Use new helper, migrate to postgresql, use virtualenvionement

2024-09-03 20:26:38 +02:00 · 2017-07-21 22:28:49 +02:00 · 2017-07-21 22:28:49 +02:00 · 469b6dc07b
commit 469b6dc07b
parent e8b97b61d5
18 changed files with 606 additions and 584 deletions
--- a/README.md
+++ b/README.md
@ -11,6 +11,8 @@ If you don't have a dh.pem file in `/etc/yunohost/certs/YOUR DOMAIN/dh.pem` you
 You could built it by this cmd : `sudo openssl dhparam -out /etc/yunohost/certs/YOUR DOMAIN/dh.pem 2048 > /dev/null`
 After that you can install it without problem.
 The install use the python virtualenvironement. Everything is built on the install and some package a compiled so it could take a long time if the processor is slow.
 ## Package update package
 sudo yunohost app upgrade synapse -u https://github.com/YunoHost-Apps/synapse_ynh
--- a/conf/add_sso_conf.py
+++ b/conf/add_sso_conf.py
@ -0,0 +1,11 @@
 import json
 with open("/etc/ssowat/conf.json.persistent", "r") as jsonFile:
    data = json.load(jsonFile)
    if "skipped_urls" in data:
        data["skipped_urls"].append("/_matrix")
    else:
        data["skipped_urls"] = ["/_matrix"]
 with open("/etc/ssowat/conf.json.persistent", "w") as jsonFile:
    jsonFile.write(json.dumps(data, indent=4, sort_keys=True))
--- a/conf/default_matrix-synapse
+++ b/conf/default_matrix-synapse
@ -0,0 +1,3 @@
 # Specify environment variables used when running Synapse
 # SYNAPSE_CACHE_FACTOR=1 (default)
--- a/conf/homeserver.yaml
+++ b/conf/homeserver.yaml
@ -15,7 +15,6 @@ tls_dh_params_path: "/etc/yunohost/certs/__DOMAIN__/dh.pem"
 # Don't bind to the https port
 no_tls: False
 ## Server ##
 server_name: "__DOMAIN__"
@ -109,11 +108,15 @@ listeners:
 # Database configuration
 database:
  # The database engine name
-  name: "sqlite3"
+    name: psycopg2
  # Arguments to pass to the engine
-  args:
+    args:
-    # Path to the database
+        user: __SYNAPSE_DB_USER__
-    database: "/var/lib/matrix-synapse/homeserver.db"
+        password: __SYNAPSE_DB_PWD__
        database: matrix_synapse
        host: localhost
        cp_min: 5
        cp_max: 10
 # Number of events to cache in memory.
 event_cache_size: "10K"
@ -326,6 +329,7 @@ trusted_third_party_id_servers:
 # Enable collection and rendering of performance metrics
 enable_metrics: False
 report_stats: False
 ## API Configuration ##
--- a/conf/log.yaml
+++ b/conf/log.yaml
@ -0,0 +1,36 @@
 version: 1
 formatters:
  precise:
   format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s- %(message)s'
 filters:
  context:
    (): synapse.util.logcontext.LoggingContextFilter
    request: ""
 handlers:
  file:
    class: logging.handlers.RotatingFileHandler
    formatter: precise
    filename: /var/log/matrix-synapse/homeserver.log
    maxBytes: 104857600
    backupCount: 10
    filters: [context]
    level: INFO
  console:
    class: logging.StreamHandler
    formatter: precise
    level: WARN
 loggers:
    synapse:
        level: INFO
    synapse.storage.SQL:
        level: INFO
 root:
    level: INFO
    handlers: [file, console]
--- a/conf/logrotate
+++ b/conf/logrotate
@ -1,20 +0,0 @@
 /var/log/__APP_/.log {
 		# Effectue une rotation des logs tout les mois
 	monthly
 		# Ou si le fichier de log dépasse 100Mo
 	size 100M
 		# Garde un maximum de 12 anciens logs
 	rotate 12
 		# Compresse les logs avec gzip
 	compress
 		# Compresse le log au cycle suivant. Donc garde toujours 2 logs non compressés.
 	delaycompress
 		# Copie et tronque le journal pour permettre la poursuite de l'écriture. Plutôt que de déplacer le log.
 	copytruncate
 		# Ne renvoi pas d'erreur si le fichier de log est absent.
 	missingok
 		# Ne fait pas de rotation si le log est vide.
 	notifempty
 		# Garde les anciens logs dans le même dossier.
 	noolddir
 }
--- a/conf/matrix-synapse.service
+++ b/conf/matrix-synapse.service
@ -0,0 +1,15 @@
 [Unit]
 Description=Synapse Matrix homeserver
 [Service]
 Type=simple
 User=matrix-synapse
 WorkingDirectory=/var/lib/matrix-synapse
 EnvironmentFile=/etc/default/matrix-synapse
 ExecStartPre=/opt/yunohost/matrix-synapse/bin/python -m synapse.app.homeserver --config-path=/etc/matrix-synapse/homeserver.yaml --config-path=/etc/matrix-synapse/conf.d/ --generate-keys
 ExecStart=/opt/yunohost/matrix-synapse/bin/python -m synapse.app.homeserver --config-path=/etc/matrix-synapse/homeserver.yaml --config-path=/etc/matrix-synapse/conf.d/
 Restart=always
 RestartSec=3
 [Install]
 WantedBy=multi-user.target
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@ -1,4 +1,6 @@
 location __PATH__ {
        proxy_pass http://localhost:__PORT__;
        proxy_set_header X-Forwarded-For $remote_addr;
        client_max_body_size 100M;
 }
--- a/conf/remove_sso_conf.py
+++ b/conf/remove_sso_conf.py
@ -0,0 +1,8 @@
 import json
 with open("/etc/ssowat/conf.json.persistent", "r") as jsonFile:
    data = json.load(jsonFile)
    data["skipped_urls"].remove("/_matrix")
 with open("/etc/ssowat/conf.json.persistent", "w") as jsonFile:
    jsonFile.write(json.dumps(data, indent=4, sort_keys=True))
--- a/conf/virtualenv_activate
+++ b/conf/virtualenv_activate
@ -0,0 +1,78 @@
 # This file must be used with "source bin/activate" *from bash*
 # you cannot run it directly
 deactivate () {
    unset -f pydoc >/dev/null 2>&1
    # reset old environment variables
    # ! [ -z ${VAR+_} ] returns true if VAR is declared at all
    if ! [ -z "${_OLD_VIRTUAL_PATH+_}" ] ; then
        PATH="$_OLD_VIRTUAL_PATH"
        export PATH
        unset _OLD_VIRTUAL_PATH
    fi
    if ! [ -z "${_OLD_VIRTUAL_PYTHONHOME+_}" ] ; then
        PYTHONHOME="$_OLD_VIRTUAL_PYTHONHOME"
        export PYTHONHOME
        unset _OLD_VIRTUAL_PYTHONHOME
    fi
    # This should detect bash and zsh, which have a hash command that must
    # be called to get it to forget past commands.  Without forgetting
    # past commands the $PATH changes we made may not be respected
    if [ -n "${BASH-}" ] || [ -n "${ZSH_VERSION-}" ] ; then
        hash -r 2>/dev/null
    fi
    if ! [ -z "${_OLD_VIRTUAL_PS1+_}" ] ; then
        PS1="$_OLD_VIRTUAL_PS1"
        export PS1
        unset _OLD_VIRTUAL_PS1
    fi
    unset VIRTUAL_ENV
    if [ ! "${1-}" = "nondestructive" ] ; then
    # Self destruct!
        unset -f deactivate
    fi
 }
 # unset irrelevant variables
 deactivate nondestructive
 VIRTUAL_ENV="/opt/yunohost/matrix-synapse"
 export VIRTUAL_ENV
 _OLD_VIRTUAL_PATH="$PATH"
 PATH="$VIRTUAL_ENV/bin:$PATH"
 export PATH
 # unset PYTHONHOME if set
 if ! [ -z "${PYTHONHOME+_}" ] ; then
    _OLD_VIRTUAL_PYTHONHOME="$PYTHONHOME"
    unset PYTHONHOME
 fi
 if [ -z "${VIRTUAL_ENV_DISABLE_PROMPT-}" ] ; then
    _OLD_VIRTUAL_PS1="$PS1"
    if [ "x" != x ] ; then
        PS1="$PS1"
    else
        PS1="(`basename \"$VIRTUAL_ENV\"`) $PS1"
    fi
    export PS1
 fi
 # Make sure to unalias pydoc if it's already there
 alias pydoc 2>/dev/null >/dev/null && unalias pydoc
 pydoc () {
    python -m pydoc "$@"
 }
 # This should detect bash and zsh, which have a hash command that must
 # be called to get it to forget past commands.  Without forgetting
 # past commands the $PATH changes we made may not be respected
 if [ -n "${BASH-}" ] || [ -n "${ZSH_VERSION-}" ] ; then
    hash -r 2>/dev/null
 fi
--- a/manifest.json
+++ b/manifest.json
@ -3,20 +3,20 @@
 	"id": "synapse",
 	"packaging_format": 1,
 	"requirements": {
-		"yunohost": ">= 2.4"
+		"yunohost": ">= 2.6.4"
 	},
 	"description": {
 		"en": "Instant messaging server who use matrix",
 		"fr": "Un serveur de messagerie instantané basé sur matrix"
 	},
-	"version": "1.0",
+	"version": "0.22.0",
-	"url": "http://www.site",
+	"url": "http://matrix.org",
 	"license": "free",
 	"maintainer": {
 		"name": "Josué Tille",
 		"email": "josue@tille.ch"
 	},
-	"multi_instance": true,
+	"multi_instance": false,
 	"services": [
 		"nginx"
 	],
@ -31,15 +31,15 @@
 				},
 				"example": "domain.org"
 			},
-                        {
+			{
-                                "name": "is_public",
+				"name": "is_public",
-                                "type": "boolean",
+				"type": "boolean",
-                                "ask": {
+				"ask": {
-                                        "en": "Is it a public server ?",
+					"en": "Is it a public server ?",
-                                        "fr": "Est-ce un serveur public ?"
+					"fr": "Est-ce un serveur public ?"
-                                },
+				},
-                                "default": "0"
+				"default": "0"
-                        }
+			}
 		]
 	}
 }
--- a/scripts/_common.sh
+++ b/scripts/_common.sh
@ -1,162 +1,126 @@
 #!/bin/bash
-debian_repos="http://httpredir.debian.org/debian/"
+# Retrieve arguments
-md5sum_python_nacl="34c44f8f5100170bae3b4329ffb43087"
+app=$YNH_APP_INSTANCE_NAME
-md5sum_python_ujson="5b65f8cb6bedef7971fdc557e09effbe"
+synapse_user="matrix-synapse"
-python_nacl_version="1.0.1-2"
+synapse_db_name="matrix_synapse"
-python_ujson_version="1.35-1"
+synapse_db_user="matrix_synapse"
 synapse_version="0.22.0"
-init_script() {
+install_dependances() {
-    # Exit on command errors and treat unset variables as an error
+	ynh_install_app_dependencies coturn build-essential python2.7-dev libffi-dev python-pip python-setuptools sqlite3 libssl-dev python-virtualenv libjpeg-dev libpq-dev postgresql
-    set -eu
+	pip install --upgrade pip
 	pip install --upgrade ndg-httpsclient
 	pip install --upgrade virtualenv
 }
-    # Source YunoHost helpers
+install_from_source() {
-    source /usr/share/yunohost/helpers
+    # Create empty dir for synapse
    mkdir -p /var/lib/matrix-synapse
    mkdir -p /var/log/matrix-synapse
    mkdir -p /etc/matrix-synapse/conf.d
    mkdir -p $final_path
-    # Retrieve arguments
+    # Install synapse in virtualenv
-    app=$YNH_APP_INSTANCE_NAME
+    virtualenv -p python2.7 $final_path
-    CHECK_VAR "$app" "app name not set"
+    PS1=""
-    GET_DEBIAN_VERSION
+    cp ../conf/virtualenv_activate $final_path/bin/activate
    source $final_path/bin/activate
    pip install --upgrade pip
    pip install --upgrade setuptools
    pip install https://github.com/matrix-org/synapse/tarball/master
    pip install psycopg2
-    if [ -n "$(uname -m | grep 64)" ]; then
+    # Set permission
-            ARCHITECTURE="amd64"
+    chown $synapse_user:root -R $final_path
-    elif [ -n "$(uname -m | grep 86)" ]; then
+    chown $synapse_user:root -R /var/lib/matrix-synapse
-            ARCHITECTURE="386"
+    chown $synapse_user:root -R /var/log/matrix-synapse
-    elif [ -n "$(uname -m | grep arm)" ]; then
+    chown $synapse_user:root -R /etc/matrix-synapse
            ARCHITECTURE="arm"
    else
            ynh_die "Unable to find arch"
    fi
 }
-install_arm_package_dep() {
+config_nginx() {
 	cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf
-    wget -q -O '/tmp/python-nacl.deb' "${debian_repos}pool/main/p/python-nacl/python-nacl_${python_nacl_version}_armhf.deb"
+	ynh_replace_string __PATH__ $path /etc/nginx/conf.d/$domain.d/$app.conf
-    wget -q -O '/tmp/python-ujson.deb' "${debian_repos}pool/main/u/ujson/python-ujson_${python_ujson_version}_armhf.deb"
+	ynh_replace_string __PORT__ $synapse_port /etc/nginx/conf.d/$domain.d/$app.conf
-
+	
-    if ([[ ! -e '/tmp/python-nacl.deb' ]] || [[ $(md5sum '/tmp/python-nacl.deb' | cut -d' ' -f1) != $md5sum_python_nacl ]]) || \
+	systemctl reload nginx.service
        ([[ ! -e '/tmp/python-ujson.deb' ]] || [[ $(md5sum '/tmp/python-ujson.deb' | cut -d' ' -f1) != $md5sum_python_ujson ]])
    then
        ynh_die "Error : can't get debian dependance package"
    fi
    sudo dpkg -i /tmp/python-nacl.deb || true
    sudo dpkg -i /tmp/python-ujson.deb || true
 }
-GET_DEBIAN_VERSION() {
+config_synapse() {
-    debian_version=$(sudo lsb_release -sc)
+	cp ../conf/homeserver.yaml /etc/matrix-synapse/homeserver.yaml
-    test -z $debian_version && ynh_die "Can't find debian version"
+	cp ../conf/log.yaml /etc/matrix-synapse/log.yaml
-    test $debian_version == 'jessie' || ynh_die "This package is not available for your debian version"
+	
 	ynh_replace_string __DOMAIN__ $domain /etc/matrix-synapse/homeserver.yaml
 	ynh_replace_string __SYNAPSE_DB_USER__ $synapse_db_user /etc/matrix-synapse/homeserver.yaml
 	ynh_replace_string __SYNAPSE_DB_PWD__ $synapse_db_pwd /etc/matrix-synapse/homeserver.yaml
 	ynh_replace_string __PORT__ $synapse_port /etc/matrix-synapse/homeserver.yaml
 	ynh_replace_string __TLS_PORT__ $synapse_tls_port /etc/matrix-synapse/homeserver.yaml
 	ynh_replace_string __TURNSERVER_TLS_PORT__ $turnserver_tls_port /etc/matrix-synapse/homeserver.yaml
 	ynh_replace_string __TURNPWD__ $turnserver_pwd /etc/matrix-synapse/homeserver.yaml
 	if [ "$is_public" = "0" ]
 	then
 		ynh_replace_string __ALLOWED_ACCESS__ False /etc/matrix-synapse/homeserver.yaml
 	else
 		ynh_replace_string __ALLOWED_ACCESS__ True /etc/matrix-synapse/homeserver.yaml
 	fi
 }
-enable_backport_repos() {
+config_coturn() {
-    if [[ -z "$(grep -e "^deb .*/.* $debian_version-backports main" /etc/apt/sources.list ; grep -e "^deb .*/.* $debian_version-backports main" /etc/apt/sources.list.d/*.list)" ]]
+	cp ../conf/default_coturn /etc/default/coturn
-    then
+	cp ../conf/turnserver.conf /etc/turnserver.conf
-        debian_repos_url=$(grep -m 1 "^deb .* $debian_version .*main" /etc/apt/sources.list | cut -d ' ' -f2)
+	
-        test -z "$(echo $debian_repos_url | grep '://')" && debian_repos_url="$debian_repos"
+	ynh_replace_string __TURNPWD__ $turnserver_pwd /etc/turnserver.conf
-        
+	ynh_replace_string __DOMAIN__ $domain /etc/turnserver.conf
-        echo "deb $debian_repos_url $debian_version-backports main contrib non-free" | sudo tee -a "/etc/apt/sources.list"
+	ynh_replace_string __TLS_PORT__ $turnserver_tls_port /etc/turnserver.conf
-    fi
+}
-    ynh_package_update
+
 set_certificat_access() {
 	set_access $synapse_user /etc/yunohost/certs/$domain/crt.pem
 	set_access $synapse_user /etc/yunohost/certs/$domain/key.pem
 	set_access $synapse_user /etc/yunohost/certs/$domain/dh.pem
 	set_access turnserver /etc/yunohost/certs/$domain/crt.pem
 	set_access turnserver /etc/yunohost/certs/$domain/key.pem
 	set_access turnserver /etc/yunohost/certs/$domain/dh.pem
 }
 set_access() { # example : set_access USER FILE
-user="$1"
+    user="$1"
-file_to_set="$2"
+    file_to_set="$2"
-while [[ 0 ]]
+    while [[ 0 ]]
 do    
    path_to_set=""
    oldIFS="$IFS"
    IFS="/"
    for dirname in $file_to_set
    do
-        if [[ -n "$dirname" ]]
+        path_to_set=""
-        then
+        oldIFS="$IFS"
-            sudo test -f "$path_to_set"/"$dirname" && sudo setfacl -m d:u:$user:r "$path_to_set"
+        IFS="/"
-            
+        for dirname in $file_to_set
-            path_to_set="$path_to_set/$dirname"
+        do
-            
+            if [[ -n "$dirname" ]]
            if $(sudo sudo -u $user test ! -r "$path_to_set")
            then
-                sudo test -d "$path_to_set" && sudo setfacl -m user:$user:rx  "$path_to_set"
+                test -f "$path_to_set"/"$dirname" && setfacl -m d:u:$user:r "$path_to_set"
-                sudo test -f "$path_to_set" && sudo setfacl -m user:$user:r  "$path_to_set"
+                
                path_to_set="$path_to_set/$dirname"
                if $(sudo -u $user test ! -r "$path_to_set")
                then
                    test -d "$path_to_set" && setfacl -m user:$user:rx  "$path_to_set"
                    test -f "$path_to_set" && setfacl -m user:$user:r  "$path_to_set"
                fi
            fi
        done
        IFS="$oldIFS"
        if $(test -L "$file_to_set")
        then
            if [[ -n "$(readlink "$file_to_set" | grep -e "^/")" ]]
            then
                file_to_set=$(readlink "$file_to_set") # If it is an absolute path
            else
                file_to_set=$(realpath -s -m "$(echo "$file_to_set" | cut -d'/' -f-$(echo "$file_to_set" | grep -o '/' | wc -l))/$(readlink "$file_to_set")") # If it is an relative path (we get with realpath the absolute path)
            fi
        else
            break
        fi
    done
    IFS="$oldIFS"
    if $(sudo test -L "$file_to_set")
    then
        if [[ -n "$(sudo readlink "$file_to_set" | grep -e "^/")" ]]
        then
            file_to_set=$(sudo readlink "$file_to_set") # If it is an absolute path
        else
            file_to_set=$(sudo realpath -s -m "$(echo "$file_to_set" | cut -d'/' -f-$(echo "$file_to_set" | grep -o '/' | wc -l))/$(sudo readlink "$file_to_set")") # If it is an relative path (we get with realpath the absolute path)
        fi
    else
        break
    fi
 done
 }
 CHECK_VAR () {	# Vérifie que la variable n'est pas vide.
 # $1 = Variable à vérifier
 # $2 = Texte à afficher en cas d'erreur
 	test -n "$1" || (echo "$2" >&2 && false)
 }
 CHECK_PATH () {	# Vérifie la présence du / en début de path. Et son absence à la fin.
 	if [ "${path:0:1}" != "/" ]; then    # Si le premier caractère n'est pas un /
 		path="/$path"    # Ajoute un / en début de path
 	fi
 	if [ "${path:${#path}-1}" == "/" ] && [ ${#path} -gt 1 ]; then    # Si le dernier caractère est un / et que ce n'est pas le seul caractère.
 		path="${path:0:${#path}-1}"	# Supprime le dernier caractère
 	fi
 }
 CHECK_DOMAINPATH () {	# Vérifie la disponibilité du path et du domaine.
 	sudo yunohost app checkurl $domain$path -a $app
 }
 CHECK_FINALPATH () {	# Vérifie que le dossier de destination n'est pas déjà utilisé.
 	final_path=/var/www/$app
 	if [ -e "$final_path" ]
 	then
 		echo "This path already contains a folder" >&2
 		false
 	fi
 }
 # Find a free port and return it
 #
 # example: port=$(ynh_find_port 8080)
 #
 # usage: ynh_find_port begin_port
 # | arg: begin_port - port to start to search
 ynh_find_port () {
 	port=$1
 	test -n "$port" || ynh_die "The argument of ynh_find_port must be a valid port."
 	while netcat -z 127.0.0.1 $port       # Check if the port is free
 	do
 		port=$((port+1))	# Else, pass to next port
 	done
 	echo $port
 }
 ### REMOVE SCRIPT
 REMOVE_NGINX_CONF () {	# Suppression de la configuration nginx
 	if [ -e "/etc/nginx/conf.d/$domain.d/$app.conf" ]; then	# Delete nginx config
 		echo "Delete nginx config"
 		sudo rm "/etc/nginx/conf.d/$domain.d/$app.conf"
 		sudo service nginx reload
 	fi
 }
 REMOVE_LOGROTATE_CONF () {	# Suppression de la configuration de logrotate
 	if [ -e "/etc/logrotate.d/$app" ]; then
 		echo "Delete logrotate config"
 		sudo rm "/etc/logrotate.d/$app"
 	fi
 }
--- a/scripts/backup
+++ b/scripts/backup
@ -1,55 +1,17 @@
 #!/bin/bash
-######## Actually we cant use common script in backup / restore script see this issue for more informations : https://dev.yunohost.org/issues/621
+# Source YunoHost helpers
-# # Import common cmd
+source /usr/share/yunohost/helpers
 # source ./_common.sh
 #
-######## We implement manually this fonctions 
+# Stop script if errors
 ynh_abort_if_errors
-init_script() {
+# Import common cmd
-    # Exit on command errors and treat unset variables as an error
+source ../settings/scripts/_common.sh
-    set -eu
+source ../settings/scripts/psql.sh
    # Source YunoHost helpers
    source /usr/share/yunohost/helpers
    # Retrieve arguments
    app=$YNH_APP_INSTANCE_NAME
    CHECK_VAR "$app" "app name not set"
    GET_DEBIAN_VERSION
    if [ -n "$(uname -m | grep 64)" ]; then
            ARCHITECTURE="amd64"
    elif [ -n "$(uname -m | grep 86)" ]; then
            ARCHITECTURE="386"
    elif [ -n "$(uname -m | grep arm)" ]; then
            ARCHITECTURE="arm"
    else
            ynh_die "Unable to find arch"
    fi
 }
 GET_DEBIAN_VERSION() {
    debian_version=$(sudo lsb_release -sc)
    test -z $debian_version && ynh_die "Can't find debian version"
    test $debian_version == 'jessie' || ynh_die "This package is not available for your debian version"
 }
 CHECK_VAR () {	# Vérifie que la variable n'est pas vide.
 # $1 = Variable à vérifier
 # $2 = Texte à afficher en cas d'erreur
 	test -n "$1" || (echo "$2" >&2 && false)
 }
 ######## End of common fonctions
 # Init script
 init_script
 # Retrieve arguments
-final_path=$(ynh_app_setting_get $app final_path)
+domain=$(ynh_app_setting_get $app special_domain)
 domain=$(ynh_app_setting_get $app domain)
 # Copy Nginx config
 ynh_backup "/etc/nginx/conf.d/${domain}.d/${app}.conf" "nginx.conf"
@ -62,9 +24,14 @@ ynh_backup "/etc/turnserver.conf" "coturn_config"
 ynh_backup "/etc/default/coturn" "coturn_config_default"
 # Backup synapse database
-ynh_backup "/var/lib/matrix-synapse" "data"
+ynh_backup "/var/lib/matrix-synapse" "data" 1
 # Backup Postgresql database
 sudo su -c "pg_dump $synapse_db_name" postgres > ${YNH_CWD}/dump.sql
 # Copie la configuration de logrotate
 ynh_backup "/etc/logrotate.d/$app" "logrotate"
-
+# Backup systemd service
 ynh_backup "/etc/default/matrix-synapse"
 ynh_backup "/etc/systemd/system/matrix-synapse.service"
--- a/scripts/install
+++ b/scripts/install
@ -1,122 +1,97 @@
 #!/bin/bash
 # Source YunoHost helpers
 source /usr/share/yunohost/helpers
 source ./psql.sh
 # Stop script if errors
 ynh_abort_if_errors
 # Import common cmd
 source ./_common.sh
 # Init script
 init_script
 # Retrieve arguments
 domain=$YNH_APP_ARG_DOMAIN
 path="/_matrix"
 is_public=$YNH_APP_ARG_IS_PUBLIC
 path="/_matrix"
 final_path="/opt/yunohost/matrix-synapse"
-CHECK_PATH	# Vérifie et corrige la syntaxe du path.
+# Check domain/path availability
-CHECK_DOMAINPATH	# Vérifie la disponibilité du path et du domaine.
+test $(ynh_webpath_available $domain $path) == 'True' || ynh_die "$domain$path is not available, please use an other domain."
-CHECK_FINALPATH	# Vérifie que le dossier de destination n'est pas déjà utilisé.
+
 # Check Final Path availability
 test ! -e "$final_path" || ynh_die "This path already contains a folder"
 # Ouvre le port dans le firewall
 synapse_tls_port=$(ynh_find_port 8448)
 synapse_port=$(ynh_find_port 8008)
 turnserver_tls_port=$(ynh_find_port 5349)
-sudo yunohost firewall allow --no-upnp TCP $synapse_tls_port > /dev/null 2>&1
+yunohost firewall allow --no-upnp TCP $synapse_tls_port > /dev/null 2>&1
-sudo yunohost firewall allow --no-upnp Both $turnserver_tls_port > /dev/null 2>&1
+yunohost firewall allow --no-upnp Both $turnserver_tls_port > /dev/null 2>&1
 # Make dh cert for synapse if it not exist
-test ! -e /etc/yunohost/certs/$domain/dh.pem && sudo openssl dhparam -out /etc/yunohost/certs/$domain/dh.pem 2048 > /dev/null
+test ! -e /etc/yunohost/certs/$domain/dh.pem && openssl dhparam -out /etc/yunohost/certs/$domain/dh.pem 2048 > /dev/null
-# Find password for turnserver
+# Find password for turnserver and database
 turnserver_pwd=$(ynh_string_random 30)
 synapse_db_pwd=$(ynh_string_random 30)
 # Enregistre les infos dans la config YunoHost
-ynh_app_setting_set $app domain $domain
+ynh_app_setting_set $app special_domain $domain
-ynh_app_setting_set $app path $path
+ynh_app_setting_set $app special_path $path
 ynh_app_setting_set $app final_path $final_path
 ynh_app_setting_set $app synapse_version $synapse_version
 ynh_app_setting_set $app synapse_db_pwd $synapse_db_pwd
 ynh_app_setting_set $app is_public $is_public
 ynh_app_setting_set $app synapse_port $synapse_port
 ynh_app_setting_set $app synapse_tls_port $synapse_tls_port
 ynh_app_setting_set $app turnserver_tls_port $turnserver_tls_port
 ynh_app_setting_set $app turnserver_pwd $turnserver_pwd
-# Et copie le fichier de config nginx
+# Install all dependances
-sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf
+install_dependances
-# Modifie les variables dans le fichier de configuration nginx
+# Create user
-sudo sed -i "s@__PATH__@$path@g" /etc/nginx/conf.d/$domain.d/$app.conf
+ynh_system_user_create $synapse_user /var/lib/matrix-synapse
 sudo sed -i "s@__PORT__@$synapse_port@g" /etc/nginx/conf.d/$domain.d/$app.conf
-# Get Matrix key repos
+# Create postgresql database
-wget -q -O '/tmp/matrix-repo-key.asc' "https://matrix.org/packages/debian/repo-key.asc"
+ynh_psql_create_user $synapse_db_user $synapse_db_pwd
-sudo apt-key add "/tmp/matrix-repo-key.asc"
+ynh_psql_execute_as_root \
 "CREATE DATABASE $synapse_db_name ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' template=template0 OWNER $synapse_db_user;"
-echo "matrix-synapse matrix-synapse/server-name select $domain" | sudo debconf-set-selections # Configure dpkg for no questions
+# Create directory Install synapse in virtualenv
-echo "matrix-synapse matrix-synapse/report-stats select false" | sudo debconf-set-selections # Configure dpkg for no questions
+install_from_source
-# Install coturn (the turn server)
+# Open access to server without a button the home
-ynh_package_install coturn
+cp ../conf/add_sso_conf.py $final_path
 cp ../conf/remove_sso_conf.py $final_path
 python $final_path/add_sso_conf.py
-# Enable debian-backports repos
+# Create systemd service
-enable_backport_repos
+cp ../conf/default_matrix-synapse /etc/default/matrix-synapse
 cp ../conf/matrix-synapse.service /etc/systemd/system/
 systemctl daemon-reload
 systemctl enable matrix-synapse.service
-# Enable Synapse repos
+# Config nginx
-if [[ -n "$(uname -m | grep arm)" ]]
+config_nginx
 then
        # Use special conf for arm arch because some binary are not available in jessie backport or in matrix repos
        install_arm_package_dep
        ynh_package_install -t $debian_version-backports -f
        echo "deb [arch=i386] http://matrix.org/packages/debian/ $debian_version main" | sudo tee -a "/etc/apt/sources.list.d/matrix.list"
        ynh_package_update
 else
        echo "deb http://matrix.org/packages/debian/ $debian_version main" | sudo tee -a "/etc/apt/sources.list.d/matrix.list"
        ynh_package_update
 fi
 # Install synapse package
 # We neet to install python-cryptography to Solve a python error about dependance (from cryptography.hazmat.primitives.asymmetric.utils)
 ynh_package_install -t $debian_version-backports matrix-synapse python-matrix-synapse-ldap3 python-cryptography
 # Configure Synapse
-sudo cp ../conf/homeserver.yaml /etc/matrix-synapse/homeserver.yaml
+config_synapse
 sudo sed -i "s@__DOMAIN__@$domain@g" /etc/matrix-synapse/homeserver.yaml
 sudo sed -i "s@__PORT__@$synapse_port@g" /etc/matrix-synapse/homeserver.yaml
 sudo sed -i "s@__TLS_PORT__@$synapse_tls_port@g" /etc/matrix-synapse/homeserver.yaml
 sudo sed -i "s@__TURNSERVER_TLS_PORT__@$turnserver_tls_port@g" /etc/matrix-synapse/homeserver.yaml
 sudo sed -i "s@__TURNPWD__@$turnserver_pwd@g" /etc/matrix-synapse/homeserver.yaml
 if [ "$is_public" = "0" ]
 then
    sudo sed -i "s@__ALLOWED_ACCESS__@False@g" /etc/matrix-synapse/homeserver.yaml
 else
    sudo sed -i "s@__ALLOWED_ACCESS__@True@g" /etc/matrix-synapse/homeserver.yaml
 fi
 # Configure Coturn
-sudo cp ../conf/default_coturn /etc/default/coturn
+config_coturn
 sudo cp ../conf/turnserver.conf /etc/turnserver.conf
 sudo sed -i "s@__TURNPWD__@$turnserver_pwd@g" /etc/turnserver.conf
 sudo sed -i "s@__DOMAIN__@$domain@g" /etc/turnserver.conf
 sudo sed -i "s@__TLS_PORT__@$turnserver_tls_port@g" /etc/turnserver.conf
 # Configure access for certificates
-set_access matrix-synapse /etc/yunohost/certs/$domain/crt.pem
+set_certificat_access
 set_access matrix-synapse /etc/yunohost/certs/$domain/key.pem
 set_access matrix-synapse /etc/yunohost/certs/$domain/dh.pem
 set_access turnserver /etc/yunohost/certs/$domain/crt.pem
 set_access turnserver /etc/yunohost/certs/$domain/key.pem
 set_access turnserver /etc/yunohost/certs/$domain/dh.pem
 # Configuration de logrotate
-sed -i "s@__APP__@$app@g" ../conf/logrotate
+ynh_use_logrotate /var/log/matrix-synapse/
 sudo cp ../conf/logrotate /etc/logrotate.d/$app
 ynh_app_setting_set $app skipped_uris "/"
 # register yunohost service
-sudo yunohost service add matrix-synapse
+yunohost service add matrix-synapse
 # Régénère la configuration de SSOwat
 sudo yunohost app ssowatconf
 # Recharge la configuration Nginx
-sudo service nginx reload
+systemctl restart matrix-synapse.service
-sudo service matrix-synapse restart
+systemctl restart coturn.service
 sudo service coturn restart
--- a/scripts/psql.sh
+++ b/scripts/psql.sh
@ -0,0 +1,52 @@
 # # Execute a command as root user
 #
 # usage: ynh_psql_execute_as_root sql [db]
 # | arg: sql - the SQL command to execute
 # | arg: db - the database to connect to
 ynh_psql_execute_as_root () {
 	sudo su -c "psql" - postgres <<< ${1}
 }
 # Create a user
 #
 # usage: ynh_psql_create_user user pwd [host]
 # | arg: user - the user name to create
 # | arg: pwd - the password to identify user by
 ynh_psql_create_user() {
 	ynh_psql_execute_as_root \
 	"CREATE USER ${1} WITH PASSWORD '${2}';"
 }
 # Create a database and grant optionnaly privilegies to a user
 #
 # usage: ynh_psql_create_db db [user [pwd]]
 # | arg: db - the database name to create
 # | arg: user - the user to grant privilegies
 # | arg: pwd - the password to identify user by
 ynh_psql_create_db() {
    db=$1
    # grant all privilegies to user
    if [[ $# -gt 1 ]]; then
        ynh_psql_create_user ${2} "${3}"
        sudo su -c "createdb -O ${2} $db" -  postgres
    else
        sudo su -c "createdb $db" -  postgres
    fi
 }
 # Drop a database
 #
 # usage: ynh_psql_drop_db db
 # | arg: db - the database name to drop
 ynh_psql_drop_db() {
    sudo su -c "dropdb ${1}" -  postgres
 }
 # Drop a user
 #
 # usage: ynh_psql_drop_user user
 # | arg: user - the user name to drop
 ynh_psql_drop_user() {
    sudo su -c "dropuser ${1}" - postgres
 }
--- a/scripts/remove
+++ b/scripts/remove
@ -1,28 +1,34 @@
 #!/bin/bash
 # Source YunoHost helpers
 source /usr/share/yunohost/helpers
 source ./psql.sh
 # Stop script if errors
 set -u
 # Import common cmd
 source ./_common.sh
-# Init script
+# Retrieve app settings
-init_script
+domain=$(ynh_app_setting_get $app special_domain)
-
+final_path=$(ynh_app_setting_get $app final_path)
 domain=$(ynh_app_setting_get $app domain)
 synapse_tls_port=$(ynh_app_setting_get $app synapse_tls_port)
 turnserver_tls_port=$(ynh_app_setting_get $app turnserver_tls_port)
-sudo service matrix-synapse stop || true
+systemctl stop matrix-synapse.service || true
-sudo service coturn stop || true
+systemctl stop coturn.service || true
-ynh_package_autoremove matrix-synapse python-matrix-synapse-ldap3 coturn || true
+# Suppression de la configuration nginx
-
+ynh_secure_remove "/etc/nginx/conf.d/$domain.d/$app.conf"
-REMOVE_NGINX_CONF	# Suppression de la configuration nginx
+systemctl reload nginx.service
 REMOVE_LOGROTATE_CONF	# Suppression de la configuration de logrotate
 # Close firewall ports
 closeport() {
-    if sudo yunohost firewall list | grep -q "\- $port$"
+    if yunohost firewall list | grep -q "\- $port$"
    then
            echo "Close port $port"
-            sudo yunohost firewall disallow TCP $port > /dev/null
+            yunohost firewall disallow TCP $port > /dev/null
    fi
 }
@ -31,13 +37,37 @@ closeport
 port=$turnserver_tls_port
 closeport
-sudo rm -rf /etc/apt/sources.list.d/matrix.list
+# Remove the skipped url
-sudo rm -rf /var/lib/matrix-synapse
+python $final_path/remove_sso_conf.py
 ynh_package_update
-sudo yunohost service remove matrix-synapse
+# Remove depandance
 ynh_remove_app_dependencies || true
-# Régénère la configuration de SSOwat
+# Clean all directory
-sudo yunohost app ssowatconf
+ynh_secure_remove $final_path
-sudo service nginx reload
+ynh_secure_remove /var/lib/matrix-synapse
 ynh_secure_remove /var/log/matrix-synapse
 ynh_secure_remove /etc/matrix-synapse
 ynh_secure_remove /etc/default/matrix-synapse
 # Remove systemd service
 systemctl disable matrix-synapse.service
 ynh_secure_remove /etc/systemd/system/matrix-synapse.service
 systemctl daemon-reload
 # Remove database and user
 ynh_psql_drop_db $synapse_db_name
 ynh_psql_drop_user $synapse_db_user
 # Remove user
 ynh_system_user_delete matrix-synapse
 # Remove logrotate
 ynh_remove_logrotate
 # Remove Monitoring
 yunohost service remove matrix-synapse
 # Reload nginx
 systemctl reload nginx.service
--- a/scripts/restore
+++ b/scripts/restore
@ -1,236 +1,70 @@
 #!/bin/bash
-######## Actually we cant use common script in backup / restore script see this issue for more informations : https://dev.yunohost.org/issues/621
+# Source YunoHost helpers
-# # Import common cmd
+source /usr/share/yunohost/helpers
 # source ./_common.sh
 #
-######## We implement manually this fonctions 
+# Stop script if errors
 ynh_abort_if_errors
-#!/bin/bash
+# Import common cmd
-
+source ../settings/scripts/_common.sh
-md5sum_python_nacl="34c44f8f5100170bae3b4329ffb43087"
+source ../settings/scripts/psql.sh
 md5sum_python_ujson="5b65f8cb6bedef7971fdc557e09effbe"
 python_nacl_version="1.0.1-2"
 python_ujson_version="1.35-1"
 init_script() {
    # Exit on command errors and treat unset variables as an error
    set -eu
    # Source YunoHost helpers
    source /usr/share/yunohost/helpers
    # Retrieve arguments
    app=$YNH_APP_INSTANCE_NAME
    CHECK_VAR "$app" "app name not set"
    GET_DEBIAN_VERSION
    if [ -n "$(uname -m | grep 64)" ]; then
            ARCHITECTURE="amd64"
    elif [ -n "$(uname -m | grep 86)" ]; then
            ARCHITECTURE="386"
    elif [ -n "$(uname -m | grep arm)" ]; then
            ARCHITECTURE="arm"
    else
            ynh_die "Unable to find arch"
    fi
 }
 install_arm_package_dep() {
    wget -q -O '/tmp/python-nacl.deb' "http://ftp.ch.debian.org/debian/pool/main/p/python-nacl/python-nacl_${python_nacl_version}_armhf.deb"
    wget -q -O '/tmp/python-ujson.deb' "http://ftp.ch.debian.org/debian/pool/main/u/ujson/python-ujson_${python_ujson_version}_armhf.deb"
    if ([[ ! -e '/tmp/python-nacl.deb' ]] || [[ $(md5sum '/tmp/python-nacl.deb' | cut -d' ' -f1) != $md5sum_python_nacl ]]) || \
        ([[ ! -e '/tmp/python-ujson.deb' ]] || [[ $(md5sum '/tmp/python-ujson.deb' | cut -d' ' -f1) != $md5sum_python_ujson ]])
    then
        ynh_die "Error : can't get debian dependance package"
    fi
    sudo dpkg -i /tmp/python-nacl.deb || true
    sudo dpkg -i /tmp/python-ujson.deb || true
 }
 GET_DEBIAN_VERSION() {
    debian_version=$(sudo lsb_release -sc)
    test -z $debian_version && ynh_die "Can't find debian version"
    test $debian_version == 'jessie' || ynh_die "This package is not available for your debian version"
 }
 enable_backport_repos() {
    if [[ -z "$(grep -e "^deb .*/.* $debian_version-backports main" /etc/apt/sources.list ; grep -e "^deb .*/.* $debian_version-backports main" /etc/apt/sources.list.d/*)" ]]
    then
        echo "deb $(grep -m 1 "^deb .* $debian_version .*main" /etc/apt/sources.list | cut -d ' ' -f2) $debian_version-backports main contrib non-free" | sudo tee -a "/etc/apt/sources.list"
    fi
    ynh_package_update
 }
 set_access() { # example : set_access USER FILE
 user="$1"
 file_to_set="$2"
 while [[ 0 ]]
 do    
    path_to_set=""
    oldIFS="$IFS"
    IFS="/"
    for dirname in $file_to_set
    do
        if [[ -n "$dirname" ]]
        then
            sudo test -f "$path_to_set"/"$dirname" && sudo setfacl -m d:u:$user:r "$path_to_set"
            path_to_set="$path_to_set/$dirname"
            if $(sudo sudo -u $user test ! -r "$path_to_set")
            then
                sudo test -d "$path_to_set" && sudo setfacl -m user:$user:rx  "$path_to_set"
                sudo test -f "$path_to_set" && sudo setfacl -m user:$user:r  "$path_to_set"
            fi
        fi
    done
    IFS="$oldIFS"
    if $(sudo test -L "$file_to_set")
    then
        if [[ -n "$(sudo readlink "$file_to_set" | grep -e "^/")" ]]
        then
            file_to_set=$(sudo readlink "$file_to_set") # If it is an absolute path
        else
            file_to_set=$(sudo realpath -s -m "$(echo "$file_to_set" | cut -d'/' -f-$(echo "$file_to_set" | grep -o '/' | wc -l))/$(sudo readlink "$file_to_set")") # If it is an relative path (we get with realpath the absolute path)
        fi
    else
        break
    fi
 done
 }
 CHECK_VAR () {	# Vérifie que la variable n'est pas vide.
 # $1 = Variable à vérifier
 # $2 = Texte à afficher en cas d'erreur
 	test -n "$1" || (echo "$2" >&2 && false)
 }
 CHECK_PATH () {	# Vérifie la présence du / en début de path. Et son absence à la fin.
 	if [ "${path:0:1}" != "/" ]; then    # Si le premier caractère n'est pas un /
 		path="/$path"    # Ajoute un / en début de path
 	fi
 	if [ "${path:${#path}-1}" == "/" ] && [ ${#path} -gt 1 ]; then    # Si le dernier caractère est un / et que ce n'est pas le seul caractère.
 		path="${path:0:${#path}-1}"	# Supprime le dernier caractère
 	fi
 }
 CHECK_DOMAINPATH () {	# Vérifie la disponibilité du path et du domaine.
 	sudo yunohost app checkurl $domain$path -a $app
 }
 CHECK_FINALPATH () {	# Vérifie que le dossier de destination n'est pas déjà utilisé.
 	final_path=/var/www/$app
 	if [ -e "$final_path" ]
 	then
 		echo "This path already contains a folder" >&2
 		false
 	fi
 }
 ### REMOVE SCRIPT
 REMOVE_NGINX_CONF () {	# Suppression de la configuration nginx
 	if [ -e "/etc/nginx/conf.d/$domain.d/$app.conf" ]; then	# Delete nginx config
 		echo "Delete nginx config"
 		sudo rm "/etc/nginx/conf.d/$domain.d/$app.conf"
 		sudo service nginx reload
 	fi
 }
 REMOVE_LOGROTATE_CONF () {	# Suppression de la configuration de logrotate
 	if [ -e "/etc/logrotate.d/$app" ]; then
 		echo "Delete logrotate config"
 		sudo rm "/etc/logrotate.d/$app"
 	fi
 }
 ######## End of common fonctions
 # Init script
 init_script
 # Retrieve arguments
-domain=$(ynh_app_setting_get $app domain)
+domain=$(ynh_app_setting_get $app special_domain)
 path=$(ynh_app_setting_get $app special_path)
 final_path=$(ynh_app_setting_get $app final_path)
 synapse_db_pwd=$(ynh_app_setting_get $app synapse_db_pwd)
 is_public=$(ynh_app_setting_get $app is_public)
 synapse_port=$(ynh_app_setting_get $app synapse_port)
 synapse_tls_port=$(ynh_app_setting_get $app synapse_tls_port)
 turnserver_tls_port=$(ynh_app_setting_get $app turnserver_tls_port)
 turnserver_pwd=$(ynh_app_setting_get $app turnserver_pwd)
-# Restore Nginx
+# Check domain/path availability
-conf=/etc/nginx/conf.d/$domain.d/$app.conf
+ynh_webpath_available $domain $path || ynh_die "$domain/$path is not available, please use an other domain."
 if [ -f $conf ]; then
    ynh_die "There is already a nginx conf file at this path: $conf"
 fi
 sudo cp -a ./nginx.conf "/etc/nginx/conf.d/${domain}.d/${app}.conf"
 # Make dh cert for synapse if it not exist
-test ! -e /etc/yunohost/certs/$domain/dh.pem && sudo openssl dhparam -out /etc/yunohost/certs/$domain/dh.pem 2048 > /dev/null
+test ! -e /etc/yunohost/certs/$domain/dh.pem && openssl dhparam -out /etc/yunohost/certs/$domain/dh.pem 2048 > /dev/null
 # Get Matrix key repos
 wget -q -O '/tmp/matrix-repo-key.asc' "https://matrix.org/packages/debian/repo-key.asc"
 sudo apt-key add "/tmp/matrix-repo-key.asc"
 echo "matrix-synapse matrix-synapse/server-name select $domain" | sudo debconf-set-selections # Configure dpkg for no questions
 echo "matrix-synapse matrix-synapse/report-stats select false" | sudo debconf-set-selections # Configure dpkg for no questions
 # Install coturn (the turn server)
 ynh_package_install coturn
 # Enable debian-backports repos
 enable_backport_repos
 # Enable Synapse repos
 if [[ -n "$(uname -m | grep arm)" ]]
 then
        # Use special conf for arm arch because some binary are not available in jessie backport or in matrix repos
        install_arm_package_dep
        ynh_package_install -t $debian_version-backports -f
        echo "deb [arch=i386] http://matrix.org/packages/debian/ $debian_version main" | sudo tee -a "/etc/apt/sources.list.d/matrix.list"
        ynh_package_update
 else
        echo "deb http://matrix.org/packages/debian/ $debian_version main" | sudo tee -a "/etc/apt/sources.list.d/matrix.list"
        ynh_package_update
 fi
 # Install synapse package
 # We neet to install python-cryptography to Solve a python error about dependance (from cryptography.hazmat.primitives.asymmetric.utils)
 ynh_package_install -t $debian_version-backports matrix-synapse python-matrix-synapse-ldap3 python-cryptography
 # Restaure la configuration de logrotate
 sudo cp -a ./logrotate /etc/logrotate.d/$app
 # Restore synapse config
 sudo cp -a ./synapse_config/. "/etc/matrix-synapse/."
 # Restore coturn server
 sudo cp -a ./coturn_config "/etc/turnserver.conf"
 sudo cp -a ./coturn_config_default "/etc/default/coturn"
 # Restore synapse database
 sudo cp -a ./data/. "/var/lib/matrix-synapse/."
 # Configure access for certificates
 set_access matrix-synapse /etc/yunohost/certs/$domain/crt.pem
 set_access matrix-synapse /etc/yunohost/certs/$domain/key.pem
 set_access matrix-synapse /etc/yunohost/certs/$domain/dh.pem
 set_access turnserver /etc/yunohost/certs/$domain/crt.pem
 set_access turnserver /etc/yunohost/certs/$domain/key.pem
 set_access turnserver /etc/yunohost/certs/$domain/dh.pem
 # Ouvre le port dans le firewall
-sudo yunohost firewall allow --no-upnp TCP $synapse_tls_port > /dev/null 2>&1
+yunohost firewall allow --no-upnp TCP $synapse_tls_port > /dev/null 2>&1
-sudo yunohost firewall allow --no-upnp Both $turnserver_tls_port > /dev/null 2>&1
+yunohost firewall allow --no-upnp Both $turnserver_tls_port > /dev/null 2>&1
-# Régénère la configuration de SSOwat
+# Install all dependances
-sudo yunohost app ssowatconf
+install_dependances
 # Create user
 ynh_system_user_create $synapse_user /var/lib/matrix-synapse
 # Create directory Install synapse in virtualenv
 install_from_source
 # Restore all config and data
 ynh_restore
 # Configure access for certificates
 set_certificat_access
 # Restore postgresql database
 ynh_psql_create_user $synapse_db_user $synapse_db_pwd
 ynh_psql_execute_as_root \
 "CREATE DATABASE $synapse_db_name
 ENCODING 'UTF8'
 LC_COLLATE='C'
 LC_CTYPE='C'
 template=template0
 OWNER $synapse_db_user;"
 su -c "psql $synapse_db_name" postgres < ${YNH_CWD}/dump.sql
 # Enable systemd service
 systemctl daemon-reload
 systemctl enable matrix-synapse.service
 # register yunohost service
 yunohost service add matrix-synapse
 # Reload webserver
-sudo service nginx reload
+systemctl reload nginx.service
-sudo service matrix-synapse restart
+systemctl restart matrix-synapse.service
-sudo service coturn restart
+systemctl restart coturn.service
--- a/scripts/upgrade
+++ b/scripts/upgrade
@ -1,67 +1,128 @@
 #!/bin/bash
 # Source YunoHost helpers
 source /usr/share/yunohost/helpers
 source ./psql.sh
 # Stop script if errors
 ynh_abort_if_errors
 # Import common cmd
 source ./_common.sh
 # Init script
 init_script
 # Retrieve arguments
-domain=$(ynh_app_setting_get $app domain)
+domain=$(ynh_app_setting_get $app special_domain)
-path=$(ynh_app_setting_get $app path)
+path=$(ynh_app_setting_get $app special_path)
 final_path=$(ynh_app_setting_get $app final_path)
 synapse_old_version=$(ynh_app_setting_get $app synapse_version)
 synapse_db_pwd=$(ynh_app_setting_get $app synapse_db_pwd)
 is_public=$(ynh_app_setting_get $app is_public)
 synapse_port=$(ynh_app_setting_get $app synapse_port)
 synapse_tls_port=$(ynh_app_setting_get $app synapse_tls_port)
 turnserver_tls_port=$(ynh_app_setting_get $app turnserver_tls_port)
 turnserver_pwd=$(ynh_app_setting_get $app turnserver_pwd)
-CHECK_PATH	# Vérifie et corrige la syntaxe du path.
+systemctl stop matrix-synapse.service
-if [[ -n "$(uname -m | grep arm)" ]]
+if [[ -z $synapse_old_version ]]
 then
-    install_arm_package_dep
+	ynh_die "Update from this version is not available now. You need to wait for the next update."
 	##  We move from debian package to new package with python virtualenv
 	# Change settings
 	path="/_matrix"
 	domain=$(ynh_app_setting_get $app domain)
 	final_path="/opt/yunohost/matrix-synapse"
 	ynh_app_setting_set $app special_domain $domain
 	ynh_app_setting_set $app special_path $path
 	ynh_app_setting_set $app final_path $final_path
 	ynh_app_setting_delete $app domain
 	ynh_app_setting_delete $app path
 	ynh_app_setting_delete $app skipped_uris
 	# Remove old package and add new package as dependance
 	ynh_secure_remove /etc/apt/sources.list.d/matrix.list
 	ynh_package_autoremove --purge matrix-synapse python-matrix-synapse-ldap3 || true
 	# If we don't remove these line in dpkg config, dpkg fail on every new package install
 	sudo sed --in-place ':a;N;$!ba;s@matrix-synapse nogroup 755 /var/lib/matrix-synapse\n@@g' /var/lib/dpkg/statoverride
 	sudo sed --in-place ':a;N;$!ba;s@matrix-synapse nogroup 755 /var/log/matrix-synapse\n@@g' /var/lib/dpkg/statoverride
 	sudo sed --in-place ':a;N;$!ba;s@matrix-synapse nogroup 755 /etc/matrix-synapse\n@@g' /var/lib/dpkg/statoverride
 	# add new package as dependance and install dependance
 	install_dependances
 	# Create directory Install synapse in virtualenv
 	install_from_source
 	# Open access to server without a button the home
 	cp ../conf/add_sso_conf.py $final_path
 	cp ../conf/remove_sso_conf.py $final_path
 	python $final_path/add_sso_conf.py
 	# Create user
 	ynh_system_user_create $synapse_user /var/lib/matrix-synapse
 	# Create systemd service
 	ynh_secure_remove /etc/init.d/matrix-synapse
 	ynh_secure_remove /lib/systemd/system/matrix-synapse.service
 	ynh_secure_remove /etc/systemd/system/matrix-synapse.service
 	systemctl daemon-reload
 	systemctl disable matrix-synapse.service
 	cp ../conf/default_matrix-synapse /etc/default/matrix-synapse
 	cp ../conf/matrix-synapse.service /etc/systemd/system/
 	systemctl daemon-reload
 	systemctl enable matrix-synapse.service
 	# Configuration de logrotate
 	ynh_use_logrotate /var/log/matrix-synapse/
 	# register yunohost service
 	yunohost service add matrix-synapse
 	## Move to postgresql from sqlite
 	# We create the new settings
 	synapse_db_pwd=$(ynh_string_random 30)
 	ynh_app_setting_set $app synapse_db_pwd $synapse_db_pwd
 	# Create postgresql database
 	ynh_psql_create_user $synapse_db_user $synapse_db_pwd
 	ynh_psql_execute_as_root \
 	"CREATE DATABASE $synapse_db_name ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' template=template0 OWNER $synapse_db_user;"
 	# Create config file for synapse with postgresql
 	config_synapse
 	# Migrate database
 	/opt/yunohost/matrix-synapse/bin/synapse_port_db --sqlite-database /var/lib/matrix-synapse/homeserver.db \
 	--postgres-config /etc/matrix-synapse/homeserver.yaml
 fi
-# Et copie le fichier de config nginx
+# Update nginx config
-sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf
+config_nginx
 # Modifie les variables dans le fichier de configuration nginx
 sudo sed -i "s@__PATH__@$path@g" /etc/nginx/conf.d/$domain.d/$app.conf
 sudo sed -i "s@__PORT__@$synapse_port@g" /etc/nginx/conf.d/$domain.d/$app.conf
 # Configure Synapse
-sudo cp ../conf/homeserver.yaml /etc/matrix-synapse/homeserver.yaml
+config_synapse
 sudo sed -i "s@__DOMAIN__@$domain@g" /etc/matrix-synapse/homeserver.yaml
 sudo sed -i "s@__PORT__@$synapse_port@g" /etc/matrix-synapse/homeserver.yaml
 sudo sed -i "s@__TLS_PORT__@$synapse_tls_port@g" /etc/matrix-synapse/homeserver.yaml
 sudo sed -i "s@__TURNSERVER_TLS_PORT__@$turnserver_tls_port@g" /etc/matrix-synapse/homeserver.yaml
 sudo sed -i "s@__TURNPWD__@$turnserver_pwd@g" /etc/matrix-synapse/homeserver.yaml
 # Configure access for certificates
-set_access matrix-synapse /etc/yunohost/certs/$domain/crt.pem
+set_certificat_access
 set_access matrix-synapse /etc/yunohost/certs/$domain/key.pem
 set_access matrix-synapse /etc/yunohost/certs/$domain/dh.pem
 set_access turnserver /etc/yunohost/certs/$domain/crt.pem
 set_access turnserver /etc/yunohost/certs/$domain/key.pem
 set_access turnserver /etc/yunohost/certs/$domain/dh.pem
 if [ "$is_public" = "0" ]
 then
    sudo sed -i "s@__ALLOWED_ACCESS__@False@g" /etc/matrix-synapse/homeserver.yaml
 else
    sudo sed -i "s@__ALLOWED_ACCESS__@True@g" /etc/matrix-synapse/homeserver.yaml
 fi
 # Configure Coturn
-sudo cp ../conf/turnserver.conf /etc/turnserver.conf
+config_coturn
-sudo sed -i "s@__TURNPWD__@$turnserver_pwd@g" /etc/turnserver.conf
+
-sudo sed -i "s@__DOMAIN__@$domain@g" /etc/turnserver.conf
+# Upgrade manually Synapse
-sudo sed -i "s@__TLS_PORT__@$turnserver_tls_port@g" /etc/turnserver.conf
+PS1=""
 source $final_path/bin/activate
 pip install --upgrade pip
 pip install --upgrade setuptools
 pip install --upgrade https://github.com/matrix-org/synapse/tarball/master
 # Set new settings
 ynh_app_setting_set $app synapse_version $synapse_version
 # Régénère la configuration de SSOwat
 sudo yunohost app ssowatconf
 # Recharge la configuration Nginx
-sudo service nginx reload
+systemctl reload nginx.service
-sudo service matrix-synapse restart
+systemctl start matrix-synapse.service
-sudo service coturn restart
+systemctl restart coturn.service
		`@ -0,0 +1,3 @@`
							`# Specify environment variables used when running Synapse`
							`# SYNAPSE_CACHE_FACTOR=1 (default)`