Merge branch 'dev' into fix-eval-in-logging-helpers

2024-09-03 20:06:10 +02:00 · 2021-10-12 16:49:42 +02:00 · 2021-10-12 16:49:42 +02:00 · 40cc41d68d
commit 40cc41d68d
parent a3c0ca4da6 c060670924
45 changed files with 1577 additions and 1759 deletions
--- a/data/helpers.d/apt
+++ b/data/helpers.d/apt
@ -12,31 +12,27 @@ ynh_wait_dpkg_free() {
    local try
    set +o xtrace # set +x
    # With seq 1 17, timeout will be almost 30 minutes
-    for try in `seq 1 17`
+    for try in $(seq 1 17); do
    do
        # Check if /var/lib/dpkg/lock is used by another process
-        if lsof /var/lib/dpkg/lock > /dev/null
+        if lsof /var/lib/dpkg/lock >/dev/null; then
        then
            echo "apt is already in use..."
            # Sleep an exponential time at each round
-            sleep $(( try * try ))
+            sleep $((try * try))
        else
            # Check if dpkg hasn't been interrupted and is fully available.
            # See this for more information: https://sources.debian.org/src/apt/1.4.9/apt-pkg/deb/debsystem.cc/#L141-L174
            local dpkg_dir="/var/lib/dpkg/updates/"
            # For each file in $dpkg_dir
-            while read dpkg_file <&9
+            while read dpkg_file <&9; do
            do
                # Check if the name of this file contains only numbers.
-                if echo "$dpkg_file" | grep --perl-regexp --quiet "^[[:digit:]]+$"
+                if echo "$dpkg_file" | grep --perl-regexp --quiet "^[[:digit:]]+$"; then
                then
                    # If so, that a remaining of dpkg.
                    ynh_print_err "dpkg was interrupted, you must manually run 'sudo dpkg --configure -a' to correct the problem."
                    set -o xtrace # set -x
                    return 1
                fi
-            done 9<<< "$(ls -1 $dpkg_dir)"
+            done 9<<<"$(ls -1 $dpkg_dir)"
            set -o xtrace # set -x
            return 0
        fi
@ -57,7 +53,7 @@ ynh_wait_dpkg_free() {
 ynh_package_is_installed() {
    # Declare an array to define the options of this helper.
    local legacy_args=p
-    local -A args_array=( [p]=package= )
+    local -A args_array=([p]=package=)
    local package
    # Manage arguments with getopts
    ynh_handle_getopts_args "$@"
@ -79,13 +75,12 @@ ynh_package_is_installed() {
 ynh_package_version() {
    # Declare an array to define the options of this helper.
    local legacy_args=p
-    local -A args_array=( [p]=package= )
+    local -A args_array=([p]=package=)
    local package
    # Manage arguments with getopts
    ynh_handle_getopts_args "$@"
-    if ynh_package_is_installed "$package"
+    if ynh_package_is_installed "$package"; then
    then
        dpkg-query --show --showformat='${Version}' "$package" 2>/dev/null
    else
        echo ''
@ -166,14 +161,14 @@ ynh_package_autopurge() {
 # | arg: controlfile - path of the equivs control file
 #
 # Requires YunoHost version 2.2.4 or higher.
-ynh_package_install_from_equivs () {
+ynh_package_install_from_equivs() {
    local controlfile=$1
    # retrieve package information
-    local pkgname=$(grep '^Package: ' $controlfile | cut --delimiter=' ' --fields=2)	# Retrieve the name of the debian package
+    local pkgname=$(grep '^Package: ' $controlfile | cut --delimiter=' ' --fields=2)    # Retrieve the name of the debian package
-    local pkgversion=$(grep '^Version: ' $controlfile | cut --delimiter=' ' --fields=2)	# And its version number
+    local pkgversion=$(grep '^Version: ' $controlfile | cut --delimiter=' ' --fields=2) # And its version number
    [[ -z "$pkgname" || -z "$pkgversion" ]] \
-        && ynh_die --message="Invalid control file"	# Check if this 2 variables aren't empty.
+        && ynh_die --message="Invalid control file" # Check if this 2 variables aren't empty.
    # Update packages cache
    ynh_package_update
@ -182,7 +177,7 @@ ynh_package_install_from_equivs () {
    local TMPDIR=$(mktemp --directory)
    # Force the compatibility level at 10, levels below are deprecated
-    echo 10 > /usr/share/equivs/template/debian/compat
+    echo 10 >/usr/share/equivs/template/debian/compat
    # Note that the cd executes into a sub shell
    # Create a fake deb package with equivs-build and the given control file
@ -190,21 +185,24 @@ ynh_package_install_from_equivs () {
    # Install missing dependencies with ynh_package_install
    ynh_wait_dpkg_free
    cp "$controlfile" "${TMPDIR}/control"
-    (cd "$TMPDIR"
+    (
-    LC_ALL=C equivs-build ./control 1> /dev/null
+        cd "$TMPDIR"
-    LC_ALL=C dpkg --force-depends --install "./${pkgname}_${pkgversion}_all.deb" 2>&1 | tee ./dpkg_log)
+        LC_ALL=C equivs-build ./control 1>/dev/null
        LC_ALL=C dpkg --force-depends --install "./${pkgname}_${pkgversion}_all.deb" 2>&1 | tee ./dpkg_log
    )
-    ynh_package_install --fix-broken || \
+    ynh_package_install --fix-broken \
-        { # If the installation failed
+        || { # If the installation failed
-        # (the following is ran inside { } to not start a subshell otherwise ynh_die wouldnt exit the original process)
+            # (the following is ran inside { } to not start a subshell otherwise ynh_die wouldnt exit the original process)
-        # Parse the list of problematic dependencies from dpkg's log ...
+            # Parse the list of problematic dependencies from dpkg's log ...
-        # (relevant lines look like: "foo-ynh-deps depends on bar; however:")
+            # (relevant lines look like: "foo-ynh-deps depends on bar; however:")
-        local problematic_dependencies="$(cat $TMPDIR/dpkg_log | grep -oP '(?<=-ynh-deps depends on ).*(?=; however)' | tr '\n' ' ')"
+            local problematic_dependencies="$(cat $TMPDIR/dpkg_log | grep -oP '(?<=-ynh-deps depends on ).*(?=; however)' | tr '\n' ' ')"
-        # Fake an install of those dependencies to see the errors
+            # Fake an install of those dependencies to see the errors
-        # The sed command here is, Print only from 'Reading state info' to the end.
+            # The sed command here is, Print only from 'Reading state info' to the end.
-        [[ -n "$problematic_dependencies" ]] && ynh_package_install $problematic_dependencies --dry-run 2>&1 | sed --quiet '/Reading state info/,$p' | grep -v "fix-broken\|Reading state info" >&2
+            [[ -n "$problematic_dependencies" ]] && ynh_package_install $problematic_dependencies --dry-run 2>&1 | sed --quiet '/Reading state info/,$p' | grep -v "fix-broken\|Reading state info" >&2
-        ynh_die --message="Unable to install dependencies"; }
+            ynh_die --message="Unable to install dependencies"
-    [[ -n "$TMPDIR" ]] && rm --recursive --force $TMPDIR	# Remove the temp dir.
+        }
    [[ -n "$TMPDIR" ]] && rm --recursive --force $TMPDIR # Remove the temp dir.
    # check if the package is actually installed
    ynh_package_is_installed "$pkgname"
@ -223,7 +221,7 @@ YNH_INSTALL_APP_DEPENDENCIES_REPLACE="true"
 # | arg: "dep1|dep2|…" - You can specify alternatives. It will require to install (dep1 or dep2, etc).
 #
 # Requires YunoHost version 2.6.4 or higher.
-ynh_install_app_dependencies () {
+ynh_install_app_dependencies() {
    local dependencies=$@
    # Add a comma for each space between packages. But not add a comma if the space separate a version specification. (See  below)
    dependencies="$(echo "$dependencies" | sed 's/\([^\<=\>]\)\ \([^(]\)/\1, \2/g')"
@ -234,11 +232,10 @@ ynh_install_app_dependencies () {
    if [ -z "${version}" ] || [ "$version" == "null" ]; then
        version="1.0"
    fi
-    local dep_app=${app//_/-}	# Replace all '_' by '-'
+    local dep_app=${app//_/-} # Replace all '_' by '-'
    # Handle specific versions
-    if [[ "$dependencies" =~ [\<=\>] ]]
+    if [[ "$dependencies" =~ [\<=\>] ]]; then
    then
        # Replace version specifications by relationships syntax
        # https://www.debian.org/doc/debian-policy/ch-relationships.html
        # Sed clarification
@ -294,21 +291,18 @@ ynh_install_app_dependencies () {
    # https://github.com/YunoHost/issues/issues/1407
    #
    # If we require to install php dependency
-    if grep --quiet 'php' <<< "$dependencies"
+    if grep --quiet 'php' <<< "$dependencies"; then
    then
        # And we have packages from sury installed (7.0.33-10+weirdshiftafter instead of 7.0.33-0 on debian)
-        if dpkg --list | grep "php7.0" | grep --quiet --invert-match "7.0.33-0+deb9"
+        if dpkg --list | grep "php7.0" | grep --quiet --invert-match "7.0.33-0+deb9"; then
        then
            # And sury ain't already in sources.lists
-            if ! grep --recursive --quiet "^ *deb.*sury" /etc/apt/sources.list*
+            if ! grep --recursive --quiet "^ *deb.*sury" /etc/apt/sources.list*; then
            then
                # Re-add sury
                ynh_add_sury
            fi
        fi
    fi
-    cat > /tmp/${dep_app}-ynh-deps.control << EOF	# Make a control file for equivs-build
+    cat >/tmp/${dep_app}-ynh-deps.control <<EOF # Make a control file for equivs-build
 Section: misc
 Priority: optional
 Package: ${dep_app}-ynh-deps
@ -319,7 +313,7 @@ Description: Fake package for ${app} (YunoHost app) dependencies
 This meta-package is only responsible of installing its dependencies.
 EOF
    ynh_package_install_from_equivs /tmp/${dep_app}-ynh-deps.control \
-        || ynh_die --message="Unable to install dependencies"	# Install the fake package and its dependencies
+        || ynh_die --message="Unable to install dependencies" # Install the fake package and its dependencies
    rm /tmp/${dep_app}-ynh-deps.control
    ynh_app_setting_set --app=$app --key=apt_dependencies --value="$dependencies"
@ -360,10 +354,10 @@ ynh_add_sury() {
 # | arg: -p, --package=     - Packages to add as dependencies for the app.
 #
 # Requires YunoHost version 3.8.1 or higher.
-ynh_add_app_dependencies () {
+ynh_add_app_dependencies() {
    # Declare an array to define the options of this helper.
    local legacy_args=pr
-    local -A args_array=( [p]=package= [r]=replace)
+    local -A args_array=([p]=package= [r]=replace)
    local package
    # Manage arguments with getopts
    ynh_handle_getopts_args "$@"
@ -379,12 +373,11 @@ ynh_add_app_dependencies () {
 # usage: ynh_remove_app_dependencies
 #
 # Requires YunoHost version 2.6.4 or higher.
-ynh_remove_app_dependencies () {
+ynh_remove_app_dependencies() {
    local dep_app=${app//_/-}	# Replace all '_' by '-'
    local current_dependencies=""
-    if ynh_package_is_installed --package="${dep_app}-ynh-deps"
+    if ynh_package_is_installed --package="${dep_app}-ynh-deps"; then
    then
        current_dependencies="$(dpkg-query --show --showformat='${Depends}' ${dep_app}-ynh-deps) "
        current_dependencies=${current_dependencies// | /|}
    fi
@ -397,8 +390,7 @@ ynh_remove_app_dependencies () {
    local specific_php_version=$(echo $current_dependencies | tr '-' ' ' | grep -o -E "\<php[0-9.]+\>" | sed 's/php//g' | sort | uniq)
    [[ "$specific_php_version" != "$YNH_DEFAULT_PHP_VERSION" ]] || specific_php_version=""
-    if [[ -n "$specific_php_version" ]] && ! ynh_package_is_installed --package="php${specific_php_version}-fpm";
+    if [[ -n "$specific_php_version" ]] && ! ynh_package_is_installed --package="php${specific_php_version}-fpm"; then
    then
        yunohost service remove php${specific_php_version}-fpm
    fi
 }
@ -412,10 +404,10 @@ ynh_remove_app_dependencies () {
 # | arg: -n, --name=    - Name for the files for this repo, $app as default value.
 #
 # Requires YunoHost version 3.8.1 or higher.
-ynh_install_extra_app_dependencies () {
+ynh_install_extra_app_dependencies() {
    # Declare an array to define the options of this helper.
    local legacy_args=rpkn
-    local -A args_array=( [r]=repo= [p]=package= [k]=key= [n]=name= )
+    local -A args_array=([r]=repo= [p]=package= [k]=key= [n]=name=)
    local repo
    local package
    local key
@ -426,8 +418,7 @@ ynh_install_extra_app_dependencies () {
    key=${key:-}
    # Set a key only if asked
-    if [ -n "$key" ]
+    if [ -n "$key" ]; then
    then
        key="--key=$key"
    fi
    # Add an extra repository for those packages
@ -452,10 +443,10 @@ ynh_install_extra_app_dependencies () {
 # | arg: -a, --append       - Do not overwrite existing files.
 #
 # Requires YunoHost version 3.8.1 or higher.
-ynh_install_extra_repo () {
+ynh_install_extra_repo() {
    # Declare an array to define the options of this helper.
    local legacy_args=rkpna
-    local -A args_array=( [r]=repo= [k]=key= [p]=priority= [n]=name= [a]=append )
+    local -A args_array=([r]=repo= [k]=key= [p]=priority= [n]=name= [a]=append)
    local repo
    local key
    local priority
@ -468,8 +459,7 @@ ynh_install_extra_repo () {
    key=${key:-}
    priority=${priority:-}
-    if [ $append -eq 1 ]
+    if [ $append -eq 1 ]; then
    then
        append="--append"
        wget_append="tee --append"
    else
@ -498,18 +488,16 @@ ynh_install_extra_repo () {
    local pin="${uri#*://}"
    pin="${pin%%/*}"
    # Set a priority only if asked
-    if [ -n "$priority" ]
+    if [ -n "$priority" ]; then
    then
        priority="--priority=$priority"
    fi
    ynh_pin_repo --package="*" --pin="origin \"$pin\"" $priority --name="$name" $append
    # Get the public key for the repo
-    if [ -n "$key" ]
+    if [ -n "$key" ]; then
    then
        mkdir --parents "/etc/apt/trusted.gpg.d"
        # Timeout option is here to enforce the timeout on dns query and tcp connect (c.f. man wget)
-        wget --timeout 900 --quiet "$key" --output-document=- | gpg --dearmor | $wget_append /etc/apt/trusted.gpg.d/$name.gpg > /dev/null
+        wget --timeout 900 --quiet "$key" --output-document=- | gpg --dearmor | $wget_append /etc/apt/trusted.gpg.d/$name.gpg >/dev/null
    fi
    # Update the list of package with the new repo
@ -524,10 +512,10 @@ ynh_install_extra_repo () {
 # | arg: -n, --name=    - Name for the files for this repo, $app as default value.
 #
 # Requires YunoHost version 3.8.1 or higher.
-ynh_remove_extra_repo () {
+ynh_remove_extra_repo() {
    # Declare an array to define the options of this helper.
    local legacy_args=n
-    local -A args_array=( [n]=name= )
+    local -A args_array=([n]=name=)
    local name
    # Manage arguments with getopts
    ynh_handle_getopts_args "$@"
@ -536,8 +524,8 @@ ynh_remove_extra_repo () {
    ynh_secure_remove --file="/etc/apt/sources.list.d/$name.list"
    # Sury pinning is managed by the regenconf in the core...
    [[ "$name" == "extra_php_version" ]] || ynh_secure_remove "/etc/apt/preferences.d/$name"
-    ynh_secure_remove --file="/etc/apt/trusted.gpg.d/$name.gpg" > /dev/null
+    ynh_secure_remove --file="/etc/apt/trusted.gpg.d/$name.gpg" >/dev/null
-    ynh_secure_remove --file="/etc/apt/trusted.gpg.d/$name.asc" > /dev/null
+    ynh_secure_remove --file="/etc/apt/trusted.gpg.d/$name.asc" >/dev/null
    # Update the list of package to exclude the old repo
    ynh_package_update
@ -559,10 +547,10 @@ ynh_remove_extra_repo () {
 # ynh_add_repo --uri=http://forge.yunohost.org/debian/ --suite=stretch --component=stable
 #
 # Requires YunoHost version 3.8.1 or higher.
-ynh_add_repo () {
+ynh_add_repo() {
    # Declare an array to define the options of this helper.
    local legacy_args=uscna
-    local -A args_array=( [u]=uri= [s]=suite= [c]=component= [n]=name= [a]=append )
+    local -A args_array=([u]=uri= [s]=suite= [c]=component= [n]=name= [a]=append)
    local uri
    local suite
    local component
@ -573,8 +561,7 @@ ynh_add_repo () {
    name="${name:-$app}"
    append=${append:-0}
-    if [ $append -eq 1 ]
+    if [ $append -eq 1 ]; then
    then
        append="tee --append"
    else
        append="tee"
@ -600,10 +587,10 @@ ynh_add_repo () {
 # See https://manpages.debian.org/stretch/apt/apt_preferences.5.en.html#How_APT_Interprets_Priorities for information about pinning.
 #
 # Requires YunoHost version 3.8.1 or higher.
-ynh_pin_repo () {
+ynh_pin_repo() {
    # Declare an array to define the options of this helper.
    local legacy_args=pirna
-    local -A args_array=( [p]=package= [i]=pin= [r]=priority= [n]=name= [a]=append )
+    local -A args_array=([p]=package= [i]=pin= [r]=priority= [n]=name= [a]=append)
    local package
    local pin
    local priority
@ -616,8 +603,7 @@ ynh_pin_repo () {
    name="${name:-$app}"
    append=${append:-0}
-    if [ $append -eq 1 ]
+    if [ $append -eq 1 ]; then
    then
        append="tee --append"
    else
        append="tee"
@ -631,5 +617,5 @@ ynh_pin_repo () {
 Pin: $pin
 Pin-Priority: $priority
 " \
-    | $append "/etc/apt/preferences.d/$name"
+        | $append "/etc/apt/preferences.d/$name"
 }
--- a/data/helpers.d/backup
+++ b/data/helpers.d/backup
@ -67,7 +67,7 @@ ynh_backup() {
    # Declare an array to define the options of this helper.
    local legacy_args=sdbm
-    local -A args_array=( [s]=src_path= [d]=dest_path= [b]=is_big [m]=not_mandatory )
+    local -A args_array=([s]=src_path= [d]=dest_path= [b]=is_big [m]=not_mandatory)
    local src_path
    local dest_path
    local is_big
@ -83,10 +83,8 @@ ynh_backup() {
    # If backing up core only (used by ynh_backup_before_upgrade),
    # don't backup big data items
-    if [ $is_big -eq 1 ] && ( [ ${do_not_backup_data:-0} -eq 1 ] || [ $BACKUP_CORE_ONLY -eq 1 ] )
+    if [ $is_big -eq 1 ] && ([ ${do_not_backup_data:-0} -eq 1 ] || [ $BACKUP_CORE_ONLY -eq 1 ]); then
-    then
+        if [ $BACKUP_CORE_ONLY -eq 1 ]; then
        if [ $BACKUP_CORE_ONLY -eq 1 ]
        then
            ynh_print_info --message="$src_path will not be saved, because 'BACKUP_CORE_ONLY' is set."
        else
            ynh_print_info --message="$src_path will not be saved, because 'do_not_backup_data' is set."
@ -98,14 +96,11 @@ ynh_backup() {
    # Format correctly source and destination paths
    # ==============================================================================
    # Be sure the source path is not empty
-    if [ ! -e "$src_path" ]
+    if [ ! -e "$src_path" ]; then
    then
        ynh_print_warn --message="Source path '${src_path}' does not exist"
-        if [ "$not_mandatory" == "0" ]
+        if [ "$not_mandatory" == "0" ]; then
        then
            # This is a temporary fix for fail2ban config files missing after the migration to stretch.
-            if echo "${src_path}" | grep --quiet "/etc/fail2ban"
+            if echo "${src_path}" | grep --quiet "/etc/fail2ban"; then
            then
                touch "${src_path}"
                ynh_print_info --message="The missing file will be replaced by a dummy one for the backup !!!"
            else
@ -123,13 +118,11 @@ ynh_backup() {
    # If there is no destination path, initialize it with the source path
    # relative to "/".
    # eg: src_path=/etc/yunohost -> dest_path=etc/yunohost
-    if [[ -z "$dest_path" ]]
+    if [[ -z "$dest_path" ]]; then
    then
        dest_path="${src_path#/}"
    else
-        if [[ "${dest_path:0:1}" == "/" ]]
+        if [[ "${dest_path:0:1}" == "/" ]]; then
        then
            # If the destination path is an absolute path, transform it as a path
            # relative to the current working directory ($YNH_CWD)
@ -153,8 +146,7 @@ ynh_backup() {
    fi
    # Check if dest_path already exists in tmp archive
-    if [[ -e "${dest_path}" ]]
+    if [[ -e "${dest_path}" ]]; then
    then
        ynh_print_err --message="Destination path '${dest_path}' already exist"
        return 1
    fi
@ -171,7 +163,7 @@ ynh_backup() {
    # ==============================================================================
    local src=$(echo "${src_path}" | sed --regexp-extended 's/"/\"\"/g')
    local dest=$(echo "${dest_path}" | sed --regexp-extended 's/"/\"\"/g')
-    echo "\"${src}\",\"${dest}\"" >> "${YNH_BACKUP_CSV}"
+    echo "\"${src}\",\"${dest}\"" >>"${YNH_BACKUP_CSV}"
    # ==============================================================================
@ -185,19 +177,18 @@ ynh_backup() {
 # usage: ynh_restore
 #
 # Requires YunoHost version 2.6.4 or higher.
-ynh_restore () {
+ynh_restore() {
    # Deduce the relative path of $YNH_CWD
    local REL_DIR="${YNH_CWD#$YNH_BACKUP_DIR/}"
    REL_DIR="${REL_DIR%/}/"
    # For each destination path begining by $REL_DIR
-    cat ${YNH_BACKUP_CSV} | tr --delete $'\r' | grep --only-matching --no-filename --perl-regexp "^\".*\",\"$REL_DIR.*\"$" | \
+    cat ${YNH_BACKUP_CSV} | tr --delete $'\r' | grep --only-matching --no-filename --perl-regexp "^\".*\",\"$REL_DIR.*\"$" \
-    while read line
+        | while read line; do
-    do
+            local ORIGIN_PATH=$(echo "$line" | grep --only-matching --no-filename --perl-regexp "^\"\K.*(?=\",\".*\"$)")
-        local ORIGIN_PATH=$(echo "$line" | grep --only-matching --no-filename --perl-regexp "^\"\K.*(?=\",\".*\"$)")
+            local ARCHIVE_PATH=$(echo "$line" | grep --only-matching --no-filename --perl-regexp "^\".*\",\"$REL_DIR\K.*(?=\"$)")
-        local ARCHIVE_PATH=$(echo "$line" | grep --only-matching --no-filename --perl-regexp "^\".*\",\"$REL_DIR\K.*(?=\"$)")
+            ynh_restore_file --origin_path="$ARCHIVE_PATH" --dest_path="$ORIGIN_PATH"
-        ynh_restore_file --origin_path="$ARCHIVE_PATH" --dest_path="$ORIGIN_PATH"
+        done
    done
 }
 # Return the path in the archive where has been stocked the origin path
@ -205,7 +196,7 @@ ynh_restore () {
 # [internal]
 #
 # usage: _get_archive_path ORIGIN_PATH
-_get_archive_path () {
+_get_archive_path() {
    # For security reasons we use csv python library to read the CSV
    python3 -c "
 import sys
@ -217,7 +208,7 @@ with open(sys.argv[1], 'r') as backup_file:
            print(row['dest'])
            sys.exit(0)
    raise Exception('Original path for %s not found' % sys.argv[2])
-    "  "${YNH_BACKUP_CSV}" "$1"
+    " "${YNH_BACKUP_CSV}" "$1"
    return $?
 }
@ -245,10 +236,10 @@ with open(sys.argv[1], 'r') as backup_file:
 #
 # Requires YunoHost version 2.6.4 or higher.
 # Requires YunoHost version 3.5.0 or higher for the argument --not_mandatory
-ynh_restore_file () {
+ynh_restore_file() {
    # Declare an array to define the options of this helper.
    local legacy_args=odm
-    local -A args_array=( [o]=origin_path= [d]=dest_path= [m]=not_mandatory )
+    local -A args_array=([o]=origin_path= [d]=dest_path= [m]=not_mandatory)
    local origin_path
    local dest_path
    local not_mandatory
@ -261,10 +252,8 @@ ynh_restore_file () {
    local archive_path="$YNH_CWD${origin_path}"
    # If archive_path doesn't exist, search for a corresponding path in CSV
-    if [ ! -d "$archive_path" ] && [ ! -f "$archive_path" ] && [ ! -L "$archive_path" ]
+    if [ ! -d "$archive_path" ] && [ ! -f "$archive_path" ] && [ ! -L "$archive_path" ]; then
-    then
+        if [ "$not_mandatory" == "0" ]; then
        if [ "$not_mandatory" == "0" ]
        then
            archive_path="$YNH_BACKUP_DIR/$(_get_archive_path \"$origin_path\")"
        else
            return 0
@ -272,14 +261,12 @@ ynh_restore_file () {
    fi
    # Move the old directory if it already exists
-    if [[ -e "${dest_path}" ]]
+    if [[ -e "${dest_path}" ]]; then
    then
        # Check if the file/dir size is less than 500 Mo
-        if [[ $(du --summarize --bytes ${dest_path} | cut --delimiter="/" --fields=1) -le "500000000" ]]
+        if [[ $(du --summarize --bytes ${dest_path} | cut --delimiter="/" --fields=1) -le "500000000" ]]; then
        then
            local backup_file="/home/yunohost.conf/backup/${dest_path}.backup.$(date '+%Y%m%d.%H%M%S')"
            mkdir --parents "$(dirname "$backup_file")"
-            mv "${dest_path}" "$backup_file"    # Move the current file or directory
+            mv "${dest_path}" "$backup_file" # Move the current file or directory
        else
            ynh_secure_remove --file=${dest_path}
        fi
@ -289,10 +276,8 @@ ynh_restore_file () {
    mkdir --parents $(dirname "$dest_path")
    # Do a copy if it's just a mounting point
-    if mountpoint --quiet $YNH_BACKUP_DIR
+    if mountpoint --quiet $YNH_BACKUP_DIR; then
-    then
+        if [[ -d "${archive_path}" ]]; then
        if [[ -d "${archive_path}" ]]
        then
            archive_path="${archive_path}/."
            mkdir --parents "$dest_path"
        fi
@ -323,10 +308,10 @@ ynh_bind_or_cp() {
 # $app should be defined when calling this helper
 #
 # Requires YunoHost version 2.6.4 or higher.
-ynh_store_file_checksum () {
+ynh_store_file_checksum() {
    # Declare an array to define the options of this helper.
    local legacy_args=f
-    local -A args_array=( [f]=file= [u]=update_only )
+    local -A args_array=([f]=file= [u]=update_only)
    local file
    local update_only
    update_only="${update_only:-0}"
@ -334,12 +319,12 @@ ynh_store_file_checksum () {
    # Manage arguments with getopts
    ynh_handle_getopts_args "$@"
-    local checksum_setting_name=checksum_${file//[\/ ]/_}    # Replace all '/' and ' ' by '_'
+    local checksum_setting_name=checksum_${file//[\/ ]/_} # Replace all '/' and ' ' by '_'
    # If update only, we don't save the new checksum if no old checksum exist
-    if [ $update_only -eq 1 ] ; then
+    if [ $update_only -eq 1 ]; then
        local checksum_value=$(ynh_app_setting_get --app=$app --key=$checksum_setting_name)
-        if [ -z "${checksum_value}" ] ; then
+        if [ -z "${checksum_value}" ]; then
            unset backup_file_checksum
            return 0
        fi
@ -348,8 +333,7 @@ ynh_store_file_checksum () {
    ynh_app_setting_set --app=$app --key=$checksum_setting_name --value=$(md5sum "$file" | cut --delimiter=' ' --fields=1)
    # If backup_file_checksum isn't empty, ynh_backup_if_checksum_is_different has made a backup
-    if [ -n "${backup_file_checksum-}" ]
+    if [ -n "${backup_file_checksum-}" ]; then
    then
        # Print the diff between the previous file and the new one.
        # diff return 1 if the files are different, so the || true
        diff --report-identical-files --unified --color=always $backup_file_checksum $file >&2 || true
@ -368,27 +352,25 @@ ynh_store_file_checksum () {
 # modified config files.
 #
 # Requires YunoHost version 2.6.4 or higher.
-ynh_backup_if_checksum_is_different () {
+ynh_backup_if_checksum_is_different() {
    # Declare an array to define the options of this helper.
    local legacy_args=f
-    local -A args_array=( [f]=file= )
+    local -A args_array=([f]=file=)
    local file
    # Manage arguments with getopts
    ynh_handle_getopts_args "$@"
-    local checksum_setting_name=checksum_${file//[\/ ]/_}    # Replace all '/' and ' ' by '_'
+    local checksum_setting_name=checksum_${file//[\/ ]/_} # Replace all '/' and ' ' by '_'
    local checksum_value=$(ynh_app_setting_get --app=$app --key=$checksum_setting_name)
    # backup_file_checksum isn't declare as local, so it can be reuse by ynh_store_file_checksum
    backup_file_checksum=""
-    if [ -n "$checksum_value" ]
+    if [ -n "$checksum_value" ]; then                                                     # Proceed only if a value was stored into the app settings
-    then    # Proceed only if a value was stored into the app settings
+        if [ -e $file ] && ! echo "$checksum_value $file" | md5sum --check --status; then # If the checksum is now different
        if [ -e $file ] && ! echo "$checksum_value $file" | md5sum --check --status
        then    # If the checksum is now different
            backup_file_checksum="/home/yunohost.conf/backup/$file.backup.$(date '+%Y%m%d.%H%M%S')"
            mkdir --parents "$(dirname "$backup_file_checksum")"
-            cp --archive "$file" "$backup_file_checksum"    # Backup the current file
+            cp --archive "$file" "$backup_file_checksum" # Backup the current file
            ynh_print_warn "File $file has been manually modified since the installation or last upgrade. So it has been duplicated in $backup_file_checksum"
-            echo "$backup_file_checksum"    # Return the name of the backup file
+            echo "$backup_file_checksum" # Return the name of the backup file
        fi
    fi
 }
@ -401,15 +383,15 @@ ynh_backup_if_checksum_is_different () {
 # $app should be defined when calling this helper
 #
 # Requires YunoHost version 3.3.1 or higher.
-ynh_delete_file_checksum () {
+ynh_delete_file_checksum() {
    # Declare an array to define the options of this helper.
    local legacy_args=f
-    local -A args_array=( [f]=file= )
+    local -A args_array=([f]=file=)
    local file
    # Manage arguments with getopts
    ynh_handle_getopts_args "$@"
-    local checksum_setting_name=checksum_${file//[\/ ]/_}    # Replace all '/' and ' ' by '_'
+    local checksum_setting_name=checksum_${file//[\/ ]/_} # Replace all '/' and ' ' by '_'
    ynh_app_setting_delete --app=$app --key=$checksum_setting_name
 }
@ -417,7 +399,7 @@ ynh_delete_file_checksum () {
 #
 # [internal]
 #
-ynh_backup_archive_exists () {
+ynh_backup_archive_exists() {
    yunohost backup list --output-as json --quiet \
        | jq -e --arg archive "$1" '.archives | index($archive)' >/dev/null
 }
@ -436,22 +418,19 @@ ynh_backup_archive_exists () {
 # ```
 #
 # Requires YunoHost version 2.7.2 or higher.
-ynh_backup_before_upgrade () {
+ynh_backup_before_upgrade() {
-    if [ ! -e "/etc/yunohost/apps/$app/scripts/backup" ]
+    if [ ! -e "/etc/yunohost/apps/$app/scripts/backup" ]; then
    then
        ynh_print_warn --message="This app doesn't have any backup script."
        return
    fi
    backup_number=1
    local old_backup_number=2
-    local app_bck=${app//_/-}    # Replace all '_' by '-'
+    local app_bck=${app//_/-} # Replace all '_' by '-'
    NO_BACKUP_UPGRADE=${NO_BACKUP_UPGRADE:-0}
-    if [ "$NO_BACKUP_UPGRADE" -eq 0 ]
+    if [ "$NO_BACKUP_UPGRADE" -eq 0 ]; then
    then
        # Check if a backup already exists with the prefix 1
-        if ynh_backup_archive_exists "$app_bck-pre-upgrade1"
+        if ynh_backup_archive_exists "$app_bck-pre-upgrade1"; then
        then
            # Prefix becomes 2 to preserve the previous backup
            backup_number=2
            old_backup_number=1
@ -459,13 +438,11 @@ ynh_backup_before_upgrade () {
        # Create backup
        BACKUP_CORE_ONLY=1 yunohost backup create --apps $app --name $app_bck-pre-upgrade$backup_number --debug
-        if [ "$?" -eq 0 ]
+        if [ "$?" -eq 0 ]; then
        then
            # If the backup succeeded, remove the previous backup
-            if ynh_backup_archive_exists "$app_bck-pre-upgrade$old_backup_number"
+            if ynh_backup_archive_exists "$app_bck-pre-upgrade$old_backup_number"; then
            then
                # Remove the previous backup only if it exists
-                yunohost backup delete $app_bck-pre-upgrade$old_backup_number > /dev/null
+                yunohost backup delete $app_bck-pre-upgrade$old_backup_number >/dev/null
            fi
        else
            ynh_die --message="Backup failed, the upgrade process was aborted."
@ -489,17 +466,15 @@ ynh_backup_before_upgrade () {
 # ```
 #
 # Requires YunoHost version 2.7.2 or higher.
-ynh_restore_upgradebackup () {
+ynh_restore_upgradebackup() {
    ynh_print_err --message="Upgrade failed."
-    local app_bck=${app//_/-}    # Replace all '_' by '-'
+    local app_bck=${app//_/-} # Replace all '_' by '-'
    NO_BACKUP_UPGRADE=${NO_BACKUP_UPGRADE:-0}
-    if [ "$NO_BACKUP_UPGRADE" -eq 0 ]
+    if [ "$NO_BACKUP_UPGRADE" -eq 0 ]; then
    then
        # Check if an existing backup can be found before removing and restoring the application.
-        if ynh_backup_archive_exists "$app_bck-pre-upgrade$backup_number"
+        if ynh_backup_archive_exists "$app_bck-pre-upgrade$backup_number"; then
        then
            # Remove the application then restore it
            yunohost app remove $app
            # Restore the backup
--- a/data/helpers.d/config
+++ b/data/helpers.d/config
@ -1,60 +1,49 @@
 #!/bin/bash
 _ynh_app_config_get_one() {
    local short_setting="$1"
    local type="$2"
    local bind="$3"
    local getter="get__${short_setting}"
    # Get value from getter if exists
-    if type -t $getter 2>/dev/null | grep -q '^function$' 2>/dev/null;
+    if type -t $getter 2>/dev/null | grep -q '^function$' 2>/dev/null; then
    then
        old[$short_setting]="$($getter)"
        formats[${short_setting}]="yaml"
-    elif [[ "$bind" == *"("* ]] && type -t "get__${bind%%(*}" 2>/dev/null | grep -q '^function$' 2>/dev/null;
+    elif [[ "$bind" == *"("* ]] && type -t "get__${bind%%(*}" 2>/dev/null | grep -q '^function$' 2>/dev/null; then
    then
        old[$short_setting]="$("get__${bind%%(*}" $short_setting $type $bind)"
        formats[${short_setting}]="yaml"
-    elif [[ "$bind" == "null" ]]
+    elif [[ "$bind" == "null" ]]; then
    then
        old[$short_setting]="YNH_NULL"
    # Get value from app settings or from another file
-    elif [[ "$type" == "file" ]]
+    elif [[ "$type" == "file" ]]; then
-    then
+        if [[ "$bind" == "settings" ]]; then
        if [[ "$bind" == "settings" ]]
        then
            ynh_die --message="File '${short_setting}' can't be stored in settings"
        fi
-        old[$short_setting]="$(ls "$(echo $bind | sed s@__FINALPATH__@$final_path@ | sed s/__APP__/$app/)" 2> /dev/null || echo YNH_NULL)"
+        old[$short_setting]="$(ls "$(echo $bind | sed s@__FINALPATH__@$final_path@ | sed s/__APP__/$app/)" 2>/dev/null || echo YNH_NULL)"
        file_hash[$short_setting]="true"
    # Get multiline text from settings or from a full file
-    elif [[ "$type" == "text" ]]
+    elif [[ "$type" == "text" ]]; then
-    then
+        if [[ "$bind" == "settings" ]]; then
        if [[ "$bind" == "settings" ]]
        then
            old[$short_setting]="$(ynh_app_setting_get $app $short_setting)"
-        elif [[ "$bind" == *":"* ]]
+        elif [[ "$bind" == *":"* ]]; then
        then
            ynh_die --message="For technical reasons, multiline text '${short_setting}' can't be stored automatically  in a variable file, you have to create custom getter/setter"
        else
-            old[$short_setting]="$(cat $(echo $bind | sed s@__FINALPATH__@$final_path@ | sed s/__APP__/$app/) 2> /dev/null || echo YNH_NULL)"
+            old[$short_setting]="$(cat $(echo $bind | sed s@__FINALPATH__@$final_path@ | sed s/__APP__/$app/) 2>/dev/null || echo YNH_NULL)"
        fi
    # Get value from a kind of key/value file
    else
        local bind_after=""
-        if [[ "$bind" == "settings" ]]
+        if [[ "$bind" == "settings" ]]; then
        then
            bind=":/etc/yunohost/apps/$app/settings.yml"
        fi
        local bind_key_="$(echo "$bind" | cut -d: -f1)"
        bind_key_=${bind_key_:-$short_setting}
-        if [[ "$bind_key_" == *">"* ]];
+        if [[ "$bind_key_" == *">"* ]]; then
        then
            bind_after="$(echo "${bind_key_}" | cut -d'>' -f1)"
            bind_key_="$(echo "${bind_key_}" | cut -d'>' -f2)"
        fi
@ -68,39 +57,31 @@ _ynh_app_config_apply_one() {
    local setter="set__${short_setting}"
    local bind="${binds[$short_setting]}"
    local type="${types[$short_setting]}"
-    if [ "${changed[$short_setting]}" == "true" ]
+    if [ "${changed[$short_setting]}" == "true" ]; then
    then
        # Apply setter if exists
-        if type -t $setter 2>/dev/null | grep -q '^function$' 2>/dev/null;
+        if type -t $setter 2>/dev/null | grep -q '^function$' 2>/dev/null; then
        then
            $setter
-        elif [[ "$bind" == *"("* ]] && type -t "set__${bind%%(*}" 2>/dev/null | grep -q '^function$' 2>/dev/null;
+        elif [[ "$bind" == *"("* ]] && type -t "set__${bind%%(*}" 2>/dev/null | grep -q '^function$' 2>/dev/null; then
        then
            "set__${bind%%(*}" $short_setting $type $bind
-        elif [[ "$bind" == "null" ]]
+        elif [[ "$bind" == "null" ]]; then
-        then
+            return
            continue
        # Save in a file
-        elif [[ "$type" == "file" ]]
+        elif [[ "$type" == "file" ]]; then
-        then
+            if [[ "$bind" == "settings" ]]; then
            if [[ "$bind" == "settings" ]]
            then
                ynh_die --message="File '${short_setting}' can't be stored in settings"
            fi
            local bind_file="$(echo "$bind" | sed s@__FINALPATH__@$final_path@ | sed s/__APP__/$app/)"
-            if [[ "${!short_setting}" == "" ]]
+            if [[ "${!short_setting}" == "" ]]; then
            then
                ynh_backup_if_checksum_is_different --file="$bind_file"
                ynh_secure_remove --file="$bind_file"
                ynh_delete_file_checksum --file="$bind_file" --update_only
                ynh_print_info --message="File '$bind_file' removed"
            else
                ynh_backup_if_checksum_is_different --file="$bind_file"
-                if [[ "${!short_setting}" != "$bind_file" ]]
+                if [[ "${!short_setting}" != "$bind_file" ]]; then
                then
                    cp "${!short_setting}" "$bind_file"
                fi
                ynh_store_file_checksum --file="$bind_file" --update_only
@ -108,21 +89,18 @@ _ynh_app_config_apply_one() {
            fi
        # Save value in app settings
-        elif [[ "$bind" == "settings" ]]
+        elif [[ "$bind" == "settings" ]]; then
        then
            ynh_app_setting_set --app=$app --key=$short_setting --value="${!short_setting}"
            ynh_print_info --message="Configuration key '$short_setting' edited in app settings"
        # Save multiline text in a file
-        elif [[ "$type" == "text" ]]
+        elif [[ "$type" == "text" ]]; then
-        then
+            if [[ "$bind" == *":"* ]]; then
            if [[ "$bind" == *":"* ]]
            then
                ynh_die --message="For technical reasons, multiline text '${short_setting}' can't be stored automatically  in a variable file, you have to create custom getter/setter"
            fi
            local bind_file="$(echo "$bind" | sed s@__FINALPATH__@$final_path@ | sed s/__APP__/$app/)"
            ynh_backup_if_checksum_is_different --file="$bind_file"
-            echo "${!short_setting}" > "$bind_file"
+            echo "${!short_setting}" >"$bind_file"
            ynh_store_file_checksum --file="$bind_file" --update_only
            ynh_print_info --message="File '$bind_file' overwritten with the content provided in question '${short_setting}'"
@ -131,8 +109,7 @@ _ynh_app_config_apply_one() {
            local bind_after=""
            local bind_key_="$(echo "$bind" | cut -d: -f1)"
            bind_key_=${bind_key_:-$short_setting}
-            if [[ "$bind_key_" == *">"* ]];
+            if [[ "$bind_key_" == *">"* ]]; then
            then
                bind_after="$(echo "${bind_key_}" | cut -d'>' -f1)"
                bind_key_="$(echo "${bind_key_}" | cut -d'>' -f2)"
            fi
@ -152,7 +129,8 @@ _ynh_app_config_apply_one() {
 _ynh_app_config_get() {
    # From settings
    local lines
-    lines=$(python3 << EOL
+    lines=$(
        python3 <<EOL
 import toml
 from collections import OrderedDict
 with open("../config_panel.toml", "r") as f:
@ -172,11 +150,10 @@ for panel_name, panel in loaded_toml.items():
                param.get('bind', 'settings' if param.get('type', 'string') != 'file' else 'null')
                ]))
 EOL
-)
+    )
-    for line in $lines
+    for line in $lines; do
    do
        # Split line into short_setting, type and bind
-        IFS=';' read short_setting type bind <<< "$line"
+        IFS=';' read short_setting type bind <<<"$line"
        binds[${short_setting}]="$bind"
        types[${short_setting}]="$type"
        file_hash[${short_setting}]=""
@ -184,23 +161,18 @@ EOL
        ynh_app_config_get_one $short_setting $type $bind
    done
 }
 _ynh_app_config_apply() {
-    for short_setting in "${!old[@]}"
+    for short_setting in "${!old[@]}"; do
    do
        ynh_app_config_apply_one $short_setting
    done
 }
 _ynh_app_config_show() {
-    for short_setting in "${!old[@]}"
+    for short_setting in "${!old[@]}"; do
-    do
+        if [[ "${old[$short_setting]}" != YNH_NULL ]]; then
-        if [[ "${old[$short_setting]}" != YNH_NULL ]]
+            if [[ "${formats[$short_setting]}" == "yaml" ]]; then
        then
            if [[ "${formats[$short_setting]}" == "yaml" ]]
            then
                ynh_return "${short_setting}:"
                ynh_return "$(echo "${old[$short_setting]}" | sed 's/^/  /g')"
            else
@ -216,48 +188,39 @@ _ynh_app_config_validate() {
    ynh_script_progression --message="Checking what changed in the new configuration..." --weight=1
    local nothing_changed=true
    local changes_validated=true
-    for short_setting in "${!old[@]}"
+    for short_setting in "${!old[@]}"; do
    do
        changed[$short_setting]=false
-        if [ -z ${!short_setting+x} ]
+        if [ -z ${!short_setting+x} ]; then
        then
            # Assign the var with the old value in order to allows multiple
            # args validation
            declare "$short_setting"="${old[$short_setting]}"
            continue
        fi
-        if [ ! -z "${file_hash[${short_setting}]}" ]
+        if [ ! -z "${file_hash[${short_setting}]}" ]; then
        then
            file_hash[old__$short_setting]=""
            file_hash[new__$short_setting]=""
-            if [ -f "${old[$short_setting]}" ]
+            if [ -f "${old[$short_setting]}" ]; then
            then
                file_hash[old__$short_setting]=$(sha256sum "${old[$short_setting]}" | cut -d' ' -f1)
-                if [ -z "${!short_setting}" ]
+                if [ -z "${!short_setting}" ]; then
                then
                    changed[$short_setting]=true
                    nothing_changed=false
                fi
            fi
-            if [ -f "${!short_setting}" ]
+            if [ -f "${!short_setting}" ]; then
            then
                file_hash[new__$short_setting]=$(sha256sum "${!short_setting}" | cut -d' ' -f1)
-                if [[ "${file_hash[old__$short_setting]}" != "${file_hash[new__$short_setting]}" ]]
+                if [[ "${file_hash[old__$short_setting]}" != "${file_hash[new__$short_setting]}" ]]; then
                then
                    changed[$short_setting]=true
                    nothing_changed=false
                fi
            fi
        else
-            if [[ "${!short_setting}" != "${old[$short_setting]}" ]]
+            if [[ "${!short_setting}" != "${old[$short_setting]}" ]]; then
            then
                changed[$short_setting]=true
                nothing_changed=false
            fi
        fi
    done
-    if [[ "$nothing_changed" == "true" ]]
+    if [[ "$nothing_changed" == "true" ]]; then
    then
        ynh_print_info --message="Nothing has changed"
        exit 0
    fi
@ -265,19 +228,15 @@ _ynh_app_config_validate() {
    # Run validation if something is changed
    ynh_script_progression --message="Validating the new configuration..." --weight=1
-    for short_setting in "${!old[@]}"
+    for short_setting in "${!old[@]}"; do
    do
        [[ "${changed[$short_setting]}" == "false" ]] && continue
        local result=""
-        if type -t validate__$short_setting | grep -q '^function$' 2>/dev/null;
+        if type -t validate__$short_setting | grep -q '^function$' 2>/dev/null; then
        then
            result="$(validate__$short_setting)"
-        elif [[ "$bind" == *"("* ]] && type -t "validate__${bind%%(*}" 2>/dev/null | grep -q '^function$' 2>/dev/null;
+        elif [[ "$bind" == *"("* ]] && type -t "validate__${bind%%(*}" 2>/dev/null | grep -q '^function$' 2>/dev/null; then
        then
            "validate__${bind%%(*}" $short_setting
        fi
-        if [ -n "$result" ]
+        if [ -n "$result" ]; then
        then
            #
            # Return a yaml such as:
            #
@ -287,8 +246,7 @@ _ynh_app_config_validate() {
            #
            # We use changes_validated to know if this is
            # the first validation error
-            if [[ "$changes_validated" == true ]]
+            if [[ "$changes_validated" == true ]]; then
            then
                ynh_return "validation_errors:"
            fi
            ynh_return "  ${short_setting}: \"$result\""
@ -298,8 +256,7 @@ _ynh_app_config_validate() {
    # If validation failed, exit the script right now (instead of going into apply)
    # Yunohost core will pick up the errors returned via ynh_return previously
-    if [[ "$changes_validated" == "false" ]]
+    if [[ "$changes_validated" == "false" ]]; then
    then
        exit 0
    fi
@ -337,21 +294,20 @@ ynh_app_config_run() {
    declare -Ag formats=()
    case $1 in
-        show)
+    show)
-            ynh_app_config_get
+        ynh_app_config_get
-            ynh_app_config_show
+        ynh_app_config_show
-            ;;
+        ;;
-        apply)
+    apply)
-            max_progression=4
+        max_progression=4
-            ynh_script_progression --message="Reading config panel description and current configuration..."
+        ynh_script_progression --message="Reading config panel description and current configuration..."
-            ynh_app_config_get
+        ynh_app_config_get
-            ynh_app_config_validate
+        ynh_app_config_validate
-            ynh_script_progression --message="Applying the new configuration..."
+        ynh_script_progression --message="Applying the new configuration..."
-            ynh_app_config_apply
+        ynh_app_config_apply
-            ynh_script_progression --message="Configuration of $app completed" --last
+        ynh_script_progression --message="Configuration of $app completed" --last
-            ;;
+        ;;
    esac
 }
--- a/data/helpers.d/fail2ban
+++ b/data/helpers.d/fail2ban
@ -62,10 +62,10 @@
 # ```
 #
 # Requires YunoHost version 4.1.0 or higher.
-ynh_add_fail2ban_config () {
+ynh_add_fail2ban_config() {
    # Declare an array to define the options of this helper.
    local legacy_args=lrmptv
-    local -A args_array=( [l]=logpath= [r]=failregex= [m]=max_retry= [p]=ports= [t]=use_template  [v]=others_var=)
+    local -A args_array=([l]=logpath= [r]=failregex= [m]=max_retry= [p]=ports= [t]=use_template [v]=others_var=)
    local logpath
    local failregex
    local max_retry
@ -81,8 +81,7 @@ ynh_add_fail2ban_config () {
    [[ -z "$others_var" ]] || ynh_print_warn --message="Packagers: using --others_var is unecessary since YunoHost 4.2"
-    if [ $use_template -ne 1 ]
+    if [ $use_template -ne 1 ]; then
    then
        # Usage 1, no template. Build a config file from scratch.
        test -n "$logpath" || ynh_die --message="ynh_add_fail2ban_config expects a logfile path as first argument and received nothing."
        test -n "$failregex" || ynh_die --message="ynh_add_fail2ban_config expects a failure regex as second argument and received nothing."
@ -94,15 +93,15 @@ port = __PORTS__
 filter = __APP__
 logpath = __LOGPATH__
 maxretry = __MAX_RETRY__
-" > $YNH_APP_BASEDIR/conf/f2b_jail.conf
+" >$YNH_APP_BASEDIR/conf/f2b_jail.conf
-       echo "
+        echo "
 [INCLUDES]
 before = common.conf
 [Definition]
 failregex = __FAILREGEX__
 ignoreregex =
-" > $YNH_APP_BASEDIR/conf/f2b_filter.conf
+" >$YNH_APP_BASEDIR/conf/f2b_filter.conf
    fi
    ynh_add_config --template="$YNH_APP_BASEDIR/conf/f2b_jail.conf" --destination="/etc/fail2ban/jail.d/$app.conf"
@ -111,8 +110,7 @@ ignoreregex =
    ynh_systemd_action --service_name=fail2ban --action=reload --line_match="(Started|Reloaded) Fail2Ban Service" --log_path=systemd
    local fail2ban_error="$(journalctl --no-hostname --unit=fail2ban | tail --lines=50 | grep "WARNING.*$app.*")"
-    if [[ -n "$fail2ban_error" ]]
+    if [[ -n "$fail2ban_error" ]]; then
    then
        ynh_print_err --message="Fail2ban failed to load the jail for $app"
        ynh_print_warn --message="${fail2ban_error#*WARNING}"
    fi
@ -123,7 +121,7 @@ ignoreregex =
 # usage: ynh_remove_fail2ban_config
 #
 # Requires YunoHost version 3.5.0 or higher.
-ynh_remove_fail2ban_config () {
+ynh_remove_fail2ban_config() {
    ynh_secure_remove --file="/etc/fail2ban/jail.d/$app.conf"
    ynh_secure_remove --file="/etc/fail2ban/filter.d/$app.conf"
    ynh_systemd_action --service_name=fail2ban --action=reload
--- a/data/helpers.d/getopts
+++ b/data/helpers.d/getopts
@ -45,11 +45,10 @@
 # e.g. for `my_helper "val1" val2`, arg1 will be filled with val1, and arg2 with val2.
 #
 # Requires YunoHost version 3.2.2 or higher.
-ynh_handle_getopts_args () {
+ynh_handle_getopts_args() {
    # Manage arguments only if there's some provided
    set +o xtrace # set +x
-    if [ $# -ne 0 ]
+    if [ $# -ne 0 ]; then
    then
        # Store arguments in an array to keep each argument separated
        local arguments=("$@")
@ -58,14 +57,12 @@ ynh_handle_getopts_args () {
        # ${!args_array[@]} is the list of all option_flags in the array (An option_flag is 'u' in [u]=user, user is a value)
        local getopts_parameters=""
        local option_flag=""
-        for option_flag in "${!args_array[@]}"
+        for option_flag in "${!args_array[@]}"; do
        do
            # Concatenate each option_flags of the array to build the string of arguments for getopts
            # Will looks like 'abcd' for -a -b -c -d
            # If the value of an option_flag finish by =, it's an option with additionnal values. (e.g. --user bob or -u bob)
            # Check the last character of the value associate to the option_flag
-            if [ "${args_array[$option_flag]: -1}" = "=" ]
+            if [ "${args_array[$option_flag]: -1}" = "=" ]; then
            then
                # For an option with additionnal values, add a ':' after the letter for getopts.
                getopts_parameters="${getopts_parameters}${option_flag}:"
            else
@ -74,8 +71,7 @@ ynh_handle_getopts_args () {
            # Check each argument given to the function
            local arg=""
            # ${#arguments[@]} is the size of the array
-            for arg in `seq 0 $(( ${#arguments[@]} - 1 ))`
+            for arg in $(seq 0 $((${#arguments[@]} - 1))); do
            do
                # Escape options' values starting with -. Otherwise the - will be considered as another option.
                arguments[arg]="${arguments[arg]//--${args_array[$option_flag]}-/--${args_array[$option_flag]}\\TOBEREMOVED\\-}"
                # And replace long option (value of the option_flag) by the short option, the option_flag itself
@ -89,10 +85,9 @@ ynh_handle_getopts_args () {
        # Read and parse all the arguments
        # Use a function here, to use standart arguments $@ and be able to use shift.
-        parse_arg () {
+        parse_arg() {
            # Read all arguments, until no arguments are left
-            while [ $# -ne 0 ]
+            while [ $# -ne 0 ]; do
            do
                # Initialize the index of getopts
                OPTIND=1
                # Parse with getopts only if the argument begin by -, that means the argument is an option
@ -100,11 +95,9 @@ ynh_handle_getopts_args () {
                local parameter=""
                getopts ":$getopts_parameters" parameter || true
-                if [ "$parameter" = "?" ]
+                if [ "$parameter" = "?" ]; then
                then
                    ynh_die --message="Invalid argument: -${OPTARG:-}"
-                elif [ "$parameter" = ":" ]
+                elif [ "$parameter" = ":" ]; then
                then
                    ynh_die --message="-$OPTARG parameter requires an argument."
                else
                    local shift_value=1
@ -115,8 +108,7 @@ ynh_handle_getopts_args () {
                    local option_var="${args_array[$parameter]%=}"
                    # If this option doesn't take values
                    # if there's a '=' at the end of the long option name, this option takes values
-                    if [ "${args_array[$parameter]: -1}" != "=" ]
+                    if [ "${args_array[$parameter]: -1}" != "=" ]; then
                    then
                        # 'eval ${option_var}' will use the content of 'option_var'
                        eval ${option_var}=1
                    else
@ -126,41 +118,35 @@ ynh_handle_getopts_args () {
                        # If the first argument is longer than 2 characters,
                        # There's a value attached to the option, in the same array cell
-                        if [ ${#all_args[0]} -gt 2 ]
+                        if [ ${#all_args[0]} -gt 2 ]; then
                        then
                            # Remove the option and the space, so keep only the value itself.
                            all_args[0]="${all_args[0]#-${parameter} }"
                            # At this point, if all_args[0] start with "-", then the argument is not well formed
-                            if [ "${all_args[0]:0:1}" == "-" ]
+                            if [ "${all_args[0]:0:1}" == "-" ]; then
                            then
                                ynh_die --message="Argument \"${all_args[0]}\" not valid! Did you use a single \"-\" instead of two?"
                            fi
                            # Reduce the value of shift, because the option has been removed manually
-                            shift_value=$(( shift_value - 1 ))
+                            shift_value=$((shift_value - 1))
                        fi
                        # Declare the content of option_var as a variable.
                        eval ${option_var}=""
                        # Then read the array value per value
                        local i
-                        for i in `seq 0 $(( ${#all_args[@]} - 1 ))`
+                        for i in $(seq 0 $((${#all_args[@]} - 1))); do
                        do
                            # If this argument is an option, end here.
-                            if [ "${all_args[$i]:0:1}" == "-" ]
+                            if [ "${all_args[$i]:0:1}" == "-" ]; then
                            then
                                # Ignore the first value of the array, which is the option itself
                                if [ "$i" -ne 0 ]; then
                                    break
                                fi
                            else
                                # Ignore empty parameters
-                                if [ -n "${all_args[$i]}" ]
+                                if [ -n "${all_args[$i]}" ]; then
                                then
                                    # Else, add this value to this option
                                    # Each value will be separated by ';'
-                                    if [ -n "${!option_var}" ]
+                                    if [ -n "${!option_var}" ]; then
                                    then
                                        # If there's already another value for this option, add a ; before adding the new value
                                        eval ${option_var}+="\;"
                                    fi
@ -177,7 +163,7 @@ ynh_handle_getopts_args () {
                                    eval ${option_var}+='"${all_args[$i]}"'
                                fi
-                                shift_value=$(( shift_value + 1 ))
+                                shift_value=$((shift_value + 1))
                            fi
                        done
                    fi
@ -190,24 +176,23 @@ ynh_handle_getopts_args () {
        # LEGACY MODE
        # Check if there's getopts arguments
-        if [ "${arguments[0]:0:1}" != "-" ]
+        if [ "${arguments[0]:0:1}" != "-" ]; then
        then
            # If not, enter in legacy mode and manage the arguments as positionnal ones..
            # Dot not echo, to prevent to go through a helper output. But print only in the log.
-            set -x; echo "! Helper used in legacy mode !" > /dev/null; set +x
+            set -x
            echo "! Helper used in legacy mode !" >/dev/null
            set +x
            local i
-            for i in `seq 0 $(( ${#arguments[@]} -1 ))`
+            for i in $(seq 0 $((${#arguments[@]} - 1))); do
            do
                # Try to use legacy_args as a list of option_flag of the array args_array
                # Otherwise, fallback to getopts_parameters to get the option_flag. But an associative arrays isn't always sorted in the correct order...
                # Remove all ':' in getopts_parameters
-                getopts_parameters=${legacy_args:-${getopts_parameters//:}}
+                getopts_parameters=${legacy_args:-${getopts_parameters//:/}}
                # Get the option_flag from getopts_parameters, by using the option_flag according to the position of the argument.
                option_flag=${getopts_parameters:$i:1}
-                if [ -z "$option_flag" ]
+                if [ -z "$option_flag" ]; then
-                then
+                    ynh_print_warn --message="Too many arguments ! \"${arguments[$i]}\" will be ignored."
-                        ynh_print_warn --message="Too many arguments ! \"${arguments[$i]}\" will be ignored."
+                    continue
                        continue
                fi
                # Use the long option, corresponding to the option_flag, as a variable
                # (e.g. for [u]=user, 'user' will be used as a variable)
--- a/data/helpers.d/hardware
+++ b/data/helpers.d/hardware
@ -10,10 +10,10 @@
 # | ret: the amount of free ram, in MB (MegaBytes)
 #
 # Requires YunoHost version 3.8.1 or higher.
-ynh_get_ram () {
+ynh_get_ram() {
    # Declare an array to define the options of this helper.
    local legacy_args=ftso
-    local -A args_array=( [f]=free [t]=total [s]=ignore_swap [o]=only_swap )
+    local -A args_array=([f]=free [t]=total [s]=ignore_swap [o]=only_swap)
    local free
    local total
    local ignore_swap
@ -25,41 +25,34 @@ ynh_get_ram () {
    free=${free:-0}
    total=${total:-0}
-    if [ $free -eq $total ]
+    if [ $free -eq $total ]; then
    then
        ynh_print_warn --message="You have to choose --free or --total when using ynh_get_ram"
        ram=0
    # Use the total amount of ram
-    elif [ $free -eq 1 ]
+    elif [ $free -eq 1 ]; then
    then
        local free_ram=$(vmstat --stats --unit M | grep "free memory" | awk '{print $1}')
        local free_swap=$(vmstat --stats --unit M | grep "free swap" | awk '{print $1}')
-        local free_ram_swap=$(( free_ram + free_swap ))
+        local free_ram_swap=$((free_ram + free_swap))
        # Use the total amount of free ram
        local ram=$free_ram_swap
-        if [ $ignore_swap -eq 1 ]
+        if [ $ignore_swap -eq 1 ]; then
        then
            # Use only the amount of free ram
            ram=$free_ram
-        elif [ $only_swap -eq 1 ]
+        elif [ $only_swap -eq 1 ]; then
        then
            # Use only the amount of free swap
            ram=$free_swap
        fi
-    elif [ $total -eq 1 ]
+    elif [ $total -eq 1 ]; then
    then
        local total_ram=$(vmstat --stats --unit M | grep "total memory" | awk '{print $1}')
        local total_swap=$(vmstat --stats --unit M | grep "total swap" | awk '{print $1}')
-        local total_ram_swap=$(( total_ram + total_swap ))
+        local total_ram_swap=$((total_ram + total_swap))
        local ram=$total_ram_swap
-        if [ $ignore_swap -eq 1 ]
+        if [ $ignore_swap -eq 1 ]; then
        then
            # Use only the amount of free ram
            ram=$total_ram
-        elif [ $only_swap -eq 1 ]
+        elif [ $only_swap -eq 1 ]; then
        then
            # Use only the amount of free swap
            ram=$total_swap
        fi
@ -79,10 +72,10 @@ ynh_get_ram () {
 # | ret: 1 if the ram is under the requirement, 0 otherwise.
 #
 # Requires YunoHost version 3.8.1 or higher.
-ynh_require_ram () {
+ynh_require_ram() {
    # Declare an array to define the options of this helper.
    local legacy_args=rftso
-    local -A args_array=( [r]=required= [f]=free [t]=total [s]=ignore_swap [o]=only_swap )
+    local -A args_array=([r]=required= [f]=free [t]=total [s]=ignore_swap [o]=only_swap)
    local required
    local free
    local total
@ -100,8 +93,7 @@ ynh_require_ram () {
    local ram=$(ynh_get_ram $free $total $ignore_swap $only_swap)
-    if [ $ram -lt $required ]
+    if [ $ram -lt $required ]; then
    then
        return 1
    else
        return 0
--- a/data/helpers.d/logging
+++ b/data/helpers.d/logging
@ -10,7 +10,7 @@
 ynh_die() {
    # Declare an array to define the options of this helper.
    local legacy_args=mc
-    local -A args_array=( [m]=message= [c]=ret_code= )
+    local -A args_array=([m]=message= [c]=ret_code=)
    local message
    local ret_code
    # Manage arguments with getopts
@ -30,7 +30,7 @@ ynh_die() {
 ynh_print_info() {
    # Declare an array to define the options of this helper.
    local legacy_args=m
-    local -A args_array=( [m]=message= )
+    local -A args_array=([m]=message=)
    local message
    # Manage arguments with getopts
    ynh_handle_getopts_args "$@"
@ -43,7 +43,7 @@ ynh_print_info() {
 # [internal]
 #
 # Requires YunoHost version 3.2.0 or higher.
-ynh_print_log () {
+ynh_print_log() {
    echo -e "${1}"
 }
@ -53,10 +53,10 @@ ynh_print_log () {
 # | arg: -m, --message=     - The text to print
 #
 # Requires YunoHost version 3.2.0 or higher.
-ynh_print_warn () {
+ynh_print_warn() {
    # Declare an array to define the options of this helper.
    local legacy_args=m
-    local -A args_array=( [m]=message= )
+    local -A args_array=([m]=message=)
    local message
    # Manage arguments with getopts
    ynh_handle_getopts_args "$@"
@ -70,10 +70,10 @@ ynh_print_warn () {
 # | arg: -m, --message=     - The text to print
 #
 # Requires YunoHost version 3.2.0 or higher.
-ynh_print_err () {
+ynh_print_err() {
    # Declare an array to define the options of this helper.
    local legacy_args=m
-    local -A args_array=( [m]=message= )
+    local -A args_array=([m]=message=)
    local message
    # Manage arguments with getopts
    ynh_handle_getopts_args "$@"
@ -89,7 +89,7 @@ ynh_print_err () {
 # Note that you should NOT quote the command but only prefix it with ynh_exec_err
 #
 # Requires YunoHost version 3.2.0 or higher.
-ynh_exec_err () {
+ynh_exec_err() {
    # Boring legacy handling for when people calls ynh_exec_* wrapping the command in quotes,
    # (because in the past eval was used) ...
    # we detect this by checking that there's no 2nd arg, and $1 contains a space
@ -110,7 +110,7 @@ ynh_exec_err () {
 # Note that you should NOT quote the command but only prefix it with ynh_exec_warn
 #
 # Requires YunoHost version 3.2.0 or higher.
-ynh_exec_warn () {
+ynh_exec_warn() {
    # Boring legacy handling for when people calls ynh_exec_* wrapping the command in quotes,
    # (because in the past eval was used) ...
    # we detect this by checking that there's no 2nd arg, and $1 contains a space
@ -131,7 +131,7 @@ ynh_exec_warn () {
 # Note that you should NOT quote the command but only prefix it with ynh_exec_warn
 #
 # Requires YunoHost version 3.2.0 or higher.
-ynh_exec_warn_less () {
+ynh_exec_warn_less() {
    # Boring legacy handling for when people calls ynh_exec_* wrapping the command in quotes,
    # (because in the past eval was used) ...
    # we detect this by checking that there's no 2nd arg, and $1 contains a space
@ -152,7 +152,7 @@ ynh_exec_warn_less () {
 # Note that you should NOT quote the command but only prefix it with ynh_exec_warn
 #
 # Requires YunoHost version 3.2.0 or higher.
-ynh_exec_quiet () {
+ynh_exec_quiet() {
    # Boring legacy handling for when people calls ynh_exec_* wrapping the command in quotes,
    # (because in the past eval was used) ...
    # we detect this by checking that there's no 2nd arg, and $1 contains a space
@ -173,7 +173,7 @@ ynh_exec_quiet () {
 # Note that you should NOT quote the command but only prefix it with ynh_exec_quiet
 #
 # Requires YunoHost version 3.2.0 or higher.
-ynh_exec_fully_quiet () {
+ynh_exec_fully_quiet() {
    # Boring legacy handling for when people calls ynh_exec_* wrapping the command in quotes,
    # (because in the past eval was used) ...
    # we detect this by checking that there's no 2nd arg, and $1 contains a space
@ -193,7 +193,7 @@ ynh_exec_fully_quiet () {
 # WARNING: You should be careful with this helper, and never forget to use ynh_print_ON as soon as possible to restore the logging.
 #
 # Requires YunoHost version 3.2.0 or higher.
-ynh_print_OFF () {
+ynh_print_OFF() {
    exec {BASH_XTRACEFD}>/dev/null
 }
@ -202,10 +202,10 @@ ynh_print_OFF () {
 # usage: ynh_print_ON
 #
 # Requires YunoHost version 3.2.0 or higher.
-ynh_print_ON () {
+ynh_print_ON() {
    exec {BASH_XTRACEFD}>&1
    # Print an echo only for the log, to be able to know that ynh_print_ON has been called.
-    echo ynh_print_ON > /dev/null
+    echo ynh_print_ON >/dev/null
 }
 # Initial definitions for ynh_script_progression
@ -230,11 +230,11 @@ base_time=$(date +%s)
 # | arg: -l, --last     - Use for the last call of the helper, to fill the progression bar.
 #
 # Requires YunoHost version 3.5.0 or higher.
-ynh_script_progression () {
+ynh_script_progression() {
    set +o xtrace # set +x
    # Declare an array to define the options of this helper.
    local legacy_args=mwtl
-    local -A args_array=( [m]=message= [w]=weight= [t]=time [l]=last )
+    local -A args_array=([m]=message= [w]=weight= [t]=time [l]=last)
    local message
    local weight
    local time
@ -248,12 +248,11 @@ ynh_script_progression () {
    last=${last:-0}
    # Get execution time since the last $base_time
-    local exec_time=$(( $(date +%s) - $base_time ))
+    local exec_time=$(($(date +%s) - $base_time))
    base_time=$(date +%s)
    # Compute $max_progression (if we didn't already)
-    if [ "$max_progression" = -1 ]
+    if [ "$max_progression" = -1 ]; then
    then
        # Get the number of occurrences of 'ynh_script_progression' in the script. Except those are commented.
        local helper_calls="$(grep --count "^[^#]*ynh_script_progression" $0)"
        # Get the number of call with a weight value
@ -265,23 +264,22 @@ ynh_script_progression () {
        local weight_valuesB="$(grep --perl-regexp "^[^#]*ynh_script_progression.*-w " $0 | sed 's/.*-w[= ]\([[:digit:]]*\).*/\1/g')"
        # Each value will be on a different line.
        # Remove each 'end of line' and replace it by a '+' to sum the values.
-        local weight_values=$(( $(echo "$weight_valuesA" | tr '\n' '+') + $(echo "$weight_valuesB" | tr '\n' '+') 0 ))
+        local weight_values=$(($(echo "$weight_valuesA" "$weight_valuesB" | grep -v -E '^\s*$' | tr '\n' '+' | sed 's/+$/+0/g')))
        # max_progression is a total number of calls to this helper.
        # 	Less the number of calls with a weight value.
        # 	Plus the total of weight values
-        max_progression=$(( $helper_calls - $weight_calls + $weight_values ))
+        max_progression=$(($helper_calls - $weight_calls + $weight_values))
    fi
    # Increment each execution of ynh_script_progression in this script by the weight of the previous call.
-    increment_progression=$(( $increment_progression + $previous_weight ))
+    increment_progression=$(($increment_progression + $previous_weight))
    # Store the weight of the current call in $previous_weight for next call
    previous_weight=$weight
    # Reduce $increment_progression to the size of the scale
-    if [ $last -eq 0 ]
+    if [ $last -eq 0 ]; then
-    then
+        local effective_progression=$(($increment_progression * $progress_scale / $max_progression))
        local effective_progression=$(( $increment_progression * $progress_scale / $max_progression ))
    # If last is specified, fill immediately the progression_bar
    else
        local effective_progression=$progress_scale
@ -289,19 +287,17 @@ ynh_script_progression () {
    # Build $progression_bar from progress_string(0,1,2) according to $effective_progression and the weight of the current task
    # expected_progression is the progression expected after the current task
-    local expected_progression="$(( ( $increment_progression + $weight ) * $progress_scale / $max_progression - $effective_progression ))"
+    local expected_progression="$((($increment_progression + $weight) * $progress_scale / $max_progression - $effective_progression))"
-    if [ $last -eq 1 ]
+    if [ $last -eq 1 ]; then
    then
        expected_progression=0
    fi
    # left_progression is the progression not yet done
-    local left_progression="$(( $progress_scale - $effective_progression - $expected_progression ))"
+    local left_progression="$(($progress_scale - $effective_progression - $expected_progression))"
    # Build the progression bar with $effective_progression, work done, $expected_progression, current work and $left_progression, work to be done.
    local progression_bar="${progress_string2:0:$effective_progression}${progress_string1:0:$expected_progression}${progress_string0:0:$left_progression}"
    local print_exec_time=""
-    if [ $time -eq 1 ]
+    if [ $time -eq 1 ]; then
    then
        print_exec_time=" [$(date +%Hh%Mm,%Ss --date="0 + $exec_time sec")]"
    fi
@ -315,6 +311,6 @@ ynh_script_progression () {
 # usage: ynh_return somedata
 #
 # Requires YunoHost version 3.6.0 or higher.
-ynh_return () {
+ynh_return() {
-    echo "$1" >> "$YNH_STDRETURN"
+    echo "$1" >>"$YNH_STDRETURN"
 }
--- a/data/helpers.d/logrotate
+++ b/data/helpers.d/logrotate
@ -15,10 +15,10 @@
 #
 # Requires YunoHost version 2.6.4 or higher.
 # Requires YunoHost version 3.2.0 or higher for the argument `--specific_user`
-ynh_use_logrotate () {
+ynh_use_logrotate() {
    # Declare an array to define the options of this helper.
    local legacy_args=lnuya
-    local -A args_array=( [l]=logfile= [n]=nonappend [u]=specific_user= [y]=non [a]=append )
+    local -A args_array=([l]=logfile= [n]=nonappend [u]=specific_user= [y]=non [a]=append)
    # [y]=non [a]=append are only for legacy purpose, to not fail on the old option '--non-append'
    local logfile
    local nonappend
@ -30,22 +30,18 @@ ynh_use_logrotate () {
    specific_user="${specific_user:-}"
    # LEGACY CODE - PRE GETOPTS
-    if [ $# -gt 0 ] && [ "$1" == "--non-append" ]
+    if [ $# -gt 0 ] && [ "$1" == "--non-append" ]; then
    then
        nonappend=1
        # Destroy this argument for the next command.
        shift
-    elif [ $# -gt 1 ] && [ "$2" == "--non-append" ]
+    elif [ $# -gt 1 ] && [ "$2" == "--non-append" ]; then
    then
        nonappend=1
    fi
-    if [ $# -gt 0 ] && [ "$(echo ${1:0:1})" != "-" ]
+    if [ $# -gt 0 ] && [ "$(echo ${1:0:1})" != "-" ]; then
    then
        # If the given logfile parameter already exists as a file, or if it ends up with ".log",
        # we just want to manage a single file
-        if [ -f "$1" ] || [ "$(echo ${1##*.})" == "log" ]
+        if [ -f "$1" ] || [ "$(echo ${1##*.})" == "log" ]; then
        then
            local logfile=$1
        # Otherwise we assume we want to manage a directory and all its .log file inside
        else
@ -58,22 +54,20 @@ ynh_use_logrotate () {
    if [ "$nonappend" -eq 1 ]; then
        customtee="tee"
    fi
-    if [ -n "$logfile" ]
+    if [ -n "$logfile" ]; then
-    then
+        if [ ! -f "$1" ] && [ "$(echo ${logfile##*.})" != "log" ]; then # Keep only the extension to check if it's a logfile
-        if [ ! -f "$1" ] && [ "$(echo ${logfile##*.})" != "log" ]; then	# Keep only the extension to check if it's a logfile
+            local logfile="$logfile/*.log"                              # Else, uses the directory and all logfile into it.
            local logfile="$logfile/*.log"	# Else, uses the directory and all logfile into it.
        fi
    else
        logfile="/var/log/${app}/*.log" # Without argument, use a defaut directory in /var/log
    fi
    local su_directive=""
-    if [[ -n $specific_user ]]
+    if [[ -n $specific_user ]]; then
    then
        su_directive="	# Run logorotate as specific user - group
    su ${specific_user%/*} ${specific_user#*/}"
    fi
-    cat > ./${app}-logrotate << EOF	# Build a config file for logrotate
+    cat >./${app}-logrotate <<EOF # Build a config file for logrotate
 $logfile {
        # Rotate if the logfile exceeds 100Mo
    size 100M
@ -94,14 +88,13 @@ $logfile {
    $su_directive
 }
 EOF
-    mkdir --parents $(dirname "$logfile")	# Create the log directory, if not exist
+    mkdir --parents $(dirname "$logfile")                              # Create the log directory, if not exist
-    cat ${app}-logrotate | $customtee /etc/logrotate.d/$app > /dev/null	# Append this config to the existing config file, or replace the whole config file (depending on $customtee)
+    cat ${app}-logrotate | $customtee /etc/logrotate.d/$app >/dev/null # Append this config to the existing config file, or replace the whole config file (depending on $customtee)
    if ynh_user_exists --username="$app"; then
        chown $app:$app "$logfile"
        chmod o-rwx "$logfile"
    fi
 }
 # Remove the app's logrotate config.
@ -109,7 +102,7 @@ EOF
 # usage: ynh_remove_logrotate
 #
 # Requires YunoHost version 2.6.4 or higher.
-ynh_remove_logrotate () {
+ynh_remove_logrotate() {
    if [ -e "/etc/logrotate.d/$app" ]; then
        rm "/etc/logrotate.d/$app"
    fi
--- a/data/helpers.d/multimedia
+++ b/data/helpers.d/multimedia
@ -22,8 +22,7 @@ ynh_multimedia_build_main_dir() {
    mkdir -p "$MEDIA_DIRECTORY/share/eBook"
    ## Création des dossiers utilisateurs
-    for user in $(yunohost user list --output-as json | jq -r '.users | keys[]')
+    for user in $(yunohost user list --output-as json | jq -r '.users | keys[]'); do
    do
        mkdir -p "$MEDIA_DIRECTORY/$user"
        mkdir -p "$MEDIA_DIRECTORY/$user/Music"
        mkdir -p "$MEDIA_DIRECTORY/$user/Picture"
@ -66,22 +65,22 @@ ynh_multimedia_addfolder() {
    # Declare an array to define the options of this helper.
    local legacy_args=sd
-    local -A args_array=( [s]=source_dir= [d]=dest_dir= )
+    local -A args_array=([s]=source_dir= [d]=dest_dir=)
-	local source_dir
+    local source_dir
-	local dest_dir
+    local dest_dir
    # Manage arguments with getopts
    ynh_handle_getopts_args "$@"
    # Ajout d'un lien symbolique vers le dossier à partager
-	ln -sfn "$source_dir" "$MEDIA_DIRECTORY/$dest_dir"
+    ln -sfn "$source_dir" "$MEDIA_DIRECTORY/$dest_dir"
-	## Application des droits étendus sur le dossier ajouté
+    ## Application des droits étendus sur le dossier ajouté
-	# Droit d'écriture pour le groupe et le groupe multimedia en acl et droit de lecture pour other:
+    # Droit d'écriture pour le groupe et le groupe multimedia en acl et droit de lecture pour other:
-	setfacl -RnL -m g:$MEDIA_GROUP:rwX,g::rwX,o:r-X "$source_dir"
+    setfacl -RnL -m g:$MEDIA_GROUP:rwX,g::rwX,o:r-X "$source_dir"
-	# Application de la même règle que précédemment, mais par défaut pour les nouveaux fichiers.
+    # Application de la même règle que précédemment, mais par défaut pour les nouveaux fichiers.
-	setfacl -RnL -m d:g:$MEDIA_GROUP:rwX,g::rwX,o:r-X "$source_dir"
+    setfacl -RnL -m d:g:$MEDIA_GROUP:rwX,g::rwX,o:r-X "$source_dir"
-	# Réglage du masque par défaut. Qui garantie (en principe...) un droit maximal à rwx. Donc pas de restriction de droits par l'acl.
+    # Réglage du masque par défaut. Qui garantie (en principe...) un droit maximal à rwx. Donc pas de restriction de droits par l'acl.
-	setfacl -RL -m m::rwx "$source_dir"
+    setfacl -RL -m m::rwx "$source_dir"
 }
 # Allow an user to have an write authorisation in multimedia directories
@ -91,14 +90,14 @@ ynh_multimedia_addfolder() {
 # | arg: -u, --user_name= - The name of the user which gain this access.
 #
 # Requires YunoHost version 4.2 or higher.
-ynh_multimedia_addaccess () {
+ynh_multimedia_addaccess() {
-	# Declare an array to define the options of this helper.
+    # Declare an array to define the options of this helper.
    local legacy_args=u
-	declare -Ar args_array=( [u]=user_name=)
+    declare -Ar args_array=([u]=user_name=)
-	local user_name
+    local user_name
-	# Manage arguments with getopts
+    # Manage arguments with getopts
-	ynh_handle_getopts_args "$@"
+    ynh_handle_getopts_args "$@"
-	groupadd -f multimedia
+    groupadd -f multimedia
-	usermod -a -G multimedia $user_name
+    usermod -a -G multimedia $user_name
 }
--- a/data/helpers.d/mysql
+++ b/data/helpers.d/mysql
@ -15,7 +15,7 @@
 ynh_mysql_connect_as() {
    # Declare an array to define the options of this helper.
    local legacy_args=upd
-    local -A args_array=( [u]=user= [p]=password= [d]=database= )
+    local -A args_array=([u]=user= [p]=password= [d]=database=)
    local user
    local password
    local database
@ -36,19 +36,18 @@ ynh_mysql_connect_as() {
 ynh_mysql_execute_as_root() {
    # Declare an array to define the options of this helper.
    local legacy_args=sd
-    local -A args_array=( [s]=sql= [d]=database= )
+    local -A args_array=([s]=sql= [d]=database=)
    local sql
    local database
    # Manage arguments with getopts
    ynh_handle_getopts_args "$@"
    database="${database:-}"
-    if [ -n "$database" ]
+    if [ -n "$database" ]; then
    then
        database="--database=$database"
    fi
-    mysql -B "$database" <<< "$sql"
+    mysql -B "$database" <<<"$sql"
 }
 # Execute a command from a file as root user
@ -61,19 +60,18 @@ ynh_mysql_execute_as_root() {
 ynh_mysql_execute_file_as_root() {
    # Declare an array to define the options of this helper.
    local legacy_args=fd
-    local -A args_array=( [f]=file= [d]=database= )
+    local -A args_array=([f]=file= [d]=database=)
    local file
    local database
    # Manage arguments with getopts
    ynh_handle_getopts_args "$@"
    database="${database:-}"
-    if [ -n "$database" ]
+    if [ -n "$database" ]; then
    then
        database="--database=$database"
    fi
-    mysql -B "$database" < "$file"
+    mysql -B "$database" <"$file"
 }
 # Create a database and grant optionnaly privilegies to a user
@ -92,8 +90,7 @@ ynh_mysql_create_db() {
    local sql="CREATE DATABASE ${db};"
    # grant all privilegies to user
-    if [[ $# -gt 1 ]]
+    if [[ $# -gt 1 ]]; then
    then
        sql+=" GRANT ALL PRIVILEGES ON ${db}.* TO '${2}'@'localhost'"
        if [[ -n ${3:-} ]]; then
            sql+=" IDENTIFIED BY '${3}'"
@ -131,7 +128,7 @@ ynh_mysql_drop_db() {
 ynh_mysql_dump_db() {
    # Declare an array to define the options of this helper.
    local legacy_args=d
-    local -A args_array=( [d]=database= )
+    local -A args_array=([d]=database=)
    local database
    # Manage arguments with getopts
    ynh_handle_getopts_args "$@"
@ -160,17 +157,15 @@ ynh_mysql_create_user() {
 # | ret: 0 if the user exists, 1 otherwise.
 #
 # Requires YunoHost version 2.2.4 or higher.
-ynh_mysql_user_exists()
+ynh_mysql_user_exists() {
 {
    # Declare an array to define the options of this helper.
    local legacy_args=u
-    local -A args_array=( [u]=user= )
+    local -A args_array=([u]=user=)
    local user
    # Manage arguments with getopts
    ynh_handle_getopts_args "$@"
-    if [[ -z $(ynh_mysql_execute_as_root --sql="SELECT User from mysql.user WHERE User = '$user';") ]]
+    if [[ -z $(ynh_mysql_execute_as_root --sql="SELECT User from mysql.user WHERE User = '$user';") ]]; then
    then
        return 1
    else
        return 0
@ -200,10 +195,10 @@ ynh_mysql_drop_user() {
 # It will also be stored as "`mysqlpwd`" into the app settings.
 #
 # Requires YunoHost version 2.6.4 or higher.
-ynh_mysql_setup_db () {
+ynh_mysql_setup_db() {
    # Declare an array to define the options of this helper.
    local legacy_args=unp
-    local -A args_array=( [u]=db_user= [n]=db_name= [p]=db_pwd= )
+    local -A args_array=([u]=db_user= [n]=db_name= [p]=db_pwd=)
    local db_user
    local db_name
    db_pwd=""
@ -226,10 +221,10 @@ ynh_mysql_setup_db () {
 # | arg: -n, --db_name=     - Name of the database
 #
 # Requires YunoHost version 2.6.4 or higher.
-ynh_mysql_remove_db () {
+ynh_mysql_remove_db() {
    # Declare an array to define the options of this helper.
    local legacy_args=un
-    local -Ar args_array=( [u]=db_user= [n]=db_name= )
+    local -Ar args_array=([u]=db_user= [n]=db_name=)
    local db_user
    local db_name
    # Manage arguments with getopts
--- a/data/helpers.d/network
+++ b/data/helpers.d/network
@ -9,18 +9,17 @@
 # example: port=$(ynh_find_port --port=8080)
 #
 # Requires YunoHost version 2.6.4 or higher.
-ynh_find_port () {
+ynh_find_port() {
    # Declare an array to define the options of this helper.
    local legacy_args=p
-    local -A args_array=( [p]=port= )
+    local -A args_array=([p]=port=)
    local port
    # Manage arguments with getopts
    ynh_handle_getopts_args "$@"
    test -n "$port" || ynh_die --message="The argument of ynh_find_port must be a valid port."
-    while ! ynh_port_available --port=$port
+    while ! ynh_port_available --port=$port; do
-    do
+        port=$((port + 1))
        port=$((port+1))
    done
    echo $port
 }
@ -34,28 +33,25 @@ ynh_find_port () {
 # example: ynh_port_available --port=1234 || ynh_die --message="Port 1234 is needs to be available for this app"
 #
 # Requires YunoHost version 3.8.0 or higher.
-ynh_port_available () {
+ynh_port_available() {
    # Declare an array to define the options of this helper.
    local legacy_args=p
-    local -A args_array=( [p]=port= )
+    local -A args_array=([p]=port=)
    local port
    # Manage arguments with getopts
    ynh_handle_getopts_args "$@"
    # Check if the port is free
-    if ss --numeric --listening --tcp --udp | awk '{print$5}' | grep --quiet --extended-regexp ":$port$"
+    if ss --numeric --listening --tcp --udp | awk '{print$5}' | grep --quiet --extended-regexp ":$port$"; then
    then
        return 1
    # This is to cover (most) case where an app is using a port yet ain't currently using it for some reason (typically service ain't up)
-    elif grep -q "port: '$port'" /etc/yunohost/apps/*/settings.yml
+    elif grep -q "port: '$port'" /etc/yunohost/apps/*/settings.yml; then
    then
        return 1
    else
        return 0
    fi
 }
 # Validate an IP address
 #
 # [internal]
@ -66,13 +62,12 @@ ynh_port_available () {
 # example: ynh_validate_ip 4 111.222.333.444
 #
 # Requires YunoHost version 2.2.4 or higher.
-ynh_validate_ip()
+ynh_validate_ip() {
 {
    # http://stackoverflow.com/questions/319279/how-to-validate-ip-address-in-python#319298
    # Declare an array to define the options of this helper.
    local legacy_args=fi
-    local -A args_array=( [f]=family= [i]=ip_address= )
+    local -A args_array=([f]=family= [i]=ip_address=)
    local family
    local ip_address
    # Manage arguments with getopts
@ -80,7 +75,7 @@ ynh_validate_ip()
    [ "$family" == "4" ] || [ "$family" == "6" ] || return 1
-    python3 /dev/stdin << EOF
+    python3 /dev/stdin <<EOF
 import socket
 import sys
 family = { "4" : socket.AF_INET, "6" : socket.AF_INET6 }
@ -101,11 +96,10 @@ EOF
 # example: ynh_validate_ip4 111.222.333.444
 #
 # Requires YunoHost version 2.2.4 or higher.
-ynh_validate_ip4()
+ynh_validate_ip4() {
 {
    # Declare an array to define the options of this helper.
    local legacy_args=i
-    local -A args_array=( [i]=ip_address= )
+    local -A args_array=([i]=ip_address=)
    local ip_address
    # Manage arguments with getopts
    ynh_handle_getopts_args "$@"
@ -113,7 +107,6 @@ ynh_validate_ip4()
    ynh_validate_ip --family=4 --ip_address=$ip_address
 }
 # Validate an IPv6 address
 #
 # usage: ynh_validate_ip6 --ip_address=ip_address
@ -123,11 +116,10 @@ ynh_validate_ip4()
 # example: ynh_validate_ip6 2000:dead:beef::1
 #
 # Requires YunoHost version 2.2.4 or higher.
-ynh_validate_ip6()
+ynh_validate_ip6() {
 {
    # Declare an array to define the options of this helper.
    local legacy_args=i
-    local -A args_array=( [i]=ip_address= )
+    local -A args_array=([i]=ip_address=)
    local ip_address
    # Manage arguments with getopts
    ynh_handle_getopts_args "$@"
--- a/data/helpers.d/nginx
+++ b/data/helpers.d/nginx
@ -16,12 +16,11 @@
 # location
 #
 # Requires YunoHost version 4.1.0 or higher.
-ynh_add_nginx_config () {
+ynh_add_nginx_config() {
    local finalnginxconf="/etc/nginx/conf.d/$domain.d/$app.conf"
-    if [ "${path_url:-}" != "/" ]
+    if [ "${path_url:-}" != "/" ]; then
    then
        ynh_replace_string --match_string="^#sub_path_only" --replace_string="" --target_file="$YNH_APP_BASEDIR/conf/nginx.conf"
    else
        ynh_replace_string --match_string="^#root_path_only" --replace_string="" --target_file="$YNH_APP_BASEDIR/conf/nginx.conf"
@ -29,7 +28,6 @@ ynh_add_nginx_config () {
    ynh_add_config --template="$YNH_APP_BASEDIR/conf/nginx.conf" --destination="$finalnginxconf"
    ynh_systemd_action --service_name=nginx --action=reload
 }
@ -38,7 +36,7 @@ ynh_add_nginx_config () {
 # usage: ynh_remove_nginx_config
 #
 # Requires YunoHost version 2.7.2 or higher.
-ynh_remove_nginx_config () {
+ynh_remove_nginx_config() {
    ynh_secure_remove --file="/etc/nginx/conf.d/$domain.d/$app.conf"
    ynh_systemd_action --service_name=nginx --action=reload
 }
--- a/data/helpers.d/nodejs
+++ b/data/helpers.d/nodejs
@ -13,16 +13,18 @@ export N_PREFIX="$n_install_dir"
 # usage: ynh_install_n
 #
 # Requires YunoHost version 2.7.12 or higher.
-ynh_install_n () {
+ynh_install_n() {
    ynh_print_info --message="Installation of N - Node.js version management"
    # Build an app.src for n
    echo "SOURCE_URL=https://github.com/tj/n/archive/v${n_version}.tar.gz
-SOURCE_SUM=d4da7ea91f680de0c9b5876e097e2a793e8234fcd0f7ca87a0599b925be087a3" > "$YNH_APP_BASEDIR/conf/n.src"
+SOURCE_SUM=d4da7ea91f680de0c9b5876e097e2a793e8234fcd0f7ca87a0599b925be087a3" >"$YNH_APP_BASEDIR/conf/n.src"
    # Download and extract n
    ynh_setup_source --dest_dir="$n_install_dir/git" --source_id=n
    # Install n
-    (cd "$n_install_dir/git"
+    (
-    PREFIX=$N_PREFIX make install 2>&1)
+        cd "$n_install_dir/git"
        PREFIX=$N_PREFIX make install 2>&1
    )
 }
 # Load the version of node for an app, and set variables.
@ -69,7 +71,7 @@ SOURCE_SUM=d4da7ea91f680de0c9b5876e097e2a793e8234fcd0f7ca87a0599b925be087a3" > "
 #   - $nodejs_version: Just the version number of node for this app. Stored as 'nodejs_version' in settings.yml.
 #
 # Requires YunoHost version 2.7.12 or higher.
-ynh_use_nodejs () {
+ynh_use_nodejs() {
    nodejs_version=$(ynh_app_setting_get --app=$app --key=nodejs_version)
    # Get the absolute path of this version of node
@ -109,12 +111,12 @@ ynh_use_nodejs () {
 # Refer to `ynh_use_nodejs` for more information about available commands and variables
 #
 # Requires YunoHost version 2.7.12 or higher.
-ynh_install_nodejs () {
+ynh_install_nodejs() {
    # Use n, https://github.com/tj/n to manage the nodejs versions
    # Declare an array to define the options of this helper.
    local legacy_args=n
-    local -A args_array=( [n]=nodejs_version= )
+    local -A args_array=([n]=nodejs_version=)
    local nodejs_version
    # Manage arguments with getopts
    ynh_handle_getopts_args "$@"
@ -132,11 +134,9 @@ ynh_install_nodejs () {
    test -x /usr/bin/npm && mv /usr/bin/npm /usr/bin/npm_n
    # If n is not previously setup, install it
-    if ! $n_install_dir/bin/n --version > /dev/null 2>&1
+    if ! $n_install_dir/bin/n --version >/dev/null 2>&1; then
    then
        ynh_install_n
-    elif dpkg --compare-versions "$($n_install_dir/bin/n --version)" lt $n_version
+    elif dpkg --compare-versions "$($n_install_dir/bin/n --version)" lt $n_version; then
    then
        ynh_install_n
    fi
@ -152,8 +152,7 @@ ynh_install_nodejs () {
    # Install the requested version of nodejs
    uname=$(uname --machine)
-    if [[ $uname =~ aarch64 || $uname =~ arm64 ]]
+    if [[ $uname =~ aarch64 || $uname =~ arm64 ]]; then
    then
        n $nodejs_version --arch=arm64
    else
        n $nodejs_version
@ -164,8 +163,7 @@ ynh_install_nodejs () {
    real_nodejs_version=$(basename $real_nodejs_version)
    # Create a symbolic link for this major version if the file doesn't already exist
-    if [ ! -e "$node_version_path/$nodejs_version" ]
+    if [ ! -e "$node_version_path/$nodejs_version" ]; then
    then
        ln --symbolic --force --no-target-directory $node_version_path/$real_nodejs_version $node_version_path/$nodejs_version
    fi
@ -190,21 +188,19 @@ ynh_install_nodejs () {
 # - If no other app uses node, n will be also removed.
 #
 # Requires YunoHost version 2.7.12 or higher.
-ynh_remove_nodejs () {
+ynh_remove_nodejs() {
    nodejs_version=$(ynh_app_setting_get --app=$app --key=nodejs_version)
    # Remove the line for this app
    sed --in-place "/$YNH_APP_INSTANCE_NAME:$nodejs_version/d" "$n_install_dir/ynh_app_version"
    # If no other app uses this version of nodejs, remove it.
-    if ! grep --quiet "$nodejs_version" "$n_install_dir/ynh_app_version"
+    if ! grep --quiet "$nodejs_version" "$n_install_dir/ynh_app_version"; then
    then
        $n_install_dir/bin/n rm $nodejs_version
    fi
    # If no other app uses n, remove n
-    if [ ! -s "$n_install_dir/ynh_app_version" ]
+    if [ ! -s "$n_install_dir/ynh_app_version" ]; then
    then
        ynh_secure_remove --file="$n_install_dir"
        ynh_secure_remove --file="/usr/local/n"
        sed --in-place "/N_PREFIX/d" /root/.bashrc
@ -221,9 +217,9 @@ ynh_remove_nodejs () {
 # usage: ynh_cron_upgrade_node
 #
 # Requires YunoHost version 2.7.12 or higher.
-ynh_cron_upgrade_node () {
+ynh_cron_upgrade_node() {
    # Build the update script
-    cat > "$n_install_dir/node_update.sh" << EOF
+    cat >"$n_install_dir/node_update.sh" <<EOF
 #!/bin/bash
 version_path="$node_version_path"
@ -259,7 +255,7 @@ EOF
    chmod +x "$n_install_dir/node_update.sh"
    # Build the cronjob
-    cat > "/etc/cron.daily/node_update" << EOF
+    cat >"/etc/cron.daily/node_update" <<EOF
 #!/bin/bash
 $n_install_dir/node_update.sh >> $n_install_dir/node_update.log
--- a/data/helpers.d/permission
+++ b/data/helpers.d/permission
@ -66,7 +66,7 @@
 ynh_permission_create() {
    # Declare an array to define the options of this helper.
    local legacy_args=puAhaltP
-    local -A args_array=( [p]=permission= [u]=url= [A]=additional_urls= [h]=auth_header= [a]=allowed= [l]=label= [t]=show_tile= [P]=protected= )
+    local -A args_array=([p]=permission= [u]=url= [A]=additional_urls= [h]=auth_header= [a]=allowed= [l]=label= [t]=show_tile= [P]=protected=)
    local permission
    local url
    local additional_urls
@ -84,13 +84,11 @@ ynh_permission_create() {
    show_tile=${show_tile:-}
    protected=${protected:-}
-    if [[ -n $url ]]
+    if [[ -n $url ]]; then
    then
        url=",url='$url'"
    fi
-    if [[ -n $additional_urls ]]
+    if [[ -n $additional_urls ]]; then
    then
        # Convert a list from getopts to python list
        # Note that getopts separate the args with ';'
        # By example:
@ -100,18 +98,15 @@ ynh_permission_create() {
        additional_urls=",additional_urls=['${additional_urls//;/\',\'}']"
    fi
-    if [[ -n $auth_header ]]
+    if [[ -n $auth_header ]]; then
-    then
+        if [ $auth_header == "true" ]; then
        if [ $auth_header == "true" ]
        then
            auth_header=",auth_header=True"
        else
            auth_header=",auth_header=False"
        fi
    fi
-    if [[ -n $allowed ]]
+    if [[ -n $allowed ]]; then
    then
        # Convert a list from getopts to python list
        # Note that getopts separate the args with ';'
        # By example:
@ -127,20 +122,16 @@ ynh_permission_create() {
        label=",label='$permission'"
    fi
-    if [[ -n ${show_tile:-} ]]
+    if [[ -n ${show_tile:-} ]]; then
-    then
+        if [ $show_tile == "true" ]; then
        if [ $show_tile == "true" ]
        then
            show_tile=",show_tile=True"
        else
            show_tile=",show_tile=False"
        fi
    fi
-    if [[ -n ${protected:-} ]]
+    if [[ -n ${protected:-} ]]; then
-    then
+        if [ $protected == "true" ]; then
        if [ $protected == "true" ]
        then
            protected=",protected=True"
        else
            protected=",protected=False"
@ -161,7 +152,7 @@ ynh_permission_create() {
 ynh_permission_delete() {
    # Declare an array to define the options of this helper.
    local legacy_args=p
-    local -A args_array=( [p]=permission= )
+    local -A args_array=([p]=permission=)
    local permission
    ynh_handle_getopts_args "$@"
@ -178,7 +169,7 @@ ynh_permission_delete() {
 ynh_permission_exists() {
    # Declare an array to define the options of this helper.
    local legacy_args=p
-    local -A args_array=( [p]=permission= )
+    local -A args_array=([p]=permission=)
    local permission
    ynh_handle_getopts_args "$@"
@ -201,7 +192,7 @@ ynh_permission_exists() {
 ynh_permission_url() {
    # Declare an array to define the options of this helper.
    local legacy_args=puarhc
-    local -A args_array=( [p]=permission= [u]=url= [a]=add_url= [r]=remove_url= [h]=auth_header= [c]=clear_urls )
+    local -A args_array=([p]=permission= [u]=url= [a]=add_url= [r]=remove_url= [h]=auth_header= [c]=clear_urls)
    local permission
    local url
    local add_url
@ -215,13 +206,11 @@ ynh_permission_url() {
    auth_header=${auth_header:-}
    clear_urls=${clear_urls:-}
-    if [[ -n $url ]]
+    if [[ -n $url ]]; then
    then
        url=",url='$url'"
    fi
-    if [[ -n $add_url ]]
+    if [[ -n $add_url ]]; then
    then
        # Convert a list from getopts to python list
        # Note that getopts separate the args with ';'
        # For example:
@ -231,8 +220,7 @@ ynh_permission_url() {
        add_url=",add_url=['${add_url//;/\',\'}']"
    fi
-    if [[ -n $remove_url ]]
+    if [[ -n $remove_url ]]; then
    then
        # Convert a list from getopts to python list
        # Note that getopts separate the args with ';'
        # For example:
@ -242,25 +230,21 @@ ynh_permission_url() {
        remove_url=",remove_url=['${remove_url//;/\',\'}']"
    fi
-    if [[ -n $auth_header ]]
+    if [[ -n $auth_header ]]; then
-    then
+        if [ $auth_header == "true" ]; then
        if [ $auth_header == "true" ]
        then
            auth_header=",auth_header=True"
        else
            auth_header=",auth_header=False"
        fi
    fi
-    if [[ -n $clear_urls ]] && [ $clear_urls -eq 1 ]
+    if [[ -n $clear_urls ]] && [ $clear_urls -eq 1 ]; then
    then
        clear_urls=",clear_urls=True"
    fi
    yunohost tools shell -c "from yunohost.permission import permission_url; permission_url('$app.$permission' $url $add_url $remove_url $auth_header $clear_urls)"
 }
 # Update a permission for the app
 #
 # usage: ynh_permission_update --permission "permission" [--add="group" ["group" ...]] [--remove="group" ["group" ...]]
@ -276,7 +260,7 @@ ynh_permission_url() {
 ynh_permission_update() {
    # Declare an array to define the options of this helper.
    local legacy_args=parltP
-    local -A args_array=( [p]=permission= [a]=add= [r]=remove= [l]=label= [t]=show_tile= [P]=protected= )
+    local -A args_array=([p]=permission= [a]=add= [r]=remove= [l]=label= [t]=show_tile= [P]=protected=)
    local permission
    local add
    local remove
@ -290,8 +274,7 @@ ynh_permission_update() {
    show_tile=${show_tile:-}
    protected=${protected:-}
-    if [[ -n $add ]]
+    if [[ -n $add ]]; then
    then
        # Convert a list from getopts to python list
        # Note that getopts separate the args with ';'
        # For example:
@ -300,8 +283,7 @@ ynh_permission_update() {
        # add=['alice', 'bob']
        add=",add=['${add//';'/"','"}']"
    fi
-    if [[ -n $remove ]]
+    if [[ -n $remove ]]; then
    then
        # Convert a list from getopts to python list
        # Note that getopts separate the args with ';'
        # For example:
@ -311,15 +293,12 @@ ynh_permission_update() {
        remove=",remove=['${remove//';'/"','"}']"
    fi
-    if [[ -n $label ]]
+    if [[ -n $label ]]; then
    then
        label=",label='$label'"
    fi
-    if [[ -n $show_tile ]]
+    if [[ -n $show_tile ]]; then
-    then
+        if [ $show_tile == "true" ]; then
        if [ $show_tile == "true" ]
        then
            show_tile=",show_tile=True"
        else
            show_tile=",show_tile=False"
@ -327,8 +306,7 @@ ynh_permission_update() {
    fi
    if [[ -n $protected ]]; then
-        if [ $protected == "true" ]
+        if [ $protected == "true" ]; then
        then
            protected=",protected=True"
        else
            protected=",protected=False"
@ -351,23 +329,20 @@ ynh_permission_update() {
 ynh_permission_has_user() {
    local legacy_args=pu
    # Declare an array to define the options of this helper.
-    local -A args_array=( [p]=permission= [u]=user= )
+    local -A args_array=([p]=permission= [u]=user=)
    local permission
    local user
    # Manage arguments with getopts
    ynh_handle_getopts_args "$@"
-    if ! ynh_permission_exists --permission=$permission
+    if ! ynh_permission_exists --permission=$permission; then
    then
        return 1
    fi
    # Check both allowed and corresponding_users sections in the json
-    for section in "allowed" "corresponding_users"
+    for section in "allowed" "corresponding_users"; do
    do
        if yunohost user permission info "$app.$permission" --output-as json --quiet \
-            | jq -e --arg user $user --arg section $section '.[$section] | index($user)' >/dev/null
+            | jq -e --arg user $user --arg section $section '.[$section] | index($user)' >/dev/null; then
        then
            return 0
        fi
    done
@ -381,9 +356,8 @@ ynh_permission_has_user() {
 # | exit: Return 1 if the permission doesn't exist, 0 otherwise
 #
 # Requires YunoHost version 4.1.2 or higher.
-ynh_legacy_permissions_exists () {
+ynh_legacy_permissions_exists() {
-    for permission in "skipped" "unprotected" "protected"
+    for permission in "skipped" "unprotected" "protected"; do
    do
        if ynh_permission_exists --permission="legacy_${permission}_uris"; then
            return 0
        fi
@ -402,9 +376,8 @@ ynh_legacy_permissions_exists () {
 #       # You can recreate the required permissions here with ynh_permission_create
 #   fi
 # Requires YunoHost version 4.1.2 or higher.
-ynh_legacy_permissions_delete_all () {
+ynh_legacy_permissions_delete_all() {
-    for permission in "skipped" "unprotected" "protected"
+    for permission in "skipped" "unprotected" "protected"; do
    do
        if ynh_permission_exists --permission="legacy_${permission}_uris"; then
            ynh_permission_delete --permission="legacy_${permission}_uris"
        fi
--- a/data/helpers.d/php
+++ b/data/helpers.d/php
@ -56,10 +56,10 @@ YNH_PHP_VERSION=${YNH_PHP_VERSION:-$YNH_DEFAULT_PHP_VERSION}
 #   children ready to answer.
 #
 # Requires YunoHost version 4.1.0 or higher.
-ynh_add_fpm_config () {
+ynh_add_fpm_config() {
    # Declare an array to define the options of this helper.
    local legacy_args=vtufpd
-    local -A args_array=( [v]=phpversion= [t]=use_template [u]=usage= [f]=footprint= [p]=package= [d]=dedicated_service )
+    local -A args_array=([v]=phpversion= [t]=use_template [u]=usage= [f]=footprint= [p]=package= [d]=dedicated_service)
    local phpversion
    local use_template
    local usage
@ -86,8 +86,7 @@ ynh_add_fpm_config () {
    local old_phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
    # If the PHP version changed, remove the old fpm conf
-    if [ -n "$old_phpversion" ] && [ "$old_phpversion" != "$phpversion" ]
+    if [ -n "$old_phpversion" ] && [ "$old_phpversion" != "$phpversion" ]; then
    then
        local old_php_fpm_config_dir=$(ynh_app_setting_get --app=$app --key=fpm_config_dir)
        local old_php_finalphpconf="$old_php_fpm_config_dir/pool.d/$app.conf"
@ -97,25 +96,21 @@ ynh_add_fpm_config () {
    fi
    # If the requested PHP version is not the default version for YunoHost
-    if [ "$phpversion" != "$YNH_DEFAULT_PHP_VERSION" ]
+    if [ "$phpversion" != "$YNH_DEFAULT_PHP_VERSION" ]; then
    then
        # If the argument --package is used, add the packages to ynh_install_php to install them from sury
-        if [ -n "$package" ]
+        if [ -n "$package" ]; then
        then
            local additionnal_packages="--package=$package"
        else
            local additionnal_packages=""
        fi
        # Install this specific version of PHP.
        ynh_install_php --phpversion="$phpversion" "$additionnal_packages"
-    elif [ -n "$package" ]
+    elif [ -n "$package" ]; then
    then
        # Install the additionnal packages from the default repository
        ynh_install_app_dependencies "$package"
    fi
-    if [ $dedicated_service -eq 1 ]
+    if [ $dedicated_service -eq 1 ]; then
    then
        local fpm_service="${app}-phpfpm"
        local fpm_config_dir="/etc/php/$phpversion/dedicated-fpm"
    else
@ -132,12 +127,10 @@ ynh_add_fpm_config () {
    ynh_app_setting_set --app=$app --key=phpversion --value=$phpversion
    # Migrate from mutual PHP service to dedicated one.
-    if [ $dedicated_service -eq 1 ]
+    if [ $dedicated_service -eq 1 ]; then
    then
        local old_fpm_config_dir="/etc/php/$phpversion/fpm"
        # If a config file exist in the common pool, move it.
-        if [ -e "$old_fpm_config_dir/pool.d/$app.conf" ]
+        if [ -e "$old_fpm_config_dir/pool.d/$app.conf" ]; then
        then
            ynh_print_info --message="Migrate to a dedicated php-fpm service for $app."
            # Create a backup of the old file before migration
            ynh_backup_if_checksum_is_different --file="$old_fpm_config_dir/pool.d/$app.conf"
@ -148,8 +141,7 @@ ynh_add_fpm_config () {
        fi
    fi
-    if [ $use_template -eq 1 ]
+    if [ $use_template -eq 1 ]; then
    then
        # Usage 1, use the template in conf/php-fpm.conf
        local phpfpm_path="$YNH_APP_BASEDIR/conf/php-fpm.conf"
        # Make sure now that the template indeed exists
@ -181,49 +173,45 @@ pm = __PHP_PM__
 pm.max_children = __PHP_MAX_CHILDREN__
 pm.max_requests = 500
 request_terminate_timeout = 1d
-" > $phpfpm_path
+" >$phpfpm_path
-        if [ "$php_pm" = "dynamic" ]
+        if [ "$php_pm" = "dynamic" ]; then
        then
            echo "
 pm.start_servers = __PHP_START_SERVERS__
 pm.min_spare_servers = __PHP_MIN_SPARE_SERVERS__
 pm.max_spare_servers = __PHP_MAX_SPARE_SERVERS__
-" >> $phpfpm_path
+" >>$phpfpm_path
-        elif [ "$php_pm" = "ondemand" ]
+        elif [ "$php_pm" = "ondemand" ]; then
        then
            echo "
 pm.process_idle_timeout = 10s
-" >> $phpfpm_path
+" >>$phpfpm_path
        fi
        # Concatene the extra config.
        if [ -e $YNH_APP_BASEDIR/conf/extra_php-fpm.conf ]; then
-            cat $YNH_APP_BASEDIR/conf/extra_php-fpm.conf >> "$phpfpm_path"
+            cat $YNH_APP_BASEDIR/conf/extra_php-fpm.conf >>"$phpfpm_path"
        fi
    fi
    local finalphpconf="$fpm_config_dir/pool.d/$app.conf"
    ynh_add_config --template="$phpfpm_path" --destination="$finalphpconf"
-    if [ -e "$YNH_APP_BASEDIR/conf/php-fpm.ini" ]
+    if [ -e "$YNH_APP_BASEDIR/conf/php-fpm.ini" ]; then
    then
        ynh_print_warn --message="Packagers ! Please do not use a separate php ini file, merge your directives in the pool file instead."
        ynh_add_config --template="$YNH_APP_BASEDIR/conf/php-fpm.ini" --destination="$fpm_config_dir/conf.d/20-$app.ini"
    fi
-    if [ $dedicated_service -eq 1 ]
+    if [ $dedicated_service -eq 1 ]; then
    then
        # Create a dedicated php-fpm.conf for the service
        local globalphpconf=$fpm_config_dir/php-fpm-$app.conf
-echo "[global]
+        echo "[global]
 pid = /run/php/php__PHPVERSION__-fpm-__APP__.pid
 error_log = /var/log/php/fpm-php.__APP__.log
 syslog.ident = php-fpm-__APP__
 include = __FINALPHPCONF__
-" > $YNH_APP_BASEDIR/conf/php-fpm-$app.conf
+" >$YNH_APP_BASEDIR/conf/php-fpm-$app.conf
        ynh_add_config --template="$YNH_APP_BASEDIR/conf/php-fpm-$app.conf" --destination="$globalphpconf"
@ -240,7 +228,7 @@ ExecReload=/bin/kill -USR2 \$MAINPID
 [Install]
 WantedBy=multi-user.target
-" > $YNH_APP_BASEDIR/conf/$fpm_service
+" >$YNH_APP_BASEDIR/conf/$fpm_service
        # Create this dedicated PHP-FPM service
        ynh_add_systemd_config --service=$fpm_service --template=$fpm_service
@ -252,8 +240,7 @@ WantedBy=multi-user.target
        ynh_systemd_action --service_name=$fpm_service --action=restart
    else
        # Validate that the new php conf doesn't break php-fpm entirely
-        if ! php-fpm${phpversion} --test 2>/dev/null
+        if ! php-fpm${phpversion} --test 2>/dev/null; then
        then
            php-fpm${phpversion} --test || true
            ynh_secure_remove --file="$finalphpconf"
            ynh_die --message="The new configuration broke php-fpm?"
@ -267,7 +254,7 @@ WantedBy=multi-user.target
 # usage: ynh_remove_fpm_config
 #
 # Requires YunoHost version 2.7.2 or higher.
-ynh_remove_fpm_config () {
+ynh_remove_fpm_config() {
    local fpm_config_dir=$(ynh_app_setting_get --app=$app --key=fpm_config_dir)
    local fpm_service=$(ynh_app_setting_get --app=$app --key=fpm_service)
    local dedicated_service=$(ynh_app_setting_get --app=$app --key=fpm_dedicated_service)
@ -279,20 +266,17 @@ ynh_remove_fpm_config () {
    phpversion="${phpversion:-$YNH_DEFAULT_PHP_VERSION}"
    # Assume default PHP files if not set
-    if [ -z "$fpm_config_dir" ]
+    if [ -z "$fpm_config_dir" ]; then
    then
        fpm_config_dir="/etc/php/$YNH_DEFAULT_PHP_VERSION/fpm"
        fpm_service="php$YNH_DEFAULT_PHP_VERSION-fpm"
    fi
    ynh_secure_remove --file="$fpm_config_dir/pool.d/$app.conf"
-    if [ -e $fpm_config_dir/conf.d/20-$app.ini ]
+    if [ -e $fpm_config_dir/conf.d/20-$app.ini ]; then
    then
        ynh_secure_remove --file="$fpm_config_dir/conf.d/20-$app.ini"
    fi
-    if [ $dedicated_service -eq 1 ]
+    if [ $dedicated_service -eq 1 ]; then
    then
        # Remove the dedicated service PHP-FPM service for the app
        ynh_remove_systemd_config --service=$fpm_service
        # Remove the global PHP-FPM conf
@ -304,8 +288,7 @@ ynh_remove_fpm_config () {
    fi
    # If the PHP version used is not the default version for YunoHost
-    if [ "$phpversion" != "$YNH_DEFAULT_PHP_VERSION" ]
+    if [ "$phpversion" != "$YNH_DEFAULT_PHP_VERSION" ]; then
    then
        # Remove this specific version of PHP
        ynh_remove_php
    fi
@ -320,18 +303,17 @@ ynh_remove_fpm_config () {
 # | arg: -p, --package=     - Additionnal PHP packages to install
 #
 # Requires YunoHost version 3.8.1 or higher.
-ynh_install_php () {
+ynh_install_php() {
    # Declare an array to define the options of this helper.
    local legacy_args=vp
-    local -A args_array=( [v]=phpversion= [p]=package= )
+    local -A args_array=([v]=phpversion= [p]=package=)
    local phpversion
    local package
    # Manage arguments with getopts
    ynh_handle_getopts_args "$@"
    package=${package:-}
-    if [ "$phpversion" == "$YNH_DEFAULT_PHP_VERSION" ]
+    if [ "$phpversion" == "$YNH_DEFAULT_PHP_VERSION" ]; then
    then
        ynh_die --message="Do not use ynh_install_php to install php$YNH_DEFAULT_PHP_VERSION"
    fi
@ -369,10 +351,10 @@ ynh_remove_php () {
 # high   - High usage, frequently visited website.
 #
 # | arg: -p, --print            - Print the result (intended for debug purpose only when packaging the app)
-ynh_get_scalable_phpfpm () {
+ynh_get_scalable_phpfpm() {
    local legacy_args=ufp
    # Declare an array to define the options of this helper.
-    local -A args_array=( [u]=usage= [f]=footprint= [p]=print )
+    local -A args_array=([u]=usage= [f]=footprint= [p]=print)
    local usage
    local footprint
    local print
@ -383,38 +365,30 @@ ynh_get_scalable_phpfpm () {
    usage=${usage,,}
    print=${print:-0}
-    if [ "$footprint" = "low" ]
+    if [ "$footprint" = "low" ]; then
    then
        footprint=20
-    elif [ "$footprint" = "medium" ]
+    elif [ "$footprint" = "medium" ]; then
    then
        footprint=35
-    elif [ "$footprint" = "high" ]
+    elif [ "$footprint" = "high" ]; then
    then
        footprint=50
    fi
    # Define the factor to determine min_spare_servers
    # to avoid having too few children ready to start for heavy apps
-    if [ $footprint -le 20 ]
+    if [ $footprint -le 20 ]; then
    then
        min_spare_servers_factor=8
-    elif [ $footprint -le 35 ]
+    elif [ $footprint -le 35 ]; then
    then
        min_spare_servers_factor=5
    else
        min_spare_servers_factor=3
    fi
    # Define the way the process manager handle child processes.
-    if [ "$usage" = "low" ]
+    if [ "$usage" = "low" ]; then
    then
        php_pm=ondemand
-    elif [ "$usage" = "medium" ]
+    elif [ "$usage" = "medium" ]; then
    then
        php_pm=dynamic
-    elif [ "$usage" = "high" ]
+    elif [ "$usage" = "high" ]; then
    then
        php_pm=static
    else
        ynh_die --message="Does not recognize '$usage' as an usage value."
@ -425,8 +399,7 @@ ynh_get_scalable_phpfpm () {
    at_least_one() {
        # Do not allow value below 1
-        if [ $1 -le 0 ]
+        if [ $1 -le 0 ]; then
        then
            echo 1
        else
            echo $1
@ -436,20 +409,18 @@ ynh_get_scalable_phpfpm () {
    # Define pm.max_children
    # The value of pm.max_children is the total amount of ram divide by 2 and divide again by the footprint of a pool for this app.
    # So if PHP-FPM start the maximum of children, it won't exceed half of the ram.
-    php_max_children=$(( $max_ram / 2 / $footprint ))
+    php_max_children=$(($max_ram / 2 / $footprint))
    # If process manager is set as static, use half less children.
    # Used as static, there's always as many children as the value of pm.max_children
-    if [ "$php_pm" = "static" ]
+    if [ "$php_pm" = "static" ]; then
-    then
+        php_max_children=$(($php_max_children / 2))
        php_max_children=$(( $php_max_children / 2 ))
    fi
    php_max_children=$(at_least_one $php_max_children)
    # To not overload the proc, limit the number of children to 4 times the number of cores.
    local core_number=$(nproc)
-    local max_proc=$(( $core_number * 4 ))
+    local max_proc=$(($core_number * 4))
-    if [ $php_max_children -gt $max_proc ]
+    if [ $php_max_children -gt $max_proc ]; then
    then
        php_max_children=$max_proc
    fi
@ -459,16 +430,15 @@ ynh_get_scalable_phpfpm () {
        php_max_children=$php_forced_max_children
    fi
-    if [ "$php_pm" = "dynamic" ]
+    if [ "$php_pm" = "dynamic" ]; then
    then
        # Define pm.start_servers, pm.min_spare_servers and pm.max_spare_servers for a dynamic process manager
-        php_min_spare_servers=$(( $php_max_children / $min_spare_servers_factor ))
+        php_min_spare_servers=$(($php_max_children / $min_spare_servers_factor))
        php_min_spare_servers=$(at_least_one $php_min_spare_servers)
-        php_max_spare_servers=$(( $php_max_children / 2 ))
+        php_max_spare_servers=$(($php_max_children / 2))
        php_max_spare_servers=$(at_least_one $php_max_spare_servers)
-        php_start_servers=$(( $php_min_spare_servers + ( $php_max_spare_servers - $php_min_spare_servers ) /2 ))
+        php_start_servers=$(($php_min_spare_servers + ($php_max_spare_servers - $php_min_spare_servers) / 2))
        php_start_servers=$(at_least_one $php_start_servers)
    else
        php_min_spare_servers=0
@ -476,27 +446,22 @@ ynh_get_scalable_phpfpm () {
        php_start_servers=0
    fi
-    if [ $print -eq 1 ]
+    if [ $print -eq 1 ]; then
    then
        ynh_print_warn --message="Footprint=${footprint}Mb by pool."
        ynh_print_warn --message="Process manager=$php_pm"
        ynh_print_warn --message="Max RAM=${max_ram}Mb"
-        if [ "$php_pm" != "static" ]
+        if [ "$php_pm" != "static" ]; then
-        then
+            ynh_print_warn --message="\nMax estimated footprint=$(($php_max_children * $footprint))"
-            ynh_print_warn --message="\nMax estimated footprint=$(( $php_max_children * $footprint ))"
+            ynh_print_warn --message="Min estimated footprint=$(($php_min_spare_servers * $footprint))"
            ynh_print_warn --message="Min estimated footprint=$(( $php_min_spare_servers * $footprint ))"
        fi
-        if [ "$php_pm" = "dynamic" ]
+        if [ "$php_pm" = "dynamic" ]; then
-        then
+            ynh_print_warn --message="Estimated average footprint=$(($php_max_spare_servers * $footprint))"
-            ynh_print_warn --message="Estimated average footprint=$(( $php_max_spare_servers * $footprint ))"
+        elif [ "$php_pm" = "static" ]; then
-        elif [ "$php_pm" = "static" ]
+            ynh_print_warn --message="Estimated footprint=$(($php_max_children * $footprint))"
        then
            ynh_print_warn --message="Estimated footprint=$(( $php_max_children * $footprint ))"
        fi
        ynh_print_warn --message="\nRaw php-fpm values:"
        ynh_print_warn --message="pm.max_children = $php_max_children"
-        if [ "$php_pm" = "dynamic" ]
+        if [ "$php_pm" = "dynamic" ]; then
        then
            ynh_print_warn --message="pm.start_servers = $php_start_servers"
            ynh_print_warn --message="pm.min_spare_servers = $php_min_spare_servers"
            ynh_print_warn --message="pm.max_spare_servers = $php_max_spare_servers"
@ -517,10 +482,10 @@ YNH_COMPOSER_VERSION=${YNH_COMPOSER_VERSION:-$YNH_DEFAULT_COMPOSER_VERSION}
 # | arg: -c, --commands - Commands to execute.
 #
 # Requires YunoHost version 4.2 or higher.
-ynh_composer_exec () {
+ynh_composer_exec() {
    # Declare an array to define the options of this helper.
    local legacy_args=vwc
-    declare -Ar args_array=( [v]=phpversion= [w]=workdir= [c]=commands= )
+    declare -Ar args_array=([v]=phpversion= [w]=workdir= [c]=commands=)
    local phpversion
    local workdir
    local commands
@ -543,10 +508,10 @@ ynh_composer_exec () {
 # | arg: -c, --composerversion - Composer version to install
 #
 # Requires YunoHost version 4.2 or higher.
-ynh_install_composer () {
+ynh_install_composer() {
    # Declare an array to define the options of this helper.
    local legacy_args=vwac
-    declare -Ar args_array=( [v]=phpversion= [w]=workdir= [a]=install_args= [c]=composerversion=)
+    declare -Ar args_array=([v]=phpversion= [w]=workdir= [a]=install_args= [c]=composerversion=)
    local phpversion
    local workdir
    local install_args
@ -560,7 +525,7 @@ ynh_install_composer () {
    curl -sS https://getcomposer.org/installer \
        | COMPOSER_HOME="$workdir/.composer" \
-        php${phpversion} -- --quiet --install-dir="$workdir" --version=$composerversion \
+            php${phpversion} -- --quiet --install-dir="$workdir" --version=$composerversion \
        || ynh_die --message="Unable to install Composer."
    # install dependencies
--- a/data/helpers.d/postgresql
+++ b/data/helpers.d/postgresql
@ -46,8 +46,7 @@ ynh_psql_execute_as_root() {
    ynh_handle_getopts_args "$@"
    database="${database:-}"
-    if [ -n "$database" ]
+    if [ -n "$database" ]; then
    then
        database="--database=$database"
    fi
@ -72,8 +71,7 @@ ynh_psql_execute_file_as_root() {
    ynh_handle_getopts_args "$@"
    database="${database:-}"
-    if [ -n "$database" ]
+    if [ -n "$database" ]; then
    then
        database="--database=$database"
    fi
@ -175,8 +173,7 @@ ynh_psql_user_exists() {
    # Manage arguments with getopts
    ynh_handle_getopts_args "$@"
-    if ! sudo --login --user=postgres PGUSER="postgres" PGPASSWORD="$(cat $PSQL_ROOT_PWD_FILE)" psql -tAc "SELECT rolname FROM pg_roles WHERE rolname='$user';" | grep --quiet "$user"
+    if ! sudo --login --user=postgres PGUSER="postgres" PGPASSWORD="$(cat $PSQL_ROOT_PWD_FILE)" psql -tAc "SELECT rolname FROM pg_roles WHERE rolname='$user';" | grep --quiet "$user"; then
    then
        return 1
    else
        return 0
@ -198,8 +195,7 @@ ynh_psql_database_exists() {
    # Manage arguments with getopts
    ynh_handle_getopts_args "$@"
-    if ! sudo --login --user=postgres PGUSER="postgres" PGPASSWORD="$(cat $PSQL_ROOT_PWD_FILE)" psql -tAc "SELECT datname FROM pg_database WHERE datname='$database';" | grep --quiet "$database"
+    if ! sudo --login --user=postgres PGUSER="postgres" PGPASSWORD="$(cat $PSQL_ROOT_PWD_FILE)" psql -tAc "SELECT datname FROM pg_database WHERE datname='$database';" | grep --quiet "$database"; then
    then
        return 1
    else
        return 0
@ -269,16 +265,14 @@ ynh_psql_remove_db() {
    # Manage arguments with getopts
    ynh_handle_getopts_args "$@"
-    if ynh_psql_database_exists --database=$db_name
+    if ynh_psql_database_exists --database=$db_name; then # Check if the database exists
-    then # Check if the database exists
+        ynh_psql_drop_db $db_name                         # Remove the database
        ynh_psql_drop_db $db_name # Remove the database
    else
        ynh_print_warn --message="Database $db_name not found"
    fi
    # Remove psql user if it exists
-    if ynh_psql_user_exists --user=$db_user
+    if ynh_psql_user_exists --user=$db_user; then
    then
        ynh_psql_drop_user $db_user
    else
        ynh_print_warn --message="User $db_user not found"
@ -310,8 +304,7 @@ ynh_psql_test_if_first_run() {
    # If this is the very first time, we define the root password
    # and configure a few things
-    if [ ! -f "$PSQL_ROOT_PWD_FILE" ]
+    if [ ! -f "$PSQL_ROOT_PWD_FILE" ]; then
    then
        local pg_hba=/etc/postgresql/$PSQL_VERSION/main/pg_hba.conf
        local psql_root_password="$(ynh_string_random)"
--- a/data/helpers.d/setting
+++ b/data/helpers.d/setting
@ -10,7 +10,7 @@
 ynh_app_setting_get() {
    # Declare an array to define the options of this helper.
    local legacy_args=ak
-    local -A args_array=( [a]=app= [k]=key= )
+    local -A args_array=([a]=app= [k]=key=)
    local app
    local key
    # Manage arguments with getopts
@ -34,7 +34,7 @@ ynh_app_setting_get() {
 ynh_app_setting_set() {
    # Declare an array to define the options of this helper.
    local legacy_args=akv
-    local -A args_array=( [a]=app= [k]=key= [v]=value= )
+    local -A args_array=([a]=app= [k]=key= [v]=value=)
    local app
    local key
    local value
@ -58,7 +58,7 @@ ynh_app_setting_set() {
 ynh_app_setting_delete() {
    # Declare an array to define the options of this helper.
    local legacy_args=ak
-    local -A args_array=( [a]=app= [k]=key= )
+    local -A args_array=([a]=app= [k]=key=)
    local app
    local key
    # Manage arguments with getopts
@ -76,8 +76,7 @@ ynh_app_setting_delete() {
 #
 # [internal]
 #
-ynh_app_setting()
+ynh_app_setting() {
 {
    set +o xtrace # set +x
    ACTION="$1" APP="$2" KEY="$3" VALUE="${4:-}" python3 - <<EOF
 import os, yaml, sys
@ -115,10 +114,10 @@ EOF
 # example: ynh_webpath_available --domain=some.domain.tld --path_url=/coffee
 #
 # Requires YunoHost version 2.6.4 or higher.
-ynh_webpath_available () {
+ynh_webpath_available() {
    # Declare an array to define the options of this helper.
    local legacy_args=dp
-    local -A args_array=( [d]=domain= [p]=path_url= )
+    local -A args_array=([d]=domain= [p]=path_url=)
    local domain
    local path_url
    # Manage arguments with getopts
@ -137,10 +136,10 @@ ynh_webpath_available () {
 # example: ynh_webpath_register --app=wordpress --domain=some.domain.tld --path_url=/coffee
 #
 # Requires YunoHost version 2.6.4 or higher.
-ynh_webpath_register () {
+ynh_webpath_register() {
    # Declare an array to define the options of this helper.
    local legacy_args=adp
-    local -A args_array=( [a]=app= [d]=domain= [p]=path_url= )
+    local -A args_array=([a]=app= [d]=domain= [p]=path_url=)
    local app
    local domain
    local path_url
--- a/data/helpers.d/string
+++ b/data/helpers.d/string
@ -12,13 +12,13 @@
 ynh_string_random() {
    # Declare an array to define the options of this helper.
    local legacy_args=l
-    local -A args_array=( [l]=length= )
+    local -A args_array=([l]=length=)
    local length
    # Manage arguments with getopts
    ynh_handle_getopts_args "$@"
    length=${length:-24}
-    dd if=/dev/urandom bs=1 count=1000 2> /dev/null \
+    dd if=/dev/urandom bs=1 count=1000 2>/dev/null \
        | tr --complement --delete 'A-Za-z0-9' \
        | sed --quiet 's/\(.\{'"$length"'\}\).*/\1/p'
 }
@ -34,10 +34,10 @@ ynh_string_random() {
 # sub-expressions can be used (see sed manual page for more information)
 #
 # Requires YunoHost version 2.6.4 or higher.
-ynh_replace_string () {
+ynh_replace_string() {
    # Declare an array to define the options of this helper.
    local legacy_args=mrf
-    local -A args_array=( [m]=match_string= [r]=replace_string= [f]=target_file= )
+    local -A args_array=([m]=match_string= [r]=replace_string= [f]=target_file=)
    local match_string
    local replace_string
    local target_file
@ -65,10 +65,10 @@ ynh_replace_string () {
 # characters, you can't use some regular expressions and sub-expressions.
 #
 # Requires YunoHost version 2.7.7 or higher.
-ynh_replace_special_string () {
+ynh_replace_special_string() {
    # Declare an array to define the options of this helper.
    local legacy_args=mrf
-    local -A args_array=( [m]=match_string= [r]=replace_string= [f]=target_file= )
+    local -A args_array=([m]=match_string= [r]=replace_string= [f]=target_file=)
    local match_string
    local replace_string
    local target_file
@ -97,10 +97,10 @@ ynh_replace_special_string () {
 # Underscorify the string (replace - and . by _)
 #
 # Requires YunoHost version 2.2.4 or higher.
-ynh_sanitize_dbid () {
+ynh_sanitize_dbid() {
    # Declare an array to define the options of this helper.
    local legacy_args=n
-    local -A args_array=( [n]=db_name= )
+    local -A args_array=([n]=db_name=)
    local db_name
    # Manage arguments with getopts
    ynh_handle_getopts_args "$@"
@ -127,20 +127,20 @@ ynh_sanitize_dbid () {
 # | arg: -p, --path_url=    - URL path to normalize before using it
 #
 # Requires YunoHost version 2.6.4 or higher.
-ynh_normalize_url_path () {
+ynh_normalize_url_path() {
    # Declare an array to define the options of this helper.
    local legacy_args=p
-    local -A args_array=( [p]=path_url= )
+    local -A args_array=([p]=path_url=)
    local path_url
    # Manage arguments with getopts
    ynh_handle_getopts_args "$@"
    test -n "$path_url" || ynh_die --message="ynh_normalize_url_path expect a URL path as first argument and received nothing."
-    if [ "${path_url:0:1}" != "/" ]; then    # If the first character is not a /
+    if [ "${path_url:0:1}" != "/" ]; then # If the first character is not a /
-        path_url="/$path_url"    # Add / at begin of path variable
+        path_url="/$path_url"             # Add / at begin of path variable
    fi
-    if [ "${path_url:${#path_url}-1}" == "/" ] && [ ${#path_url} -gt 1 ]; then    # If the last character is a / and that not the only character.
+    if [ "${path_url:${#path_url}-1}" == "/" ] && [ ${#path_url} -gt 1 ]; then # If the last character is a / and that not the only character.
-        path_url="${path_url:0:${#path_url}-1}"	# Delete the last character
+        path_url="${path_url:0:${#path_url}-1}"                                # Delete the last character
    fi
    echo $path_url
 }
--- a/data/helpers.d/systemd
+++ b/data/helpers.d/systemd
@ -12,10 +12,10 @@
 # format and how placeholders are replaced with actual variables.
 #
 # Requires YunoHost version 4.1.0 or higher.
-ynh_add_systemd_config () {
+ynh_add_systemd_config() {
    # Declare an array to define the options of this helper.
    local legacy_args=stv
-    local -A args_array=( [s]=service= [t]=template=  [v]=others_var=)
+    local -A args_array=([s]=service= [t]=template= [v]=others_var=)
    local service
    local template
    local others_var
@ -39,18 +39,17 @@ ynh_add_systemd_config () {
 # | arg: -s, --service=     - Service name (optionnal, $app by default)
 #
 # Requires YunoHost version 2.7.2 or higher.
-ynh_remove_systemd_config () {
+ynh_remove_systemd_config() {
    # Declare an array to define the options of this helper.
    local legacy_args=s
-    local -A args_array=( [s]=service= )
+    local -A args_array=([s]=service=)
    local service
    # Manage arguments with getopts
    ynh_handle_getopts_args "$@"
    local service="${service:-$app}"
    local finalsystemdconf="/etc/systemd/system/$service.service"
-    if [ -e "$finalsystemdconf" ]
+    if [ -e "$finalsystemdconf" ]; then
    then
        ynh_systemd_action --service_name=$service --action=stop
        systemctl disable $service --quiet
        ynh_secure_remove --file="$finalsystemdconf"
@ -72,7 +71,7 @@ ynh_remove_systemd_config () {
 ynh_systemd_action() {
    # Declare an array to define the options of this helper.
    local legacy_args=nalpte
-    local -A args_array=( [n]=service_name= [a]=action= [l]=line_match= [p]=log_path= [t]=timeout= [e]=length= )
+    local -A args_array=([n]=service_name= [a]=action= [l]=line_match= [p]=log_path= [t]=timeout= [e]=length=)
    local service_name
    local action
    local line_match
@ -89,25 +88,22 @@ ynh_systemd_action() {
    timeout=${timeout:-300}
    # Manage case of service already stopped
-    if [ "$action" == "stop" ] && ! systemctl is-active --quiet $service_name
+    if [ "$action" == "stop" ] && ! systemctl is-active --quiet $service_name; then
    then
        return 0
    fi
    # Start to read the log
-    if [[ -n "$line_match" ]]
+    if [[ -n "$line_match" ]]; then
    then
        local templog="$(mktemp)"
        # Following the starting of the app in its log
-        if [ "$log_path" == "systemd" ]
+        if [ "$log_path" == "systemd" ]; then
        then
            # Read the systemd journal
-            journalctl --unit=$service_name --follow --since=-0 --quiet > "$templog" &
+            journalctl --unit=$service_name --follow --since=-0 --quiet >"$templog" &
            # Get the PID of the journalctl command
            local pid_tail=$!
        else
            # Read the specified log file
-            tail --follow=name --retry --lines=0 "$log_path" > "$templog" 2>&1 &
+            tail --follow=name --retry --lines=0 "$log_path" >"$templog" 2>&1 &
            # Get the PID of the tail command
            local pid_tail=$!
        fi
@ -119,13 +115,11 @@ ynh_systemd_action() {
    fi
    # If the service fails to perform the action
-    if ! systemctl $action $service_name
+    if ! systemctl $action $service_name; then
    then
        # Show syslog for this service
        ynh_exec_err journalctl --quiet --no-hostname --no-pager --lines=$length --unit=$service_name
        # If a log is specified for this service, show also the content of this log
-        if [ -e "$log_path" ]
+        if [ -e "$log_path" ]; then
        then
            ynh_exec_err tail --lines=$length "$log_path"
        fi
        ynh_clean_check_starting
@ -133,15 +127,12 @@ ynh_systemd_action() {
    fi
    # Start the timeout and try to find line_match
-    if [[ -n "${line_match:-}" ]]
+    if [[ -n "${line_match:-}" ]]; then
    then
        set +x
        local i=0
-        for i in $(seq 1 $timeout)
+        for i in $(seq 1 $timeout); do
        do
            # Read the log until the sentence is found, that means the app finished to start. Or run until the timeout
-            if grep --extended-regexp --quiet "$line_match" "$templog"
+            if grep --extended-regexp --quiet "$line_match" "$templog"; then
            then
                ynh_print_info --message="The service $service_name has correctly executed the action ${action}."
                break
            fi
@ -154,13 +145,11 @@ ynh_systemd_action() {
        if [ $i -ge 3 ]; then
            echo "" >&2
        fi
-        if [ $i -eq $timeout ]
+        if [ $i -eq $timeout ]; then
        then
            ynh_print_warn --message="The service $service_name didn't fully executed the action ${action} before the timeout."
            ynh_print_warn --message="Please find here an extract of the end of the log of the service $service_name:"
            ynh_exec_warn journalctl --quiet --no-hostname --no-pager --lines=$length --unit=$service_name
-            if [ -e "$log_path" ]
+            if [ -e "$log_path" ]; then
            then
                ynh_print_warn --message="\-\-\-"
                ynh_exec_warn tail --lines=$length "$log_path"
            fi
@ -174,14 +163,12 @@ ynh_systemd_action() {
 # [internal]
 #
 # Requires YunoHost version 3.5.0 or higher.
-ynh_clean_check_starting () {
+ynh_clean_check_starting() {
-    if [ -n "${pid_tail:-}" ]
+    if [ -n "${pid_tail:-}" ]; then
    then
        # Stop the execution of tail.
        kill -SIGTERM $pid_tail 2>&1
    fi
-    if [ -n "${templog:-}" ]
+    if [ -n "${templog:-}" ]; then
    then
        ynh_secure_remove --file="$templog" 2>&1
    fi
 }
--- a/data/helpers.d/user
+++ b/data/helpers.d/user
@ -12,7 +12,7 @@
 ynh_user_exists() {
    # Declare an array to define the options of this helper.
    local legacy_args=u
-    local -A args_array=( [u]=username= )
+    local -A args_array=([u]=username=)
    local username
    # Manage arguments with getopts
    ynh_handle_getopts_args "$@"
@ -33,7 +33,7 @@ ynh_user_exists() {
 ynh_user_get_info() {
    # Declare an array to define the options of this helper.
    local legacy_args=uk
-    local -A args_array=( [u]=username= [k]=key= )
+    local -A args_array=([u]=username= [k]=key=)
    local username
    local key
    # Manage arguments with getopts
@ -64,7 +64,7 @@ ynh_user_list() {
 ynh_system_user_exists() {
    # Declare an array to define the options of this helper.
    local legacy_args=u
-    local -A args_array=( [u]=username= )
+    local -A args_array=([u]=username=)
    local username
    # Manage arguments with getopts
    ynh_handle_getopts_args "$@"
@ -82,7 +82,7 @@ ynh_system_user_exists() {
 ynh_system_group_exists() {
    # Declare an array to define the options of this helper.
    local legacy_args=g
-    local -A args_array=( [g]=group= )
+    local -A args_array=([g]=group=)
    local group
    # Manage arguments with getopts
    ynh_handle_getopts_args "$@"
@ -108,10 +108,10 @@ ynh_system_group_exists() {
 # ```
 #
 # Requires YunoHost version 2.6.4 or higher.
-ynh_system_user_create () {
+ynh_system_user_create() {
    # Declare an array to define the options of this helper.
    local legacy_args=uhs
-    local -A args_array=( [u]=username= [h]=home_dir= [s]=use_shell [g]=groups= )
+    local -A args_array=([u]=username= [h]=home_dir= [s]=use_shell [g]=groups=)
    local username
    local home_dir
    local use_shell
@ -123,17 +123,15 @@ ynh_system_user_create () {
    home_dir="${home_dir:-}"
    groups="${groups:-}"
-    if ! ynh_system_user_exists "$username"	# Check if the user exists on the system
+    if ! ynh_system_user_exists "$username"; then # Check if the user exists on the system
-    then	# If the user doesn't exist
+        # If the user doesn't exist
-        if [ -n "$home_dir" ]
+        if [ -n "$home_dir" ]; then # If a home dir is mentioned
        then	# If a home dir is mentioned
            local user_home_dir="--home-dir $home_dir"
        else
            local user_home_dir="--no-create-home"
        fi
-        if [ $use_shell -eq 1 ]
+        if [ $use_shell -eq 1 ]; then # If we want a shell for the user
-        then	# If we want a shell for the user
+            local shell=""            # Use default shell
            local shell="" # Use default shell
        else
            local shell="--shell /usr/sbin/nologin"
        fi
@ -141,8 +139,7 @@ ynh_system_user_create () {
    fi
    local group
-    for group in $groups
+    for group in $groups; do
    do
        usermod -a -G "$group" "$username"
    done
 }
@ -153,25 +150,23 @@ ynh_system_user_create () {
 # | arg: -u, --username=    - Name of the system user that will be create
 #
 # Requires YunoHost version 2.6.4 or higher.
-ynh_system_user_delete () {
+ynh_system_user_delete() {
    # Declare an array to define the options of this helper.
    local legacy_args=u
-    local -A args_array=( [u]=username= )
+    local -A args_array=([u]=username=)
    local username
    # Manage arguments with getopts
    ynh_handle_getopts_args "$@"
    # Check if the user exists on the system
-    if ynh_system_user_exists "$username"
+    if ynh_system_user_exists "$username"; then
    then
        deluser $username
    else
        ynh_print_warn --message="The user $username was not found"
    fi
    # Check if the group exists on the system
-    if ynh_system_group_exists "$username"
+    if ynh_system_group_exists "$username"; then
    then
        delgroup $username
    fi
 }
--- a/data/helpers.d/utils
+++ b/data/helpers.d/utils
@ -19,25 +19,25 @@ YNH_APP_BASEDIR=${YNH_APP_BASEDIR:-$(realpath ..)}
 # It prints a warning to inform that the script was failed, and execute the ynh_clean_setup function if used in the app script
 #
 # Requires YunoHost version 2.6.4 or higher.
-ynh_exit_properly () {
+ynh_exit_properly() {
    local exit_code=$?
    rm -rf "/var/cache/yunohost/download/"
    if [ "$exit_code" -eq 0 ]; then
-        exit 0	# Exit without error if the script ended correctly
+        exit 0 # Exit without error if the script ended correctly
    fi
-    trap '' EXIT	# Ignore new exit signals
+    trap '' EXIT # Ignore new exit signals
    # Do not exit anymore if a command fail or if a variable is empty
-    set +o errexit  # set +e
+    set +o errexit # set +e
-    set +o nounset  # set +u
+    set +o nounset # set +u
    # Small tempo to avoid the next message being mixed up with other DEBUG messages
    sleep 0.5
-    if type -t ynh_clean_setup > /dev/null; then	# Check if the function exist in the app script.
+    if type -t ynh_clean_setup >/dev/null; then # Check if the function exist in the app script.
-        ynh_clean_setup	# Call the function to do specific cleaning for the app.
+        ynh_clean_setup                         # Call the function to do specific cleaning for the app.
    fi
    # Exit with error status
@ -55,10 +55,10 @@ ynh_exit_properly () {
 # and a call to `ynh_clean_setup` is triggered if it has been defined by your script.
 #
 # Requires YunoHost version 2.6.4 or higher.
-ynh_abort_if_errors () {
+ynh_abort_if_errors() {
-    set -o errexit  # set -e; Exit if a command fail
+    set -o errexit              # set -e; Exit if a command fail
-    set -o nounset  # set -u; And if a variable is used unset
+    set -o nounset              # set -u; And if a variable is used unset
-    trap ynh_exit_properly EXIT	# Capturing exit signals on shell script
+    trap ynh_exit_properly EXIT # Capturing exit signals on shell script
 }
 # Download, check integrity, uncompress and patch the source from app.src
@ -99,10 +99,10 @@ ynh_abort_if_errors () {
 # - Extra files in `sources/extra_files/$src_id` will be copied to dest_dir
 #
 # Requires YunoHost version 2.6.4 or higher.
-ynh_setup_source () {
+ynh_setup_source() {
    # Declare an array to define the options of this helper.
    local legacy_args=dsk
-    local -A args_array=( [d]=dest_dir= [s]=source_id= [k]=keep= )
+    local -A args_array=([d]=dest_dir= [s]=source_id= [k]=keep=)
    local dest_dir
    local source_id
    local keep
@ -133,15 +133,13 @@ ynh_setup_source () {
        src_filename="${source_id}.${src_format}"
    fi
    # (Unused?) mecanism where one can have the file in a special local cache to not have to download it...
    local local_src="/opt/yunohost-apps-src/${YNH_APP_ID}/${src_filename}"
    mkdir -p /var/cache/yunohost/download/${YNH_APP_ID}/
    src_filename="/var/cache/yunohost/download/${YNH_APP_ID}/${src_filename}"
-    if test -e "$local_src"
+    if test -e "$local_src"; then
    then
        cp $local_src $src_filename
    else
        [ -n "$src_url" ] || ynh_die "Couldn't parse SOURCE_URL from $src_file_path ?"
@ -162,15 +160,12 @@ ynh_setup_source () {
    # Keep files to be backup/restored at the end of the helper
    # Assuming $dest_dir already exists
    rm -rf /var/cache/yunohost/files_to_keep_during_setup_source/
-    if [ -n "$keep" ] && [ -e "$dest_dir" ]
+    if [ -n "$keep" ] && [ -e "$dest_dir" ]; then
    then
        local keep_dir=/var/cache/yunohost/files_to_keep_during_setup_source/${YNH_APP_ID}
        mkdir -p $keep_dir
        local stuff_to_keep
-        for stuff_to_keep in $keep
+        for stuff_to_keep in $keep; do
-        do
+            if [ -e "$dest_dir/$stuff_to_keep" ]; then
            if [ -e "$dest_dir/$stuff_to_keep" ]
            then
                mkdir --parents "$(dirname "$keep_dir/$stuff_to_keep")"
                cp --archive "$dest_dir/$stuff_to_keep" "$keep_dir/$stuff_to_keep"
            fi
@ -180,20 +175,16 @@ ynh_setup_source () {
    # Extract source into the app dir
    mkdir --parents "$dest_dir"
-    if [ -n "${final_path:-}" ] && [ "$dest_dir" == "$final_path" ]
+    if [ -n "${final_path:-}" ] && [ "$dest_dir" == "$final_path" ]; then
    then
        _ynh_apply_default_permissions $dest_dir
    fi
-    if ! "$src_extract"
+    if ! "$src_extract"; then
    then
        mv $src_filename $dest_dir
-    elif [ "$src_format" = "zip" ]
+    elif [ "$src_format" = "zip" ]; then
    then
        # Zip format
        # Using of a temp directory, because unzip doesn't manage --strip-components
-        if $src_in_subdir
+        if $src_in_subdir; then
        then
            local tmp_dir=$(mktemp --directory)
            unzip -quo $src_filename -d "$tmp_dir"
            cp --archive $tmp_dir/*/. "$dest_dir"
@ -204,18 +195,15 @@ ynh_setup_source () {
        ynh_secure_remove --file="$src_filename"
    else
        local strip=""
-        if [ "$src_in_subdir" != "false" ]
+        if [ "$src_in_subdir" != "false" ]; then
-        then
+            if [ "$src_in_subdir" == "true" ]; then
            if [ "$src_in_subdir" == "true" ]
            then
                local sub_dirs=1
            else
                local sub_dirs="$src_in_subdir"
            fi
            strip="--strip-components $sub_dirs"
        fi
-        if [[ "$src_format" =~ ^tar.gz|tar.bz2|tar.xz$ ]]
+        if [[ "$src_format" =~ ^tar.gz|tar.bz2|tar.xz$ ]]; then
        then
            tar --extract --file=$src_filename --directory="$dest_dir" $strip
        else
            ynh_die --message="Archive format unrecognized."
@ -224,17 +212,16 @@ ynh_setup_source () {
    fi
    # Apply patches
-    if [ -d "$YNH_APP_BASEDIR/sources/patches/" ]
+    if [ -d "$YNH_APP_BASEDIR/sources/patches/" ]; then
    then
        local patches_folder=$(realpath $YNH_APP_BASEDIR/sources/patches/)
-        if (( $(find $patches_folder -type f -name "${source_id}-*.patch" 2> /dev/null | wc --lines) > "0" ))
+        if (($(find $patches_folder -type f -name "${source_id}-*.patch" 2>/dev/null | wc --lines) > "0")); then
-        then
+            (
-            (cd "$dest_dir"
+                cd "$dest_dir"
-            for p in $patches_folder/${source_id}-*.patch
+                for p in $patches_folder/${source_id}-*.patch; do
-            do
+                    echo $p
-                echo $p
+                    patch --strip=1 <$p
-                patch --strip=1 < $p
+                done
-            done) || ynh_die --message="Unable to apply patches"
+            ) || ynh_die --message="Unable to apply patches"
        fi
    fi
@ -245,14 +232,11 @@ ynh_setup_source () {
    # Keep files to be backup/restored at the end of the helper
    # Assuming $dest_dir already exists
-    if [ -n "$keep" ]
+    if [ -n "$keep" ]; then
    then
        local keep_dir=/var/cache/yunohost/files_to_keep_during_setup_source/${YNH_APP_ID}
        local stuff_to_keep
-        for stuff_to_keep in $keep
+        for stuff_to_keep in $keep; do
-        do
+            if [ -e "$keep_dir/$stuff_to_keep" ]; then
            if [ -e "$keep_dir/$stuff_to_keep" ]
            then
                mkdir --parents "$(dirname "$dest_dir/$stuff_to_keep")"
                cp --archive "$keep_dir/$stuff_to_keep" "$dest_dir/$stuff_to_keep"
            fi
@ -276,7 +260,7 @@ ynh_setup_source () {
 # `$domain` and `$path_url` should be defined externally (and correspond to the domain.tld and the /path (of the app?))
 #
 # Requires YunoHost version 2.6.4 or higher.
-ynh_local_curl () {
+ynh_local_curl() {
    # Define url of page to curl
    local local_page=$(ynh_normalize_url_path $1)
    local full_path=$path_url$local_page
@ -290,12 +274,10 @@ ynh_local_curl () {
    # Concatenate all other arguments with '&' to prepare POST data
    local POST_data=""
    local arg=""
-    for arg in "${@:2}"
+    for arg in "${@:2}"; do
    do
        POST_data="${POST_data}${arg}&"
    done
-    if [ -n "$POST_data" ]
+    if [ -n "$POST_data" ]; then
    then
        # Add --data arg and remove the last character, which is an unecessary '&'
        POST_data="--data ${POST_data::-1}"
    fi
@ -353,10 +335,10 @@ ynh_local_curl () {
 # into the app settings when configuration is done.
 #
 # Requires YunoHost version 4.1.0 or higher.
-ynh_add_config () {
+ynh_add_config() {
    # Declare an array to define the options of this helper.
    local legacy_args=tdv
-    local -A args_array=( [t]=template= [d]=destination= )
+    local -A args_array=([t]=template= [d]=destination=)
    local template
    local destination
    # Manage arguments with getopts
@ -414,17 +396,16 @@ ynh_add_config () {
 #   __VAR_2__    by $var_2
 #
 # Requires YunoHost version 4.1.0 or higher.
-ynh_replace_vars () {
+ynh_replace_vars() {
    # Declare an array to define the options of this helper.
    local legacy_args=f
-    local -A args_array=( [f]=file= )
+    local -A args_array=([f]=file=)
    local file
    # Manage arguments with getopts
    ynh_handle_getopts_args "$@"
    # Replace specific YunoHost variables
-    if test -n "${path_url:-}"
+    if test -n "${path_url:-}"; then
    then
        # path_url_slash_less is path_url, or a blank value if path_url is only '/'
        local path_url_slash_less=${path_url%/}
        ynh_replace_string --match_string="__PATH__/" --replace_string="$path_url_slash_less/" --target_file="$file"
@ -448,12 +429,11 @@ ynh_replace_vars () {
    # Replace others variables
    # List other unique (__ __) variables in $file
-    local uniques_vars=( $(grep -oP '__[A-Z0-9]+?[A-Z0-9_]*?[A-Z0-9]*?__' $file | sort --unique | sed "s@__\([^.]*\)__@\L\1@g" ))
+    local uniques_vars=($(grep -oP '__[A-Z0-9]+?[A-Z0-9_]*?[A-Z0-9]*?__' $file | sort --unique | sed "s@__\([^.]*\)__@\L\1@g"))
    # Do the replacement
    local delimit=@
-    for one_var in "${uniques_vars[@]}"
+    for one_var in "${uniques_vars[@]}"; do
    do
        # Validate that one_var is indeed defined
        # -v checks if the variable is defined, for example:
        #     -v FOO  tests if $FOO is defined
@ -509,7 +489,7 @@ ynh_replace_vars () {
 ynh_read_var_in_file() {
    # Declare an array to define the options of this helper.
    local legacy_args=fka
-    local -A args_array=( [f]=file= [k]=key= [a]=after=)
+    local -A args_array=([f]=file= [k]=key= [a]=after=)
    local file
    local key
    local after
@ -523,11 +503,9 @@ ynh_read_var_in_file() {
    # Get the line number after which we search for the variable
    local line_number=1
-    if [[ -n "$after" ]];
+    if [[ -n "$after" ]]; then
    then
        line_number=$(grep -n $after $file | cut -d: -f1)
-        if [[ -z "$line_number" ]];
+        if [[ -z "$line_number" ]]; then
        then
            set -o xtrace # set -x
            return 1
        fi
@ -545,7 +523,7 @@ ynh_read_var_in_file() {
    if [[ "$ext" =~ ^ini|env$ ]]; then
        comments="[;#]"
    fi
-    if [[ "php"  == "$ext" ]] || [[ "$ext" == "js" ]]; then
+    if [[ "php" == "$ext" ]] || [[ "$ext" == "js" ]]; then
        comments="//"
    fi
    local list='\[\s*['$string']?\w+['$string']?\]'
@ -564,13 +542,13 @@ ynh_read_var_in_file() {
    fi
    # Remove comments if needed
-    local expression="$(echo "$expression_with_comment" | sed "s@$comments[^$string]*\$@@g" | sed "s@\s*[$endline]*\s*]*\$@@")"
+    local expression="$(echo "$expression_with_comment" | sed "s@${comments}[^$string]*\$@@g" | sed "s@\s*[$endline]*\s*]*\$@@")"
    local first_char="${expression:0:1}"
-    if [[ "$first_char" == '"' ]] ; then
+    if [[ "$first_char" == '"' ]]; then
-        echo "$expression" | grep -m1 -o -P '"\K([^"](\\")?)*[^\\](?=")' | head -n1  | sed 's/\\"/"/g'
+        echo "$expression" | grep -m1 -o -P '"\K([^"](\\")?)*[^\\](?=")' | head -n1 | sed 's/\\"/"/g'
-    elif [[ "$first_char" == "'" ]] ; then
+    elif [[ "$first_char" == "'" ]]; then
-        echo "$expression" | grep -m1 -o -P "'\K([^'](\\\\')?)*[^\\\\](?=')" | head -n1  | sed "s/\\\\'/'/g"
+        echo "$expression" | grep -m1 -o -P "'\K([^'](\\\\')?)*[^\\\\](?=')" | head -n1 | sed "s/\\\\'/'/g"
    else
        echo "$expression"
    fi
@ -588,7 +566,7 @@ ynh_read_var_in_file() {
 ynh_write_var_in_file() {
    # Declare an array to define the options of this helper.
    local legacy_args=fkva
-    local -A args_array=( [f]=file= [k]=key= [v]=value= [a]=after=)
+    local -A args_array=([f]=file= [k]=key= [v]=value= [a]=after=)
    local file
    local key
    local value
@ -603,11 +581,9 @@ ynh_write_var_in_file() {
    # Get the line number after which we search for the variable
    local line_number=1
-    if [[ -n "$after" ]];
+    if [[ -n "$after" ]]; then
    then
        line_number=$(grep -n $after $file | cut -d: -f1)
-        if [[ -z "$line_number" ]];
+        if [[ -z "$line_number" ]]; then
        then
            set -o xtrace # set -x
            return 1
        fi
@ -626,7 +602,7 @@ ynh_write_var_in_file() {
    if [[ "$ext" =~ ^ini|env$ ]]; then
        comments="[;#]"
    fi
-    if [[ "php"  == "$ext" ]] || [[ "$ext" == "js" ]]; then
+    if [[ "php" == "$ext" ]] || [[ "$ext" == "js" ]]; then
        comments="//"
    fi
    local list='\[\s*['$string']?\w+['$string']?\]'
@ -644,28 +620,28 @@ ynh_write_var_in_file() {
    fi
    # Remove comments if needed
-    local expression="$(echo "$expression_with_comment" | sed "s@$comments[^$string]*\$@@g" | sed "s@\s*[$endline]*\s*]*\$@@")"
+    local expression="$(echo "$expression_with_comment" | sed "s@${comments}[^$string]*\$@@g" | sed "s@\s*[$endline]*\s*]*\$@@")"
    endline=${expression_with_comment#"$expression"}
    endline="$(echo "$endline" | sed 's/\\/\\\\/g')"
    value="$(echo "$value" | sed 's/\\/\\\\/g')"
    local first_char="${expression:0:1}"
    delimiter=$'\001'
-    if [[ "$first_char" == '"' ]] ; then
+    if [[ "$first_char" == '"' ]]; then
        # \ and sed is quite complex you need 2 \\ to get one in a sed
        # So we need \\\\ to go through 2 sed
        value="$(echo "$value" | sed 's/"/\\\\"/g')"
        sed -ri "${range}s$delimiter"'(^'"${var_part}"'")([^"]|\\")*("[\s;,]*)(\s*'$comments'.*)?$'$delimiter'\1'"${value}"'"'"${endline}${delimiter}i" ${file}
-    elif [[ "$first_char" == "'" ]] ; then
+    elif [[ "$first_char" == "'" ]]; then
        # \ and sed is quite complex you need 2 \\ to get one in a sed
        # However double quotes implies to double \\ to
        # So we need \\\\\\\\ to go through 2 sed and 1 double quotes str
        value="$(echo "$value" | sed "s/'/\\\\\\\\'/g")"
        sed -ri "${range}s$delimiter(^${var_part}')([^']|\\')*('"'[\s,;]*)(\s*'$comments'.*)?$'$delimiter'\1'"${value}'${endline}${delimiter}i" ${file}
    else
-        if [[ "$value" == *"'"* ]] || [[ "$value" == *'"'* ]] || [[ "$ext" =~ ^php|py|json|js$ ]] ; then
+        if [[ "$value" == *"'"* ]] || [[ "$value" == *'"'* ]] || [[ "$ext" =~ ^php|py|json|js$ ]]; then
            value='\"'"$(echo "$value" | sed 's/"/\\\\"/g')"'\"'
        fi
-        if [[ "$ext" =~ ^yaml|yml$ ]] ; then
+        if [[ "$ext" =~ ^yaml|yml$ ]]; then
            value=" $value"
        fi
        sed -ri "${range}s$delimiter(^${var_part}).*\$$delimiter\1${value}${endline}${delimiter}i" ${file}
@ -673,7 +649,6 @@ ynh_write_var_in_file() {
    set -o xtrace # set -x
 }
 # Render templates with Jinja2
 #
 # [internal]
@ -691,7 +666,7 @@ ynh_render_template() {
    # Taken from https://stackoverflow.com/a/35009576
    python3 -c 'import os, sys, jinja2; sys.stdout.write(
                    jinja2.Template(sys.stdin.read()
-                    ).render(os.environ));' < $template_path > $output_path
+                    ).render(os.environ));' <$template_path >$output_path
 }
 # Fetch the Debian release codename
@ -700,7 +675,7 @@ ynh_render_template() {
 # | ret: The Debian release codename (i.e. jessie, stretch, ...)
 #
 # Requires YunoHost version 2.7.12 or higher.
-ynh_get_debian_release () {
+ynh_get_debian_release() {
    echo $(lsb_release --codename --short)
 }
@ -724,46 +699,55 @@ properly with chmod/chown."
    echo $TMP_DIR
 }
 _acceptable_path_to_delete() {
    local file=$1
    local forbidden_paths=$(ls -d / /* /{var,home,usr}/* /etc/{default,sudoers.d,yunohost,cron*})
    # Legacy : A couple apps still have data in /home/$app ...
    if [[ -n "$app" ]]
    then
        forbidden_paths=$(echo "$forbidden_paths" | grep -v "/home/$app")
    fi
    # Use realpath to normalize the path ..
    # i.e convert ///foo//bar//..///baz//// to /foo/baz
    file=$(realpath --no-symlinks "$file")
    if [ -z "$file" ] || grep -q -x -F "$file" <<< "$forbidden_paths"; then
        return 1
    else
        return 0
    fi
 }
 # Remove a file or a directory securely
 #
 # usage: ynh_secure_remove --file=path_to_remove
 # | arg: -f, --file=    - File or directory to remove
 #
 # Requires YunoHost version 2.6.4 or higher.
-ynh_secure_remove () {
+ynh_secure_remove() {
    # Declare an array to define the options of this helper.
    local legacy_args=f
-    local -A args_array=( [f]=file= )
+    local -A args_array=([f]=file=)
    local file
    # Manage arguments with getopts
    ynh_handle_getopts_args "$@"
    set +o xtrace # set +x
-    local forbidden_path=" \
+    if [ $# -ge 2 ]; then
    /var/www \
    /home/yunohost.app"
    if [ $# -ge 2 ]
    then
        ynh_print_warn --message="/!\ Packager ! You provided more than one argument to ynh_secure_remove but it will be ignored... Use this helper with one argument at time."
    fi
-    if [[ -z "$file" ]]
+    if [[ -z "$file" ]]; then
    then
        ynh_print_warn --message="ynh_secure_remove called with empty argument, ignoring."
-    elif [[ "$forbidden_path" =~ "$file" \
+    elif [[ ! -e $file ]]; then
        # Match all paths or subpaths in $forbidden_path
        || "$file" =~ ^/[[:alnum:]]+$ \
        # Match all first level paths from / (Like /var, /root, etc...)
        || "${file:${#file}-1}" = "/" ]]
        # Match if the path finishes by /. Because it seems there is an empty variable
    then
        ynh_print_warn --message="Not deleting '$file' because it is not an acceptable path to delete."
    elif [ -e "$file" ]
    then
        rm --recursive "$file"
    else
        ynh_print_info --message="'$file' wasn't deleted because it doesn't exist."
    elif ! _acceptable_path_to_delete "$file"; then
        ynh_print_warn --message="Not deleting '$file' because it is not an acceptable path to delete."
    else
        rm --recursive "$file"
    fi
    set -o xtrace # set -x
@ -776,26 +760,22 @@ ynh_secure_remove () {
 # (Deprecated, use --output-as json and jq instead)
 ynh_get_plain_key() {
    local prefix="#"
-    local founded=0
+    local found=0
    # We call this key_ so that it's not caught as
    # an info to be redacted by the core
    local key_=$1
    shift
-    while read line
+    while read line; do
-    do
+        if [[ "$found" == "1" ]]; then
        if [[ "$founded" == "1" ]]
        then
            [[ "$line" =~ ^${prefix}[^#] ]] && return
            echo $line
-        elif [[ "$line" =~ ^${prefix}${key_}$ ]]
+        elif [[ "$line" =~ ^${prefix}${key_}$ ]]; then
-        then
+            if [[ -n "${1:-}" ]]; then
            if [[ -n "${1:-}" ]]
            then
                prefix+="#"
                key_=$1
                shift
            else
-                founded=1
+                found=1
            fi
        fi
    done
@ -809,10 +789,10 @@ ynh_get_plain_key() {
 # | ret: the value associate to that key
 #
 # Requires YunoHost version 3.5.0 or higher.
-ynh_read_manifest () {
+ynh_read_manifest() {
    # Declare an array to define the options of this helper.
    local legacy_args=mk
-    local -A args_array=( [m]=manifest= [k]=manifest_key= )
+    local -A args_array=([m]=manifest= [k]=manifest_key=)
    local manifest
    local manifest_key
    # Manage arguments with getopts
@ -839,20 +819,19 @@ ynh_read_manifest () {
 # For example, if the manifest contains `4.3-2~ynh3` the function will return `4.3-2`
 #
 # Requires YunoHost version 3.5.0 or higher.
-ynh_app_upstream_version () {
+ynh_app_upstream_version() {
    # Declare an array to define the options of this helper.
    local legacy_args=m
-    local -A args_array=( [m]=manifest= )
+    local -A args_array=([m]=manifest=)
    local manifest
    # Manage arguments with getopts
    ynh_handle_getopts_args "$@"
    manifest="${manifest:-}"
-    if [[ "$manifest" != "" ]] && [[ -e "$manifest" ]];
+    if [[ "$manifest" != "" ]] && [[ -e "$manifest" ]]; then
-    then
+        version_key_=$(ynh_read_manifest --manifest="$manifest" --manifest_key="version")
      version_key_=$(ynh_read_manifest --manifest="$manifest" --manifest_key="version")
    else
-      version_key_=$YNH_APP_MANIFEST_VERSION
+        version_key_=$YNH_APP_MANIFEST_VERSION
    fi
    echo "${version_key_/~ynh*/}"
@ -869,10 +848,10 @@ ynh_app_upstream_version () {
 # For example, if the manifest contains `4.3-2~ynh3` the function will return `3`
 #
 # Requires YunoHost version 3.5.0 or higher.
-ynh_app_package_version () {
+ynh_app_package_version() {
    # Declare an array to define the options of this helper.
    local legacy_args=m
-    local -A args_array=( [m]=manifest= )
+    local -A args_array=([m]=manifest=)
    local manifest
    # Manage arguments with getopts
    ynh_handle_getopts_args "$@"
@ -894,11 +873,10 @@ ynh_app_package_version () {
 # sudo yunohost app upgrade <appname> --force
 # ```
 # Requires YunoHost version 3.5.0 or higher.
-ynh_check_app_version_changed () {
+ynh_check_app_version_changed() {
    local return_value=${YNH_APP_UPGRADE_TYPE}
-    if [ "$return_value" == "UPGRADE_FULL" ] || [ "$return_value" == "UPGRADE_FORCED" ] || [ "$return_value" == "DOWNGRADE_FORCED" ]
+    if [ "$return_value" == "UPGRADE_FULL" ] || [ "$return_value" == "UPGRADE_FORCED" ] || [ "$return_value" == "DOWNGRADE_FORCED" ]; then
    then
        return_value="UPGRADE_APP"
    fi
@ -927,7 +905,7 @@ ynh_check_app_version_changed () {
 # Requires YunoHost version 3.8.0 or higher.
 ynh_compare_current_package_version() {
    local legacy_args=cv
-    declare -Ar args_array=( [c]=comparison= [v]=version= )
+    declare -Ar args_array=([c]=comparison= [v]=version=)
    local version
    local comparison
    # Manage arguments with getopts
@ -936,8 +914,7 @@ ynh_compare_current_package_version() {
    local current_version=$YNH_APP_CURRENT_VERSION
    # Check the syntax of the versions
-    if [[ ! $version =~ '~ynh' ]] || [[ ! $current_version =~ '~ynh' ]]
+    if [[ ! $version =~ '~ynh' ]] || [[ ! $current_version =~ '~ynh' ]]; then
    then
        ynh_die --message="Invalid argument for version."
    fi
@ -972,13 +949,11 @@ _ynh_apply_default_permissions() {
    local ynh_requirement=$(jq -r '.requirements.yunohost' $YNH_APP_BASEDIR/manifest.json | tr -d '>= ')
-    if [ -z "$ynh_requirement" ] || [ "$ynh_requirement" == "null" ] || dpkg --compare-versions $ynh_requirement ge 4.2
+    if [ -z "$ynh_requirement" ] || [ "$ynh_requirement" == "null" ] || dpkg --compare-versions $ynh_requirement ge 4.2; then
    then
        chmod o-rwx $target
        chmod g-w $target
        chown -R root:root $target
-        if ynh_system_user_exists $app
+        if ynh_system_user_exists $app; then
        then
            chown $app:$app $target
        fi
    fi
--- a/data/hooks/backup/50-conf_manually_modified_files
+++ b/data/hooks/backup/50-conf_manually_modified_files
@ -6,12 +6,11 @@ YNH_CWD="${YNH_BACKUP_DIR%/}/conf/manually_modified_files"
 mkdir -p "$YNH_CWD"
 cd "$YNH_CWD"
-yunohost tools shell -c "from yunohost.regenconf import manually_modified_files; print('\n'.join(manually_modified_files()))" > ./manually_modified_files_list
+yunohost tools shell -c "from yunohost.regenconf import manually_modified_files; print('\n'.join(manually_modified_files()))" >./manually_modified_files_list
 ynh_backup --src_path="./manually_modified_files_list"
-for file in $(cat ./manually_modified_files_list)
+for file in $(cat ./manually_modified_files_list); do
 do
    [[ -e $file ]] && ynh_backup --src_path="$file"
 done
--- a/data/hooks/conf_regen/01-yunohost
+++ b/data/hooks/conf_regen/01-yunohost
@ -3,129 +3,128 @@
 set -e
 do_init_regen() {
-  if [[ $EUID -ne 0 ]]; then
+    if [[ $EUID -ne 0 ]]; then
-    echo "You must be root to run this script" 1>&2
+        echo "You must be root to run this script" 1>&2
-    exit 1
+        exit 1
-  fi
+    fi
-  cd /usr/share/yunohost/templates/yunohost
+    cd /usr/share/yunohost/templates/yunohost
-  [[ -d /etc/yunohost ]] || mkdir -p /etc/yunohost
+    [[ -d /etc/yunohost ]] || mkdir -p /etc/yunohost
-  # set default current_host
+    # set default current_host
-  [[ -f /etc/yunohost/current_host ]] \
+    [[ -f /etc/yunohost/current_host ]] \
-    || echo "yunohost.org" > /etc/yunohost/current_host
+        || echo "yunohost.org" >/etc/yunohost/current_host
-  # copy default services and firewall
+    # copy default services and firewall
-  [[ -f /etc/yunohost/firewall.yml ]] \
+    [[ -f /etc/yunohost/firewall.yml ]] \
-    || cp firewall.yml /etc/yunohost/firewall.yml
+        || cp firewall.yml /etc/yunohost/firewall.yml
-  # allow users to access /media directory
+    # allow users to access /media directory
-  [[ -d /etc/skel/media ]] \
+    [[ -d /etc/skel/media ]] \
-    || (mkdir -p /media && ln -s /media /etc/skel/media)
+        || (mkdir -p /media && ln -s /media /etc/skel/media)
-  # Cert folders
+    # Cert folders
-  mkdir -p /etc/yunohost/certs
+    mkdir -p /etc/yunohost/certs
-  chown -R root:ssl-cert /etc/yunohost/certs
+    chown -R root:ssl-cert /etc/yunohost/certs
-  chmod 750 /etc/yunohost/certs
+    chmod 750 /etc/yunohost/certs
-  # App folders
+    # App folders
-  mkdir -p /etc/yunohost/apps
+    mkdir -p /etc/yunohost/apps
-  chmod 700 /etc/yunohost/apps
+    chmod 700 /etc/yunohost/apps
-  mkdir -p /home/yunohost.app
+    mkdir -p /home/yunohost.app
-  chmod 755 /home/yunohost.app
+    chmod 755 /home/yunohost.app
-  # Domain settings
+    # Domain settings
-  mkdir -p /etc/yunohost/domains
+    mkdir -p /etc/yunohost/domains
-  chmod 700 /etc/yunohost/domains
+    chmod 700 /etc/yunohost/domains
-  # Backup folders
+    # Backup folders
-  mkdir -p /home/yunohost.backup/archives
+    mkdir -p /home/yunohost.backup/archives
-  chmod 750 /home/yunohost.backup/archives
+    chmod 750 /home/yunohost.backup/archives
-  chown root:root /home/yunohost.backup/archives # This is later changed to admin:root once admin user exists
+    chown root:root /home/yunohost.backup/archives # This is later changed to admin:root once admin user exists
-  # Empty ssowat json persistent conf
+    # Empty ssowat json persistent conf
-  echo "{}" > '/etc/ssowat/conf.json.persistent'
+    echo "{}" >'/etc/ssowat/conf.json.persistent'
-  chmod 644 /etc/ssowat/conf.json.persistent
+    chmod 644 /etc/ssowat/conf.json.persistent
-  chown root:root /etc/ssowat/conf.json.persistent
+    chown root:root /etc/ssowat/conf.json.persistent
-  # Empty service conf
+    # Empty service conf
-  touch /etc/yunohost/services.yml
+    touch /etc/yunohost/services.yml
-  mkdir -p /var/cache/yunohost/repo
+    mkdir -p /var/cache/yunohost/repo
-  chown root:root /var/cache/yunohost
+    chown root:root /var/cache/yunohost
-  chmod 700 /var/cache/yunohost
+    chmod 700 /var/cache/yunohost
-  cp yunoprompt.service /etc/systemd/system/yunoprompt.service
+    cp yunoprompt.service /etc/systemd/system/yunoprompt.service
-  cp dpkg-origins /etc/dpkg/origins/yunohost
+    cp dpkg-origins /etc/dpkg/origins/yunohost
-  # Change dpkg vendor
+    # Change dpkg vendor
-  # see https://wiki.debian.org/Derivatives/Guidelines#Vendor
+    # see https://wiki.debian.org/Derivatives/Guidelines#Vendor
-  readlink -f /etc/dpkg/origins/default | grep -q debian \
+    readlink -f /etc/dpkg/origins/default | grep -q debian \
-    && rm -f /etc/dpkg/origins/default \
+        && rm -f /etc/dpkg/origins/default \
-    && ln -s /etc/dpkg/origins/yunohost /etc/dpkg/origins/default
+        && ln -s /etc/dpkg/origins/yunohost /etc/dpkg/origins/default
 }
 do_pre_regen() {
-  pending_dir=$1
+    pending_dir=$1
-  cd /usr/share/yunohost/templates/yunohost
+    cd /usr/share/yunohost/templates/yunohost
-  # Legacy code that can be removed once on bullseye
+    # Legacy code that can be removed once on bullseye
-  touch /etc/yunohost/services.yml
+    touch /etc/yunohost/services.yml
-  yunohost tools shell -c "from yunohost.service import _get_services, _save_services; _save_services(_get_services())"
+    yunohost tools shell -c "from yunohost.service import _get_services, _save_services; _save_services(_get_services())"
-  mkdir -p $pending_dir/etc/systemd/system
+    mkdir -p $pending_dir/etc/systemd/system
-  mkdir -p $pending_dir/etc/cron.d/
+    mkdir -p $pending_dir/etc/cron.d/
-  mkdir -p $pending_dir/etc/cron.daily/
+    mkdir -p $pending_dir/etc/cron.daily/
-  # add cron job for diagnosis to be ran at 7h and 19h + a random delay between
+    # add cron job for diagnosis to be ran at 7h and 19h + a random delay between
-  # 0 and 20min, meant to avoid every instances running their diagnosis at
+    # 0 and 20min, meant to avoid every instances running their diagnosis at
-  # exactly the same time, which may overload the diagnosis server.
+    # exactly the same time, which may overload the diagnosis server.
-  cat > $pending_dir/etc/cron.d/yunohost-diagnosis << EOF
+    cat >$pending_dir/etc/cron.d/yunohost-diagnosis <<EOF
 SHELL=/bin/bash
 0 7,19 * * * root : YunoHost Automatic Diagnosis; sleep \$((RANDOM\\%1200)); yunohost diagnosis run --email > /dev/null 2>/dev/null || echo "Running the automatic diagnosis failed miserably"
 EOF
-  # Cron job that upgrade the app list everyday
+    # Cron job that upgrade the app list everyday
-  cat > $pending_dir/etc/cron.daily/yunohost-fetch-apps-catalog << EOF
+    cat >$pending_dir/etc/cron.daily/yunohost-fetch-apps-catalog <<EOF
 #!/bin/bash
 (sleep \$((RANDOM%3600)); yunohost tools update --apps > /dev/null) &
 EOF
-  # Cron job that renew lets encrypt certificates if there's any that needs renewal
+    # Cron job that renew lets encrypt certificates if there's any that needs renewal
-  cat > $pending_dir/etc/cron.daily/yunohost-certificate-renew << EOF
+    cat >$pending_dir/etc/cron.daily/yunohost-certificate-renew <<EOF
 #!/bin/bash
 yunohost domain cert renew --email
 EOF
-  # If we subscribed to a dyndns domain, add the corresponding cron
+    # If we subscribed to a dyndns domain, add the corresponding cron
-  # - delay between 0 and 60 secs to spread the check over a 1 min window
+    # - delay between 0 and 60 secs to spread the check over a 1 min window
-  # - do not run the command if some process already has the lock, to avoid queuing hundreds of commands...
+    # - do not run the command if some process already has the lock, to avoid queuing hundreds of commands...
-  if ls -l /etc/yunohost/dyndns/K*.private 2>/dev/null
+    if ls -l /etc/yunohost/dyndns/K*.private 2>/dev/null; then
-  then
+        cat >$pending_dir/etc/cron.d/yunohost-dyndns <<EOF
    cat > $pending_dir/etc/cron.d/yunohost-dyndns << EOF
 SHELL=/bin/bash
 */10 * * * * root : YunoHost DynDNS update; sleep \$((RANDOM\\%60)); test -e /var/run/moulinette_yunohost.lock || yunohost dyndns update >> /dev/null
 EOF
-  fi
+    fi
-  # legacy stuff to avoid yunohost reporting etckeeper as manually modified
+    # legacy stuff to avoid yunohost reporting etckeeper as manually modified
-  # (this make sure that the hash is null / file is flagged as to-delete)
+    # (this make sure that the hash is null / file is flagged as to-delete)
-  mkdir -p $pending_dir/etc/etckeeper
+    mkdir -p $pending_dir/etc/etckeeper
-  touch $pending_dir/etc/etckeeper/etckeeper.conf
+    touch $pending_dir/etc/etckeeper/etckeeper.conf
-  # Skip ntp if inside a container (inspired from the conf of systemd-timesyncd)
+    # Skip ntp if inside a container (inspired from the conf of systemd-timesyncd)
-  mkdir -p ${pending_dir}/etc/systemd/system/ntp.service.d/
+    mkdir -p ${pending_dir}/etc/systemd/system/ntp.service.d/
-  echo "
+    echo "
 [Unit]
 ConditionCapability=CAP_SYS_TIME
 ConditionVirtualization=!container
-" > ${pending_dir}/etc/systemd/system/ntp.service.d/ynh-override.conf
+" >${pending_dir}/etc/systemd/system/ntp.service.d/ynh-override.conf
-  # Make nftable conflict with yunohost-firewall
+    # Make nftable conflict with yunohost-firewall
-  mkdir -p ${pending_dir}/etc/systemd/system/nftables.service.d/
+    mkdir -p ${pending_dir}/etc/systemd/system/nftables.service.d/
-  cat > ${pending_dir}/etc/systemd/system/nftables.service.d/ynh-override.conf << EOF
+    cat >${pending_dir}/etc/systemd/system/nftables.service.d/ynh-override.conf <<EOF
 [Unit]
 # yunohost-firewall and nftables conflict with each other
 Conflicts=yunohost-firewall.service
@ -133,108 +132,107 @@ ConditionFileIsExecutable=!/etc/init.d/yunohost-firewall
 ConditionPathExists=!/etc/systemd/system/multi-user.target.wants/yunohost-firewall.service
 EOF
-  # Don't suspend computer on LidSwitch
+    # Don't suspend computer on LidSwitch
-  mkdir -p ${pending_dir}/etc/systemd/logind.conf.d/
+    mkdir -p ${pending_dir}/etc/systemd/logind.conf.d/
-  cat > ${pending_dir}/etc/systemd/logind.conf.d/ynh-override.conf << EOF
+    cat >${pending_dir}/etc/systemd/logind.conf.d/ynh-override.conf <<EOF
 [Login]
 HandleLidSwitch=ignore
 HandleLidSwitchDocked=ignore
 HandleLidSwitchExternalPower=ignore
 EOF
-  cp yunoprompt.service ${pending_dir}/etc/systemd/system/yunoprompt.service
+    cp yunoprompt.service ${pending_dir}/etc/systemd/system/yunoprompt.service
-  if [[ "$(yunohost settings get 'security.experimental.enabled')" == "True" ]]
+    if [[ "$(yunohost settings get 'security.experimental.enabled')" == "True" ]]; then
-  then
+        cp proc-hidepid.service ${pending_dir}/etc/systemd/system/proc-hidepid.service
-      cp proc-hidepid.service ${pending_dir}/etc/systemd/system/proc-hidepid.service
+    else
-  else
+        touch ${pending_dir}/etc/systemd/system/proc-hidepid.service
-      touch ${pending_dir}/etc/systemd/system/proc-hidepid.service
+    fi
  fi
-  mkdir -p ${pending_dir}/etc/dpkg/origins/
+    mkdir -p ${pending_dir}/etc/dpkg/origins/
-  cp dpkg-origins ${pending_dir}/etc/dpkg/origins/yunohost
+    cp dpkg-origins ${pending_dir}/etc/dpkg/origins/yunohost
 }
 do_post_regen() {
-  regen_conf_files=$1
+    regen_conf_files=$1
-  ######################
+    ######################
-  # Enfore permissions #
+    # Enfore permissions #
-  ######################
+    ######################
-  chmod 750 /home/admin
+    chmod 750 /home/admin
-  chmod 750 /home/yunohost.conf
+    chmod 750 /home/yunohost.conf
-  chmod 750 /home/yunohost.backup
+    chmod 750 /home/yunohost.backup
-  chmod 750 /home/yunohost.backup/archives
+    chmod 750 /home/yunohost.backup/archives
-  chown root:root /home/yunohost.conf
+    chown root:root /home/yunohost.conf
-  chown admin:root /home/yunohost.backup
+    chown admin:root /home/yunohost.backup
-  chown admin:root /home/yunohost.backup/archives
+    chown admin:root /home/yunohost.backup/archives
-  # Certs
+    # Certs
-  # We do this with find because there could be a lot of them...
+    # We do this with find because there could be a lot of them...
-  chown -R root:ssl-cert /etc/yunohost/certs
+    chown -R root:ssl-cert /etc/yunohost/certs
-  chmod 750 /etc/yunohost/certs
+    chmod 750 /etc/yunohost/certs
-  find /etc/yunohost/certs/ -type f -exec chmod 640 {} \;
+    find /etc/yunohost/certs/ -type f -exec chmod 640 {} \;
-  find /etc/yunohost/certs/ -type d -exec chmod 750 {} \;
+    find /etc/yunohost/certs/ -type d -exec chmod 750 {} \;
-  find /etc/cron.*/yunohost-* -type f -exec chmod 755 {} \;
+    find /etc/cron.*/yunohost-* -type f -exec chmod 755 {} \;
-  find /etc/cron.d/yunohost-* -type f -exec chmod 644 {} \;
+    find /etc/cron.d/yunohost-* -type f -exec chmod 644 {} \;
-  find /etc/cron.*/yunohost-* -type f -exec chown root:root {} \;
+    find /etc/cron.*/yunohost-* -type f -exec chown root:root {} \;
-  chown root:root /var/cache/yunohost
+    chown root:root /var/cache/yunohost
-  chmod 700 /var/cache/yunohost
+    chmod 700 /var/cache/yunohost
-  chown root:root /var/cache/moulinette
+    chown root:root /var/cache/moulinette
-  chmod 700 /var/cache/moulinette
+    chmod 700 /var/cache/moulinette
-  setfacl -m g:all_users:--- /var/www
+    setfacl -m g:all_users:--- /var/www
-  setfacl -m g:all_users:--- /var/log/nginx
+    setfacl -m g:all_users:--- /var/log/nginx
-  setfacl -m g:all_users:--- /etc/yunohost
+    setfacl -m g:all_users:--- /etc/yunohost
-  setfacl -m g:all_users:--- /etc/ssowat
+    setfacl -m g:all_users:--- /etc/ssowat
-  for USER in $(yunohost user list --quiet --output-as json | jq -r '.users | .[] | .username')
+    for USER in $(yunohost user list --quiet --output-as json | jq -r '.users | .[] | .username'); do
-  do
+        [ ! -e "/home/$USER" ] || setfacl -m g:all_users:--- /home/$USER
-    [ ! -e "/home/$USER" ] || setfacl -m g:all_users:--- /home/$USER
+    done
  done
-  # Domain settings
+    # Domain settings
-  mkdir -p /etc/yunohost/domains
+    mkdir -p /etc/yunohost/domains
-  # Misc configuration / state files
+    # Misc configuration / state files
-  chown root:root $(ls /etc/yunohost/{*.yml,*.yaml,*.json,mysql,psql} 2>/dev/null)
+    chown root:root $(ls /etc/yunohost/{*.yml,*.yaml,*.json,mysql,psql} 2>/dev/null)
-  chmod 600 $(ls /etc/yunohost/{*.yml,*.yaml,*.json,mysql,psql} 2>/dev/null)
+    chmod 600 $(ls /etc/yunohost/{*.yml,*.yaml,*.json,mysql,psql} 2>/dev/null)
-  # Apps folder, custom hooks folder
+    # Apps folder, custom hooks folder
-  [[ ! -e /etc/yunohost/hooks.d ]] || (chown root /etc/yunohost/hooks.d && chmod 700 /etc/yunohost/hooks.d)
+    [[ ! -e /etc/yunohost/hooks.d ]] || (chown root /etc/yunohost/hooks.d && chmod 700 /etc/yunohost/hooks.d)
-  [[ ! -e /etc/yunohost/apps ]] || (chown root /etc/yunohost/apps && chmod 700 /etc/yunohost/apps)
+    [[ ! -e /etc/yunohost/apps ]] || (chown root /etc/yunohost/apps && chmod 700 /etc/yunohost/apps)
-  [[ ! -e /etc/yunohost/domains ]] || (chown root /etc/yunohost/domains && chmod 700 /etc/yunohost/domains)
+    [[ ! -e /etc/yunohost/domains ]] || (chown root /etc/yunohost/domains && chmod 700 /etc/yunohost/domains)
-  # Create ssh.app and sftp.app groups if they don't exist yet
+    # Create ssh.app and sftp.app groups if they don't exist yet
-  grep -q '^ssh.app:' /etc/group || groupadd ssh.app
+    grep -q '^ssh.app:' /etc/group || groupadd ssh.app
-  grep -q '^sftp.app:' /etc/group || groupadd sftp.app
+    grep -q '^sftp.app:' /etc/group || groupadd sftp.app
-  # Propagates changes in systemd service config overrides
+    # Propagates changes in systemd service config overrides
-  [[ ! "$regen_conf_files" =~ "ntp.service.d/ynh-override.conf" ]] || { systemctl daemon-reload; systemctl restart ntp; }
+    [[ ! "$regen_conf_files" =~ "ntp.service.d/ynh-override.conf" ]] || {
-  [[ ! "$regen_conf_files" =~ "nftables.service.d/ynh-override.conf" ]] || systemctl daemon-reload
+        systemctl daemon-reload
-  [[ ! "$regen_conf_files" =~ "login.conf.d/ynh-override.conf" ]] || systemctl daemon-reload
+        systemctl restart ntp
-  if [[ "$regen_conf_files" =~ "yunoprompt.service" ]]
+    }
-  then
+    [[ ! "$regen_conf_files" =~ "nftables.service.d/ynh-override.conf" ]] || systemctl daemon-reload
-    systemctl daemon-reload
+    [[ ! "$regen_conf_files" =~ "login.conf.d/ynh-override.conf" ]] || systemctl daemon-reload
-    action=$([[ -e /etc/systemd/system/yunoprompt.service ]] && echo 'enable' || echo 'disable')
+    if [[ "$regen_conf_files" =~ "yunoprompt.service" ]]; then
-    systemctl $action yunoprompt --quiet --now
+        systemctl daemon-reload
-  fi
+        action=$([[ -e /etc/systemd/system/yunoprompt.service ]] && echo 'enable' || echo 'disable')
-  if [[ "$regen_conf_files" =~ "proc-hidepid.service" ]]
+        systemctl $action yunoprompt --quiet --now
-  then
+    fi
-    systemctl daemon-reload
+    if [[ "$regen_conf_files" =~ "proc-hidepid.service" ]]; then
-    action=$([[ -e /etc/systemd/system/proc-hidepid.service ]] && echo 'enable' || echo 'disable')
+        systemctl daemon-reload
-    systemctl $action proc-hidepid --quiet --now
+        action=$([[ -e /etc/systemd/system/proc-hidepid.service ]] && echo 'enable' || echo 'disable')
-  fi
+        systemctl $action proc-hidepid --quiet --now
    fi
-  # Change dpkg vendor
+    # Change dpkg vendor
-  # see https://wiki.debian.org/Derivatives/Guidelines#Vendor
+    # see https://wiki.debian.org/Derivatives/Guidelines#Vendor
-  readlink -f /etc/dpkg/origins/default | grep -q debian \
+    readlink -f /etc/dpkg/origins/default | grep -q debian \
-    && rm -f /etc/dpkg/origins/default \
+        && rm -f /etc/dpkg/origins/default \
-    && ln -s /etc/dpkg/origins/yunohost /etc/dpkg/origins/default
+        && ln -s /etc/dpkg/origins/yunohost /etc/dpkg/origins/default
 }
 do_$1_regen ${@:2}
--- a/data/hooks/conf_regen/02-ssl
+++ b/data/hooks/conf_regen/02-ssl
@ -23,7 +23,7 @@ regen_local_ca() {
    # (Update the serial so that it's specific to this very instance)
    # N.B. : the weird RANDFILE thing comes from:
    # https://stackoverflow.com/questions/94445/using-openssl-what-does-unable-to-write-random-state-mean
-    RANDFILE=.rnd openssl rand -hex 19 > serial
+    RANDFILE=.rnd openssl rand -hex 19 >serial
    rm -f index.txt
    touch index.txt
    cp /usr/share/yunohost/templates/ssl/openssl.cnf openssl.ca.cnf
@ -50,73 +50,72 @@ regen_local_ca() {
 do_init_regen() {
-  LOGFILE=/tmp/yunohost-ssl-init
+    LOGFILE=/tmp/yunohost-ssl-init
-  echo "" > $LOGFILE
+    echo "" >$LOGFILE
-  chown root:root $LOGFILE
+    chown root:root $LOGFILE
-  chmod 640 $LOGFILE
+    chmod 640 $LOGFILE
-  # Make sure this conf exists
+    # Make sure this conf exists
-  mkdir -p ${ssl_dir}
+    mkdir -p ${ssl_dir}
-  cp /usr/share/yunohost/templates/ssl/openssl.cnf ${ssl_dir}/openssl.ca.cnf
+    cp /usr/share/yunohost/templates/ssl/openssl.cnf ${ssl_dir}/openssl.ca.cnf
-  # create default certificates
+    # create default certificates
-  if [[ ! -f "$ynh_ca" ]]; then
+    if [[ ! -f "$ynh_ca" ]]; then
-      regen_local_ca yunohost.org >>$LOGFILE
+        regen_local_ca yunohost.org >>$LOGFILE
-  fi
+    fi
-  if [[ ! -f "$ynh_crt" ]]; then
+    if [[ ! -f "$ynh_crt" ]]; then
-      echo -e "\n# Creating initial key and certificate \n" >>$LOGFILE
+        echo -e "\n# Creating initial key and certificate \n" >>$LOGFILE
-      openssl req -new \
+        openssl req -new \
-        -config "$openssl_conf" \
+            -config "$openssl_conf" \
-        -days 730 \
+            -days 730 \
-        -out "${ssl_dir}/certs/yunohost_csr.pem" \
+            -out "${ssl_dir}/certs/yunohost_csr.pem" \
-        -keyout "${ssl_dir}/certs/yunohost_key.pem" \
+            -keyout "${ssl_dir}/certs/yunohost_key.pem" \
-        -nodes -batch &>>$LOGFILE
+            -nodes -batch &>>$LOGFILE
-      openssl ca \
+        openssl ca \
-        -config "$openssl_conf" \
+            -config "$openssl_conf" \
-        -days 730 \
+            -days 730 \
-        -in "${ssl_dir}/certs/yunohost_csr.pem" \
+            -in "${ssl_dir}/certs/yunohost_csr.pem" \
-        -out "${ssl_dir}/certs/yunohost_crt.pem" \
+            -out "${ssl_dir}/certs/yunohost_crt.pem" \
-        -batch &>>$LOGFILE
+            -batch &>>$LOGFILE
-      chmod 640 "${ssl_dir}/certs/yunohost_key.pem"
+        chmod 640 "${ssl_dir}/certs/yunohost_key.pem"
-      chmod 640 "${ssl_dir}/certs/yunohost_crt.pem"
+        chmod 640 "${ssl_dir}/certs/yunohost_crt.pem"
-      cp "${ssl_dir}/certs/yunohost_key.pem" "$ynh_key"
+        cp "${ssl_dir}/certs/yunohost_key.pem" "$ynh_key"
-      cp "${ssl_dir}/certs/yunohost_crt.pem" "$ynh_crt"
+        cp "${ssl_dir}/certs/yunohost_crt.pem" "$ynh_crt"
-      ln -sf "$ynh_crt" /etc/ssl/certs/yunohost_crt.pem
+        ln -sf "$ynh_crt" /etc/ssl/certs/yunohost_crt.pem
-      ln -sf "$ynh_key" /etc/ssl/private/yunohost_key.pem
+        ln -sf "$ynh_key" /etc/ssl/private/yunohost_key.pem
-  fi
+    fi
-  chown -R root:ssl-cert /etc/yunohost/certs/yunohost.org/
+    chown -R root:ssl-cert /etc/yunohost/certs/yunohost.org/
-  chmod o-rwx /etc/yunohost/certs/yunohost.org/
+    chmod o-rwx /etc/yunohost/certs/yunohost.org/
-  install -D -m 644 $openssl_conf "${ssl_dir}/openssl.cnf"
+    install -D -m 644 $openssl_conf "${ssl_dir}/openssl.cnf"
 }
 do_pre_regen() {
-  pending_dir=$1
+    pending_dir=$1
-  cd /usr/share/yunohost/templates/ssl
+    cd /usr/share/yunohost/templates/ssl
-  install -D -m 644 openssl.cnf "${pending_dir}/${ssl_dir}/openssl.cnf"
+    install -D -m 644 openssl.cnf "${pending_dir}/${ssl_dir}/openssl.cnf"
 }
 do_post_regen() {
-  regen_conf_files=$1
+    regen_conf_files=$1
-  current_local_ca_domain=$(openssl x509 -in $ynh_ca -text | tr ',' '\n' | grep Issuer | awk '{print $4}')
+    current_local_ca_domain=$(openssl x509 -in $ynh_ca -text | tr ',' '\n' | grep Issuer | awk '{print $4}')
-  main_domain=$(cat /etc/yunohost/current_host)
+    main_domain=$(cat /etc/yunohost/current_host)
-  if [[ "$current_local_ca_domain" != "$main_domain" ]]
+    if [[ "$current_local_ca_domain" != "$main_domain" ]]; then
-  then
+        regen_local_ca $main_domain
-      regen_local_ca $main_domain
+        # Idk how useful this is, but this was in the previous python code (domain.main_domain())
-      # Idk how useful this is, but this was in the previous python code (domain.main_domain())
+        ln -sf /etc/yunohost/certs/$domain/crt.pem /etc/ssl/certs/yunohost_crt.pem
-      ln -sf /etc/yunohost/certs/$domain/crt.pem /etc/ssl/certs/yunohost_crt.pem
+        ln -sf /etc/yunohost/certs/$domain/key.pem /etc/ssl/private/yunohost_key.pem
-      ln -sf /etc/yunohost/certs/$domain/key.pem /etc/ssl/private/yunohost_key.pem
+    fi
  fi
 }
 do_$1_regen ${@:2}
--- a/data/hooks/conf_regen/06-slapd
+++ b/data/hooks/conf_regen/06-slapd
@ -8,19 +8,19 @@ config="/usr/share/yunohost/templates/slapd/config.ldif"
 db_init="/usr/share/yunohost/templates/slapd/db_init.ldif"
 do_init_regen() {
-  if [[ $EUID -ne 0 ]]; then
+    if [[ $EUID -ne 0 ]]; then
-      echo "You must be root to run this script" 1>&2
+        echo "You must be root to run this script" 1>&2
-      exit 1
+        exit 1
-  fi
+    fi
-  do_pre_regen ""
+    do_pre_regen ""
-  # Drop current existing slapd data
+    # Drop current existing slapd data
-  rm -rf /var/backups/*.ldapdb
+    rm -rf /var/backups/*.ldapdb
-  rm -rf /var/backups/slapd-*
+    rm -rf /var/backups/slapd-*
-  debconf-set-selections << EOF
+    debconf-set-selections <<EOF
 slapd slapd/password1 password yunohost
 slapd slapd/password2 password yunohost
 slapd slapd/domain string yunohost.org
@ -33,170 +33,166 @@ slapd slapd/no_configuration boolean false
 slapd slapd/purge_database boolean false
 EOF
-  DEBIAN_FRONTEND=noninteractive dpkg-reconfigure slapd -u
+    DEBIAN_FRONTEND=noninteractive dpkg-reconfigure slapd -u
-  # Enforce permissions
+    # Enforce permissions
-  chown -R openldap:openldap /etc/ldap/schema/
+    chown -R openldap:openldap /etc/ldap/schema/
-  usermod -aG ssl-cert openldap
+    usermod -aG ssl-cert openldap
-  # (Re-)init data according to default ldap entries
+    # (Re-)init data according to default ldap entries
-  echo '  Initializing LDAP with YunoHost DB structure'
+    echo '  Initializing LDAP with YunoHost DB structure'
-  rm -rf /etc/ldap/slapd.d
+    rm -rf /etc/ldap/slapd.d
-  mkdir -p /etc/ldap/slapd.d
+    mkdir -p /etc/ldap/slapd.d
-  slapadd -F /etc/ldap/slapd.d -b cn=config -l "$config" 2>&1 \
+    slapadd -F /etc/ldap/slapd.d -b cn=config -l "$config" 2>&1 \
-      | grep -v "none elapsed\|Closing DB" || true
+        | grep -v "none elapsed\|Closing DB" || true
-  chown -R openldap: /etc/ldap/slapd.d
+    chown -R openldap: /etc/ldap/slapd.d
-  rm -rf /var/lib/ldap
+    rm -rf /var/lib/ldap
-  mkdir -p /var/lib/ldap
+    mkdir -p /var/lib/ldap
-  slapadd -F /etc/ldap/slapd.d -b dc=yunohost,dc=org -l "$db_init" 2>&1 \
+    slapadd -F /etc/ldap/slapd.d -b dc=yunohost,dc=org -l "$db_init" 2>&1 \
-      | grep -v "none elapsed\|Closing DB" || true
+        | grep -v "none elapsed\|Closing DB" || true
-  chown -R openldap: /var/lib/ldap
+    chown -R openldap: /var/lib/ldap
-  nscd -i group || true
+    nscd -i group || true
-  nscd -i passwd || true
+    nscd -i passwd || true
-  systemctl restart slapd
+    systemctl restart slapd
-  # We don't use mkhomedir_helper because 'admin' may not be recognized
+    # We don't use mkhomedir_helper because 'admin' may not be recognized
-  # when this script is ran in a chroot (e.g. ISO install)
+    # when this script is ran in a chroot (e.g. ISO install)
-  # We also refer to admin as uid 1007 for the same reason
+    # We also refer to admin as uid 1007 for the same reason
-  if [ ! -d /home/admin ]
+    if [ ! -d /home/admin ]; then
-  then
+        cp -r /etc/skel /home/admin
-      cp -r /etc/skel /home/admin
+        chown -R 1007:1007 /home/admin
-      chown -R 1007:1007 /home/admin
+    fi
  fi
 }
 _regenerate_slapd_conf() {
-  # Validate the new slapd config
+    # Validate the new slapd config
-  # To do so, we have to use the .ldif to generate the config directory
+    # To do so, we have to use the .ldif to generate the config directory
-  # so we use a temporary directory slapd_new.d
+    # so we use a temporary directory slapd_new.d
-  rm -Rf /etc/ldap/slapd_new.d
+    rm -Rf /etc/ldap/slapd_new.d
-  mkdir /etc/ldap/slapd_new.d
+    mkdir /etc/ldap/slapd_new.d
-  slapadd -b cn=config -l "$config" -F /etc/ldap/slapd_new.d/ 2>&1 \
+    slapadd -b cn=config -l "$config" -F /etc/ldap/slapd_new.d/ 2>&1 \
-      | grep -v "none elapsed\|Closing DB" || true
+        | grep -v "none elapsed\|Closing DB" || true
-  # Actual validation (-Q is for quiet, -u is for dry-run)
+    # Actual validation (-Q is for quiet, -u is for dry-run)
-  slaptest -Q -u -F /etc/ldap/slapd_new.d
+    slaptest -Q -u -F /etc/ldap/slapd_new.d
-  # "Commit" / apply the new config (meaning we delete the old one and replace
+    # "Commit" / apply the new config (meaning we delete the old one and replace
-  # it with the new one)
+    # it with the new one)
-  rm -Rf /etc/ldap/slapd.d
+    rm -Rf /etc/ldap/slapd.d
-  mv /etc/ldap/slapd_new.d /etc/ldap/slapd.d
+    mv /etc/ldap/slapd_new.d /etc/ldap/slapd.d
-  chown -R openldap:openldap /etc/ldap/slapd.d/
+    chown -R openldap:openldap /etc/ldap/slapd.d/
 }
 do_pre_regen() {
-  pending_dir=$1
+    pending_dir=$1
-  # remove temporary backup file
+    # remove temporary backup file
-  rm -f "$tmp_backup_dir_file"
+    rm -f "$tmp_backup_dir_file"
-  # Define if we need to migrate from hdb to mdb
+    # Define if we need to migrate from hdb to mdb
-  curr_backend=$(grep '^database' /etc/ldap/slapd.conf 2>/dev/null | awk '{print $2}')
+    curr_backend=$(grep '^database' /etc/ldap/slapd.conf 2>/dev/null | awk '{print $2}')
-  if [ -e /etc/ldap/slapd.conf ] && [ -n "$curr_backend" ] && \
+    if [ -e /etc/ldap/slapd.conf ] && [ -n "$curr_backend" ] \
-     [ $curr_backend != 'mdb' ]; then
+        && [ $curr_backend != 'mdb' ]; then
-    backup_dir="/var/backups/dc=yunohost,dc=org-${curr_backend}-$(date +%s)"
+        backup_dir="/var/backups/dc=yunohost,dc=org-${curr_backend}-$(date +%s)"
-    mkdir -p "$backup_dir"
+        mkdir -p "$backup_dir"
-    slapcat -b dc=yunohost,dc=org -l "${backup_dir}/dc=yunohost-dc=org.ldif"
+        slapcat -b dc=yunohost,dc=org -l "${backup_dir}/dc=yunohost-dc=org.ldif"
-    echo "$backup_dir" > "$tmp_backup_dir_file"
+        echo "$backup_dir" >"$tmp_backup_dir_file"
-  fi
+    fi
-  # create needed directories
+    # create needed directories
-  ldap_dir="${pending_dir}/etc/ldap"
+    ldap_dir="${pending_dir}/etc/ldap"
-  schema_dir="${ldap_dir}/schema"
+    schema_dir="${ldap_dir}/schema"
-  mkdir -p "$ldap_dir" "$schema_dir"
+    mkdir -p "$ldap_dir" "$schema_dir"
-  # remove legacy configuration file
+    # remove legacy configuration file
-  [ ! -f /etc/ldap/slapd-yuno.conf ] || touch "${ldap_dir}/slapd-yuno.conf"
+    [ ! -f /etc/ldap/slapd-yuno.conf ] || touch "${ldap_dir}/slapd-yuno.conf"
-  [ ! -f /etc/ldap/slapd.conf ] || touch "${ldap_dir}/slapd.conf"
+    [ ! -f /etc/ldap/slapd.conf ] || touch "${ldap_dir}/slapd.conf"
-  [ ! -f /etc/ldap/schema/yunohost.schema ] || touch "${schema_dir}/yunohost.schema"
+    [ ! -f /etc/ldap/schema/yunohost.schema ] || touch "${schema_dir}/yunohost.schema"
-  cd /usr/share/yunohost/templates/slapd
+    cd /usr/share/yunohost/templates/slapd
-  # copy configuration files
+    # copy configuration files
-  cp -a ldap.conf "$ldap_dir"
+    cp -a ldap.conf "$ldap_dir"
-  cp -a sudo.ldif mailserver.ldif permission.ldif "$schema_dir"
+    cp -a sudo.ldif mailserver.ldif permission.ldif "$schema_dir"
-  mkdir -p ${pending_dir}/etc/systemd/system/slapd.service.d/
+    mkdir -p ${pending_dir}/etc/systemd/system/slapd.service.d/
-  cp systemd-override.conf ${pending_dir}/etc/systemd/system/slapd.service.d/ynh-override.conf
+    cp systemd-override.conf ${pending_dir}/etc/systemd/system/slapd.service.d/ynh-override.conf
-  install -D -m 644 slapd.default "${pending_dir}/etc/default/slapd"
+    install -D -m 644 slapd.default "${pending_dir}/etc/default/slapd"
 }
 do_post_regen() {
-  regen_conf_files=$1
+    regen_conf_files=$1
-  # fix some permissions
+    # fix some permissions
-  echo "Enforce permissions on ldap/slapd directories and certs ..."
+    echo "Enforce permissions on ldap/slapd directories and certs ..."
-  # penldap user should be in the ssl-cert group to let it access the certificate for TLS
+    # penldap user should be in the ssl-cert group to let it access the certificate for TLS
-  usermod -aG ssl-cert openldap
+    usermod -aG ssl-cert openldap
-  chown -R openldap:openldap /etc/ldap/schema/
+    chown -R openldap:openldap /etc/ldap/schema/
-  chown -R openldap:openldap /etc/ldap/slapd.d/
+    chown -R openldap:openldap /etc/ldap/slapd.d/
-  # If we changed the systemd ynh-override conf
+    # If we changed the systemd ynh-override conf
-  if echo "$regen_conf_files" | sed 's/,/\n/g' | grep -q "^/etc/systemd/system/slapd.service.d/ynh-override.conf$"
+    if echo "$regen_conf_files" | sed 's/,/\n/g' | grep -q "^/etc/systemd/system/slapd.service.d/ynh-override.conf$"; then
-  then
+        systemctl daemon-reload
-      systemctl daemon-reload
+        systemctl restart slapd
-      systemctl restart slapd
+        sleep 3
-      sleep 3
+    fi
  fi
-  # For some reason, old setups don't have the admins group defined...
+    # For some reason, old setups don't have the admins group defined...
-  if ! slapcat | grep -q 'cn=admins,ou=groups,dc=yunohost,dc=org'
+    if ! slapcat | grep -q 'cn=admins,ou=groups,dc=yunohost,dc=org'; then
-  then
+        slapadd -F /etc/ldap/slapd.d -b dc=yunohost,dc=org <<< \
-      slapadd -F /etc/ldap/slapd.d -b dc=yunohost,dc=org <<< \
+            "dn: cn=admins,ou=groups,dc=yunohost,dc=org
 "dn: cn=admins,ou=groups,dc=yunohost,dc=org
 cn: admins
 gidNumber: 4001
 memberUid: admin
 objectClass: posixGroup
 objectClass: top"
-      chown -R openldap: /var/lib/ldap
+        chown -R openldap: /var/lib/ldap
-      systemctl restart slapd
+        systemctl restart slapd
-      nscd -i group
+        nscd -i group
-  fi
+    fi
-  [ -z "$regen_conf_files" ] && exit 0
+    [ -z "$regen_conf_files" ] && exit 0
-  # regenerate LDAP config directory from slapd.conf
+    # regenerate LDAP config directory from slapd.conf
-  echo "Regenerate LDAP config directory from config.ldif"
+    echo "Regenerate LDAP config directory from config.ldif"
-  _regenerate_slapd_conf
+    _regenerate_slapd_conf
-  # If there's a backup, re-import its data
+    # If there's a backup, re-import its data
-  backup_dir=$(cat "$tmp_backup_dir_file" 2>/dev/null || true)
+    backup_dir=$(cat "$tmp_backup_dir_file" 2>/dev/null || true)
-  if [[ -n "$backup_dir" && -f "${backup_dir}/dc=yunohost-dc=org.ldif" ]]; then
+    if [[ -n "$backup_dir" && -f "${backup_dir}/dc=yunohost-dc=org.ldif" ]]; then
-      # regenerate LDAP config directory and import database as root
+        # regenerate LDAP config directory and import database as root
-    echo "Import the database using slapadd"
+        echo "Import the database using slapadd"
-    slapadd -F /etc/ldap/slapd.d -b dc=yunohost,dc=org -l "${backup_dir}/dc=yunohost-dc=org.ldif"
+        slapadd -F /etc/ldap/slapd.d -b dc=yunohost,dc=org -l "${backup_dir}/dc=yunohost-dc=org.ldif"
-    chown -R openldap:openldap /var/lib/ldap 2>&1
+        chown -R openldap:openldap /var/lib/ldap 2>&1
-  fi
+    fi
-  echo "Running slapdindex"
+    echo "Running slapdindex"
-  su openldap -s "/bin/bash" -c "/usr/sbin/slapindex"
+    su openldap -s "/bin/bash" -c "/usr/sbin/slapindex"
-  echo "Reloading slapd"
+    echo "Reloading slapd"
-  systemctl force-reload slapd
+    systemctl force-reload slapd
-  # on slow hardware/vm this regen conf would exit before the admin user that
+    # on slow hardware/vm this regen conf would exit before the admin user that
-  # is stored in ldap is available because ldap seems to slow to restart
+    # is stored in ldap is available because ldap seems to slow to restart
-  # so we'll wait either until we are able to log as admin or until a timeout
+    # so we'll wait either until we are able to log as admin or until a timeout
-  # is reached
+    # is reached
-  # we need to do this because the next hooks executed after this one during
+    # we need to do this because the next hooks executed after this one during
-  # postinstall requires to run as admin thus breaking postinstall on slow
+    # postinstall requires to run as admin thus breaking postinstall on slow
-  # hardware which mean yunohost can't be correctly installed on those hardware
+    # hardware which mean yunohost can't be correctly installed on those hardware
-  # and this sucks
+    # and this sucks
-  # wait a maximum time of 5 minutes
+    # wait a maximum time of 5 minutes
-  # yes, force-reload behave like a restart
+    # yes, force-reload behave like a restart
-  number_of_wait=0
+    number_of_wait=0
-  while ! su admin -c '' && ((number_of_wait < 60))
+    while ! su admin -c '' && ((number_of_wait < 60)); do
-  do
+        sleep 5
-      sleep 5
+        ((number_of_wait += 1))
-      ((number_of_wait += 1))
+    done
  done
 }
 do_$1_regen ${@:2}
--- a/data/hooks/conf_regen/09-nslcd
+++ b/data/hooks/conf_regen/09-nslcd
@ -3,23 +3,23 @@
 set -e
 do_init_regen() {
-  do_pre_regen ""
+    do_pre_regen ""
-  systemctl restart nslcd
+    systemctl restart nslcd
 }
 do_pre_regen() {
-  pending_dir=$1
+    pending_dir=$1
-  cd /usr/share/yunohost/templates/nslcd
+    cd /usr/share/yunohost/templates/nslcd
-  install -D -m 644 nslcd.conf "${pending_dir}/etc/nslcd.conf"
+    install -D -m 644 nslcd.conf "${pending_dir}/etc/nslcd.conf"
 }
 do_post_regen() {
-  regen_conf_files=$1
+    regen_conf_files=$1
-  [[ -z "$regen_conf_files" ]] \
+    [[ -z "$regen_conf_files" ]] \
-    || systemctl restart nslcd
+        || systemctl restart nslcd
 }
 do_$1_regen ${@:2}
--- a/data/hooks/conf_regen/10-apt
+++ b/data/hooks/conf_regen/10-apt
@ -8,15 +8,14 @@ do_pre_regen() {
    mkdir --parents "${pending_dir}/etc/apt/preferences.d"
    packages_to_refuse_from_sury="php php-fpm php-mysql php-xml php-zip php-mbstring php-ldap php-gd php-curl php-bz2 php-json php-sqlite3 php-intl openssl libssl1.1 libssl-dev"
-    for package in $packages_to_refuse_from_sury
+    for package in $packages_to_refuse_from_sury; do
    do
        echo "
 Package: $package
 Pin: origin \"packages.sury.org\" 
-Pin-Priority: -1" >> "${pending_dir}/etc/apt/preferences.d/extra_php_version"
+Pin-Priority: -1" >>"${pending_dir}/etc/apt/preferences.d/extra_php_version"
    done
-        echo "
+    echo "
 # PLEASE READ THIS WARNING AND DON'T EDIT THIS FILE
@ -43,15 +42,15 @@ Pin-Priority: -1
 Package: bind9
 Pin: release *
 Pin-Priority: -1
-" >> "${pending_dir}/etc/apt/preferences.d/ban_packages"
+" >>"${pending_dir}/etc/apt/preferences.d/ban_packages"
 }
 do_post_regen() {
-  regen_conf_files=$1
+    regen_conf_files=$1
-  # Make sure php7.3 is the default version when using php in cli
+    # Make sure php7.3 is the default version when using php in cli
-  update-alternatives --set php /usr/bin/php7.3
+    update-alternatives --set php /usr/bin/php7.3
 }
 do_$1_regen ${@:2}
--- a/data/hooks/conf_regen/12-metronome
+++ b/data/hooks/conf_regen/12-metronome
@ -3,71 +3,71 @@
 set -e
 do_pre_regen() {
-  pending_dir=$1
+    pending_dir=$1
-  cd /usr/share/yunohost/templates/metronome
+    cd /usr/share/yunohost/templates/metronome
-  # create directories for pending conf
+    # create directories for pending conf
-  metronome_dir="${pending_dir}/etc/metronome"
+    metronome_dir="${pending_dir}/etc/metronome"
-  metronome_conf_dir="${metronome_dir}/conf.d"
+    metronome_conf_dir="${metronome_dir}/conf.d"
-  mkdir -p "$metronome_conf_dir"
+    mkdir -p "$metronome_conf_dir"
-  # retrieve variables
+    # retrieve variables
-  main_domain=$(cat /etc/yunohost/current_host)
+    main_domain=$(cat /etc/yunohost/current_host)
-  # install main conf file
+    # install main conf file
-  cat metronome.cfg.lua \
+    cat metronome.cfg.lua \
-    | sed "s/{{ main_domain }}/${main_domain}/g" \
+        | sed "s/{{ main_domain }}/${main_domain}/g" \
-    > "${metronome_dir}/metronome.cfg.lua"
+            >"${metronome_dir}/metronome.cfg.lua"
-  # add domain conf files
+    # add domain conf files
-  for domain in $YNH_DOMAINS; do
+    for domain in $YNH_DOMAINS; do
-    cat domain.tpl.cfg.lua \
+        cat domain.tpl.cfg.lua \
-      | sed "s/{{ domain }}/${domain}/g" \
+            | sed "s/{{ domain }}/${domain}/g" \
-      > "${metronome_conf_dir}/${domain}.cfg.lua"
+                >"${metronome_conf_dir}/${domain}.cfg.lua"
-  done
+    done
-  # remove old domain conf files
+    # remove old domain conf files
-  conf_files=$(ls -1 /etc/metronome/conf.d \
+    conf_files=$(ls -1 /etc/metronome/conf.d \
-                 | awk '/^[^\.]+\.[^\.]+.*\.cfg\.lua$/ { print $1 }')
+        | awk '/^[^\.]+\.[^\.]+.*\.cfg\.lua$/ { print $1 }')
-  for file in $conf_files; do
+    for file in $conf_files; do
-    domain=${file%.cfg.lua}
+        domain=${file%.cfg.lua}
-    [[ $YNH_DOMAINS =~ $domain ]] \
+        [[ $YNH_DOMAINS =~ $domain ]] \
-      || touch "${metronome_conf_dir}/${file}"
+            || touch "${metronome_conf_dir}/${file}"
-  done
+    done
 }
 do_post_regen() {
-  regen_conf_files=$1
+    regen_conf_files=$1
-  # retrieve variables
+    # retrieve variables
-  main_domain=$(cat /etc/yunohost/current_host)
+    main_domain=$(cat /etc/yunohost/current_host)
-  # FIXME : small optimization to do to avoid calling a yunohost command ... 
+    # FIXME : small optimization to do to avoid calling a yunohost command ...
-  # maybe another env variable like YNH_MAIN_DOMAINS idk
+    # maybe another env variable like YNH_MAIN_DOMAINS idk
-  domain_list=$(yunohost domain list --exclude-subdomains --output-as plain --quiet)
+    domain_list=$(yunohost domain list --exclude-subdomains --output-as plain --quiet)
-  # create metronome directories for domains
+    # create metronome directories for domains
-  for domain in $domain_list; do
+    for domain in $domain_list; do
-    mkdir -p "/var/lib/metronome/${domain//./%2e}/pep"
+        mkdir -p "/var/lib/metronome/${domain//./%2e}/pep"
-    # http_upload directory must be writable by metronome and readable by nginx
+        # http_upload directory must be writable by metronome and readable by nginx
-    mkdir -p  "/var/xmpp-upload/${domain}/upload"
+        mkdir -p "/var/xmpp-upload/${domain}/upload"
-    # sgid bit allows that file created in that dir will be owned by www-data
+        # sgid bit allows that file created in that dir will be owned by www-data
-    # despite the fact that metronome ain't in the www-data group
+        # despite the fact that metronome ain't in the www-data group
-    chmod g+s "/var/xmpp-upload/${domain}/upload"
+        chmod g+s "/var/xmpp-upload/${domain}/upload"
-  done
+    done
-  # fix some permissions
+    # fix some permissions
-  [ ! -e '/var/xmpp-upload' ] || chown -R metronome:www-data "/var/xmpp-upload/"
+    [ ! -e '/var/xmpp-upload' ] || chown -R metronome:www-data "/var/xmpp-upload/"
-  [ ! -e '/var/xmpp-upload' ] || chmod 750 "/var/xmpp-upload/"
+    [ ! -e '/var/xmpp-upload' ] || chmod 750 "/var/xmpp-upload/"
-  # metronome should be in ssl-cert group to let it access SSL certificates
+    # metronome should be in ssl-cert group to let it access SSL certificates
-  usermod -aG ssl-cert metronome
+    usermod -aG ssl-cert metronome
-  chown -R metronome: /var/lib/metronome/
+    chown -R metronome: /var/lib/metronome/
-  chown -R metronome: /etc/metronome/conf.d/
+    chown -R metronome: /etc/metronome/conf.d/
-  [[ -z "$regen_conf_files" ]] \
+    [[ -z "$regen_conf_files" ]] \
-    || systemctl restart metronome
+        || systemctl restart metronome
 }
 do_$1_regen ${@:2}
--- a/data/hooks/conf_regen/15-nginx
+++ b/data/hooks/conf_regen/15-nginx
@ -5,148 +5,156 @@ set -e
 . /usr/share/yunohost/helpers
 do_init_regen() {
-  if [[ $EUID -ne 0 ]]; then
+    if [[ $EUID -ne 0 ]]; then
-    echo "You must be root to run this script" 1>&2
+        echo "You must be root to run this script" 1>&2
-    exit 1
+        exit 1
-  fi
+    fi
-  cd /usr/share/yunohost/templates/nginx
+    cd /usr/share/yunohost/templates/nginx
-  nginx_dir="/etc/nginx"
+    nginx_dir="/etc/nginx"
-  nginx_conf_dir="${nginx_dir}/conf.d"
+    nginx_conf_dir="${nginx_dir}/conf.d"
-  mkdir -p "$nginx_conf_dir"
+    mkdir -p "$nginx_conf_dir"
-  # install plain conf files
+    # install plain conf files
-  cp plain/* "$nginx_conf_dir"
+    cp plain/* "$nginx_conf_dir"
-  # probably run with init: just disable default site, restart NGINX and exit
+    # probably run with init: just disable default site, restart NGINX and exit
-  rm -f "${nginx_dir}/sites-enabled/default"
+    rm -f "${nginx_dir}/sites-enabled/default"
-  export compatibility="intermediate"
+    export compatibility="intermediate"
-  ynh_render_template "security.conf.inc" "${nginx_conf_dir}/security.conf.inc"
+    ynh_render_template "security.conf.inc" "${nginx_conf_dir}/security.conf.inc"
-  ynh_render_template "yunohost_admin.conf" "${nginx_conf_dir}/yunohost_admin.conf"
+    ynh_render_template "yunohost_admin.conf" "${nginx_conf_dir}/yunohost_admin.conf"
-  ynh_render_template "yunohost_admin.conf.inc" "${nginx_conf_dir}/yunohost_admin.conf.inc"
+    ynh_render_template "yunohost_admin.conf.inc" "${nginx_conf_dir}/yunohost_admin.conf.inc"
-  ynh_render_template "yunohost_api.conf.inc" "${nginx_conf_dir}/yunohost_api.conf.inc"
+    ynh_render_template "yunohost_api.conf.inc" "${nginx_conf_dir}/yunohost_api.conf.inc"
-  mkdir -p $nginx_conf_dir/default.d/
+    mkdir -p $nginx_conf_dir/default.d/
-  cp "redirect_to_admin.conf" $nginx_conf_dir/default.d/
+    cp "redirect_to_admin.conf" $nginx_conf_dir/default.d/
-  # Restart nginx if conf looks good, otherwise display error and exit unhappy
+    # Restart nginx if conf looks good, otherwise display error and exit unhappy
-  nginx -t 2>/dev/null || { nginx -t; exit 1; }
+    nginx -t 2>/dev/null || {
-  systemctl restart nginx || { journalctl --no-pager --lines=10 -u nginx >&2; exit 1; }
+        nginx -t
        exit 1
    }
    systemctl restart nginx || {
        journalctl --no-pager --lines=10 -u nginx >&2
        exit 1
    }
-  exit 0
+    exit 0
 }
 do_pre_regen() {
-  pending_dir=$1
+    pending_dir=$1
-  cd /usr/share/yunohost/templates/nginx
+    cd /usr/share/yunohost/templates/nginx
-  nginx_dir="${pending_dir}/etc/nginx"
+    nginx_dir="${pending_dir}/etc/nginx"
-  nginx_conf_dir="${nginx_dir}/conf.d"
+    nginx_conf_dir="${nginx_dir}/conf.d"
-  mkdir -p "$nginx_conf_dir"
+    mkdir -p "$nginx_conf_dir"
-  # install / update plain conf files
+    # install / update plain conf files
-  cp plain/* "$nginx_conf_dir"
+    cp plain/* "$nginx_conf_dir"
-  # remove the panel overlay if this is specified in settings
+    # remove the panel overlay if this is specified in settings
-  panel_overlay=$(yunohost settings get 'ssowat.panel_overlay.enabled')
+    panel_overlay=$(yunohost settings get 'ssowat.panel_overlay.enabled')
-  if [ "$panel_overlay" == "false" ] || [ "$panel_overlay" == "False" ]
+    if [ "$panel_overlay" == "false" ] || [ "$panel_overlay" == "False" ]; then
-  then
+        echo "#" >"${nginx_conf_dir}/yunohost_panel.conf.inc"
-    echo "#" > "${nginx_conf_dir}/yunohost_panel.conf.inc"
+    fi
  fi
-  # retrieve variables
+    # retrieve variables
-  main_domain=$(cat /etc/yunohost/current_host)
+    main_domain=$(cat /etc/yunohost/current_host)
-  # Support different strategy for security configurations
+    # Support different strategy for security configurations
-  export redirect_to_https="$(yunohost settings get 'security.nginx.redirect_to_https')"
+    export redirect_to_https="$(yunohost settings get 'security.nginx.redirect_to_https')"
-  export compatibility="$(yunohost settings get 'security.nginx.compatibility')"
+    export compatibility="$(yunohost settings get 'security.nginx.compatibility')"
-  export experimental="$(yunohost settings get 'security.experimental.enabled')"
+    export experimental="$(yunohost settings get 'security.experimental.enabled')"
-  ynh_render_template "security.conf.inc" "${nginx_conf_dir}/security.conf.inc"
+    ynh_render_template "security.conf.inc" "${nginx_conf_dir}/security.conf.inc"
-  cert_status=$(yunohost domain cert status --json)
+    cert_status=$(yunohost domain cert status --json)
-  # add domain conf files
+    # add domain conf files
-  for domain in $YNH_DOMAINS; do
+    for domain in $YNH_DOMAINS; do
-    domain_conf_dir="${nginx_conf_dir}/${domain}.d"
+        domain_conf_dir="${nginx_conf_dir}/${domain}.d"
-    mkdir -p "$domain_conf_dir"
+        mkdir -p "$domain_conf_dir"
-    mail_autoconfig_dir="${pending_dir}/var/www/.well-known/${domain}/autoconfig/mail/"
+        mail_autoconfig_dir="${pending_dir}/var/www/.well-known/${domain}/autoconfig/mail/"
-    mkdir -p "$mail_autoconfig_dir"
+        mkdir -p "$mail_autoconfig_dir"
-    # NGINX server configuration
+        # NGINX server configuration
-    export domain
+        export domain
-    export domain_cert_ca=$(echo $cert_status \
+        export domain_cert_ca=$(echo $cert_status \
-                            | jq ".certificates.\"$domain\".CA_type" \
+            | jq ".certificates.\"$domain\".CA_type" \
-                            | tr -d '"')
+            | tr -d '"')
-    ynh_render_template "server.tpl.conf" "${nginx_conf_dir}/${domain}.conf"
+        ynh_render_template "server.tpl.conf" "${nginx_conf_dir}/${domain}.conf"
-    ynh_render_template "autoconfig.tpl.xml" "${mail_autoconfig_dir}/config-v1.1.xml"
+        ynh_render_template "autoconfig.tpl.xml" "${mail_autoconfig_dir}/config-v1.1.xml"
-    touch "${domain_conf_dir}/yunohost_local.conf"  # Clean legacy conf files
+        touch "${domain_conf_dir}/yunohost_local.conf" # Clean legacy conf files
-  done
+    done
-  export webadmin_allowlist_enabled=$(yunohost settings get security.webadmin.allowlist.enabled)
+    export webadmin_allowlist_enabled=$(yunohost settings get security.webadmin.allowlist.enabled)
-  if [ "$webadmin_allowlist_enabled" == "True" ]
+    if [ "$webadmin_allowlist_enabled" == "True" ]; then
-  then
+        export webadmin_allowlist=$(yunohost settings get security.webadmin.allowlist)
-    export webadmin_allowlist=$(yunohost settings get security.webadmin.allowlist)
+    fi
-  fi
+    ynh_render_template "yunohost_admin.conf.inc" "${nginx_conf_dir}/yunohost_admin.conf.inc"
-  ynh_render_template "yunohost_admin.conf.inc" "${nginx_conf_dir}/yunohost_admin.conf.inc"
+    ynh_render_template "yunohost_api.conf.inc" "${nginx_conf_dir}/yunohost_api.conf.inc"
-  ynh_render_template "yunohost_api.conf.inc" "${nginx_conf_dir}/yunohost_api.conf.inc"
+    ynh_render_template "yunohost_admin.conf" "${nginx_conf_dir}/yunohost_admin.conf"
-  ynh_render_template "yunohost_admin.conf" "${nginx_conf_dir}/yunohost_admin.conf"
+    mkdir -p $nginx_conf_dir/default.d/
-  mkdir -p $nginx_conf_dir/default.d/
+    cp "redirect_to_admin.conf" $nginx_conf_dir/default.d/
  cp "redirect_to_admin.conf" $nginx_conf_dir/default.d/
-  # remove old domain conf files
+    # remove old domain conf files
-  conf_files=$(ls -1 /etc/nginx/conf.d \
+    conf_files=$(ls -1 /etc/nginx/conf.d \
-                 | awk '/^[^\.]+\.[^\.]+.*\.conf$/ { print $1 }')
+        | awk '/^[^\.]+\.[^\.]+.*\.conf$/ { print $1 }')
-  for file in $conf_files; do
+    for file in $conf_files; do
-    domain=${file%.conf}
+        domain=${file%.conf}
-    [[ $YNH_DOMAINS =~ $domain ]] \
+        [[ $YNH_DOMAINS =~ $domain ]] \
-      || touch "${nginx_conf_dir}/${file}"
+            || touch "${nginx_conf_dir}/${file}"
-  done
+    done
-  # remove old mail-autoconfig files
+    # remove old mail-autoconfig files
-  autoconfig_files=$(ls -1 /var/www/.well-known/*/autoconfig/mail/config-v1.1.xml 2>/dev/null || true)
+    autoconfig_files=$(ls -1 /var/www/.well-known/*/autoconfig/mail/config-v1.1.xml 2>/dev/null || true)
-  for file in $autoconfig_files; do
+    for file in $autoconfig_files; do
-    domain=$(basename $(readlink -f $(dirname $file)/../..))
+        domain=$(basename $(readlink -f $(dirname $file)/../..))
-    [[ $YNH_DOMAINS =~ $domain ]] \
+        [[ $YNH_DOMAINS =~ $domain ]] \
-      || (mkdir -p "$(dirname ${pending_dir}/${file})" && touch "${pending_dir}/${file}")
+            || (mkdir -p "$(dirname ${pending_dir}/${file})" && touch "${pending_dir}/${file}")
-  done
+    done
-  # disable default site
+    # disable default site
-  mkdir -p "${nginx_dir}/sites-enabled"
+    mkdir -p "${nginx_dir}/sites-enabled"
-  touch "${nginx_dir}/sites-enabled/default"
+    touch "${nginx_dir}/sites-enabled/default"
 }
 do_post_regen() {
-  regen_conf_files=$1
+    regen_conf_files=$1
-  [ -z "$regen_conf_files" ] && exit 0
+    [ -z "$regen_conf_files" ] && exit 0
-  # create NGINX conf directories for domains
+    # create NGINX conf directories for domains
-  for domain in $YNH_DOMAINS; do
+    for domain in $YNH_DOMAINS; do
-    mkdir -p "/etc/nginx/conf.d/${domain}.d"
+        mkdir -p "/etc/nginx/conf.d/${domain}.d"
-  done
+    done
-  # Get rid of legacy lets encrypt snippets
+    # Get rid of legacy lets encrypt snippets
-  for domain in $YNH_DOMAINS; do
+    for domain in $YNH_DOMAINS; do
-      # If the legacy letsencrypt / acme-challenge domain-specific snippet is still there
+        # If the legacy letsencrypt / acme-challenge domain-specific snippet is still there
-      if [ -e /etc/nginx/conf.d/${domain}.d/000-acmechallenge.conf ]
+        if [ -e /etc/nginx/conf.d/${domain}.d/000-acmechallenge.conf ]; then
-      then
+            # And if we're effectively including the new domain-independant snippet now
-          # And if we're effectively including the new domain-independant snippet now
+            if grep -q "include /etc/nginx/conf.d/acme-challenge.conf.inc;" /etc/nginx/conf.d/${domain}.conf; then
-          if grep -q "include /etc/nginx/conf.d/acme-challenge.conf.inc;" /etc/nginx/conf.d/${domain}.conf
+                # Delete the old domain-specific snippet
-          then
+                rm /etc/nginx/conf.d/${domain}.d/000-acmechallenge.conf
-              # Delete the old domain-specific snippet
+            fi
-              rm /etc/nginx/conf.d/${domain}.d/000-acmechallenge.conf
+        fi
-          fi
+    done
      fi
  done
-  # Reload nginx if conf looks good, otherwise display error and exit unhappy
+    # Reload nginx if conf looks good, otherwise display error and exit unhappy
-  nginx -t 2>/dev/null || { nginx -t; exit 1; }
+    nginx -t 2>/dev/null || {
-  pgrep nginx && systemctl reload nginx || { journalctl --no-pager --lines=10 -u nginx >&2; exit 1; }
+        nginx -t
        exit 1
    }
    pgrep nginx && systemctl reload nginx || {
        journalctl --no-pager --lines=10 -u nginx >&2
        exit 1
    }
 }
 do_$1_regen ${@:2}
--- a/data/hooks/conf_regen/19-postfix
+++ b/data/hooks/conf_regen/19-postfix
@ -5,78 +5,76 @@ set -e
 . /usr/share/yunohost/helpers
 do_pre_regen() {
-  pending_dir=$1
+    pending_dir=$1
-  cd /usr/share/yunohost/templates/postfix
+    cd /usr/share/yunohost/templates/postfix
-  postfix_dir="${pending_dir}/etc/postfix"
+    postfix_dir="${pending_dir}/etc/postfix"
-  mkdir -p "$postfix_dir"
+    mkdir -p "$postfix_dir"
-  default_dir="${pending_dir}/etc/default/"
+    default_dir="${pending_dir}/etc/default/"
-  mkdir -p "$default_dir"
+    mkdir -p "$default_dir"
-  # install plain conf files
+    # install plain conf files
-  cp plain/* "$postfix_dir"
+    cp plain/* "$postfix_dir"
-  # prepare main.cf conf file
+    # prepare main.cf conf file
-  main_domain=$(cat /etc/yunohost/current_host)
+    main_domain=$(cat /etc/yunohost/current_host)
-  # Support different strategy for security configurations
+    # Support different strategy for security configurations
-  export compatibility="$(yunohost settings get 'security.postfix.compatibility')"
+    export compatibility="$(yunohost settings get 'security.postfix.compatibility')"
-  # Add possibility to specify a relay
+    # Add possibility to specify a relay
-  # Could be useful with some isp with no 25 port open or more complex setup
+    # Could be useful with some isp with no 25 port open or more complex setup
-  export relay_port=""
+    export relay_port=""
-  export relay_user=""
+    export relay_user=""
-  export relay_host="$(yunohost settings get 'smtp.relay.host')"
+    export relay_host="$(yunohost settings get 'smtp.relay.host')"
-  if [ -n "${relay_host}" ]
+    if [ -n "${relay_host}" ]; then
-  then
+        relay_port="$(yunohost settings get 'smtp.relay.port')"
-    relay_port="$(yunohost settings get 'smtp.relay.port')"
+        relay_user="$(yunohost settings get 'smtp.relay.user')"
-    relay_user="$(yunohost settings get 'smtp.relay.user')"
+        relay_password="$(yunohost settings get 'smtp.relay.password')"
    relay_password="$(yunohost settings get 'smtp.relay.password')"
-    # Avoid to display "Relay account paswword" to other users
+        # Avoid to display "Relay account paswword" to other users
-    touch ${postfix_dir}/sasl_passwd
+        touch ${postfix_dir}/sasl_passwd
-    chmod 750 ${postfix_dir}/sasl_passwd
+        chmod 750 ${postfix_dir}/sasl_passwd
-    # Avoid "postmap: warning: removing zero-length database file"
+        # Avoid "postmap: warning: removing zero-length database file"
-    chown postfix ${pending_dir}/etc/postfix
+        chown postfix ${pending_dir}/etc/postfix
-    chown postfix ${pending_dir}/etc/postfix/sasl_passwd
+        chown postfix ${pending_dir}/etc/postfix/sasl_passwd
-    cat <<< "[${relay_host}]:${relay_port} ${relay_user}:${relay_password}" > ${postfix_dir}/sasl_passwd
+        cat <<<"[${relay_host}]:${relay_port} ${relay_user}:${relay_password}" >${postfix_dir}/sasl_passwd
-    postmap ${postfix_dir}/sasl_passwd
+        postmap ${postfix_dir}/sasl_passwd
-  fi
+    fi
-  export main_domain
+    export main_domain
-  export domain_list="$YNH_DOMAINS"
+    export domain_list="$YNH_DOMAINS"
-  ynh_render_template "main.cf" "${postfix_dir}/main.cf"
+    ynh_render_template "main.cf" "${postfix_dir}/main.cf"
-  cat postsrsd \
+    cat postsrsd \
-    | sed "s/{{ main_domain }}/${main_domain}/g" \
+        | sed "s/{{ main_domain }}/${main_domain}/g" \
-    | sed "s/{{ domain_list }}/${YNH_DOMAINS}/g" \
+        | sed "s/{{ domain_list }}/${YNH_DOMAINS}/g" \
-    > "${default_dir}/postsrsd"
+            >"${default_dir}/postsrsd"
-  # adapt it for IPv4-only hosts
+    # adapt it for IPv4-only hosts
-  ipv6="$(yunohost settings get 'smtp.allow_ipv6')"
+    ipv6="$(yunohost settings get 'smtp.allow_ipv6')"
-  if [ "$ipv6" == "False" ] || [ ! -f /proc/net/if_inet6 ]; then
+    if [ "$ipv6" == "False" ] || [ ! -f /proc/net/if_inet6 ]; then
-    sed -i \
+        sed -i \
-      's/ \[::ffff:127.0.0.0\]\/104 \[::1\]\/128//g' \
+            's/ \[::ffff:127.0.0.0\]\/104 \[::1\]\/128//g' \
-      "${postfix_dir}/main.cf"
+            "${postfix_dir}/main.cf"
-    sed -i \
+        sed -i \
-      's/inet_interfaces = all/&\ninet_protocols = ipv4/' \
+            's/inet_interfaces = all/&\ninet_protocols = ipv4/' \
-      "${postfix_dir}/main.cf"
+            "${postfix_dir}/main.cf"
-  fi
+    fi
 }
 do_post_regen() {
-  regen_conf_files=$1
+    regen_conf_files=$1
-  if [ -e /etc/postfix/sasl_passwd ]
+    if [ -e /etc/postfix/sasl_passwd ]; then
-  then
+        chmod 750 /etc/postfix/sasl_passwd*
-      chmod 750 /etc/postfix/sasl_passwd*
+        chown postfix:root /etc/postfix/sasl_passwd*
-      chown postfix:root /etc/postfix/sasl_passwd*
+    fi
  fi
-  [[ -z "$regen_conf_files" ]] \
+    [[ -z "$regen_conf_files" ]] \
-    || { systemctl restart postfix && systemctl restart postsrsd; }
+        || { systemctl restart postfix && systemctl restart postsrsd; }
 }
--- a/data/hooks/conf_regen/25-dovecot
+++ b/data/hooks/conf_regen/25-dovecot
@ -5,62 +5,62 @@ set -e
 . /usr/share/yunohost/helpers
 do_pre_regen() {
-  pending_dir=$1
+    pending_dir=$1
-  cd /usr/share/yunohost/templates/dovecot
+    cd /usr/share/yunohost/templates/dovecot
-  dovecot_dir="${pending_dir}/etc/dovecot"
+    dovecot_dir="${pending_dir}/etc/dovecot"
-  mkdir -p "${dovecot_dir}/global_script"
+    mkdir -p "${dovecot_dir}/global_script"
-  # copy simple conf files
+    # copy simple conf files
-  cp dovecot-ldap.conf "${dovecot_dir}/dovecot-ldap.conf"
+    cp dovecot-ldap.conf "${dovecot_dir}/dovecot-ldap.conf"
-  cp dovecot.sieve "${dovecot_dir}/global_script/dovecot.sieve"
+    cp dovecot.sieve "${dovecot_dir}/global_script/dovecot.sieve"
-  export pop3_enabled="$(yunohost settings get 'pop3.enabled')"
+    export pop3_enabled="$(yunohost settings get 'pop3.enabled')"
-  export main_domain=$(cat /etc/yunohost/current_host)
+    export main_domain=$(cat /etc/yunohost/current_host)
-  ynh_render_template "dovecot.conf" "${dovecot_dir}/dovecot.conf"
+    ynh_render_template "dovecot.conf" "${dovecot_dir}/dovecot.conf"
-  # adapt it for IPv4-only hosts
+    # adapt it for IPv4-only hosts
-  if [ ! -f /proc/net/if_inet6 ]; then
+    if [ ! -f /proc/net/if_inet6 ]; then
-    sed -i \
+        sed -i \
-      's/^\(listen =\).*/\1 */' \
+            's/^\(listen =\).*/\1 */' \
-      "${dovecot_dir}/dovecot.conf"
+            "${dovecot_dir}/dovecot.conf"
-  fi
+    fi
-  mkdir -p "${dovecot_dir}/yunohost.d"
+    mkdir -p "${dovecot_dir}/yunohost.d"
-  cp pre-ext.conf "${dovecot_dir}/yunohost.d"
+    cp pre-ext.conf "${dovecot_dir}/yunohost.d"
-  cp post-ext.conf "${dovecot_dir}/yunohost.d"
+    cp post-ext.conf "${dovecot_dir}/yunohost.d"
 }
 do_post_regen() {
-  regen_conf_files=$1
+    regen_conf_files=$1
-  mkdir -p "/etc/dovecot/yunohost.d/pre-ext.d"
+    mkdir -p "/etc/dovecot/yunohost.d/pre-ext.d"
-  mkdir -p "/etc/dovecot/yunohost.d/post-ext.d"
+    mkdir -p "/etc/dovecot/yunohost.d/post-ext.d"
-  # create vmail user
+    # create vmail user
-  id vmail > /dev/null 2>&1 \
+    id vmail >/dev/null 2>&1 \
-    || adduser --system --ingroup mail --uid 500 vmail --home /var/vmail --no-create-home
+        || adduser --system --ingroup mail --uid 500 vmail --home /var/vmail --no-create-home
-  # Delete legacy home for vmail that existed in the past but was empty, poluting /home/
+    # Delete legacy home for vmail that existed in the past but was empty, poluting /home/
-  [ ! -e /home/vmail ] || rmdir --ignore-fail-on-non-empty /home/vmail
+    [ ! -e /home/vmail ] || rmdir --ignore-fail-on-non-empty /home/vmail
-  # fix permissions
+    # fix permissions
  chown -R vmail:mail /etc/dovecot/global_script
  chmod 770 /etc/dovecot/global_script
  chown root:mail /var/mail
  chmod 1775 /var/mail
  [ -z "$regen_conf_files" ] && exit 0
  # compile sieve script
  [[ "$regen_conf_files" =~ dovecot\.sieve ]] && {
    sievec /etc/dovecot/global_script/dovecot.sieve
    chown -R vmail:mail /etc/dovecot/global_script
-  }
+    chmod 770 /etc/dovecot/global_script
    chown root:mail /var/mail
    chmod 1775 /var/mail
-  systemctl restart dovecot
+    [ -z "$regen_conf_files" ] && exit 0
    # compile sieve script
    [[ "$regen_conf_files" =~ dovecot\.sieve ]] && {
        sievec /etc/dovecot/global_script/dovecot.sieve
        chown -R vmail:mail /etc/dovecot/global_script
    }
    systemctl restart dovecot
 }
 do_$1_regen ${@:2}
--- a/data/hooks/conf_regen/31-rspamd
+++ b/data/hooks/conf_regen/31-rspamd
@ -3,60 +3,60 @@
 set -e
 do_pre_regen() {
-  pending_dir=$1
+    pending_dir=$1
-  cd /usr/share/yunohost/templates/rspamd
+    cd /usr/share/yunohost/templates/rspamd
-  install -D -m 644 metrics.local.conf \
+    install -D -m 644 metrics.local.conf \
-      "${pending_dir}/etc/rspamd/local.d/metrics.conf"
+        "${pending_dir}/etc/rspamd/local.d/metrics.conf"
-  install -D -m 644 dkim_signing.conf \
+    install -D -m 644 dkim_signing.conf \
-      "${pending_dir}/etc/rspamd/local.d/dkim_signing.conf"
+        "${pending_dir}/etc/rspamd/local.d/dkim_signing.conf"
-  install -D -m 644 rspamd.sieve \
+    install -D -m 644 rspamd.sieve \
-      "${pending_dir}/etc/dovecot/global_script/rspamd.sieve"
+        "${pending_dir}/etc/dovecot/global_script/rspamd.sieve"
 }
 do_post_regen() {
-  ##
+    ##
-  ## DKIM key generation
+    ## DKIM key generation
-  ##
+    ##
-  # create DKIM directory with proper permission
+    # create DKIM directory with proper permission
-  mkdir -p /etc/dkim
+    mkdir -p /etc/dkim
-  chown _rspamd /etc/dkim
+    chown _rspamd /etc/dkim
-  # create DKIM key for domains
+    # create DKIM key for domains
-  for domain in $YNH_DOMAINS; do
+    for domain in $YNH_DOMAINS; do
-    domain_key="/etc/dkim/${domain}.mail.key"
+        domain_key="/etc/dkim/${domain}.mail.key"
-    [ ! -f "$domain_key" ] && {
+        [ ! -f "$domain_key" ] && {
-      # We use a 1024 bit size because nsupdate doesn't seem to be able to
+            # We use a 1024 bit size because nsupdate doesn't seem to be able to
-      # handle 2048...
+            # handle 2048...
-      opendkim-genkey --domain="$domain" \
+            opendkim-genkey --domain="$domain" \
-          --selector=mail --directory=/etc/dkim -b 1024
+                --selector=mail --directory=/etc/dkim -b 1024
-      mv /etc/dkim/mail.private "$domain_key"
+            mv /etc/dkim/mail.private "$domain_key"
-      mv /etc/dkim/mail.txt "/etc/dkim/${domain}.mail.txt"
+            mv /etc/dkim/mail.txt "/etc/dkim/${domain}.mail.txt"
        }
    done
    # fix DKIM keys permissions
    chown _rspamd /etc/dkim/*.mail.key
    chmod 400 /etc/dkim/*.mail.key
    [ ! -e /var/log/rspamd ] || chown -R _rspamd:_rspamd /var/log/rspamd
    regen_conf_files=$1
    [ -z "$regen_conf_files" ] && exit 0
    # compile sieve script
    [[ "$regen_conf_files" =~ rspamd\.sieve ]] && {
        sievec /etc/dovecot/global_script/rspamd.sieve
        chown -R vmail:mail /etc/dovecot/global_script
        systemctl restart dovecot
    }
  done
-  # fix DKIM keys permissions
+    # Restart rspamd due to the upgrade
-  chown _rspamd /etc/dkim/*.mail.key
+    # https://rspamd.com/announce/2016/08/01/rspamd-1.3.1.html
-  chmod 400 /etc/dkim/*.mail.key
+    systemctl -q restart rspamd.service
  [ ! -e /var/log/rspamd ] || chown -R _rspamd:_rspamd /var/log/rspamd
  regen_conf_files=$1
  [ -z "$regen_conf_files" ] && exit 0
  # compile sieve script
  [[ "$regen_conf_files" =~ rspamd\.sieve ]] && {
    sievec /etc/dovecot/global_script/rspamd.sieve
    chown -R vmail:mail /etc/dovecot/global_script
    systemctl restart dovecot
  }
  # Restart rspamd due to the upgrade
  # https://rspamd.com/announce/2016/08/01/rspamd-1.3.1.html 
  systemctl -q restart rspamd.service 
 }
 do_$1_regen ${@:2}
--- a/data/hooks/conf_regen/34-mysql
+++ b/data/hooks/conf_regen/34-mysql
@ -4,69 +4,65 @@ set -e
 . /usr/share/yunohost/helpers
 do_pre_regen() {
-  pending_dir=$1
+    pending_dir=$1
-  cd /usr/share/yunohost/templates/mysql
+    cd /usr/share/yunohost/templates/mysql
-  install -D -m 644 my.cnf "${pending_dir}/etc/mysql/my.cnf"
+    install -D -m 644 my.cnf "${pending_dir}/etc/mysql/my.cnf"
 }
 do_post_regen() {
-  regen_conf_files=$1
+    regen_conf_files=$1
-  if [[ ! -d /var/lib/mysql/mysql ]]
+    if [[ ! -d /var/lib/mysql/mysql ]]; then
-  then
+        # dpkg-reconfigure will initialize mysql (if it ain't already)
-      # dpkg-reconfigure will initialize mysql (if it ain't already)
+        # It enabled auth_socket for root, so no need to define any root password...
-      # It enabled auth_socket for root, so no need to define any root password...
+        # c.f. : cat /var/lib/dpkg/info/mariadb-server-10.3.postinst | grep install_db -C3
-      # c.f. : cat /var/lib/dpkg/info/mariadb-server-10.3.postinst | grep install_db -C3
+        MYSQL_PKG="$(dpkg --list | sed -ne 's/^ii  \(mariadb-server-[[:digit:].]\+\) .*$/\1/p')"
-      MYSQL_PKG="$(dpkg --list | sed -ne 's/^ii  \(mariadb-server-[[:digit:].]\+\) .*$/\1/p')"
+        dpkg-reconfigure -freadline -u "$MYSQL_PKG" 2>&1
      dpkg-reconfigure -freadline -u "$MYSQL_PKG" 2>&1
-      systemctl -q is-active mariadb.service \
+        systemctl -q is-active mariadb.service \
-        || systemctl start mariadb
+            || systemctl start mariadb
-      sleep 5
+        sleep 5
-      echo "" | mysql && echo "Can't connect to mysql using unix_socket auth ... something went wrong during initial configuration of mysql !?" >&2
+        echo "" | mysql && echo "Can't connect to mysql using unix_socket auth ... something went wrong during initial configuration of mysql !?" >&2
-  fi
+    fi
-  # Legacy code to get rid of /etc/yunohost/mysql ...
+    # Legacy code to get rid of /etc/yunohost/mysql ...
-  # Nowadays, we can simply run mysql while being run as root of unix_socket/auth_socket is enabled...
+    # Nowadays, we can simply run mysql while being run as root of unix_socket/auth_socket is enabled...
-  if [ -f /etc/yunohost/mysql ]; then
+    if [ -f /etc/yunohost/mysql ]; then
-      # This is a trick to check if we're able to use mysql without password
+        # This is a trick to check if we're able to use mysql without password
-      # Expect instances installed in stretch to already have unix_socket
+        # Expect instances installed in stretch to already have unix_socket
-      #configured, but not old instances from the jessie/wheezy era
+        #configured, but not old instances from the jessie/wheezy era
-      if ! echo "" | mysql 2>/dev/null
+        if ! echo "" | mysql 2>/dev/null; then
-      then
+            password="$(cat /etc/yunohost/mysql)"
-          password="$(cat /etc/yunohost/mysql)"
+            # Enable plugin unix_socket for root on localhost
-          # Enable plugin unix_socket for root on localhost
+            mysql -u root -p"$password" <<<"GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' IDENTIFIED WITH unix_socket WITH GRANT OPTION;"
-          mysql -u root -p"$password" <<< "GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' IDENTIFIED WITH unix_socket WITH GRANT OPTION;"
+        fi
      fi
-      # If now we're able to login without password, drop the mysql password
+        # If now we're able to login without password, drop the mysql password
-      if echo "" | mysql 2>/dev/null
+        if echo "" | mysql 2>/dev/null; then
-      then
+            rm /etc/yunohost/mysql
-          rm /etc/yunohost/mysql
+        else
-      else
+            echo "Can't connect to mysql using unix_socket auth ... something went wrong while trying to get rid of mysql password !?" >&2
-          echo "Can't connect to mysql using unix_socket auth ... something went wrong while trying to get rid of mysql password !?" >&2
+        fi
-      fi
+    fi
  fi
-  # mysql is supposed to be an alias to mariadb... but in some weird case is not
+    # mysql is supposed to be an alias to mariadb... but in some weird case is not
-  # c.f. https://forum.yunohost.org/t/mysql-ne-fonctionne-pas/11661
+    # c.f. https://forum.yunohost.org/t/mysql-ne-fonctionne-pas/11661
-  # Playing with enable/disable allows to recreate the proper symlinks.
+    # Playing with enable/disable allows to recreate the proper symlinks.
-  if [ ! -e /etc/systemd/system/mysql.service ]
+    if [ ! -e /etc/systemd/system/mysql.service ]; then
-  then
+        systemctl stop mysql -q
-      systemctl stop mysql -q
+        systemctl disable mysql -q
-      systemctl disable mysql -q
+        systemctl disable mariadb -q
-      systemctl disable mariadb -q
+        systemctl enable mariadb -q
-      systemctl enable mariadb -q
+        systemctl is-active mariadb -q || systemctl start mariadb
-      systemctl is-active mariadb -q || systemctl start mariadb
+    fi
  fi
-  [[ -z "$regen_conf_files" ]] \
+    [[ -z "$regen_conf_files" ]] \
-    || systemctl restart mysql
+        || systemctl restart mysql
 }
 do_$1_regen ${@:2}
--- a/data/hooks/conf_regen/35-redis
+++ b/data/hooks/conf_regen/35-redis
@ -1,13 +1,13 @@
 #!/bin/bash
 do_pre_regen() {
-  :
+    :
 }
 do_post_regen() {
-  # Enforce these damn permissions because for some reason in some weird cases
+    # Enforce these damn permissions because for some reason in some weird cases
-  # they are spontaneously replaced by root:root -_-
+    # they are spontaneously replaced by root:root -_-
-  chown -R redis:adm /var/log/redis
+    chown -R redis:adm /var/log/redis
 }
 do_$1_regen ${@:2}
--- a/data/hooks/conf_regen/37-mdns
+++ b/data/hooks/conf_regen/37-mdns
@ -3,55 +3,52 @@
 set -e
 _generate_config() {
-  echo "domains:"
+    echo "domains:"
-  echo "    - yunohost.local"
+    echo "    - yunohost.local"
-  for domain in $YNH_DOMAINS
+    for domain in $YNH_DOMAINS; do
-  do
+        # Only keep .local domains (don't keep
-      # Only keep .local domains (don't keep
+        [[ "$domain" =~ [^.]+\.[^.]+\.local$ ]] && echo "Subdomain $domain cannot be handled by Bonjour/Zeroconf/mDNS" >&2
-      [[ "$domain" =~ [^.]+\.[^.]+\.local$ ]] && echo "Subdomain $domain cannot be handled by Bonjour/Zeroconf/mDNS" >&2
+        [[ "$domain" =~ ^[^.]+\.local$ ]] || continue
-      [[ "$domain" =~ ^[^.]+\.local$ ]] || continue
+        echo "    - $domain"
-      echo "    - $domain"
+    done
  done
 }
 do_init_regen() {
-   do_pre_regen
+    do_pre_regen
-   do_post_regen /etc/systemd/system/yunomdns.service
+    do_post_regen /etc/systemd/system/yunomdns.service
-   systemctl enable yunomdns
+    systemctl enable yunomdns
 }
 do_pre_regen() {
-  pending_dir="$1"
+    pending_dir="$1"
-  cd /usr/share/yunohost/templates/mdns
+    cd /usr/share/yunohost/templates/mdns
-  mkdir -p ${pending_dir}/etc/systemd/system/
+    mkdir -p ${pending_dir}/etc/systemd/system/
-  cp yunomdns.service ${pending_dir}/etc/systemd/system/
+    cp yunomdns.service ${pending_dir}/etc/systemd/system/
-  getent passwd mdns &>/dev/null || useradd --no-create-home --shell /usr/sbin/nologin --system --user-group mdns
+    getent passwd mdns &>/dev/null || useradd --no-create-home --shell /usr/sbin/nologin --system --user-group mdns
-  mkdir -p ${pending_dir}/etc/yunohost
+    mkdir -p ${pending_dir}/etc/yunohost
-  _generate_config > ${pending_dir}/etc/yunohost/mdns.yml
+    _generate_config >${pending_dir}/etc/yunohost/mdns.yml
 }
 do_post_regen() {
-  regen_conf_files="$1"
+    regen_conf_files="$1"
-  chown mdns:mdns /etc/yunohost/mdns.yml
+    chown mdns:mdns /etc/yunohost/mdns.yml
-  # If we changed the systemd ynh-override conf
+    # If we changed the systemd ynh-override conf
-  if echo "$regen_conf_files" | sed 's/,/\n/g' | grep -q "^/etc/systemd/system/yunomdns.service$"
+    if echo "$regen_conf_files" | sed 's/,/\n/g' | grep -q "^/etc/systemd/system/yunomdns.service$"; then
-  then
+        systemctl daemon-reload
-      systemctl daemon-reload
+    fi
  fi
-  # Legacy stuff to enable the new yunomdns service on legacy systems
+    # Legacy stuff to enable the new yunomdns service on legacy systems
-  if [[ -e /etc/avahi/avahi-daemon.conf ]] && grep -q 'yunohost' /etc/avahi/avahi-daemon.conf
+    if [[ -e /etc/avahi/avahi-daemon.conf ]] && grep -q 'yunohost' /etc/avahi/avahi-daemon.conf; then
-  then
+        systemctl enable yunomdns
-      systemctl enable yunomdns
+    fi
  fi
-  [[ -z "$regen_conf_files" ]] \
+    [[ -z "$regen_conf_files" ]] \
-    || systemctl restart yunomdns
+        || systemctl restart yunomdns
 }
 do_$1_regen ${@:2}
--- a/data/hooks/conf_regen/43-dnsmasq
+++ b/data/hooks/conf_regen/43-dnsmasq
@ -4,83 +4,80 @@ set -e
 . /usr/share/yunohost/helpers
 do_pre_regen() {
-  pending_dir=$1
+    pending_dir=$1
-  cd /usr/share/yunohost/templates/dnsmasq
+    cd /usr/share/yunohost/templates/dnsmasq
-  # create directory for pending conf
+    # create directory for pending conf
-  dnsmasq_dir="${pending_dir}/etc/dnsmasq.d"
+    dnsmasq_dir="${pending_dir}/etc/dnsmasq.d"
-  mkdir -p "$dnsmasq_dir"
+    mkdir -p "$dnsmasq_dir"
-  etcdefault_dir="${pending_dir}/etc/default"
+    etcdefault_dir="${pending_dir}/etc/default"
-  mkdir -p "$etcdefault_dir"
+    mkdir -p "$etcdefault_dir"
-  # add general conf files
+    # add general conf files
-  cp plain/etcdefault ${pending_dir}/etc/default/dnsmasq
+    cp plain/etcdefault ${pending_dir}/etc/default/dnsmasq
-  cp plain/dnsmasq.conf ${pending_dir}/etc/dnsmasq.conf
+    cp plain/dnsmasq.conf ${pending_dir}/etc/dnsmasq.conf
-  # add resolver file
+    # add resolver file
-  cat plain/resolv.dnsmasq.conf | grep "^nameserver" | shuf > ${pending_dir}/etc/resolv.dnsmasq.conf
+    cat plain/resolv.dnsmasq.conf | grep "^nameserver" | shuf >${pending_dir}/etc/resolv.dnsmasq.conf
-  # retrieve variables
+    # retrieve variables
-  ipv4=$(curl -s -4 https://ip.yunohost.org 2>/dev/null || true)
+    ipv4=$(curl -s -4 https://ip.yunohost.org 2>/dev/null || true)
-  ynh_validate_ip4 "$ipv4" || ipv4='127.0.0.1'
+    ynh_validate_ip4 "$ipv4" || ipv4='127.0.0.1'
-  ipv6=$(curl -s -6 https://ip6.yunohost.org 2>/dev/null || true)
+    ipv6=$(curl -s -6 https://ip6.yunohost.org 2>/dev/null || true)
-  ynh_validate_ip6 "$ipv6" || ipv6=''
+    ynh_validate_ip6 "$ipv6" || ipv6=''
-  export ipv4
+    export ipv4
-  export ipv6
+    export ipv6
-  # add domain conf files
+    # add domain conf files
-  for domain in $YNH_DOMAINS; do
+    for domain in $YNH_DOMAINS; do
-      [[ ! $domain =~ \.local$ ]] || continue
+        [[ ! $domain =~ \.local$ ]] || continue
-      export domain
+        export domain
-      ynh_render_template "domain.tpl" "${dnsmasq_dir}/${domain}"
+        ynh_render_template "domain.tpl" "${dnsmasq_dir}/${domain}"
-  done
+    done
-  # remove old domain conf files
+    # remove old domain conf files
-  conf_files=$(ls -1 /etc/dnsmasq.d \
+    conf_files=$(ls -1 /etc/dnsmasq.d \
-                 | awk '/^[^\.]+\.[^\.]+.*$/ { print $1 }')
+        | awk '/^[^\.]+\.[^\.]+.*$/ { print $1 }')
-  for domain in $conf_files; do
+    for domain in $conf_files; do
-      if [[ ! $YNH_DOMAINS =~ $domain ]] && [[ ! $domain =~ \.local$ ]]
+        if [[ ! $YNH_DOMAINS =~ $domain ]] && [[ ! $domain =~ \.local$ ]]
-      then
+        then
-          touch "${dnsmasq_dir}/${domain}"
+            touch "${dnsmasq_dir}/${domain}"
-      fi
+        fi
-  done
+    done
 }
 do_post_regen() {
-  regen_conf_files=$1
+    regen_conf_files=$1
-  # Fuck it, those domain/search entries from dhclient are usually annoying
+    # Fuck it, those domain/search entries from dhclient are usually annoying
-  # lying shit from the ISP trying to MiTM
+    # lying shit from the ISP trying to MiTM
-  if grep -q -E "^ *(domain|search)" /run/resolvconf/resolv.conf
+    if grep -q -E "^ *(domain|search)" /run/resolvconf/resolv.conf; then
-  then
+        if grep -q -E "^ *(domain|search)" /run/resolvconf/interface/*.dhclient 2>/dev/null; then
-      if grep -q -E "^ *(domain|search)" /run/resolvconf/interface/*.dhclient 2>/dev/null
+            sed -E "s/^(domain|search)/#\1/g" -i /run/resolvconf/interface/*.dhclient
-      then
+        fi
        sed -E "s/^(domain|search)/#\1/g" -i /run/resolvconf/interface/*.dhclient
      fi
-      grep -q '^supersede domain-name "";' /etc/dhcp/dhclient.conf 2>/dev/null || echo 'supersede domain-name "";' >> /etc/dhcp/dhclient.conf
+        grep -q '^supersede domain-name "";' /etc/dhcp/dhclient.conf 2>/dev/null || echo 'supersede domain-name "";' >>/etc/dhcp/dhclient.conf
-      grep -q '^supersede domain-search "";' /etc/dhcp/dhclient.conf 2>/dev/null || echo 'supersede domain-search "";' >> /etc/dhcp/dhclient.conf
+        grep -q '^supersede domain-search "";' /etc/dhcp/dhclient.conf 2>/dev/null || echo 'supersede domain-search "";' >>/etc/dhcp/dhclient.conf
-      grep -q '^supersede name "";' /etc/dhcp/dhclient.conf 2>/dev/null || echo 'supersede name "";' >> /etc/dhcp/dhclient.conf
+        grep -q '^supersede name "";' /etc/dhcp/dhclient.conf 2>/dev/null || echo 'supersede name "";' >>/etc/dhcp/dhclient.conf
-      systemctl restart resolvconf
+        systemctl restart resolvconf
-  fi
+    fi
-  # Some stupid things like rabbitmq-server used by onlyoffice won't work if
+    # Some stupid things like rabbitmq-server used by onlyoffice won't work if
-  # the *short* hostname doesn't exists in /etc/hosts -_-
+    # the *short* hostname doesn't exists in /etc/hosts -_-
-  short_hostname=$(hostname -s)
+    short_hostname=$(hostname -s)
-  grep -q "127.0.0.1.*$short_hostname" /etc/hosts || echo -e "\n127.0.0.1\t$short_hostname" >>/etc/hosts
+    grep -q "127.0.0.1.*$short_hostname" /etc/hosts || echo -e "\n127.0.0.1\t$short_hostname" >>/etc/hosts
-  [[ -n "$regen_conf_files" ]] || return
+    [[ -n "$regen_conf_files" ]] || return
-  # Remove / disable services likely to conflict with dnsmasq
+    # Remove / disable services likely to conflict with dnsmasq
-  for SERVICE in systemd-resolved bind9
+    for SERVICE in systemd-resolved bind9; do
-  do
+        systemctl is-enabled $SERVICE &>/dev/null && systemctl disable $SERVICE 2>/dev/null
-      systemctl is-enabled $SERVICE &>/dev/null && systemctl disable $SERVICE 2>/dev/null
+        systemctl is-active $SERVICE &>/dev/null && systemctl stop $SERVICE
-      systemctl is-active $SERVICE &>/dev/null && systemctl stop $SERVICE
+    done
  done
-  systemctl restart dnsmasq
+    systemctl restart dnsmasq
 }
 do_$1_regen ${@:2}
--- a/data/hooks/conf_regen/46-nsswitch
+++ b/data/hooks/conf_regen/46-nsswitch
@ -3,23 +3,23 @@
 set -e
 do_init_regen() {
-  do_pre_regen ""
+    do_pre_regen ""
-  systemctl restart unscd
+    systemctl restart unscd
 }
 do_pre_regen() {
-  pending_dir=$1
+    pending_dir=$1
-  cd /usr/share/yunohost/templates/nsswitch
+    cd /usr/share/yunohost/templates/nsswitch
-  install -D -m 644 nsswitch.conf "${pending_dir}/etc/nsswitch.conf"
+    install -D -m 644 nsswitch.conf "${pending_dir}/etc/nsswitch.conf"
 }
 do_post_regen() {
-  regen_conf_files=$1
+    regen_conf_files=$1
-  [[ -z "$regen_conf_files" ]] \
+    [[ -z "$regen_conf_files" ]] \
-    || systemctl restart unscd
+        || systemctl restart unscd
 }
 do_$1_regen ${@:2}
--- a/data/hooks/conf_regen/52-fail2ban
+++ b/data/hooks/conf_regen/52-fail2ban
@ -5,26 +5,26 @@ set -e
 . /usr/share/yunohost/helpers
 do_pre_regen() {
-  pending_dir=$1
+    pending_dir=$1
-  cd /usr/share/yunohost/templates/fail2ban
+    cd /usr/share/yunohost/templates/fail2ban
-  fail2ban_dir="${pending_dir}/etc/fail2ban"
+    fail2ban_dir="${pending_dir}/etc/fail2ban"
-  mkdir -p "${fail2ban_dir}/filter.d"
+    mkdir -p "${fail2ban_dir}/filter.d"
-  mkdir -p "${fail2ban_dir}/jail.d"
+    mkdir -p "${fail2ban_dir}/jail.d"
-  cp yunohost.conf "${fail2ban_dir}/filter.d/yunohost.conf"
+    cp yunohost.conf "${fail2ban_dir}/filter.d/yunohost.conf"
-  cp jail.conf "${fail2ban_dir}/jail.conf"
+    cp jail.conf "${fail2ban_dir}/jail.conf"
-  export ssh_port="$(yunohost settings get 'security.ssh.port')"
+    export ssh_port="$(yunohost settings get 'security.ssh.port')"
-  ynh_render_template "yunohost-jails.conf" "${fail2ban_dir}/jail.d/yunohost-jails.conf"
+    ynh_render_template "yunohost-jails.conf" "${fail2ban_dir}/jail.d/yunohost-jails.conf"
 }
 do_post_regen() {
-  regen_conf_files=$1
+    regen_conf_files=$1
-  [[ -z "$regen_conf_files" ]] \
+    [[ -z "$regen_conf_files" ]] \
-    || systemctl reload fail2ban
+        || systemctl reload fail2ban
 }
 do_$1_regen ${@:2}
--- a/data/hooks/restore/05-conf_ldap
+++ b/data/hooks/restore/05-conf_ldap
@ -14,11 +14,11 @@ die() {
    # Restore saved configuration and database
    [[ $state -ge 1 ]] \
-      && (rm -rf /etc/ldap/slapd.d &&
+        && (rm -rf /etc/ldap/slapd.d \
-          mv "${TMPDIR}/slapd.d" /etc/ldap/slapd.d)
+            && mv "${TMPDIR}/slapd.d" /etc/ldap/slapd.d)
    [[ $state -ge 2 ]] \
-      && (rm -rf /var/lib/ldap &&
+        && (rm -rf /var/lib/ldap \
-          mv "${TMPDIR}/ldap" /var/lib/ldap)
+            && mv "${TMPDIR}/ldap" /var/lib/ldap)
    chown -R openldap: /etc/ldap/slapd.d /var/lib/ldap
    systemctl start slapd
@ -38,7 +38,7 @@ cp -a "${backup_dir}/ldap.conf" /etc/ldap/ldap.conf
    || cp -a "${backup_dir}/slapd.conf" /etc/ldap/slapd.conf
 slapadd -F /etc/ldap/slapd.d -b cn=config \
    -l "${backup_dir}/cn=config.master.ldif" \
-  || die 1 "Unable to restore LDAP configuration"
+    || die 1 "Unable to restore LDAP configuration"
 chown -R openldap: /etc/ldap/slapd.d
 # Restore the database
@ -46,7 +46,7 @@ mv /var/lib/ldap "$TMPDIR"
 mkdir -p /var/lib/ldap
 slapadd -F /etc/ldap/slapd.d -b dc=yunohost,dc=org \
    -l "${backup_dir}/dc=yunohost-dc=org.ldif" \
-  || die 2 "Unable to restore LDAP database"
+    || die 2 "Unable to restore LDAP database"
 chown -R openldap: /var/lib/ldap
 systemctl start slapd
--- a/data/hooks/restore/50-conf_manually_modified_files
+++ b/data/hooks/restore/50-conf_manually_modified_files
@ -5,8 +5,7 @@ ynh_abort_if_errors
 YNH_CWD="${YNH_BACKUP_DIR%/}/conf/manually_modified_files"
 cd "$YNH_CWD"
-for file in $(cat ./manually_modified_files_list)
+for file in $(cat ./manually_modified_files_list); do
 do
    ynh_restore_file --origin_path="$file" --not_mandatory
 done
--- a/data/templates/dovecot/dovecot.conf
+++ b/data/templates/dovecot/dovecot.conf
@ -78,6 +78,20 @@ service quota-warning {
  }
 }
 service stats {
    unix_listener stats-reader {
        user = vmail
        group = mail
        mode = 0660
    }
    unix_listener stats-writer {
        user = vmail
        group = mail
        mode = 0660
    }
 }
 plugin {
  sieve = /var/mail/sievescript/%n/.dovecot.sieve
  sieve_dir = /var/mail/sievescript/%n/scripts/
--- a/debian/postinst
+++ b/debian/postinst
@ -3,36 +3,35 @@
 set -e
 do_configure() {
-  rm -rf /var/cache/moulinette/*
+    rm -rf /var/cache/moulinette/*
-  mkdir -p /usr/share/moulinette/actionsmap/
+    mkdir -p /usr/share/moulinette/actionsmap/
-  ln -sf /usr/share/yunohost/actionsmap/yunohost.yml /usr/share/moulinette/actionsmap/yunohost.yml
+    ln -sf /usr/share/yunohost/actionsmap/yunohost.yml /usr/share/moulinette/actionsmap/yunohost.yml
-  if [ ! -f /etc/yunohost/installed ]; then
+    if [ ! -f /etc/yunohost/installed ]; then
-      # If apps/ is not empty, we're probably already installed in the past and
+        # If apps/ is not empty, we're probably already installed in the past and
-      # something funky happened ...
+        # something funky happened ...
-      if [ -d /etc/yunohost/apps/ ] && ls /etc/yunohost/apps/* >/dev/null 2>&1
+        if [ -d /etc/yunohost/apps/ ] && ls /etc/yunohost/apps/* >/dev/null 2>&1; then
-      then
+            echo "Sounds like /etc/yunohost/installed mysteriously disappeared ... You should probably contact the Yunohost support ..."
-          echo "Sounds like /etc/yunohost/installed mysteriously disappeared ... You should probably contact the Yunohost support ..."
+        else
-      else
+            bash /usr/share/yunohost/hooks/conf_regen/01-yunohost init
-          bash /usr/share/yunohost/hooks/conf_regen/01-yunohost init
+            bash /usr/share/yunohost/hooks/conf_regen/02-ssl init
-          bash /usr/share/yunohost/hooks/conf_regen/02-ssl init
+            bash /usr/share/yunohost/hooks/conf_regen/09-nslcd init
-          bash /usr/share/yunohost/hooks/conf_regen/09-nslcd init
+            bash /usr/share/yunohost/hooks/conf_regen/46-nsswitch init
-          bash /usr/share/yunohost/hooks/conf_regen/46-nsswitch init
+            bash /usr/share/yunohost/hooks/conf_regen/06-slapd init
-          bash /usr/share/yunohost/hooks/conf_regen/06-slapd init
+            bash /usr/share/yunohost/hooks/conf_regen/15-nginx init
-          bash /usr/share/yunohost/hooks/conf_regen/15-nginx init
+            bash /usr/share/yunohost/hooks/conf_regen/37-mdns init
-          bash /usr/share/yunohost/hooks/conf_regen/37-mdns init
+        fi
-      fi
+    else
-  else
+        echo "Regenerating configuration, this might take a while..."
-      echo "Regenerating configuration, this might take a while..."
+        yunohost tools regen-conf --output-as none
      yunohost tools regen-conf --output-as none
-      echo "Launching migrations..."
+        echo "Launching migrations..."
-      yunohost tools migrations run --auto
+        yunohost tools migrations run --auto
-      echo "Re-diagnosing server health..."
+        echo "Re-diagnosing server health..."
-      yunohost diagnosis run --force
+        yunohost diagnosis run --force
-  fi
+    fi
 }
@ -50,13 +49,13 @@ do_configure() {
 case "$1" in
    configure)
        do_configure
-    ;;
+        ;;
-    abort-upgrade|abort-remove|abort-deconfigure)
+    abort-upgrade | abort-remove | abort-deconfigure) ;;
-    ;;
+
    *)
        echo "postinst called with unknown argument \`$1'" >&2
        exit 1
-    ;;
+        ;;
 esac
 #DEBHELPER#
--- a/debian/postrm
+++ b/debian/postrm
@ -6,12 +6,12 @@
 set -e
 if [ "$1" = "purge" ]; then
-   update-rc.d yunohost-firewall remove >/dev/null
+    update-rc.d yunohost-firewall remove >/dev/null
-   rm -f /etc/yunohost/installed
+    rm -f /etc/yunohost/installed
 fi
 if [ "$1" = "remove" ]; then
-   rm -f /etc/yunohost/installed
+    rm -f /etc/yunohost/installed
 fi
 # Reset dpkg vendor to debian
--- a/tests/test_helpers.d/ynhtest_secure_remove.sh
+++ b/tests/test_helpers.d/ynhtest_secure_remove.sh
@ -0,0 +1,71 @@
 ynhtest_acceptable_path_to_delete() {
    mkdir -p /home/someuser
    mkdir -p /home/$app
    mkdir -p /home/yunohost.app/$app
    mkdir -p /var/www/$app
    touch /var/www/$app/bar
    touch /etc/cron.d/$app
    ! _acceptable_path_to_delete /
    ! _acceptable_path_to_delete ////
    ! _acceptable_path_to_delete "    ////   "
    ! _acceptable_path_to_delete /var
    ! _acceptable_path_to_delete /var/www
    ! _acceptable_path_to_delete /var/cache
    ! _acceptable_path_to_delete /usr
    ! _acceptable_path_to_delete /usr/bin
    ! _acceptable_path_to_delete /home
    ! _acceptable_path_to_delete /home/yunohost.backup
    ! _acceptable_path_to_delete /home/yunohost.app
    ! _acceptable_path_to_delete /home/yunohost.app/
    ! _acceptable_path_to_delete ///home///yunohost.app///
    ! _acceptable_path_to_delete /home/yunohost.app/$app/..
    ! _acceptable_path_to_delete ///home///yunohost.app///$app///..//
    ! _acceptable_path_to_delete /home/yunohost.app/../$app/..
    ! _acceptable_path_to_delete /home/someuser
    ! _acceptable_path_to_delete /home/yunohost.app//../../$app
    ! _acceptable_path_to_delete "  /home/yunohost.app///  "
    ! _acceptable_path_to_delete /etc/cron.d/
    ! _acceptable_path_to_delete /etc/yunohost/
    _acceptable_path_to_delete /home/yunohost.app/$app
    _acceptable_path_to_delete /home/yunohost.app/$app/bar
    _acceptable_path_to_delete /etc/cron.d/$app
    _acceptable_path_to_delete /var/www/$app/bar
    _acceptable_path_to_delete /var/www/$app
    rm /var/www/$app/bar
    rm /etc/cron.d/$app
    rmdir /home/yunohost.app/$app
    rmdir /home/$app
    rmdir /home/someuser
    rmdir /var/www/$app
 }
 ynhtest_secure_remove() {
    mkdir -p /home/someuser
    mkdir -p /home/yunohost.app/$app
    mkdir -p /var/www/$app
    mkdir -p /var/whatever
    touch /var/www/$app/bar
    touch /etc/cron.d/$app
    ! ynh_secure_remove --file="/home/someuser"
    ! ynh_secure_remove --file="/home/yunohost.app/"
    ! ynh_secure_remove --file="/var/whatever"
    ynh_secure_remove --file="/home/yunohost.app/$app"
    ynh_secure_remove --file="/var/www/$app"
    ynh_secure_remove --file="/etc/cron.d/$app"
    test -e /home/someuser
    test -e /home/yunohost.app
    test -e /var/whatever
    ! test -e /home/yunohost.app/$app
    ! test -e /var/www/$app
    ! test -e /etc/cron.d/$app
    rmdir /home/someuser
    rmdir /var/whatever
 }