================
-# REMOVE LOGROTATE CONFIGURATION
+# REMOVE DEPENDENCIES
 #=================================================
-ynh_script_progression --message="Removing logrotate configuration..." --time --weight=1
+ynh_script_progression --message="Removing dependencies..." --time --weight=1

-# Remove the app-specific logrotate config
-ynh_remove_logrotate
+# Remove metapackage and its dependencies
+ynh_remove_nodejs
+ynh_remove_app_dependencies

 #=================================================
 # SPECIFIC REMOVE
@ -79,9 +92,6 @@ ynh_remove_logrotate
 #=================================================
 ynh_script_progression --message="Removing various files..." --time --weight=1

-# Remove a cron file
-ynh_secure_remove --file="/home/yunohost.app/$app"
-
 # Remove the log files
 ynh_secure_remove --file="/var/log/$app"

--- a/scripts/restore
+++ b/scripts/restore
@ -15,8 +15,7 @@ source /usr/share/yunohost/helpers
 #=================================================

 ynh_clean_setup () {
-	#### Remove this function if there's nothing to clean before calling the remove script.
-	true
+	ynh_clean_check_starting
 }
 # Exit if an error occurs during the execution of the script
 ynh_abort_if_errors
@ -38,8 +37,6 @@ datadir=$(ynh_app_setting_get --app=$app --key=datadir)
 #=================================================
 ynh_script_progression --message="Validating restoration parameters..." --time --weight=1

-ynh_webpath_available --domain=$domain --path_url=$path_url \
-	|| ynh_die --message="Path not available: ${domain}${path_url}"
 test ! -d $final_path \
 	|| ynh_die --message="There is already a directory: $final_path "

@ -67,12 +64,6 @@ ynh_script_progression --message="Restoring the app main directory..." --time --

 ynh_restore_file --origin_path="$final_path"

-# FIXME: this should be managed by the core in the future
-# Here, as a packager, you may have to tweak the ownerhsip/permissions
-# such that the appropriate users (e.g. maybe www-data) can access
-# files in some cases.
-# But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder -
-# this will be treated as a security issue.
 chmod 750 "$final_path"
 chmod -R o-rwx "$final_path"
 chown -R $app:www-data "$final_path"
@ -82,7 +73,7 @@ chown -R $app:www-data "$final_path"
 #=================================================
 ynh_script_progression --message="Restoring the data directory..." --time --weight=1

-ynh_restore_file --origin_path="$datadir"
+ynh_restore_file --origin_path="$datadir" --not_mandatory

 mkdir -p $datadir

@ -100,6 +91,8 @@ ynh_script_progression --message="Reinstalling dependencies..." --time --weight=
 # Define and install dependencies
 ynh_install_app_dependencies $pkg_dependencies

+ynh_install_nodejs --nodejs_version=$NODEJS_VERSION
+
 #=================================================
 # RESTORE SYSTEMD
 #=================================================
@ -108,6 +101,16 @@ ynh_script_progression --message="Restoring the systemd configuration..." --time
 ynh_restore_file --origin_path="/etc/systemd/system/$app.service"
 systemctl enable $app.service --quiet

+#=================================================
+# RESTORE THE LOGROTATE CONFIGURATION
+#=================================================
+ynh_script_progression --message="Restoring the logrotate configuration..." --time --weight=1
+
+# Use logrotate to manage application logfile(s)
+ynh_use_logrotate
+
+ynh_restore_file --origin_path="/etc/logrotate.d/$app"
+
 #=================================================
 # INTEGRATE SERVICE IN YUNOHOST
 #=================================================
@ -122,17 +125,10 @@ ynh_script_progression --message="Starting a systemd service..." --time --weight

 ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"

-#=================================================
-# RESTORE THE LOGROTATE CONFIGURATION
-#=================================================
-ynh_script_progression --message="Restoring the logrotate configuration..." --time --weight=1
-
-ynh_restore_file --origin_path="/etc/logrotate.d/$app"
-
 #=================================================
 # GENERIC FINALIZATION
 #=================================================
-# RELOAD NGINX AND PHP-FPM
+# RELOAD NGINX
 #=================================================
 ynh_script_progression --message="Reloading NGINX web server..." --time --weight=1

--- a/scripts/upgrade
+++ b/scripts/upgrade
@ -18,21 +18,17 @@ app=$YNH_APP_INSTANCE_NAME

 domain=$(ynh_app_setting_get --app=$app --key=domain)
 path_url=$(ynh_app_setting_get --app=$app --key=path)
-admin=$(ynh_app_setting_get --app=$app --key=admin)
 final_path=$(ynh_app_setting_get --app=$app --key=final_path)
-language=$(ynh_app_setting_get --app=$app --key=language)
-db_name=$(ynh_app_setting_get --app=$app --key=db_name)
+port=$(ynh_app_setting_get --app=$app --key=port)
+datadir=$(ynh_app_setting_get --app=$app --key=datadir)
+api_secret=$(ynh_app_setting_get --app=$app --key=api_secret)
+invite_secret=$(ynh_app_setting_get --app=$app --key=invite_secret)

 #=================================================
 # CHECK VERSION
 #=================================================
+ynh_script_progression --message="Checking version..."

-### This helper will compare the version of the currently installed app and the version of the upstream package.
-### $upgrade_type can have 2 different values
-### - UPGRADE_APP if the upstream app version has changed
-### - UPGRADE_PACKAGE if only the YunoHost package has changed
-### ynh_check_app_version_changed will stop the upgrade if the app is up to date.
-### UPGRADE_APP should be used to upgrade the core app only if there's an upgrade to do.
 upgrade_type=$(ynh_check_app_version_changed)

 #=================================================
@ -43,6 +39,7 @@ ynh_script_progression --message="Backing up the app before upgrading (may take
 # Backup the current version of the app
 ynh_backup_before_upgrade
 ynh_clean_setup () {
+	ynh_clean_check_starting
 	# Restore it if the upgrade fails
 	ynh_restore_upgradebackup
 }
@ -63,27 +60,6 @@ ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app
 #=================================================
 ynh_script_progression --message="Ensuring downward compatibility..." --time --weight=1

-#
-# N.B. : the followings setting migrations snippets are provided as *EXAMPLES*
-# of what you may want to do in some cases (e.g. a setting was not defined on
-# some legacy installs and you therefore want to initiaze stuff during upgrade)
-#
-
-# If db_name doesn't exist, create it
-#if [ -z "$db_name" ]; then
-#	db_name=$(ynh_sanitize_dbid --db_name=$app)
-#	ynh_app_setting_set --app=$app --key=db_name --value=$db_name
-#fi
-
-# If final_path doesn't exist, create it
-#if [ -z "$final_path" ]; then
-#	final_path=/var/www/$app
-#	ynh_app_setting_set --app=$app --key=final_path --value=$final_path
-#fi
-
-### If nobody installed your app before 4.1,
-### then you may safely remove these lines
-
 # Cleaning legacy permissions
 if ynh_legacy_permissions_exists; then
 	ynh_legacy_permissions_delete_all
@ -91,16 +67,6 @@ if ynh_legacy_permissions_exists; then
 	ynh_app_setting_delete --app=$app --key=is_public
 fi

-if ! ynh_permission_exists --permission="admin"; then
-	# Create the required permissions
-	ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin
-fi
-
-# Create a permission if needed
-if ! ynh_permission_exists --permission="api"; then
-	ynh_permission_create --permission="api" --url="/api" --allowed="visitors" --show_tile="false" --protected="true"
-fi
-
 #=================================================
 # CREATE DEDICATED USER
 #=================================================
@ -121,12 +87,6 @@ then
 	ynh_setup_source --dest_dir="$final_path"
 fi

-# FIXME: this should be managed by the core in the future
-# Here, as a packager, you may have to tweak the ownerhsip/permissions
-# such that the appropriate users (e.g. maybe www-data) can access
-# files in some cases.
-# But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder -
-# this will be treated as a security issue.
 chmod 750 "$final_path"
 chmod -R o-rwx "$final_path"
 chown -R $app:www-data "$final_path"
@ -146,44 +106,29 @@ ynh_script_progression --message="Upgrading dependencies..." --time --weight=1

 ynh_install_app_dependencies $pkg_dependencies

-#=================================================
-# PHP-FPM CONFIGURATION
-#=================================================
-ynh_script_progression --message="Upgrading PHP-FPM configuration..." --time --weight=1
-
-# Create a dedicated PHP-FPM config
-ynh_add_fpm_config
+ynh_install_nodejs --nodejs_version=$NODEJS_VERSION

 #=================================================
 # SPECIFIC UPGRADE
 #=================================================
-# ...
+# NODEJS INSTALL
 #=================================================
+ynh_script_progression --message="Installing NodeJS dependencies..." --time --weight=1
+
+pushd $final_path
+	ynh_exec_as $app $ynh_node_load_PATH $ynh_npm --loglevel=error install
+	ynh_exec_as $app $ynh_node_load_PATH $ynh_npm --loglevel=error audit fix
+popd

 #=================================================
 # UPDATE A CONFIG FILE
 #=================================================
 ynh_script_progression --message="Updating a configuration file..." --time --weight=1

-### Same as during install
-###
-### The file will automatically be backed-up if it's found to be manually modified (because
-### ynh_add_config keeps track of the file's checksum)
+ynh_add_config --template="../conf/default.json" --destination="$final_path/config/default.json"

-ynh_add_config --template="some_config_file" --destination="$final_path/some_config_file"
-
-# FIXME: this should be handled by the core in the future
-# You may need to use chmod 600 instead of 400,
-# for example if the app is expected to be able to modify its own config
-chmod 400 "$final_path/some_config_file"
-chown $app:$app "$final_path/some_config_file"
-
-### For more complex cases where you want to replace stuff using regexes,
-### you shoud rely on ynh_replace_string (which is basically a wrapper for sed)
-### When doing so, you also need to manually call ynh_store_file_checksum
-###
-### ynh_replace_string --match_string="match_string" --replace_string="replace_string" --target_file="$final_path/some_config_file"
-### ynh_store_file_checksum --file="$final_path/some_config_file"
+chmod 400 "$final_path/config/default.json"
+chown $app:$app "$final_path/config/default.json"

 #=================================================
 # SETUP SYSTEMD
@ -217,14 +162,6 @@ ynh_script_progression --message="Starting a systemd service..." --time --weight

 ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"

-#=================================================
-# UPGRADE FAIL2BAN
-#=================================================
-ynh_script_progression --message="Reconfiguring Fail2Ban..." --time --weight=1
-
-# Create a dedicated Fail2Ban config
-ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login"
-
 #=================================================
 # RELOAD NGINX
 #=================================================
--- a/sources/extra_files/app/.gitignore
+++ b/sources/extra_files/app/.gitignore
@ -1,2 +0,0 @@
-*~
-*.sw[op]
--- a/sources/patches/.gitignore
+++ b/sources/patches/.gitignore
@ -1,2 +0,0 @@
-*~
-*.sw[op]
				`@ -0,0 +1 @@`
				`A web based, real time, collaborative whiteboard application with rich media support`