Fix

.github/ISSUE_TEMPLATE.md

@@ -0,0 +1,55 @@
+---
+name: Bug report
+about: When creating a bug report, please use the following template to provide all the relevant information and help debugging efficiently.
+
+---
+
+**How to post a meaningful bug report**
+1. *Read this whole template first.*
+2. *Determine if you are on the right place:*
+   - *If you were performing an action on the app from the webadmin or the CLI (install, update, backup, restore, change_url...), you are on the right place!*
+   - *Otherwise, the issue may be due to the app itself. Refer to its documentation or repository for help.*
+   - *When in doubt, post here and we will figure it out together.*
+3. *Delete the italic comments as you write over them below, and remove this guide.*
+--- 
+
+### Describe the bug
+
+*A clear and concise description of what the bug is.*
+
+### Context
+
+- Hardware: *VPS bought online / Old laptop or computer / Raspberry Pi at home / Internet Cube with VPN / Other ARM board / ...*
+- YunoHost version: x.x.x
+- I have access to my server: *Through SSH | through the webadmin | direct access via keyboard / screen | ...*
+- Are you in a special context or did you perform some particular tweaking on your YunoHost instance?: *no / yes*
+  - If yes, please explain:
+- Using, or trying to install package version/branch:
+- If upgrading, current package version: *can be found in the admin, or with `yunohost app info $app_id`*
+
+### Steps to reproduce
+
+- *If you performed a command from the CLI, the command itself is enough. For example:*
+    ```sh
+    sudo yunohost app install the_app
+    ```
+- *If you used the webadmin, please perform the equivalent command from the CLI first.*
+- *If the error occurs in your browser, explain what you did:*
+   1. *Go to '...'*
+   2. *Click on '...'*
+   3. *Scroll down to '...'*
+   4. *See error*
+
+### Expected behavior
+
+*A clear and concise description of what you expected to happen. You can remove this section if the command above is enough to understand your intent.*
+
+### Logs
+
+*When an operation fails, YunoHost provides a simple way to share the logs.*
+- *In the webadmin, the error message contains a link to the relevant log page. On that page, you will be able to 'Share with Yunopaste'. If you missed it, the logs of previous operations are also available under Tools > Logs.*
+- *In command line, the command to share the logs is displayed at the end of the operation and looks like `yunohost log display [log name] --share`. If you missed it, you can find the log ID of a previous operation using `yunohost log list`.*
+
+*After sharing the log, please copypaste directly the link provided by YunoHost (to help readability, no need to copypaste the entire content of the log here, just the link is enough...)*
+
+*If applicable and useful, add screenshots to help explain your problem.*

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,16 @@
+## Problem
+
+- *Description of why you made this PR*
+
+## Solution
+
+- *And how do you fix that problem*
+
+## PR Status
+
+- [ ] Code finished and ready to be reviewed/tested
+- [ ] The fix/enhancement were manually tested (if applicable)
+
+## Automatic tests
+
+Automatic tests can be triggered on https://ci-apps-dev.yunohost.org/ *after creating the PR*, by commenting "!testme", "!gogogadgetoci" or "By the power of systemd, I invoke The Great App CI to test this Pull Request!". (N.B. : for this to work you need to be a member of the Yunohost-Apps organization)

.github/workflows/updater.sh

@@ -0,0 +1,136 @@
+#!/bin/bash
+
+#=================================================
+# PACKAGE UPDATING HELPER
+#=================================================
+
+# This script is meant to be run by GitHub Actions
+# The YunoHost-Apps organisation offers a template Action to run this script periodically
+# Since each app is different, maintainers can adapt its contents so as to perform
+# automatic actions when a new upstream release is detected.
+
+# Remove this exit command when you are ready to run this Action
+#exit 1
+
+#=================================================
+# FETCHING LATEST RELEASE AND ITS ASSETS
+#=================================================
+
+# Fetching information
+current_version=$(cat manifest.json | jq -j '.version|split("~")[0]')
+repo=$(cat manifest.json | jq -j '.upstream.code|split("https://github.com/")[1]')
+# Some jq magic is needed, because the latest upstream release is not always the latest version (e.g. security patches for older versions)
+version=$(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '.[] | select( .prerelease != true ) | .tag_name' | sort -V | tail -1)
+assets=($(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '[ .[] | select(.tag_name=="'$version'").assets[].browser_download_url ] | join(" ") | @sh' | tr -d "'"))
+
+# Later down the script, we assume the version has only digits and dots
+# Sometimes the release name starts with a "v", so let's filter it out.
+# You may need more tweaks here if the upstream repository has different naming conventions. 
+if [[ ${version:0:1} == "v" || ${version:0:1} == "V" ]]; then
+    version=${version:1}
+fi
+
+# Setting up the environment variables
+echo "Current version: $current_version"
+echo "Latest release from upstream: $version"
+echo "VERSION=$version" >> $GITHUB_ENV
+# For the time being, let's assume the script will fail
+echo "PROCEED=false" >> $GITHUB_ENV
+
+# Proceed only if the retrieved version is greater than the current one
+if ! dpkg --compare-versions "$current_version" "lt" "$version" ; then
+    echo "::warning ::No new version available"
+    exit 0
+# Proceed only if a PR for this new version does not already exist
+elif git ls-remote -q --exit-code --heads https://github.com/$GITHUB_REPOSITORY.git ci-auto-update-v$version ; then
+    echo "::warning ::A branch already exists for this update"
+    exit 0
+fi
+
+# Each release can hold multiple assets (e.g. binaries for different architectures, source code, etc.)
+echo "${#assets[@]} available asset(s)"
+
+#=================================================
+# UPDATE SOURCE FILES
+#=================================================
+
+# Here we use the $assets variable to get the resources published in the upstream release.
+# Here is an example for Grav, it has to be adapted in accordance with how the upstream releases look like.
+
+# Let's loop over the array of assets URLs
+for asset_url in ${assets[@]}; do
+
+echo "Handling asset at $asset_url"
+
+# Assign the asset to a source file in conf/ directory
+# Here we base the source file name upon a unique keyword in the assets url (admin vs. update)
+# Leave $src empty to ignore the asset
+case $asset_url in
+  *"admin"*)
+    src="app"
+    ;;
+  *"update"*)
+    src="app-upgrade"
+    ;;
+  *)
+    src=""
+    ;;
+esac
+
+# If $src is not empty, let's process the asset
+if [ ! -z "$src" ]; then
+
+# Create the temporary directory
+tempdir="$(mktemp -d)"
+
+# Download sources and calculate checksum
+filename=${asset_url##*/}
+curl --silent -4 -L $asset_url -o "$tempdir/$filename"
+checksum=$(sha256sum "$tempdir/$filename" | head -c 64)
+
+# Delete temporary directory
+rm -rf $tempdir
+
+# Get extension
+if [[ $filename == *.tar.gz ]]; then
+  extension=tar.gz
+else
+  extension=${filename##*.}
+fi
+
+# Rewrite source file
+cat <<EOT > conf/$src.src
+SOURCE_URL=$asset_url
+SOURCE_SUM=$checksum
+SOURCE_SUM_PRG=sha256sum
+SOURCE_FORMAT=$extension
+SOURCE_IN_SUBDIR=true
+SOURCE_FILENAME=
+EOT
+echo "... conf/$src.src updated"
+
+else
+echo "... asset ignored"
+fi
+
+done
+
+#=================================================
+# SPECIFIC UPDATE STEPS
+#=================================================
+
+# Any action on the app's source code can be done.
+# The GitHub Action workflow takes care of committing all changes after this script ends.
+
+#=================================================
+# GENERIC FINALIZATION
+#=================================================
+
+# Replace new version in manifest
+echo "$(jq -s --indent 4 ".[] | .version = \"$version~ynh1\"" manifest.json)" > manifest.json
+
+# No need to update the README, yunohost-bot takes care of it
+
+# The Action will proceed only if the PROCEED environment variable is set to true
+echo "PROCEED=true" >> $GITHUB_ENV
+exit 0

check_process

@@ -0,0 +1,28 @@
+;; Test complet
+	; Manifest
+		domain="domain.tld"
+		path="/path"
+		admin="john"
+		language="fr"
+		is_public=1
+		password="1Strong-Password"
+		port="666"
+	; Checks
+		pkg_linter=1
+		setup_sub_dir=1
+		setup_root=1
+		setup_nourl=0
+		setup_private=1
+		setup_public=1
+		upgrade=1
+		#upgrade=1	from_commit=CommitHash
+		backup_restore=1
+		multi_instance=0
+		change_url=1
+;;; Options
+Email=
+Notification=none
+;;; Upgrade options
+	; commit=CommitHash
+		name=Name and date of the commit.
+		manifest_arg=domain=DOMAIN&path=PATH&admin=USER&language=fr&is_public=1&password=pass&port=666&

conf/ccl-init.lisp

@@ -1,4 +0,0 @@
-#-quicklisp
-(let ((quicklisp-init (merge-pathnames "quicklisp/setup.lisp" (user-homedir-pathname))))
-  (when (probe-file quicklisp-init)
-    (load quicklisp-init)))

conf/config.yaml.default

@@ -1,71 +0,0 @@
----
-server:
-  # Per default, turtl will listen on all IP addresses
-  # You can choose the IP it will use with this parameter
-  host:
-  port: __PORT__
-
-db:
-  connstr: 'postgres://__DB_USER__:__DB_PWD__@127.0.0.1:5432/turtl'
-  pool: 24
-
-loglevel: 'debug'
-
-app:
-  # ALWAYS false in production. Always.
-  # Set to 'I UNDERSTAND THIS VIOLATES THE PRIVACY OF MY USERS' to enable
-  enable_bookmarker_proxy: false
-  # no trailing slash
-  api_url: 'http://api.__DOMAIN__:8181'
-  www_url: 'https://__DOMAIN__'
-  login:
-    # Max failed login attemps. Set to -1 to disable
-    max_attemps: 5
-    # User locked for this duration in seconds
-    lock_duration: 60
-  emails:
-    admin: 'admin@turtlapp.com'
-    info: 'Turtl <info@turtlapp.com>'
-    invites: 'invites@turtlapp.com'
-  # TODO: replace this with a long, unique value. seriously. write down a dream
-  # you had, or the short story you came up with during your creative writing
-  # class in your freshmen year of college. have fun with it.
-  secure_hash_salt: "Plaque is a figment of the liberal media and the dental industry to scare you into buying useless appliances and pastes. Now, I've read the arguments on both sides and I haven't found any evidence yet to support the need to brush your teeth. Ever."
-  # set to true if you think it's ok to SEND invites if you have not confirmed
-  # your account. great for testing, not so great for production. but what do
-  # i know...
-  allow_unconfirmed_invites: false
-
-sync:
-  # how many sync records can a client send at a time? it's a good idea to have
-  # a limit here, lest a rogue client flood the server with sync items
-  max_bulk_sync_records: 32
-
-plugins:
-  plugin_location: '/var/www/turtl/server/plugins'
-  # each key here corresponds to a folder name in the plugins folder, so `email`
-  # below would be a plugin at /var/www/turtl/server/plugins/email (see the
-  # example-plugins/ folder for an email plugin you can use)
-  email:
-    enabled: false
-    endpoint: 'smtps://user:password@smtp.gmail.com/?pool=true'
-    defaults: {}
-
-uploads:
-  # if set to a path, files will be uploaded to the local filesystem instead of
-  # S3. otherwise, set to false
-  local: '/var/www/turtl/server/public/uploads'
-  # if true, downloading local files will be proxied through the turtl server.
-  # this avoids needing to set up any CORS config in your favorite webserver,
-  # but may slightly affect performance on high-demand servers.
-  local_proxy: true
-  # if local_proxy is false, this is should be the url path the uploaded files
-  # are publicly available on
-  url: 'http://api.turtl.dev/uploads'
-
-s3:
-  token: 'IHADAPETSNAKEBUTHEDIEDNOOOOO'
-  secret: ''
-  bucket: ''
-  endpoint: 'https://s3.amazonaws.com'
-  pathstyle: false

conf/logrotate.conf

@@ -1,12 +0,0 @@
-/var/log/turtl/turtl.log
-{
-    rotate 7
-    daily
-    missingok
-    notifempty
-    delaycompress
-    compress
-    postrotate
-        service turtl restart
-    endscript
-}

conf/nginx.conf

@@ -1,6 +1,14 @@
-location __PATH__ {
-    proxy_set_header    Host $host;
-    proxy_pass http://127.0.0.1:__PORT____PATH__;
-    #--PRIVATE--# Include SSOWAT user panel.
-    include conf.d/yunohost_panel.conf.inc;
+location ^~ __PATH__/ {
+
+  proxy_pass        https://127.0.0.1:__PORT__;
+  proxy_redirect    off;
+  proxy_set_header  Host $host;
+  proxy_set_header  X-Real-IP $remote_addr;
+  proxy_set_header  X-Forwarded-Proto $scheme;
+  proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
+  proxy_set_header  X-Forwarded-Host $server_name;
+  
+  proxy_http_version 1.1;
+  proxy_set_header Upgrade $http_upgrade;
+  proxy_set_header Connection "upgrade";
 }

conf/quicklisp.lisp.asc

@@ -1,18 +0,0 @@
------BEGIN PGP SIGNATURE-----
-Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
-Comment: GPGTools - https://gpgtools.org
-
-iQIcBAABCgAGBQJUyVD2AAoJEDB5ZasCi1/3EYAQAIPm+dXrTCRgHA6aFZTc8VeB
-DoBFsQPlFsLeKjixy3wSalPhI751ItWyy3DOx1tRYpFN0aYGSRbiMuVUF9DVMsSB
-ROeNCg+f6lvtHuSokHKiZ95y8GarBqs4qguHi1Ir+n+inno4ZfE+8JvrxxQ9Lo4Z
-KGgRoyJceaVcku3lmQK131i2eOf8RZaHmXv24tHprXpnle0d74etXO0TAdmpk5R2
-OaeduaitR7o3cGT0JCS39rC5qH/H19jz9XkTjuLOGNqiKcX7XePTejdSLbT7FphN
-4G2uTN8Z5HiYy56OpcuLdjHlPFiThwmIId6NMO3PHNlVAeL5PMKzw9tZTQlw4C5E
-XKgL7gqC4L6Ys64/70IIBPo+L8TG74VkEbcWkNr3TCzAdz8x1Sa40YHRoVpRFK8M
-T+v/qMJ8sgHb9o1OsEniv8eCFyFNPd7AlrRYehWQqRaVCuFG//95jEGNI/ig7vjK
-v/z6tIyqi2e6zJPsJxAPJ8Y23jkTH4u5dvFct+k1fkZOCIpA/jLUT1RuWqLKTpOF
-pSlDVmrqjrhM+jVnFEyWOg/mkSmQsY0jfC2sVDpx4XEGq3PdBnKqpPBTL0L8s5sg
-YmqsGjMVk9IMCtylwuBlP5VGgoB8GmHGdhbeSKNxQJb75voDOiIS/sOP5+ACOxcA
-Yg8wz616XOOHpLNUki3j
-=yTd1
------END PGP SIGNATURE-----

conf/rsyslogd.conf

@@ -1,2 +0,0 @@
-if $programname == 'ccl' then /var/log/turtl/turtl.log
-if $programname == 'ccl' then ~

conf/systemd.service

@@ -9,6 +9,7 @@ Type=simple
 User=__APP__
 Group=__APP__
 WorkingDirectory=__FINALPATH__/api/
+Environment="PATH=__ENV_PATH__"
 ExecStart=/usr/bin/ccl -Q -b --load start.lisp
 Restart=on-failure
 

conf/turtl-preferences

@@ -1,7 +0,0 @@
-Package: libuv1-dev
-Pin: release a=jessie-backports
-Pin-Priority: 900
-
-Package: rethinkdb
-Pin: origin download.rethinkdb.com
-Pin-Priority: 900

conf/turtl.list

@@ -1 +0,0 @@
-deb http://http.debian.net/debian jessie-backports main

doc/DESCRIPTION.md

@@ -0,0 +1,20 @@
+Some long and extensive description of what the app is and does, lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.
+
+### Features
+
+- Different note types: text, bookmark, password, image, and file/document
+- Client-side cryptography to keep all of your data safe
+- Securely share with anyone without compromising the security of your data
+- Sharing allows different permissions ranging from read-only to full ownership of shared content
+- Find your notes easily. Turtl supports full-text search, filtering by tag (or lack of tag), and sort by create/edit date
+- Attach photos, files, and documents to your notes. Files are stored securely just like the rest of your data.
+- Browser extension makes bookmarking easy on desktop
+- Share to Turtl on Android for easy bookmarking and file uploads
+- Write notes in Markdown, an easy and natural way to format text
+- TeX math expressions in notes for math people (surround them by $$ to use)
+- Multiple translations (German, Spanish, French, and more)
+- RTL text support for our Farsi/Hebrew/etc-speaking friends
+- Export/import your entire profile for backup purposes or to move between servers
+- Semi-offline mode (you only need to be connected to log in)
+- A number of keyboard shortcuts for navigation the app without mouse (type ? in-app to see shortcuts)
+- An open-source server allows you to host your own Turtl data

doc/DISCLAIMER.md

@@ -0,0 +1,12 @@
+* Any known limitations, constrains or stuff not working, such as (but not limited to):
+    * requiring a full dedicated domain ?
+    * architectures not supported ?
+    * not-working single-sign on or LDAP integration ?
+    * the app requires an important amount of RAM / disk / .. to install or to work properly
+    * etc...
+
+* Other infos that people should be aware of, such as:
+    * any specific step to perform after installing (such as manually finishing the install, specific admin credentials, ...)
+    * how to configure / administrate the application if it ain't obvious
+    * upgrade process / specificities / things to be aware of ?
+    * security considerations ?

manifest.json

@@ -2,12 +2,19 @@
     "name": "Turtl",
     "id": "turtl",
     "packaging_format": 1,
-    "version": "0.01",
     "description": {
         "en": "Share notes, bookmarks, and documents for sensitive projects",
         "fr": "Partagez des notes, des marque-pages et autre documents pour des projets sensibles"
     },
+    "version": "1.0~ynh1",
     "url": "https://turtlapp.com/",
+    "upstream": {
+        "license": "MIT",
+        "website": "https://turtlapp.com/",
+        "demo": "https://demo.example.com",
+        "admindoc": "https://turtlapp.com/docs/",
+        "code": "https://github.com/turtl/server"
+    },
     "license": "MIT",
     "maintainer": {
         "name": "Luc Didry",

scripts/_common.sh

@@ -7,7 +7,7 @@
 # dependencies used by the app
 pkg_dependencies="postgresql"
 
-nodejs_version=14
+nodejs_version=12
 
 #=================================================
 # PERSONAL HELPERS

scripts/install

@@ -143,16 +143,7 @@ chown $app:$app "$final_path/config/config.yaml"
 #=================================================
 ynh_script_progression --message="Configuring a systemd service..." --time --weight=1
 
-### `ynh_systemd_config` is used to configure a systemd script for an app.
-### It can be used for apps that use sysvinit (with adaptation) or systemd.
-### Have a look at the app to be sure this app needs a systemd script.
-### `ynh_systemd_config` will use the file conf/systemd.service
-### If you're not using these lines:
-###     - You can remove those files in conf/.
-###     - Remove the section "BACKUP SYSTEMD" in the backup script
-###     - Remove also the section "STOP AND REMOVE SERVICE" in the remove script
-###     - As well as the section "RESTORE SYSTEMD" in the restore script
-###     - And the section "SETUP SYSTEMD" in the upgrade script
+ynh_replace_string --match_string="__ENV_PATH__" --replace_string="$PATH" --target_file="../conf/systemd.service"
 
 # Create a dedicated systemd config
 ynh_add_systemd_config