diff --git a/manifest.json b/manifest.json
deleted file mode 100644
index d835889..0000000
--- a/manifest.json
+++ /dev/null
@@ -1,69 +0,0 @@
-{
-	"name": "Synapse",
-	"id": "synapse",
-	"packaging_format": 1,
-	"description": {
-		"en": "Instant messaging server which uses Matrix",
-		"fr": "Serveur de messagerie instantané basé sur Matrix"
-	},
-	"version": "1.95.0~ynh1",
-	"url": "http://matrix.org",
-	"license": "Apache-2.0",
-	"maintainer": {
-		"name": "Josué Tille",
-		"email": "josue@tille.ch"
-	},
-    "upstream": {
-        "license": "Apache-2.0",
-        "website": "https://matrix.org/",
-        "code": "https://github.com/matrix-org/synapse"
-    },
-	"requirements": {
-		"yunohost": ">= 11.2"
-	},
-	"multi_instance": true,
-	"services": [
-		"nginx"
-	],
-	"arguments": {
-		"install" : [
-			{
-				"name": "domain",
-				"type": "domain"
-			},
-			{
-				"name": "server_name",
-				"type": "string",
-				"ask": {
-					"en": "If your Synapse domain is a subdomain, you can choose a name for your Synapse server to have your Matrix user-ids looking like @user:domain.org instead of @user:synapse.domain.org",
-					"fr": "Si votre domaine pour Synapse est un sous-domaine, vous pouvez choisir un nom pour votre serveur Synapse afin que vos identifiants Matrix soient @utilisateur:domain.org plutôt que @utilisateur:synapse.domain.org"
-				},
-				"example": "domain.org",
-				"default": "Same than the domain"
-			},
-			{
-				"name": "is_free_registration",
-				"type": "boolean",
-				"ask": {
-					"en": "Is it a server with free registration?",
-					"fr": "Est-ce un serveur avec création de compte libre ?"
-				},
-				"default": false,
-				"help": {
-					"en": "A public server means that anybody will be able to register on this server.",
-					"fr": "Un serveur public signifie que n'importe qui pourra s'enregistrer sur ce serveur."
-				}
-			},
-			{
-				"name": "jitsi_server",
-				"type": "string",
-				"ask": {
-					"en": "Jitsi server address for conferencing?",
-					"fr": "Adresse du serveur Jitsi pour les conférences ?"
-				},
-				"example": "domain.org",
-				"default": "jitsi.riot.im"
-			}
-		]
-	}
-}
diff --git a/manifest.toml b/manifest.toml
index 12ec0d3..aaf0fe6 100644
--- a/manifest.toml
+++ b/manifest.toml
@@ -13,18 +13,19 @@ maintainers = ["Josué Tille"]
 license = "Apache-2.0"
 website = "https://matrix.org/"
 code = "https://github.com/matrix-org/synapse"
-cpe = "???" # FIXME: optional but recommended if relevant, this is meant to contain the Common Platform Enumeration, which is sort of a standard id for applications defined by the NIST. In particular, Yunohost may use this is in the future to easily track CVE (=security reports) related to apps. The CPE may be obtained by searching here: https://nvd.nist.gov/products/cpe/search. For example, for Nextcloud, the CPE is 'cpe:2.3:a:nextcloud:nextcloud' (no need to include the version number)
-fund = "???" # FIXME: optional but recommended (or remove if irrelevant / not applicable). This is meant to be an URL where people can financially support this app, especially when its development is based on volunteers and/or financed by its community. YunoHost may later advertise it in the webadmin.
+admindoc = "https://matrix-org.github.io/synapse/latest/welcome_and_overview.html"
+cpe = "cpe:2.3:a:matrix:synapse"
+fund = "https://matrix.org/support/#"
 
 [integration]
 yunohost = ">= 11.2"
-architectures = "all" # FIXME: can be replaced by a list of supported archs using the dpkg --print-architecture nomenclature (amd64/i386/armhf/arm64), for example: ["amd64", "i386"]
+architectures = "all"
 multi_instance = true
-ldap = "?" # FIXME: replace with true, false, or "not_relevant". Not to confuse with the "sso" key : the "ldap" key corresponds to wether or not a user *can* login on the app using its YunoHost credentials.
-sso = "?" # FIXME: replace with true, false, or "not_relevant". Not to confuse with the "ldap" key : the "sso" key corresponds to wether or not a user is *automatically logged-in* on the app when logged-in on the YunoHost portal.
-disk = "50M" # FIXME: replace with an **estimate** minimum disk requirement. e.g. 20M, 400M, 1G, ...
-ram.build = "50M" # FIXME: replace with an **estimate** minimum ram requirement. e.g. 50M, 400M, 1G, ...
-ram.runtime = "50M" # FIXME: replace with an **estimate** minimum ram requirement. e.g. 50M, 400M, 1G, ...
+ldap = true
+sso = "not_relevant"
+disk = "250M"
+ram.build = "20M"
+ram.runtime = "200M"
 
 [install]
     [install.domain]
@@ -54,25 +55,58 @@ ram.runtime = "50M" # FIXME: replace with an **estimate** minimum ram requiremen
     default = "jitsi.riot.im"
 
 [resources]
-    [resources.sources]
-        [resources.sources.armv7_bookworm]
-        url = "https://github.com/YunoHost-Apps/synapse_python_build/releases/download/v1.95.0/matrix-synapse_1.95.0-bookworm-bin1_armv7l.tar.gz"
-        sha256 = "1a1d9248b139f67d23a89a20745d14d88c5b8627f76872d7f94f66952b5f1253"
-
-        [resources.sources.armv7_bullseye]
-        url = "https://github.com/YunoHost-Apps/synapse_python_build/releases/download/v1.95.0/matrix-synapse_1.95.0-bullseye-bin1_armv7l.tar.gz"
-        sha256 = "97e9942bea9bcecc2a75228255a1824298300302559a9332e50816fa54193738"
+    [resources.sources.prebuilt_bookworm]
+    armv7.url = "https://github.com/YunoHost-Apps/synapse_python_build/releases/download/v1.95.0/matrix-synapse_1.95.0-bookworm-bin1_armv7l.tar.gz"
+    armv7.sha256 = "1a1d9248b139f67d23a89a20745d14d88c5b8627f76872d7f94f66952b5f1253"
 
+    [resources.sources.prebuilt_bullseye]
+    armv7.url = "https://github.com/YunoHost-Apps/synapse_python_build/releases/download/v1.95.0/matrix-synapse_1.95.0-bullseye-bin1_armv7l.tar.gz"
+    armv7.sha256 = "97e9942bea9bcecc2a75228255a1824298300302559a9332e50816fa54193738"
 
     [resources.system_user]
+    allow_email = true
+    home = "/opt/yunohost/matrix-__APP__"
 
     [resources.install_dir]
+    dir = "/opt/yunohost/matrix-__APP__"
+    owner = "__APP__:rwX"
+    group = "__APP__:rX"
+
+    [resources.data_dir]
+    dir = "/home/yunohost.app/__APP__"
 
     [resources.permissions]
+    main.url = "__DOMAIN__/_matrix/cas_server.php/login"
+    main.label = "Server SSO"
+    main.auth_header = true
+    main.show_tile=false
+    main.protected = true
+
+    server_api.url = "__DOMAIN__/_matrix"
+    server_api.label = "Server access for client apps"
+    admin_api.allowed = "visitors"
+    server_api.auth_header = false
+    server_api.show_tile = false
+    server_api.protected = true
+
+    admin_api.url = "__DOMAIN__/_synapse"
+    admin_api.label = "Admin API"
+    admin_api.allowed = "visitors"
+    admin_api.auth_header = false
+    admin_api.show_tile = false
+    admin_api.protected = true
 
     [resources.ports]
     synapse_tls.default = 8448
     main.default = 8008
     turnserver_tls.default = 5349
-    turnserver_alt_tls.default = 12345
+    turnserver_alt_tls.default = 5350
     cli.default = 5766
+
+    [resources.apt]
+    packages = ["coturn", "acl",
+                "python3-dev", "python3-venv", "python3-pip", "python3-setuptools", "python3-lxml",
+                "build-essential", "libffi-dev", "libssl-dev", "libxml2-dev", "libxslt1-dev", "zlib1g-dev", "libjpeg-dev", "libpq-dev"]
+
+    [resources.database]
+    type = "postgresql"
diff --git a/scripts/install b/scripts/install
index a20c284..f78cf6a 100644
--- a/scripts/install
+++ b/scripts/install
@@ -407,19 +407,11 @@ ynh_add_config --template="../sources/update_synapse_for_appservice.sh" --destin
 #=================================================
 # SETUP PERMISSIONS
 #=================================================
-#REMOVEME? ynh_script_progression --message="Configuring permissions..." --weight=1
 
-ynh_permission_url --permission=main --url=$domain/_matrix/cas_server.php/login --auth_header=true
-#REMOVEME? ynh_permission_update --permission=main --show_tile=false --protected=true
+ynh_script_progression --message="Configuring permissions..." --weight=1
 
-#REMOVEME? ynh_permission_create --permission=server_api --url=$domain/_matrix \
-                      --label="Server access for client apps." --show_tile=false --allowed=visitors \
-                      --auth_header=false --protected=true
-#REMOVEME? ynh_permission_create --permission=admin_api --url=$domain/_synapse \
-                      --label="Server administration API." --show_tile=false \
-                      --auth_header=false --allowed=visitors
 if yunohost --output-as plain domain list | grep -q "^$server_name$"; then
-#REMOVEME?     ynh_permission_create --permission=server_client_infos --url=$server_name/.well-known/matrix \
+    ynh_permission_create --permission=server_client_infos --url=$server_name/.well-known/matrix \
                           --label="Server info for clients. (well-known)" --show_tile=false --allowed=visitors \
                           --auth_header=false --protected=true
 fi