Merge pull request #34 from yalh76/testing

Upgrade to 2.48, LDAP support, change_url and other stuff

README.md

@@ -9,7 +9,7 @@ If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to
 ## Overview
 Wekan is an open-source kanban board (task manager and organizer)
 
-**Shipped version:** 2.09
+**Shipped version:** 2.48
 
 ## Screenshots
 
@@ -19,7 +19,7 @@ Wekan is an open-source kanban board (task manager and organizer)
 
 - This app **only works on x86, 64bits architecture** ! In particular, it won't work on 32 bit machines or ARM. See the discussion [here](https://github.com/YunoHost-Apps/wekan_ynh/issues/1#issuecomment-401612500). On the long term, [support for ARM64 might happen](https://blog.wekan.team/2018/01/wekan-progress-on-x64-and-arm/index.html)...
 
-- There is currently **no SSO/LDAP integration** though it might be integrated at some point in the app, now that it's supported in Meteor/Wekan. c.f. discussion in [here](https://github.com/YunoHost-Apps/wekan_ynh/issues/4). In the meantime, users can create accounts (in fact, they can create infinite number of accounts) manually, and need to login manually specifically in Wekan.
+- There is currently **no SSO integration** though it might be integrated at some point in the app, now that it's supported in Meteor/Wekan. In the meantime, users can create accounts (in fact, they can create infinite number of accounts) manually, and need to login manually specifically in Wekan.
 
 ## Infos
 
@@ -33,8 +33,6 @@ Wekan is an open-source kanban board (task manager and organizer)
 
 **Private/Public mode:** In private mode, only authorized YunoHost members can access to the wekan. 
 
-**SSO/LDAP:** SSO and LDAP are not configured.
-
 ## Configuration
 
 First registered user will be admin, and next ones normal users. If you want other admins too, you can change their permission to admin at Wekan Admin Panel.
@@ -45,6 +43,9 @@ First registered user will be admin, and next ones normal users. If you want oth
 
 ## YunoHost specific features
 
+#### Multi-users support
+
+LDAP is supported but HTTP auth is still not supported
 #### Supported architectures
 
 * x86-64b - [![Build Status](https://ci-apps.yunohost.org/ci/logs/wekan%20%28Community%29.svg)](https://ci-apps.yunohost.org/ci/apps/wekan/)

check_process

@@ -11,18 +11,19 @@
 		setup_private=1
 		setup_public=1
 		upgrade=1
+		upgrade=1	from_commit=4fe78843712dc1adc189830d2dde5f78bb17d747
 		backup_restore=1
 		multi_instance=1
 		incorrect_path=1
-		port_already_use=1
+		port_already_use=0
-		change_url=0
+		change_url=1
 ;;; Levels
 	Level 1=auto
 	Level 2=auto
 	Level 3=auto
 # Level 4: If the app supports LDAP and SSOwat, turn level 4 to '1' and add a link to an issue or a part of your code to show it.
 # If the app does not use LDAP nor SSOwat, and can't use them, turn level 4 to 'na' and explain as well.
-	#LDAP to be implemented in wekan_ynh: https://github.com/wekan/wekan/wiki/LDAP
+	#LDAP Implemented but not SSOwat
 	Level 4=0
 	Level 5=auto
 	Level 6=auto

conf/.env

@@ -0,0 +1,378 @@
+# The Node Environnement
+NODE_ENV=production
+
+# The path to NODEJS
+PATH=__NODEJS_PATH__
+
+# Activate Debug mode
+#DEBUG=true
+
+# URL of the mongodb
+MONGO_URL=mongodb://127.0.0.1:27017/__DB_NAME__
+
+# Root URL
+ROOT_URL=https://__DOMAIN_URI__
+
+# Mail URL
+MAIL_URL=smtp://localhost
+
+# This is local port where Wekan Node.js runs
+PORT=__PORT__
+
+#---------------------------------------------
+# Wekan Export Board works when WITH_API=true.
+# If you disable Wekan API with false, Export Board does not work.
+WITH_API='true'
+
+#---------------------------------------------
+# CORS: Set Access-Control-Allow-Origin header. Example: *
+#CORS=*
+
+#---------------------------------------------
+## Optional: Integration with Matomo https://matomo.org that is installed to your server
+## The address of the server where Matomo is hosted:
+# Example: MATOMO_ADDRESS=https://example.com/matomo
+#MATOMO_ADDRESS=
+
+## The value of the site ID given in Matomo server for Wekan
+# Example: MATOMO_SITE_ID=123456789
+#MATOMO_SITE_ID=''
+
+## The option do not track which enables users to not be tracked by matomo"
+#Example: MATOMO_DO_NOT_TRACK=false
+#MATOMO_DO_NOT_TRACK=true
+
+## The option that allows matomo to retrieve the username:
+# Example: MATOMO_WITH_USERNAME=true
+#MATOMO_WITH_USERNAME='false'
+
+#---------------------------------------------
+# Enable browser policy and allow one trusted URL that can have iframe that has Wekan embedded inside.
+# Setting this to false is not recommended, it also disables all other browser policy protections
+# and allows all iframing etc. See wekan/server/policy.js
+# Default value: true
+BROWSER_POLICY_ENABLED=true
+
+# When browser policy is enabled, HTML code at this Trusted URL can have iframe that embeds Wekan inside.
+# Example: TRUSTED_URL=http://example.com
+TRUSTED_URL=''
+
+# What to send to Outgoing Webhook, or leave out. Example, that includes all that are default: cardId,listId,oldListId,boardId,comment,user,card,commentId .
+# Example: WEBHOOKS_ATTRIBUTES=cardId,listId,oldListId,boardId,comment,user,card,commentId
+WEBHOOKS_ATTRIBUTES=''
+
+#---------------------------------------------
+# ==== OAUTH2 AZURE ====
+# https://github.com/wekan/wekan/wiki/Azure
+# 1) Register the application with Azure. Make sure you capture
+#    the application ID as well as generate a secret key.
+# 2) Configure the environment variables. This differs slightly
+#     by installation type, but make sure you have the following:
+#OAUTH2_ENABLED=true
+
+# Application GUID captured during app registration:
+#OAUTH2_CLIENT_ID=xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx
+
+# Secret key generated during app registration:
+#OAUTH2_SECRET=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+#OAUTH2_SERVER_URL=https://login.microsoftonline.com/
+#OAUTH2_AUTH_ENDPOINT=/oauth2/v2.0/authorize
+#OAUTH2_USERINFO_ENDPOINT=https://graph.microsoft.com/oidc/userinfo
+#OAUTH2_TOKEN_ENDPOINT=/oauth2/v2.0/token
+
+# The claim name you want to map to the unique ID field:
+#OAUTH2_ID_MAP=email
+
+# The claim name you want to map to the username field:
+#OAUTH2_USERNAME_MAP=email
+
+# The claim name you want to map to the full name field:
+#OAUTH2_FULLNAME_MAP=name
+
+# The claim name you want to map to the email field:
+#OAUTH2_EMAIL_MAP=email
+
+#-----------------------------------------------------------------
+# ==== OAUTH2 KEYCLOAK ====
+# https://github.com/wekan/wekan/wiki/Keycloak  <== MAPPING INFO, REQUIRED
+#OAUTH2_ENABLED=true
+#OAUTH2_CLIENT_ID=<Keycloak create Client ID>
+#OAUTH2_SERVER_URL=<Keycloak server name>/auth
+#OAUTH2_AUTH_ENDPOINT=/realms/<keycloak realm>/protocol/openid-connect/auth
+#OAUTH2_USERINFO_ENDPOINT=/realms/<keycloak realm>/protocol/openid-connect/userinfo
+#OAUTH2_TOKEN_ENDPOINT=/realms/<keycloak realm>/protocol/openid-connect/token
+#OAUTH2_SECRET=<keycloak client secret>
+
+#-----------------------------------------------------------------
+# ==== OAUTH2 DOORKEEPER ====
+# https://github.com/wekan/wekan/issues/1874
+# https://github.com/wekan/wekan/wiki/OAuth2
+# Enable the OAuth2 connection
+#OAUTH2_ENABLED=true
+
+# OAuth2 docs: https://github.com/wekan/wekan/wiki/OAuth2
+# OAuth2 Client ID.
+#OAUTH2_CLIENT_ID=abcde12345
+
+# OAuth2 Secret.
+#OAUTH2_SECRET=54321abcde
+
+# OAuth2 Server URL.
+#OAUTH2_SERVER_URL=https://chat.example.com
+
+# OAuth2 Authorization Endpoint.
+#OAUTH2_AUTH_ENDPOINT=/oauth/authorize
+
+# OAuth2 Userinfo Endpoint.
+#OAUTH2_USERINFO_ENDPOINT=/oauth/userinfo
+
+# OAuth2 Token Endpoint.
+#OAUTH2_TOKEN_ENDPOINT=/oauth/token
+
+# OAuth2 ID Mapping
+#OAUTH2_ID_MAP=
+
+# OAuth2 Username Mapping
+#OAUTH2_USERNAME_MAP=
+
+# OAuth2 Fullname Mapping
+#OAUTH2_FULLNAME_MAP=
+
+# OAuth2 Email Mapping
+#OAUTH2_EMAIL_MAP=
+
+#---------------------------------------------
+# LDAP_ENABLE : Enable or not the connection by the LDAP
+# example :  LDAP_ENABLE=true
+#LDAP_ENABLE=false
+LDAP_ENABLE=true
+
+# LDAP_PORT : The port of the LDAP server
+# example :  LDAP_PORT=389
+#LDAP_PORT=389
+LDAP_PORT=389
+
+# LDAP_HOST : The host server for the LDAP server
+# example :  LDAP_HOST=localhost
+#LDAP_HOST=
+LDAP_HOST=localhost
+
+# LDAP_BASEDN : The base DN for the LDAP Tree
+# example :  LDAP_BASEDN=ou=user,dc=example,dc=org
+#LDAP_BASEDN=
+LDAP_BASEDN=dc=yunohost,dc=org
+
+# LDAP_LOGIN_FALLBACK : Fallback on the default authentication method
+# example :  LDAP_LOGIN_FALLBACK=true
+#LDAP_LOGIN_FALLBACK=false
+LDAP_LOGIN_FALLBACK=true
+
+# LDAP_RECONNECT : Reconnect to the server if the connection is lost
+# example :  LDAP_RECONNECT=false
+#LDAP_RECONNECT=true
+LDAP_RECONNECT=true
+
+# LDAP_TIMEOUT : Overall timeout, in milliseconds
+# example :  LDAP_TIMEOUT=12345
+#LDAP_TIMEOUT=10000
+LDAP_TIMEOUT=10000
+
+# LDAP_IDLE_TIMEOUT : Specifies the timeout for idle LDAP connections in milliseconds
+# example :  LDAP_IDLE_TIMEOUT=12345
+#LDAP_IDLE_TIMEOUT=10000
+LDAP_IDLE_TIMEOUT=10000
+
+# LDAP_CONNECT_TIMEOUT : Connection timeout, in milliseconds
+# example :  LDAP_CONNECT_TIMEOUT=12345
+#LDAP_CONNECT_TIMEOUT=10000
+LDAP_CONNECT_TIMEOUT=10000
+
+# LDAP_AUTHENTIFICATION : If the LDAP needs a user account to search
+# example :  LDAP_AUTHENTIFICATION=true
+#LDAP_AUTHENTIFICATION=false
+LDAP_AUTHENTIFICATION=false
+
+# LDAP_AUTHENTIFICATION_USERDN : The search user DN
+# example :  LDAP_AUTHENTIFICATION_USERDN=cn=admin,dc=example,dc=org
+#LDAP_AUTHENTIFICATION_USERDN=
+
+# LDAP_AUTHENTIFICATION_PASSWORD : The password for the search user
+# example : AUTHENTIFICATION_PASSWORD=admin
+#LDAP_AUTHENTIFICATION_PASSWORD=
+
+# LDAP_LOG_ENABLED : Enable logs for the module
+# example :  LDAP_LOG_ENABLED=true
+#LDAP_LOG_ENABLED=false
+LDAP_LOG_ENABLED=true
+
+# LDAP_BACKGROUND_SYNC : If the sync of the users should be done in the background
+# example :  LDAP_BACKGROUND_SYNC=true
+#LDAP_BACKGROUND_SYNC=false
+LDAP_BACKGROUND_SYNC=true
+
+# LDAP_BACKGROUND_SYNC_INTERVAL : At which interval does the background task sync in milliseconds
+# example :  LDAP_BACKGROUND_SYNC_INTERVAL=12345
+#LDAP_BACKGROUND_SYNC_INTERVAL=100
+LDAP_BACKGROUND_SYNC_INTERVAL=100
+
+# LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED :
+# example :  LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=true
+#LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=false
+LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=true
+
+# LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS :
+# example :  LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=true
+#LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=false
+LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=true
+
+# LDAP_ENCRYPTION : If using LDAPS
+# example :  LDAP_ENCRYPTION=ssl
+#LDAP_ENCRYPTION=false
+
+# LDAP_CA_CERT : The certification for the LDAPS server. Certificate needs to be included in this docker-compose.yml file.
+# example :  LDAP_CA_CERT=-----BEGIN CERTIFICATE-----MIIE+zCCA+OgAwIBAgIkAhwR/6TVLmdRY6hHxvUFWc0+Enmu/Hu6cj+G2FIdAgIC...-----END CERTIFICATE-----
+#LDAP_CA_CERT=
+
+# LDAP_REJECT_UNAUTHORIZED : Reject Unauthorized Certificate
+# example :  LDAP_REJECT_UNAUTHORIZED=true
+#LDAP_REJECT_UNAUTHORIZED=false
+
+# LDAP_USER_SEARCH_FILTER : Optional extra LDAP filters. Don't forget the outmost enclosing parentheses if needed
+# example :  LDAP_USER_SEARCH_FILTER=
+#LDAP_USER_SEARCH_FILTER=
+LDAP_USER_SEARCH_FILTER="(objectclass=posixAccount)"
+
+# LDAP_USER_SEARCH_SCOPE : base (search only in the provided DN), one (search only in the provided DN and one level deep), or sub (search the whole subtree)
+# example :  LDAP_USER_SEARCH_SCOPE=one
+#LDAP_USER_SEARCH_SCOPE=
+LDAP_USER_SEARCH_SCOPE=sub
+
+# LDAP_USER_SEARCH_FIELD : Which field is used to find the user
+# example :  LDAP_USER_SEARCH_FIELD=uid
+#LDAP_USER_SEARCH_FIELD=
+LDAP_USER_SEARCH_FIELD=uid
+
+# LDAP_SEARCH_PAGE_SIZE : Used for pagination (0=unlimited)
+# example :  LDAP_SEARCH_PAGE_SIZE=12345
+#LDAP_SEARCH_PAGE_SIZE=0
+LDAP_SEARCH_PAGE_SIZE=0
+
+# LDAP_SEARCH_SIZE_LIMIT : The limit number of entries (0=unlimited)
+# example :  LDAP_SEARCH_SIZE_LIMIT=12345
+#LDAP_SEARCH_SIZE_LIMIT=0
+LDAP_SEARCH_SIZE_LIMIT=0
+
+# LDAP_GROUP_FILTER_ENABLE : Enable group filtering
+# example :  LDAP_GROUP_FILTER_ENABLE=true
+#LDAP_GROUP_FILTER_ENABLE=false
+LDAP_GROUP_FILTER_ENABLE=true
+
+# LDAP_GROUP_FILTER_OBJECTCLASS : The object class for filtering
+# example :  LDAP_GROUP_FILTER_OBJECTCLASS=group
+#LDAP_GROUP_FILTER_OBJECTCLASS=
+LDAP_GROUP_FILTER_OBJECTCLASS=posixGroup
+
+# LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE :
+# example :
+#LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE=
+LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE=cn
+
+# LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE :
+# example :
+#LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE=
+LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE=memberUid
+
+# LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT :
+# example :
+#LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT=
+LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT=uid
+
+# LDAP_GROUP_FILTER_GROUP_NAME :
+# example : LDAP_GROUP_FILTER_GROUP_NAME=wekan_user
+#LDAP_GROUP_FILTER_GROUP_NAME=
+LDAP_GROUP_FILTER_GROUP_NAME=sftpusers
+
+# LDAP_UNIQUE_IDENTIFIER_FIELD : This field is sometimes class GUID (Globally Unique Identifier)
+# example :  LDAP_UNIQUE_IDENTIFIER_FIELD=guid
+#LDAP_UNIQUE_IDENTIFIER_FIELD=
+LDAP_UNIQUE_IDENTIFIER_FIELD=entryUUID
+
+# LDAP_UTF8_NAMES_SLUGIFY : Convert the username to utf8
+# example :  LDAP_UTF8_NAMES_SLUGIFY=false
+#LDAP_UTF8_NAMES_SLUGIFY=true
+LDAP_UTF8_NAMES_SLUGIFY=true
+
+# LDAP_USERNAME_FIELD : Which field contains the ldap username
+# example :  LDAP_USERNAME_FIELD=username
+#LDAP_USERNAME_FIELD=
+LDAP_USERNAME_FIELD=uid
+
+# LDAP_FULLNAME_FIELD : Which field contains the ldap fullname
+# example :  LDAP_FULLNAME_FIELD=fullname
+#LDAP_FULLNAME_FIELD=
+LDAP_FULLNAME_FIELD=cn
+
+# LDAP_MERGE_EXISTING_USERS :
+# example :  LDAP_MERGE_EXISTING_USERS=true
+#LDAP_MERGE_EXISTING_USERS=false
+LDAP_MERGE_EXISTING_USERS=true
+
+# LDAP_EMAIL_MATCH_ENABLE : allow existing account matching by e-mail address when username does not match
+# example: LDAP_EMAIL_MATCH_ENABLE=true
+#LDAP_EMAIL_MATCH_ENABLE=false
+LDAP_EMAIL_MATCH_ENABLE=true
+
+# LDAP_EMAIL_MATCH_REQUIRE : require existing account matching by e-mail address when username does match
+# example: LDAP_EMAIL_MATCH_REQUIRE=true
+#LDAP_EMAIL_MATCH_REQUIRE=false
+LDAP_EMAIL_MATCH_REQUIRE=false
+
+# LDAP_EMAIL_MATCH_VERIFIED : require existing account email address to be verified for matching
+# example: LDAP_EMAIL_MATCH_VERIFIED=true
+#LDAP_EMAIL_MATCH_VERIFIED=false
+LDAP_EMAIL_MATCH_VERIFIED=false
+
+# LDAP_EMAIL_FIELD : which field contains the LDAP e-mail address
+# example: LDAP_EMAIL_FIELD=mail
+#LDAP_EMAIL_FIELD=
+LDAP_EMAIL_FIELD=mail
+
+# LDAP_SYNC_USER_DATA :
+# example :  LDAP_SYNC_USER_DATA=true
+#LDAP_SYNC_USER_DATA=false
+LDAP_SYNC_USER_DATA=true
+
+# LDAP_SYNC_USER_DATA_FIELDMAP :
+# example :  LDAP_SYNC_USER_DATA_FIELDMAP={"cn":"name", "mail":"email"}
+#LDAP_SYNC_USER_DATA_FIELDMAP=
+LDAP_SYNC_USER_DATA_FIELDMAP={"cn":"name"}
+
+# LDAP_SYNC_GROUP_ROLES :
+# example :
+#LDAP_SYNC_GROUP_ROLES=
+LDAP_SYNC_GROUP_ROLES=admins
+
+# LDAP_DEFAULT_DOMAIN : The default domain of the ldap it is used to create email if the field is not map correctly with the LDAP_SYNC_USER_DATA_FIELDMAP
+# example :
+#LDAP_DEFAULT_DOMAIN=
+
+# Enable/Disable syncing of admin status based on ldap groups:
+#LDAP_SYNC_ADMIN_STATUS=true
+LDAP_SYNC_ADMIN_STATUS=true
+
+# Comma separated list of admin group names to sync.
+#LDAP_SYNC_ADMIN_GROUPS=group1,group2
+LDAP_SYNC_ADMIN_GROUPS=admins
+
+# LOGOUT_WITH_TIMER : Enables or not the option logout with timer
+# example : LOGOUT_WITH_TIMER=true
+#LOGOUT_WITH_TIMER=
+
+# LOGOUT_IN : The number of days
+# example : LOGOUT_IN=1
+#LOGOUT_IN=
+#LOGOUT_ON_HOURS=
+
+# LOGOUT_ON_MINUTES : The number of minutes
+# example : LOGOUT_ON_MINUTES=55
+#LOGOUT_ON_MINUTES=

conf/app.src

@@ -1,7 +1,7 @@
 # This is on YunoHost server just to avoid the file from disappearing
 # Original source is https://releases.wekan.team/
-SOURCE_URL=https://build.yunohost.org/apps/wekan-2.09.tar.gz
+SOURCE_URL=https://github.com/yalh76/wekan_ynh/releases/download/v2.48/wekan-2.48.tar.gz
-SOURCE_SUM=1956dd19f17d76a6d820a15bcf93a3eb12172f9f5cb1dd40d9925b977e8f930d
+SOURCE_SUM=1d6ae104487cb29029e6187531432a9c3dd2d9c4e1aef4f848ae48286010b0e8
 SOURCE_SUM_PRG=sha256sum
 ARCH_FORMAT=tar.gz
 SOURCE_IN_SUBDIR=true

conf/nginx.conf

@@ -6,6 +6,7 @@ location __PATH__
     
     proxy_pass http://127.0.0.1:__PORT__;
     proxy_http_version 1.1;
+    proxy_set_header Accept-Encoding "";
     
     # allow websockets
     proxy_set_header Upgrade $http_upgrade;
@@ -22,7 +23,7 @@ location __PATH__
     # on every applicaiton update the name of CSS and JS file is different, 
     # so they can be cache infinitely (here: 30 days)
     # the root path MUST NOT be cached
-    if ($uri != '/wekan') 
+    if ($uri != '__PATH__') 
     {
         expires 30d;
     }

conf/systemd.service

@@ -7,12 +7,9 @@ After=network.target mongodb.service
 Type=simple
 User=__APP__
 Group=__APP__
-Environment="PATH=__ENV_PATH__"
+EnvironmentFile=__FINALPATH__/.env
-Environment=NODE_ENV=production
-Environment=MONGO_URL=mongodb://127.0.0.1:27017/__DB_NAME__
-Environment=ROOT_URL=https://__DOMAIN_URI__ PORT=__PORT__
 WorkingDirectory=__FINALPATH__
-ExecStart=/opt/node_n/bin/node __FINALPATH__/main.js
+ExecStart=__NODEJS_PATH__/node __FINALPATH__/main.js
 Restart=on-failure
 #StartLimitInterval=86400
 #StartLimitBurst=5

manifest.json

@@ -6,7 +6,7 @@
         "en": "Trello-like kanban",
         "fr": "Un kanban similaire à Trello"
     },
-    "version": "2.09~ynh1",
+    "version": "2.48~ynh1",
     "url": "https://wekan.io",
     "license": "MIT",
     "maintainer": {
@@ -15,7 +15,7 @@
         "url": "https://github.com/alexAubin/"
     },
     "requirements": {
-        "yunohost": ">= 3.0.0"
+        "yunohost": ">= 3.4"
     },
     "multi_instance": true,
     "services": [

scripts/_common.sh

@@ -1,5 +1,12 @@
 #!/bin/bash
 
+#=================================================
+# COMMON VARIABLES
+#=================================================
+
+# dependencies used by the app
+pkg_dependencies="mongodb mongodb-server"
+
 #=================================================
 # PERSONAL HELPERS
 #=================================================

scripts/backup

@@ -6,6 +6,7 @@
 # IMPORT GENERIC HELPERS
 #=================================================
 
+#Keep this path for calling _common.sh inside the execution's context of backup and restore scripts
 source ../settings/scripts/_common.sh
 source /usr/share/yunohost/helpers
 
@@ -13,10 +14,6 @@ source /usr/share/yunohost/helpers
 # MANAGE SCRIPT FAILURE
 #=================================================
 
-ynh_clean_setup () {
-	### Remove this function if there's nothing to clean before calling the remove script.
-	true
-}
 # Exit if an error occurs during the execution of the script
 ynh_abort_if_errors
 

scripts/change_url

@@ -0,0 +1,109 @@
+#!/bin/bash
+
+#=================================================
+# GENERIC STARTING
+#=================================================
+# IMPORT GENERIC HELPERS
+#=================================================
+
+source _common.sh
+source ynh_systemd_action
+source /usr/share/yunohost/helpers
+
+#=================================================
+# RETRIEVE ARGUMENTS
+#=================================================
+
+old_domain=$YNH_APP_OLD_DOMAIN
+old_path=$YNH_APP_OLD_PATH
+
+new_domain=$YNH_APP_NEW_DOMAIN
+new_path=$YNH_APP_NEW_PATH
+
+app=$YNH_APP_INSTANCE_NAME
+
+#=================================================
+# LOAD SETTINGS
+#=================================================
+ynh_print_info "Loading installation settings..."
+
+# Needed for helper "ynh_add_nginx_config"
+final_path=$(ynh_app_setting_get $app final_path)
+
+# Add settings here as needed by your application
+
+port=$(ynh_app_setting_get $app port)
+
+#=================================================
+# CHECK WHICH PARTS SHOULD BE CHANGED
+#=================================================
+
+change_domain=0
+if [ "$old_domain" != "$new_domain" ]
+then
+	change_domain=1
+fi
+
+change_path=0
+if [ "$old_path" != "$new_path" ]
+then
+	change_path=1
+fi
+
+#=================================================
+# STANDARD MODIFICATIONS
+#=================================================
+# MODIFY URL IN NGINX CONF
+#=================================================
+ynh_print_info "Updating nginx web server configuration..."
+
+nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
+
+# Change the path in the nginx config file
+if [ $change_path -eq 1 ]
+then
+	# Make a backup of the original nginx config file if modified
+	ynh_backup_if_checksum_is_different "$nginx_conf_path"
+	# Set global variables for nginx helper
+	domain="$old_domain"
+	path_url="$new_path"
+	# Create a dedicated nginx config
+	ynh_add_nginx_config
+fi
+
+# Change the domain for nginx
+if [ $change_domain -eq 1 ]
+then
+	# Delete file checksum for the old conf file location
+	ynh_delete_file_checksum "$nginx_conf_path"
+	mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf
+	# Store file checksum for the new config file location
+	ynh_store_file_checksum "/etc/nginx/conf.d/$new_domain.d/$app.conf"
+fi
+
+#=================================================
+# SPECIFIC MODIFICATIONS
+#=================================================
+# MODIFY URL IN .ENV
+#=================================================
+ynh_print_info "Updating .env configuration..."
+
+ynh_systemd_action --action=stop --service_name=$app --log_path="systemd"
+ynh_replace_string "$old_domain$old_path" "$new_domain$new_path" "$final_path/.env"
+ynh_systemd_action --action=start --service_name=$app --log_path="systemd" --line_match="Kadira: completed instrumenting the app"
+sleep 10
+
+#=================================================
+# GENERIC FINALISATION
+#=================================================
+# RELOAD NGINX
+#=================================================
+ynh_print_info "Reloading nginx web server..."
+
+systemctl reload nginx
+
+#=================================================
+# END OF SCRIPT
+#=================================================
+
+ynh_print_info "Change of URL completed for $app"

scripts/install

@@ -14,10 +14,6 @@ source /usr/share/yunohost/helpers
 # MANAGE SCRIPT FAILURE
 #=================================================
 
-ynh_clean_setup () {
-	### Remove this function if there's nothing to clean before calling the remove script.
-	true
-}
 # Exit if an error occurs during the execution of the script
 ynh_abort_if_errors
 
@@ -25,11 +21,12 @@ ynh_abort_if_errors
 # RETRIEVE ARGUMENTS FROM THE MANIFEST
 #=================================================
 
-app=$YNH_APP_INSTANCE_NAME
 domain=$YNH_APP_ARG_DOMAIN
 path_url=$YNH_APP_ARG_PATH
 is_public=$YNH_APP_ARG_IS_PUBLIC
 
+app=$YNH_APP_INSTANCE_NAME
+
 #=================================================
 # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
 #=================================================
@@ -38,8 +35,6 @@ ynh_print_info "Validating installation parameters..."
 # Check machine architecture (in particular, we don't support ARM and 32bit machines)
 [[ $(uname -m) == "x86_64" ]] || ynh_die "Sorry, but this app can only be installed on a x86, 64 bits machine :("
 
-### If the app uses nginx as web server (written in HTML/PHP in most cases), the final path should be "/var/www/$app".
-### If the app provides an internal web server (or uses another application server such as uwsgi), the final path should be "/opt/yunohost/$app"
 final_path=/var/www/$app
 test ! -e "$final_path" || ynh_die "This path already contains a folder"
 
@@ -54,45 +49,47 @@ ynh_print_info "Storing installation settings..."
 ynh_app_setting_set $app domain $domain
 ynh_app_setting_set $app path $path_url
 ynh_app_setting_set $app is_public $is_public
-ynh_app_setting_set $app final_path $final_path
+
+#=================================================
+# STANDARD MODIFICATIONS
+#=================================================
+# FIND AND OPEN A PORT
+#=================================================
+ynh_print_info "Configuring firewall..."
 
 # Find a free port
 port=$(ynh_find_port 8095)
 ynh_app_setting_set $app port $port
 
-# Registering db name
-db_name=$(ynh_sanitize_dbid $app)
-ynh_app_setting_set $app db_name $db_name
-
 #=================================================
 # INSTALL DEPENDENCIES
 #=================================================
 ynh_print_info "Installing dependencies..."
 
-ynh_print_info "Installing nodejs ..."
+ynh_install_nodejs 8.15.1
-ynh_install_nodejs 8.9.3
+ynh_use_nodejs
 
-ynh_print_info "Installing mongodb dependencies ..."
+ynh_install_app_dependencies $pkg_dependencies
-ynh_install_app_dependencies "mongodb mongodb-server"
 
 #=================================================
-# Start MONGODB
+# START MONGODB
 #=================================================
-
-# Start mogodb
 ynh_print_info "Starting mongodb ..."
+
+# Start mongodb
 systemctl enable mongodb
-systemctl restart mongodb
+systemctl start mongodb
+
+# Registering db name
+db_name=$(ynh_sanitize_dbid $app)
+ynh_app_setting_set $app db_name $db_name
 
 #=================================================
 # DOWNLOAD, CHECK AND UNPACK SOURCE
 #=================================================
-ynh_print_info "Setting up wekan source files..."
+ynh_print_info "Setting up source files..."
-
-### `ynh_setup_source` is used to install an app from a zip or tar.gz file,
-### downloaded from an upstream source, like a git repository.
-### `ynh_setup_source` use the file conf/app.src
 
+ynh_app_setting_set $app final_path $final_path
 # Download, check integrity, uncompress and patch the source from app.src
 ynh_setup_source "$final_path"
 
@@ -101,8 +98,6 @@ ynh_setup_source "$final_path"
 #=================================================
 ynh_print_info "Configuring nginx web server..."
 
-### `ynh_add_nginx_config` will use the file conf/nginx.conf
-
 # Create a dedicated nginx config
 ynh_add_nginx_config
 
@@ -121,25 +116,28 @@ ynh_system_user_create $app "$final_path"
 #=================================================
 ynh_print_info "Configuring a systemd service..."
 
-### `ynh_systemd_config` is used to configure a systemd script for an app.
-### It can be used for apps that use sysvinit (with adaptation) or systemd.
-### Have a look at the app to be sure this app needs a systemd script.
-### `ynh_systemd_config` will use the file conf/systemd.service
-### If you're not using these lines:
-###		- You can remove those files in conf/.
-###		- Remove the section "BACKUP SYSTEMD" in the backup script
-###		- Remove also the section "STOP AND REMOVE SERVICE" in the remove script
-###		- As well as the section "RESTORE SYSTEMD" in the restore script
-###		- And the section "SETUP SYSTEMD" in the upgrade script
-
 # Create a dedicated systemd config
-ynh_print_info "Adding wekan systemd service ..."
+ynh_replace_string "__NODEJS_PATH__" "$nodejs_path" "../conf/systemd.service"
-ynh_replace_string "__ENV_PATH__" "$nodejs_path"               "../conf/systemd.service"
-ynh_replace_string "__DB_NAME__"  "$db_name"                "../conf/systemd.service"
-ynh_replace_string "__DOMAIN_URI__"      "$domain$path_url"          "../conf/systemd.service"
-ynh_replace_string "__PORT__"     "$port"               "../conf/systemd.service"
 ynh_add_systemd_config
 
+#=================================================
+# MODIFY A CONFIG FILE
+#=================================================
+
+cp "../conf/.env" "$final_path/.env"
+
+ynh_replace_string "__NODEJS_PATH__" "$nodejs_path" "$final_path/.env"
+ynh_replace_string "__DB_NAME__" "$db_name" "$final_path/.env"
+ynh_replace_string "__DOMAIN_URI__" "$domain$path_url" "$final_path/.env"
+ynh_replace_string "__PORT__" "$port" "$final_path/.env"
+
+#=================================================
+# STORE THE CONFIG FILE CHECKSUM
+#=================================================
+
+# Calculate and store the config file checksum into the app settings
+ynh_store_file_checksum "$final_path/.env"
+
 #=================================================
 # GENERIC FINALIZATION
 #=================================================
@@ -147,9 +145,6 @@ ynh_add_systemd_config
 #=================================================
 ynh_print_info "Configuring file permissions ..."
 
-### For security reason, any app should set the permissions to root: before anything else.
-### Then, if write authorization is needed, any access should be given only to directories
-### that really need such authorization.
 # Set strong right permissions to app files
 chown -R $app: "$final_path"
 chmod -R 640 "$final_path"
@@ -159,14 +154,6 @@ find "$final_path" -type d -print0 | xargs -0 chmod 750
 # ADVERTISE SERVICE IN ADMIN PANEL
 #=================================================
 
-### `yunohost service add` is a CLI yunohost command to add a service in the admin panel.
-### You'll find the service in the 'services' section of YunoHost admin panel.
-### This CLI command would be useless if the app does not have any services (systemd or sysvinit)
-### If you're not using these lines:
-###		- You can remove these files in conf/.
-###		- Remove the section "REMOVE SERVICE FROM ADMIN PANEL" in the remove script
-###		- As well as the section ADVERTISE SERVICE IN ADMIN PANEL" in the restore script
-
 yunohost service add mongodb --log "/var/log/mongodb/mongodb.log"
 yunohost service add $app
 
@@ -194,7 +181,7 @@ systemctl reload nginx
 #=================================================
 ynh_print_info "Now starting Wekan service..."
 
-ynh_systemd_action --action=start --service_name=$app --log_path="systemd" --line_match="Finishing add-custom-html-before-body-end migration"
+ynh_systemd_action --action=start --service_name=$app --log_path="systemd" --line_match="Kadira: completed instrumenting the app"
 sleep 10
 
 #=================================================

scripts/remove

@@ -29,7 +29,7 @@ final_path=$(ynh_app_setting_get $app final_path)
 #=================================================
 
 # Remove a service from the admin panel, added by `yunohost service add`
-if yunohost service status | grep -q $app
+if yunohost service status $app >/dev/null 2>&1
 then
 	ynh_print_info "Removing $app service"
 	yunohost service remove $app

scripts/restore

@@ -14,10 +14,6 @@ source /usr/share/yunohost/helpers
 # MANAGE SCRIPT FAILURE
 #=================================================
 
-ynh_clean_setup () {
-	#### Remove this function if there's nothing to clean before calling the remove script.
-	true
-}
 # Exit if an error occurs during the execution of the script
 ynh_abort_if_errors
 
@@ -30,10 +26,8 @@ app=$YNH_APP_INSTANCE_NAME
 
 domain=$(ynh_app_setting_get $app domain)
 path_url=$(ynh_app_setting_get $app path)
-is_public=$(ynh_app_setting_get $app is_public)
 final_path=$(ynh_app_setting_get $app final_path)
 db_name=$(ynh_app_setting_get $app db_name)
-port=$(ynh_app_setting_get $app final_path)
 
 #=================================================
 # CHECK IF THE APP CAN BE RESTORED
@@ -85,17 +79,17 @@ find "$final_path" -type d -print0 | xargs -0 chmod 750
 ynh_print_info "Reinstalling dependencies..."
 
 # Define and install dependencies
-ynh_install_nodejs 8.9.3
+ynh_install_nodejs 8.15.1
+ynh_use_nodejs
 
-# Install mongodb
+ynh_install_app_dependencies $pkg_dependencies
-ynh_install_app_dependencies "mongodb mongodb-server"
 
 #=================================================
 # RESTORE THE MONGODB DATABASE
 #=================================================
 ynh_print_info "Restoring the MongoDB database..."
 
-# Start mogodb
+# Start mongodb
 systemctl enable mongodb
 systemctl start mongodb
 mongorestore --db $db_name ./dump/$db_name
@@ -130,7 +124,7 @@ systemctl reload nginx
 #=================================================
 ynh_print_info "Now starting Wekan service..."
 
-ynh_systemd_action --action=start --service_name=$app --log_path="systemd" 
+ynh_systemd_action --action=start --service_name=$app --log_path="systemd" --line_match="Kadira: completed instrumenting the app"
 sleep 10
 
 #=================================================

scripts/upgrade

@@ -71,11 +71,12 @@ fi
 if ynh_version_gt "0.77-2" "${previous_version}" ; then
     ynh_install_nodejs 8.9.3
     # Create a dedicated systemd config
-    ynh_use_nodejs
+    ynh_replace_string "__NODEJS__"   "$nodejs_use_version" "../conf/systemd.service"
-    ynh_replace_string "__ENV_PATH__"   "$nodejs_path"     "../conf/systemd.service"
+    ynh_replace_string "__ENV_PATH__" "$PATH"               "../conf/systemd.service"
-    ynh_replace_string "__DB_NAME__"    "$db_name"         "../conf/systemd.service"
+    ynh_replace_string "__DB_NAME__"  "$app"                "../conf/systemd.service"
-    ynh_replace_string "__DOMAIN_URI__" "$domain$path_url" "../conf/systemd.service"
+    ynh_replace_string "__URI__"      "$path_url/"          "../conf/systemd.service"
-    ynh_replace_string "__PORT__"       "$port"            "../conf/systemd.service"
+    ynh_replace_string "__PORT__"     "$port"               "../conf/systemd.service"
+    ynh_replace_string "__DOMAIN__"   "$domain"             "../conf/systemd.service"
     ynh_add_systemd_config
 fi
 
@@ -98,6 +99,23 @@ if ynh_version_gt "1.07~ynh2" "${previous_version}" ; then
    ynh_add_systemd_config
 fi
 
+if ynh_version_gt "2.48~ynh1" "${previous_version}" ; then
+    ynh_remove_nodejs
+    ynh_install_nodejs 8.15.1
+    ynh_use_nodejs
+    # Create a dedicated systemd config
+    ynh_replace_string "__NODEJS_PATH__" "$nodejs_path" "../conf/systemd.service"
+    ynh_add_systemd_config
+    # Create a dedicated .env config
+    ynh_backup_if_checksum_is_different "$final_path/.env"
+    cp "../conf/.env" "$final_path/.env"
+    ynh_replace_string "__NODEJS_PATH__" "$nodejs_path" "$final_path/.env"
+    ynh_replace_string "__DB_NAME__" "$db_name" "$final_path/.env"
+    ynh_replace_string "__DOMAIN_URI__" "$domain$path_url" "$final_path/.env"
+    ynh_replace_string "__PORT__" "$port" "$final_path/.env"
+    ynh_store_file_checksum "$final_path/.env"
+fi
+
 #=================================================
 # CHECK THE PATH
 #=================================================
@@ -134,17 +152,6 @@ chown -R $app: "$final_path"
 chmod -R 640 "$final_path"
 find "$final_path" -type d -print0 | xargs -0 chmod 750
 
-#=================================================
-# INSTALL WEKAN NPM DEPENDENCIES
-#=================================================
-ynh_print_info "Installing wekan npm dependencies ..."
-
-# Relaunch a npm install
-pushd $final_path/programs/server
-    ynh_use_nodejs
-    npm install
-popd
-
 #=================================================
 # SETUP SSOWAT
 #=================================================
@@ -169,7 +176,7 @@ systemctl reload nginx
 #=================================================
 ynh_print_info "Now restarting Wekan service..."
 
-ynh_systemd_action --action=restart --service_name=$app --log_path="systemd" 
+ynh_systemd_action --action=restart --service_name=$app --log_path="systemd" --line_match="Kadira: completed instrumenting the app"
 sleep 10
 
 #=================================================