Merge pull request #9 from YunoHost-Apps/testing

Pass all checks, use DKMS module, and minor improvements
2024-09-03 20:35:58 +02:00 · 2021-02-19 19:41:39 +01:00 · 2021-02-19 19:41:39 +01:00 · 7462d84582
commit 7462d84582
parent 096a5112da dbbb1ced45
15 changed files with 362 additions and 153 deletions
--- a/README.md
+++ b/README.md
@ -1,11 +1,13 @@
 # WireGuard for YunoHost
 [![Integration level](https://dash.yunohost.org/integration/wireguard.svg)](https://dash.yunohost.org/appci/app/wireguard) ![](https://ci-apps.yunohost.org/ci/badges/wireguard.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/wireguard.maintain.svg)  
-[![Install WireGuard with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=wireguard)
+[![Install WireGuard with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=wireguard)
 *[Lire ce readme en français.](./README_fr.md)*
-:warning: This app is still experimental. WireGuard requires upgrading your Linux kernel to another major version. Check its compatibility before running it on a production system. :warning:
+:warning: This app is still experimental. Check its compatibility before running it on a production system. :warning:
 :exclamation: WireGuard for YunoHost will add a DMKS module to your Linux kernel.
 > *This package allows you to install WireGuard quickly and simply on a YunoHost server.  
 If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/install) to learn how to install it.*
--- a/README_fr.md
+++ b/README_fr.md
@ -1,11 +1,13 @@
 # WireGuard pour YunoHost
 [![Niveau d'intégration](https://dash.yunohost.org/integration/wireguard.svg)](https://dash.yunohost.org/appci/app/wireguard) ![](https://ci-apps.yunohost.org/ci/badges/wireguard.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/wireguard.maintain.svg)  
-[![Installer WireGuard avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=wireguard)
+[![Installer WireGuard avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=wireguard)
 *[Read this readme in english.](./README.md)* 
-:warning: Cette app est encore expérimentale. WireGuard requiert de mettre à niveau votre noyau Linux. Vérifiez sa compatibilté avant de lancer l'installation sur un serveur de production. :warning:
+:warning: Cette app est encore expérimentale. Vérifiez sa compatibilté avant de lancer l'installation sur un serveur de production. :warning:
 :exclamation: WireGuard pour YunoHost ajoutera un module DKMS à votre noyau Linux.
 > *Ce package vous permet d'installer WireGuard rapidement et simplement sur un serveur YunoHost.  
 Si vous n'avez pas YunoHost, consultez [le guide](https://yunohost.org/#/install) pour apprendre comment l'installer.*
@ -78,5 +80,5 @@ Pour essayer la branche testing, procédez comme suit.
 ```
 sudo yunohost app install https://github.com/YunoHost-Apps/wireguard_ynh/tree/testing --debug
 ou
-sudo yunohost app upgrade REPLACEBYYOURAPP -u https://github.com/YunoHost-Apps/wireguard_ynh/tree/testing --debug
+sudo yunohost app upgrade wireguard -u https://github.com/YunoHost-Apps/wireguard_ynh/tree/testing --debug
 ```
--- a/18
+++ b/18
@ -8,23 +8,17 @@
 		domain="domain.tld"	(DOMAIN)
 		path="/"	(PATH)
 		admin="john"	(USER)
 		#language="fr"
 		#is_public=1	(PUBLIC|public=1|private=0)
 		#password="pass"
 		#port="666"	(PORT)
 	; Checks
 		pkg_linter=1
 		setup_sub_dir=0
 		setup_root=1
 		setup_nourl=0
 		setup_private=1
-		setup_public=1
+		setup_public=0
 		upgrade=1
-		#upgrade=1	from_commit=CommitHash
+		upgrade=1	from_commit=797a3e5990571629a8525764ce6e8d359277313f
 		backup_restore=1
-		multi_instance=1
+		multi_instance=0
 		# This test is no longer necessary since the version 2.7 (PR: https://github.com/YunoHost/yunohost/pull/304), you can still do it if your app could be installed with this version.
 		# incorrect_path=1
 		port_already_use=0
 		change_url=0
 ;;; Levels
@ -34,7 +28,7 @@
 Email=
 Notification=none
 ;;; Upgrade options
-	; commit=CommitHash
+	; commit=797a3e5990571629a8525764ce6e8d359277313f
-		name=Name and date of the commit.
+		name=a version using backport kernel
-		manifest_arg=domain=DOMAIN&path=PATH&admin=USER&language=fr&is_public=1&password=pass&port=666&
+		manifest_arg=domain=DOMAIN&path=PATH&admin=USER&is_public=0&
--- a/conf/app.src
+++ b/conf/app.src
@ -1,6 +0,0 @@
 SOURCE_URL=https://github.com/ngoduykhanh/wireguard-ui/releases/download/v0.2.5/wireguard-ui-v0.2.5-linux-amd64.tar.gz
 SOURCE_SUM=BEB3B73E173B115B355F83DFE2D7E6AA2125D692E389319930ABBFA215F1657B
 SOURCE_SUM_PRG=sha256sum
 SOURCE_FORMAT=tar.gz
 SOURCE_IN_SUBDIR=false
 SOURCE_FILENAME=
--- a/conf/sudoers.conf
+++ b/conf/sudoers.conf
@ -0,0 +1,3 @@
 Cmnd_Alias WIREGUARDSERVICE = /bin/systemctl restart wg-quick@wg0.service
 __USER__ ALL = NOPASSWD: WIREGUARDSERVICE
--- a/conf/wireguard.service
+++ b/conf/wireguard.service
@ -4,4 +4,6 @@ After=network.target
 [Service]
 Type=oneshot
 User=__APP__
 Group=__APP__
 ExecStart=/bin/systemctl restart wg-quick@wg0.service
--- a/conf/wireguard_ui.service
+++ b/conf/wireguard_ui.service
@ -1,6 +1,6 @@
 [Unit]
 Description=WireGuard UI
-After=network.target wireguard.service wireguard_path.service
+After=network.target wireguard.service
 [Service]
 Type=simple
--- a/manifest.json
+++ b/manifest.json
@ -6,7 +6,7 @@
        "en": "Virtual Private Networks (VPN) via WireGuard, with a web UI",
        "fr": "Réseaux Privés Virtuels (VPN) via WireGuard, avec une web UI"
    },
-    "version": "0.2.7~ynh1",
+    "version": "0.2.7~ynh2",
    "url": "https://github.com/ngoduykhanh/wireguard-ui",
    "license": "MIT",
    "maintainer": {
@ -14,7 +14,7 @@
        "email": "tituspijean@outlook.com"
    },
    "requirements": {
-        "yunohost": ">= 3.8.1"
+        "yunohost": ">= 4.0.8"
    },
    "multi_instance": false,
    "services": [
@ -22,6 +22,14 @@
    ],
    "arguments": {
        "install" : [
            {
                "name": "warning",
                "type": "display_text",
                "ask": {
                    "en": "WireGuard installs a Linux kernel module and will most likely require a reboot of your server to work properly.",
                    "fr": "WireGuard installe un module au noyau Linux et nécessite probablement un redémarrage du serveur pour fonctionner correctement."
                }
            },
            {
                "name": "domain",
                "type": "domain",
--- a/scripts/_common.sh
+++ b/scripts/_common.sh
@ -5,7 +5,7 @@
 #=================================================
 # dependencies used by the app
-pkg_dependencies="wireguard"
+pkg_dependencies="wireguard-dkms wireguard"
 #=================================================
 # PERSONAL HELPERS
@ -39,6 +39,145 @@ ynh_detect_arch(){
 	echo $architecture
 }
 # Send an email to inform the administrator
 #
 # usage: ynh_send_readme_to_admin --app_message=app_message [--recipients=recipients] [--type=type]
 # | arg: -m --app_message= - The file with the content to send to the administrator.
 # | arg: -r, --recipients= - The recipients of this email. Use spaces to separate multiples recipients. - default: root
 #	example: "root admin@domain"
 #	If you give the name of a YunoHost user, ynh_send_readme_to_admin will find its email adress for you
 #	example: "root admin@domain user1 user2"
 # | arg: -t, --type= - Type of mail, could be 'backup', 'change_url', 'install', 'remove', 'restore', 'upgrade'
 ynh_send_readme_to_admin() {
 	# Declare an array to define the options of this helper.
 	declare -Ar args_array=( [m]=app_message= [r]=recipients= [t]=type= )
 	local app_message
 	local recipients
 	local type
 	# Manage arguments with getopts
 	ynh_handle_getopts_args "$@"
 	app_message="${app_message:-}"
 	recipients="${recipients:-root}"
 	type="${type:-install}"
 	# Get the value of admin_mail_html
 	admin_mail_html=$(ynh_app_setting_get $app admin_mail_html)
 	admin_mail_html="${admin_mail_html:-0}"
 	# Retrieve the email of users
 	find_mails () {
 		local list_mails="$1"
 		local mail
 		local recipients=" "
 		# Read each mail in argument
 		for mail in $list_mails
 		do
 			# Keep root or a real email address as it is
 			if [ "$mail" = "root" ] || echo "$mail" | grep --quiet "@"
 			then
 				recipients="$recipients $mail"
 			else
 				# But replace an user name without a domain after by its email
 				if mail=$(ynh_user_get_info "$mail" "mail" 2> /dev/null)
 				then
 					recipients="$recipients $mail"
 				fi
 			fi
 		done
 		echo "$recipients"
 	}
 	recipients=$(find_mails "$recipients")
 	# Subject base
 	local mail_subject="☁️🆈🅽🅷☁️: \`$app\`"
 	# Adapt the subject according to the type of mail required.
 	if [ "$type" = "backup" ]; then
 		mail_subject="$mail_subject has just been backup."
 	elif [ "$type" = "change_url" ]; then
 		mail_subject="$mail_subject has just been moved to a new URL!"
 	elif [ "$type" = "remove" ]; then
 		mail_subject="$mail_subject has just been removed!"
 	elif [ "$type" = "restore" ]; then
 		mail_subject="$mail_subject has just been restored!"
 	elif [ "$type" = "upgrade" ]; then
 		mail_subject="$mail_subject has just been upgraded!"
 	else	# install
 		mail_subject="$mail_subject has just been installed!"
 	fi
 	local mail_message="This is an automated message from your beloved YunoHost server.
 Specific information for the application $app.
 $(if [ -n "$app_message" ]
 then
 	cat "$app_message"
 else
 	echo "...No specific information..."
 fi)
 ---
 Automatic diagnosis data from YunoHost
 __PRE_TAG1__$(yunohost tools diagnosis | grep -B 100 "services:" | sed '/services:/d')__PRE_TAG2__"
 	# Store the message into a file for further modifications.
 	echo "$mail_message" > mail_to_send
 	# If a html email is required. Apply html tags to the message.
 	if [ "$admin_mail_html" -eq 1 ]
 	then
 		# Insert 'br' tags at each ending of lines.
 		ynh_replace_string "$" "<br>" mail_to_send
 		# Insert starting HTML tags
 		sed --in-place '1s@^@<!DOCTYPE html>\n<html>\n<head></head>\n<body>\n@' mail_to_send
 		# Keep tabulations
 		ynh_replace_string "  " "\&#160;\&#160;" mail_to_send
 		ynh_replace_string "\t" "\&#160;\&#160;" mail_to_send
 		# Insert url links tags
 		ynh_replace_string "__URL_TAG1__\(.*\)__URL_TAG2__\(.*\)__URL_TAG3__" "<a href=\"\2\">\1</a>" mail_to_send
 		# Insert pre tags
 		ynh_replace_string "__PRE_TAG1__" "<pre>" mail_to_send
 		ynh_replace_string "__PRE_TAG2__" "<\pre>" mail_to_send
 		# Insert finishing HTML tags
 		echo -e "\n</body>\n</html>" >> mail_to_send
 	# Otherwise, remove tags to keep a plain text.
 	else
 		# Remove URL tags
 		ynh_replace_string "__URL_TAG[1,3]__" "" mail_to_send
 		ynh_replace_string "__URL_TAG2__" ": " mail_to_send
 		# Remove PRE tags
 		ynh_replace_string "__PRE_TAG[1-2]__" "" mail_to_send
 	fi
 	# Define binary to use for mail command
 	if [ -e /usr/bin/bsd-mailx ]
 	then
 		local mail_bin=/usr/bin/bsd-mailx
 	else
 		local mail_bin=/usr/bin/mail.mailutils
 	fi
 	if [ "$admin_mail_html" -eq 1 ]
 	then
 		content_type="text/html"
 	else
 		content_type="text/plain"
 	fi
 	# Send the email to the recipients
 	cat mail_to_send | $mail_bin -a "Content-Type: $content_type; charset=UTF-8" -s "$mail_subject" "$recipients"
 }
 #=================================================
 # FUTURE OFFICIAL HELPERS
 #=================================================
--- a/scripts/backup
+++ b/scripts/backup
@ -48,13 +48,6 @@ ynh_backup --src_path="$final_path"
 ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
 #=================================================
 # BACKUP FAIL2BAN CONFIGURATION
 #=================================================
 ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf"
 ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf"
 #=================================================
 # SPECIFIC BACKUP
 #=================================================
@ -68,6 +61,9 @@ ynh_backup --src_path="/etc/logrotate.d/$app"
 #=================================================
 ynh_backup --src_path="/etc/systemd/system/$app.service"
 ynh_backup --src_path=/etc/systemd/system/wireguard_ui.service
 ynh_backup --src_path=/etc/systemd/system/wireguard.path
 ynh_backup --src_path="/etc/sudoers.d/${app}_ynh"
 #=================================================
 # BACKUP VARIOUS FILES
--- a/scripts/change_url
+++ b/scripts/change_url
@ -29,11 +29,6 @@ ynh_script_progression --message="Loading installation settings..." --time --wei
 # Needed for helper "ynh_add_nginx_config"
 final_path=$(ynh_app_setting_get --app=$app --key=final_path)
 # Add settings here as needed by your application
 #db_name=$(ynh_app_setting_get --app=$app --key=db_name)
 #db_user=$db_name
 #db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd)
 #=================================================
 # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
 #=================================================
@ -74,7 +69,7 @@ fi
 #=================================================
 ynh_script_progression --message="Stopping a systemd service..." --time --weight=1
-ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log"
+ynh_systemd_action --service_name=$app --action="stop" --line_match="Stopped WireGuard UI" --log_path="systemd" --timeout=30
 #=================================================
 # MODIFY URL IN NGINX CONF
@ -118,7 +113,7 @@ fi
 #=================================================
 ynh_script_progression --message="Starting a systemd service..." --time --weight=1
-ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
+ynh_systemd_action --service_name=$app --action="start" --line_match="http server started" --log_path="systemd" --timeout=30
 #=================================================
 # RELOAD NGINX
--- a/scripts/install
+++ b/scripts/install
@ -25,7 +25,7 @@ ynh_abort_if_errors
 #=================================================
 domain=$YNH_APP_ARG_DOMAIN
-path_url=$YNH_APP_ARG_PATH
+path_url=$YNH_APP_ARG_PATH #TODO: Check if possible with wireguard_ui to use sub path
 admin=$YNH_APP_ARG_ADMIN
 app=$YNH_APP_INSTANCE_NAME
@ -33,7 +33,7 @@ app=$YNH_APP_INSTANCE_NAME
 #=================================================
 # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
 #=================================================
-ynh_script_progression --message="Validating installation parameters..." --time --weight=1
+ynh_script_progression --message="Validating installation parameters..." --weight=1
 final_path=/opt/yunohost/$app
 test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
@ -44,7 +44,7 @@ ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
 #=================================================
 # STORE SETTINGS FROM MANIFEST
 #=================================================
-ynh_script_progression --message="Storing installation settings..." --time --weight=1
+ynh_script_progression --message="Storing installation settings..." --weight=1
 ynh_app_setting_set --app=$app --key=domain --value=$domain
 ynh_app_setting_set --app=$app --key=path --value=$path_url
@ -55,14 +55,14 @@ ynh_app_setting_set --app=$app --key=admin --value=$admin
 #=================================================
 # FIND AND OPEN A PORT
 #=================================================
-ynh_script_progression --message="Configuring firewall..." --time --weight=1
+ynh_script_progression --message="Configuring firewall..." --weight=1
 # Find an available port for WireGuard
 port_wg=$(ynh_find_port --port=8095)
 ynh_app_setting_set --app=$app --key=port_wg --value=$port_wg
-# Find an available port
+# Find an available port for WireGuard UI
-port=$(ynh_find_port --port=8095)
+port=$(ynh_find_port --port=8096)
 ynh_app_setting_set --app=$app --key=port --value=$port
 # Open the WireGuard port
@ -71,14 +71,26 @@ ynh_exec_warn_less yunohost firewall allow --no-upnp UDP $port_wg
 #=================================================
 # INSTALL DEPENDENCIES
 #=================================================
-ynh_script_progression --message="Installing dependencies..." --time --weight=1
+ynh_script_progression --message="Installing dependencies..." --weight=7
-ynh_install_extra_app_dependencies --repo="http://deb.debian.org/debian buster-backports main" --package="$pkg_dependencies"
+# Add buster-backports repo
 ynh_add_repo --uri="http://deb.debian.org/debian" --suite="buster-backports" --component="main" --name="$app"
 # Add pin-priority for wireguard packages
 ynh_pin_repo --package="wireguard*" --pin="origin deb http://deb.debian.org/debian buster-backports main" --priority=995 --name="$app"
 # Update the list of package with the new repo
 ynh_package_update
 ynh_add_app_dependencies --package="$pkg_dependencies"
 # Remove buster-backports repo and pin-priority
 ynh_remove_extra_repo --name=$app
 #=================================================
 # DOWNLOAD, CHECK AND UNPACK SOURCE
 #=================================================
-ynh_script_progression --message="Setting up source files..." --time --weight=1
+ynh_script_progression --message="Setting up source files..." --weight=1
 ynh_app_setting_set --app=$app --key=final_path --value=$final_path
 # Download, check integrity, uncompress and patch the source from app.src
@ -87,7 +99,7 @@ ynh_setup_source --dest_dir="$final_path" --source_id="$(ynh_detect_arch)"
 #=================================================
 # NGINX CONFIGURATION
 #=================================================
-ynh_script_progression --message="Configuring nginx web server..." --time --weight=1
+ynh_script_progression --message="Configuring nginx web server..." --weight=1
 # Create a dedicated nginx config
 ynh_add_nginx_config
@ -95,11 +107,15 @@ ynh_add_nginx_config
 #=================================================
 # CREATE DEDICATED USER
 #=================================================
-ynh_script_progression --message="Configuring system user..." --time --weight=1
+ynh_script_progression --message="Configuring system user..." --weight=1
 # Create a system user
 ynh_system_user_create --username=$app
 # Ensure the system user has enough permissions
 install -b -o root -g root -m 0440 ../conf/sudoers.conf /etc/sudoers.d/${app}_ynh
 ynh_replace_string "__USER__" "${app}" /etc/sudoers.d/${app}_ynh
 #=================================================
 # SPECIFIC SETUP
 #=================================================
@ -113,7 +129,7 @@ mkdir -p $final_path/db/server
 cp ../conf/interfaces.json $final_path/db/server/interfaces.json
 ynh_replace_string --match_string="__PORT_WG__" --replace_string="$port_wg" --target_file="$final_path/db/server/interfaces.json"
-# Create wireguard configuration directory
+# Create WireGuard configuration directory
 mkdir -p /etc/wireguard
 # Add interace configuration file for WireGuard
@ -124,14 +140,14 @@ ynh_replace_string --match_string="__PRIVATE_KEY__" --replace_string="$(wg genke
 #=================================================
 # SETUP SYSTEMD
 #=================================================
-ynh_script_progression --message="Configuring a systemd service..." --time --weight=1
+ynh_script_progression --message="Configuring a systemd service..." --weight=1
 # Create a dedicated systemd config for the web UI
 ynh_add_systemd_config --service=wireguard_ui --template=wireguard_ui.service --others_var="port"
 # Create a dedicated systemd config for monitoring WireGuard's configuration
 cp ../conf/wireguard.path /etc/systemd/system/wireguard.path
-systemctl enable wireguard.path
+systemctl enable --quiet wireguard.path
 # Create a dedicated systemd config for restarting WireGuard
 ynh_add_systemd_config --service=wireguard --template=wireguard.service --others_var="port_wg"
@ -142,10 +158,6 @@ ynh_add_systemd_config --service=wireguard --template=wireguard.service --others
 # SECURE FILES AND DIRECTORIES
 #=================================================
 ### For security reason, any app should set the permissions to root: before anything else.
 ### Then, if write authorization is needed, any access should be given only to directories
 ### that really need such authorization.
 # Set permissions to app files
 chown -R root: $final_path
 chown -R $app: $final_path/db
@ -156,15 +168,7 @@ chown -R $app:$app /etc/wireguard
 #=================================================
 # SETUP LOGROTATE
 #=================================================
-ynh_script_progression --message="Configuring log rotation..." --time --weight=1
+ynh_script_progression --message="Configuring log rotation..." --weight=1
 ### `ynh_use_logrotate` is used to configure a logrotate configuration for the logs of this app.
 ### Use this helper only if there is effectively a log file for this app.
 ### If you're not using this helper:
 ###		- Remove the section "BACKUP LOGROTATE" in the backup script
 ###		- Remove also the section "REMOVE LOGROTATE CONFIGURATION" in the remove script
 ###		- As well as the section "RESTORE THE LOGROTATE CONFIGURATION" in the restore script
 ###		- And the section "SETUP LOGROTATE" in the upgrade script
 # Use logrotate to manage application logfile(s)
 ynh_use_logrotate
@ -172,46 +176,30 @@ ynh_use_logrotate
 #=================================================
 # INTEGRATE SERVICE IN YUNOHOST
 #=================================================
-ynh_script_progression --message="Integrating service in YunoHost..." --time --weight=1
+ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
 yunohost service add wireguard --description "WireGuard" --needs_exposed_ports $port_wg --test_status "wg show | grep wg0"
 yunohost service add wireguard_ui --description "WireGuard UI" --log "/var/log/$app/ui.log"
 ### Additional options starting with 3.8:
 ###
 ### --needs_exposed_ports "$port" a list of ports that needs to be publicly exposed
 ###                               which will then be checked by YunoHost's diagnosis system
 ###                               (N.B. DO NOT USE THIS is the port is only internal !!!)
 ###
 ### --test_status "some command"  a custom command to check the status of the service
 ###                               (only relevant if 'systemctl status' doesn't do a good job)
 ###
 ### --test_conf "some command"    some command similar to "nginx -t" that validates the conf of the service
 ###
 ### Re-calling 'yunohost service add' during the upgrade script is the right way
 ### to proceed if you later realize that you need to enable some flags that
 ### weren't enabled on old installs (be careful it'll override the existing
 ### service though so you should re-provide all relevant flags when doing so)
 ###
 #=================================================
 # START SYSTEMD SERVICE
 #=================================================
-ynh_script_progression --message="Starting a systemd service..." --time --weight=1
+ynh_script_progression --message="Starting a systemd service..." --weight=1
 # Start a systemd service
-ynh_systemd_action --service_name=wireguard_ui --action="start" --log_path="/var/log/$app/ui.log"
+ynh_systemd_action --service_name=wireguard_ui --action="start" --line_match="http server started" --log_path="systemd" --timeout=30
 #=================================================
 # SETUP SSOWAT
 #=================================================
-ynh_script_progression --message="Configuring permissions..." --time --weight=1
+ynh_script_progression --message="Configuring permissions..." --weight=1
 ynh_permission_update --permission "main" --remove "all_users" --add "$admin"
 #=================================================
 # RELOAD NGINX
 #=================================================
-ynh_script_progression --message="Reloading nginx web server..." --time --weight=1
+ynh_script_progression --message="Reloading nginx web server..." --weight=1
 ynh_systemd_action --service_name=nginx --action=reload
@ -219,4 +207,4 @@ ynh_systemd_action --service_name=nginx --action=reload
 # END OF SCRIPT
 #=================================================
-ynh_script_progression --message="Installation of $app completed" --time --last
+ynh_script_progression --message="Installation of $app completed" --last
--- a/scripts/remove
+++ b/scripts/remove
@ -12,7 +12,7 @@ source /usr/share/yunohost/helpers
 #=================================================
 # LOAD SETTINGS
 #=================================================
-ynh_script_progression --message="Loading installation settings..." --time --weight=1
+ynh_script_progression --message="Loading installation settings..." --weight=1
 app=$YNH_APP_INSTANCE_NAME
@ -30,28 +30,29 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path)
 # Remove the service from the list of services known by Yunohost (added from `yunohost service add`)
 if ynh_exec_warn_less yunohost service status wireguard_ui >/dev/null
 then
-	ynh_script_progression --message="Removing WireGuard UI service integration..." --time --weight=1
+	ynh_script_progression --message="Removing WireGuard UI service integration..." --weight=1
 	yunohost service remove wireguard_ui
 fi
 #=================================================
 # STOP AND REMOVE SERVICE
 #=================================================
-ynh_script_progression --message="Stopping and removing the systemd service..." --time --weight=1
+ynh_script_progression --message="Stopping and removing the systemd service..." --weight=1
 # Remove the dedicated systemd configs
 ynh_remove_systemd_config --service=wireguard
 ynh_remove_systemd_config --service=wireguard_ui
 # YunoHost does not handle services not ending with .service, let's remove it manually
 systemctl stop wireguard.path
 systemctl disable wireguard.path --quiet
 ynh_secure_remove --file="/etc/systemd/system/wireguard.path"
 systemctl daemon-reload
 # Remove the dedicated systemd configs
 ynh_remove_systemd_config --service=wireguard
 ynh_remove_systemd_config --service=wireguard_ui
 #=================================================
 # REMOVE DEPENDENCIES
 #=================================================
-ynh_script_progression --message="Removing dependencies..." --time --weight=1
+ynh_script_progression --message="Removing dependencies..." --weight=6
 # Remove metapackage and its dependencies
 ynh_remove_app_dependencies
@ -59,7 +60,7 @@ ynh_remove_app_dependencies
 #=================================================
 # REMOVE APP MAIN DIR
 #=================================================
-ynh_script_progression --message="Removing app main directory..." --time --weight=1
+ynh_script_progression --message="Removing app main directory..." --weight=1
 # Remove the app directory securely
 ynh_secure_remove --file="$final_path"
@ -70,7 +71,7 @@ ynh_secure_remove --file="/etc/wireguard"
 #=================================================
 # REMOVE NGINX CONFIGURATION
 #=================================================
-ynh_script_progression --message="Removing nginx web server configuration..." --time --weight=1
+ynh_script_progression --message="Removing nginx web server configuration..." --weight=1
 # Remove the dedicated nginx config
 ynh_remove_nginx_config
@ -78,7 +79,7 @@ ynh_remove_nginx_config
 #=================================================
 # REMOVE LOGROTATE CONFIGURATION
 #=================================================
-ynh_script_progression --message="Removing logrotate configuration..." --time --weight=1
+ynh_script_progression --message="Removing logrotate configuration..." --weight=1
 # Remove the app-specific logrotate config
 ynh_remove_logrotate
@ -89,16 +90,25 @@ ynh_remove_logrotate
 if yunohost firewall list | grep -q "\- $port_wg$"
 then
-	ynh_script_progression --message="Closing port $port_wg..." --time --weight=1
+	ynh_script_progression --message="Closing port $port_wg..." --weight=1
 	ynh_exec_warn_less yunohost firewall disallow TCP $port_wg
 fi
 #=================================================
 # SPECIFIC REMOVE
 #=================================================
 # REMOVE VARIOUS FILES
 #=================================================
 # Remove sudoers file
 ynh_secure_remove --file="/etc/sudoers.d/${app}_ynh"
 #=================================================
 # GENERIC FINALIZATION
 #=================================================
 # REMOVE DEDICATED USER
 #=================================================
-ynh_script_progression --message="Removing the dedicated system user..." --time --weight=1
+ynh_script_progression --message="Removing the dedicated system user..." --weight=1
 # Delete a system user
 ynh_system_user_delete --username=$app
@ -107,4 +117,4 @@ ynh_system_user_delete --username=$app
 # END OF SCRIPT
 #=================================================
-ynh_script_progression --message="Removal of $app completed" --time --last
+ynh_script_progression --message="Removal of $app completed" --last
--- a/scripts/restore
+++ b/scripts/restore
@ -24,18 +24,20 @@ ynh_abort_if_errors
 #=================================================
 # LOAD SETTINGS
 #=================================================
-ynh_script_progression --message="Loading installation settings..." --time --weight=1
+ynh_script_progression --message="Loading installation settings..." --weight=1
 app=$YNH_APP_INSTANCE_NAME
 domain=$(ynh_app_setting_get --app=$app --key=domain)
 path_url=$(ynh_app_setting_get --app=$app --key=path)
 port=$(ynh_app_setting_get --app=$app --key=port)
 port_wg=$(ynh_app_setting_get --app=$app --key=port_wg)
 final_path=$(ynh_app_setting_get --app=$app --key=final_path)
 #=================================================
 # CHECK IF THE APP CAN BE RESTORED
 #=================================================
-ynh_script_progression --message="Validating restoration parameters..." --time --weight=1
+ynh_script_progression --message="Validating restoration parameters..." --weight=1
 ynh_webpath_available --domain=$domain --path_url=$path_url \
 	|| ynh_die --message="Path not available: ${domain}${path_url}"
@ -53,18 +55,21 @@ ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
 #=================================================
 # RESTORE THE APP MAIN DIR
 #=================================================
-ynh_script_progression --message="Restoring the app main directory..." --time --weight=1
+ynh_script_progression --message="Restoring the app main directory..." --weight=1
 ynh_restore_file --origin_path="$final_path"
 #=================================================
 # RECREATE THE DEDICATED USER
 #=================================================
-ynh_script_progression --message="Recreating the dedicated system user..." --time --weight=1
+ynh_script_progression --message="Recreating the dedicated system user..." --weight=1
 # Create the dedicated user (if not existing)
 ynh_system_user_create --username=$app
 # Restore sudoers file
 ynh_restore_file --origin_path="/etc/sudoers.d/${app}_ynh"
 #=================================================
 # RESTORE USER RIGHTS
 #=================================================
@ -72,32 +77,49 @@ ynh_system_user_create --username=$app
 # Restore permissions on app files
 chown -R root: $final_path
 chown -R $app: $final_path/db
-chmod 660 -R $final_path/db
+chmod -R 750 $final_path/db
 #=================================================
 # SPECIFIC RESTORATION
 #=================================================
 # REINSTALL DEPENDENCIES
 #=================================================
-ynh_script_progression --message="Reinstalling dependencies..." --time --weight=1
+ynh_script_progression --message="Reinstalling dependencies..." --weight=5
 # Define and install dependencies
-ynh_install_extra_app_dependencies --repo="http://http.debian.net/debian buster-backports main" --package=$pkg_dependencies
+
 #Add buster-backports repo
 ynh_add_repo --uri="http://deb.debian.org/debian" --suite="buster-backports" --component="main" --name="$app"
 #Add pin-priority for wireguard packages
 ynh_pin_repo --package="wireguard*" --pin="origin deb http://deb.debian.org/debian buster-backports main" --priority=995 --name="$app"
 # Update the list of package with the new repo
 ynh_package_update
 ynh_add_app_dependencies --package="$pkg_dependencies"
 #Remove buster-backports repo and pin-priority
 ynh_remove_extra_repo --name=$app
 #=================================================
 # RESTORE SYSTEMD
 #=================================================
-ynh_script_progression --message="Restoring the systemd configuration..." --time --weight=1
+ynh_script_progression --message="Restoring the systemd configuration..." --weight=1
 ynh_restore_file --origin_path=/etc/systemd/system/wireguard_ui.service
 ynh_restore_file --origin_path=/etc/systemd/system/wireguard.path
 ynh_restore_file --origin_path="/etc/systemd/system/$app.service"
-systemctl enable $app.service
+
 systemctl enable --quiet wireguard.path
 #=================================================
 # INTEGRATE SERVICE IN YUNOHOST
 #=================================================
-ynh_script_progression --message="Integrating service in YunoHost..." --time --weight=1
+ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
-yunohost service add $app --description "WireGuard UI" --log "/var/log/$app/$app.log"
+yunohost service add wireguard --description "WireGuard" --needs_exposed_ports $port_wg --test_status "wg show | grep wg0"
 yunohost service add wireguard_ui --description "WireGuard UI" --log "/var/log/$app/ui.log"
 #=================================================
 # RESTORE VARIOUS FILES
@ -108,9 +130,10 @@ ynh_restore_file --origin_path=$(jq -r ".config_file_path" $final_path/db/server
 #=================================================
 # START SYSTEMD SERVICE
 #=================================================
-ynh_script_progression --message="Starting a systemd service..." --time --weight=1
+ynh_script_progression --message="Starting a systemd service..." --weight=1
-ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
+ynh_systemd_action --service_name=wireguard_ui --action="start" --line_match="http server started" --log_path="systemd" --timeout=30
 sleep 5
 #=================================================
 # RESTORE THE LOGROTATE CONFIGURATION
@ -123,7 +146,7 @@ ynh_restore_file --origin_path="/etc/logrotate.d/$app"
 #=================================================
 # RELOAD NGINX AND PHP-FPM
 #=================================================
-ynh_script_progression --message="Reloading nginx web server and php-fpm..." --time --weight=1
+ynh_script_progression --message="Reloading nginx web server and php-fpm..." --weight=1
 ynh_systemd_action --service_name=nginx --action=reload
@ -131,4 +154,4 @@ ynh_systemd_action --service_name=nginx --action=reload
 # END OF SCRIPT
 #=================================================
-ynh_script_progression --message="Restoration completed for $app" --time --last
+ynh_script_progression --message="Restoration completed for $app" --last
--- a/scripts/upgrade
+++ b/scripts/upgrade
@ -12,30 +12,26 @@ source /usr/share/yunohost/helpers
 #=================================================
 # LOAD SETTINGS
 #=================================================
-ynh_script_progression --message="Loading installation settings..." --time --weight=1
+ynh_script_progression --message="Loading installation settings..." --weight=1
 app=$YNH_APP_INSTANCE_NAME
 domain=$(ynh_app_setting_get --app=$app --key=domain)
 path_url=$(ynh_app_setting_get --app=$app --key=path)
 port=$(ynh_app_setting_get --app=$app --key=port)
 port_wg=$(ynh_app_setting_get --app=$app --key=port_wg)
 final_path=$(ynh_app_setting_get --app=$app --key=final_path)
 #=================================================
 # CHECK VERSION
 #=================================================
 ### This helper will compare the version of the currently installed app and the version of the upstream package.
 ### $upgrade_type can have 2 different values
 ### - UPGRADE_APP if the upstream app version has changed
 ### - UPGRADE_PACKAGE if only the YunoHost package has changed
 ### ynh_check_app_version_changed will stop the upgrade if the app is up to date.
 ### UPGRADE_APP should be used to upgrade the core app only if there's an upgrade to do.
 upgrade_type=$(ynh_check_app_version_changed)
 #=================================================
 # ENSURE DOWNWARD COMPATIBILITY
 #=================================================
-ynh_script_progression --message="Ensuring downward compatibility..." --time --weight=1
+ynh_script_progression --message="Ensuring downward compatibility..." --weight=1
 # If final_path doesn't exist, create it
 if [ -z "$final_path" ]; then
@ -43,10 +39,55 @@ if [ -z "$final_path" ]; then
 	ynh_app_setting_set --app=$app --key=final_path --value=$final_path
 fi
 # Change port if WireGuard port is the same as WireGuard UI's
 if [ $port -eq $port_wg ]
 then
 	ynh_app_setting_delete --app=$app --key=port
 	port=$(ynh_find_port --port=$(($port_wg+1)))
 	ynh_app_setting_set --app=$app --key=port --value=$port
 	# Let's remove the unused is_public key too
 	ynh_app_setting_delete --app=$app --key=is_public
 fi
 # WireGuard UI should be private, really.
 if ynh_permission_has_user --permission=main --user=visitors
 then
        ynh_permission_update --permission=main --remove=visitors
 fi
 # Downgrade linux-image-$arch if updated to the buster-backports version
 arch=$(ynh_detect_arch)
 linuximage_version=$(ynh_package_version --package=linux-image-$arch)
 if [[ $linuximage_version == *"bpo10"* ]]
 then
 	# Downgrading using ynh_package_install apt command without "--no-remove" and with "--allow-downgrades"
 	# It will remove wireguard-ynh-deps and wireguard but they will be reinstalled throught upgrade process
 	ynh_apt --allow-downgrades --option Dpkg::Options::=--force-confdef \
        --option Dpkg::Options::=--force-confold install linux-image-$arch/stable
 	#Remove backports kernel if running on it and send a mail to the admin to ask him to reboot
 	linuxkernel_version=$(uname -r)
 	if [[ $linuxkernel_version == *"bpo"* ]]
 	then
 		ynh_package_remove linux-image-$linuxkernel_version
 		echo "You've been using an experimental version of wireguard_ynh, which was using the backports version of the linux kernel.
 Now wireguard_ynh use a DKMS module allowing itself to be used with the stable kernel, then the backports one was removed and a reboot is needed to go back to the stable one." > mail_to_send
 		ynh_send_readme_to_admin --app_message="mail_to_send" --recipients="admin" --type=upgrade
 	fi
 fi
 # Add sudoers file if missing
 if [ -f "/etc/sudoers.d/${app}_ynh" ]; then
 	install -b -o root -g root -m 0440 ../conf/sudoers.conf /etc/sudoers.d/${app}_ynh
 	ynh_replace_string "__USER__" "${app}" /etc/sudoers.d/${app}_ynh
 fi
 #=================================================
 # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
 #=================================================
-ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --time --weight=1
+ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=1
 # Backup the current version of the app
 ynh_backup_before_upgrade
@ -62,11 +103,11 @@ ynh_abort_if_errors
 #=================================================
 # STOP SYSTEMD SERVICE
 #=================================================
-ynh_script_progression --message="Stopping a systemd service..." --time --weight=1
+ynh_script_progression --message="Stopping a systemd service..." --weight=1
-ynh_systemd_action --service_name=wireguard_ui --action="stop" --log_path="/var/log/$app/ui.log"
+ynh_systemd_action --service_name=wireguard_ui --action="stop" --line_match="Stopped WireGuard UI" --log_path="systemd" --timeout=30
 systemctl disable --now --quiet wireguard.path
 ynh_systemd_action --service_name=wireguard --action="stop"
 ynh_systemd_action --service_name=wireguard_path --action="stop"
 #=================================================
 # DOWNLOAD, CHECK AND UNPACK SOURCE
@ -74,16 +115,16 @@ ynh_systemd_action --service_name=wireguard_path --action="stop"
 if [ "$upgrade_type" == "UPGRADE_APP" ]
 then
-	ynh_script_progression --message="Upgrading source files..." --time --weight=1
+	ynh_script_progression --message="Upgrading source files..." --weight=1
 	# Download, check integrity, uncompress and patch the source from app.src
-	ynh_setup_source --dest_dir="$final_path"
+	ynh_setup_source --dest_dir="$final_path" --source_id="$(ynh_detect_arch)"
 fi
 #=================================================
 # NGINX CONFIGURATION
 #=================================================
-ynh_script_progression --message="Upgrading nginx web server configuration..." --time --weight=1
+ynh_script_progression --message="Upgrading nginx web server configuration..." --weight=1
 # Create a dedicated nginx config
 ynh_add_nginx_config
@ -91,14 +132,28 @@ ynh_add_nginx_config
 #=================================================
 # UPGRADE DEPENDENCIES
 #=================================================
-ynh_script_progression --message="Upgrading dependencies..." --time --weight=1
+ynh_script_progression --message="Upgrading dependencies..." --weight=7
-ynh_install_extra_app_dependencies --repo="http://deb.debian.org/debian buster-backports main" --package="$pkg_dependencies"
+#TODO: remove buster-backports kernel
 # Add buster-backports repo
 ynh_add_repo --uri="http://deb.debian.org/debian" --suite="buster-backports" --component="main" --name="$app"
 # Add pin-priority for wireguard packages
 ynh_pin_repo --package="wireguard*" --pin="origin deb http://deb.debian.org/debian buster-backports main" --priority=995 --name="$app"
 # Update the list of package with the new repo
 ynh_package_update
 ynh_add_app_dependencies --package="$pkg_dependencies"
 # Remove buster-backports repo and pin-priority
 ynh_remove_extra_repo --name=$app
 #=================================================
 # CREATE DEDICATED USER
 #=================================================
-ynh_script_progression --message="Making sure dedicated system user exists..." --time --weight=1
+ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1
 # Create a dedicated user (if not existing)
 ynh_system_user_create --username=$app
@ -106,20 +161,17 @@ ynh_system_user_create --username=$app
 #=================================================
 # SETUP SYSTEMD
 #=================================================
-ynh_script_progression --message="Upgrading systemd configuration..." --time --weight=1
+ynh_script_progression --message="Upgrading systemd configuration..." --weight=1
 # Create a dedicated systemd config for the web UI
 ynh_add_systemd_config --service=wireguard_ui --template=wireguard_ui.service --others_var="port"
 # Create a dedicated systemd config for monitoring WireGuard's configuration
 cp ../conf/wireguard.path /etc/systemd/system/wireguard.path
-systemctl enable wireguard.path
+systemctl enable --quiet wireguard.path
 # Create a dedicated systemd config for restarting WireGuard
-cp ../conf/wireguard.service /etc/systemd/system/wireguard.service
+ynh_add_systemd_config --service=wireguard --template=wireguard.service --others_var="port_wg"
 ynh_replace_string --match_string="__PORT_WG__" --replace_string="$port_wg" --target_file="/etc/systemd/system/wireguard.service"
 systemctl enable wireguard.service
 #ynh_exec_fully_quiet ynh_add_systemd_config --service=wireguard --template=wireguard.service --others_var="port_wg"
 #=================================================
 # CONFIGURING WIREGUARD
@ -141,12 +193,12 @@ ynh_replace_string --match_string="__PORT_WG__" --replace_string="$port_wg" --ta
 # Set permissions on app files
 chown -R root: $final_path
 chown -R $app: $final_path/db
-chmod 750 -R $final_path/db
+chmod -R 750 $final_path/db
 #=================================================
 # SETUP LOGROTATE
 #=================================================
-ynh_script_progression --message="Upgrading logrotate configuration..." --time --weight=1
+ynh_script_progression --message="Upgrading logrotate configuration..." --weight=1
 # Use logrotate to manage app-specific logfile(s)
 ynh_use_logrotate --non-append
@ -154,23 +206,24 @@ ynh_use_logrotate --non-append
 #=================================================
 # INTEGRATE SERVICE IN YUNOHOST
 #=================================================
-ynh_script_progression --message="Integrating service in YunoHost..." --time --weight=1
+ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
-yunohost service add wireguard_ui --description "WireGuard UI" --log "/var/log/$app/$app.log"
+yunohost service add wireguard --description "WireGuard" --needs_exposed_ports "$port_wg" --test_status "wg show | grep wg0"
-yunohost service add wireguard --description "WireGuard" --needs_exposed_ports "$port_wg"
+yunohost service add wireguard_ui --description "WireGuard UI" --log "/var/log/$app/ui.log"
 #=================================================
 # START SYSTEMD SERVICE
 #=================================================
-ynh_script_progression --message="Starting a systemd service..." --time --weight=1
+ynh_script_progression --message="Starting a systemd service..." --weight=1
 # Start a systemd service
-ynh_systemd_action --service_name=wireguard_ui --action="start" --log_path="/var/log/$app/$app.log"
+ynh_systemd_action --service_name=wireguard_ui --action="start" --line_match="http server started" --log_path="systemd" --timeout=30
 sleep 5
 #=================================================
 # RELOAD NGINX
 #=================================================
-ynh_script_progression --message="Reloading nginx web server..." --time --weight=1
+ynh_script_progression --message="Reloading nginx web server..." --weight=1
 ynh_systemd_action --service_name=nginx --action=reload
@ -178,4 +231,4 @@ ynh_systemd_action --service_name=nginx --action=reload
 # END OF SCRIPT
 #=================================================
-ynh_script_progression --message="Upgrade of $app completed" --time --last
+ynh_script_progression --message="Upgrade of $app completed" --last
		`@ -0,0 +1,3 @@`
							`Cmnd_Alias WIREGUARDSERVICE = /bin/systemctl restart wg-quick@wg0.service`

							`__USER__ ALL = NOPASSWD: WIREGUARDSERVICE`