Update changelog for 11.2.30

Fix ynh_restore_everything

.gitlab-ci.yml

@@ -38,12 +38,17 @@ workflow:
     - if: $CI_COMMIT_TAG # For tags
     - if: $CI_COMMIT_REF_NAME == "ci-format-$CI_DEFAULT_BRANCH"  # Ignore black formatting branch created by the CI
       when: never
+    - if: $CI_COMMIT_REF_NAME == "actions/black"  # Ignore black formatting branch created by the CI
+      when: never
     - if: $CI_COMMIT_REF_NAME != $CI_DEFAULT_BRANCH  && $CI_PIPELINE_SOURCE == "push" # If it's not the default branch and if it's a push, then do not trigger a build
       when: never
     - when: always
 
 variables:
-  YNH_BUILD_DIR: "/ynh-build"
+  GIT_CLONE_PATH: '$CI_BUILDS_DIR/$CI_COMMIT_SHA/$CI_JOB_ID'
+  YNH_SOURCE: "https://github.com/yunohost"
+  YNH_DEBIAN: "bullseye"
+  YNH_SKIP_DIAGNOSIS_DURING_UPGRADE: "true"
 
 include:
   - template: Code-Quality.gitlab-ci.yml

.gitlab/ci/build.gitlab-ci.yml

@@ -1,21 +1,19 @@
 .build-stage:
   stage: build
-  image: "before-install"
+  image: "build-and-lint"
   variables:
-    YNH_SOURCE: "https://github.com/yunohost"
+    YNH_BUILD_DIR: "$GIT_CLONE_PATH/build"
   before_script:
     - mkdir -p $YNH_BUILD_DIR
-    - DEBIAN_FRONTEND=noninteractive apt update
   artifacts:
     paths:
       - ./*.deb
 
 .build_script: &build_script
-  - DEBIAN_FRONTEND=noninteractive apt --assume-yes -o Dpkg::Options::="--force-confold" install devscripts --no-install-recommends
   - cd $YNH_BUILD_DIR/$PACKAGE
   - VERSION=$(dpkg-parsechangelog -S Version 2>/dev/null)
-  - VERSION_NIGHTLY="${VERSION}+$(date +%Y%m%d%H%M)"
-  - dch --package "${PACKAGE}" --force-bad-version -v "${VERSION_NIGHTLY}" -D "unstable" --force-distribution "Daily build."
+  - VERSION_TIMESTAMPED="${VERSION}+$(date +%Y%m%d%H%M)"
+  - dch --package "${PACKAGE}" --force-bad-version -v "${VERSION_TIMESTAMPED}" -D "unstable" --force-distribution "CI build."
   - debuild --no-lintian -us -uc
   - cp $YNH_BUILD_DIR/*.deb ${CI_PROJECT_DIR}/
   - cd ${CI_PROJECT_DIR}
@@ -36,14 +34,12 @@ build-yunohost:
     - DEBIAN_FRONTEND=noninteractive apt --assume-yes -o Dpkg::Options::="--force-confold" build-dep $YNH_BUILD_DIR/$PACKAGE
     - *build_script
 
-
 build-ssowat:
   extends: .build-stage
   variables:
     PACKAGE: "ssowat"
   script:
-    - DEBIAN_DEPENDS=$(cat debian/control | tr "," "\n" | grep -Po "ssowat \([>,=,<]+ .*\)" | grep -Po "[0-9\.]+")
-    - git clone $YNH_SOURCE/$PACKAGE -b $CI_COMMIT_REF_NAME $YNH_BUILD_DIR/$PACKAGE --depth 1 || git clone $YNH_SOURCE/$PACKAGE -b $DEBIAN_DEPENDS $YNH_BUILD_DIR/$PACKAGE --depth 1 || git clone $YNH_SOURCE/$PACKAGE $YNH_BUILD_DIR/$PACKAGE --depth 1
+    - git clone $YNH_SOURCE/$PACKAGE -b $CI_COMMIT_REF_NAME $YNH_BUILD_DIR/$PACKAGE --depth 1 || git clone $YNH_SOURCE/$PACKAGE -b $YNH_DEBIAN $YNH_BUILD_DIR/$PACKAGE --depth 1 || git clone $YNH_SOURCE/$PACKAGE $YNH_BUILD_DIR/$PACKAGE --depth 1
     - DEBIAN_FRONTEND=noninteractive apt --assume-yes -o Dpkg::Options::="--force-confold" build-dep $YNH_BUILD_DIR/$PACKAGE
     - *build_script
 
@@ -52,7 +48,6 @@ build-moulinette:
   variables:
     PACKAGE: "moulinette"
   script:
-    - DEBIAN_DEPENDS=$(cat debian/control | tr "," "\n" | grep -Po "moulinette \([>,=,<]+ .*\)" | grep -Po "[0-9\.]+")
-    - git clone $YNH_SOURCE/$PACKAGE -b $CI_COMMIT_REF_NAME $YNH_BUILD_DIR/$PACKAGE --depth 1 || git clone $YNH_SOURCE/$PACKAGE -b $DEBIAN_DEPENDS $YNH_BUILD_DIR/$PACKAGE --depth 1 || git clone $YNH_SOURCE/$PACKAGE $YNH_BUILD_DIR/$PACKAGE --depth 1
+    - git clone $YNH_SOURCE/$PACKAGE -b $CI_COMMIT_REF_NAME $YNH_BUILD_DIR/$PACKAGE --depth 1 || git clone $YNH_SOURCE/$PACKAGE -b $YNH_DEBIAN $YNH_BUILD_DIR/$PACKAGE --depth 1 || git clone $YNH_SOURCE/$PACKAGE $YNH_BUILD_DIR/$PACKAGE --depth 1
     - DEBIAN_FRONTEND=noninteractive apt --assume-yes -o Dpkg::Options::="--force-confold" build-dep $YNH_BUILD_DIR/$PACKAGE
     - *build_script

.gitlab/ci/doc.gitlab-ci.yml

@@ -4,10 +4,9 @@
 
 generate-helpers-doc:
   stage: doc
-  image: "before-install"
+  image: "build-and-lint"
   needs: []
   before_script:
-    - apt-get update -y && apt-get install git hub -y
     - git config --global user.email "yunohost@yunohost.org"
     - git config --global user.name "$GITHUB_USER"
   script:

.gitlab/ci/install.gitlab-ci.yml

@@ -14,9 +14,8 @@
 
 upgrade:
   extends: .install-stage
-  image: "after-install"
+  image: "core-tests"
   script:
-    - apt-get update -o Acquire::Retries=3
     - DEBIAN_FRONTEND=noninteractive SUDO_FORCE_REMOVE=yes apt --assume-yes -o Dpkg::Options::="--force-confold" --allow-downgrades install ${CI_PROJECT_DIR}/*.deb
 
 
@@ -24,6 +23,5 @@ install-postinstall:
   extends: .install-stage
   image: "before-install"
   script:
-    - apt-get update -o Acquire::Retries=3
     - DEBIAN_FRONTEND=noninteractive SUDO_FORCE_REMOVE=yes apt --assume-yes -o Dpkg::Options::="--force-confold" --allow-downgrades install ${CI_PROJECT_DIR}/*.deb
     - yunohost tools postinstall -d domain.tld -u syssa -F 'Syssa Mine' -p the_password --ignore-dyndns --force-diskspace

.gitlab/ci/lint.gitlab-ci.yml

@@ -5,7 +5,7 @@
 
 lint39:
   stage: lint
-  image: "before-install"
+  image: "build-and-lint"
   needs: []
   allow_failure: true
   script:
@@ -13,14 +13,14 @@ lint39:
 
 invalidcode39:
   stage: lint
-  image: "before-install"
+  image: "build-and-lint"
   needs: []
   script:
     - tox -e py39-invalidcode
 
 mypy:
   stage: lint
-  image: "before-install"
+  image: "build-and-lint"
   needs: []
   script:
     - tox -e py39-mypy

.gitlab/ci/test.gitlab-ci.yml

@@ -1,11 +1,9 @@
 .install_debs: &install_debs
-    - apt-get update -o Acquire::Retries=3
     - DEBIAN_FRONTEND=noninteractive SUDO_FORCE_REMOVE=yes apt --assume-yes -o Dpkg::Options::="--force-confold" --allow-downgrades install ${CI_PROJECT_DIR}/*.deb
-    - pip3 install -U mock pip pytest pytest-cov pytest-mock pytest-sugar requests-mock tox ansi2html black jinja2 "packaging<22"
 
 .test-stage:
   stage: test
-  image: "after-install"
+  image: "core-tests"
   variables:
     PYTEST_ADDOPTS: "--color=yes"
   before_script:
@@ -34,6 +32,7 @@ full-tests:
     PYTEST_ADDOPTS: "--color=yes"
   before_script:
     - *install_debs
+    - pip install mock pip pyOpenSSL pytest pytest-cov pytest-mock pytest-sugar requests-mock "packaging<22"
     - yunohost tools postinstall -d domain.tld -u syssa -F 'Syssa Mine' -p the_password --ignore-dyndns --force-diskspace
   script:
     - python3 -m pytest --cov=yunohost tests/ src/tests/ --junitxml=report.xml

.gitlab/ci/translation.gitlab-ci.yml

@@ -13,10 +13,9 @@ test-i18n-keys:
 
 autofix-translated-strings:
   stage: translation
-  image: "before-install"
+  image: "build-and-lint"
   needs: []
   before_script:
-    - apt-get update -y && apt-get install git hub -y
     - git config --global user.email "yunohost@yunohost.org"
     - git config --global user.name "$GITHUB_USER"
     - hub clone --branch ${CI_COMMIT_REF_NAME} "https://$GITHUB_TOKEN:x-oauth-basic@github.com/YunoHost/yunohost.git" github_repo

conf/metronome/domain.tpl.cfg.lua

@@ -1,28 +1,28 @@
 VirtualHost "{{ domain }}"
-  enable = true
-  ssl = {
-        key = "/etc/yunohost/certs/{{ domain }}/key.pem";
-        certificate = "/etc/yunohost/certs/{{ domain }}/crt.pem";
-  }
-  authentication = "ldap2"
-  ldap = {
-     hostname      = "localhost",
-     user = {
-       basedn        = "ou=users,dc=yunohost,dc=org",
-       filter        = "(&(objectClass=posixAccount)(mail=*@{{ domain }})(permission=cn=xmpp.main,ou=permission,dc=yunohost,dc=org))",
-       usernamefield = "mail",
-       namefield     = "cn",
-       },
-  }
+    enable = true
+    ssl = {
+                key = "/etc/yunohost/certs/{{ domain }}/key.pem";
+                certificate = "/etc/yunohost/certs/{{ domain }}/crt.pem";
+    }
+    authentication = "ldap2"
+    ldap = {
+         hostname      = "localhost",
+         user = {
+             basedn        = "ou=users,dc=yunohost,dc=org",
+             filter        = "(&(objectClass=posixAccount)(mail=*@{{ domain }})(permission=cn=xmpp.main,ou=permission,dc=yunohost,dc=org))",
+             usernamefield = "mail",
+             namefield     = "cn",
+             },
+    }
 
-  -- Discovery items
-  disco_items = {
-    { "muc.{{ domain }}" },
-    { "pubsub.{{ domain }}" },
-    { "jabber.{{ domain }}" },
-    { "vjud.{{ domain }}" },
-    { "xmpp-upload.{{ domain }}" },
-  };
+    -- Discovery items
+    disco_items = {
+        { "muc.{{ domain }}" },
+        { "pubsub.{{ domain }}" },
+        { "jabber.{{ domain }}" },
+        { "vjud.{{ domain }}" },
+        { "xmpp-upload.{{ domain }}" },
+    };
 
 --  contact_info = {
 --    abuse = { "mailto:abuse@{{ domain }}", "xmpp:admin@{{ domain }}" };
@@ -35,41 +35,41 @@ VirtualHost "{{ domain }}"
 
 ---Set up a MUC (multi-user chat) room server
 Component "muc.{{ domain }}" "muc"
-  name = "{{ domain }} Chatrooms"
+    name = "{{ domain }} Chatrooms"
 
-  modules_enabled = {
-    "muc_limits";
-    "muc_log";
-    "muc_log_mam";
-    "muc_log_http";
-    "muc_vcard";
-  }
+    modules_enabled = {
+        "muc_limits";
+        "muc_log";
+        "muc_log_mam";
+        "muc_log_http";
+        "muc_vcard";
+    }
 
-  muc_event_rate = 0.5
-  muc_burst_factor = 10
-  room_default_config = {
-    logging = true,
-    persistent = true
-  };
+    muc_event_rate = 0.5
+    muc_burst_factor = 10
+    room_default_config = {
+        logging = true,
+        persistent = true
+    };
 
 ---Set up a PubSub server
 Component "pubsub.{{ domain }}" "pubsub"
-  name = "{{ domain }} Publish/Subscribe"
+    name = "{{ domain }} Publish/Subscribe"
 
-  unrestricted_node_creation = true -- Anyone can create a PubSub node (from any server)
+    unrestricted_node_creation = true -- Anyone can create a PubSub node (from any server)
 
 ---Set up a HTTP Upload service
 Component "xmpp-upload.{{ domain }}" "http_upload"
-  name = "{{ domain }} Sharing Service"
+    name = "{{ domain }} Sharing Service"
 
-  http_file_path = "/var/xmpp-upload/{{ domain }}/upload"
-  http_external_url = "https://xmpp-upload.{{ domain }}:443"
-  http_file_base_path = "/upload"
-  http_file_size_limit = 6*1024*1024
-  http_file_quota = 60*1024*1024
-  http_upload_file_size_limit = 100 * 1024 * 1024 -- bytes
-  http_upload_quota = 10 * 1024 * 1024 * 1024 -- bytes
+    http_file_path = "/var/xmpp-upload/{{ domain }}/upload"
+    http_external_url = "https://xmpp-upload.{{ domain }}:443"
+    http_file_base_path = "/upload"
+    http_file_size_limit = 6*1024*1024
+    http_file_quota = 60*1024*1024
+    http_upload_file_size_limit = 100 * 1024 * 1024 -- bytes
+    http_upload_quota = 10 * 1024 * 1024 * 1024 -- bytes
 
 ---Set up a VJUD service
 Component "vjud.{{ domain }}" "vjud"
-  vjud_disco_name = "{{ domain }} User Directory"
+    vjud_disco_name = "{{ domain }} User Directory"

conf/metronome/metronome.cfg.lua

@@ -1,72 +1,72 @@
 -- ** Metronome's config file example **
--- 
+--
 -- The format is exactly equal to Prosody's:
 --
--- Lists are written { "like", "this", "one" } 
--- Lists can also be of { 1, 2, 3 } numbers, etc. 
+-- Lists are written { "like", "this", "one" }
+-- Lists can also be of { 1, 2, 3 } numbers, etc.
 -- Either commas, or semi-colons; may be used as seperators.
 --
--- A table is a list of values, except each value has a name. An 
+-- A table is a list of values, except each value has a name. An
 -- example would be:
 --
 -- ssl = { key = "keyfile.key", certificate = "certificate.cert" }
 --
 -- Tip: You can check that the syntax of this file is correct when you have finished
 -- by running: luac -p metronome.cfg.lua
--- If there are any errors, it will let you know what and where they are, otherwise it 
+-- If there are any errors, it will let you know what and where they are, otherwise it
 -- will keep quiet.
 
 -- Global settings go in this section
- 
+
 -- This is the list of modules Metronome will load on startup.
 -- It looks for mod_modulename.lua in the plugins folder, so make sure that exists too.
 
 modules_enabled = {
-	-- Generally required
-		"roster"; -- Allow users to have a roster. Recommended.
-		"saslauth"; -- Authentication for clients. Recommended if you want to log in.
-		"tls"; -- Add support for secure TLS on c2s/s2s connections
-		"disco"; -- Service discovery
- 
-	-- Not essential, but recommended
-		"private"; -- Private XML storage (for room bookmarks, etc.)
-		"vcard"; -- Allow users to set vCards
-		"pep"; -- Allows setting of mood, tune, etc.
-		"pubsub";  -- Publish-subscribe XEP-0060
-		"posix"; -- POSIX functionality, sends server to background, enables syslog, etc.
-		"bidi"; -- Enables Bidirectional Server-to-Server Streams.
- 
-	-- Nice to have
-		"version"; -- Replies to server version requests
-		"uptime"; -- Report how long server has been running
-		"time"; -- Let others know the time here on this server
-		"ping"; -- Replies to XMPP pings with pongs
-		"register"; -- Allow users to register on this server using a client and change passwords
-		"stream_management"; -- Allows clients and servers to use Stream Management
-		"stanza_optimizations"; -- Allows clients to use Client State Indication and SIFT
-		"message_carbons"; -- Allows clients to enable carbon copies of messages
-		"mam"; -- Enable server-side message archives using Message Archive Management
-		"push"; -- Enable Push Notifications via PubSub using XEP-0357
-		"lastactivity"; -- Enables clients to know the last presence status of an user
-		"adhoc_cm"; -- Allow to set client certificates to login through SASL External via adhoc
-		"admin_adhoc"; -- administration adhoc commands
-		"bookmarks"; -- XEP-0048 Bookmarks synchronization between PEP and Private Storage
-		"sec_labels"; -- Allows to use a simplified version XEP-0258 Security Labels and related ACDFs.
-		"privacy"; -- Add privacy lists and simple blocking command support
+    -- Generally required
+        "roster"; -- Allow users to have a roster. Recommended.
+        "saslauth"; -- Authentication for clients. Recommended if you want to log in.
+        "tls"; -- Add support for secure TLS on c2s/s2s connections
+        "disco"; -- Service discovery
 
-		-- Other specific functionality
-		--"admin_telnet"; -- administration console, telnet to port 5582
-		--"admin_web"; -- administration web interface
-		"bosh"; -- Enable support for BOSH clients, aka "XMPP over Bidirectional Streams over Synchronous HTTP"
-		--"compression"; -- Allow clients to enable Stream Compression
-		--"spim_block"; -- Require authorization via OOB form for messages from non-contacts and block unsollicited messages
-		--"gate_guard"; -- Enable config-based blacklisting and hit-based auto-banning features
-		--"incidents_handling"; -- Enable Incidents Handling support (can be administered via adhoc commands)
-		--"server_presence"; -- Enables Server Buddies extension support
-		--"service_directory"; -- Enables Service Directories extension support
-		--"public_service"; -- Enables Server vCard support for public services in directories and advertises in features
-		--"register_api"; -- Provides secure API for both Out-Of-Band and In-Band registration for E-Mail verification
-		"websocket"; -- Enable support for WebSocket clients, aka "XMPP over WebSockets"
+    -- Not essential, but recommended
+        "private"; -- Private XML storage (for room bookmarks, etc.)
+        "vcard"; -- Allow users to set vCards
+        "pep"; -- Allows setting of mood, tune, etc.
+        "pubsub";  -- Publish-subscribe XEP-0060
+        "posix"; -- POSIX functionality, sends server to background, enables syslog, etc.
+        "bidi"; -- Enables Bidirectional Server-to-Server Streams.
+
+    -- Nice to have
+        "version"; -- Replies to server version requests
+        "uptime"; -- Report how long server has been running
+        "time"; -- Let others know the time here on this server
+        "ping"; -- Replies to XMPP pings with pongs
+        "register"; -- Allow users to register on this server using a client and change passwords
+        "stream_management"; -- Allows clients and servers to use Stream Management
+        "stanza_optimizations"; -- Allows clients to use Client State Indication and SIFT
+        "message_carbons"; -- Allows clients to enable carbon copies of messages
+        "mam"; -- Enable server-side message archives using Message Archive Management
+        "push"; -- Enable Push Notifications via PubSub using XEP-0357
+        "lastactivity"; -- Enables clients to know the last presence status of an user
+        "adhoc_cm"; -- Allow to set client certificates to login through SASL External via adhoc
+        "admin_adhoc"; -- administration adhoc commands
+        "bookmarks"; -- XEP-0048 Bookmarks synchronization between PEP and Private Storage
+        "sec_labels"; -- Allows to use a simplified version XEP-0258 Security Labels and related ACDFs.
+        "privacy"; -- Add privacy lists and simple blocking command support
+
+        -- Other specific functionality
+        --"admin_telnet"; -- administration console, telnet to port 5582
+        --"admin_web"; -- administration web interface
+        "bosh"; -- Enable support for BOSH clients, aka "XMPP over Bidirectional Streams over Synchronous HTTP"
+        --"compression"; -- Allow clients to enable Stream Compression
+        --"spim_block"; -- Require authorization via OOB form for messages from non-contacts and block unsollicited messages
+        --"gate_guard"; -- Enable config-based blacklisting and hit-based auto-banning features
+        --"incidents_handling"; -- Enable Incidents Handling support (can be administered via adhoc commands)
+        --"server_presence"; -- Enables Server Buddies extension support
+        --"service_directory"; -- Enables Service Directories extension support
+        --"public_service"; -- Enables Server vCard support for public services in directories and advertises in features
+        --"register_api"; -- Provides secure API for both Out-Of-Band and In-Band registration for E-Mail verification
+        "websocket"; -- Enable support for WebSocket clients, aka "XMPP over WebSockets"
 };
 
 -- Server PID
@@ -102,10 +102,10 @@ csi_config_queue_all_muc_messages_but_mentions = false;
 
 -- Logging configuration
 log = {
-	info = "/var/log/metronome/metronome.log"; -- Change 'info' to 'debug' for verbose logging
-	error = "/var/log/metronome/metronome.err";
-	-- "*syslog"; -- Uncomment this for logging to syslog
-	-- "*console"; -- Log to the console, useful for debugging with daemonize=false
+    info = "/var/log/metronome/metronome.log"; -- Change 'info' to 'debug' for verbose logging
+    error = "/var/log/metronome/metronome.err";
+    -- "*syslog"; -- Uncomment this for logging to syslog
+    -- "*console"; -- Log to the console, useful for debugging with daemonize=false
 }
 
 ------ Components ------
@@ -114,7 +114,7 @@ log = {
 
 ---Set up a local BOSH service
 Component "localhost" "http"
-	modules_enabled = { "bosh" }
+    modules_enabled = { "bosh" }
 
 ----------- Virtual hosts -----------
 -- You need to add a VirtualHost entry for each domain you wish Metronome to serve.

conf/metronome/modules/mod_auth_ldap2.lua

@@ -23,68 +23,68 @@ if not ldap then
 end
 
 function new_default_provider(host)
- local provider = { name = "ldap2" };
- log("debug", "initializing ldap2 authentication provider for host '%s'", host);
+    local provider = { name = "ldap2" };
+    log("debug", "initializing ldap2 authentication provider for host '%s'", host);
 
- function provider.test_password(username, password)
-     return ldap.bind(username, password);
- end
+    function provider.test_password(username, password)
+        return ldap.bind(username, password);
+    end
 
- function provider.user_exists(username)
-     local params = ldap.getparams()
+    function provider.user_exists(username)
+        local params = ldap.getparams()
 
-     local filter = ldap.filter.combine_and(params.user.filter, params.user.usernamefield .. '=' .. username);
-     if params.user.usernamefield == 'mail' then
-         filter = ldap.filter.combine_and(params.user.filter, 'mail=' .. username .. '@*');
-     end
+        local filter = ldap.filter.combine_and(params.user.filter, params.user.usernamefield .. '=' .. username);
+        if params.user.usernamefield == 'mail' then
+            filter = ldap.filter.combine_and(params.user.filter, 'mail=' .. username .. '@*');
+        end
 
-     return ldap.singlematch {
-         base   = params.user.basedn,
-         filter = filter,
-     };
- end
+        return ldap.singlematch {
+            base   = params.user.basedn,
+            filter = filter,
+        };
+    end
 
- function provider.get_password(username)
-     return nil, "Passwords unavailable for LDAP.";
- end
+    function provider.get_password(username)
+        return nil, "Passwords unavailable for LDAP.";
+    end
 
- function provider.set_password(username, password)
-     return nil, "Passwords unavailable for LDAP.";
- end
+    function provider.set_password(username, password)
+        return nil, "Passwords unavailable for LDAP.";
+    end
 
- function provider.create_user(username, password)
-     return nil, "Account creation/modification not available with LDAP.";
- end
+    function provider.create_user(username, password)
+        return nil, "Account creation/modification not available with LDAP.";
+    end
 
- function provider.get_sasl_handler(session)
-     local testpass_authentication_profile = {
-         session = session,
-         plain_test = function(sasl, username, password, realm)
-             return provider.test_password(username, password), true;
-         end,
-         order = { "plain_test" },
-     };
-     return new_sasl(module.host, testpass_authentication_profile);
- end
+    function provider.get_sasl_handler(session)
+        local testpass_authentication_profile = {
+            session = session,
+            plain_test = function(sasl, username, password, realm)
+                return provider.test_password(username, password), true;
+            end,
+            order = { "plain_test" },
+        };
+        return new_sasl(module.host, testpass_authentication_profile);
+    end
 
- function provider.is_admin(jid)
-     local admin_config = ldap.getparams().admin;
+    function provider.is_admin(jid)
+        local admin_config = ldap.getparams().admin;
 
-     if not admin_config then
-         return;
-     end
+        if not admin_config then
+            return;
+        end
 
-     local ld       = ldap:getconnection();
-     local username = jsplit(jid);
-     local filter   = ldap.filter.combine_and(admin_config.filter, admin_config.namefield .. '=' .. username);
+        local ld       = ldap:getconnection();
+        local username = jsplit(jid);
+        local filter   = ldap.filter.combine_and(admin_config.filter, admin_config.namefield .. '=' .. username);
 
-     return ldap.singlematch {
-         base   = admin_config.basedn,
-         filter = filter,
-     };
- end
+        return ldap.singlematch {
+            base   = admin_config.basedn,
+            filter = filter,
+        };
+    end
 
- return provider;
+    return provider;
 end
 
 module:add_item("auth-provider", new_default_provider(module.host));

conf/metronome/modules/mod_legacyauth.lua

@@ -1,7 +1,7 @@
 -- Prosody IM
 -- Copyright (C) 2008-2010 Matthew Wild
 -- Copyright (C) 2008-2010 Waqas Hussain
--- 
+--
 -- This project is MIT/X11 licensed. Please see the
 -- COPYING file in the source package for more information.
 --
@@ -12,8 +12,8 @@ local st = require "util.stanza";
 local t_concat = table.concat;
 
 local secure_auth_only = module:get_option("c2s_require_encryption")
-	or module:get_option("require_encryption")
-	or not(module:get_option("allow_unencrypted_plain_auth"));
+    or module:get_option("require_encryption")
+    or not(module:get_option("allow_unencrypted_plain_auth"));
 
 local sessionmanager = require "core.sessionmanager";
 local usermanager = require "core.usermanager";
@@ -22,66 +22,65 @@ local resourceprep = require "util.encodings".stringprep.resourceprep;
 
 module:add_feature("jabber:iq:auth");
 module:hook("stream-features", function(event)
-	local origin, features = event.origin, event.features;
-	if secure_auth_only and not origin.secure then
-		-- Sorry, not offering to insecure streams!
-		return;
-	elseif not origin.username then
-		features:tag("auth", {xmlns='http://jabber.org/features/iq-auth'}):up();
-	end
+    local origin, features = event.origin, event.features;
+    if secure_auth_only and not origin.secure then
+        -- Sorry, not offering to insecure streams!
+        return;
+    elseif not origin.username then
+        features:tag("auth", {xmlns='http://jabber.org/features/iq-auth'}):up();
+    end
 end);
 
 module:hook("stanza/iq/jabber:iq:auth:query", function(event)
-	local session, stanza = event.origin, event.stanza;
+    local session, stanza = event.origin, event.stanza;
 
-	if session.type ~= "c2s_unauthed" then
-		(session.sends2s or session.send)(st.error_reply(stanza, "cancel", "service-unavailable", "Legacy authentication is only allowed for unauthenticated client connections."));
-		return true;
-	end
+    if session.type ~= "c2s_unauthed" then
+        (session.sends2s or session.send)(st.error_reply(stanza, "cancel", "service-unavailable", "Legacy authentication is only allowed for unauthenticated client connections."));
+        return true;
+    end
 
-	if secure_auth_only and not session.secure then
-		session.send(st.error_reply(stanza, "modify", "not-acceptable", "Encryption (SSL or TLS) is required to connect to this server"));
-		return true;
-	end
-	
-	local username = stanza.tags[1]:child_with_name("username");
-	local password = stanza.tags[1]:child_with_name("password");
-	local resource = stanza.tags[1]:child_with_name("resource");
-	if not (username and password and resource) then
-		local reply = st.reply(stanza);
-		session.send(reply:query("jabber:iq:auth")
-			:tag("username"):up()
-			:tag("password"):up()
-			:tag("resource"):up());
-	else
-		username, password, resource = t_concat(username), t_concat(password), t_concat(resource);
-		username = nodeprep(username);
-		resource = resourceprep(resource)
-		if not (username and resource) then
-			session.send(st.error_reply(stanza, "modify", "bad-request"));
-			return true;
-		end
-		if usermanager.test_password(username, session.host, password) then
-			-- Authentication successful!
-			local success, err = sessionmanager.make_authenticated(session, username);
-			if success then
-				local err_type, err_msg;
-				success, err_type, err, err_msg = sessionmanager.bind_resource(session, resource);
-				if not success then
-					session.send(st.error_reply(stanza, err_type, err, err_msg));
-					session.username, session.type = nil, "c2s_unauthed"; -- FIXME should this be placed in sessionmanager?
-					return true;
-				elseif resource ~= session.resource then -- server changed resource, not supported by legacy auth
-					session.send(st.error_reply(stanza, "cancel", "conflict", "The requested resource could not be assigned to this session."));
-					session:close(); -- FIXME undo resource bind and auth instead of closing the session?
-					return true;
-				end
-			end
-			session.send(st.reply(stanza));
-		else
-			session.send(st.error_reply(stanza, "auth", "not-authorized"));
-		end
-	end
-	return true;
+    if secure_auth_only and not session.secure then
+        session.send(st.error_reply(stanza, "modify", "not-acceptable", "Encryption (SSL or TLS) is required to connect to this server"));
+        return true;
+    end
+
+    local username = stanza.tags[1]:child_with_name("username");
+    local password = stanza.tags[1]:child_with_name("password");
+    local resource = stanza.tags[1]:child_with_name("resource");
+    if not (username and password and resource) then
+        local reply = st.reply(stanza);
+        session.send(reply:query("jabber:iq:auth")
+            :tag("username"):up()
+            :tag("password"):up()
+            :tag("resource"):up());
+    else
+        username, password, resource = t_concat(username), t_concat(password), t_concat(resource);
+        username = nodeprep(username);
+        resource = resourceprep(resource)
+        if not (username and resource) then
+            session.send(st.error_reply(stanza, "modify", "bad-request"));
+            return true;
+        end
+        if usermanager.test_password(username, session.host, password) then
+            -- Authentication successful!
+            local success, err = sessionmanager.make_authenticated(session, username);
+            if success then
+                local err_type, err_msg;
+                success, err_type, err, err_msg = sessionmanager.bind_resource(session, resource);
+                if not success then
+                    session.send(st.error_reply(stanza, err_type, err, err_msg));
+                    session.username, session.type = nil, "c2s_unauthed"; -- FIXME should this be placed in sessionmanager?
+                    return true;
+                elseif resource ~= session.resource then -- server changed resource, not supported by legacy auth
+                    session.send(st.error_reply(stanza, "cancel", "conflict", "The requested resource could not be assigned to this session."));
+                    session:close(); -- FIXME undo resource bind and auth instead of closing the session?
+                    return true;
+                end
+            end
+            session.send(st.reply(stanza));
+        else
+            session.send(st.error_reply(stanza, "auth", "not-authorized"));
+        end
+    end
+    return true;
 end);
-

conf/metronome/modules/mod_storage_ldap.lua

@@ -43,35 +43,35 @@ end
 local get_alias_for_user;
 
 do
-  local user_cache;
-  local last_fetch_time;
+    local user_cache;
+    local last_fetch_time;
 
-  local function populate_user_cache()
-      local user_c = get_config(module.host, 'ldap').user;
-      if not user_c then return; end
+    local function populate_user_cache()
+        local user_c = get_config(module.host, 'ldap').user;
+        if not user_c then return; end
 
-      local ld = ldap.getconnection();
+        local ld = ldap.getconnection();
 
-      local usernamefield = user_c.usernamefield;
-      local namefield     = user_c.namefield;
+        local usernamefield = user_c.usernamefield;
+        local namefield     = user_c.namefield;
 
-      user_cache = {};
+        user_cache = {};
 
-      for _, attrs in ld:search { base = user_c.basedn, scope = 'onelevel', filter = user_c.filter } do
-          user_cache[attrs[usernamefield]] = attrs[namefield];
-      end
-      last_fetch_time = gettime();
-  end
+        for _, attrs in ld:search { base = user_c.basedn, scope = 'onelevel', filter = user_c.filter } do
+            user_cache[attrs[usernamefield]] = attrs[namefield];
+        end
+        last_fetch_time = gettime();
+    end
 
-  function get_alias_for_user(user)
-      if last_fetch_time and last_fetch_time + CACHE_EXPIRY < gettime() then
-          user_cache = nil;
-      end
-      if not user_cache then
-          populate_user_cache();
-      end
-      return user_cache[user];
-  end
+    function get_alias_for_user(user)
+        if last_fetch_time and last_fetch_time + CACHE_EXPIRY < gettime() then
+            user_cache = nil;
+        end
+        if not user_cache then
+            populate_user_cache();
+        end
+        return user_cache[user];
+    end
 end
 
 ----------------------------------------
@@ -79,18 +79,18 @@ end
 ----------------------------------------
 
 local function ldap_store(config)
-  local self = {};
-  local config = config;
+    local self = {};
+    local config = config;
 
-  function self:get(username)
-      return nil, "Data getting is not available for this storage backend";
-  end
+    function self:get(username)
+        return nil, "Data getting is not available for this storage backend";
+    end
 
-  function self:set(username, data)
-      return nil, "Data setting is not available for this storage backend";
-  end
+    function self:set(username, data)
+        return nil, "Data setting is not available for this storage backend";
+    end
 
-  return self;
+    return self;
 end
 
 local adapters = {};
@@ -100,60 +100,60 @@ local adapters = {};
 ----------------------------------------
 
 adapters.roster = function (config)
-  -- Validate configuration requirements
-  if not config.groups then return nil; end
+    -- Validate configuration requirements
+    if not config.groups then return nil; end
 
-  local self = ldap_store(config)
+    local self = ldap_store(config)
 
-  function self:get(username)
-      local ld = ldap.getconnection();
-      local contacts = {};
+    function self:get(username)
+        local ld = ldap.getconnection();
+        local contacts = {};
 
-      local memberfield = config.groups.memberfield;
-      local namefield   = config.groups.namefield;
-      local filter      = memberfield .. '=' .. tostring(username);
+        local memberfield = config.groups.memberfield;
+        local namefield   = config.groups.namefield;
+        local filter      = memberfield .. '=' .. tostring(username);
 
-      local groups = {};
-      for _, config in ipairs(config.groups) do
-          groups[ config[namefield] ] = config.name;
-      end
+        local groups = {};
+        for _, config in ipairs(config.groups) do
+            groups[ config[namefield] ] = config.name;
+        end
 
-      log("debug", "Found %d group(s) for user %s", select('#', groups), username)
+        log("debug", "Found %d group(s) for user %s", select('#', groups), username)
 
-      -- XXX this kind of relies on the way we do groups at INOC
-      for _, attrs in ld:search { base = config.groups.basedn, scope = 'onelevel', filter = filter } do
-          if groups[ attrs[namefield] ] then
-              local members = attrs[memberfield];
+        -- XXX this kind of relies on the way we do groups at INOC
+        for _, attrs in ld:search { base = config.groups.basedn, scope = 'onelevel', filter = filter } do
+            if groups[ attrs[namefield] ] then
+                local members = attrs[memberfield];
 
-              for _, user in ipairs(members) do
-                  if user ~= username then
-                      local jid    = user .. '@' .. module.host;
-                      local record = contacts[jid];
+                for _, user in ipairs(members) do
+                    if user ~= username then
+                        local jid    = user .. '@' .. module.host;
+                        local record = contacts[jid];
 
-                      if not record then
-                          record = {
-                              subscription = 'both',
-                              groups       = {},
-                              name         = get_alias_for_user(user),
-                          };
-                          contacts[jid] = record;
-                      end
+                        if not record then
+                            record = {
+                                subscription = 'both',
+                                groups       = {},
+                                name         = get_alias_for_user(user),
+                            };
+                            contacts[jid] = record;
+                        end
 
-                      record.groups[ groups[ attrs[namefield] ] ] = true;
-                  end
-              end
-          end
-      end
+                        record.groups[ groups[ attrs[namefield] ] ] = true;
+                    end
+                end
+            end
+        end
 
-      return contacts;
-  end
+        return contacts;
+    end
 
-  function self:set(username, data)
-      log("warn", "Setting data in Roster LDAP storage is not supported yet")
-      return nil, "not supported";
-  end
+    function self:set(username, data)
+        log("warn", "Setting data in Roster LDAP storage is not supported yet")
+        return nil, "not supported";
+    end
 
-  return self;
+    return self;
 end
 
 ----------------------------------------
@@ -161,35 +161,35 @@ end
 ----------------------------------------
 
 adapters.vcard = function (config)
-  -- Validate configuration requirements
-  if not config.vcard_format or not config.user then return nil; end
+    -- Validate configuration requirements
+    if not config.vcard_format or not config.user then return nil; end
 
-  local self = ldap_store(config)
+    local self = ldap_store(config)
 
-  function self:get(username)
-      local ld     = ldap.getconnection();
-      local filter = config.user.usernamefield .. '=' .. tostring(username);
+    function self:get(username)
+        local ld     = ldap.getconnection();
+        local filter = config.user.usernamefield .. '=' .. tostring(username);
 
-      log("debug", "Retrieving vCard for user '%s'", username);
+        log("debug", "Retrieving vCard for user '%s'", username);
 
-      local match = ldap.singlematch {
-          base   = config.user.basedn,
-          filter = filter,
-      };
-      if match then
-          match.jid = username .. '@' .. module.host
-          return st.preserialize(ldap_record_to_vcard(match, config.vcard_format));
-      else
-          return nil, "username not found";
-      end
-  end
+        local match = ldap.singlematch {
+            base   = config.user.basedn,
+            filter = filter,
+        };
+        if match then
+            match.jid = username .. '@' .. module.host
+            return st.preserialize(ldap_record_to_vcard(match, config.vcard_format));
+        else
+            return nil, "username not found";
+        end
+    end
 
-  function self:set(username, data)
-      log("warn", "Setting data in vCard LDAP storage is not supported yet")
-      return nil, "not supported";
-  end
+    function self:set(username, data)
+        log("warn", "Setting data in vCard LDAP storage is not supported yet")
+        return nil, "not supported";
+    end
 
-  return self;
+    return self;
 end
 
 ----------------------------------------

conf/metronome/modules/vcard.lib.lua

@@ -135,28 +135,28 @@ function builder_methods:build()
 end
 
 local function new_builder(params)
-  local vcard_tag = st.stanza('vCard', { xmlns = VCARD_NS });
+    local vcard_tag = st.stanza('vCard', { xmlns = VCARD_NS });
 
-  local object = {
-      vcard   = vcard_tag,
-      __index = builder_methods,
-  };
+    local object = {
+        vcard   = vcard_tag,
+        __index = builder_methods,
+    };
 
-  for k, v in pairs(params) do
-      object[k] = v;
-  end
+    for k, v in pairs(params) do
+        object[k] = v;
+    end
 
-  setmetatable(object, object);
+    setmetatable(object, object);
 
-  return object;
+    return object;
 end
 
 local _M = {};
 
 function _M.create(params)
-  local builder = new_builder(params);
+    local builder = new_builder(params);
 
-  return builder:build();
+    return builder:build();
 end
 
 return _M;

conf/postfix/main.cf

@@ -211,3 +211,11 @@ smtp_sasl_security_options = noanonymous
 # where to find sasl_passwd
 smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
 {% endif %}
+
+{% if backup_mx_domains != "" %}
+# Backup MX (secondary MX)
+relay_domains = $mydestination {{backup_mx_domains}}
+relay_recipient_maps = hash:/etc/postfix/relay_recipients
+maximal_queue_lifetime = 20d
+{% endif %}
+

conf/ssh/sshd_config

@@ -84,7 +84,7 @@ Subsystem sftp internal-sftp
 
 # Apply following instructions to user with sftp perm only
 Match Group sftp.main,!ssh.main
-    ForceCommand internal-sftp
+    ForceCommand internal-sftp -u 0002
     # We can't restrict to /home/%u because the chroot base must be owned by root
     # So we chroot only on /home
     # See https://serverfault.com/questions/584986/bad-ownership-or-modes-for-chroot-directory-component
@@ -97,7 +97,7 @@ Match Group sftp.main,!ssh.main
     PermitUserRC no
 
 Match Group sftp.app,!ssh.app
-    ForceCommand internal-sftp
+    ForceCommand internal-sftp -u 0002
     ChrootDirectory %h
     AllowTcpForwarding no
     AllowStreamLocalForwarding no

debian/changelog

@@ -1,3 +1,53 @@
+yunohost (11.2.30) stable; urgency=low
+
+  - helpers v2.1: check if patches dir exists before getting realpath ([#1938](http://github.com/YunoHost/yunohost/pull/1938))
+  - helpers v2.1: ynh_add_swap and ynh_smart_mktemp (aff885e6b)
+  - helpers v2.1: fix ynh_restore_everything ([#1943](http://github.com/YunoHost/yunohost/pull/1943))
+  - helpers v2.1: fix typo in docs: ynh_install_app_dependencies -> ynh_apt_install_dependencies ([#1939](http://github.com/YunoHost/yunohost/pull/1939))
+  - helpers: fix syntax, disambiguate subshell syntax ([#1940](http://github.com/YunoHost/yunohost/pull/1940))
+  - quality: Add maintenante/shfmt.sh for shell script formatting (68f35831e)
+  - quality: Apply shfmt everywhere, fix tabs/space/indent (8a5f2808a, e3ddb1dc4, ef1708276, 38b39ebae, b91e9dd8f)
+
+  Thanks to all contributors <3 ! (Félix Piédallu, Josué Tille, OniriCorpe, selfhoster1312)
+
+ -- Alexandre Aubin <alex.aubin@mailoo.org>  Sat, 31 Aug 2024 19:26:59 +0200
+
+yunohost (11.2.29) stable; urgency=low
+
+  - apps: generalize replacing __INSTALL_DIR__ and __APP__ in config panel 'bind' statement to any setting (9b0553580)
+  - apps/config panels: move the computation of the actual 'bind' value to the python core (a6785d34b)
+  - perf: add cache for _get_app_settings() (c14ebc8be, 7c7906046)
+  - quality: use _assert_is_installed for consistency instead of if not _is_intalled(app): raise (c409888a4)
+  - i18n: Translations updated for Basque, French, Galician, Greek, Indonesian
+
+  Thanks to all contributors <3 ! (cjdw, craftrac, José M, ppr, xabirequejo)
+
+ -- Alexandre Aubin <alex.aubin@mailoo.org>  Tue, 27 Aug 2024 14:46:26 +0200
+
+yunohost (11.2.28) stable; urgency=low
+
+  - ci: various changes due to CI infrastructure changes (200f0272d, 764fe6a7b, 9083a5cc3, d0df3caed, 6733526be, df320a44c, 92f4a605b, f02d4a437, c5953b542)
+  - apps: exclude .well-known subpaths from conflict checks ([#1647](http://github.com/YunoHost/yunohost/pull/1647))
+  - apps: in apt resource, fix empty string in packages_from_raw_bash breaking dpkg-build (a76cd05e8)
+  - sftp: Tweak umask for SFTP ([#1384](http://github.com/YunoHost/yunohost/pull/1384))
+  - mail: Be able to use postfix as a backup ("secondary") MX hosts ([#1253](http://github.com/YunoHost/yunohost/pull/1253))
+  - diagnosis: Add check regarding rfkill blocking Wi-Fi card on RPi ([#1841](http://github.com/YunoHost/yunohost/pull/1841))
+  - users: trigger hooks when adding or removing user into group (51787a2f8)
+  - i18n: Translations updated for Basque, French, Indonesian, Russian
+
+  Thanks to all contributors <3 ! (cjdw, Emmanuel Averty, Ivan Davydov, ljf, ppr, Tagada, tituspijean, xabirequejo)
+
+ -- Alexandre Aubin <alex.aubin@mailoo.org>  Sun, 25 Aug 2024 13:17:43 +0200
+
+yunohost (11.2.27) stable; urgency=low
+
+  - apt resource: fix handling of empty 'packages' list breaking dpkg-deb call (3deffdbd5)
+  - i18n: Translations updated for Indonesian, Turkish
+
+  Thanks to all contributors <3 ! (Ali Çırçır, cjdw)
+
+ -- Alexandre Aubin <alex.aubin@mailoo.org>  Sat, 03 Aug 2024 18:41:27 +0200
+
 yunohost (11.2.26) stable; urgency=low
 
   - bullseye->bookworm: encourage apt to remove luajit if it's installed because for some reason it's causing issues (423e79bd5)

debian/postinst

@@ -27,7 +27,7 @@ do_configure() {
         yunohost tools migrations run --auto
 
         echo "Re-diagnosing server health..."
-        yunohost diagnosis run --force
+        [[ -n "${YNH_SKIP_DIAGNOSIS_DURING_UPGRADE:-}" ]] && echo "(Skipping)" || yunohost diagnosis run --force
 
         echo "Refreshing app catalog..."
         yunohost tools update apps --output-as none || true

helpers/helpers

@@ -1,6 +1,6 @@
 #!/usr/bin/env bash
 # Entrypoint for the helpers scripts
-SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
+SCRIPT_DIR=$(cd -- "$(dirname -- "${BASH_SOURCE[0]}")" &> /dev/null && pwd)
 
 # Helpers version can be specified via an environment variable or default to 1.
 YNH_HELPERS_VERSION=${YNH_HELPERS_VERSION:-1}
@@ -21,6 +21,7 @@ case "$YNH_HELPERS_VERSION" in
     *)
         echo "Helpers are not available in version '$YNH_HELPERS_VERSION'." >&2
         exit 1
+        ;;
 esac
 
 eval "$XTRACE_ENABLE"

helpers/helpers.v1.d/apps

@@ -7,52 +7,49 @@
 #
 # Requires YunoHost version *.*.* or higher.
 ynh_install_apps() {
-	# Declare an array to define the options of this helper.
-	local legacy_args=a
-	local -A args_array=([a]=apps=)
-	local apps
-	# Manage arguments with getopts
-	ynh_handle_getopts_args "$@"
+    # Declare an array to define the options of this helper.
+    local legacy_args=a
+    local -A args_array=([a]=apps=)
+    local apps
+    # Manage arguments with getopts
+    ynh_handle_getopts_args "$@"
 
-	# Split the list of apps in an array
-	local apps_list=($(echo $apps | tr " " "\n"))
-	local apps_dependencies=""
-	
-	# For each app
-	for one_app_and_its_args in "${apps_list[@]}"
-	do
-		# Retrieve the name of the app (part before ?)
-		local one_app=$(cut -d "?" -f1 <<< "$one_app_and_its_args")
-		[ -z "$one_app" ] && ynh_die --message="You didn't provided a YunoHost app to install"
+    # Split the list of apps in an array
+    local apps_list=($(echo $apps | tr " " "\n"))
+    local apps_dependencies=""
 
-		yunohost tools update apps
-		
-		# Installing or upgrading the app depending if it's installed or not
-		if ! yunohost app list --output-as json --quiet | jq -e --arg id $one_app '.apps[] | select(.id == $id)' >/dev/null
-		then
-			# Retrieve the arguments of the app (part after ?)
-			local one_argument=""
-			if [[ "$one_app_and_its_args" == *"?"* ]]; then
-				one_argument=$(cut -d "?" -f2- <<< "$one_app_and_its_args")
-				one_argument="--args $one_argument"
-			fi
-			
-			# Install the app with its arguments
-			yunohost app install $one_app $one_argument
-		else
-			# Upgrade the app
-			yunohost app upgrade $one_app
-		fi
+    # For each app
+    for one_app_and_its_args in "${apps_list[@]}"; do
+        # Retrieve the name of the app (part before ?)
+        local one_app=$(cut -d "?" -f1 <<< "$one_app_and_its_args")
+        [ -z "$one_app" ] && ynh_die --message="You didn't provided a YunoHost app to install"
 
-		if [ ! -z "$apps_dependencies" ]
-		then
-			apps_dependencies="$apps_dependencies, $one_app"
-		else
-			apps_dependencies="$one_app"
-		fi
-	done
+        yunohost tools update apps
 
-	ynh_app_setting_set --app=$app --key=apps_dependencies --value="$apps_dependencies"
+        # Installing or upgrading the app depending if it's installed or not
+        if ! yunohost app list --output-as json --quiet | jq -e --arg id $one_app '.apps[] | select(.id == $id)' > /dev/null; then
+            # Retrieve the arguments of the app (part after ?)
+            local one_argument=""
+            if [[ "$one_app_and_its_args" == *"?"* ]]; then
+                one_argument=$(cut -d "?" -f2- <<< "$one_app_and_its_args")
+                one_argument="--args $one_argument"
+            fi
+
+            # Install the app with its arguments
+            yunohost app install $one_app $one_argument
+        else
+            # Upgrade the app
+            yunohost app upgrade $one_app
+        fi
+
+        if [ ! -z "$apps_dependencies" ]; then
+            apps_dependencies="$apps_dependencies, $one_app"
+        else
+            apps_dependencies="$one_app"
+        fi
+    done
+
+    ynh_app_setting_set --app=$app --key=apps_dependencies --value="$apps_dependencies"
 }
 
 # Remove other YunoHost apps
@@ -63,53 +60,47 @@ ynh_install_apps() {
 #
 # Requires YunoHost version *.*.* or higher.
 ynh_remove_apps() {
-	# Retrieve the apps dependencies of the app
-	local apps_dependencies=$(ynh_app_setting_get --app=$app --key=apps_dependencies)
-	ynh_app_setting_delete --app=$app --key=apps_dependencies
+    # Retrieve the apps dependencies of the app
+    local apps_dependencies=$(ynh_app_setting_get --app=$app --key=apps_dependencies)
+    ynh_app_setting_delete --app=$app --key=apps_dependencies
 
-	if [ ! -z "$apps_dependencies" ]
-	then
-		# Split the list of apps dependencies in an array
-		local apps_dependencies_list=($(echo $apps_dependencies | tr ", " "\n"))
-		
-		# For each apps dependencies
-		for one_app in "${apps_dependencies_list[@]}"
-		do
-			# Retrieve the list of installed apps
-			local installed_apps_list=$(yunohost app list --output-as json --quiet | jq -r .apps[].id)
-			local required_by=""
-			local installed_app_required_by=""
+    if [ ! -z "$apps_dependencies" ]; then
+        # Split the list of apps dependencies in an array
+        local apps_dependencies_list=($(echo $apps_dependencies | tr ", " "\n"))
 
-			# For each other installed app
-			for one_installed_app in $installed_apps_list
-			do
-				# Retrieve the other apps dependencies
-				one_installed_apps_dependencies=$(ynh_app_setting_get --app=$one_installed_app --key=apps_dependencies)
-				if [ ! -z "$one_installed_apps_dependencies" ]
-				then
-					one_installed_apps_dependencies_list=($(echo $one_installed_apps_dependencies | tr ", " "\n"))
+        # For each apps dependencies
+        for one_app in "${apps_dependencies_list[@]}"; do
+            # Retrieve the list of installed apps
+            local installed_apps_list=$(yunohost app list --output-as json --quiet | jq -r .apps[].id)
+            local required_by=""
+            local installed_app_required_by=""
 
-					# For each dependency of the other apps
-					for one_installed_app_dependency in "${one_installed_apps_dependencies_list[@]}"
-					do
-						if [[ $one_installed_app_dependency == $one_app ]]; then
-							required_by="$required_by $one_installed_app"
-						fi
-					done
-				fi
-			done
+            # For each other installed app
+            for one_installed_app in $installed_apps_list; do
+                # Retrieve the other apps dependencies
+                one_installed_apps_dependencies=$(ynh_app_setting_get --app=$one_installed_app --key=apps_dependencies)
+                if [ ! -z "$one_installed_apps_dependencies" ]; then
+                    one_installed_apps_dependencies_list=($(echo $one_installed_apps_dependencies | tr ", " "\n"))
 
-			# If $one_app is no more required
-			if [[ -z "$required_by" ]]
-			then
-				# Remove $one_app
-				ynh_print_info --message="Removing of $one_app"
-				yunohost app remove $one_app --purge
-			else
-				ynh_print_info --message="$one_app was not removed because it's still required by${required_by}"
-			fi
-		done
-	fi
+                    # For each dependency of the other apps
+                    for one_installed_app_dependency in "${one_installed_apps_dependencies_list[@]}"; do
+                        if [[ $one_installed_app_dependency == $one_app ]]; then
+                            required_by="$required_by $one_installed_app"
+                        fi
+                    done
+                fi
+            done
+
+            # If $one_app is no more required
+            if [[ -z "$required_by" ]]; then
+                # Remove $one_app
+                ynh_print_info --message="Removing of $one_app"
+                yunohost app remove $one_app --purge
+            else
+                ynh_print_info --message="$one_app was not removed because it's still required by${required_by}"
+            fi
+        done
+    fi
 }
 
 # Spawn a Bash shell with the app environment loaded
@@ -126,90 +117,83 @@ ynh_remove_apps() {
 # from the app's service configuration file (defaults to $app.service, overridable by the packager with `service` setting).
 # If the app relies on a specific PHP version, then `php` will be aliased that version. The PHP command will also be appended with the `phpflags` settings.
 ynh_spawn_app_shell() {
-        # Declare an array to define the options of this helper.
-        local legacy_args=a
-        local -A args_array=([a]=app=)
-        local app
-        # Manage arguments with getopts
-        ynh_handle_getopts_args "$@"
+    # Declare an array to define the options of this helper.
+    local legacy_args=a
+    local -A args_array=([a]=app=)
+    local app
+    # Manage arguments with getopts
+    ynh_handle_getopts_args "$@"
 
-        # Force Bash to be used to run this helper
-        if [[ ! $0 =~ \/?bash$ ]]
-        then
-            ynh_print_err --message="Please use Bash as shell"
-            exit 1
-        fi
+    # Force Bash to be used to run this helper
+    if [[ ! $0 =~ \/?bash$ ]]; then
+        ynh_print_err --message="Please use Bash as shell"
+        exit 1
+    fi
 
-        # Make sure the app is installed
-        local installed_apps_list=($(yunohost app list --output-as json --quiet | jq -r .apps[].id))
-        if [[ " ${installed_apps_list[*]} " != *" ${app} "* ]]
-        then
-            ynh_print_err --message="$app is not in the apps list"
-            exit 1
-        fi
+    # Make sure the app is installed
+    local installed_apps_list=($(yunohost app list --output-as json --quiet | jq -r .apps[].id))
+    if [[ " ${installed_apps_list[*]} " != *" ${app} "* ]]; then
+        ynh_print_err --message="$app is not in the apps list"
+        exit 1
+    fi
 
-        # Make sure the app has its own user
-        if ! id -u "$app" &>/dev/null; then
-            ynh_print_err --message="There is no \"$app\" system user"
-            exit 1
-        fi
+    # Make sure the app has its own user
+    if ! id -u "$app" &> /dev/null; then
+        ynh_print_err --message="There is no \"$app\" system user"
+        exit 1
+    fi
 
-        # Make sure the app has an install_dir setting
-        local install_dir=$(ynh_app_setting_get --app=$app --key=install_dir)
-        if [ -z "$install_dir" ]
-        then
-            ynh_print_err --message="$app has no install_dir setting (does it use packaging format >=2?)"
-            exit 1
-        fi
+    # Make sure the app has an install_dir setting
+    local install_dir=$(ynh_app_setting_get --app=$app --key=install_dir)
+    if [ -z "$install_dir" ]; then
+        ynh_print_err --message="$app has no install_dir setting (does it use packaging format >=2?)"
+        exit 1
+    fi
 
-        # Load the app's service name, or default to $app
-        local service=$(ynh_app_setting_get --app=$app --key=service)
-        [ -z "$service" ] && service=$app;
+    # Load the app's service name, or default to $app
+    local service=$(ynh_app_setting_get --app=$app --key=service)
+    [ -z "$service" ] && service=$app
 
-        # Export HOME variable
-        export HOME=$install_dir;
+    # Export HOME variable
+    export HOME=$install_dir
 
-        # Load the Environment variables from the app's service
-        local env_var=$(systemctl show $service.service -p "Environment" --value)
-        [ -n "$env_var" ] && export $env_var;
+    # Load the Environment variables from the app's service
+    local env_var=$(systemctl show $service.service -p "Environment" --value)
+    [ -n "$env_var" ] && export $env_var
 
-        # Force `php` to its intended version
-        # We use `eval`+`export` since `alias` is not propagated to subshells, even with `export`
-        local phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
-        local phpflags=$(ynh_app_setting_get --app=$app --key=phpflags)
-        if [ -n "$phpversion" ]
-        then
-            eval "php() { php${phpversion} ${phpflags} \"\$@\"; }"
-            export -f php
-        fi
+    # Force `php` to its intended version
+    # We use `eval`+`export` since `alias` is not propagated to subshells, even with `export`
+    local phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
+    local phpflags=$(ynh_app_setting_get --app=$app --key=phpflags)
+    if [ -n "$phpversion" ]; then
+        eval "php() { php${phpversion} ${phpflags} \"\$@\"; }"
+        export -f php
+    fi
 
-        # Source the EnvironmentFiles from the app's service
-        local env_files=($(systemctl show $service.service -p "EnvironmentFiles" --value))
-        if [ ${#env_files[*]} -gt 0 ]
-        then
-            # set -/+a enables and disables new variables being automatically exported. Needed when using `source`.
-            set -a
-            for file in ${env_files[*]}
-            do
-                [[ $file = /* ]] && source $file
-            done
-            set +a
-        fi
+    # Source the EnvironmentFiles from the app's service
+    local env_files=($(systemctl show $service.service -p "EnvironmentFiles" --value))
+    if [ ${#env_files[*]} -gt 0 ]; then
+        # set -/+a enables and disables new variables being automatically exported. Needed when using `source`.
+        set -a
+        for file in ${env_files[*]}; do
+            [[ $file = /* ]] && source $file
+        done
+        set +a
+    fi
 
-        # Activate the Python environment, if it exists
-        if [ -f $install_dir/venv/bin/activate ]
-        then
-            # set -/+a enables and disables new variables being automatically exported. Needed when using `source`.
-            set -a
-            source $install_dir/venv/bin/activate
-            set +a
-        fi
+    # Activate the Python environment, if it exists
+    if [ -f $install_dir/venv/bin/activate ]; then
+        # set -/+a enables and disables new variables being automatically exported. Needed when using `source`.
+        set -a
+        source $install_dir/venv/bin/activate
+        set +a
+    fi
 
-        # cd into the WorkingDirectory set in the service, or default to the install_dir
-        local env_dir=$(systemctl show $service.service -p "WorkingDirectory" --value)
-        [ -z $env_dir ] && env_dir=$install_dir;
-        cd $env_dir
+    # cd into the WorkingDirectory set in the service, or default to the install_dir
+    local env_dir=$(systemctl show $service.service -p "WorkingDirectory" --value)
+    [ -z $env_dir ] && env_dir=$install_dir
+    cd $env_dir
 
-        # Spawn the app shell
-        su -s /bin/bash $app
+    # Spawn the app shell
+    su -s /bin/bash $app
 }

helpers/helpers.v1.d/apt

@@ -14,7 +14,7 @@ ynh_wait_dpkg_free() {
     # With seq 1 17, timeout will be almost 30 minutes
     for try in $(seq 1 17); do
         # Check if /var/lib/dpkg/lock is used by another process
-        if lsof /var/lib/dpkg/lock >/dev/null; then
+        if lsof /var/lib/dpkg/lock > /dev/null; then
             echo "apt is already in use..."
             # Sleep an exponential time at each round
             sleep $((try * try))
@@ -32,7 +32,7 @@ ynh_wait_dpkg_free() {
                     set -o xtrace # set -x
                     return 1
                 fi
-            done 9<<<"$(ls -1 $dpkg_dir)"
+            done 9<<< "$(ls -1 $dpkg_dir)"
             set -o xtrace # set -x
             return 0
         fi
@@ -58,8 +58,8 @@ ynh_package_is_installed() {
     # Manage arguments with getopts
     ynh_handle_getopts_args "$@"
 
-    dpkg-query --show --showformat='${Status}' "$package" 2>/dev/null \
-        | grep --count "ok installed" &>/dev/null
+    dpkg-query --show --showformat='${Status}' "$package" 2> /dev/null \
+        | grep --count "ok installed" &> /dev/null
 }
 
 # Get the version of an installed package
@@ -82,7 +82,7 @@ ynh_package_version() {
     ynh_handle_getopts_args "$@"
 
     if ynh_package_is_installed "$package"; then
-        dpkg-query --show --showformat='${Version}' "$package" 2>/dev/null
+        dpkg-query --show --showformat='${Version}' "$package" 2> /dev/null
     else
         echo ''
     fi
@@ -266,8 +266,7 @@ ynh_install_app_dependencies() {
     # The (?<=php) syntax corresponds to lookbehind ;)
     local specific_php_version=$(echo $dependencies | grep -oP '(?<=php)[0-9.]+(?=-|\>|)' | sort -u)
 
-    if [[ -n "$specific_php_version" ]]
-    then
+    if [[ -n "$specific_php_version" ]]; then
         # Cover a small edge case where a packager could have specified "php7.4-pwet php5-gni" which is confusing
         [[ $(echo $specific_php_version | wc -l) -eq 1 ]] \
             || ynh_die --message="Inconsistent php versions in dependencies ... found : $specific_php_version"
@@ -281,8 +280,7 @@ ynh_install_app_dependencies() {
             local old_php_fpm_config_dir=$(ynh_app_setting_get --app=$app --key=fpm_config_dir)
             local old_php_finalphpconf="$old_php_fpm_config_dir/pool.d/$app.conf"
 
-            if [[ -f "$old_php_finalphpconf" ]]
-            then
+            if [[ -f "$old_php_finalphpconf" ]]; then
                 ynh_backup_if_checksum_is_different --file="$old_php_finalphpconf"
                 ynh_remove_fpm_config
             fi
@@ -291,8 +289,7 @@ ynh_install_app_dependencies() {
         ynh_app_setting_set --app=$app --key=phpversion --value=$specific_php_version
 
         # Set the default php version back as the default version for php-cli.
-        if test -e /usr/bin/php$YNH_DEFAULT_PHP_VERSION
-        then
+        if test -e /usr/bin/php$YNH_DEFAULT_PHP_VERSION; then
             update-alternatives --set php /usr/bin/php$YNH_DEFAULT_PHP_VERSION
         fi
     elif grep --quiet 'php' <<< "$dependencies"; then
@@ -306,20 +303,18 @@ ynh_install_app_dependencies() {
     # upgrade script where ynh_install_app_dependencies is called with this
     # expected effect) Otherwise, any subsequent call will add dependencies
     # to those already present in the equivs control file.
-    if [[ $YNH_INSTALL_APP_DEPENDENCIES_REPLACE == "true" ]]
-    then
+    if [[ $YNH_INSTALL_APP_DEPENDENCIES_REPLACE == "true" ]]; then
         YNH_INSTALL_APP_DEPENDENCIES_REPLACE="false"
     else
         local current_dependencies=""
-        if ynh_package_is_installed --package="${dep_app}-ynh-deps"
-        then
+        if ynh_package_is_installed --package="${dep_app}-ynh-deps"; then
             current_dependencies="$(dpkg-query --show --showformat='${Depends}' ${dep_app}-ynh-deps) "
             current_dependencies=${current_dependencies// | /|}
         fi
         dependencies="$current_dependencies, $dependencies"
     fi
 
-    cat >/tmp/${dep_app}-ynh-deps.control <<EOF # Make a control file for equivs-build
+    cat > /tmp/${dep_app}-ynh-deps.control << EOF # Make a control file for equivs-build
 Section: misc
 Priority: optional
 Package: ${dep_app}-ynh-deps
@@ -337,8 +332,7 @@ EOF
 
     # Trigger postgresql regenconf if we may have just installed postgresql
     local psql_installed2="$(ynh_package_is_installed "postgresql-$PSQL_VERSION" && echo yes || echo no)"
-    if [[ "$psql_installed" != "$psql_installed2" ]]
-    then
+    if [[ "$psql_installed" != "$psql_installed2" ]]; then
         yunohost tools regen-conf postgresql
     fi
 
@@ -372,7 +366,7 @@ ynh_add_app_dependencies() {
 #
 # Requires YunoHost version 2.6.4 or higher.
 ynh_remove_app_dependencies() {
-    local dep_app=${app//_/-}	# Replace all '_' by '-'
+    local dep_app=${app//_/-} # Replace all '_' by '-'
 
     local current_dependencies=""
     if ynh_package_is_installed --package="${dep_app}-ynh-deps"; then
@@ -382,16 +376,14 @@ ynh_remove_app_dependencies() {
 
     # Edge case where the app dep may be on hold,
     # cf https://forum.yunohost.org/t/migration-error-cause-of-ffsync/20675/4
-    if apt-mark showhold | grep -q -w ${dep_app}-ynh-deps
-    then
+    if apt-mark showhold | grep -q -w ${dep_app}-ynh-deps; then
         apt-mark unhold ${dep_app}-ynh-deps
     fi
 
     # Remove the fake package and its dependencies if they not still used.
     # (except if dpkg doesn't know anything about the package,
     # which should be symptomatic of a failed install, and we don't want bash to report an error)
-    if dpkg-query --show ${dep_app}-ynh-deps &>/dev/null
-    then
+    if dpkg-query --show ${dep_app}-ynh-deps &> /dev/null; then
         ynh_package_autopurge ${dep_app}-ynh-deps
     fi
 }
@@ -487,11 +479,13 @@ ynh_install_extra_repo() {
     if [[ "${repo_parts[0]}" == "deb" ]]; then
         index=1
     fi
-    uri="${repo_parts[$index]}" ; index=$((index+1))
-    suite="${repo_parts[$index]}" ; index=$((index+1))
+    uri="${repo_parts[$index]}"
+    index=$((index + 1))
+    suite="${repo_parts[$index]}"
+    index=$((index + 1))
 
     # Get the components
-    if (( "${#repo_parts[@]}" > 0 )); then
+    if (("${#repo_parts[@]}" > 0)); then
         component="${repo_parts[*]:$index}"
     fi
 
@@ -512,7 +506,7 @@ ynh_install_extra_repo() {
     if [ -n "$key" ] && [[ "$key" != "trusted=yes" ]]; then
         mkdir --parents "/etc/apt/trusted.gpg.d"
         # Timeout option is here to enforce the timeout on dns query and tcp connect (c.f. man wget)
-        wget --timeout 900 --quiet "$key" --output-document=- | gpg --dearmor | $wget_append /etc/apt/trusted.gpg.d/$name.gpg >/dev/null
+        wget --timeout 900 --quiet "$key" --output-document=- | gpg --dearmor | $wget_append /etc/apt/trusted.gpg.d/$name.gpg > /dev/null
     fi
 
     # Update the list of package with the new repo

helpers/helpers.v1.d/backup

@@ -162,7 +162,7 @@ ynh_backup() {
     # ==============================================================================
     local src=$(echo "${src_path}" | sed --regexp-extended 's/"/\"\"/g')
     local dest=$(echo "${dest_path}" | sed --regexp-extended 's/"/\"\"/g')
-    echo "\"${src}\",\"${dest}\"" >>"${YNH_BACKUP_CSV}"
+    echo "\"${src}\",\"${dest}\"" >> "${YNH_BACKUP_CSV}"
 
     # ==============================================================================
 
@@ -289,8 +289,7 @@ ynh_restore_file() {
     # Boring hack for nginx conf file mapped to php7.3
     # Note that there's no need to patch the fpm config because most php apps
     # will call "ynh_add_fpm_config" during restore, effectively recreating the file from scratch
-    if [[ "${dest_path}" == "/etc/nginx/conf.d/"* ]] && grep 'php7.3.*sock' "${dest_path}"
-    then
+    if [[ "${dest_path}" == "/etc/nginx/conf.d/"* ]] && grep 'php7.3.*sock' "${dest_path}"; then
         sed -i 's/php7.3/php7.4/g' "${dest_path}"
     fi
 }
@@ -376,8 +375,7 @@ ynh_backup_if_checksum_is_different() {
             echo "$backup_file_checksum" # Return the name of the backup file
             if [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then
                 local file_path_base64=$(echo "$file" | base64 -w0)
-                if test -e /var/cache/yunohost/appconfbackup/original_${file_path_base64}
-                then
+                if test -e /var/cache/yunohost/appconfbackup/original_${file_path_base64}; then
                     ynh_print_warn "Diff with the original file:"
                     diff --report-identical-files --unified --color=always /var/cache/yunohost/appconfbackup/original_${file_path_base64} $file >&2 || true
                 fi
@@ -412,7 +410,7 @@ ynh_delete_file_checksum() {
 #
 ynh_backup_archive_exists() {
     yunohost backup list --output-as json --quiet \
-        | jq -e --arg archive "$1" '.archives | index($archive)' >/dev/null
+        | jq -e --arg archive "$1" '.archives | index($archive)' > /dev/null
 }
 
 # Make a backup in case of failed upgrade
@@ -455,7 +453,7 @@ ynh_backup_before_upgrade() {
             # If the backup succeeded, remove the previous backup
             if ynh_backup_archive_exists "$app_bck-pre-upgrade$old_backup_number"; then
                 # Remove the previous backup only if it exists
-                yunohost backup delete $app_bck-pre-upgrade$old_backup_number >/dev/null
+                yunohost backup delete $app_bck-pre-upgrade$old_backup_number > /dev/null
             fi
         else
             ynh_die --message="Backup failed, the upgrade process was aborted."
@@ -494,8 +492,7 @@ ynh_restore_upgradebackup() {
             yunohost app remove $app
             # Restore the backup
             yunohost backup restore $app_bck-pre-upgrade$backup_number --apps $app --force --debug
-            if [[ -d /etc/yunohost/apps/$app ]]
-            then
+            if [[ -d /etc/yunohost/apps/$app ]]; then
                 ynh_die --message="The app was restored to the way it was before the failed upgrade."
             else
                 ynh_die --message="Uhoh ... Yunohost failed to restore the app to the way it was before the failed upgrade :|"

helpers/helpers.v1.d/config

@@ -6,11 +6,11 @@ _ynh_app_config_get_one() {
     local bind="$3"
     local getter="get__${short_setting}"
     # Get value from getter if exists
-    if type -t $getter 2>/dev/null | grep -q '^function$' 2>/dev/null; then
+    if type -t $getter 2> /dev/null | grep -q '^function$' 2> /dev/null; then
         old[$short_setting]="$($getter)"
         formats[${short_setting}]="yaml"
 
-    elif [[ "$bind" == *"("* ]] && type -t "get__${bind%%(*}" 2>/dev/null | grep -q '^function$' 2>/dev/null; then
+    elif [[ "$bind" == *"("* ]] && type -t "get__${bind%%(*}" 2> /dev/null | grep -q '^function$' 2> /dev/null; then
         old[$short_setting]="$("get__${bind%%(*}" $short_setting $type $bind)"
         formats[${short_setting}]="yaml"
 
@@ -22,7 +22,7 @@ _ynh_app_config_get_one() {
         if [[ "$bind" == "settings" ]]; then
             ynh_die --message="File '${short_setting}' can't be stored in settings"
         fi
-        old[$short_setting]="$(ls "$(echo $bind | sed s@__INSTALL_DIR__@$install_dir@ | sed s@__FINALPATH__@$final_path@ | sed s/__APP__/$app/)" 2>/dev/null || echo YNH_NULL)"
+        old[$short_setting]="$(ls "$bind" 2> /dev/null || echo YNH_NULL)"
         file_hash[$short_setting]="true"
 
     # Get multiline text from settings or from a full file
@@ -32,7 +32,7 @@ _ynh_app_config_get_one() {
         elif [[ "$bind" == *":"* ]]; then
             ynh_die --message="For technical reasons, multiline text '${short_setting}' can't be stored automatically  in a variable file, you have to create custom getter/setter"
         else
-            old[$short_setting]="$(cat $(echo $bind | sed s@__INSTALL_DIR__@$install_dir@ | sed s@__FINALPATH__@$final_path@ | sed s/__APP__/$app/) 2>/dev/null || echo YNH_NULL)"
+            old[$short_setting]="$(cat "$bind" 2> /dev/null || echo YNH_NULL)"
         fi
 
     # Get value from a kind of key/value file
@@ -47,7 +47,7 @@ _ynh_app_config_get_one() {
             bind_after="$(echo "${bind_key_}" | cut -d'>' -f1)"
             bind_key_="$(echo "${bind_key_}" | cut -d'>' -f2)"
         fi
-        local bind_file="$(echo "$bind" | cut -d: -f2 | sed s@__INSTALL_DIR__@$install_dir@ | sed s@__FINALPATH__@$final_path@ | sed s/__APP__/$app/)"
+        local bind_file="$(echo "$bind" | cut -d: -f2)"
         old[$short_setting]="$(ynh_read_var_in_file --file="${bind_file}" --key="${bind_key_}" --after="${bind_after}")"
 
     fi
@@ -59,10 +59,10 @@ _ynh_app_config_apply_one() {
     local type="${types[$short_setting]}"
     if [ "${changed[$short_setting]}" == "true" ]; then
         # Apply setter if exists
-        if type -t $setter 2>/dev/null | grep -q '^function$' 2>/dev/null; then
+        if type -t $setter 2> /dev/null | grep -q '^function$' 2> /dev/null; then
             $setter
 
-        elif [[ "$bind" == *"("* ]] && type -t "set__${bind%%(*}" 2>/dev/null | grep -q '^function$' 2>/dev/null; then
+        elif [[ "$bind" == *"("* ]] && type -t "set__${bind%%(*}" 2> /dev/null | grep -q '^function$' 2> /dev/null; then
             "set__${bind%%(*}" $short_setting $type $bind
 
         elif [[ "$bind" == "null" ]]; then
@@ -73,7 +73,7 @@ _ynh_app_config_apply_one() {
             if [[ "$bind" == "settings" ]]; then
                 ynh_die --message="File '${short_setting}' can't be stored in settings"
             fi
-            local bind_file="$(echo "$bind" | sed s@__INSTALL_DIR__@$install_dir@ | sed s@__FINALPATH__@$final_path@ | sed s/__APP__/$app/)"
+            local bind_file="$bind"
             if [[ "${!short_setting}" == "" ]]; then
                 ynh_backup_if_checksum_is_different --file="$bind_file"
                 ynh_secure_remove --file="$bind_file"
@@ -98,9 +98,9 @@ _ynh_app_config_apply_one() {
             if [[ "$bind" == *":"* ]]; then
                 ynh_die --message="For technical reasons, multiline text '${short_setting}' can't be stored automatically  in a variable file, you have to create custom getter/setter"
             fi
-            local bind_file="$(echo "$bind" | sed s@__INSTALL_DIR__@$install_dir@ | sed s@__FINALPATH__@$final_path@ | sed s/__APP__/$app/)"
+            local bind_file="$bind"
             ynh_backup_if_checksum_is_different --file="$bind_file"
-            echo "${!short_setting}" >"$bind_file"
+            echo "${!short_setting}" > "$bind_file"
             ynh_store_file_checksum --file="$bind_file" --update_only
             ynh_print_info --message="File '$bind_file' overwritten with the content provided in question '${short_setting}'"
 
@@ -113,7 +113,7 @@ _ynh_app_config_apply_one() {
                 bind_key_="$(echo "${bind_key_}" | cut -d'>' -f2)"
             fi
             bind_key_=${bind_key_:-$short_setting}
-            local bind_file="$(echo "$bind" | cut -d: -f2 | sed s@__INSTALL_DIR__@$install_dir@ | sed s@__FINALPATH__@$final_path@ | sed s/__APP__/$app/)"
+            local bind_file="$(echo "$bind" | cut -d: -f2)"
 
             ynh_backup_if_checksum_is_different --file="$bind_file"
             ynh_write_var_in_file --file="${bind_file}" --key="${bind_key_}" --value="${!short_setting}" --after="${bind_after}"
@@ -126,69 +126,17 @@ _ynh_app_config_apply_one() {
         fi
     fi
 }
+
 _ynh_app_config_get() {
-    # From settings
-    local lines
-    lines=$(
-        python3 <<EOL
-import toml
-from collections import OrderedDict
-with open("../config_panel.toml", "r") as f:
-    file_content = f.read()
-loaded_toml = toml.loads(file_content, _dict=OrderedDict)
-
-for panel_name, panel in loaded_toml.items():
-    if not isinstance(panel, dict): continue
-    bind_panel = panel.get('bind')
-    for section_name, section in panel.items():
-        if not isinstance(section, dict): continue
-        bind_section = section.get('bind')
-        if not bind_section:
-            bind_section = bind_panel
-        elif bind_section[-1] == ":" and bind_panel and ":" in bind_panel:
-            regex, bind_panel_file = bind_panel.split(":")
-            if ">" in bind_section:
-                bind_section = bind_section + bind_panel_file
-            else:
-                bind_section = regex + bind_section + bind_panel_file
-
-        for name, param in section.items():
-            if not isinstance(param, dict):
-                continue
-
-            bind = param.get('bind')
-
-            if not bind:
-                if bind_section:
-                    bind = bind_section
-                else:
-                    bind = 'settings'
-            elif bind[-1] == ":" and bind_section and ":" in bind_section:
-                regex, bind_file = bind_section.split(":")
-                if ">" in bind:
-                    bind = bind + bind_file
-                else:
-                    bind = regex + bind + bind_file
-            if bind == "settings" and param.get('type', 'string') == 'file':
-                bind = 'null'
-
-            print('|'.join([
-                name,
-                param.get('type', 'string'),
-                bind
-                ]))
-EOL
-    )
-    for line in $lines; do
+    for line in $YNH_APP_CONFIG_PANEL_OPTIONS_TYPES_AND_BINDS; do
         # Split line into short_setting, type and bind
-        IFS='|' read short_setting type bind <<<"$line"
+        IFS='|' read short_setting type bind <<< "$line"
         binds[${short_setting}]="$bind"
         types[${short_setting}]="$type"
         file_hash[${short_setting}]=""
         formats[${short_setting}]=""
         ynh_app_config_get_one $short_setting $type $bind
     done
-
 }
 
 _ynh_app_config_apply() {
@@ -258,9 +206,9 @@ _ynh_app_config_validate() {
     for short_setting in "${!old[@]}"; do
         [[ "${changed[$short_setting]}" == "false" ]] && continue
         local result=""
-        if type -t validate__$short_setting | grep -q '^function$' 2>/dev/null; then
+        if type -t validate__$short_setting | grep -q '^function$' 2> /dev/null; then
             result="$(validate__$short_setting)"
-        elif [[ "$bind" == *"("* ]] && type -t "validate__${bind%%(*}" 2>/dev/null | grep -q '^function$' 2>/dev/null; then
+        elif [[ "$bind" == *"("* ]] && type -t "validate__${bind%%(*}" 2> /dev/null | grep -q '^function$' 2> /dev/null; then
             "validate__${bind%%(*}" $short_setting
         fi
         if [ -n "$result" ]; then
@@ -315,7 +263,7 @@ ynh_app_config_apply() {
 ynh_app_action_run() {
     local runner="run__$1"
     # Get value from getter if exists
-    if type -t "$runner" 2>/dev/null | grep -q '^function$' 2>/dev/null; then
+    if type -t "$runner" 2> /dev/null | grep -q '^function$' 2> /dev/null; then
         $runner
         #ynh_return "result:"
         #ynh_return "$(echo "${result}" | sed 's/^/  /g')"
@@ -333,22 +281,23 @@ ynh_app_config_run() {
     declare -Ag formats=()
 
     case $1 in
-    show)
-        ynh_app_config_get
-        ynh_app_config_show
-        ;;
-    apply)
-        max_progression=4
-        ynh_script_progression --message="Reading config panel description and current configuration..."
-        ynh_app_config_get
+        show)
+            ynh_app_config_get
+            ynh_app_config_show
+            ;;
+        apply)
+            max_progression=4
+            ynh_script_progression --message="Reading config panel description and current configuration..."
+            ynh_app_config_get
 
-        ynh_app_config_validate
+            ynh_app_config_validate
 
-        ynh_script_progression --message="Applying the new configuration..."
-        ynh_app_config_apply
-        ynh_script_progression --message="Configuration of $app completed" --last
-        ;;
-    *)
-        ynh_app_action_run $1
+            ynh_script_progression --message="Applying the new configuration..."
+            ynh_app_config_apply
+            ynh_script_progression --message="Configuration of $app completed" --last
+            ;;
+        *)
+            ynh_app_action_run $1
+            ;;
     esac
 }

helpers/helpers.v1.d/fail2ban

@@ -82,7 +82,7 @@ port = __PORTS__
 filter = __APP__
 logpath = __LOGPATH__
 maxretry = __MAX_RETRY__
-" >"$YNH_APP_BASEDIR/conf/f2b_jail.conf"
+" > "$YNH_APP_BASEDIR/conf/f2b_jail.conf"
 
         echo "
 [INCLUDES]
@@ -90,7 +90,7 @@ before = common.conf
 [Definition]
 failregex = __FAILREGEX__
 ignoreregex =
-" >"$YNH_APP_BASEDIR/conf/f2b_filter.conf"
+" > "$YNH_APP_BASEDIR/conf/f2b_filter.conf"
     fi
 
     ynh_add_config --template="f2b_jail.conf" --destination="/etc/fail2ban/jail.d/$app.conf"

helpers/helpers.v1.d/getopts

@@ -20,7 +20,7 @@
 # | arg: $@    - Simply "$@" to tranfert all the positionnal arguments to the function
 #
 # This helper need an array, named "args_array" with all the arguments used by the helper
-# 	that want to use ynh_handle_getopts_args
+# that want to use ynh_handle_getopts_args
 # Be carreful, this array has to be an associative array, as the following example:
 # local -A args_array=( [a]=arg1 [b]=arg2= [c]=arg3 )
 # Let's explain this array:
@@ -180,7 +180,7 @@ ynh_handle_getopts_args() {
             # If not, enter in legacy mode and manage the arguments as positionnal ones..
             # Dot not echo, to prevent to go through a helper output. But print only in the log.
             set -x
-            echo "! Helper used in legacy mode !" >/dev/null
+            echo "! Helper used in legacy mode !" > /dev/null
             set +x
             local i
             for i in $(seq 0 $((${#arguments[@]} - 1))); do

helpers/helpers.v1.d/go

@@ -1,11 +1,11 @@
 #!/bin/bash
 
 ynh_go_try_bash_extension() {
-  if [ -x src/configure ]; then
-    src/configure && make -C src || {
-      ynh_print_info --message="Optional bash extension failed to build, but things will still work normally."
-    }
-  fi
+    if [ -x src/configure ]; then
+        src/configure && make -C src || {
+            ynh_print_info --message="Optional bash extension failed to build, but things will still work normally."
+        }
+    fi
 }
 
 goenv_install_dir="/opt/goenv"
@@ -51,7 +51,7 @@ export GOENV_ROOT="$goenv_install_dir"
 # usage: ynh_use_go
 #
 # Requires YunoHost version 3.2.2 or higher.
-ynh_use_go () {
+ynh_use_go() {
     go_version=$(ynh_app_setting_get --app=$app --key=go_version)
 
     # Get the absolute path of this version of Go
@@ -73,7 +73,7 @@ ynh_use_go () {
 
     # Sets the local application-specific Go version
     pushd $install_dir
-        $goenv_install_dir/bin/goenv local $go_version
+    $goenv_install_dir/bin/goenv local $go_version
     popd
 }
 
@@ -93,10 +93,10 @@ ynh_use_go () {
 # | arg: -v, --go_version= - Version of go to install.
 #
 # Requires YunoHost version 3.2.2 or higher.
-ynh_install_go () {
+ynh_install_go() {
     # Declare an array to define the options of this helper.
     local legacy_args=v
-    local -A args_array=( [v]=go_version= )
+    local -A args_array=([v]=go_version=)
     local go_version
     # Manage arguments with getopts
     ynh_handle_getopts_args "$@"
@@ -113,34 +113,34 @@ ynh_install_go () {
     # Install or update goenv
     mkdir -p $goenv_install_dir
     pushd "$goenv_install_dir"
-        if ! [ -x "$goenv_install_dir/bin/goenv" ]; then
-            ynh_print_info --message="Downloading goenv..."
-            git init -q
-            git remote add origin https://github.com/syndbg/goenv.git 
-        else
-            ynh_print_info --message="Updating goenv..."
-        fi
-        git fetch -q --tags --prune origin
-        local git_latest_tag=$(git describe --tags "$(git rev-list --tags --max-count=1)")
-        git checkout -q "$git_latest_tag"
-        ynh_go_try_bash_extension
-        goenv=$goenv_install_dir/bin/goenv
+    if ! [ -x "$goenv_install_dir/bin/goenv" ]; then
+        ynh_print_info --message="Downloading goenv..."
+        git init -q
+        git remote add origin https://github.com/syndbg/goenv.git
+    else
+        ynh_print_info --message="Updating goenv..."
+    fi
+    git fetch -q --tags --prune origin
+    local git_latest_tag=$(git describe --tags "$(git rev-list --tags --max-count=1)")
+    git checkout -q "$git_latest_tag"
+    ynh_go_try_bash_extension
+    goenv=$goenv_install_dir/bin/goenv
     popd
 
     # Install or update xxenv-latest
     goenv_latest_dir="$goenv_install_dir/plugins/xxenv-latest"
     mkdir -p "$goenv_latest_dir"
     pushd "$goenv_latest_dir"
-        if ! [ -x "$goenv_latest_dir/bin/goenv-latest" ]; then
-            ynh_print_info --message="Downloading xxenv-latest..."
-            git init -q
-            git remote add origin https://github.com/momo-lab/xxenv-latest.git 
-        else
-            ynh_print_info --message="Updating xxenv-latest..."
-        fi
-        git fetch -q --tags --prune origin
-        local git_latest_tag=$(git describe --tags "$(git rev-list --tags --max-count=1)")
-        git checkout -q "$git_latest_tag"
+    if ! [ -x "$goenv_latest_dir/bin/goenv-latest" ]; then
+        ynh_print_info --message="Downloading xxenv-latest..."
+        git init -q
+        git remote add origin https://github.com/momo-lab/xxenv-latest.git
+    else
+        ynh_print_info --message="Updating xxenv-latest..."
+    fi
+    git fetch -q --tags --prune origin
+    local git_latest_tag=$(git describe --tags "$(git rev-list --tags --max-count=1)")
+    git checkout -q "$git_latest_tag"
     popd
 
     # Enable caching
@@ -167,7 +167,7 @@ ynh_install_go () {
     ynh_cleanup_go
 
     # Set environment for Go users
-    echo  "#goenv
+    echo "#goenv
 export GOENV_ROOT=$goenv_install_dir
 export PATH=\"$goenv_install_dir/bin:$PATH\"
 eval \"\$(goenv init -)\"
@@ -182,7 +182,7 @@ eval \"\$(goenv init -)\"
 # This helper will also cleanup Go versions
 #
 # usage: ynh_remove_go
-ynh_remove_go () {
+ynh_remove_go() {
     local go_version=$(ynh_app_setting_get --app="$app" --key="go_version")
 
     # Load goenv path in PATH
@@ -205,34 +205,29 @@ ynh_remove_go () {
 # If no app uses Go, goenv will be also removed.
 #
 # usage: ynh_cleanup_go
-ynh_cleanup_go () {
+ynh_cleanup_go() {
 
     # List required Go versions
     local installed_apps=$(yunohost app list --output-as json --quiet | jq -r .apps[].id)
     local required_go_versions=""
-    for installed_app in $installed_apps
-    do
+    for installed_app in $installed_apps; do
         local installed_app_go_version=$(ynh_app_setting_get --app=$installed_app --key="go_version")
-        if [[ $installed_app_go_version ]]
-        then
+        if [[ $installed_app_go_version ]]; then
             required_go_versions="${installed_app_go_version}\n${required_go_versions}"
         fi
     done
 
     # Remove no more needed Go versions
     local installed_go_versions=$(goenv versions --bare --skip-aliases | grep -Ev '/')
-    for installed_go_version in $installed_go_versions
-    do
-        if ! `echo ${required_go_versions} | grep "${installed_go_version}" 1>/dev/null 2>&1`
-        then
+    for installed_go_version in $installed_go_versions; do
+        if ! $(echo ${required_go_versions} | grep "${installed_go_version}" 1> /dev/null 2>&1); then
             ynh_print_info --message="Removing of Go-$installed_go_version"
             $goenv_install_dir/bin/goenv uninstall --force "$installed_go_version"
         fi
     done
 
     # If none Go version is required
-    if [[ ! $required_go_versions ]]
-    then
+    if [[ ! $required_go_versions ]]; then
         # Remove goenv environment configuration
         ynh_print_info --message="Removing of goenv"
         ynh_secure_remove --file="$goenv_install_dir"

helpers/helpers.v1.d/logging

@@ -93,8 +93,7 @@ ynh_exec_err() {
     # Boring legacy handling for when people calls ynh_exec_* wrapping the command in quotes,
     # (because in the past eval was used) ...
     # we detect this by checking that there's no 2nd arg, and $1 contains a space
-    if [[ "$#" -eq 1 ]] && [[ "$1" == *" "* ]]
-    then
+    if [[ "$#" -eq 1 ]] && [[ "$1" == *" "* ]]; then
         ynh_print_err --message="$(eval $@)"
     else
         # Note that "$@" is used and not $@, c.f. https://unix.stackexchange.com/a/129077
@@ -114,8 +113,7 @@ ynh_exec_warn() {
     # Boring legacy handling for when people calls ynh_exec_* wrapping the command in quotes,
     # (because in the past eval was used) ...
     # we detect this by checking that there's no 2nd arg, and $1 contains a space
-    if [[ "$#" -eq 1 ]] && [[ "$1" == *" "* ]]
-    then
+    if [[ "$#" -eq 1 ]] && [[ "$1" == *" "* ]]; then
         ynh_print_warn --message="$(eval $@)"
     else
         # Note that "$@" is used and not $@, c.f. https://unix.stackexchange.com/a/129077
@@ -135,8 +133,7 @@ ynh_exec_warn_less() {
     # Boring legacy handling for when people calls ynh_exec_* wrapping the command in quotes,
     # (because in the past eval was used) ...
     # we detect this by checking that there's no 2nd arg, and $1 contains a space
-    if [[ "$#" -eq 1 ]] && [[ "$1" == *" "* ]]
-    then
+    if [[ "$#" -eq 1 ]] && [[ "$1" == *" "* ]]; then
         eval $@ 2>&1
     else
         # Note that "$@" is used and not $@, c.f. https://unix.stackexchange.com/a/129077
@@ -156,8 +153,7 @@ ynh_exec_quiet() {
     # Boring legacy handling for when people calls ynh_exec_* wrapping the command in quotes,
     # (because in the past eval was used) ...
     # we detect this by checking that there's no 2nd arg, and $1 contains a space
-    if [[ "$#" -eq 1 ]] && [[ "$1" == *" "* ]]
-    then
+    if [[ "$#" -eq 1 ]] && [[ "$1" == *" "* ]]; then
         eval $@ > /dev/null
     else
         # Note that "$@" is used and not $@, c.f. https://unix.stackexchange.com/a/129077
@@ -177,8 +173,7 @@ ynh_exec_fully_quiet() {
     # Boring legacy handling for when people calls ynh_exec_* wrapping the command in quotes,
     # (because in the past eval was used) ...
     # we detect this by checking that there's no 2nd arg, and $1 contains a space
-    if [[ "$#" -eq 1 ]] && [[ "$1" == *" "* ]]
-    then
+    if [[ "$#" -eq 1 ]] && [[ "$1" == *" "* ]]; then
         eval $@ > /dev/null 2>&1
     else
         # Note that "$@" is used and not $@, c.f. https://unix.stackexchange.com/a/129077
@@ -199,7 +194,7 @@ ynh_exec_and_print_stderr_only_if_error() {
     rc=0
     # Note that "$@" is used and not $@, c.f. https://unix.stackexchange.com/a/129077
     "$@" 2> "$logfile" || rc="$?"
-    if (( rc != 0 )); then
+    if ((rc != 0)); then
         ynh_exec_warn cat "$logfile"
         ynh_secure_remove "$logfile"
         return "$rc"
@@ -216,7 +211,7 @@ ynh_exec_and_print_stderr_only_if_error() {
 #
 # Requires YunoHost version 3.2.0 or higher.
 ynh_print_OFF() {
-    exec {BASH_XTRACEFD}>/dev/null
+    exec {BASH_XTRACEFD}> /dev/null
 }
 
 # Restore the logging after ynh_print_OFF
@@ -229,7 +224,7 @@ ynh_print_OFF() {
 ynh_print_ON() {
     exec {BASH_XTRACEFD}>&1
     # Print an echo only for the log, to be able to know that ynh_print_ON has been called.
-    echo ynh_print_ON >/dev/null
+    echo ynh_print_ON > /dev/null
 }
 
 # Initial definitions for ynh_script_progression
@@ -271,9 +266,9 @@ ynh_script_progression() {
 
     # Always activate time when running inside CI tests
     if [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then
-    	time=${time:-1}
+        time=${time:-1}
     else
-    	time=${time:-0}
+        time=${time:-0}
     fi
 
     last=${last:-0}
@@ -298,8 +293,8 @@ ynh_script_progression() {
         local weight_values=$(($(echo "$weight_valuesA" "$weight_valuesB" | grep -v -E '^\s*$' | tr '\n' '+' | sed 's/+$/+0/g')))
 
         # max_progression is a total number of calls to this helper.
-        # 	Less the number of calls with a weight value.
-        # 	Plus the total of weight values
+        #  Less the number of calls with a weight value.
+        #  Plus the total of weight values
         max_progression=$(($helper_calls - $weight_calls + $weight_values))
     fi
 
@@ -329,7 +324,7 @@ ynh_script_progression() {
 
     local print_exec_time=""
     if [ $time -eq 1 ] && [ "$exec_time" -gt 10 ]; then
-        print_exec_time=" [$(bc <<< "scale=1; $exec_time / 60" ) minutes]"
+        print_exec_time=" [$(bc <<< "scale=1; $exec_time / 60") minutes]"
     fi
 
     ynh_print_info "[$progression_bar] > ${message}${print_exec_time}"
@@ -343,5 +338,5 @@ ynh_script_progression() {
 #
 # Requires YunoHost version 3.6.0 or higher.
 ynh_return() {
-    echo "$1" >>"$YNH_STDRETURN"
+    echo "$1" >> "$YNH_STDRETURN"
 }

helpers/helpers.v1.d/logrotate

@@ -16,11 +16,9 @@ ynh_use_logrotate() {
 
     # Stupid patch to ignore legacy --non-append and --nonappend
     # which was never properly understood and improperly used and kind of bullshit
-    local all_args=( ${@} )
-    for I in $(seq 0 $(($# - 1)))
-    do
-        if [[ "${all_args[$I]}" == "--non-append" ]] || [[ "${all_args[$I]}" == "--nonappend" ]]
-        then
+    local all_args=(${@})
+    for I in $(seq 0 $(($# - 1))); do
+        if [[ "${all_args[$I]}" == "--non-append" ]] || [[ "${all_args[$I]}" == "--nonappend" ]]; then
             unset all_args[$I]
         fi
     done
@@ -43,8 +41,7 @@ ynh_use_logrotate() {
     fi
     set +o noglob
 
-    for stuff in $logfile
-    do
+    for stuff in $logfile; do
         mkdir --parents $(dirname "$stuff")
     done
 
@@ -54,7 +51,7 @@ ynh_use_logrotate() {
     fi
 
     local tempconf="$(mktemp)"
-    cat << EOF >$tempconf
+    cat << EOF > $tempconf
 $logfile {
     # Rotate if the logfile exceeds 100Mo
     size 100M
@@ -76,8 +73,7 @@ $logfile {
 }
 EOF
 
-    if [[ "$FIRST_CALL_TO_LOGROTATE" == "true" ]]
-    then
+    if [[ "$FIRST_CALL_TO_LOGROTATE" == "true" ]]; then
         cat $tempconf > /etc/logrotate.d/$app
     else
         cat $tempconf >> /etc/logrotate.d/$app

helpers/helpers.v1.d/mongodb

@@ -6,100 +6,92 @@
 # example: ynh_mongo_exec --command="db.getMongo().getDBNames().indexOf(\"wekan\")"
 #
 # usage: ynh_mongo_exec [--user=user] [--password=password] [--authenticationdatabase=authenticationdatabase] [--database=database] [--host=host] [--port=port] --command="command" [--eval]
-# | arg: -u, --user=						- The user name to connect as
-# | arg: -p, --password=					- The user password
-# | arg: -d, --authenticationdatabase=		- The authenticationdatabase to connect to
-# | arg: -d, --database=					- The database to connect to
-# | arg: -h, --host=						- The host to connect to
-# | arg: -P, --port=						- The port to connect to
-# | arg: -c, --command=						- The command to evaluate
-# | arg: -e, --eval							- Evaluate instead of execute the command.
+# | arg: -u, --user=                        - The user name to connect as
+# | arg: -p, --password=                    - The user password
+# | arg: -d, --authenticationdatabase=      - The authenticationdatabase to connect to
+# | arg: -d, --database=                    - The database to connect to
+# | arg: -h, --host=                        - The host to connect to
+# | arg: -P, --port=                        - The port to connect to
+# | arg: -c, --command=                     - The command to evaluate
+# | arg: -e, --eval                         - Evaluate instead of execute the command.
 #
 #
 ynh_mongo_exec() {
-	# Declare an array to define the options of this helper.
-	local legacy_args=upadhPce
-	local -A args_array=( [u]=user= [p]=password= [a]=authenticationdatabase= [d]=database= [h]=host= [P]=port= [c]=command= [e]=eval )
-	local user
-	local password
-	local authenticationdatabase
-	local database
-	local host
-	local port
-	local command
-	local eval
-	# Manage arguments with getopts
-	ynh_handle_getopts_args "$@"
-	user="${user:-}"
-	password="${password:-}"
-	authenticationdatabase="${authenticationdatabase:-}"
-	database="${database:-}"
-	host="${host:-}"
-	port="${port:-}"
-	eval=${eval:-0}
+    # Declare an array to define the options of this helper.
+    local legacy_args=upadhPce
+    local -A args_array=([u]=user= [p]=password= [a]=authenticationdatabase= [d]=database= [h]=host= [P]=port= [c]=command= [e]=eval)
+    local user
+    local password
+    local authenticationdatabase
+    local database
+    local host
+    local port
+    local command
+    local eval
+    # Manage arguments with getopts
+    ynh_handle_getopts_args "$@"
+    user="${user:-}"
+    password="${password:-}"
+    authenticationdatabase="${authenticationdatabase:-}"
+    database="${database:-}"
+    host="${host:-}"
+    port="${port:-}"
+    eval=${eval:-0}
 
-	# If user is provided
-	if [ -n "$user" ]
-	then
-		user="--username=$user"
+    # If user is provided
+    if [ -n "$user" ]; then
+        user="--username=$user"
 
-		# If password is provided
-		if [ -n "$password" ]
-		then
-			password="--password=$password"
-		fi
+        # If password is provided
+        if [ -n "$password" ]; then
+            password="--password=$password"
+        fi
 
-		# If authenticationdatabase is provided
-		if [ -n "$authenticationdatabase" ]
-		then
-			authenticationdatabase="--authenticationDatabase=$authenticationdatabase"
-		else
-			authenticationdatabase="--authenticationDatabase=admin"
-		fi
-	else
-		password=""
-		authenticationdatabase=""
-	fi
+        # If authenticationdatabase is provided
+        if [ -n "$authenticationdatabase" ]; then
+            authenticationdatabase="--authenticationDatabase=$authenticationdatabase"
+        else
+            authenticationdatabase="--authenticationDatabase=admin"
+        fi
+    else
+        password=""
+        authenticationdatabase=""
+    fi
 
-	# If host is provided
-	if [ -n "$host" ]
-	then
-		host="--host=$host"
-	fi
+    # If host is provided
+    if [ -n "$host" ]; then
+        host="--host=$host"
+    fi
 
-	# If port is provided
-	if [ -n "$port" ]
-	then
-		port="--port=$port"
-	fi
+    # If port is provided
+    if [ -n "$port" ]; then
+        port="--port=$port"
+    fi
 
-	# If eval is not provided
-	if [ $eval -eq 0 ]
-	then
-		# If database is provided
-		if [ -n "$database" ]
-		then
-			database="use $database"
-		else
-			database=""
-		fi
+    # If eval is not provided
+    if [ $eval -eq 0 ]; then
+        # If database is provided
+        if [ -n "$database" ]; then
+            database="use $database"
+        else
+            database=""
+        fi
 
-		mongosh --quiet --username $user --password $password --authenticationDatabase $authenticationdatabase --host $host --port $port <<EOF
+        mongosh --quiet --username $user --password $password --authenticationDatabase $authenticationdatabase --host $host --port $port << EOF
 $database
 ${command}
 quit()
 EOF
-	else
-		# If database is provided
-		if [ -n "$database" ]
-		then
-			database="$database"
-		else
-			database=""
-		fi
+    else
+        # If database is provided
+        if [ -n "$database" ]; then
+            database="$database"
+        else
+            database=""
+        fi
 
-		mongosh --quiet $database --username $user --password $password --authenticationDatabase $authenticationdatabase --host $host --port $port --eval="$command"
-	fi
+        mongosh --quiet $database --username $user --password $password --authenticationDatabase $authenticationdatabase --host $host --port $port --eval="$command"
+    fi
 }
 
 # Drop a database
@@ -110,18 +102,18 @@ EOF
 # consider using ynh_mongo_remove_db instead.
 #
 # usage: ynh_mongo_drop_db --database=database
-# | arg: -d, --database=	- The database name to drop
+# | arg: -d, --database=    - The database name to drop
 #
 #
 ynh_mongo_drop_db() {
-	# Declare an array to define the options of this helper.
-	local legacy_args=d
-	local -A args_array=( [d]=database= )
-	local database
-	# Manage arguments with getopts
-	ynh_handle_getopts_args "$@"
+    # Declare an array to define the options of this helper.
+    local legacy_args=d
+    local -A args_array=([d]=database=)
+    local database
+    # Manage arguments with getopts
+    ynh_handle_getopts_args "$@"
 
-	ynh_mongo_exec --database="$database" --command='db.runCommand({dropDatabase: 1})'
+    ynh_mongo_exec --database="$database" --command='db.runCommand({dropDatabase: 1})'
 }
 
 # Dump a database
@@ -129,19 +121,19 @@ ynh_mongo_drop_db() {
 # example: ynh_mongo_dump_db --database=wekan > ./dump.bson
 #
 # usage: ynh_mongo_dump_db --database=database
-# | arg: -d, --database=	- The database name to dump
+# | arg: -d, --database=    - The database name to dump
 # | ret: the mongodump output
 #
 #
 ynh_mongo_dump_db() {
-	# Declare an array to define the options of this helper.
-	local legacy_args=d
-	local -A args_array=( [d]=database= )
-	local database
-	# Manage arguments with getopts
-	ynh_handle_getopts_args "$@"
+    # Declare an array to define the options of this helper.
+    local legacy_args=d
+    local -A args_array=([d]=database=)
+    local database
+    # Manage arguments with getopts
+    ynh_handle_getopts_args "$@"
 
-	mongodump --quiet --db="$database" --archive
+    mongodump --quiet --db="$database" --archive
 }
 
 # Create a user
@@ -149,49 +141,48 @@ ynh_mongo_dump_db() {
 # [internal]
 #
 # usage: ynh_mongo_create_user --db_user=user --db_pwd=pwd --db_name=name
-# | arg: -u, --db_user=		- The user name to create
-# | arg: -p, --db_pwd=		- The password to identify user by
-# | arg: -n, --db_name=		- Name of the database to grant privilegies
+# | arg: -u, --db_user=     - The user name to create
+# | arg: -p, --db_pwd=      - The password to identify user by
+# | arg: -n, --db_name=     - Name of the database to grant privilegies
 #
 #
 ynh_mongo_create_user() {
-	# Declare an array to define the options of this helper.
-	local legacy_args=unp
-	local -A args_array=( [u]=db_user= [n]=db_name= [p]=db_pwd= )
-	local db_user
-	local db_name
-	local db_pwd
-	# Manage arguments with getopts
-	ynh_handle_getopts_args "$@"
+    # Declare an array to define the options of this helper.
+    local legacy_args=unp
+    local -A args_array=([u]=db_user= [n]=db_name= [p]=db_pwd=)
+    local db_user
+    local db_name
+    local db_pwd
+    # Manage arguments with getopts
+    ynh_handle_getopts_args "$@"
 
-	# Create the user and set the user as admin of the db
-	ynh_mongo_exec --database="$db_name" --command='db.createUser( { user: "'${db_user}'", pwd: "'${db_pwd}'", roles: [ { role: "readWrite", db: "'${db_name}'" } ] } );'
+    # Create the user and set the user as admin of the db
+    ynh_mongo_exec --database="$db_name" --command='db.createUser( { user: "'${db_user}'", pwd: "'${db_pwd}'", roles: [ { role: "readWrite", db: "'${db_name}'" } ] } );'
 
-	# Add clustermonitoring rights
-	ynh_mongo_exec --database="$db_name" --command='db.grantRolesToUser("'${db_user}'",[{ role: "clusterMonitor", db: "admin" }]);'
+    # Add clustermonitoring rights
+    ynh_mongo_exec --database="$db_name" --command='db.grantRolesToUser("'${db_user}'",[{ role: "clusterMonitor", db: "admin" }]);'
 }
 
 # Check if a mongo database exists
 #
 # usage: ynh_mongo_database_exists --database=database
-# | arg: -d, --database=		- The database for which to check existence
+# | arg: -d, --database=    - The database for which to check existence
 # | exit: Return 1 if the database doesn't exist, 0 otherwise
 #
 #
 ynh_mongo_database_exists() {
-	# Declare an array to define the options of this helper.
-	local legacy_args=d
-	local -A args_array=([d]=database=)
-	local database
-	# Manage arguments with getopts
-	ynh_handle_getopts_args "$@"
+    # Declare an array to define the options of this helper.
+    local legacy_args=d
+    local -A args_array=([d]=database=)
+    local database
+    # Manage arguments with getopts
+    ynh_handle_getopts_args "$@"
 
-	if [ $(ynh_mongo_exec --command='db.getMongo().getDBNames().indexOf("'${database}'")' --eval) -lt 0 ]
-	then
-		return 1
-	else
-		return 0
-	fi
+    if [ $(ynh_mongo_exec --command='db.getMongo().getDBNames().indexOf("'${database}'")' --eval) -lt 0 ]; then
+        return 1
+    else
+        return 0
+    fi
 }
 
 # Restore a database
@@ -199,18 +190,18 @@ ynh_mongo_database_exists() {
 # example: ynh_mongo_restore_db --database=wekan < ./dump.bson
 #
 # usage: ynh_mongo_restore_db --database=database
-# | arg: -d, --database=	- The database name to restore
+# | arg: -d, --database=    - The database name to restore
 #
 #
 ynh_mongo_restore_db() {
-	# Declare an array to define the options of this helper.
-	local legacy_args=d
-	local -A args_array=( [d]=database= )
-	local database
-	# Manage arguments with getopts
-	ynh_handle_getopts_args "$@"
+    # Declare an array to define the options of this helper.
+    local legacy_args=d
+    local -A args_array=([d]=database=)
+    local database
+    # Manage arguments with getopts
+    ynh_handle_getopts_args "$@"
 
-	mongorestore --quiet --db="$database" --archive
+    mongorestore --quiet --db="$database" --archive
 }
 
 # Drop a user
@@ -218,120 +209,120 @@ ynh_mongo_restore_db() {
 # [internal]
 #
 # usage: ynh_mongo_drop_user --db_user=user --db_name=name
-# | arg: -u, --db_user=		- The user to drop
-# | arg: -n, --db_name=		- Name of the database
+# | arg: -u, --db_user=     - The user to drop
+# | arg: -n, --db_name=     - Name of the database
 #
 #
 ynh_mongo_drop_user() {
-	# Declare an array to define the options of this helper.
-	local legacy_args=un
-	local -A args_array=( [u]=db_user= [n]=db_name= )
-	local db_user
-	local db_name
-	# Manage arguments with getopts
-	ynh_handle_getopts_args "$@"
+    # Declare an array to define the options of this helper.
+    local legacy_args=un
+    local -A args_array=([u]=db_user= [n]=db_name=)
+    local db_user
+    local db_name
+    # Manage arguments with getopts
+    ynh_handle_getopts_args "$@"
 
-	ynh_mongo_exec --database="$db_name" --command='db.dropUser("'$db_user'", {w: "majority", wtimeout: 5000})'
+    ynh_mongo_exec --database="$db_name" --command='db.dropUser("'$db_user'", {w: "majority", wtimeout: 5000})'
 }
 
 # Create a database, an user and its password. Then store the password in the app's config
 #
 # usage: ynh_mongo_setup_db --db_user=user --db_name=name [--db_pwd=pwd]
-# | arg: -u, --db_user=		- Owner of the database
-# | arg: -n, --db_name=		- Name of the database
-# | arg: -p, --db_pwd=		- Password of the database. If not provided, a password will be generated
+# | arg: -u, --db_user=     - Owner of the database
+# | arg: -n, --db_name=     - Name of the database
+# | arg: -p, --db_pwd=      - Password of the database. If not provided, a password will be generated
 #
 # After executing this helper, the password of the created database will be available in $db_pwd
 # It will also be stored as "mongopwd" into the app settings.
 #
 #
 ynh_mongo_setup_db() {
-	# Declare an array to define the options of this helper.
-	local legacy_args=unp
-	local -A args_array=( [u]=db_user= [n]=db_name= [p]=db_pwd= )
-	local db_user
-	local db_name
-	db_pwd=""
-	# Manage arguments with getopts
-	ynh_handle_getopts_args "$@"
+    # Declare an array to define the options of this helper.
+    local legacy_args=unp
+    local -A args_array=([u]=db_user= [n]=db_name= [p]=db_pwd=)
+    local db_user
+    local db_name
+    db_pwd=""
+    # Manage arguments with getopts
+    ynh_handle_getopts_args "$@"
 
-	local new_db_pwd=$(ynh_string_random) # Generate a random password
-	# If $db_pwd is not provided, use new_db_pwd instead for db_pwd
-	db_pwd="${db_pwd:-$new_db_pwd}"
+    local new_db_pwd=$(ynh_string_random) # Generate a random password
+    # If $db_pwd is not provided, use new_db_pwd instead for db_pwd
+    db_pwd="${db_pwd:-$new_db_pwd}"
 
-	# Create the user and grant access to the database
-	ynh_mongo_create_user --db_user="$db_user" --db_pwd="$db_pwd" --db_name="$db_name"
+    # Create the user and grant access to the database
+    ynh_mongo_create_user --db_user="$db_user" --db_pwd="$db_pwd" --db_name="$db_name"
 
-	# Store the password in the app's config
-	ynh_app_setting_set --app=$app --key=db_pwd --value=$db_pwd
+    # Store the password in the app's config
+    ynh_app_setting_set --app=$app --key=db_pwd --value=$db_pwd
 }
 
 # Remove a database if it exists, and the associated user
 #
 # usage: ynh_mongo_remove_db --db_user=user --db_name=name
-# | arg: -u, --db_user=		- Owner of the database
-# | arg: -n, --db_name=		- Name of the database
+# | arg: -u, --db_user=     - Owner of the database
+# | arg: -n, --db_name=     - Name of the database
 #
 #
 ynh_mongo_remove_db() {
-	# Declare an array to define the options of this helper.
-	local legacy_args=un
-	local -A args_array=( [u]=db_user= [n]=db_name= )
-	local db_user
-	local db_name
-	# Manage arguments with getopts
-	ynh_handle_getopts_args "$@"
+    # Declare an array to define the options of this helper.
+    local legacy_args=un
+    local -A args_array=([u]=db_user= [n]=db_name=)
+    local db_user
+    local db_name
+    # Manage arguments with getopts
+    ynh_handle_getopts_args "$@"
 
-	if ynh_mongo_database_exists --database=$db_name; then  # Check if the database exists
-		ynh_mongo_drop_db --database=$db_name  # Remove the database
-	else
-		ynh_print_warn --message="Database $db_name not found"
-	fi
+    if ynh_mongo_database_exists --database=$db_name; then # Check if the database exists
+        ynh_mongo_drop_db --database=$db_name              # Remove the database
+    else
+        ynh_print_warn --message="Database $db_name not found"
+    fi
 
-	# Remove mongo user if it exists
-	ynh_mongo_drop_user --db_user=$db_user --db_name=$db_name
+    # Remove mongo user if it exists
+    ynh_mongo_drop_user --db_user=$db_user --db_name=$db_name
 }
 
 # Install MongoDB and integrate MongoDB service in YunoHost
 #
 # usage: ynh_install_mongo [--mongo_version=mongo_version]
-# | arg: -m, --mongo_version=		- Version of MongoDB to install
+# | arg: -m, --mongo_version=   - Version of MongoDB to install
 #
 #
 ynh_install_mongo() {
-	# Declare an array to define the options of this helper.
-	local legacy_args=m
-	local -A args_array=([m]=mongo_version=)
-	local mongo_version
-	# Manage arguments with getopts
-	ynh_handle_getopts_args "$@"
-	mongo_version="${mongo_version:-$YNH_MONGO_VERSION}"
+    # Declare an array to define the options of this helper.
+    local legacy_args=m
+    local -A args_array=([m]=mongo_version=)
+    local mongo_version
+    # Manage arguments with getopts
+    ynh_handle_getopts_args "$@"
+    mongo_version="${mongo_version:-$YNH_MONGO_VERSION}"
 
-	ynh_print_info --message="Installing MongoDB Community Edition ..."
-	local mongo_debian_release=$(ynh_get_debian_release)
+    ynh_print_info --message="Installing MongoDB Community Edition ..."
+    local mongo_debian_release=$(ynh_get_debian_release)
 
     if [[ "$(grep '^flags' /proc/cpuinfo | uniq)" != *"avx"* && "$mongo_version" != "4.4" ]]; then
-    ynh_print_warn --message="Installing Mongo 4.4 as $mongo_version is not compatible with your cpu (see https://docs.mongodb.com/manual/administration/production-notes/#x86_64)."
-    mongo_version="4.4"
-  fi
-  if [[ "$mongo_version" == "4.4" ]]; then
-    ynh_print_warn --message="Switched to buster install as Mongo 4.4 is not compatible with $mongo_debian_release."
-    mongo_debian_release=buster
-  fi
+        ynh_print_warn --message="Installing Mongo 4.4 as $mongo_version is not compatible with your cpu (see https://docs.mongodb.com/manual/administration/production-notes/#x86_64)."
+        mongo_version="4.4"
+    fi
+    if [[ "$mongo_version" == "4.4" ]]; then
+        ynh_print_warn --message="Switched to buster install as Mongo 4.4 is not compatible with $mongo_debian_release."
+        mongo_debian_release=buster
+    fi
 
-	ynh_install_extra_app_dependencies --repo="deb http://repo.mongodb.org/apt/debian $mongo_debian_release/mongodb-org/$mongo_version main" --package="mongodb-org mongodb-org-server mongodb-org-tools mongodb-mongosh" --key="https://www.mongodb.org/static/pgp/server-$mongo_version.asc"
-	mongodb_servicename=mongod
+    ynh_install_extra_app_dependencies --repo="deb http://repo.mongodb.org/apt/debian $mongo_debian_release/mongodb-org/$mongo_version main" --package="mongodb-org mongodb-org-server mongodb-org-tools mongodb-mongosh" --key="https://www.mongodb.org/static/pgp/server-$mongo_version.asc"
+    mongodb_servicename=mongod
 
-	# Make sure MongoDB is started and enabled
-	systemctl enable $mongodb_servicename --quiet
-	systemctl daemon-reload --quiet
-	ynh_systemd_action --service_name=$mongodb_servicename --action=restart --line_match="aiting for connections" --log_path="/var/log/mongodb/$mongodb_servicename.log"
+    # Make sure MongoDB is started and enabled
+    systemctl enable $mongodb_servicename --quiet
+    systemctl daemon-reload --quiet
+    ynh_systemd_action --service_name=$mongodb_servicename --action=restart --line_match="aiting for connections" --log_path="/var/log/mongodb/$mongodb_servicename.log"
 
-	# Integrate MongoDB service in YunoHost
-	yunohost service add $mongodb_servicename --description="MongoDB daemon" --log="/var/log/mongodb/$mongodb_servicename.log"
+    # Integrate MongoDB service in YunoHost
+    yunohost service add $mongodb_servicename --description="MongoDB daemon" --log="/var/log/mongodb/$mongodb_servicename.log"
 
-	# Store mongo_version into the config of this app
-	ynh_app_setting_set --app=$app --key=mongo_version --value=$mongo_version
+    # Store mongo_version into the config of this app
+    ynh_app_setting_set --app=$app --key=mongo_version --value=$mongo_version
 }
 
 # Remove MongoDB
@@ -342,14 +333,13 @@ ynh_install_mongo() {
 #
 #
 ynh_remove_mongo() {
-	# Only remove the mongodb service if it is not installed.
-	if ! ynh_package_is_installed --package="mongodb*"
-	then
-		ynh_print_info --message="Removing MongoDB service..."
-		mongodb_servicename=mongod
-		# Remove the mongodb service
-		yunohost service remove $mongodb_servicename
-		ynh_secure_remove --file="/var/lib/mongodb"
-		ynh_secure_remove --file="/var/log/mongodb"
-	fi
+    # Only remove the mongodb service if it is not installed.
+    if ! ynh_package_is_installed --package="mongodb*"; then
+        ynh_print_info --message="Removing MongoDB service..."
+        mongodb_servicename=mongod
+        # Remove the mongodb service
+        yunohost service remove $mongodb_servicename
+        ynh_secure_remove --file="/var/lib/mongodb"
+        ynh_secure_remove --file="/var/log/mongodb"
+    fi
 }

helpers/helpers.v1.d/mysql

@@ -47,7 +47,7 @@ ynh_mysql_execute_as_root() {
         database="--database=$database"
     fi
 
-    mysql -B "$database" <<<"$sql"
+    mysql -B "$database" <<< "$sql"
 }
 
 # Execute a command from a file as root user
@@ -71,7 +71,7 @@ ynh_mysql_execute_file_as_root() {
         database="--database=$database"
     fi
 
-    mysql -B "$database" <"$file"
+    mysql -B "$database" < "$file"
 }
 
 # Create a database and grant optionnaly privilegies to a user

helpers/helpers.v1.d/network

@@ -79,7 +79,7 @@ ynh_validate_ip() {
 
     [ "$family" == "4" ] || [ "$family" == "6" ] || return 1
 
-    python3 /dev/stdin <<EOF
+    python3 /dev/stdin << EOF
 import socket
 import sys
 family = { "4" : socket.AF_INET, "6" : socket.AF_INET6 }

helpers/helpers.v1.d/nginx

@@ -43,7 +43,6 @@ ynh_remove_nginx_config() {
     ynh_systemd_action --service_name=nginx --action=reload
 }
 
-
 # Regen the nginx config in a change url context
 #
 # usage: ynh_change_url_nginx_config
@@ -53,7 +52,7 @@ ynh_change_url_nginx_config() {
 
     # Make a backup of the original NGINX config file if manually modified
     # (nb: this is possibly different from the same instruction called by
-    # ynh_add_config inside ynh_add_nginx_config because the path may have 
+    # ynh_add_config inside ynh_add_nginx_config because the path may have
     # changed if we're changing the domain too...)
     local old_nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
     ynh_backup_if_checksum_is_different --file="$old_nginx_conf_path"

helpers/helpers.v1.d/permission

@@ -174,7 +174,7 @@ ynh_permission_exists() {
     ynh_handle_getopts_args "$@"
 
     yunohost user permission list "$app" --output-as json --quiet \
-        | jq -e --arg perm "$app.$permission" '.permissions[$perm]' >/dev/null
+        | jq -e --arg perm "$app.$permission" '.permissions[$perm]' > /dev/null
 }
 
 # Redefine the url associated to a permission
@@ -342,7 +342,7 @@ ynh_permission_has_user() {
     # Check both allowed and corresponding_users sections in the json
     for section in "allowed" "corresponding_users"; do
         if yunohost user permission info "$app.$permission" --output-as json --quiet \
-            | jq -e --arg user $user --arg section $section '.[$section] | index($user)' >/dev/null; then
+            | jq -e --arg user $user --arg section $section '.[$section] | index($user)' > /dev/null; then
             return 0
         fi
     done

helpers/helpers.v1.d/php

@@ -11,19 +11,19 @@ YNH_PHP_VERSION=${YNH_PHP_VERSION:-$YNH_DEFAULT_PHP_VERSION}
 #
 # Case 1 (recommended) : your provided a snippet conf/extra_php-fpm.conf
 #
-# The actual PHP configuration will be automatically generated, 
+# The actual PHP configuration will be automatically generated,
 # and your extra_php-fpm.conf will be appended (typically contains PHP upload limits)
 #
 # The resulting configuration will be deployed to the appropriate place, /etc/php/$phpversion/fpm/pool.d/$app.conf
 #
-# Performance-related options in the PHP conf, such as : 
+# Performance-related options in the PHP conf, such as :
 # pm.max_children, pm.start_servers, pm.min_spare_servers pm.max_spare_servers
 # are computed from two parameters called "usage" and "footprint" which can be set to low/medium/high. (cf details below)
 #
-# If you wish to tweak those, please initialize the settings `fpm_usage` and `fpm_footprint` 
+# If you wish to tweak those, please initialize the settings `fpm_usage` and `fpm_footprint`
 # *prior* to calling this helper. Otherwise, "low" will be used as a default for both values.
 #
-# Otherwise, if you want the user to have control over these, we encourage to create a config panel 
+# Otherwise, if you want the user to have control over these, we encourage to create a config panel
 # (which should ultimately be standardized by the core ...)
 #
 # Case 2 (deprecate) : you provided an entire conf/php-fpm.conf
@@ -33,7 +33,7 @@ YNH_PHP_VERSION=${YNH_PHP_VERSION:-$YNH_DEFAULT_PHP_VERSION}
 # The resulting configuration will be deployed to the appropriate place, /etc/php/$phpversion/fpm/pool.d/$app.conf
 #
 # ----------------------
-# 
+#
 # fpm_footprint: Memory footprint of the service (low/medium/high).
 # low    - Less than 20 MB of RAM by pool.
 # medium - Between 20 MB and 40 MB of RAM by pool.
@@ -92,16 +92,14 @@ ynh_add_fpm_config() {
 
         # If no usage provided, default to the value existing in setting ... or to low
         local fpm_usage_in_setting=$(ynh_app_setting_get --app=$app --key=fpm_usage)
-        if [ -z "$usage" ]
-        then
+        if [ -z "$usage" ]; then
             usage=${fpm_usage_in_setting:-low}
             ynh_app_setting_set --app=$app --key=fpm_usage --value=$usage
         fi
 
         # If no footprint provided, default to the value existing in setting ... or to low
         local fpm_footprint_in_setting=$(ynh_app_setting_get --app=$app --key=fpm_footprint)
-        if [ -z "$footprint" ]
-        then
+        if [ -z "$footprint" ]; then
             footprint=${fpm_footprint_in_setting:-low}
             ynh_app_setting_set --app=$app --key=fpm_footprint --value=$footprint
         fi
@@ -125,8 +123,7 @@ ynh_add_fpm_config() {
         local old_php_fpm_config_dir=$(ynh_app_setting_get --app=$app --key=fpm_config_dir)
         local old_php_finalphpconf="$old_php_fpm_config_dir/pool.d/$app.conf"
 
-        if [[ -f "$old_php_finalphpconf" ]]
-        then
+        if [[ -f "$old_php_finalphpconf" ]]; then
             ynh_backup_if_checksum_is_different --file="$old_php_finalphpconf"
             ynh_remove_fpm_config
         fi
@@ -200,24 +197,24 @@ pm = __PHP_PM__
 pm.max_children = __PHP_MAX_CHILDREN__
 pm.max_requests = 500
 request_terminate_timeout = 1d
-" >"$phpfpm_path"
+" > "$phpfpm_path"
 
         if [ "$php_pm" = "dynamic" ]; then
             echo "
 pm.start_servers = __PHP_START_SERVERS__
 pm.min_spare_servers = __PHP_MIN_SPARE_SERVERS__
 pm.max_spare_servers = __PHP_MAX_SPARE_SERVERS__
-" >>"$phpfpm_path"
+" >> "$phpfpm_path"
 
         elif [ "$php_pm" = "ondemand" ]; then
             echo "
 pm.process_idle_timeout = 10s
-" >>"$phpfpm_path"
+" >> "$phpfpm_path"
         fi
 
         # Concatene the extra config.
         if [ -e $YNH_APP_BASEDIR/conf/extra_php-fpm.conf ]; then
-            cat $YNH_APP_BASEDIR/conf/extra_php-fpm.conf >>"$phpfpm_path"
+            cat $YNH_APP_BASEDIR/conf/extra_php-fpm.conf >> "$phpfpm_path"
         fi
     fi
 
@@ -238,7 +235,7 @@ pid = /run/php/php__PHPVERSION__-fpm-__APP__.pid
 error_log = /var/log/php/fpm-php.__APP__.log
 syslog.ident = php-fpm-__APP__
 include = __FINALPHPCONF__
-" >$YNH_APP_BASEDIR/conf/php-fpm-$app.conf
+" > $YNH_APP_BASEDIR/conf/php-fpm-$app.conf
 
         ynh_add_config --template="php-fpm-$app.conf" --destination="$globalphpconf"
 
@@ -255,7 +252,7 @@ ExecReload=/bin/kill -USR2 \$MAINPID
 
 [Install]
 WantedBy=multi-user.target
-" >$YNH_APP_BASEDIR/conf/$fpm_service
+" > $YNH_APP_BASEDIR/conf/$fpm_service
 
         # Create this dedicated PHP-FPM service
         ynh_add_systemd_config --service=$fpm_service --template=$fpm_service
@@ -267,7 +264,7 @@ WantedBy=multi-user.target
         ynh_systemd_action --service_name=$fpm_service --action=restart
     else
         # Validate that the new php conf doesn't break php-fpm entirely
-        if ! php-fpm${phpversion} --test 2>/dev/null; then
+        if ! php-fpm${phpversion} --test 2> /dev/null; then
             php-fpm${phpversion} --test || true
             ynh_secure_remove --file="$finalphpconf"
             ynh_die --message="The new configuration broke php-fpm?"
@@ -360,7 +357,7 @@ ynh_install_php() {
 # usage: ynh_remove_php
 #
 # Requires YunoHost version 3.8.1 or higher.
-ynh_remove_php () {
+ynh_remove_php() {
     ynh_remove_app_dependencies
 }
 

helpers/helpers.v1.d/postgresql

@@ -51,7 +51,7 @@ ynh_psql_execute_as_root() {
     fi
 
     ynh_psql_connect_as --user="postgres" --password="$(cat $PSQL_ROOT_PWD_FILE)" \
-        $database <<<"$sql"
+        $database <<< "$sql"
 }
 
 # Execute a command from a file as root user
@@ -76,7 +76,7 @@ ynh_psql_execute_file_as_root() {
     fi
 
     ynh_psql_connect_as --user="postgres" --password="$(cat $PSQL_ROOT_PWD_FILE)" \
-        $database <"$file"
+        $database < "$file"
 }
 
 # Create a database and grant optionnaly privilegies to a user
@@ -199,10 +199,9 @@ ynh_psql_database_exists() {
 
     # if psql is not there, we cannot check the db
     # though it could exists.
-    if ! command -v psql
-    then
-      ynh_print_err -m "PostgreSQL is not installed, impossible to check for db existence."
-      return 1
+    if ! command -v psql; then
+        ynh_print_err -m "PostgreSQL is not installed, impossible to check for db existence."
+        return 1
     elif ! sudo --login --user=postgres PGUSER="postgres" PGPASSWORD="$(cat $PSQL_ROOT_PWD_FILE)" psql -tAc "SELECT datname FROM pg_database WHERE datname='$database';" | grep --quiet "$database"; then
         return 1
     else

helpers/helpers.v1.d/redis

@@ -5,27 +5,25 @@
 # usage: ynh_redis_get_free_db
 # | returns: the database number to use
 ynh_redis_get_free_db() {
-	local result max db
-	result=$(redis-cli INFO keyspace)
+    local result max db
+    result=$(redis-cli INFO keyspace)
 
-	# get the num
-	max=$(cat /etc/redis/redis.conf | grep ^databases | grep -Eow "[0-9]+")
+    # get the num
+    max=$(cat /etc/redis/redis.conf | grep ^databases | grep -Eow "[0-9]+")
 
-	db=0
-	# default Debian setting is 15 databases
-	for i in $(seq 0 "$max")
-	do
-	 	if ! echo "$result" | grep -q "db$i"
-	 	then
-			db=$i
-	 		break 1
- 		fi
- 		db=-1
-	done
+    db=0
+    # default Debian setting is 15 databases
+    for i in $(seq 0 "$max"); do
+        if ! echo "$result" | grep -q "db$i"; then
+            db=$i
+            break 1
+        fi
+        db=-1
+    done
 
-	test "$db" -eq -1 && ynh_die --message="No available Redis databases..."
+    test "$db" -eq -1 && ynh_die --message="No available Redis databases..."
 
-	echo "$db"
+    echo "$db"
 }
 
 # Create a master password and set up global settings
@@ -34,6 +32,6 @@ ynh_redis_get_free_db() {
 # usage: ynh_redis_remove_db database
 # | arg: database - the database to erase
 ynh_redis_remove_db() {
-	local db=$1
-	redis-cli -n "$db" flushdb
+    local db=$1
+    redis-cli -n "$db" flushdb
 }

helpers/helpers.v1.d/ruby

@@ -8,8 +8,8 @@ export RBENV_ROOT="$rbenv_install_dir"
 export rbenv_root="$rbenv_install_dir"
 
 if dpkg --compare-versions ${YNH_APP_PACKAGING_FORMAT:-0} lt 2; then
-	build_ruby_dependencies="libjemalloc-dev curl build-essential libreadline-dev zlib1g-dev libsqlite3-dev libssl-dev libxml2-dev libxslt-dev autoconf automake bison libtool"
-	build_pkg_dependencies="${build_pkg_dependencies:-} $build_ruby_dependencies"
+    build_ruby_dependencies="libjemalloc-dev curl build-essential libreadline-dev zlib1g-dev libsqlite3-dev libssl-dev libxml2-dev libxslt-dev autoconf automake bison libtool"
+    build_pkg_dependencies="${build_pkg_dependencies:-} $build_ruby_dependencies"
 fi
 
 # Load the version of Ruby for an app, and set variables.
@@ -50,7 +50,7 @@ fi
 # usage: ynh_use_ruby
 #
 # Requires YunoHost version 3.2.2 or higher.
-ynh_use_ruby () {
+ynh_use_ruby() {
     ruby_version=$(ynh_app_setting_get --app=$app --key=ruby_version)
 
     # Get the absolute path of this version of Ruby
@@ -75,7 +75,7 @@ ynh_use_ruby () {
 
     # Sets the local application-specific Ruby version
     pushd ${install_dir:-$final_path}
-        $rbenv_install_dir/bin/rbenv local $ruby_version
+    $rbenv_install_dir/bin/rbenv local $ruby_version
     popd
 }
 
@@ -95,10 +95,10 @@ ynh_use_ruby () {
 # | arg: -v, --ruby_version= - Version of ruby to install.
 #
 # Requires YunoHost version 3.2.2 or higher.
-ynh_install_ruby () {
+ynh_install_ruby() {
     # Declare an array to define the options of this helper.
     local legacy_args=v
-    local -A args_array=( [v]=ruby_version= )
+    local -A args_array=([v]=ruby_version=)
     local ruby_version
     # Manage arguments with getopts
     ynh_handle_getopts_args "$@"
@@ -117,31 +117,31 @@ ynh_install_ruby () {
     rbenv="$(command -v rbenv $rbenv_install_dir/bin/rbenv | grep "$rbenv_install_dir/bin/rbenv" | head -1)"
     if [ -n "$rbenv" ]; then
         pushd "${rbenv%/*/*}"
-            if git remote -v 2>/dev/null | grep "https://github.com/rbenv/rbenv.git"; then
-                ynh_print_info --message="Updating rbenv..."
-                git pull -q --tags origin master
-                ynh_ruby_try_bash_extension
-            else
-                ynh_print_info --message="Reinstalling rbenv..."
-                cd ..
-                ynh_secure_remove --file=$rbenv_install_dir
-                mkdir -p $rbenv_install_dir
-                cd $rbenv_install_dir
-                git init -q
-                git remote add -f -t master origin https://github.com/rbenv/rbenv.git > /dev/null 2>&1
-                git checkout -q -b master origin/master
-                ynh_ruby_try_bash_extension
-                rbenv=$rbenv_install_dir/bin/rbenv
-            fi
-        popd
-    else
-        ynh_print_info --message="Installing rbenv..."
-        pushd $rbenv_install_dir
+        if git remote -v 2> /dev/null | grep "https://github.com/rbenv/rbenv.git"; then
+            ynh_print_info --message="Updating rbenv..."
+            git pull -q --tags origin master
+            ynh_ruby_try_bash_extension
+        else
+            ynh_print_info --message="Reinstalling rbenv..."
+            cd ..
+            ynh_secure_remove --file=$rbenv_install_dir
+            mkdir -p $rbenv_install_dir
+            cd $rbenv_install_dir
             git init -q
             git remote add -f -t master origin https://github.com/rbenv/rbenv.git > /dev/null 2>&1
             git checkout -q -b master origin/master
             ynh_ruby_try_bash_extension
             rbenv=$rbenv_install_dir/bin/rbenv
+        fi
+        popd
+    else
+        ynh_print_info --message="Installing rbenv..."
+        pushd $rbenv_install_dir
+        git init -q
+        git remote add -f -t master origin https://github.com/rbenv/rbenv.git > /dev/null 2>&1
+        git checkout -q -b master origin/master
+        ynh_ruby_try_bash_extension
+        rbenv=$rbenv_install_dir/bin/rbenv
         popd
     fi
 
@@ -150,10 +150,10 @@ ynh_install_ruby () {
     ruby_build="$(command -v "$rbenv_install_dir"/plugins/*/bin/rbenv-install rbenv-install | head -1)"
     if [ -n "$ruby_build" ]; then
         pushd "${ruby_build%/*/*}"
-            if git remote -v 2>/dev/null | grep "https://github.com/rbenv/ruby-build.git"; then
-                ynh_print_info --message="Updating ruby-build..."
-                git pull -q origin master
-            fi
+        if git remote -v 2> /dev/null | grep "https://github.com/rbenv/ruby-build.git"; then
+            ynh_print_info --message="Updating ruby-build..."
+            git pull -q origin master
+        fi
         popd
     else
         ynh_print_info --message="Installing ruby-build..."
@@ -163,10 +163,10 @@ ynh_install_ruby () {
     rbenv_alias="$(command -v "$rbenv_install_dir"/plugins/*/bin/rbenv-alias rbenv-alias | head -1)"
     if [ -n "$rbenv_alias" ]; then
         pushd "${rbenv_alias%/*/*}"
-            if git remote -v 2>/dev/null | grep "https://github.com/tpope/rbenv-aliases.git"; then
-                ynh_print_info --message="Updating rbenv-aliases..."
-                git pull -q origin master
-            fi
+        if git remote -v 2> /dev/null | grep "https://github.com/tpope/rbenv-aliases.git"; then
+            ynh_print_info --message="Updating rbenv-aliases..."
+            git pull -q origin master
+        fi
         popd
     else
         ynh_print_info --message="Installing rbenv-aliases..."
@@ -176,10 +176,10 @@ ynh_install_ruby () {
     rbenv_latest="$(command -v "$rbenv_install_dir"/plugins/*/bin/rbenv-latest rbenv-latest | head -1)"
     if [ -n "$rbenv_latest" ]; then
         pushd "${rbenv_latest%/*/*}"
-            if git remote -v 2>/dev/null | grep "https://github.com/momo-lab/xxenv-latest.git"; then
-                ynh_print_info --message="Updating xxenv-latest..."
-                git pull -q origin master
-            fi
+        if git remote -v 2> /dev/null | grep "https://github.com/momo-lab/xxenv-latest.git"; then
+            ynh_print_info --message="Updating xxenv-latest..."
+            git pull -q origin master
+        fi
         popd
     else
         ynh_print_info --message="Installing xxenv-latest..."
@@ -210,8 +210,7 @@ ynh_install_ruby () {
     ynh_app_setting_set --app=$app --key=ruby_version --value=$final_ruby_version
 
     # Remove app virtualenv
-    if rbenv alias --list | grep --quiet "$app "
-    then
+    if rbenv alias --list | grep --quiet "$app "; then
         rbenv alias $app --remove
     fi
 
@@ -222,7 +221,7 @@ ynh_install_ruby () {
     ynh_cleanup_ruby
 
     # Set environment for Ruby users
-    echo  "#rbenv
+    echo "#rbenv
 export RBENV_ROOT=$rbenv_install_dir
 export PATH=\"$rbenv_install_dir/bin:$PATH\"
 eval \"\$(rbenv init -)\"
@@ -237,7 +236,7 @@ eval \"\$(rbenv init -)\"
 # This helper will also cleanup Ruby versions
 #
 # usage: ynh_remove_ruby
-ynh_remove_ruby () {
+ynh_remove_ruby() {
     local ruby_version=$(ynh_app_setting_get --app=$app --key=ruby_version)
 
     # Load rbenv path in PATH
@@ -262,34 +261,29 @@ ynh_remove_ruby () {
 # If no app uses Ruby, rbenv will be also removed.
 #
 # usage: ynh_cleanup_ruby
-ynh_cleanup_ruby () {
+ynh_cleanup_ruby() {
 
     # List required Ruby versions
     local installed_apps=$(yunohost app list | grep -oP 'id: \K.*$')
     local required_ruby_versions=""
-    for installed_app in $installed_apps
-    do
+    for installed_app in $installed_apps; do
         local installed_app_ruby_version=$(ynh_app_setting_get --app=$installed_app --key="ruby_version")
-        if [[ -n "$installed_app_ruby_version" ]]
-        then
+        if [[ -n "$installed_app_ruby_version" ]]; then
             required_ruby_versions="${installed_app_ruby_version}\n${required_ruby_versions}"
         fi
     done
-    
+
     # Remove no more needed Ruby versions
     local installed_ruby_versions=$(rbenv versions --bare --skip-aliases | grep -Ev '/')
-    for installed_ruby_version in $installed_ruby_versions
-    do
-        if ! echo ${required_ruby_versions} | grep -q "${installed_ruby_version}"
-        then
+    for installed_ruby_version in $installed_ruby_versions; do
+        if ! echo ${required_ruby_versions} | grep -q "${installed_ruby_version}"; then
             ynh_print_info --message="Removing Ruby-$installed_ruby_version"
             $rbenv_install_dir/bin/rbenv uninstall --force $installed_ruby_version
         fi
     done
 
     # If none Ruby version is required
-    if [[ -z "$required_ruby_versions" ]]
-    then
+    if [[ -z "$required_ruby_versions" ]]; then
         # Remove rbenv environment configuration
         ynh_print_info --message="Removing rbenv"
         ynh_secure_remove --file="$rbenv_install_dir"
@@ -298,9 +292,9 @@ ynh_cleanup_ruby () {
 }
 
 ynh_ruby_try_bash_extension() {
-  if [ -x src/configure ]; then
-    src/configure && make -C src || {
-      ynh_print_info --message="Optional bash extension failed to build, but things will still work normally."
-    }
-  fi
+    if [ -x src/configure ]; then
+        src/configure && make -C src || {
+            ynh_print_info --message="Optional bash extension failed to build, but things will still work normally."
+        }
+    fi
 }

helpers/helpers.v1.d/setting

@@ -120,7 +120,7 @@ ynh_app_setting_delete() {
 #
 ynh_app_setting() {
     set +o xtrace # set +x
-    ACTION="$1" APP="$2" KEY="$3" VALUE="${4:-}" python3 - <<EOF
+    ACTION="$1" APP="$2" KEY="$3" VALUE="${4:-}" python3 - << EOF
 import os, yaml, sys
 app, action = os.environ['APP'], os.environ['ACTION'].lower()
 key, value = os.environ['KEY'], os.environ.get('VALUE', None)

helpers/helpers.v1.d/sources

@@ -77,12 +77,10 @@ ynh_setup_source() {
     keep="${keep:-}"
     full_replace="${full_replace:-0}"
 
-    if test -e $YNH_APP_BASEDIR/manifest.toml && cat $YNH_APP_BASEDIR/manifest.toml | toml_to_json | jq -e '.resources.sources' >/dev/null
-    then
+    if test -e $YNH_APP_BASEDIR/manifest.toml && cat $YNH_APP_BASEDIR/manifest.toml | toml_to_json | jq -e '.resources.sources' > /dev/null; then
         source_id="${source_id:-main}"
         local sources_json=$(cat $YNH_APP_BASEDIR/manifest.toml | toml_to_json | jq ".resources.sources[\"$source_id\"]")
-        if jq -re ".url" <<< "$sources_json"
-        then
+        if jq -re ".url" <<< "$sources_json"; then
             local arch_prefix=""
         else
             local arch_prefix=".$YNH_ARCH"
@@ -100,22 +98,16 @@ ynh_setup_source() {
         [[ -n "$src_url" ]] || ynh_die "No URL defined for source $source_id$arch_prefix ?"
         [[ -n "$src_sum" ]] || ynh_die "No sha256 sum defined for source $source_id$arch_prefix ?"
 
-        if [[ -z "$src_format" ]]
-        then
-            if [[ "$src_url" =~ ^.*\.zip$ ]] || [[ "$src_url" =~ ^.*/zipball/.*$ ]]
-            then
+        if [[ -z "$src_format" ]]; then
+            if [[ "$src_url" =~ ^.*\.zip$ ]] || [[ "$src_url" =~ ^.*/zipball/.*$ ]]; then
                 src_format="zip"
-            elif [[ "$src_url" =~ ^.*\.tar\.gz$ ]] || [[ "$src_url" =~ ^.*\.tgz$ ]] || [[ "$src_url" =~ ^.*/tar\.gz/.*$ ]] || [[ "$src_url" =~ ^.*/tarball/.*$ ]]
-            then
+            elif [[ "$src_url" =~ ^.*\.tar\.gz$ ]] || [[ "$src_url" =~ ^.*\.tgz$ ]] || [[ "$src_url" =~ ^.*/tar\.gz/.*$ ]] || [[ "$src_url" =~ ^.*/tarball/.*$ ]]; then
                 src_format="tar.gz"
-            elif [[ "$src_url" =~ ^.*\.tar\.xz$ ]]
-            then
+            elif [[ "$src_url" =~ ^.*\.tar\.xz$ ]]; then
                 src_format="tar.xz"
-            elif [[ "$src_url" =~ ^.*\.tar\.bz2$ ]]
-            then
+            elif [[ "$src_url" =~ ^.*\.tar\.bz2$ ]]; then
                 src_format="tar.bz2"
-            elif [[ -z "$src_extract" ]]
-            then
+            elif [[ -z "$src_extract" ]]; then
                 src_extract="false"
             fi
         fi
@@ -142,12 +134,10 @@ ynh_setup_source() {
     src_format=$(echo "$src_format" | tr '[:upper:]' '[:lower:]')
     src_extract=${src_extract:-true}
 
-    if [[ "$src_extract" != "true" ]] && [[ "$src_extract" != "false" ]]
-    then
+    if [[ "$src_extract" != "true" ]] && [[ "$src_extract" != "false" ]]; then
         ynh_die "For source $source_id, expected either 'true' or 'false' for the extract parameter"
     fi
 
-
     # (Unused?) mecanism where one can have the file in a special local cache to not have to download it...
     local local_src="/opt/yunohost-apps-src/${YNH_APP_ID}/${source_id}"
 
@@ -165,14 +155,12 @@ ynh_setup_source() {
         [ -n "$src_url" ] || ynh_die "Couldn't parse SOURCE_URL from $src_file_path ?"
 
         # If the file was prefetched but somehow doesn't match the sum, rm and redownload it
-        if [ -e "$src_filename" ] && ! echo "${src_sum} ${src_filename}" | ${src_sumprg} --check --status
-        then
+        if [ -e "$src_filename" ] && ! echo "${src_sum} ${src_filename}" | ${src_sumprg} --check --status; then
             rm -f "$src_filename"
         fi
 
         # Only redownload the file if it wasnt prefetched
-        if [ ! -e "$src_filename" ]
-        then
+        if [ ! -e "$src_filename" ]; then
             # NB. we have to declare the var as local first,
             # otherwise 'local foo=$(false) || echo 'pwet'" does'nt work
             # because local always return 0 ...
@@ -183,8 +171,7 @@ ynh_setup_source() {
         fi
 
         # Check the control sum
-        if ! echo "${src_sum} ${src_filename}" | ${src_sumprg} --check --status
-        then
+        if ! echo "${src_sum} ${src_filename}" | ${src_sumprg} --check --status; then
             local actual_sum="$(${src_sumprg} ${src_filename} | cut --delimiter=' ' --fields=1)"
             local actual_size="$(du -hs ${src_filename} | cut --fields=1)"
             rm -f ${src_filename}
@@ -222,8 +209,7 @@ ynh_setup_source() {
     fi
 
     if [[ "$src_extract" == "false" ]]; then
-        if [[ -z "$src_rename" ]]
-        then
+        if [[ -z "$src_rename" ]]; then
             mv $src_filename $dest_dir
         else
             mv $src_filename $dest_dir/$src_rename
@@ -263,11 +249,11 @@ ynh_setup_source() {
     # Apply patches
     if [ -d "$YNH_APP_BASEDIR/sources/patches/" ]; then
         local patches_folder=$(realpath $YNH_APP_BASEDIR/sources/patches/)
-        if (($(find $patches_folder -type f -name "${source_id}-*.patch" 2>/dev/null | wc --lines) > "0")); then
+        if (($(find $patches_folder -type f -name "${source_id}-*.patch" 2> /dev/null | wc --lines) > "0")); then
             pushd "$dest_dir"
             for p in $patches_folder/${source_id}-*.patch; do
                 echo $p
-                patch --strip=1 <$p || ynh_print_warn --message="Packagers /!\\ patch $p failed to apply"
+                patch --strip=1 < $p || ynh_print_warn --message="Packagers /!\\ patch $p failed to apply"
             done
             popd
         fi

helpers/helpers.v1.d/string

@@ -21,7 +21,7 @@ ynh_string_random() {
     length=${length:-24}
     filter=${filter:-'A-Za-z0-9'}
 
-    dd if=/dev/urandom bs=1 count=1000 2>/dev/null \
+    dd if=/dev/urandom bs=1 count=1000 2> /dev/null \
         | tr --complement --delete "$filter" \
         | sed --quiet 's/\(.\{'"$length"'\}\).*/\1/p'
 }

helpers/helpers.v1.d/systemd

@@ -94,12 +94,12 @@ ynh_systemd_action() {
         # Following the starting of the app in its log
         if [ "$log_path" == "systemd" ]; then
             # Read the systemd journal
-            journalctl --unit=$service_name --follow --since=-0 --quiet >"$templog" &
+            journalctl --unit=$service_name --follow --since=-0 --quiet > "$templog" &
             # Get the PID of the journalctl command
             local pid_tail=$!
         else
             # Read the specified log file
-            tail --follow=name --retry --lines=0 "$log_path" >"$templog" 2>&1 &
+            tail --follow=name --retry --lines=0 "$log_path" > "$templog" 2>&1 &
             # Get the PID of the tail command
             local pid_tail=$!
         fi
@@ -149,8 +149,7 @@ ynh_systemd_action() {
             # Also check the timeout using actual timestamp, because sometimes for some reason,
             # journalctl may take a huge time to run, and we end up waiting literally an entire hour
             # instead of 5 min ...
-            if [[ "$(( $(date +%s) - $starttime))" -gt "$timeout" ]]
-            then
+            if [[ "$(($(date +%s) - $starttime))" -gt "$timeout" ]]; then
                 i=$timeout
                 break
             fi

helpers/helpers.v1.d/systemuser

@@ -17,7 +17,7 @@ ynh_system_user_exists() {
     # Manage arguments with getopts
     ynh_handle_getopts_args "$@"
 
-    getent passwd "$username" &>/dev/null
+    getent passwd "$username" &> /dev/null
 }
 
 # Check if a group exists on the system
@@ -37,7 +37,7 @@ ynh_system_group_exists() {
     # Manage arguments with getopts
     ynh_handle_getopts_args "$@"
 
-    getent group "$group" &>/dev/null
+    getent group "$group" &> /dev/null
 }
 
 # Create a system user

helpers/helpers.v1.d/templating

@@ -39,11 +39,11 @@
 # This option is meant for advanced use-cases where the "simple" templating
 # mode ain't enough because you need conditional blocks or loops.
 #
-# For a full documentation of jinja's syntax you can refer to: 
+# For a full documentation of jinja's syntax you can refer to:
 # https://jinja.palletsprojects.com/en/3.1.x/templates/
 #
 # Note that in YunoHost context, all variables are from shell variables and therefore are strings
-# 
+#
 # ##### Keeping track of manual changes by the admin
 #
 # The helper will verify the checksum and backup the destination file
@@ -83,10 +83,9 @@ ynh_add_config() {
     chmod 640 $destination
     _ynh_apply_default_permissions $destination
 
-    if [[ "$jinja" == 1 ]]
-    then
+    if [[ "$jinja" == 1 ]]; then
         # This is ran in a subshell such that the "export" does not "contaminate" the main process
-        (
+        (   
             export $(compgen -v)
             j2 "$template_path" -f env -o $destination
         )
@@ -267,7 +266,7 @@ ynh_read_var_in_file() {
     var_part+='\s*'
 
     # Extract the part after assignation sign
-    local expression_with_comment="$((tail +$line_number ${file} | grep -i -o -P $var_part'\K.*$' || echo YNH_NULL) | head -n1)"
+    local expression_with_comment="$( (tail +$line_number ${file} | grep -i -o -P $var_part'\K.*$' || echo YNH_NULL) | head -n1)"
     if [[ "$expression_with_comment" == "YNH_NULL" ]]; then
         set -o xtrace # set -x
         echo YNH_NULL
@@ -346,7 +345,7 @@ ynh_write_var_in_file() {
     var_part+='\s*'
 
     # Extract the part after assignation sign
-    local expression_with_comment="$((tail +$after_line_number ${file} | grep -i -o -P $var_part'\K.*$' || echo YNH_NULL) | head -n1)"
+    local expression_with_comment="$( (tail +$after_line_number ${file} | grep -i -o -P $var_part'\K.*$' || echo YNH_NULL) | head -n1)"
     if [[ "$expression_with_comment" == "YNH_NULL" ]]; then
         set -o xtrace # set -x
         return 1
@@ -403,5 +402,5 @@ ynh_render_template() {
     # Taken from https://stackoverflow.com/a/35009576
     python3 -c 'import os, sys, jinja2; sys.stdout.write(
                     jinja2.Template(sys.stdin.read()
-                    ).render(os.environ));' <$template_path >$output_path
+                    ).render(os.environ));' < $template_path > $output_path
 }

helpers/helpers.v1.d/utils

@@ -22,8 +22,7 @@ YNH_APP_BASEDIR=${YNH_APP_BASEDIR:-$(realpath ..)}
 ynh_exit_properly() {
     local exit_code=$?
 
-    if [[ "${YNH_APP_ACTION:-}" =~ ^install$|^upgrade$|^restore$ ]]
-    then
+    if [[ "${YNH_APP_ACTION:-}" =~ ^install$|^upgrade$|^restore$ ]]; then
         rm -rf "/var/cache/yunohost/download/"
     fi
 
@@ -39,7 +38,7 @@ ynh_exit_properly() {
     # Small tempo to avoid the next message being mixed up with other DEBUG messages
     sleep 0.5
 
-    if type -t ynh_clean_setup >/dev/null; then # Check if the function exist in the app script.
+    if type -t ynh_clean_setup > /dev/null; then # Check if the function exist in the app script.
         ynh_clean_setup                         # Call the function to do specific cleaning for the app.
     fi
 
@@ -67,8 +66,7 @@ ynh_abort_if_errors() {
 }
 
 # When running an app script with packaging format >= 2, auto-enable ynh_abort_if_errors except for remove script
-if [[ "${YNH_CONTEXT:-}" != "regenconf" ]] && dpkg --compare-versions ${YNH_APP_PACKAGING_FORMAT:-0} ge 2 && [[ ${YNH_APP_ACTION} != "remove" ]]
-then
+if [[ "${YNH_CONTEXT:-}" != "regenconf" ]] && dpkg --compare-versions ${YNH_APP_PACKAGING_FORMAT:-0} ge 2 && [[ ${YNH_APP_ACTION} != "remove" ]]; then
     ynh_abort_if_errors
 fi
 
@@ -149,8 +147,7 @@ _acceptable_path_to_delete() {
     local forbidden_paths=$(ls -d / /* /{var,home,usr}/* /etc/{default,sudoers.d,yunohost,cron*} /etc/yunohost/{apps,domains,hooks.d} /opt/yunohost 2> /dev/null)
 
     # Legacy : A couple apps still have data in /home/$app ...
-    if [[ -n "${app:-}" ]]
-    then
+    if [[ -n "${app:-}" ]]; then
         forbidden_paths=$(echo "$forbidden_paths" | grep -v "/home/$app")
     fi
 
@@ -215,19 +212,16 @@ ynh_read_manifest() {
 
     if [ ! -e "${manifest:-}" ]; then
         # If the manifest isn't found, try the common place for backup and restore script.
-        if [ -e "$YNH_APP_BASEDIR/manifest.json" ]
-        then
+        if [ -e "$YNH_APP_BASEDIR/manifest.json" ]; then
             manifest="$YNH_APP_BASEDIR/manifest.json"
-        elif [ -e "$YNH_APP_BASEDIR/manifest.toml" ]
-        then
+        elif [ -e "$YNH_APP_BASEDIR/manifest.toml" ]; then
             manifest="$YNH_APP_BASEDIR/manifest.toml"
         else
             ynh_die --message "No manifest found !?"
         fi
     fi
 
-    if echo "$manifest" | grep -q '\.json$'
-    then
+    if echo "$manifest" | grep -q '\.json$'; then
         jq ".$manifest_key" "$manifest" --raw-output
     else
         cat "$manifest" | python3 -c 'import json, toml, sys; print(json.dumps(toml.load(sys.stdin)))' | jq ".$manifest_key" --raw-output
@@ -387,8 +381,7 @@ _ynh_apply_default_permissions() {
     # Crons should be owned by root
     # Also we don't want systemd conf, nginx conf or others stuff to be owned by the app,
     # otherwise they could self-edit their own systemd conf and escalate privilege
-    if grep -qE '^(/etc/cron|/etc/php|/etc/nginx/conf.d|/etc/fail2ban|/etc/systemd/system)' <<< "$target"
-    then
+    if grep -qE '^(/etc/cron|/etc/php|/etc/nginx/conf.d|/etc/fail2ban|/etc/systemd/system)' <<< "$target"; then
         chmod 400 $target
         chown root:root $target
     fi
@@ -419,7 +412,7 @@ ynh_user_exists() {
     # Manage arguments with getopts
     ynh_handle_getopts_args "$@"
 
-    yunohost user list --output-as json --quiet | jq -e ".users.\"${username}\"" >/dev/null
+    yunohost user list --output-as json --quiet | jq -e ".users.\"${username}\"" > /dev/null
 }
 
 # Retrieve a YunoHost user information

helpers/helpers.v2.1.d/apt

@@ -4,9 +4,9 @@ YNH_APT_INSTALL_DEPENDENCIES_REPLACE="true"
 
 # Define and install dependencies with a equivs control file
 #
-# example : ynh_install_app_dependencies dep1 dep2 "dep3|dep4|dep5"
+# example : ynh_apt_install_dependencies dep1 dep2 "dep3|dep4|dep5"
 #
-# usage: ynh_install_app_dependencies dep [dep [...]]
+# usage: ynh_apt_install_dependencies dep [dep [...]]
 # | arg: dep - the package name to install in dependence.
 # | arg: "dep1|dep2|…" - You can specify alternatives. It will require to install (dep1 or dep2, etc).
 #
@@ -39,8 +39,7 @@ ynh_apt_install_dependencies() {
     # The (?<=php) syntax corresponds to lookbehind ;)
     local specific_php_version=$(grep -oP '(?<=php)[0-9.]+(?=-|\>|)' <<< "$dependencies" | sort -u)
 
-    if [[ -n "$specific_php_version" ]]
-    then
+    if [[ -n "$specific_php_version" ]]; then
         # Cover a small edge case where a packager could have specified "php7.4-pwet php5-gni" which is confusing
         [[ $(echo $specific_php_version | wc -l) -eq 1 ]] \
             || ynh_die "Inconsistent php versions in dependencies ... found : $specific_php_version"
@@ -51,8 +50,7 @@ ynh_apt_install_dependencies() {
 
         # If the PHP version changed, remove the old fpm conf
         if [ -n "$old_php_version" ] && [ "$old_php_version" != "$specific_php_version" ]; then
-            if [[ -f "/etc/php/$php_version/fpm/pool.d/$app.conf" ]]
-            then
+            if [[ -f "/etc/php/$php_version/fpm/pool.d/$app.conf" ]]; then
                 ynh_backup_if_checksum_is_different "/etc/php/$php_version/fpm/pool.d/$app.conf"
                 ynh_config_remove_phpfpm
             fi
@@ -61,8 +59,7 @@ ynh_apt_install_dependencies() {
         ynh_app_setting_set --key=php_version --value=$specific_php_version
 
         # Set the default php version back as the default version for php-cli.
-        if test -e /usr/bin/php$YNH_DEFAULT_PHP_VERSION
-        then
+        if test -e /usr/bin/php$YNH_DEFAULT_PHP_VERSION; then
             update-alternatives --set php /usr/bin/php$YNH_DEFAULT_PHP_VERSION
         fi
     elif grep --quiet 'php' <<< "$dependencies"; then
@@ -72,18 +69,16 @@ ynh_apt_install_dependencies() {
     # Specific tweak related to Postgresql (cf end of the helper)
     local psql_installed="$(_ynh_apt_package_is_installed "postgresql-$PSQL_VERSION" && echo yes || echo no)"
 
-    # The first time we run ynh_install_app_dependencies, we will replace the
+    # The first time we run ynh_apt_install_dependencies, we will replace the
     # entire control file (This is in particular meant to cover the case of
-    # upgrade script where ynh_install_app_dependencies is called with this
+    # upgrade script where ynh_apt_install_dependencies is called with this
     # expected effect) Otherwise, any subsequent call will add dependencies
     # to those already present in the equivs control file.
-    if [[ $YNH_APT_INSTALL_DEPENDENCIES_REPLACE == "true" ]]
-    then
+    if [[ $YNH_APT_INSTALL_DEPENDENCIES_REPLACE == "true" ]]; then
         YNH_APT_INSTALL_DEPENDENCIES_REPLACE="false"
     else
         local current_dependencies=""
-        if _ynh_apt_package_is_installed "${app_ynh_deps}"
-        then
+        if _ynh_apt_package_is_installed "${app_ynh_deps}"; then
             current_dependencies="$(dpkg-query --show --showformat='${Depends}' ${app_ynh_deps}) "
             current_dependencies=${current_dependencies// | /|}
         fi
@@ -100,7 +95,7 @@ ynh_apt_install_dependencies() {
     # For some reason, dpkg-deb insists for folder perm to be 755 and sometimes it's 777 o_O?
     chmod -R 755 ${TMPDIR}/${app_ynh_deps}
 
-    cat >${TMPDIR}/${app_ynh_deps}/DEBIAN/control <<EOF
+    cat > ${TMPDIR}/${app_ynh_deps}/DEBIAN/control << EOF
 Section: misc
 Priority: optional
 Package: ${app_ynh_deps}
@@ -145,8 +140,7 @@ EOF
     # Specific tweak related to Postgresql
     # -> trigger postgresql regenconf if we may have just installed postgresql
     local psql_installed2="$(_ynh_apt_package_is_installed "postgresql-$PSQL_VERSION" && echo yes || echo no)"
-    if [[ "$psql_installed" != "$psql_installed2" ]]
-    then
+    if [[ "$psql_installed" != "$psql_installed2" ]]; then
         yunohost tools regen-conf postgresql
     fi
 
@@ -168,16 +162,14 @@ ynh_apt_remove_dependencies() {
 
     # Edge case where the app dep may be on hold,
     # cf https://forum.yunohost.org/t/migration-error-cause-of-ffsync/20675/4
-    if apt-mark showhold | grep -q -w ${app_ynh_deps}
-    then
+    if apt-mark showhold | grep -q -w ${app_ynh_deps}; then
         apt-mark unhold ${app_ynh_deps}
     fi
 
     # Remove the fake package and its dependencies if they not still used.
     # (except if dpkg doesn't know anything about the package,
     # which should be symptomatic of a failed install, and we don't want bash to report an error)
-    if dpkg-query --show ${app_ynh_deps} &>/dev/null
-    then
+    if dpkg-query --show ${app_ynh_deps} &> /dev/null; then
         _ynh_apt autoremove --purge ${app_ynh_deps}
     fi
 }
@@ -206,11 +198,13 @@ ynh_apt_install_dependencies_from_extra_repository() {
     if [[ "${repo_parts[0]}" == "deb" ]]; then
         index=1
     fi
-    uri="${repo_parts[$index]}" ; index=$((index+1))
-    suite="${repo_parts[$index]}" ; index=$((index+1))
+    uri="${repo_parts[$index]}"
+    index=$((index + 1))
+    suite="${repo_parts[$index]}"
+    index=$((index + 1))
 
     # Get the components
-    if (( "${#repo_parts[@]}" > 0 )); then
+    if (("${#repo_parts[@]}" > 0)); then
         component="${repo_parts[*]:$index}"
     fi
 
@@ -280,7 +274,7 @@ _ynh_wait_dpkg_free() {
     # With seq 1 17, timeout will be almost 30 minutes
     for try in $(seq 1 17); do
         # Check if /var/lib/dpkg/lock is used by another process
-        if lsof /var/lib/dpkg/lock >/dev/null; then
+        if lsof /var/lib/dpkg/lock > /dev/null; then
             echo "apt is already in use..."
             # Sleep an exponential time at each round
             sleep $((try * try))
@@ -298,7 +292,7 @@ _ynh_wait_dpkg_free() {
                     set -o xtrace # set -x
                     return 1
                 fi
-            done 9<<<"$(ls -1 $dpkg_dir)"
+            done 9<<< "$(ls -1 $dpkg_dir)"
             set -o xtrace # set -x
             return 0
         fi
@@ -310,14 +304,14 @@ _ynh_wait_dpkg_free() {
 # Check either a package is installed or not
 _ynh_apt_package_is_installed() {
     local package=$1
-    dpkg-query --show --showformat='${db:Status-Status}' "$package" 2>/dev/null \
-        | grep --quiet "^installed$" &>/dev/null
+    dpkg-query --show --showformat='${db:Status-Status}' "$package" 2> /dev/null \
+        | grep --quiet "^installed$" &> /dev/null
 }
 
 # Return the installed version of an apt package, if installed
 _ynh_apt_package_version() {
     if _ynh_apt_package_is_installed "$package"; then
-        dpkg-query --show --showformat='${Version}' "$package" 2>/dev/null
+        dpkg-query --show --showformat='${Version}' "$package" 2> /dev/null
     else
         echo ''
     fi

helpers/helpers.v2.1.d/backup

@@ -27,13 +27,11 @@ ynh_backup() {
     local is_data=false
 
     # If the path starts with /var/log/$app or $data_dir
-    if ([[ -n "${app:-}" ]] && [[ "$target" == "/var/log/$app*" ]]) || ([[ -n "${data_dir:-}" ]] && [[ "$target" == "$data_dir*" ]])
-    then
+    if ([[ -n "${app:-}" ]] && [[ "$target" == "/var/log/$app*" ]]) || ([[ -n "${data_dir:-}" ]] && [[ "$target" == "$data_dir*" ]]); then
         is_data=true
     fi
 
-    if [[ -n "${app:-}" ]]
-    then
+    if [[ -n "${app:-}" ]]; then
         local do_not_backup_data=$(ynh_app_setting_get --key=do_not_backup_data)
     fi
 
@@ -83,7 +81,7 @@ ynh_backup() {
     # ==============================================================================
     local src=$(echo "${src_path}" | sed --regexp-extended 's/"/\"\"/g')
     local dest=$(echo "${dest_path}" | sed --regexp-extended 's/"/\"\"/g')
-    echo "\"${src}\",\"${dest}\"" >>"${YNH_BACKUP_CSV}"
+    echo "\"${src}\",\"${dest}\"" >> "${YNH_BACKUP_CSV}"
 
     # ==============================================================================
 
@@ -135,15 +133,13 @@ ynh_restore() {
 
     # If the path starts with /var/log/$app or $data_dir
     local is_data=false
-    if ([[ -n "${app:-}" ]] && [[ "$target" == "/var/log/$app*" ]]) || ([[ -n "${data_dir:-}" ]] && [[ "$target" == "$data_dir*" ]])
-    then
+    if ([[ -n "${app:-}" ]] && [[ "$target" == "/var/log/$app*" ]]) || ([[ -n "${data_dir:-}" ]] && [[ "$target" == "$data_dir*" ]]); then
         is_data=true
     fi
 
     # If archive_path doesn't exist, search for a corresponding path in CSV
     if [ ! -d "$archive_path" ] && [ ! -f "$archive_path" ] && [ ! -L "$archive_path" ]; then
-        if [[ "$is_data" == true ]]
-        then
+        if [[ "$is_data" == true ]]; then
             ynh_print_info "Skipping $target which doesn't exists in the archive, probably because restoring from a safety-backup-before-upgrade"
             # Assume it's not a big deal, we may be restoring a safety-backup-before-upgrade which doesnt contain those
             return 0
@@ -194,7 +190,7 @@ ynh_restore_everything() {
     # For each destination path begining by $REL_DIR
     cat ${YNH_BACKUP_CSV} | tr --delete $'\r' | grep --only-matching --no-filename --perl-regexp "^\".*\",\"$REL_DIR.*\"$" \
         | while read line; do
-            local ARCHIVE_PATH=$(echo "$line" | grep --only-matching --no-filename --perl-regexp "^\".*\",\"$REL_DIR\K.*(?=\"$)")
+            local ARCHIVE_PATH=$(echo "$line" | grep --only-matching --no-filename --perl-regexp "^\"\K.*(?=\",\"$REL_DIR.*\"$)")
             ynh_restore "$ARCHIVE_PATH"
         done
 }
@@ -256,8 +252,7 @@ ynh_backup_if_checksum_is_different() {
             echo "$backup_file_checksum" # Return the name of the backup file
             if ynh_in_ci_tests; then
                 local file_path_base64=$(echo "$file" | base64 -w0)
-                if test -e /var/cache/yunohost/appconfbackup/original_${file_path_base64}
-                then
+                if test -e /var/cache/yunohost/appconfbackup/original_${file_path_base64}; then
                     ynh_print_warn "Diff with the original file:"
                     diff --report-identical-files --unified --color=always /var/cache/yunohost/appconfbackup/original_${file_path_base64} $file >&2 || true
                 fi

helpers/helpers.v2.1.d/composer

@@ -38,8 +38,8 @@ ynh_composer_exec() {
     local workdir="${composer_workdir:-$install_dir}"
 
     COMPOSER_HOME="$workdir/.composer" \
-    COMPOSER_MEMORY_LIMIT=-1 \
-    sudo -E -u "${composer_user:-$app}" \
-    php${php_version} "$workdir/composer.phar" $@ \
+        COMPOSER_MEMORY_LIMIT=-1 \
+        sudo -E -u "${composer_user:-$app}" \
+        php${php_version} "$workdir/composer.phar" $@ \
         -d "$workdir" --no-interaction --no-ansi 2>&1
 }

helpers/helpers.v2.1.d/config

@@ -6,11 +6,11 @@ _ynh_app_config_get_one() {
     local bind="$3"
     local getter="get__${short_setting}"
     # Get value from getter if exists
-    if type -t $getter 2>/dev/null | grep -q '^function$' 2>/dev/null; then
+    if type -t $getter 2> /dev/null | grep -q '^function$' 2> /dev/null; then
         old[$short_setting]="$($getter)"
         formats[${short_setting}]="yaml"
 
-    elif [[ "$bind" == *"("* ]] && type -t "get__${bind%%(*}" 2>/dev/null | grep -q '^function$' 2>/dev/null; then
+    elif [[ "$bind" == *"("* ]] && type -t "get__${bind%%(*}" 2> /dev/null | grep -q '^function$' 2> /dev/null; then
         old[$short_setting]="$("get__${bind%%(*}" $short_setting $type $bind)"
         formats[${short_setting}]="yaml"
 
@@ -22,7 +22,7 @@ _ynh_app_config_get_one() {
         if [[ "$bind" == "settings" ]]; then
             ynh_die "File '${short_setting}' can't be stored in settings"
         fi
-        old[$short_setting]="$(ls "$(echo $bind | sed s@__INSTALL_DIR__@${install_dir:-}@ | sed s/__APP__/$app/)" 2>/dev/null || echo YNH_NULL)"
+        old[$short_setting]="$(ls "$bind" 2> /dev/null || echo YNH_NULL)"
         file_hash[$short_setting]="true"
 
     # Get multiline text from settings or from a full file
@@ -32,7 +32,7 @@ _ynh_app_config_get_one() {
         elif [[ "$bind" == *":"* ]]; then
             ynh_die "For technical reasons, multiline text '${short_setting}' can't be stored automatically  in a variable file, you have to create custom getter/setter"
         else
-            old[$short_setting]="$(cat $(echo $bind | sed s@__INSTALL_DIR__@${install_dir:-}@ | sed s/__APP__/$app/) 2>/dev/null || echo YNH_NULL)"
+            old[$short_setting]="$(cat "$bind" 2> /dev/null || echo YNH_NULL)"
         fi
 
     # Get value from a kind of key/value file
@@ -47,7 +47,7 @@ _ynh_app_config_get_one() {
             bind_after="$(echo "${bind_key_}" | cut -d'>' -f1)"
             bind_key_="$(echo "${bind_key_}" | cut -d'>' -f2)"
         fi
-        local bind_file="$(echo "$bind" | cut -d: -f2 | sed s@__INSTALL_DIR__@${install_dir:-}@ | sed s/__APP__/$app/)"
+        local bind_file="$(echo "$bind" | cut -d: -f2)"
         old[$short_setting]="$(ynh_read_var_in_file --file="${bind_file}" --key="${bind_key_}" --after="${bind_after}")"
 
     fi
@@ -59,10 +59,10 @@ _ynh_app_config_apply_one() {
     local type="${types[$short_setting]}"
     if [ "${changed[$short_setting]}" == "true" ]; then
         # Apply setter if exists
-        if type -t $setter 2>/dev/null | grep -q '^function$' 2>/dev/null; then
+        if type -t $setter 2> /dev/null | grep -q '^function$' 2> /dev/null; then
             $setter
 
-        elif [[ "$bind" == *"("* ]] && type -t "set__${bind%%(*}" 2>/dev/null | grep -q '^function$' 2>/dev/null; then
+        elif [[ "$bind" == *"("* ]] && type -t "set__${bind%%(*}" 2> /dev/null | grep -q '^function$' 2> /dev/null; then
             "set__${bind%%(*}" $short_setting $type $bind
 
         elif [[ "$bind" == "null" ]]; then
@@ -73,7 +73,7 @@ _ynh_app_config_apply_one() {
             if [[ "$bind" == "settings" ]]; then
                 ynh_die "File '${short_setting}' can't be stored in settings"
             fi
-            local bind_file="$(echo "$bind" | sed s@__INSTALL_DIR__@${install_dir:-}@ | sed s/__APP__/$app/)"
+            local bind_file="$bind"
             if [[ "${!short_setting}" == "" ]]; then
                 ynh_backup_if_checksum_is_different "$bind_file"
                 ynh_safe_rm "$bind_file"
@@ -84,8 +84,7 @@ _ynh_app_config_apply_one() {
                 if [[ "${!short_setting}" != "$bind_file" ]]; then
                     cp "${!short_setting}" "$bind_file"
                 fi
-                if _ynh_file_checksum_exists "$bind_file"
-                then
+                if _ynh_file_checksum_exists "$bind_file"; then
                     ynh_store_file_checksum "$bind_file"
                 fi
                 ynh_print_info "File '$bind_file' overwritten with ${!short_setting}"
@@ -101,11 +100,10 @@ _ynh_app_config_apply_one() {
             if [[ "$bind" == *":"* ]]; then
                 ynh_die "For technical reasons, multiline text '${short_setting}' can't be stored automatically  in a variable file, you have to create custom getter/setter"
             fi
-            local bind_file="$(echo "$bind" | sed s@__INSTALL_DIR__@${install_dir:-}@ | sed s/__APP__/$app/)"
+            local bind_file="$bind"
             ynh_backup_if_checksum_is_different "$bind_file"
-            echo "${!short_setting}" >"$bind_file"
-            if _ynh_file_checksum_exists "$bind_file"
-            then
+            echo "${!short_setting}" > "$bind_file"
+            if _ynh_file_checksum_exists "$bind_file"; then
                 ynh_store_file_checksum "$bind_file"
             fi
             ynh_print_info "File '$bind_file' overwritten with the content provided in question '${short_setting}'"
@@ -119,12 +117,11 @@ _ynh_app_config_apply_one() {
                 bind_key_="$(echo "${bind_key_}" | cut -d'>' -f2)"
             fi
             bind_key_=${bind_key_:-$short_setting}
-            local bind_file="$(echo "$bind" | cut -d: -f2 | sed s@__INSTALL_DIR__@${install_dir:-}@ | sed s/__APP__/$app/)"
+            local bind_file="$(echo "$bind" | cut -d: -f2)"
 
             ynh_backup_if_checksum_is_different "$bind_file"
             ynh_write_var_in_file --file="${bind_file}" --key="${bind_key_}" --value="${!short_setting}" --after="${bind_after}"
-            if _ynh_file_checksum_exists "$bind_file"
-            then
+            if _ynh_file_checksum_exists "$bind_file"; then
                 ynh_store_file_checksum "$bind_file"
             fi
 
@@ -135,69 +132,17 @@ _ynh_app_config_apply_one() {
         fi
     fi
 }
+
 _ynh_app_config_get() {
-    # From settings
-    local lines
-    lines=$(
-        python3 <<EOL
-import toml
-from collections import OrderedDict
-with open("../config_panel.toml", "r") as f:
-    file_content = f.read()
-loaded_toml = toml.loads(file_content, _dict=OrderedDict)
-
-for panel_name, panel in loaded_toml.items():
-    if not isinstance(panel, dict): continue
-    bind_panel = panel.get('bind')
-    for section_name, section in panel.items():
-        if not isinstance(section, dict): continue
-        bind_section = section.get('bind')
-        if not bind_section:
-            bind_section = bind_panel
-        elif bind_section[-1] == ":" and bind_panel and ":" in bind_panel:
-            regex, bind_panel_file = bind_panel.split(":")
-            if ">" in bind_section:
-                bind_section = bind_section + bind_panel_file
-            else:
-                bind_section = regex + bind_section + bind_panel_file
-
-        for name, param in section.items():
-            if not isinstance(param, dict):
-                continue
-
-            bind = param.get('bind')
-
-            if not bind:
-                if bind_section:
-                    bind = bind_section
-                else:
-                    bind = 'settings'
-            elif bind[-1] == ":" and bind_section and ":" in bind_section:
-                regex, bind_file = bind_section.split(":")
-                if ">" in bind:
-                    bind = bind + bind_file
-                else:
-                    bind = regex + bind + bind_file
-            if bind == "settings" and param.get('type', 'string') == 'file':
-                bind = 'null'
-
-            print('|'.join([
-                name,
-                param.get('type', 'string'),
-                bind
-                ]))
-EOL
-    )
-    for line in $lines; do
+    for line in $YNH_APP_CONFIG_PANEL_OPTIONS_TYPES_AND_BINDS; do
         # Split line into short_setting, type and bind
-        IFS='|' read short_setting type bind <<<"$line"
+        IFS='|' read short_setting type bind <<< "$line"
         binds[${short_setting}]="$bind"
         types[${short_setting}]="$type"
         file_hash[${short_setting}]=""
         formats[${short_setting}]=""
         ynh_app_config_get_one $short_setting $type $bind
     done
-
 }
 
 _ynh_app_config_apply() {
@@ -267,9 +212,9 @@ _ynh_app_config_validate() {
     for short_setting in "${!old[@]}"; do
         [[ "${changed[$short_setting]}" == "false" ]] && continue
         local result=""
-        if type -t validate__$short_setting | grep -q '^function$' 2>/dev/null; then
+        if type -t validate__$short_setting | grep -q '^function$' 2> /dev/null; then
             result="$(validate__$short_setting)"
-        elif [[ "$bind" == *"("* ]] && type -t "validate__${bind%%(*}" 2>/dev/null | grep -q '^function$' 2>/dev/null; then
+        elif [[ "$bind" == *"("* ]] && type -t "validate__${bind%%(*}" 2> /dev/null | grep -q '^function$' 2> /dev/null; then
             "validate__${bind%%(*}" $short_setting
         fi
         if [ -n "$result" ]; then
@@ -324,7 +269,7 @@ ynh_app_config_apply() {
 ynh_app_action_run() {
     local runner="run__$1"
     # Get value from getter if exists
-    if type -t "$runner" 2>/dev/null | grep -q '^function$' 2>/dev/null; then
+    if type -t "$runner" 2> /dev/null | grep -q '^function$' 2> /dev/null; then
         $runner
         #ynh_return "result:"
         #ynh_return "$(echo "${result}" | sed 's/^/  /g')"
@@ -342,22 +287,23 @@ ynh_app_config_run() {
     declare -Ag formats=()
 
     case $1 in
-    show)
-        ynh_app_config_get
-        ynh_app_config_show
-        ;;
-    apply)
-        max_progression=4
-        ynh_script_progression "Reading config panel description and current configuration..."
-        ynh_app_config_get
+        show)
+            ynh_app_config_get
+            ynh_app_config_show
+            ;;
+        apply)
+            max_progression=4
+            ynh_script_progression "Reading config panel description and current configuration..."
+            ynh_app_config_get
 
-        ynh_app_config_validate
+            ynh_app_config_validate
 
-        ynh_script_progression "Applying the new configuration..."
-        ynh_app_config_apply
-        ynh_script_progression "Configuration of $app completed"
-        ;;
-    *)
-        ynh_app_action_run $1
+            ynh_script_progression "Applying the new configuration..."
+            ynh_app_config_apply
+            ynh_script_progression "Configuration of $app completed"
+            ;;
+        *)
+            ynh_app_action_run $1
+            ;;
     esac
 }

helpers/helpers.v2.1.d/fail2ban

@@ -68,7 +68,7 @@ port = http,https
 filter = __APP__
 logpath = __LOGPATH__
 maxretry = 5
-" >"$YNH_APP_BASEDIR/conf/f2b_jail.conf"
+" > "$YNH_APP_BASEDIR/conf/f2b_jail.conf"
 
         echo "
 [INCLUDES]
@@ -76,7 +76,7 @@ before = common.conf
 [Definition]
 failregex = __FAILREGEX__
 ignoreregex =
-" >"$YNH_APP_BASEDIR/conf/f2b_filter.conf"
+" > "$YNH_APP_BASEDIR/conf/f2b_filter.conf"
     fi
 
     ynh_config_add --template="f2b_jail.conf" --destination="/etc/fail2ban/jail.d/$app.conf"

helpers/helpers.v2.1.d/getopts

@@ -20,7 +20,7 @@
 # | arg: $@    - Simply "$@" to tranfert all the positionnal arguments to the function
 #
 # This helper need an array, named "args_array" with all the arguments used by the helper
-# 	that want to use ynh_handle_getopts_args
+# that want to use ynh_handle_getopts_args
 # Be carreful, this array has to be an associative array, as the following example:
 # local -A args_array=( [a]=arg1 [b]=arg2= [c]=arg3 )
 # Let's explain this array:
@@ -50,8 +50,7 @@ ynh_handle_getopts_args() {
         eval "$xtrace_enable"
         return
     # Validate that the first char is - because it should be something like --option=value or -o ...
-    elif [[ "${1:0:1}" != "-" ]]
-    then
+    elif [[ "${1:0:1}" != "-" ]]; then
         ynh_die "It looks like you called the helper using positional arguments instead of keyword arguments ?"
     fi
 
@@ -182,6 +181,6 @@ ynh_handle_getopts_args() {
 
     # Call parse_arg and pass the modified list of args as an array of arguments.
     parse_arg "${arguments[@]}"
-    
+
     eval "$xtrace_enable"
 }

helpers/helpers.v2.1.d/go

@@ -23,7 +23,7 @@ _ynh_load_go_in_path_and_other_tweaks() {
 
     # Sets the local application-specific go version
     pushd ${install_dir}
-        $GOENV_INSTALL_DIR/bin/goenv local $go_version
+    $GOENV_INSTALL_DIR/bin/goenv local $go_version
     popd
 }
 
@@ -39,7 +39,7 @@ _ynh_load_go_in_path_and_other_tweaks() {
 # - `$go_dir` (the directory containing the specific go version)
 #
 # This helper also creates a /etc/profile.d/goenv.sh that configures PATH environment for goenv
-ynh_go_install () {
+ynh_go_install() {
 
     [[ -n "${go_version:-}" ]] || ynh_die "\$go_version should be defined prior to calling ynh_go_install"
 
@@ -55,33 +55,33 @@ ynh_go_install () {
     # Install or update goenv
     mkdir -p $GOENV_INSTALL_DIR
     pushd "$GOENV_INSTALL_DIR"
-        if ! [ -x "$GOENV_INSTALL_DIR/bin/goenv" ]; then
-            ynh_print_info "Downloading goenv..."
-            git init -q
-            git remote add origin https://github.com/syndbg/goenv.git 
-        else
-            ynh_print_info "Updating goenv..."
-        fi
-        git fetch -q --tags --prune origin
-        local git_latest_tag=$(git describe --tags "$(git rev-list --tags --max-count=1)")
-        git checkout -q "$git_latest_tag"
-        _ynh_go_try_bash_extension
-        goenv=$GOENV_INSTALL_DIR/bin/goenv
+    if ! [ -x "$GOENV_INSTALL_DIR/bin/goenv" ]; then
+        ynh_print_info "Downloading goenv..."
+        git init -q
+        git remote add origin https://github.com/syndbg/goenv.git
+    else
+        ynh_print_info "Updating goenv..."
+    fi
+    git fetch -q --tags --prune origin
+    local git_latest_tag=$(git describe --tags "$(git rev-list --tags --max-count=1)")
+    git checkout -q "$git_latest_tag"
+    _ynh_go_try_bash_extension
+    goenv=$GOENV_INSTALL_DIR/bin/goenv
     popd
 
     # Install or update xxenv-latest
     mkdir -p "$GOENV_INSTALL_DIR/plugins/xxenv-latest"
     pushd "$GOENV_INSTALL_DIR/plugins/xxenv-latest"
-        if ! [ -x "$GOENV_INSTALL_DIR/plugins/xxenv-latest/bin/goenv-latest" ]; then
-            ynh_print_info "Downloading xxenv-latest..."
-            git init -q
-            git remote add origin https://github.com/momo-lab/xxenv-latest.git 
-        else
-            ynh_print_info "Updating xxenv-latest..."
-        fi
-        git fetch -q --tags --prune origin
-        local git_latest_tag=$(git describe --tags "$(git rev-list --tags --max-count=1)")
-        git checkout -q "$git_latest_tag"
+    if ! [ -x "$GOENV_INSTALL_DIR/plugins/xxenv-latest/bin/goenv-latest" ]; then
+        ynh_print_info "Downloading xxenv-latest..."
+        git init -q
+        git remote add origin https://github.com/momo-lab/xxenv-latest.git
+    else
+        ynh_print_info "Updating xxenv-latest..."
+    fi
+    git fetch -q --tags --prune origin
+    local git_latest_tag=$(git describe --tags "$(git rev-list --tags --max-count=1)")
+    git checkout -q "$git_latest_tag"
     popd
 
     # Enable caching
@@ -109,7 +109,7 @@ ynh_go_install () {
     _ynh_go_cleanup
 
     # Set environment for Go users
-    echo  "#goenv
+    echo "#goenv
 export GOENV_ROOT=$GOENV_INSTALL_DIR
 export PATH=\"$GOENV_INSTALL_DIR/bin:$PATH\"
 eval \"\$(goenv init -)\"
@@ -126,7 +126,7 @@ eval \"\$(goenv init -)\"
 # This helper will also cleanup Go versions
 #
 # usage: ynh_go_remove
-ynh_go_remove () {
+ynh_go_remove() {
     local go_version=$(ynh_app_setting_get --key="go_version")
 
     # Load goenv path in PATH
@@ -151,34 +151,29 @@ ynh_go_remove () {
 # If no app uses Go, goenv will be also removed.
 #
 # usage: _ynh_go_cleanup
-_ynh_go_cleanup () {
+_ynh_go_cleanup() {
 
     # List required Go versions
     local installed_apps=$(yunohost app list --output-as json --quiet | jq -r .apps[].id)
     local required_go_versions=""
-    for installed_app in $installed_apps
-    do
+    for installed_app in $installed_apps; do
         local installed_app_go_version=$(ynh_app_setting_get --app=$installed_app --key="go_version")
-        if [[ $installed_app_go_version ]]
-        then
+        if [[ $installed_app_go_version ]]; then
             required_go_versions="${installed_app_go_version}\n${required_go_versions}"
         fi
     done
 
     # Remove no more needed Go versions
     local installed_go_versions=$(goenv versions --bare --skip-aliases | grep -Ev '/')
-    for installed_go_version in $installed_go_versions
-    do
-        if ! `echo ${required_go_versions} | grep "${installed_go_version}" 1>/dev/null 2>&1`
-        then
+    for installed_go_version in $installed_go_versions; do
+        if ! $(echo ${required_go_versions} | grep "${installed_go_version}" 1> /dev/null 2>&1); then
             ynh_print_info "Removing of Go-$installed_go_version"
             $GOENV_INSTALL_DIR/bin/goenv uninstall --force "$installed_go_version"
         fi
     done
 
     # If none Go version is required
-    if [[ ! $required_go_versions ]]
-    then
+    if [[ ! $required_go_versions ]]; then
         # Remove goenv environment configuration
         ynh_print_info "Removing of goenv"
         ynh_safe_rm "$GOENV_INSTALL_DIR"
@@ -187,9 +182,9 @@ _ynh_go_cleanup () {
 }
 
 _ynh_go_try_bash_extension() {
-  if [ -x src/configure ]; then
-    src/configure && make -C src || {
-      ynh_print_info "Optional bash extension failed to build, but things will still work normally."
-    }
-  fi
+    if [ -x src/configure ]; then
+        src/configure && make -C src || {
+            ynh_print_info "Optional bash extension failed to build, but things will still work normally."
+        }
+    fi
 }

helpers/helpers.v2.1.d/logging

@@ -5,11 +5,9 @@
 # usage: ynh_die "Some message"
 ynh_die() {
     set +o xtrace # set +x
-    if [[ -n "${1:-}" ]]
-    then
-        if [[ -n "${YNH_STDRETURN:-}" ]]
-        then
-            python3 -c 'import yaml, sys; print(yaml.dump({"error": sys.stdin.read()}))' <<< "${1:-}" >>"$YNH_STDRETURN"
+    if [[ -n "${1:-}" ]]; then
+        if [[ -n "${YNH_STDRETURN:-}" ]]; then
+            python3 -c 'import yaml, sys; print(yaml.dump({"error": sys.stdin.read()}))' <<< "${1:-}" >> "$YNH_STDRETURN"
         fi
         echo "${1:-}" 1>&2
     fi
@@ -51,7 +49,7 @@ ynh_exec_and_print_stderr_only_if_error() {
     rc=0
     # Note that "$@" is used and not $@, c.f. https://unix.stackexchange.com/a/129077
     "$@" 2> "$logfile" || rc="$?"
-    if (( rc != 0 )); then
+    if ((rc != 0)); then
         cat "$logfile" >&2
         ynh_safe_rm "$logfile"
         return "$rc"
@@ -63,7 +61,7 @@ ynh_exec_and_print_stderr_only_if_error() {
 #
 # usage: ynh_return somedata
 ynh_return() {
-    echo "$1" >>"$YNH_STDRETURN"
+    echo "$1" >> "$YNH_STDRETURN"
 }
 
 # Initial definitions for ynh_script_progression
@@ -105,10 +103,9 @@ ynh_script_progression() {
     local expected_progression="$((($increment_progression + 1) * $progress_scale / $max_progression - $effective_progression))"
 
     # Hack for the "--last" message
-    if grep -qw 'completed' <<< "$1";
-    then
-         effective_progression=$progress_scale
-         expected_progression=0
+    if grep -qw 'completed' <<< "$1"; then
+        effective_progression=$progress_scale
+        expected_progression=0
     fi
     # left_progression is the progression not yet done
     local left_progression="$(($progress_scale - $effective_progression - $expected_progression))"

helpers/helpers.v2.1.d/logrotate

@@ -22,8 +22,7 @@ ynh_config_add_logrotate() {
     fi
     set +o noglob
 
-    for stuff in $logfile
-    do
+    for stuff in $logfile; do
         # Make sure the permissions of the parent dir are correct (otherwise the config file could be ignored and the corresponding logs never rotated)
         local dir=$(dirname "$stuff")
         mkdir --parents $dir
@@ -32,7 +31,7 @@ ynh_config_add_logrotate() {
     done
 
     local tempconf="$(mktemp)"
-    cat << EOF >$tempconf
+    cat << EOF > $tempconf
 $logfile {
     # Rotate if the logfile exceeds 100Mo
     size 100M
@@ -53,8 +52,7 @@ $logfile {
 }
 EOF
 
-    if [[ "$FIRST_CALL_TO_LOGROTATE" == "true" ]]
-    then
+    if [[ "$FIRST_CALL_TO_LOGROTATE" == "true" ]]; then
         cat $tempconf > /etc/logrotate.d/$app
     else
         cat $tempconf >> /etc/logrotate.d/$app

helpers/helpers.v2.1.d/mongodb

@@ -12,16 +12,15 @@
 #
 ynh_mongo_exec() {
     # ============ Argument parsing =============
-    local -A args_array=( [d]=database= [c]=command= )
+    local -A args_array=([d]=database= [c]=command=)
     local database
     local command
     ynh_handle_getopts_args "$@"
     database="${database:-}"
     # ===========================================
 
-    if [ -n "$database" ]
-    then
-        mongosh --quiet <<EOF
+    if [ -n "$database" ]; then
+        mongosh --quiet << EOF
 use $database
 ${command}
 quit()
@@ -44,7 +43,7 @@ EOF
 #
 ynh_mongo_drop_db() {
     # ============ Argument parsing =============
-    local -A args_array=( [d]=database= )
+    local -A args_array=([d]=database=)
     local database
     ynh_handle_getopts_args "$@"
     # ===========================================
@@ -63,7 +62,7 @@ ynh_mongo_drop_db() {
 #
 ynh_mongo_dump_db() {
     # ============ Argument parsing =============
-    local -A args_array=( [d]=database= )
+    local -A args_array=([d]=database=)
     local database
     ynh_handle_getopts_args "$@"
     # ===========================================
@@ -83,7 +82,7 @@ ynh_mongo_dump_db() {
 #
 ynh_mongo_create_user() {
     # ============ Argument parsing =============
-    local -A args_array=( [u]=db_user= [n]=db_name= [p]=db_pwd= )
+    local -A args_array=([u]=db_user= [n]=db_name= [p]=db_pwd=)
     local db_user
     local db_name
     local db_pwd
@@ -111,8 +110,7 @@ ynh_mongo_database_exists() {
     ynh_handle_getopts_args "$@"
     # ===========================================
 
-    if [ $(ynh_mongo_exec --command='db.getMongo().getDBNames().indexOf("'${database}'")') -lt 0 ]
-    then
+    if [ $(ynh_mongo_exec --command='db.getMongo().getDBNames().indexOf("'${database}'")') -lt 0 ]; then
         return 1
     else
         return 0
@@ -129,7 +127,7 @@ ynh_mongo_database_exists() {
 #
 ynh_mongo_restore_db() {
     # ============ Argument parsing =============
-    local -A args_array=( [d]=database= )
+    local -A args_array=([d]=database=)
     local database
     ynh_handle_getopts_args "$@"
     # ===========================================
@@ -148,7 +146,7 @@ ynh_mongo_restore_db() {
 #
 ynh_mongo_drop_user() {
     # ============ Argument parsing =============
-    local -A args_array=( [u]=db_user= [n]=db_name= )
+    local -A args_array=([u]=db_user= [n]=db_name=)
     local db_user
     local db_name
     ynh_handle_getopts_args "$@"
@@ -170,7 +168,7 @@ ynh_mongo_drop_user() {
 #
 ynh_mongo_setup_db() {
     # ============ Argument parsing =============
-    local -A args_array=( [u]=db_user= [n]=db_name= [p]=db_pwd= )
+    local -A args_array=([u]=db_user= [n]=db_name= [p]=db_pwd=)
     local db_user
     local db_name
     db_pwd=""
@@ -197,14 +195,14 @@ ynh_mongo_setup_db() {
 #
 ynh_mongo_remove_db() {
     # ============ Argument parsing =============
-    local -A args_array=( [u]=db_user= [n]=db_name= )
+    local -A args_array=([u]=db_user= [n]=db_name=)
     local db_user
     local db_name
     ynh_handle_getopts_args "$@"
     # ===========================================
 
-    if ynh_mongo_database_exists --database=$db_name; then  # Check if the database exists
-        ynh_mongo_drop_db --database=$db_name  # Remove the database
+    if ynh_mongo_database_exists --database=$db_name; then # Check if the database exists
+        ynh_mongo_drop_db --database=$db_name              # Remove the database
     else
         ynh_print_warn "Database $db_name not found"
     fi
@@ -262,8 +260,7 @@ ynh_install_mongo() {
 #
 ynh_remove_mongo() {
     # Only remove the mongodb service if it is not installed.
-    if ! _ynh_apt_package_is_installed "mongodb*"
-    then
+    if ! _ynh_apt_package_is_installed "mongodb*"; then
         ynh_print_info "Removing MongoDB service..."
         mongodb_servicename=mongod
         # Remove the mongodb service

helpers/helpers.v2.1.d/nginx

@@ -39,7 +39,6 @@ ynh_config_remove_nginx() {
     ynh_systemctl --service=nginx --action=reload
 }
 
-
 # Regen the nginx config in a change url context
 #
 # usage: ynh_config_change_url_nginx
@@ -47,7 +46,7 @@ ynh_config_change_url_nginx() {
 
     # Make a backup of the original NGINX config file if manually modified
     # (nb: this is possibly different from the same instruction called by
-    # ynh_config_add inside ynh_config_add_nginx because the path may have 
+    # ynh_config_add inside ynh_config_add_nginx because the path may have
     # changed if we're changing the domain too...)
     local old_nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
     ynh_backup_if_checksum_is_different "$old_nginx_conf_path"

helpers/helpers.v2.1.d/permission

@@ -169,7 +169,7 @@ ynh_permission_exists() {
     # ===========================================
 
     yunohost user permission list "$app" --output-as json --quiet \
-        | jq -e --arg perm "$app.$permission" '.permissions[$perm]' >/dev/null
+        | jq -e --arg perm "$app.$permission" '.permissions[$perm]' > /dev/null
 }
 
 # Redefine the url associated to a permission
@@ -301,7 +301,7 @@ ynh_permission_has_user() {
     # Check both allowed and corresponding_users sections in the json
     for section in "allowed" "corresponding_users"; do
         if yunohost user permission info "$app.$permission" --output-as json --quiet \
-            | jq -e --arg user $user --arg section $section '.[$section] | index($user)' >/dev/null; then
+            | jq -e --arg user $user --arg section $section '.[$section] | index($user)' > /dev/null; then
             return 0
         fi
     done

helpers/helpers.v2.1.d/php

@@ -59,9 +59,9 @@ ynh_config_add_phpfpm() {
     # Apps willing to tweak these should use ynh_setting_set_default_value (in install and upgrade?)
     #
     local php_upload_max_filesize=${php_upload_max_filesize:-50M}
-    local php_process_management=${php_process_management:-ondemand}  # alternatively 'dynamic' or 'static'
+    local php_process_management=${php_process_management:-ondemand} # alternatively 'dynamic' or 'static'
     local php_max_children=${php_max_children:-$(_default_php_max_children)}
-    local php_memory_limit=${php_memory_limit:-128M}  # default value is from global php.ini
+    local php_memory_limit=${php_memory_limit:-128M} # default value is from global php.ini
 
     local phpfpm_template=$(mktemp)
     cat << EOF > $phpfpm_template
@@ -102,7 +102,7 @@ EOF
 
     # Concatene the extra config
     if [ -e $YNH_APP_BASEDIR/conf/extra_php-fpm.conf ]; then
-        cat $YNH_APP_BASEDIR/conf/extra_php-fpm.conf >>"$phpfpm_template"
+        cat $YNH_APP_BASEDIR/conf/extra_php-fpm.conf >> "$phpfpm_template"
     fi
 
     # Make sure the fpm pool dir exists
@@ -111,7 +111,7 @@ EOF
     ynh_config_add --template="$phpfpm_template" --destination="/etc/php/$php_version/fpm/pool.d/$app.conf"
 
     # Validate that the new php conf doesn't break php-fpm entirely
-    if ! php-fpm${php_version} --test 2>/dev/null; then
+    if ! php-fpm${php_version} --test 2> /dev/null; then
         php-fpm${php_version} --test || true
         ynh_safe_rm "/etc/php/$php_version/fpm/pool.d/$app.conf"
         ynh_die "The new configuration broke php-fpm?"

helpers/helpers.v2.1.d/redis

@@ -5,27 +5,25 @@
 # usage: ynh_redis_get_free_db
 # | returns: the database number to use
 ynh_redis_get_free_db() {
-	local result max db
-	result=$(redis-cli INFO keyspace)
+    local result max db
+    result=$(redis-cli INFO keyspace)
 
-	# get the num
-	max=$(cat /etc/redis/redis.conf | grep ^databases | grep -Eow "[0-9]+")
+    # get the num
+    max=$(cat /etc/redis/redis.conf | grep ^databases | grep -Eow "[0-9]+")
 
-	db=0
-	# default Debian setting is 15 databases
-	for i in $(seq 0 "$max")
-	do
-	 	if ! echo "$result" | grep -q "db$i"
-	 	then
-			db=$i
-	 		break 1
- 		fi
- 		db=-1
-	done
+    db=0
+    # default Debian setting is 15 databases
+    for i in $(seq 0 "$max"); do
+        if ! echo "$result" | grep -q "db$i"; then
+            db=$i
+            break 1
+        fi
+        db=-1
+    done
 
-	test "$db" -eq -1 && ynh_die "No available Redis databases..."
+    test "$db" -eq -1 && ynh_die "No available Redis databases..."
 
-	echo "$db"
+    echo "$db"
 }
 
 # Create a master password and set up global settings
@@ -34,6 +32,6 @@ ynh_redis_get_free_db() {
 # usage: ynh_redis_remove_db database
 # | arg: database - the database to erase
 ynh_redis_remove_db() {
-	local db=$1
-	redis-cli -n "$db" flushdb
+    local db=$1
+    redis-cli -n "$db" flushdb
 }

helpers/helpers.v2.1.d/ruby

@@ -25,7 +25,7 @@ _ynh_load_ruby_in_path_and_other_tweaks() {
 
     # Sets the local application-specific Ruby version
     pushd ${install_dir}
-        $RBENV_INSTALL_DIR/bin/rbenv local $ruby_version
+    $RBENV_INSTALL_DIR/bin/rbenv local $ruby_version
     popd
 }
 
@@ -41,7 +41,7 @@ _ynh_load_ruby_in_path_and_other_tweaks() {
 # - `$ruby_dir`, the directory containing the specific version of ruby, which may be used in the systemd config too (e.g. `ExecStart=__RUBY_DIR__/ruby foo bar`)
 #
 # This helper also creates a /etc/profile.d/rbenv.sh that configures PATH environment for rbenv
-ynh_ruby_install () {
+ynh_ruby_install() {
 
     [[ -n "${ruby_version:-}" ]] || ynh_die "\$ruby_version should be defined prior to calling ynh_ruby_install"
 
@@ -59,31 +59,31 @@ ynh_ruby_install () {
     rbenv="$(command -v rbenv $RBENV_INSTALL_DIR/bin/rbenv | grep "$RBENV_INSTALL_DIR/bin/rbenv" | head -1)"
     if [ -n "$rbenv" ]; then
         pushd "${rbenv%/*/*}"
-            if git remote -v 2>/dev/null | grep "https://github.com/rbenv/rbenv.git"; then
-                echo "Updating rbenv..."
-                git pull -q --tags origin master
-                _ynh_ruby_try_bash_extension
-            else
-                echo "Reinstalling rbenv..."
-                cd ..
-                ynh_safe_rm $RBENV_INSTALL_DIR
-                mkdir -p $RBENV_INSTALL_DIR
-                cd $RBENV_INSTALL_DIR
-                git init -q
-                git remote add -f -t master origin https://github.com/rbenv/rbenv.git > /dev/null 2>&1
-                git checkout -q -b master origin/master
-                _ynh_ruby_try_bash_extension
-                rbenv=$RBENV_INSTALL_DIR/bin/rbenv
-            fi
-        popd
-    else
-        echo "Installing rbenv..."
-        pushd $RBENV_INSTALL_DIR
+        if git remote -v 2> /dev/null | grep "https://github.com/rbenv/rbenv.git"; then
+            echo "Updating rbenv..."
+            git pull -q --tags origin master
+            _ynh_ruby_try_bash_extension
+        else
+            echo "Reinstalling rbenv..."
+            cd ..
+            ynh_safe_rm $RBENV_INSTALL_DIR
+            mkdir -p $RBENV_INSTALL_DIR
+            cd $RBENV_INSTALL_DIR
             git init -q
             git remote add -f -t master origin https://github.com/rbenv/rbenv.git > /dev/null 2>&1
             git checkout -q -b master origin/master
             _ynh_ruby_try_bash_extension
             rbenv=$RBENV_INSTALL_DIR/bin/rbenv
+        fi
+        popd
+    else
+        echo "Installing rbenv..."
+        pushd $RBENV_INSTALL_DIR
+        git init -q
+        git remote add -f -t master origin https://github.com/rbenv/rbenv.git > /dev/null 2>&1
+        git checkout -q -b master origin/master
+        _ynh_ruby_try_bash_extension
+        rbenv=$RBENV_INSTALL_DIR/bin/rbenv
         popd
     fi
 
@@ -92,10 +92,10 @@ ynh_ruby_install () {
     ruby_build="$(command -v "$RBENV_INSTALL_DIR"/plugins/*/bin/rbenv-install rbenv-install | head -1)"
     if [ -n "$ruby_build" ]; then
         pushd "${ruby_build%/*/*}"
-            if git remote -v 2>/dev/null | grep "https://github.com/rbenv/ruby-build.git"; then
-                echo "Updating ruby-build..."
-                git pull -q origin master
-            fi
+        if git remote -v 2> /dev/null | grep "https://github.com/rbenv/ruby-build.git"; then
+            echo "Updating ruby-build..."
+            git pull -q origin master
+        fi
         popd
     else
         echo "Installing ruby-build..."
@@ -105,10 +105,10 @@ ynh_ruby_install () {
     rbenv_alias="$(command -v "$RBENV_INSTALL_DIR"/plugins/*/bin/rbenv-alias rbenv-alias | head -1)"
     if [ -n "$rbenv_alias" ]; then
         pushd "${rbenv_alias%/*/*}"
-            if git remote -v 2>/dev/null | grep "https://github.com/tpope/rbenv-aliases.git"; then
-                echo "Updating rbenv-aliases..."
-                git pull -q origin master
-            fi
+        if git remote -v 2> /dev/null | grep "https://github.com/tpope/rbenv-aliases.git"; then
+            echo "Updating rbenv-aliases..."
+            git pull -q origin master
+        fi
         popd
     else
         echo "Installing rbenv-aliases..."
@@ -118,10 +118,10 @@ ynh_ruby_install () {
     rbenv_latest="$(command -v "$RBENV_INSTALL_DIR"/plugins/*/bin/rbenv-latest rbenv-latest | head -1)"
     if [ -n "$rbenv_latest" ]; then
         pushd "${rbenv_latest%/*/*}"
-            if git remote -v 2>/dev/null | grep "https://github.com/momo-lab/xxenv-latest.git"; then
-                echo "Updating xxenv-latest..."
-                git pull -q origin master
-            fi
+        if git remote -v 2> /dev/null | grep "https://github.com/momo-lab/xxenv-latest.git"; then
+            echo "Updating xxenv-latest..."
+            git pull -q origin master
+        fi
         popd
     else
         echo "Installing xxenv-latest..."
@@ -153,8 +153,7 @@ ynh_ruby_install () {
     ruby_version=$final_ruby_version
 
     # Remove app virtualenv
-    if rbenv alias --list | grep --quiet "$app "
-    then
+    if rbenv alias --list | grep --quiet "$app "; then
         rbenv alias $app --remove
     fi
 
@@ -165,7 +164,7 @@ ynh_ruby_install () {
     _ynh_ruby_cleanup
 
     # Set environment for Ruby users
-    echo  "#rbenv
+    echo "#rbenv
 export RBENV_ROOT=$RBENV_INSTALL_DIR
 export PATH=\"$RBENV_INSTALL_DIR/bin:$PATH\"
 eval \"\$(rbenv init -)\"
@@ -182,7 +181,7 @@ eval \"\$(rbenv init -)\"
 # This helper will also cleanup unused Ruby versions
 #
 # usage: ynh_ruby_remove
-ynh_ruby_remove () {
+ynh_ruby_remove() {
 
     [[ -n "${ruby_version:-}" ]] || ynh_die "\$ruby_version should be defined prior to calling ynh_ruby_remove"
 
@@ -208,34 +207,29 @@ ynh_ruby_remove () {
 # This helper will check what Ruby version are no more required,
 # and uninstall them
 # If no app uses Ruby, rbenv will be also removed.
-_ynh_ruby_cleanup () {
+_ynh_ruby_cleanup() {
 
     # List required Ruby versions
     local installed_apps=$(yunohost app list | grep -oP 'id: \K.*$')
     local required_ruby_versions=""
-    for installed_app in $installed_apps
-    do
+    for installed_app in $installed_apps; do
         local installed_app_ruby_version=$(ynh_app_setting_get --app=$installed_app --key="ruby_version")
-        if [[ -n "$installed_app_ruby_version" ]]
-        then
+        if [[ -n "$installed_app_ruby_version" ]]; then
             required_ruby_versions="${installed_app_ruby_version}\n${required_ruby_versions}"
         fi
     done
 
     # Remove no more needed Ruby versions
     local installed_ruby_versions=$(rbenv versions --bare --skip-aliases | grep -Ev '/')
-    for installed_ruby_version in $installed_ruby_versions
-    do
-        if ! echo ${required_ruby_versions} | grep -q "${installed_ruby_version}"
-        then
+    for installed_ruby_version in $installed_ruby_versions; do
+        if ! echo ${required_ruby_versions} | grep -q "${installed_ruby_version}"; then
             echo "Removing Ruby-$installed_ruby_version"
             $RBENV_INSTALL_DIR/bin/rbenv uninstall --force $installed_ruby_version
         fi
     done
 
     # If none Ruby version is required
-    if [[ -z "$required_ruby_versions" ]]
-    then
+    if [[ -z "$required_ruby_versions" ]]; then
         # Remove rbenv environment configuration
         echo "Removing rbenv"
         ynh_safe_rm "$RBENV_INSTALL_DIR"
@@ -244,9 +238,9 @@ _ynh_ruby_cleanup () {
 }
 
 _ynh_ruby_try_bash_extension() {
-  if [ -x src/configure ]; then
-    src/configure && make -C src 2>&1 || {
-      ynh_print_info "Optional bash extension failed to build, but things will still work normally."
-    }
-  fi
+    if [ -x src/configure ]; then
+        src/configure && make -C src 2>&1 || {
+            ynh_print_info "Optional bash extension failed to build, but things will still work normally."
+        }
+    fi
 }

helpers/helpers.v2.1.d/setting

@@ -98,7 +98,7 @@ ynh_app_setting() {
     # Trick to only re-enable debugging if it was set before
     local xtrace_enable=$(set +o | grep xtrace)
     set +o xtrace # set +x
-    ACTION="$1" APP="$2" KEY="$3" VALUE="${4:-}" python3 - <<EOF
+    ACTION="$1" APP="$2" KEY="$3" VALUE="${4:-}" python3 - << EOF
 import os, yaml, sys
 app, action = os.environ['APP'], os.environ['ACTION'].lower()
 key, value = os.environ['KEY'], os.environ.get('VALUE', None)
@@ -125,15 +125,11 @@ EOF
 
 # Legacy: auto-convert phpversion to php_version (for consistency with nodejs_version, ruby_version, ...)
 # This has to be here and not in the "php" code file because ynh_app_setting_set/delete need to be defined @_@
-if [[ -n "${app:-}" ]] && [[ -n "${phpversion:-}" ]]
-then
-    if [[ -z "${php_version:-}" ]]
-    then
+if [[ -n "${app:-}" ]] && [[ -n "${phpversion:-}" ]]; then
+    if [[ -z "${php_version:-}" ]]; then
         php_version=$phpversion
         ynh_app_setting_set --key=php_version --value=$php_version
     fi
     ynh_app_setting_delete --key=phpversion
     unset phpversion
 fi
-
-

helpers/helpers.v2.1.d/sources

@@ -74,8 +74,7 @@ ynh_setup_source() {
     # ===========================================
 
     local sources_json=$(ynh_read_manifest "resources.sources[\"$source_id\"]")
-    if jq -re ".url" <<< "$sources_json"
-    then
+    if jq -re ".url" <<< "$sources_json"; then
         local arch_prefix=""
     else
         local arch_prefix=".$YNH_ARCH"
@@ -93,25 +92,18 @@ ynh_setup_source() {
     [[ -n "$src_url" ]] || ynh_die "No URL defined for source $source_id$arch_prefix ?"
     [[ -n "$src_sum" ]] || ynh_die "No sha256 sum defined for source $source_id$arch_prefix ?"
 
-    if [[ -z "$src_format" ]]
-    then
-        if [[ "$src_url" =~ ^.*\.zip$ ]] || [[ "$src_url" =~ ^.*/zipball/.*$ ]]
-        then
+    if [[ -z "$src_format" ]]; then
+        if [[ "$src_url" =~ ^.*\.zip$ ]] || [[ "$src_url" =~ ^.*/zipball/.*$ ]]; then
             src_format="zip"
-        elif [[ "$src_url" =~ ^.*\.tar\.gz$ ]] || [[ "$src_url" =~ ^.*\.tgz$ ]] || [[ "$src_url" =~ ^.*/tar\.gz/.*$ ]] || [[ "$src_url" =~ ^.*/tarball/.*$ ]]
-        then
+        elif [[ "$src_url" =~ ^.*\.tar\.gz$ ]] || [[ "$src_url" =~ ^.*\.tgz$ ]] || [[ "$src_url" =~ ^.*/tar\.gz/.*$ ]] || [[ "$src_url" =~ ^.*/tarball/.*$ ]]; then
             src_format="tar.gz"
-        elif [[ "$src_url" =~ ^.*\.tar\.xz$ ]]
-        then
+        elif [[ "$src_url" =~ ^.*\.tar\.xz$ ]]; then
             src_format="tar.xz"
-        elif [[ "$src_url" =~ ^.*\.tar\.bz2$ ]]
-        then
+        elif [[ "$src_url" =~ ^.*\.tar\.bz2$ ]]; then
             src_format="tar.bz2"
-        elif [[ "$src_url" =~ ^.*\.tar$ ]]
-        then
+        elif [[ "$src_url" =~ ^.*\.tar$ ]]; then
             src_format="tar"
-        elif [[ -z "$src_extract" ]]
-        then
+        elif [[ -z "$src_extract" ]]; then
             src_extract="false"
         fi
     fi
@@ -120,8 +112,7 @@ ynh_setup_source() {
     src_format=$(echo "$src_format" | tr '[:upper:]' '[:lower:]')
     src_extract=${src_extract:-true}
 
-    if [[ "$src_extract" != "true" ]] && [[ "$src_extract" != "false" ]]
-    then
+    if [[ "$src_extract" != "true" ]] && [[ "$src_extract" != "false" ]]; then
         ynh_die "For source $source_id, expected either 'true' or 'false' for the extract parameter"
     fi
 
@@ -135,14 +126,12 @@ ynh_setup_source() {
         [ -n "$src_url" ] || ynh_die "Couldn't parse SOURCE_URL from $src_file_path ?"
 
         # If the file was prefetched but somehow doesn't match the sum, rm and redownload it
-        if [ -e "$src_filename" ] && ! echo "${src_sum} ${src_filename}" | sha256sum --check --status
-        then
+        if [ -e "$src_filename" ] && ! echo "${src_sum} ${src_filename}" | sha256sum --check --status; then
             rm -f "$src_filename"
         fi
 
         # Only redownload the file if it wasnt prefetched
-        if [ ! -e "$src_filename" ]
-        then
+        if [ ! -e "$src_filename" ]; then
             # NB. we have to declare the var as local first,
             # otherwise 'local foo=$(false) || echo 'pwet'" does'nt work
             # because local always return 0 ...
@@ -153,8 +142,7 @@ ynh_setup_source() {
         fi
 
         # Check the control sum
-        if ! echo "${src_sum} ${src_filename}" | sha256sum --check --status
-        then
+        if ! echo "${src_sum} ${src_filename}" | sha256sum --check --status; then
             local actual_sum="$(sha256sum ${src_filename} | cut --delimiter=' ' --fields=1)"
             local actual_size="$(du -hs ${src_filename} | cut --fields=1)"
             rm -f ${src_filename}
@@ -185,8 +173,7 @@ ynh_setup_source() {
     mkdir --parents "$dest_dir"
 
     if [[ "$src_extract" == "false" ]]; then
-        if [[ -z "$src_rename" ]]
-        then
+        if [[ -z "$src_rename" ]]; then
             mv $src_filename $dest_dir
         else
             mv $src_filename $dest_dir/$src_rename
@@ -224,8 +211,8 @@ ynh_setup_source() {
     fi
 
     # Apply patches
-    local patches_folder=$(realpath "$YNH_APP_BASEDIR/patches/$source_id")
-    if [ -d "$patches_folder" ]; then
+    if [ -d "$YNH_APP_BASEDIR/patches/" ]; then
+        local patches_folder=$(realpath "$YNH_APP_BASEDIR/patches/$source_id")
         pushd "$dest_dir"
         for patchfile in "$patches_folder/"*.patch; do
             echo "Applying $patchfile"

helpers/helpers.v2.1.d/string

@@ -18,7 +18,7 @@ ynh_string_random() {
     filter=${filter:-'A-Za-z0-9'}
     # ===========================================
 
-    dd if=/dev/urandom bs=1 count=1000 2>/dev/null \
+    dd if=/dev/urandom bs=1 count=1000 2> /dev/null \
         | tr --complement --delete "$filter" \
         | sed --quiet 's/\(.\{'"$length"'\}\).*/\1/p'
 }

helpers/helpers.v2.1.d/systemd

@@ -68,8 +68,7 @@ ynh_systemctl() {
     # ===========================================
 
     # On CI, use length=100 because it's sometime hell to debug otherwise for super-long output
-    if ynh_in_ci_tests && [ $length -le 20 ]
-    then
+    if ynh_in_ci_tests && [ $length -le 20 ]; then
         length=100
     fi
 
@@ -84,12 +83,12 @@ ynh_systemctl() {
         # Following the starting of the app in its log
         if [ "$log_path" == "systemd" ]; then
             # Read the systemd journal
-            journalctl --unit=$service --follow --since=-0 --quiet >"$templog" &
+            journalctl --unit=$service --follow --since=-0 --quiet > "$templog" &
             # Get the PID of the journalctl command
             local pid_tail=$!
         else
             # Read the specified log file
-            tail --follow=name --retry --lines=0 "$log_path" >"$templog" 2>&1 &
+            tail --follow=name --retry --lines=0 "$log_path" > "$templog" 2>&1 &
             # Get the PID of the tail command
             local pid_tail=$!
         fi
@@ -139,8 +138,7 @@ ynh_systemctl() {
             # Also check the timeout using actual timestamp, because sometimes for some reason,
             # journalctl may take a huge time to run, and we end up waiting literally an entire hour
             # instead of 5 min ...
-            if [[ "$(( $(date +%s) - $starttime))" -gt "$timeout" ]]
-            then
+            if [[ "$(($(date +%s) - $starttime))" -gt "$timeout" ]]; then
                 i=$timeout
                 break
             fi
@@ -160,8 +158,7 @@ ynh_systemctl() {
             fi
 
             # If we tried to reload/start/restart the service but systemctl consider it to be still inactive/broken, then handle it as a failure
-            if ([ "$action" == "reload" ] || [ "$action" == "start" ] || [ "$action" == "restart" ]) && ! systemctl --quiet is-active $service
-            then
+            if ([ "$action" == "reload" ] || [ "$action" == "start" ] || [ "$action" == "restart" ]) && ! systemctl --quiet is-active $service; then
                 _ynh_clean_check_starting
                 return 1
             fi

helpers/helpers.v2.1.d/systemuser

@@ -12,7 +12,7 @@ ynh_system_user_exists() {
     ynh_handle_getopts_args "$@"
     # ===========================================
 
-    getent passwd "$username" &>/dev/null
+    getent passwd "$username" &> /dev/null
 }
 
 # Check if a group exists on the system
@@ -27,7 +27,7 @@ ynh_system_group_exists() {
     ynh_handle_getopts_args "$@"
     # ===========================================
 
-    getent group "$group" &>/dev/null
+    getent group "$group" &> /dev/null
 }
 
 # Create a system user

helpers/helpers.v2.1.d/templating

@@ -29,7 +29,7 @@
 # This option is meant for advanced use-cases where the "simple" templating
 # mode ain't enough because you need conditional blocks or loops.
 #
-# For a full documentation of jinja's syntax you can refer to: 
+# For a full documentation of jinja's syntax you can refer to:
 # https://jinja.palletsprojects.com/en/3.1.x/templates/
 #
 # Note that in YunoHost context, all variables are from shell variables and therefore are strings
@@ -70,10 +70,9 @@ ynh_config_add() {
     chmod 640 $destination
     _ynh_apply_default_permissions $destination
 
-    if [[ "$jinja" == 1 ]]
-    then
+    if [[ "$jinja" == 1 ]]; then
         # This is ran in a subshell such that the "export" does not "contaminate" the main process
-        (
+        (   
             export $(compgen -v)
             j2 "$template_path" -f env -o $destination
         )
@@ -216,7 +215,7 @@ ynh_read_var_in_file() {
     var_part+='\s*'
 
     # Extract the part after assignation sign
-    local expression_with_comment="$((tail +$line_number ${file} | grep -i -o -P $var_part'\K.*$' || echo YNH_NULL) | head -n1)"
+    local expression_with_comment="$( (tail +$line_number ${file} | grep -i -o -P $var_part'\K.*$' || echo YNH_NULL) | head -n1)"
     if [[ "$expression_with_comment" == "YNH_NULL" ]]; then
         set -o xtrace # set -x
         echo YNH_NULL
@@ -292,7 +291,7 @@ ynh_write_var_in_file() {
     var_part+='\s*'
 
     # Extract the part after assignation sign
-    local expression_with_comment="$((tail +$after_line_number ${file} | grep -i -o -P $var_part'\K.*$' || echo YNH_NULL) | head -n1)"
+    local expression_with_comment="$( (tail +$after_line_number ${file} | grep -i -o -P $var_part'\K.*$' || echo YNH_NULL) | head -n1)"
     if [[ "$expression_with_comment" == "YNH_NULL" ]]; then
         set -o xtrace # set -x
         return 1

helpers/helpers.v2.1.d/utils

@@ -9,8 +9,7 @@ YNH_APP_BASEDIR=${YNH_APP_BASEDIR:-$(realpath ..)}
 ynh_exit_properly() {
     local exit_code=$?
 
-    if [[ "${YNH_APP_ACTION:-}" =~ ^install$|^upgrade$|^restore$ ]]
-    then
+    if [[ "${YNH_APP_ACTION:-}" =~ ^install$|^upgrade$|^restore$ ]]; then
         rm -rf "/var/cache/yunohost/download/"
     fi
 
@@ -47,8 +46,7 @@ ynh_abort_if_errors() {
 }
 
 # When running an app script, auto-enable ynh_abort_if_errors except for remove script
-if [[ "${YNH_CONTEXT:-}" != "regenconf" ]] && [[ "${YNH_APP_ACTION}" != "remove" ]]
-then
+if [[ "${YNH_CONTEXT:-}" != "regenconf" ]] && [[ "${YNH_APP_ACTION}" != "remove" ]]; then
     ynh_abort_if_errors
 fi
 
@@ -124,8 +122,7 @@ _acceptable_path_to_delete() {
     local forbidden_paths=$(ls -d / /* /{var,home,usr}/* /etc/{default,sudoers.d,yunohost,cron*} /etc/yunohost/{apps,domains,hooks.d} /opt/yunohost 2> /dev/null)
 
     # Legacy : A couple apps still have data in /home/$app ...
-    if [[ -n "${app:-}" ]]
-    then
+    if [[ -n "${app:-}" ]]; then
         forbidden_paths=$(echo "$forbidden_paths" | grep -v "/home/$app")
     fi
 
@@ -223,31 +220,27 @@ _ynh_apply_default_permissions() {
     is_in_dir() {
         # Returns false if parent is empty
         [ -n "$2" ] || return 1
-        local child=$(realpath "$1" 2>/dev/null)
-        local parent=$(realpath "$2" 2>/dev/null)
+        local child=$(realpath "$1" 2> /dev/null)
+        local parent=$(realpath "$2" 2> /dev/null)
         [[ "${child}" =~ ^$parent ]]
     }
 
     # App files can have files of their own
     if ynh_system_user_exists --username="$app"; then
         # If this is a file in $install_dir or $data_dir : it should be owned and read+writable by $app only
-        if [ -f "$target" ] && (is_in_dir "$target" "${install_dir:-}" || is_in_dir "$target" "${data_dir:-}" || is_in_dir "$target" "/etc/$app")
-        then
+        if [ -f "$target" ] && (is_in_dir "$target" "${install_dir:-}" || is_in_dir "$target" "${data_dir:-}" || is_in_dir "$target" "/etc/$app"); then
             chmod 600 "$target"
             chown "$app:$app" "$target"
             return
         fi
         # If this is the install dir (so far this is the only way this helper is called with a directory)
-        if [ "$target" ==  "${install_dir:-}" ]
-        then
+        if [ "$target" == "${install_dir:-}" ]; then
             # Read the group from the install_dir manifest resource
             local group="$(ynh_read_manifest 'resources.install_dir.group' | sed 's/null//g' | sed "s/__APP__/$app/g" | cut -f1 -d:)"
-            if [[ -z "$group" ]]
-            then
+            if [[ -z "$group" ]]; then
                 # We set the group to www-data for webapps that do serve static assets, which therefore need to be readable by nginx ...
                 # The fact that the app needs this is infered by the existence of an nginx.conf and the presence of "alias" or "root" directive
-                if grep -q '^\s*alias\s\|^\s*root\s' "$YNH_APP_BASEDIR/conf/nginx.conf" 2>/dev/null;
-                then
+                if grep -q '^\s*alias\s\|^\s*root\s' "$YNH_APP_BASEDIR/conf/nginx.conf" 2> /dev/null; then
                     group="www-data"
                 # Or default to "$app"
                 else
@@ -292,7 +285,7 @@ ynh_validate_ip() {
     [ "$family" == "4" ] || [ "$family" == "6" ] || return 1
 
     # http://stackoverflow.com/questions/319279/how-to-validate-ip-address-in-python#319298
-    python3 /dev/stdin <<EOF
+    python3 /dev/stdin << EOF
 import socket
 import sys
 family = { "4" : socket.AF_INET, "6" : socket.AF_INET6 }
@@ -390,69 +383,201 @@ ynh_user_list() {
 # from the app's service configuration file (defaults to $app.service, overridable by the packager with `service` setting).
 # If the app relies on a specific PHP version, then `php` will be aliased that version. The PHP command will also be appended with the `phpflags` settings.
 ynh_spawn_app_shell() {
-        local app=$1
+    local app=$1
 
-        # Force Bash to be used to run this helper
-        [[ $0 =~ \/?bash$ ]] || ynh_die "Please use Bash as shell"
+    # Force Bash to be used to run this helper
+    [[ $0 =~ \/?bash$ ]] || ynh_die "Please use Bash as shell"
 
-        # Make sure the app is installed
-        test -d /etc/yunohost/apps/$app || ynh_die "$app is not an installed app ?!"
+    # Make sure the app is installed
+    test -d /etc/yunohost/apps/$app || ynh_die "$app is not an installed app ?!"
 
-        # Make sure the app has its own user
-        id -u "$app" &>/dev/null || ynh_die "There is no \"$app\" system user"
+    # Make sure the app has its own user
+    id -u "$app" &> /dev/null || ynh_die "There is no \"$app\" system user"
 
-        # Make sure the app has an install_dir setting
-        local install_dir=$(ynh_app_setting_get --app=$app --key=install_dir)
-        [ -n "$install_dir" ] || ynh_die "$app has no install_dir setting (does it use packaging format >=2?)"
+    # Make sure the app has an install_dir setting
+    local install_dir=$(ynh_app_setting_get --app=$app --key=install_dir)
+    [ -n "$install_dir" ] || ynh_die "$app has no install_dir setting (does it use packaging format >=2?)"
 
-        # Load the app's service name, or default to $app
-        local service=$(ynh_app_setting_get --app=$app --key=service)
-        [ -z "$service" ] && service=$app;
+    # Load the app's service name, or default to $app
+    local service=$(ynh_app_setting_get --app=$app --key=service)
+    [ -z "$service" ] && service=$app
 
-        # Export HOME variable
-        export HOME=$install_dir;
+    # Export HOME variable
+    export HOME=$install_dir
 
-        # Load the Environment variables from the app's service
-        local env_var=$(systemctl show $service.service -p "Environment" --value)
-        [ -n "$env_var" ] && export $env_var;
+    # Load the Environment variables from the app's service
+    local env_var=$(systemctl show $service.service -p "Environment" --value)
+    [ -n "$env_var" ] && export $env_var
 
-        # Force `php` to its intended version
-        # We use `eval`+`export` since `alias` is not propagated to subshells, even with `export`
-        local phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
-        local phpflags=$(ynh_app_setting_get --app=$app --key=phpflags)
-        if [ -n "$phpversion" ]
-        then
-            eval "php() { php${phpversion} ${phpflags} \"\$@\"; }"
-            export -f php
-        fi
+    # Force `php` to its intended version
+    # We use `eval`+`export` since `alias` is not propagated to subshells, even with `export`
+    local phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
+    local phpflags=$(ynh_app_setting_get --app=$app --key=phpflags)
+    if [ -n "$phpversion" ]; then
+        eval "php() { php${phpversion} ${phpflags} \"\$@\"; }"
+        export -f php
+    fi
 
-        # Source the EnvironmentFiles from the app's service
-        local env_files=($(systemctl show $service.service -p "EnvironmentFiles" --value))
-        if [ ${#env_files[*]} -gt 0 ]
-        then
-            # set -/+a enables and disables new variables being automatically exported. Needed when using `source`.
-            set -a
-            for file in ${env_files[*]}
-            do
-                [[ $file = /* ]] && source $file
-            done
-            set +a
-        fi
+    # Source the EnvironmentFiles from the app's service
+    local env_files=($(systemctl show $service.service -p "EnvironmentFiles" --value))
+    if [ ${#env_files[*]} -gt 0 ]; then
+        # set -/+a enables and disables new variables being automatically exported. Needed when using `source`.
+        set -a
+        for file in ${env_files[*]}; do
+            [[ $file = /* ]] && source $file
+        done
+        set +a
+    fi
 
-        # Activate the Python environment, if it exists
-        if [ -f $install_dir/venv/bin/activate ]
-        then
-            # set -/+a enables and disables new variables being automatically exported. Needed when using `source`.
-            set -a
-            source $install_dir/venv/bin/activate
-            set +a
-        fi
+    # Activate the Python environment, if it exists
+    if [ -f $install_dir/venv/bin/activate ]; then
+        # set -/+a enables and disables new variables being automatically exported. Needed when using `source`.
+        set -a
+        source $install_dir/venv/bin/activate
+        set +a
+    fi
 
-        # cd into the WorkingDirectory set in the service, or default to the install_dir
-        local env_dir=$(systemctl show $service.service -p "WorkingDirectory" --value)
-        [ -z $env_dir ] && env_dir=$install_dir;
-        cd $env_dir
+    # cd into the WorkingDirectory set in the service, or default to the install_dir
+    local env_dir=$(systemctl show $service.service -p "WorkingDirectory" --value)
+    [ -z $env_dir ] && env_dir=$install_dir
+    cd $env_dir
 
-        # Spawn the app shell
-        su -s /bin/bash $app
+    # Spawn the app shell
+    su -s /bin/bash $app
+}
+
+# Add swap
+#
+# usage: ynh_add_swap --size=SWAP in Mb
+# | arg: -s, --size= - Amount of SWAP to add in Mb.
+ynh_add_swap() {
+    if systemd-detect-virt --container --quiet; then
+        ynh_print_warn --message="You are inside a container/VM. swap will not be added, but that can cause troubles for the app $app. Please make sure you have enough RAM available."
+        return
+    fi
+
+    # Declare an array to define the options of this helper.
+    declare -Ar args_array=([s]=size=)
+    local size
+    # Manage arguments with getopts
+    ynh_handle_getopts_args "$@"
+
+    local swap_max_size=$(($size * 1024))
+
+    local free_space=$(df --output=avail / | sed 1d)
+    # Because we don't want to fill the disk with a swap file, divide by 2 the available space.
+    local usable_space=$(($free_space / 2))
+
+    SD_CARD_CAN_SWAP=${SD_CARD_CAN_SWAP:-0}
+
+    # Swap on SD card only if it's is specified
+    if ynh_is_main_device_a_sd_card && [ "$SD_CARD_CAN_SWAP" == "0" ]; then
+        ynh_print_warn --message="The main mountpoint of your system '/' is on an SD card, swap will not be added to prevent some damage of this one, but that can cause troubles for the app $app. If you still want activate the swap, you can relaunch the command preceded by 'SD_CARD_CAN_SWAP=1'"
+        return
+    fi
+
+    # Compare the available space with the size of the swap.
+    # And set a acceptable size from the request
+    if [ $usable_space -ge $swap_max_size ]; then
+        local swap_size=$swap_max_size
+    elif [ $usable_space -ge $(($swap_max_size / 2)) ]; then
+        local swap_size=$(($swap_max_size / 2))
+    elif [ $usable_space -ge $(($swap_max_size / 3)) ]; then
+        local swap_size=$(($swap_max_size / 3))
+    elif [ $usable_space -ge $(($swap_max_size / 4)) ]; then
+        local swap_size=$(($swap_max_size / 4))
+    else
+        echo "Not enough space left for a swap file" >&2
+        local swap_size=0
+    fi
+
+    # If there's enough space for a swap, and no existing swap here
+    if [ $swap_size -ne 0 ] && [ ! -e /swap_$app ]; then
+        # Create file
+        truncate -s 0 /swap_$app
+
+        # set the No_COW attribute on the swapfile with chattr
+        chattr +C /swap_$app
+
+        # Preallocate space for the swap file, fallocate may sometime not be used, use dd instead in this case
+        if ! fallocate -l ${swap_size}K /swap_$app; then
+            dd if=/dev/zero of=/swap_$app bs=1024 count=${swap_size}
+        fi
+        chmod 0600 /swap_$app
+        # Create the swap
+        mkswap /swap_$app
+        # And activate it
+        swapon /swap_$app
+        # Then add an entry in fstab to load this swap at each boot.
+        echo -e "/swap_$app swap swap defaults 0 0 #Swap added by $app" >> /etc/fstab
+    fi
+}
+
+ynh_del_swap() {
+    # If there a swap at this place
+    if [ -e /swap_$app ]; then
+        # Clean the fstab
+        sed -i "/#Swap added by $app/d" /etc/fstab
+        # Desactive the swap file
+        swapoff /swap_$app
+        # And remove it
+        rm /swap_$app
+    fi
+}
+
+# Check if the device of the main mountpoint "/" is an SD card
+#
+# [internal]
+#
+# return 0 if it's an SD card, else 1
+ynh_is_main_device_a_sd_card() {
+    if [ "$(systemd-detect-virt)" != "none" ]; then
+        # Assume virtualization does not take place on SD card
+        return 1
+    fi
+
+    local main_device=$(lsblk --output PKNAME --noheadings $(findmnt / --nofsroot --uniq --output source --noheadings --first-only))
+
+    if echo $main_device | grep --quiet "mmc" && [ $(tail -n1 /sys/block/$main_device/queue/rotational) == "0" ]; then
+        return 0
+    else
+        return 1
+    fi
+}
+
+# Check available space before creating a temp directory.
+#
+# usage: ynh_smart_mktemp --min_size="Min size"
+#
+# | arg: -s, --min_size= - Minimal size needed for the temporary directory, in Mb
+ynh_smart_mktemp() {
+    # Declare an array to define the options of this helper.
+    declare -Ar args_array=([s]=min_size=)
+    local min_size
+    # Manage arguments with getopts
+    ynh_handle_getopts_args "$@"
+
+    min_size="${min_size:-300}"
+    # Transform the minimum size from megabytes to kilobytes
+    min_size=$(($min_size * 1024))
+
+    # Check if there's enough free space in a directory
+    is_there_enough_space() {
+        local free_space=$(df --output=avail "$1" | sed 1d)
+        test $free_space -ge $min_size
+    }
+
+    if is_there_enough_space /tmp; then
+        local tmpdir=/tmp
+    elif is_there_enough_space /var; then
+        local tmpdir=/var
+    elif is_there_enough_space /; then
+        local tmpdir=/
+    elif is_there_enough_space /home; then
+        local tmpdir=/home
+    else
+        ynh_die "Insufficient free space to continue..."
+    fi
+
+    echo "$(mktemp --directory --tmpdir="$tmpdir")"
 }

hooks/backup/50-conf_manually_modified_files

@@ -6,7 +6,7 @@ YNH_CWD="${YNH_BACKUP_DIR%/}/conf/manually_modified_files"
 mkdir -p "$YNH_CWD"
 cd "$YNH_CWD"
 
-yunohost tools shell -c "from yunohost.regenconf import manually_modified_files; print('\n'.join(manually_modified_files()))" >./manually_modified_files_list
+yunohost tools shell -c "from yunohost.regenconf import manually_modified_files; print('\n'.join(manually_modified_files()))" > ./manually_modified_files_list
 
 ynh_backup --src_path="./manually_modified_files_list"
 

hooks/conf_regen/01-yunohost

@@ -14,7 +14,7 @@ do_init_regen() {
 
     # set default current_host
     [[ -f /etc/yunohost/current_host ]] \
-        || echo "yunohost.org" >/etc/yunohost/current_host
+        || echo "yunohost.org" > /etc/yunohost/current_host
 
     # copy default services and firewall
     [[ -f /etc/yunohost/firewall.yml ]] \
@@ -45,7 +45,7 @@ do_init_regen() {
     chown root:root /home/yunohost.backup/archives # This is later changed to root:admins once the admins group exists
 
     # Empty ssowat json persistent conf
-    echo "{}" >'/etc/ssowat/conf.json.persistent'
+    echo "{}" > '/etc/ssowat/conf.json.persistent'
     chmod 644 /etc/ssowat/conf.json.persistent
     chown root:root /etc/ssowat/conf.json.persistent
 
@@ -74,8 +74,7 @@ do_init_regen() {
 
     # Change dpkg vendor
     # see https://wiki.debian.org/Derivatives/Guidelines#Vendor
-    if readlink -f /etc/dpkg/origins/default | grep -q debian;
-    then
+    if readlink -f /etc/dpkg/origins/default | grep -q debian; then
         rm -f /etc/dpkg/origins/default
         ln -s /etc/dpkg/origins/yunohost /etc/dpkg/origins/default
     fi
@@ -93,19 +92,19 @@ do_pre_regen() {
     # add cron job for diagnosis to be ran at 7h and 19h + a random delay between
     # 0 and 20min, meant to avoid every instances running their diagnosis at
     # exactly the same time, which may overload the diagnosis server.
-    cat >$pending_dir/etc/cron.d/yunohost-diagnosis <<EOF
+    cat > $pending_dir/etc/cron.d/yunohost-diagnosis << EOF
 SHELL=/bin/bash
 0 7,19 * * * root : YunoHost Automatic Diagnosis; sleep \$((RANDOM\\%1200)); yunohost diagnosis run --email > /dev/null 2>/dev/null || echo "Running the automatic diagnosis failed miserably"
 EOF
 
     # Cron job that upgrade the app list everyday
-    cat >$pending_dir/etc/cron.daily/yunohost-fetch-apps-catalog <<EOF
+    cat > $pending_dir/etc/cron.daily/yunohost-fetch-apps-catalog << EOF
 #!/bin/bash
 sleep \$((RANDOM%3600)); yunohost tools update apps > /dev/null
 EOF
 
     # Cron job that renew lets encrypt certificates if there's any that needs renewal
-    cat >$pending_dir/etc/cron.daily/yunohost-certificate-renew <<EOF
+    cat > $pending_dir/etc/cron.daily/yunohost-certificate-renew << EOF
 #!/bin/bash
 yunohost domain cert renew --email
 EOF
@@ -113,8 +112,8 @@ EOF
     # If we subscribed to a dyndns domain, add the corresponding cron
     # - delay between 0 and 60 secs to spread the check over a 1 min window
     # - do not run the command if some process already has the lock, to avoid queuing hundreds of commands...
-    if ls -l /etc/yunohost/dyndns/K*.key 2>/dev/null; then
-        cat >$pending_dir/etc/cron.d/yunohost-dyndns <<EOF
+    if ls -l /etc/yunohost/dyndns/K*.key 2> /dev/null; then
+        cat > $pending_dir/etc/cron.d/yunohost-dyndns << EOF
 SHELL=/bin/bash
 # Every 10 minutes,
 #   - (sleep random 60 is here to spread requests over a 1-min window)
@@ -129,10 +128,9 @@ EOF
     fi
 
     # Skip ntp if inside a container (inspired from the conf of systemd-timesyncd)
-    if systemctl | grep -q 'ntp.service'
-    then
+    if systemctl | grep -q 'ntp.service'; then
         mkdir -p ${pending_dir}/etc/systemd/system/ntp.service.d/
-        cat >${pending_dir}/etc/systemd/system/ntp.service.d/ynh-override.conf <<EOF
+        cat > ${pending_dir}/etc/systemd/system/ntp.service.d/ynh-override.conf << EOF
 [Unit]
 ConditionCapability=CAP_SYS_TIME
 ConditionVirtualization=!container
@@ -141,7 +139,7 @@ EOF
 
     # Make nftable conflict with yunohost-firewall
     mkdir -p ${pending_dir}/etc/systemd/system/nftables.service.d/
-    cat >${pending_dir}/etc/systemd/system/nftables.service.d/ynh-override.conf <<EOF
+    cat > ${pending_dir}/etc/systemd/system/nftables.service.d/ynh-override.conf << EOF
 [Unit]
 # yunohost-firewall and nftables conflict with each other
 Conflicts=yunohost-firewall.service
@@ -151,7 +149,7 @@ EOF
 
     # Don't suspend computer on LidSwitch
     mkdir -p ${pending_dir}/etc/systemd/logind.conf.d/
-    cat >${pending_dir}/etc/systemd/logind.conf.d/ynh-override.conf <<EOF
+    cat > ${pending_dir}/etc/systemd/logind.conf.d/ynh-override.conf << EOF
 [Login]
 HandleLidSwitch=ignore
 HandleLidSwitchDocked=ignore
@@ -192,8 +190,7 @@ do_post_regen() {
     find /etc/systemd/system/*.service -type f | xargs -r chown root:root
     find /etc/systemd/system/*.service -type f | xargs -r chmod 0644
 
-    if ls -l /etc/php/*/fpm/pool.d/*.conf
-    then
+    if ls -l /etc/php/*/fpm/pool.d/*.conf; then
         chown root:root /etc/php/*/fpm/pool.d/*.conf
         chmod 644 /etc/php/*/fpm/pool.d/*.conf
     fi
@@ -222,8 +219,8 @@ do_post_regen() {
     mkdir -p /etc/yunohost/domains
 
     # Misc configuration / state files
-    chown root:root $(ls /etc/yunohost/{*.yml,*.yaml,*.json,mysql,psql} 2>/dev/null | grep -vw mdns.yml)
-    chmod 600 $(ls /etc/yunohost/{*.yml,*.yaml,*.json,mysql,psql} 2>/dev/null)
+    chown root:root $(ls /etc/yunohost/{*.yml,*.yaml,*.json,mysql,psql} 2> /dev/null | grep -vw mdns.yml)
+    chmod 600 $(ls /etc/yunohost/{*.yml,*.yaml,*.json,mysql,psql} 2> /dev/null)
 
     # Apps folder, custom hooks folder
     [[ ! -e /etc/yunohost/hooks.d ]] || (chown root /etc/yunohost/hooks.d && chmod 700 /etc/yunohost/hooks.d)
@@ -235,15 +232,14 @@ do_post_regen() {
     grep -q '^sftp.app:' /etc/group || groupadd sftp.app
 
     # Propagates changes in systemd service config overrides
-    if systemctl | grep -q 'ntp.service'
-    then
+    if systemctl | grep -q 'ntp.service'; then
         [[ ! "$regen_conf_files" =~ "ntp.service.d/ynh-override.conf" ]] || {
             systemctl daemon-reload
             systemctl restart ntp
         }
     fi
     [[ ! "$regen_conf_files" =~ "nftables.service.d/ynh-override.conf" ]] || systemctl daemon-reload
-    [[ ! "$regen_conf_files" =~ "login.conf.d/ynh-override.conf" ]] ||  {
+    [[ ! "$regen_conf_files" =~ "login.conf.d/ynh-override.conf" ]] || {
         systemctl daemon-reload
         systemctl restart systemd-logind
     }
@@ -263,14 +259,12 @@ do_post_regen() {
 
     # Change dpkg vendor
     # see https://wiki.debian.org/Derivatives/Guidelines#Vendor
-    if readlink -f /etc/dpkg/origins/default | grep -q debian;
-    then
+    if readlink -f /etc/dpkg/origins/default | grep -q debian; then
         rm -f /etc/dpkg/origins/default
         ln -s /etc/dpkg/origins/yunohost /etc/dpkg/origins/default
     fi
 
-    if test -e /etc/yunohost/installed && test -e /etc/profile.d/check_yunohost_is_installed.sh
-    then
+    if test -e /etc/yunohost/installed && test -e /etc/profile.d/check_yunohost_is_installed.sh; then
         rm /etc/profile.d/check_yunohost_is_installed.sh
     fi
 }

hooks/conf_regen/02-ssl

@@ -23,7 +23,7 @@ regen_local_ca() {
     # (Update the serial so that it's specific to this very instance)
     # N.B. : the weird RANDFILE thing comes from:
     # https://stackoverflow.com/questions/94445/using-openssl-what-does-unable-to-write-random-state-mean
-    RANDFILE=.rnd openssl rand -hex 19 >serial
+    RANDFILE=.rnd openssl rand -hex 19 > serial
     rm -f index.txt
     touch index.txt
     cp ${template_dir}/openssl.cnf openssl.ca.cnf
@@ -51,7 +51,7 @@ regen_local_ca() {
 do_init_regen() {
 
     LOGFILE=/tmp/yunohost-ssl-init
-    echo "" >$LOGFILE
+    echo "" > $LOGFILE
     chown root:root $LOGFILE
     chmod 640 $LOGFILE
 
@@ -61,24 +61,24 @@ do_init_regen() {
 
     # create default certificates
     if [[ ! -f "$ynh_ca" ]]; then
-        regen_local_ca yunohost.org >>$LOGFILE
+        regen_local_ca yunohost.org >> $LOGFILE
     fi
 
     if [[ ! -f "$ynh_crt" ]]; then
-        echo -e "\n# Creating initial key and certificate \n" >>$LOGFILE
+        echo -e "\n# Creating initial key and certificate \n" >> $LOGFILE
 
         openssl req -new \
             -config "${ssl_dir}/openssl.cnf" \
             -out "${ssl_dir}/certs/yunohost_csr.pem" \
             -keyout "${ssl_dir}/certs/yunohost_key.pem" \
-            -nodes -batch &>>$LOGFILE
+            -nodes -batch &>> $LOGFILE
 
         openssl ca \
             -config "${ssl_dir}/openssl.cnf" \
             -days 730 \
             -in "${ssl_dir}/certs/yunohost_csr.pem" \
             -out "${ssl_dir}/certs/yunohost_crt.pem" \
-            -batch &>>$LOGFILE
+            -batch &>> $LOGFILE
 
         chmod 640 "${ssl_dir}/certs/yunohost_key.pem"
         chmod 640 "${ssl_dir}/certs/yunohost_crt.pem"
@@ -104,10 +104,9 @@ do_post_regen() {
 
     current_local_ca_domain=$(openssl x509 -in $ynh_ca -text | tr ',' '\n' | grep Issuer | awk '{print $4}')
     main_domain=$(cat /etc/yunohost/current_host)
-   
+
     # Automigrate legacy folder
-    if [ -e /usr/share/yunohost/yunohost-config/ssl/yunoCA ]
-    then
+    if [ -e /usr/share/yunohost/yunohost-config/ssl/yunoCA ]; then
         mv /usr/share/yunohost/yunohost-config/ssl/yunoCA/* ${ssl_dir}
         rm -rf /usr/share/yunohost/yunohost-config
         # Overwrite openssl.cnf because it may still contain references to the old yunoCA dir
@@ -120,7 +119,7 @@ do_post_regen() {
     chown root:root ${ssl_dir}
     chmod 750 ${ssl_dir}
     chmod -R o-rwx ${ssl_dir}
-    chmod o+x ${ssl_dir}/certs 
+    chmod o+x ${ssl_dir}/certs
     chmod o+r ${ssl_dir}/certs/yunohost_crt.pem
 
     if [[ "$current_local_ca_domain" != "$main_domain" ]]; then

hooks/conf_regen/03-ssh

@@ -12,7 +12,7 @@ do_pre_regen() {
     # do not listen to IPv6 if unavailable
     [[ -f /proc/net/if_inet6 ]] && ipv6_enabled=true || ipv6_enabled=false
 
-    ssh_keys=$(ls /etc/ssh/ssh_host_{ed25519,rsa,ecdsa}_key 2>/dev/null || true)
+    ssh_keys=$(ls /etc/ssh/ssh_host_{ed25519,rsa,ecdsa}_key 2> /dev/null || true)
 
     # Support different strategy for security configurations
     export compatibility="$(yunohost settings get 'security.ssh.ssh_compatibility')"

hooks/conf_regen/06-slapd

@@ -20,7 +20,7 @@ do_init_regen() {
     rm -rf /var/backups/*.ldapdb
     rm -rf /var/backups/slapd-*
 
-    debconf-set-selections <<EOF
+    debconf-set-selections << EOF
 slapd slapd/password1 password yunohost
 slapd slapd/password2 password yunohost
 slapd slapd/domain string yunohost.org
@@ -87,13 +87,13 @@ do_pre_regen() {
     rm -f "$tmp_backup_dir_file"
 
     # Define if we need to migrate from hdb to mdb
-    curr_backend=$(grep '^database' /etc/ldap/slapd.conf 2>/dev/null | awk '{print $2}')
+    curr_backend=$(grep '^database' /etc/ldap/slapd.conf 2> /dev/null | awk '{print $2}')
     if [ -e /etc/ldap/slapd.conf ] && [ -n "$curr_backend" ] \
         && [ $curr_backend != 'mdb' ]; then
         backup_dir="/var/backups/dc=yunohost,dc=org-${curr_backend}-$(date +%s)"
         mkdir -p "$backup_dir"
         slapcat -b dc=yunohost,dc=org -l "${backup_dir}/dc=yunohost-dc=org.ldif"
-        echo "$backup_dir" >"$tmp_backup_dir_file"
+        echo "$backup_dir" > "$tmp_backup_dir_file"
     fi
 
     # create needed directories
@@ -155,7 +155,7 @@ objectClass: top"
     _regenerate_slapd_conf
 
     # If there's a backup, re-import its data
-    backup_dir=$(cat "$tmp_backup_dir_file" 2>/dev/null || true)
+    backup_dir=$(cat "$tmp_backup_dir_file" 2> /dev/null || true)
     if [[ -n "$backup_dir" && -f "${backup_dir}/dc=yunohost-dc=org.ldif" ]]; then
         # regenerate LDAP config directory and import database as root
         echo "Import the database using slapadd"

hooks/conf_regen/10-apt

@@ -17,14 +17,14 @@ do_pre_regen() {
     echo "
 Package: php-common
 Pin: origin \"packages.sury.org\"
-Pin-Priority: 500" >>"${pending_dir}/etc/apt/preferences.d/extra_php_version"
+Pin-Priority: 500" >> "${pending_dir}/etc/apt/preferences.d/extra_php_version"
 
     packages_to_refuse_from_sury="php php-* openssl libssl1.1 libssl-dev"
     for package in $packages_to_refuse_from_sury; do
         echo "
 Package: $package
 Pin: origin \"packages.sury.org\" 
-Pin-Priority: -1" >>"${pending_dir}/etc/apt/preferences.d/extra_php_version"
+Pin-Priority: -1" >> "${pending_dir}/etc/apt/preferences.d/extra_php_version"
     done
 
     echo "
@@ -54,8 +54,7 @@ Pin-Priority: -1
 Package: bind9
 Pin: release *
 Pin-Priority: -1
-" >>"${pending_dir}/etc/apt/preferences.d/ban_packages"
-
+" >> "${pending_dir}/etc/apt/preferences.d/ban_packages"
 
 }
 
@@ -63,19 +62,17 @@ do_post_regen() {
     regen_conf_files=$1
 
     # Purge expired keys (such as sury 95BD4743)
-    EXPIRED_KEYS="$(LC_ALL='en_US.UTF-8' apt-key list 2>/dev/null | grep -A1 'expired:' | grep -v 'expired\|^-' | sed 's/\s//g')"
-    for KEY in $EXPIRED_KEYS; do apt-key del $KEY 2>/dev/null; done
+    EXPIRED_KEYS="$(LC_ALL='en_US.UTF-8' apt-key list 2> /dev/null | grep -A1 'expired:' | grep -v 'expired\|^-' | sed 's/\s//g')"
+    for KEY in $EXPIRED_KEYS; do apt-key del $KEY 2> /dev/null; done
 
     # Add sury key
     # We do this only at the post regen and if the key doesn't already exists, because we don't want the regenconf to fuck everything up if the regenconf runs while the network is down
-    if [[ ! -s /etc/apt/trusted.gpg.d/extra_php_version.gpg ]]
-    then
-        wget --timeout 900 --quiet "https://packages.sury.org/php/apt.gpg" --output-document=- | gpg --dearmor >"/etc/apt/trusted.gpg.d/extra_php_version.gpg"
+    if [[ ! -s /etc/apt/trusted.gpg.d/extra_php_version.gpg ]]; then
+        wget --timeout 900 --quiet "https://packages.sury.org/php/apt.gpg" --output-document=- | gpg --dearmor > "/etc/apt/trusted.gpg.d/extra_php_version.gpg"
     fi
 
     # Make sure php7.4 is the default version when using php in cli
-    if test -e /usr/bin/php$YNH_DEFAULT_PHP_VERSION
-    then
+    if test -e /usr/bin/php$YNH_DEFAULT_PHP_VERSION; then
         update-alternatives --set php /usr/bin/php$YNH_DEFAULT_PHP_VERSION
     fi
 }

hooks/conf_regen/12-metronome

@@ -2,8 +2,7 @@
 
 set -e
 
-if ! dpkg --list | grep -q 'ii *metronome '
-then
+if ! dpkg --list | grep -q 'ii *metronome '; then
     echo 'metronome is not installed, skipping'
     exit 0
 fi
@@ -24,7 +23,7 @@ do_pre_regen() {
     # install main conf file
     cat metronome.cfg.lua \
         | sed "s/{{ main_domain }}/${main_domain}/g" \
-            >"${metronome_dir}/metronome.cfg.lua"
+            > "${metronome_dir}/metronome.cfg.lua"
 
     # Trick such that old conf files are flagged as to remove
     for domain in $YNH_DOMAINS; do
@@ -36,7 +35,7 @@ do_pre_regen() {
     for domain in $domain_list; do
         cat domain.tpl.cfg.lua \
             | sed "s/{{ domain }}/${domain}/g" \
-                >"${metronome_conf_dir}/${domain}.cfg.lua"
+                > "${metronome_conf_dir}/${domain}.cfg.lua"
     done
 
     # remove old domain conf files
@@ -74,16 +73,13 @@ do_post_regen() {
     chown -R metronome: /var/lib/metronome/
     chown -R metronome: /etc/metronome/conf.d/
 
-    if [[ -z "$(ls /etc/metronome/conf.d/*.cfg.lua 2>/dev/null)" ]]
-    then
-        if systemctl is-enabled metronome &>/dev/null
-        then
-            systemctl disable metronome --now 2>/dev/null
+    if [[ -z "$(ls /etc/metronome/conf.d/*.cfg.lua 2> /dev/null)" ]]; then
+        if systemctl is-enabled metronome &> /dev/null; then
+            systemctl disable metronome --now 2> /dev/null
         fi
     else
-        if ! systemctl is-enabled metronome &>/dev/null
-        then
-            systemctl enable metronome --now 2>/dev/null
+        if ! systemctl is-enabled metronome &> /dev/null; then
+            systemctl enable metronome --now 2> /dev/null
             sleep 3
         fi
 

hooks/conf_regen/15-nginx

@@ -32,7 +32,7 @@ do_init_regen() {
     cp "redirect_to_admin.conf" $nginx_conf_dir/default.d/
 
     # Restart nginx if conf looks good, otherwise display error and exit unhappy
-    nginx -t 2>/dev/null || {
+    nginx -t 2> /dev/null || {
         nginx -t
         exit 1
     }
@@ -58,7 +58,7 @@ do_pre_regen() {
     # remove the panel overlay if this is specified in settings
     panel_overlay=$(yunohost settings get 'misc.portal.ssowat_panel_overlay_enabled' | int_to_bool)
     if [ "$panel_overlay" == "False" ]; then
-        echo "#" >"${nginx_conf_dir}/yunohost_panel.conf.inc"
+        echo "#" > "${nginx_conf_dir}/yunohost_panel.conf.inc"
     fi
 
     # retrieve variables
@@ -86,22 +86,19 @@ do_pre_regen() {
         export domain_cert_ca=$(echo $cert_status \
             | jq ".certificates.\"$domain\".CA_type" \
             | tr -d '"')
-        if echo "$xmpp_domain_list" | grep -q "^$domain$"
-        then
+        if echo "$xmpp_domain_list" | grep -q "^$domain$"; then
             export xmpp_enabled="True"
         else
             export xmpp_enabled="False"
         fi
-        if echo "$mail_domain_list" | grep -q "^$domain$"
-        then
+        if echo "$mail_domain_list" | grep -q "^$domain$"; then
             export mail_enabled="True"
         else
             export mail_enabled="False"
         fi
 
         ynh_render_template "server.tpl.conf" "${nginx_conf_dir}/${domain}.conf"
-        if [ $mail_enabled == "True" ]
-        then
+        if [ $mail_enabled == "True" ]; then
             ynh_render_template "autoconfig.tpl.xml" "${mail_autoconfig_dir}/config-v1.1.xml"
         fi
 
@@ -129,7 +126,7 @@ do_pre_regen() {
     done
 
     # remove old mail-autoconfig files
-    autoconfig_files=$(ls -1 /var/www/.well-known/*/autoconfig/mail/config-v1.1.xml 2>/dev/null || true)
+    autoconfig_files=$(ls -1 /var/www/.well-known/*/autoconfig/mail/config-v1.1.xml 2> /dev/null || true)
     for file in $autoconfig_files; do
         domain=$(basename $(readlink -f $(dirname $file)/../..))
         [[ $YNH_DOMAINS =~ $domain ]] \
@@ -144,8 +141,7 @@ do_pre_regen() {
 do_post_regen() {
     regen_conf_files=$1
 
-    if ls -l /etc/nginx/conf.d/*.d/*.conf
-    then
+    if ls -l /etc/nginx/conf.d/*.d/*.conf; then
         chown root:root /etc/nginx/conf.d/*.d/*.conf
         chmod 644 /etc/nginx/conf.d/*.d/*.conf
     fi
@@ -158,7 +154,7 @@ do_post_regen() {
     done
 
     # Reload nginx if conf looks good, otherwise display error and exit unhappy
-    nginx -t 2>/dev/null || {
+    nginx -t 2> /dev/null || {
         nginx -t
         exit 1
     }

hooks/conf_regen/19-postfix

@@ -43,8 +43,21 @@ do_pre_regen() {
         chown postfix ${pending_dir}/etc/postfix
         chown postfix ${pending_dir}/etc/postfix/sasl_passwd
 
-        cat <<<"[${relay_host}]:${relay_port} ${relay_user}:${relay_password}" >${postfix_dir}/sasl_passwd
+        cat <<< "[${relay_host}]:${relay_port} ${relay_user}:${relay_password}" > ${postfix_dir}/sasl_passwd
     fi
+
+    # Use this postfix server as a backup MX
+    export backup_mx_domains="$(yunohost settings get 'email.smtp.smtp_backup_mx_domains' | sed "s/,/ /g")"
+    export backup_mx_emails="$(yunohost settings get 'email.smtp.smtp_backup_mx_emails_whitelisted' | sed "s/,/ /g")"
+    rm -f ${postfix_dir}/relay_recipients
+    touch ${postfix_dir}/relay_recipients
+    if [ -n "${backup_mx_domains}" ] && [ -n "${backup_mx_emails}" ]; then
+        for mail in ${backup_mx_emails}; do
+            echo "$mail OK" >> ${postfix_dir}/relay_recipients
+        done
+        postmap ${postfix_dir}/relay_recipients
+    fi
+
     export main_domain
     export domain_list="$(yunohost domain list --features mail_in mail_out --output-as json | jq -r ".domains[]" | tr '\n' ' ')"
     ynh_render_template "main.cf" "${postfix_dir}/main.cf"
@@ -53,7 +66,7 @@ do_pre_regen() {
     cat postsrsd \
         | sed "s/{{ main_domain }}/${main_domain}/g" \
         | sed "s/{{ domain_list }}/${domain_list}/g" \
-            >"${default_dir}/postsrsd"
+            > "${default_dir}/postsrsd"
 
     # adapt it for IPv4-only hosts
     ipv6="$(yunohost settings get 'email.smtp.smtp_allow_ipv6' | int_to_bool)"
@@ -78,6 +91,11 @@ do_post_regen() {
         postmap /etc/postfix/sasl_passwd
     fi
 
+    if [ -e /etc/postfix/relay_recipients ]; then
+        chmod 750 /etc/postfix/relay_recipients*
+        chown postfix:root /etc/postfix/relay_recipients*
+    fi
+
     postmap -F hash:/etc/postfix/sni
 
     python3 -c 'from yunohost.app import regen_mail_app_user_config_for_dovecot_and_postfix as r; r(only="postfix")'

hooks/conf_regen/25-dovecot

@@ -41,7 +41,7 @@ do_post_regen() {
     mkdir -p "/etc/dovecot/yunohost.d/post-ext.d"
 
     # create vmail user
-    id vmail >/dev/null 2>&1 \
+    id vmail > /dev/null 2>&1 \
         || adduser --system --ingroup mail --uid 500 vmail --home /var/vmail --no-create-home
 
     # Delete legacy home for vmail that existed in the past but was empty, poluting /home/

hooks/conf_regen/31-rspamd

@@ -13,8 +13,8 @@ do_pre_regen() {
         "${pending_dir}/etc/rspamd/local.d/dkim_signing.conf"
     install -D -m 644 rspamd.sieve \
         "${pending_dir}/etc/dovecot/global_script/rspamd.sieve"
-	install -D -m 644 redis.conf \
-		"${pending_dir}/etc/rspamd/local.d/redis.conf"
+    install -D -m 644 redis.conf \
+        "${pending_dir}/etc/rspamd/local.d/redis.conf"
 }
 
 do_post_regen() {

hooks/conf_regen/34-mysql

@@ -3,8 +3,7 @@
 set -e
 . /usr/share/yunohost/helpers
 
-if ! dpkg --list | grep -q 'ii *mariadb-server '
-then
+if ! dpkg --list | grep -q 'ii *mariadb-server '; then
     echo 'mysql/mariadb is not installed, skipping'
     exit 0
 fi

hooks/conf_regen/35-postgresql

@@ -3,42 +3,42 @@
 set -e
 . /usr/share/yunohost/helpers
 
-if ! dpkg --list | grep -q "ii *postgresql-$PSQL_VERSION "
-then
+if ! dpkg --list | grep -q "ii *postgresql-$PSQL_VERSION "; then
     echo 'postgresql is not installed, skipping'
     exit 0
 fi
 
-if [ ! -e "/etc/postgresql/$PSQL_VERSION" ]
-then
+if [ ! -e "/etc/postgresql/$PSQL_VERSION" ]; then
     ynh_die --message="It looks like postgresql was not properly configured ? /etc/postgresql/$PSQL_VERSION is missing ... Could be due to a locale issue, c.f.https://serverfault.com/questions/426989/postgresql-etc-postgresql-doesnt-exist"
 fi
 
-
 do_pre_regen() {
     return 0
 }
 
 do_post_regen() {
     #regen_conf_files=$1
-  
+
     # Make sure postgresql is started and enabled
     # (N.B. : to check the active state, we check the cluster state because
     # postgresql could be flagged as active even though the cluster is in
     # failed state because of how the service is configured..)
     systemctl is-active postgresql@$PSQL_VERSION-main -q || ynh_systemd_action --service_name=postgresql --action=restart
     systemctl is-enabled postgresql -q || systemctl enable postgresql --quiet
-  
+
     # If this is the very first time, we define the root password
     # and configure a few things
     if [ ! -f "$PSQL_ROOT_PWD_FILE" ] || [ -z "$(cat $PSQL_ROOT_PWD_FILE)" ]; then
-        ynh_string_random >$PSQL_ROOT_PWD_FILE
+        ynh_string_random > $PSQL_ROOT_PWD_FILE
     fi
 
-    [ ! -e $PSQL_ROOT_PWD_FILE ] || { chown root:postgres $PSQL_ROOT_PWD_FILE; chmod 440 $PSQL_ROOT_PWD_FILE; }
-    
+    [ ! -e $PSQL_ROOT_PWD_FILE ] || {
+        chown root:postgres $PSQL_ROOT_PWD_FILE
+        chmod 440 $PSQL_ROOT_PWD_FILE
+    }
+
     sudo --login --user=postgres psql -c"ALTER user postgres WITH PASSWORD '$(cat $PSQL_ROOT_PWD_FILE)'" postgres
-  
+
     # force all user to connect to local databases using hashed passwords
     # https://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html#EXAMPLE-PG-HBA.CONF
     # Note: we can't use peer since YunoHost create users with nologin

hooks/conf_regen/37-mdns

@@ -5,8 +5,7 @@ set -e
 _generate_config() {
     echo "domains:"
     # Add yunohost.local (only if yunohost.local ain't already in ynh_domains)
-    if ! echo "$YNH_DOMAINS"  | tr ' ' '\n' | grep -q --line-regexp 'yunohost.local'
-    then
+    if ! echo "$YNH_DOMAINS" | tr ' ' '\n' | grep -q --line-regexp 'yunohost.local'; then
         echo "    - yunohost.local"
     fi
     for domain in $YNH_DOMAINS; do
@@ -15,10 +14,8 @@ _generate_config() {
         [[ "$domain" =~ ^[^.]+\.local$ ]] || continue
         echo "    - $domain"
     done
-    if [[ -e /etc/yunohost/mdns.aliases ]]
-    then
-        for localalias in $(cat /etc/yunohost/mdns.aliases | grep -v "^ *$")
-        do
+    if [[ -e /etc/yunohost/mdns.aliases ]]; then
+        for localalias in $(cat /etc/yunohost/mdns.aliases | grep -v "^ *$"); do
             echo "    - $localalias.local"
         done
     fi
@@ -37,10 +34,10 @@ do_pre_regen() {
     mkdir -p ${pending_dir}/etc/systemd/system/
     cp yunomdns.service ${pending_dir}/etc/systemd/system/
 
-    getent passwd mdns &>/dev/null || useradd --no-create-home --shell /usr/sbin/nologin --system --user-group mdns
+    getent passwd mdns &> /dev/null || useradd --no-create-home --shell /usr/sbin/nologin --system --user-group mdns
 
     mkdir -p ${pending_dir}/etc/yunohost
-    _generate_config >${pending_dir}/etc/yunohost/mdns.yml
+    _generate_config > ${pending_dir}/etc/yunohost/mdns.yml
 }
 
 do_post_regen() {

hooks/conf_regen/43-dnsmasq

@@ -18,12 +18,12 @@ do_pre_regen() {
     cp plain/etcdefault ${pending_dir}/etc/default/dnsmasq
 
     # add resolver file
-    cat plain/resolv.dnsmasq.conf | grep "^nameserver" | shuf >${pending_dir}/etc/resolv.dnsmasq.conf
+    cat plain/resolv.dnsmasq.conf | grep "^nameserver" | shuf > ${pending_dir}/etc/resolv.dnsmasq.conf
 
     # retrieve variables
-    ipv4=$(curl --max-time 10 -s -4 https://ip.yunohost.org 2>/dev/null || true)
+    ipv4=$(curl --max-time 10 -s -4 https://ip.yunohost.org 2> /dev/null || true)
     ynh_validate_ip4 "$ipv4" || ipv4='127.0.0.1'
-    ipv6=$(curl --max-time 10 -s -6 https://ip6.yunohost.org 2>/dev/null || true)
+    ipv6=$(curl --max-time 10 -s -6 https://ip6.yunohost.org 2> /dev/null || true)
     ynh_validate_ip6 "$ipv6" || ipv6=''
     interfaces="$(ip -j addr show | jq -r '[.[].ifname]|join(" ")')"
     wireless_interfaces="lo"
@@ -51,8 +51,7 @@ do_pre_regen() {
     conf_files=$(ls -1 /etc/dnsmasq.d \
         | awk '/^[^\.]+\.[^\.]+.*$/ { print $1 }')
     for domain in $conf_files; do
-        if [[ ! $YNH_DOMAINS =~ $domain ]] && [[ ! $domain =~ \.local$ ]]
-        then
+        if [[ ! $YNH_DOMAINS =~ $domain ]] && [[ ! $domain =~ \.local$ ]]; then
             touch "${dnsmasq_dir}/${domain}"
         fi
     done
@@ -68,27 +67,27 @@ do_post_regen() {
     # Fuck it, those domain/search entries from dhclient are usually annoying
     # lying shit from the ISP trying to MiTM
     if grep -q -E "^ *(domain|search)" /run/resolvconf/resolv.conf; then
-        if grep -q -E "^ *(domain|search)" /run/resolvconf/interface/*.dhclient 2>/dev/null; then
+        if grep -q -E "^ *(domain|search)" /run/resolvconf/interface/*.dhclient 2> /dev/null; then
             sed -E "s/^(domain|search)/#\1/g" -i /run/resolvconf/interface/*.dhclient
         fi
 
-        grep -q '^supersede domain-name "";' /etc/dhcp/dhclient.conf 2>/dev/null || echo 'supersede domain-name "";' >>/etc/dhcp/dhclient.conf
-        grep -q '^supersede domain-search "";' /etc/dhcp/dhclient.conf 2>/dev/null || echo 'supersede domain-search "";' >>/etc/dhcp/dhclient.conf
-        grep -q '^supersede search "";' /etc/dhcp/dhclient.conf 2>/dev/null || echo 'supersede search "";' >>/etc/dhcp/dhclient.conf
+        grep -q '^supersede domain-name "";' /etc/dhcp/dhclient.conf 2> /dev/null || echo 'supersede domain-name "";' >> /etc/dhcp/dhclient.conf
+        grep -q '^supersede domain-search "";' /etc/dhcp/dhclient.conf 2> /dev/null || echo 'supersede domain-search "";' >> /etc/dhcp/dhclient.conf
+        grep -q '^supersede search "";' /etc/dhcp/dhclient.conf 2> /dev/null || echo 'supersede search "";' >> /etc/dhcp/dhclient.conf
         systemctl restart resolvconf
     fi
 
     # Some stupid things like rabbitmq-server used by onlyoffice won't work if
     # the *short* hostname doesn't exists in /etc/hosts -_-
     short_hostname=$(hostname -s)
-    grep -q "127.0.0.1.*$short_hostname" /etc/hosts || echo -e "\n127.0.0.1\t$short_hostname" >>/etc/hosts
+    grep -q "127.0.0.1.*$short_hostname" /etc/hosts || echo -e "\n127.0.0.1\t$short_hostname" >> /etc/hosts
 
     [[ -n "$regen_conf_files" ]] || return 0
 
     # Remove / disable services likely to conflict with dnsmasq
     for SERVICE in systemd-resolved bind9; do
-        systemctl is-enabled $SERVICE &>/dev/null && systemctl disable $SERVICE 2>/dev/null
-        systemctl is-active $SERVICE &>/dev/null && systemctl stop $SERVICE
+        systemctl is-enabled $SERVICE &> /dev/null && systemctl disable $SERVICE 2> /dev/null
+        systemctl is-active $SERVICE &> /dev/null && systemctl stop $SERVICE
     done
 
     systemctl restart dnsmasq

hooks/conf_regen/52-fail2ban

@@ -24,8 +24,7 @@ do_pre_regen() {
 do_post_regen() {
     regen_conf_files=$1
 
-    if ls -l /etc/fail2ban/jail.d/*.conf
-    then
+    if ls -l /etc/fail2ban/jail.d/*.conf; then
         chown root:root /etc/fail2ban/jail.d/*.conf
         chmod 644 /etc/fail2ban/jail.d/*.conf
     fi

locales/el.json

@@ -1,4 +1,12 @@
 {
     "password_too_simple_1": "Ο κωδικός πρόσβασης πρέπει να έχει τουλάχιστον 8 χαρακτήρες",
-    "aborting": "Ματαίωση."
-}
+    "aborting": "Ματαίωση.",
+    "action_invalid": "Μη έγκυρη ενέργεια '{action}'",
+    "app_action_broke_system": "Αυτή η ενέργεια φαίνεται να έχει προκαλέσει προβλήματα σε αυτές τις σημαντικές υπηρεσίες: {services}",
+    "app_already_installed": "Η φαρμογή {app} είναι ήδη εγκατεστημένη",
+    "admin_password": "Κωδικός διαχείρισης",
+    "all_users": "Όλοι οι χρήστες YunoHost",
+    "admins": "Διαχειριστές",
+    "app_action_failed": "Αποτυχία εκτέλεσης ενέργειας {action} για την εφαρμογή {app}",
+    "already_up_to_date": "Δεν υπάρχει τίποτα να γίνει. Όλα είναι επικαιροποιημένα."
+}

locales/en.json

@@ -316,6 +316,8 @@
     "diagnosis_regenconf_allgood": "All configuration files are in line with the recommended configuration!",
     "diagnosis_regenconf_manually_modified": "Configuration file <code>{file}</code> appears to have been manually modified.",
     "diagnosis_regenconf_manually_modified_details": "This is probably OK if you know what you're doing! YunoHost will stop updating this file automatically… But beware that YunoHost upgrades could contain important recommended changes. If you want to, you can inspect the differences with <cmd>yunohost tools regen-conf {category} --dry-run --with-diff</cmd> and force the reset to the recommended configuration with <cmd>yunohost tools regen-conf {category} --force</cmd>",
+    "diagnosis_rfkill_wifi": "The Wi-Fi card is disabled and a system warning might prevent app installations",
+    "diagnosis_rfkill_wifi_details": "This warning sneaks in many command outputs, breaking some apps. It is usually required to specify your country code with the command <code>sudo raspi-config</code>. Here is the error:<br>{rfkill_wifi_error}",
     "diagnosis_rootfstotalspace_critical": "The root filesystem only has a total of {space} which is quite worrisome! You will likely run out of disk space very quickly! It's recommended to have at least 16 GB for the root filesystem.",
     "diagnosis_rootfstotalspace_warning": "The root filesystem only has a total of {space}. This may be okay, but be careful because ultimately you may run out of disk space quickly… It's recommended to have at least 16 GB for the root filesystem.",
     "diagnosis_security_vulnerable_to_meltdown": "You appear vulnerable to the Meltdown critical security vulnerability",
@@ -456,6 +458,10 @@
     "global_settings_setting_security_experimental_enabled_help": "Enable experimental security features (don't enable this if you don't know what you're doing!)",
     "global_settings_setting_smtp_allow_ipv6": "Allow IPv6",
     "global_settings_setting_smtp_allow_ipv6_help": "Allow the use of IPv6 to receive and send mail",
+    "global_settings_setting_smtp_backup_mx_domains": "Domains to act as secondary MX for",
+    "global_settings_setting_smtp_backup_mx_domains_help": "Allow this server to act as a backup *secondary* MX domain for the listed domain. This means that if the main MX for the domain is not reachable (for example because of an outage), mails will still be sent to this server, which will keep them during a maximum of 20 days and try to relay them to the real destination once it goes back up. Several domains can be provided, separated by commas.",
+    "global_settings_setting_smtp_backup_mx_emails_whitelisted": "SMTP backup MX emails whitelist",
+    "global_settings_setting_smtp_backup_mx_emails_whitelisted_help": "When acting as a secondary MX, the exhaustive list of allowed recipient's email addresses must be provided (otherwise mails will be refused and discarded). Several entries can be provided, separated by commas.",
     "global_settings_setting_smtp_relay_enabled": "Enable SMTP relay",
     "global_settings_setting_smtp_relay_enabled_help": "Enable the SMTP relay to use in order to send mail instead of this yunohost instance. Useful if you are in one of this situation: your 25 port is blocked by your ISP or VPS provider, you have a residential IP listed on DUHL, you are not able to configure reverse DNS or this server is not directly exposed on the internet and you want use an other one to send mails.",
     "global_settings_setting_smtp_relay_host": "SMTP relay host",
@@ -804,4 +810,4 @@
     "yunohost_installing": "Installing YunoHost…",
     "yunohost_not_installed": "YunoHost is not correctly installed. Please run 'yunohost tools postinstall'",
     "yunohost_postinstall_end_tip": "The post-install completed! To finalize your setup, please consider:\n    - diagnose potential issues through the 'Diagnosis' section of the webadmin (or 'yunohost diagnosis run' in command-line);\n    - reading the 'Finalizing your setup' and 'Getting to know YunoHost' parts in the admin documentation: https://yunohost.org/admindoc."
-}
+}

locales/eu.json

@@ -36,7 +36,7 @@
     "diagnosis_http_bad_status_code": "Zerbitzari hau ez den beste gailu batek erantzun omen dio eskaerari (agian routerrak).<br>1. Honen arrazoi ohikoena 80 (eta 443) ataka <a href='https://yunohost.org/isp_box_config'>zerbitzarira ondo birbidaltzen ez dela</a> da.<br>2. Konfigurazio konplexua badarabilzu, egiaztatu suebakiak edo reverse-proxyk oztopatzen ez dutela.",
     "diagnosis_http_timeout": "Denbora agortu da sare lokaletik kanpo zure zerbitzarira konektatzeko ahaleginean. Eskuragarri ez dagoela dirudi.<br>1. 80 (eta 443) ataka <a href='https://yunohost.org/isp_box_config'>zerbitzarira modu egokian birzuzentzen ez direla da</a> ohiko zergatia.<br>2. Badaezpada egiaztatu nginx martxan dagoela.<br>3. Konfigurazio konplexuetan, egiaztatu suebakiak edo reverse-proxyk konexioa oztopatzen ez dutela.",
     "app_sources_fetch_failed": "Ezinezkoa izan da fitxategiak eskuratzea, zuzena al da URLa?",
-    "app_make_default_location_already_used": "Ezinezkoa izan da '{app}' '{domain}' domeinuan lehenestea, '{other_app}'(e)k lehendik ere erabiltzen duelako",
+    "app_make_default_location_already_used": "Ezin da '{app}' '{domain}' domeinuan lehenetsi, '{other_app}'(e)k lehendik ere erabiltzen duelako",
     "app_already_installed_cant_change_url": "Aplikazio hau instalatuta dago dagoeneko. URLa ezin da aldatu aukera honekin. Markatu 'app changeurl' markatzeko moduan badago.",
     "diagnosis_ip_not_connected_at_all": "Badirudi zerbitzaria ez dagoela internetera konektatuta!?",
     "app_already_up_to_date": "{app} egunean da dagoeneko",
@@ -51,7 +51,7 @@
     "config_validate_url": "Benetazko URL bat izan behar da",
     "app_restore_script_failed": "Errorea gertatu da aplikazioa lehengoratzeko aginduan",
     "app_upgrade_some_app_failed": "Ezinezkoa izan da aplikazio batzuk eguneratzea",
-    "app_install_failed": "Ezinezkoa izan da {app} instalatzea: {error}",
+    "app_install_failed": "Ezin da {app} instalatu: {error}",
     "diagnosis_basesystem_kernel": "Zerbitzariak Linuxen {kernel_version} kernela darabil",
     "app_argument_invalid": "Aukeratu balio egoki bat '{name}' argumenturako: {error}",
     "app_already_installed": "{app} instalatuta dago dagoeneko",
@@ -132,7 +132,7 @@
     "diagnosis_http_could_not_diagnose": "Ezinezkoa izan da domeinuak IPv{ipversion} kanpotik eskuragarri dauden egiaztatzea.",
     "diagnosis_http_ok": "{domain} domeinua HTTP bidez bisitatu daiteke sare lokaletik kanpo.",
     "diagnosis_http_unreachable": "Badirudi {domain} domeinua ez dagoela eskuragarri HTTP bidez sare lokaletik kanpo.",
-    "apps_catalog_failed_to_download": "Ezinezkoa izan da {apps_catalog} aplikazioen zerrenda eskuratzea: {error}",
+    "apps_catalog_failed_to_download": "Ezin da {apps_catalog} aplikazioen zerrenda eskuratu: {error}",
     "apps_catalog_init_success": "Abiarazi da aplikazioen katalogo sistema!",
     "apps_catalog_obsolete_cache": "Aplikazioen katalogoaren katxea hutsik edo zaharkituta dago.",
     "diagnosis_description_mail": "Posta elektronikoa",
@@ -148,14 +148,14 @@
     "diagnosis_http_hairpinning_issue": "Dirudienez zure sareak ez du hairpinninga gaituta.",
     "diagnosis_http_partially_unreachable": "Badirudi {domain} domeinua ezin dela bisitatu HTTP bidez IPv{failed} sare lokaletik kanpo, bai ordea IPv{passed} erabiliz.",
     "backup_archive_cant_retrieve_info_json": "Ezinezkoa izan da '{archive}' fitxategiko informazioa eskuratzea… info.json fitxategia ezin izan da eskuratu (edo ez da baliozko json-a).",
-    "diagnosis_domain_expiration_not_found": "Ezinezkoa izan da domeinu batzuen iraungitze data egiaztatzea",
+    "diagnosis_domain_expiration_not_found": "Ezin da domeinu batzuen iraungitze data egiaztatu",
     "diagnosis_domain_expiration_not_found_details": "Badirudi {domain} domeinuari buruzko WHOIS informazioak ez duela zehazten noiz iraungiko den?",
     "certmanager_domain_not_diagnosed_yet": "Oraindik ez dago {domain} domeinurako diagnostikorik. Berrabiarazi diagnostikoak 'DNS balioak' eta 'Web' ataletarako diagnostikoen gunean Let's Encrypt ziurtagirirako prest ote dagoen egiaztatzeko. (Edo zertan ari zaren baldin badakizu, erabili '--no-checks' egiaztatzea desgaitzeko.)",
     "diagnosis_domain_expiration_warning": "Domeinu batzuk iraungitzear daude!",
     "app_packaging_format_not_supported": "Aplikazio hau ezin da instalatu YunoHostek ez duelako paketea ezagutzen. Sistema eguneratzea hausnartu beharko zenuke ziur asko.",
     "diagnosis_dns_try_dyndns_update_force": "Domeinu honen DNS konfigurazioa YunoHostek kudeatu beharko luke automatikoki. Gertatuko ez balitz, eguneratzera behartu zenezake <cmd>yunohost dyndns update --force</cmd> erabiliz.",
     "app_manifest_install_ask_path": "Aukeratu aplikazio hau instalatzeko URLaren bidea (domeinuaren atzeko aldean)",
-    "app_manifest_install_ask_admin": "Aukeratu administrari bat aplikazio honetarako",
+    "app_manifest_install_ask_admin": "Aukeratu administratzaile bat aplikazio honetarako",
     "app_manifest_install_ask_password": "Aukeratu administrazio-pasahitz bat aplikazio honetarako",
     "ask_user_domain": "Erabiltzailearen posta elektroniko eta XMPP konturako erabiliko den domeinua",
     "app_action_cannot_be_ran_because_required_services_down": "{services} zerbitzuak martxan egon beharko lirateke eragiketa hau exekutatu ahal izateko. Saia zaitez zerbitzuok berrabiarazten (eta ikertu zergatik ez diren abiarazi).",
@@ -263,14 +263,14 @@
     "log_user_import": "Inportatu erabiltzaileak",
     "diagnosis_mail_fcrdns_ok": "Alderantzizko DNSa zuzen konfiguratuta dago!",
     "diagnosis_mail_queue_unavailable_details": "Errorea: {error}",
-    "dyndns_provider_unreachable": "Ezinezkoa izan da DynDNS {provider} enpresarekin konektatzea: agian zure YunoHost zerbitzaria ez dago internetera konektatuta edo dynette zerbitzaria ez dago martxan.",
+    "dyndns_provider_unreachable": "Ezin da DynDNS {provider} enpresarekin konektatu: agian zure YunoHost zerbitzaria ez dago internetera konektatuta edo dynette zerbitzaria ez dago martxan.",
     "extracting": "Ateratzen…",
     "diagnosis_ports_unreachable": "{port}. ataka ez dago eskuragarri kanpotik.",
     "diagnosis_regenconf_manually_modified_details": "Ez dago arazorik zertan ari zaren baldin badakizu! YunoHostek fitxategi hau automatikoki eguneratzeari utziko dio… Baina kontuan izan YunoHosten eguneraketek aldaketa garrantzitsuak izan ditzaketela. Nahi izatekotan, desberdintasunak aztertu ditzakezu <cmd>yunohost tools regen-conf {category} --dry-run --with-diff</cmd> komandoa exekutatuz, eta gomendatutako konfiguraziora bueltatu <cmd>yunohost tools regen-conf {category} --force</cmd> erabiliz",
     "dyndns_domain_not_provided": "{provider} DynDNS enpresak ezin du {domain} domeinua eskaini.",
     "firewall_reload_failed": "Ezinezkoa izan da suebakia birkargatzea",
     "hook_name_unknown": "'{name}' 'hook' izen ezezaguna",
-    "domain_deletion_failed": "Ezinezkoa izan da {domain} ezabatzea: {error}",
+    "domain_deletion_failed": "Ezin da {domain} ezabatu: {error}",
     "log_regen_conf": "Berregin '{}' sistemaren konfigurazioa",
     "dpkg_lock_not_available": "Ezin da komando hau une honetan exekutatu beste aplikazio batek dpkg (sistemaren paketeen kudeatzailea) blokeatuta duelako, erabiltzen ari baita",
     "group_created": "'{group}' taldea sortu da",
@@ -387,7 +387,7 @@
     "diagnosis_mail_outgoing_port_25_ok": "SMTP posta zerbitzaria posta elektronikoa bidaltzeko gai da (25. atakaren irteera ez dago blokeatuta).",
     "diagnosis_ports_partially_unreachable": "{port}. ataka ez dago eskuragarri kanpotik IPv{failed} erabiliz.",
     "diagnosis_ports_forwarding_tip": "Arazoa konpontzeko, litekeena da operadorearen routerrean ataken birbideraketa konfiguratu behar izatea, <a href='https://yunohost.org/isp_box_config'>https://yunohost.org/isp_box_config</a>-n agertzen den bezala",
-    "domain_creation_failed": "Ezinezkoa izan da {domain} domeinua sortzea: {error}",
+    "domain_creation_failed": "Ezin da {domain} domeinua sortu: {error}",
     "domains_available": "Erabilgarri dauden domeinuak:",
     "group_already_exist_on_system": "{group} taldea existitzen da dagoeneko sistemaren taldeetan",
     "diagnosis_processes_killed_by_oom_reaper": "Memoria agortu eta sistemak prozesu batzuk amaituarazi behar izan ditu. Honek esan nahi du sistemak ez duela memoria nahikoa edo prozesuren batek memoria gehiegi behar duela. Amaituarazi d(ir)en prozesua(k):\n{kills_summary}",
@@ -400,7 +400,7 @@
     "domain_cannot_remove_main": "Ezin duzu '{domain}' ezabatu domeinu nagusia delako. Beste domeinu bat ezarri beharko duzu nagusi bezala 'yunohost domain main-domain -n <another-domain>' erabiliz; honako hauek dituzu aukeran: {other_domains}",
     "domain_created": "Sortu da domeinua",
     "domain_dyndns_already_subscribed": "Dagoeneko izena eman duzu DynDNS domeinu batean",
-    "domain_hostname_failed": "Ezinezkoa izan da hostname berria ezartzea. Honek arazoak ekar litzake etorkizunean (litekeena da ondo egotea).",
+    "domain_hostname_failed": "Ezin da hostname berria ezarri. Honek arazoak ekar litzake etorkizunean (litekeena da ondo egotea).",
     "domain_uninstall_app_first": "Honako aplikazio hauek domeinuan instalatuta daude:\n{apps}\n\nDesinstalatu 'yunohost app remove the_app_id' exekutatuz edo alda itzazu beste domeinu batera 'yunohost app change-url the_app_id' erabiliz domeinua ezabatu baino lehen",
     "file_does_not_exist": "{path} fitxategia ez da existitzen.",
     "firewall_rules_cmd_failed": "Suebakiko arau batzuen exekuzioak huts egin du. Informazio gehiago erregistroetan.",
@@ -423,7 +423,7 @@
     "domain_cert_gen_failed": "Ezinezkoa izan da ziurtagiria sortzea",
     "field_invalid": "'{}' ez da baliogarria",
     "diagnosis_mail_outgoing_port_25_blocked_relay_vpn": "Operadore batzuei bost axola zaie internetaren neutraltasuna (Net Neutrality) eta ez dute 25. ataka desblokeatzen uzten.<br>- Operadore batzuek <a href='https://yunohost.org/email_configure_relay'>relay posta zerbitzari bat</a> eskaini dezakete, baina kasu horretan zure posta elektronikoa zelatatu dezakete.<br>- Pribatutasuna bermatzeko *IP publikoa* duen VPN bat erabiltzea izan daiteke irtenbidea. Ikus <a href='https://yunohost.org/vpn_advantage'>https://yunohost.org/vpn_advantage</a><br>- Edo <a href='https://yunohost.org/isp'>operadore desberdin batera aldatu</a>",
-    "ldap_server_down": "Ezin izan da LDAP zerbitzarira konektatu",
+    "ldap_server_down": "Ezin da LDAP zerbitzarira konektatu",
     "ldap_server_is_down_restart_it": "LDAP zerbitzaria ez dago martxan, saia zaitez berrabiarazten…",
     "log_app_upgrade": "'{}' aplikazioa eguneratu",
     "log_tools_shutdown": "Itzali zerbitzaria",
@@ -461,7 +461,7 @@
     "user_import_success": "Erabiltzaileak arazorik gabe inportatu dira",
     "yunohost_already_installed": "YunoHost instalatuta dago dagoeneko",
     "migrations_success_forward": "{id} migrazioak amaitu du",
-    "migrations_to_be_ran_manually": "{id} migrazioa eskuz abiarazi behar da. Joan Tresnak → Migrazioak atalera administrazio-atarian edo bestela exekutatu 'yunohost tools migrations run'.",
+    "migrations_to_be_ran_manually": "{id} migrazioa eskuz abiarazi behar da. Joan Tresnak → Migrazioak atalera administrazio-gunean edo bestela exekutatu 'yunohost tools migrations run'.",
     "permission_currently_allowed_for_all_users": "Baimen hau erabiltzaile guztiei esleitzen zaie eta baita beste talde batzuei ere. Litekeena da 'all users' baimena edo esleituta duten taldeei baimena kendu nahi izatea.",
     "permission_require_account": "'{permission}' baimena zerbitzarian kontua duten erabiltzaileentzat da eta, beraz, ezin da gaitu bisitarientzat.",
     "postinstall_low_rootfsspace": "'root' fitxategi-sistemak 10 GB edo espazio gutxiago dauka, kezkatzekoa dena! Litekeena da espaziorik gabe geratzea aurki! Gomendagarria da 'root' fitxategi-sistemak gutxienez 16 GB libre izatea. Jakinarazpen honen ondoren YunoHost instalatzen jarraitu nahi baduzu, berrabiarazi agindua '--force-diskspace' gehituz",
@@ -515,7 +515,7 @@
     "service_disable_failed": "Ezin izan da '{service}' zerbitzua geldiarazi zerbitzaria abiaraztean.\n\nZerbitzuen erregistro berrienak: {logs}",
     "migrations_skip_migration": "{id} migrazioa saihesten…",
     "upnp_disabled": "UPnP itzalita dago",
-    "main_domain_change_failed": "Ezinezkoa izan da domeinu nagusia aldatzea",
+    "main_domain_change_failed": "Ezin da domeinu nagusia aldatu",
     "regenconf_failed": "Ezinezkoa izan da ondorengo atal(ar)en konfigurazioa berregitea: {categories}",
     "pattern_email_forward": "Helbide elektroniko baliagarri bat izan behar da, '+' karakterea onartzen da (adibidez: izena+urtea@domeinua.eus)",
     "regenconf_file_manually_removed": "'{conf}' konfigurazio fitxategia eskuz ezabatu da eta ez da berriro sortuko",
@@ -579,7 +579,7 @@
     "port_already_opened": "{port}. ataka dagoeneko irekita dago {ip_version} konexioetarako",
     "user_home_creation_failed": "Ezin izan da erabiltzailearentzat '{home}' direktorioa sortu",
     "user_unknown": "Erabiltzaile ezezaguna: {user}",
-    "yunohost_postinstall_end_tip": "Instalazio ondorengo prozesua amaitu da! Sistemaren konfigurazioa bukatzeko:\n- erabili 'Diagnostikoak' gunea ohiko arazoei aurre hartzeko. Administrazio-atarian abiarazi edo 'yunohost diagnosis run' exekutatu;\n- irakurri 'Finalizing your setup' eta 'Getting to know YunoHost' atalak. Dokumentazioan aurki ditzakezu: https://yunohost.org/admindoc.",
+    "yunohost_postinstall_end_tip": "Instalazio ondorengo prozesua amaitu da! Sistemaren konfigurazioa bukatzeko:\n- erabili 'Diagnostikoak' gunea ohiko arazoei aurre hartzeko. Abiarazi administrazio-gunean edo exekutatu 'yunohost diagnosis run';\n- irakurri 'Finalizing your setup' eta 'Getting to know YunoHost' atalak. Dokumentazioan aurki ditzakezu: https://yunohost.org/admindoc.",
     "yunohost_not_installed": "YunoHost ez da zuzen instalatu. Exekutatu 'yunohost tools postinstall'",
     "unlimit": "Mugarik ez",
     "restore_already_installed_apps": "Ondorengo aplikazioak ezin dira lehengoratu dagoeneko instalatuta daudelako: {apps}",
@@ -590,9 +590,9 @@
     "migration_ldap_rollback_success": "Sistema lehengoratu da.",
     "regenconf_need_to_explicitly_specify_ssh": "SSH ezarpenak eskuz aldatu dira, baina aldaketak erabiltzeko '--force' zehaztu behar duzu 'ssh' atalean.",
     "regex_incompatible_with_tile": "/!\\ Pakete-arduradunak! {permission}' baimenak show_tile aukera 'true' bezala dauka eta horregatik ezin duzue regex URLa URL nagusi bezala ezarri",
-    "root_password_desynchronized": "Administrariaren pasahitza aldatu da baina YunoHostek ezin izan du aldaketa root pasahitzera hedatu!",
+    "root_password_desynchronized": "Administratzailearen pasahitza aldatu da baina YunoHostek ezin izan du aldaketa root pasahitzera hedatu!",
     "server_shutdown": "Zerbitzaria itzaliko da",
-    "service_stop_failed": "Ezin izan da '{service}' zerbitzua geldiarazi\n\nZerbitzuen azken erregistroak: {logs}",
+    "service_stop_failed": "Ezin da '{service}' zerbitzua geldiarazi\n\nZerbitzuaren azken erregistroak: {logs}",
     "service_unknown": "'{service}' zerbitzu ezezaguna",
     "show_tile_cant_be_enabled_for_url_not_defined": "Ezin duzu 'show_tile' gaitu une honetan, '{permission}' baimenerako URL bat zehaztu behar duzulako",
     "upnp_enabled": "UPnP piztuta dago",
@@ -620,7 +620,7 @@
     "service_description_redis-server": "Datuak bizkor atzitzeko, zereginak lerratzeko eta programen arteko komunikaziorako datubase berezi bat da",
     "service_description_rspamd": "Spama bahetu eta posta elektronikoarekin zerikusia duten bestelako futzioen ardura dauka",
     "service_description_slapd": "Erabiltzaileak, domeinuak eta hauei lotutako informazioa gordetzen du",
-    "service_description_yunohost-api": "YunoHosten web-atariaren eta sistemaren arteko hartuemana kudeatzen du",
+    "service_description_yunohost-api": "YunoHosten web-interfazearen eta sistemaren arteko hartuemana kudeatzen du",
     "domain_config_default_app": "Lehenetsitako aplikazioa",
     "tools_upgrade": "Sistemaren paketeak eguneratzen",
     "tools_upgrade_failed": "Ezin izan dira paketeak eguneratu: {packages_list}",
@@ -654,8 +654,8 @@
     "global_settings_setting_ssh_password_authentication_help": "Baimendu pasahitz bidezko autentikazioa SSHrako",
     "global_settings_setting_ssh_port": "SSH ataka",
     "global_settings_setting_webadmin_allowlist_help": "Administrazio-atarira sar daitezken IP helbideak. CIDR notazioa ahalbidetzen da.",
-    "global_settings_setting_webadmin_allowlist_enabled_help": "Baimendu IP zehatz batzuk bakarrik administrazio-atarian.",
-    "global_settings_setting_smtp_allow_ipv6_help": "Baimendu IPv6 posta elektronikoa jaso eta bidaltzeko",
+    "global_settings_setting_webadmin_allowlist_enabled_help": "Baimendu IP zehatz batzuk bakarrik administrazio-gunerako.",
+    "global_settings_setting_smtp_allow_ipv6_help": "Gaitu IPv6 posta elektronikoa jaso eta bidaltzeko",
     "global_settings_setting_smtp_relay_enabled_help": "YunoHosten ordez posta elektronikoa bidaltzeko SMTP relay helbidea. Erabilgarri izan daiteke egoera hauetan: operadore edo VPS enpresak 25. ataka blokeatzen badu, DUHLen zure etxeko IPa ageri bada, ezin baduzu alderantzizko DNSa ezarri edo zerbitzari hau ez badago zuzenean internetera konektatuta baina posta elektronikoa bidali nahi baduzu.",
     "migration_0024_rebuild_python_venv_broken_app": "{app} aplikazioari ez ikusiarena egin zaio ezin delako ingurune birtuala modu errazean birsortu. Horren ordez, aplikazioaren eguneraketa behartzen saia zaitezke `yunohost app upgrade --force {app}` arazoa konpontzeko.",
     "migration_0024_rebuild_python_venv_disclaimer_rebuild": "Ondorengo aplikazioen virtualenv-a birsortzeko saiakera egingo da (eragiketak luze jo dezake!): {rebuild_apps}",
@@ -669,7 +669,7 @@
     "app_action_failed": "{app} aplikaziorako {action} eragiketak huts egin du",
     "config_action_disabled": "Ezin izan da '{action}' eragiketa exekutatu ezgaituta dagoelako, egiaztatu bere mugak betetzen dituzula. Laguntza: {help}",
     "all_users": "YunoHosten erabiltzaile guztiek",
-    "app_manifest_install_ask_init_admin_permission": "Nork izan beharko luke aplikazio honetako administrazio aukeretara sarbidea? (Aldatzea dago)",
+    "app_manifest_install_ask_init_admin_permission": "Nork izan beharko luke aplikazio honetako administrazio-aukeretara sarbidea? (Aldatzea dago)",
     "app_manifest_install_ask_init_main_permission": "Nork izan beharko luke aplikazio honetara sarbidea? (Aldatzea dago)",
     "ask_admin_fullname": "Administratzailearen izen osoa",
     "ask_admin_username": "Administratzailearen erabiltzaile-izena",
@@ -681,7 +681,7 @@
     "domain_config_cert_summary_expired": "LARRIA: Uneko ziurtagiria ez da baliozkoa! HTTPS ezin da erabili!",
     "domain_config_cert_summary_selfsigned": "ADI: Uneko zirutagiria norberak sinatutakoa da. Web-nabigatzaileek bisitariak izutuko dituen mezu bat erakutsiko dute!",
     "global_settings_setting_postfix_compatibility": "Postfixekin bateragarritasuna",
-    "global_settings_setting_root_access_explain": "Linux sistemetan 'root' administratzaile gorena da. YunoHosten testuinguruan, zuzeneko 'root' SSH saioa ezgaituta dago defektuz, zerbitzariaren sare lokaletik ez bada. 'administrariak' taldeko kideek sudo komandoa erabili dezakete root bailitzan jarduteko terminalaren bidez. Hala ere lagungarri izan liteke root pasahitz (sendo) bat izatea sistema arazteko egoeraren batean administratzaile arruntek saiorik hasi ezin balute.",
+    "global_settings_setting_root_access_explain": "Linux sistemetan 'root' administratzaile gorena da. YunoHosten testuinguruan, zuzeneko 'root' SSH saioa ezgaituta dago defektuz, zerbitzariaren sare lokaletik ez bada. 'administratzaileak' taldeko kideek sudo komandoa erabili dezakete root bailitzan jarduteko terminalaren bidez. Hala ere lagungarri izan liteke root pasahitz (sendo) bat izatea sistema arazteko egoeraren batean administratzaile arruntek saiorik hasi ezin balute.",
     "log_settings_reset": "Berrezarri ezarpenak",
     "log_settings_reset_all": "Berrezarri ezarpen guztiak",
     "root_password_changed": "root pasahitza aldatu da",
@@ -695,7 +695,7 @@
     "diagnosis_using_stable_codename": "<cmd>apt</cmd> (sistemaren pakete kudeatzailea) 'stable' (egonkorra) izen kodea duten paketeak instalatzeko ezarrita dago une honetan, eta ez uneko Debianen bertsioaren (bullseye) izen kodea.",
     "diagnosis_using_yunohost_testing": "<cmd>apt</cmd> (sistemaren pakete kudeatzailea) YunoHosten muinerako 'testing' (proba) izen kodea duten paketeak instalatzeko ezarrita dago une honetan.",
     "diagnosis_using_yunohost_testing_details": "Ez dago arazorik zertan ari zaren baldin badakizu, baina arretaz irakurri oharrak YunoHosten eguneraketak instalatu baino lehen! 'testing' (proba) bertsioak ezgaitu nahi badituzu, kendu <cmd>testing</cmd> gakoa <cmd>/etc/apt/sources.list.d/yunohost.list</cmd> fitxategitik.",
-    "global_settings_setting_smtp_allow_ipv6": "Baimendu IPv6",
+    "global_settings_setting_smtp_allow_ipv6": "Gaitu IPv6",
     "global_settings_setting_smtp_relay_host": "SMTP errele-ostatatzailea",
     "domain_config_acme_eligible": "ACME hautagarritasuna",
     "domain_config_acme_eligible_explain": "Ez dirudi domeinu hau Let's Encrypt ziurtagirirako prest dagoenik. Egiaztatu DNS ezarpenak eta zerbitzariaren HTTP irisgarritasuna. <a href='#/diagnosis'>Diagnostikoen guneko</a> 'DNS erregistroak' eta 'Web' atalek zer dagoen gaizki ulertzen lagun zaitzakete.",
@@ -720,12 +720,12 @@
     "global_settings_setting_ssh_password_authentication": "Pasahitz bidezko autentifikazioa",
     "global_settings_setting_user_strength_help": "Betekizun hauek lehenbizikoz sortzerakoan edo pasahitza aldatzerakoan bete behar dira soilik",
     "global_settings_setting_webadmin_allowlist": "Administrazio-atarira sartzeko baimendutako IPak",
-    "global_settings_setting_webadmin_allowlist_enabled": "Gaitu administrazio-ataria sartzeko baimendutako IPak",
+    "global_settings_setting_webadmin_allowlist_enabled": "Gaitu administrazio-gunera sartzeko baimendutako IPak",
     "invalid_credentials": "Pasahitz edo erabiltzaile-izen baliogabea",
     "log_resource_snippet": "Baliabide bat eguneratzen / eskuratzen / eskuragarritasuna uzten",
     "log_settings_set": "Aplikatu ezarpenak",
     "migration_description_0025_global_settings_to_configpanel": "Migratu ezarpen globalen nomenklatura zaharra izendegi berri eta modernora",
-    "migration_description_0026_new_admins_group": "Migratu 'administrari bat baino gehiago' sistema berrira",
+    "migration_description_0026_new_admins_group": "Migratu 'administratzaile bat baino gehiago' sistema berrira",
     "password_confirmation_not_the_same": "Pasahitzak ez datoz bat",
     "password_too_long": "Aukeratu 127 karaktere baino laburragoa den pasahitz bat",
     "diagnosis_using_stable_codename_details": "Ostatatzaileak zerbait oker ezarri duenean gertatu ohi da hau. Arriskutsua da, Debianen datorren bertsioa 'estable' (egonkorra) bilakatzen denean, <cmd>apt</cmd>-k sistemaren pakete guztiak bertsio-berritzen saiatuko da, beharrezko migrazio-prozedurarik burutu gabe. Debianen gordailuan apt iturria editatzen konpontzea da gomendioa, <cmd>stable</cmd> gakoa <cmd>bullseye</cmd> gakoarekin ordezkatuz. Ezarpen-fitxategia <cmd>/etc/apt/sources.list</cmd> izan beharko litzateke, edo <cmd>/etc/apt/sources.list.d/</cmd> direktorioko fitxategiren bat.",
@@ -739,7 +739,7 @@
     "app_resource_failed": "{app} aplikaziorako baliabideen eguneraketak / prestaketak / askapenak huts egin du: {error}",
     "app_not_enough_disk": "Aplikazio honek {required} espazio libre behar ditu.",
     "app_yunohost_version_not_supported": "Aplikazio honek YunoHost >= {required} behar du baina unean instalatutako bertsioa {current} da",
-    "global_settings_setting_passwordless_sudo": "Baimendu administrariek 'sudo' erabiltzea pasahitzak berriro idatzi beharrik gabe",
+    "global_settings_setting_passwordless_sudo": "Baimendu administratzaileek 'sudo' erabiltzea pasahitzak berriro idatzi beharrik gabe",
     "global_settings_setting_portal_theme": "Atariko gaia",
     "global_settings_setting_portal_theme_help": "Atariko gai propioak sortzeari buruzko informazio gehiago: https://yunohost.org/theming",
     "invalid_shell": "Shell baliogabea: {shell}",
@@ -765,7 +765,7 @@
     "group_user_add": "'{user}' erabiltzailea '{group}' taldera gehituko da",
     "ask_dyndns_recovery_password_explain": "Aukeratu DynDNS domeinurako berreskuratze-pasahitza, etorkizunean berrezarri beharko bazenu.",
     "ask_dyndns_recovery_password_explain_during_unsubscribe": "Sartu DynDNS domeinuaren berreskuratze-pasahitza.",
-    "dyndns_no_recovery_password": "Ez da berreskuratze-pasahitzik zehaztu! Domeinuaren gaineko kontrola galduz gero, YunoHost taldeko administrariarekin jarri beharko zara harremanetan!",
+    "dyndns_no_recovery_password": "Ez da berreskuratze-pasahitzik zehaztu! Domeinuaren gaineko kontrola galduz gero, YunoHost taldeko administratzailearekin jarri beharko zara harremanetan!",
     "ask_dyndns_recovery_password": "DynDNS berreskuratze-pasahitza",
     "dyndns_subscribed": "DynDNS domeinua harpidetu da",
     "dyndns_subscribe_failed": "Ezin izan da DynDNS domeinua harpidetu: {error}",
@@ -803,5 +803,11 @@
     "migration_0027_patch_yunohost_conflicts": "Arazo gatazkatsu bati adabakia jartzen…",
     "migration_0027_modified_files": "Ondorengo fitxategiak eskuz moldatu direla antzeman da eta litekeena da bertsio-berritzeak gainean idaztea: {manually_modified_files}",
     "migration_0027_not_enough_free_space": "/var/-en erabilgarri dagoen espazioa oso txikia da! Gutxienez GB 1 izan beharko zenuke erabilgarri migrazioari ekiteko.",
-    "migration_0027_patching_sources_list": "sources.lists fitxategia petatxatzen…"
+    "migration_0027_patching_sources_list": "sources.lists fitxategia petatxatzen…",
+    "global_settings_setting_smtp_backup_mx_emails_whitelisted": "Baimendutako posta elektronikoen MXren SMTP babeskopia",
+    "global_settings_setting_smtp_backup_mx_domains": "Bigarren mailako MX gisa jarduteko domeinuak",
+    "global_settings_setting_smtp_backup_mx_domains_help": "Zerbitzari honek zerrendan agertzen den domeinurako *bigarren mailako* MX domeinu gisa jardun dezake. Domeinurako lehenetsitako MX lortu ezin denean (adibidez, itzalaldi baten ondorioz), mezuak bigarren zerbitzari horretara bidaliko dira —gehienez 20 egunez mantenduko dituena— eta berriro eskuragarri dagoenean benetako helburura helarazten saiatuko da. Hainbat domeinu zehaztu daitezke, komaz bereizita.",
+    "global_settings_setting_smtp_backup_mx_emails_whitelisted_help": "Bigarren mailako MX gisa jarduten duenean, baimendutako hartzaileen posta elektronikoko helbideen zerrenda zehatza eman beharko da (bestela, mezuak ukatu eta baztertuko dira). Hainbat sarrera eman daitezke, komaz bereizita.",
+    "diagnosis_rfkill_wifi_details": "Ohartarazpena komando askotan ageri da, aplikazio batzuk hautsiz. Herrialdearen kodea zehaztuz konpon daiteke <code>sudo raspi-config</code> komandoaren bidez. Hau da errorea:<br>{rfkill_wifi_error}",
+    "diagnosis_rfkill_wifi": "Wi-Fi txartela ezgaituta dago eta sistemaren ohartarazpen batek aplikazioen instalazioak eragotzi ditzake"
 }

locales/fr.json

@@ -782,6 +782,8 @@
     "dyndns_too_many_requests": "Le service dyndns de YunoHost a reçu trop de requêtes/demandes de votre part, attendez environ 1 heure avant de réessayer.",
     "ask_dyndns_recovery_password_explain_unavailable": "Ce domaine DynDNS est déjà enregistré. Si vous êtes la personne qui a enregistré ce domaine lors de sa création, vous pouvez entrer le mot de passe de récupération pour récupérer ce domaine.",
     "global_settings_setting_ssh_port_help": "Il est préférable d'utiliser un port inférieur à 1024 pour éviter les tentatives d'usurpation par des services non administrateurs sur la machine distante. Vous devez également éviter d'utiliser un port déjà utilisé tel que le 80 ou le 443.",
+    "diagnosis_rfkill_wifi": "La carte Wi-Fi est désactivée et un avertissement du système pourrait empêcher d'installer des applications",
+    "diagnosis_rfkill_wifi_details": "Cet avertissement se glisse dans beaucoup de retours de commandes, cassant certaines applications. Il s'agit généralement de spécifier votre code pays avec la commande <code>sudo raspi-config</code>. Voici l'erreur:<br>{rfkill_wifi_error}",
     "diagnosis_ignore_already_filtered": "(Il y a déjà un filtre de diagnostic {category} qui correspond à ces critères)",
     "diagnosis_ignore_no_filter_found": "(Il n'y pas de filtre de diagnostic pour la catégorie {category} qui correspond à ces critères)",
     "diagnosis_ignore_filter_added": "Filtre de diagnostic pour {category} ajouté",
@@ -803,5 +805,9 @@
     "migration_0027_start": "Démarrage de la migration vers Bookworm…",
     "migration_0027_still_on_bullseye_after_main_upgrade": "Quelque chose s'est mal passé lors de la mise à jour du système, il semble que celui-ci soit toujours sous Debian Bullseye.",
     "migration_0027_system_not_fully_up_to_date": "Votre système n'est pas complètement à jour. Veuillez effectuer une mise à jour classique avant de procéder à la migration vers Bookworm.",
-    "migration_0027_yunohost_upgrade": "Démarrage de la mise à jour du cœur de YunoHost…"
+    "migration_0027_yunohost_upgrade": "Démarrage de la mise à jour du cœur de YunoHost…",
+    "global_settings_setting_smtp_backup_mx_domains": "Domaines à utiliser comme MX secondaire pour",
+    "global_settings_setting_smtp_backup_mx_emails_whitelisted": "Sauvegarde SMTP des emails sur liste blanche du MX",
+    "global_settings_setting_smtp_backup_mx_emails_whitelisted_help": "Dans le cas d'un MX secondaire, la liste exhaustive des adresses électroniques des destinataires autorisés doit être fournie (sinon les courriers seront refusés et rejetés). Plusieurs entrées peuvent être fournies, séparées par des virgules.",
+    "global_settings_setting_smtp_backup_mx_domains_help": "Autoriser ce serveur à agir en tant que domaine MX *secondaire* de secours pour le domaine listé. Cela signifie que si le MX principal pour le domaine n'est pas accessible (par exemple à cause d'une panne), les courriers électroniques seront quand même envoyés à ce serveur, qui les conservera pendant un maximum de 20 jours et essaiera de les relayer vers la destination réelle une fois qu'il sera rétabli. Plusieurs domaines peuvent être fournis, séparés par des virgules."
 }

locales/gl.json

@@ -100,7 +100,7 @@
     "backup_permission": "Permiso de copia para {app}",
     "backup_output_symlink_dir_broken": "O directorio de arquivo '{path}' é unha ligazón simbólica rota. Pode ser que esqueceses re/montar ou conectar o medio de almacenaxe ao que apunta.",
     "backup_output_directory_required": "Debes proporcionar un directorio de saída para a copia",
-    "backup_output_directory_not_empty": "Debes elexir un directorio de saída baleiro",
+    "backup_output_directory_not_empty": "Debes elixir un directorio de saída baleiro",
     "backup_output_directory_forbidden": "Elixe un directorio de saída diferente. As copias non poden crearse en /bin, /boot, /dev, /etc, /lib, /root, /sbin, /sys, /usr, /var ou subcartafoles de /home/yunohost.backup/archives",
     "backup_nothings_done": "Nada que gardar",
     "backup_no_uncompress_archive_dir": "Non hai tal directorio do arquivo descomprimido",
@@ -781,7 +781,7 @@
     "log_dyndns_unsubscribe": "Retirar subscrición para o subdominio YunoHost '{}'",
     "ask_dyndns_recovery_password_explain_unavailable": "Este dominio DynDNS xa está rexistrado. Se es a persoa que o rexistrou orixinalmente, podes escribir o código de recuperación para reclamar o dominio.",
     "dyndns_too_many_requests": "O servicio dyndns de YunoHost recibeu demasiadas peticións do teu sistema, agarda 1 hora e volve intentalo.",
-    "global_settings_setting_ssh_port_help": "É recomendable un porto inferior a 1024 para evitar os intentos de apropiación por parte de servizos de non-administración na máquina remota. Tamén deberías evitar elexir un porto que xa está sendo utilizado, como 80 ou 443.",
+    "global_settings_setting_ssh_port_help": "É recomendable un porto inferior a 1024 para evitar os intentos de apropiación por parte de servizos de non-administración na máquina remota. Tamén deberías evitar elixir un porto que xa está sendo utilizado, como 80 ou 443.",
     "diagnosis_ignore_criteria_error": "Os criterios deben ter o formato key=value (ex. domain=yolo.test)",
     "diagnosis_ignore_already_filtered": "(Xa existe un filtro de diagnóstico de {category} con estes criterios)",
     "diagnosis_ignore_filter_removed": "Eliminouse o filtro do diagnóstico para {category}",
@@ -803,5 +803,11 @@
     "migration_0027_modified_files": "Detectamos que os seguintes ficheiros semella foron modificados manualmente e poderían ser sobreescritos durante a actualización: {manually_modified_files}",
     "migration_0027_not_enough_free_space": "Hai moi pouco espazo en /var/! Deberías ter polo menos 1GB libre para realizar a migración.",
     "migration_0027_patch_yunohost_conflicts": "Aplicando a solución para resolver o problema conflictivo…",
-    "migration_0027_system_not_fully_up_to_date": "O teu sistema non está totalmente actualizado. Fai unha actualización corrente antes de iniciar a migración a Bookworm."
+    "migration_0027_system_not_fully_up_to_date": "O teu sistema non está totalmente actualizado. Fai unha actualización corrente antes de iniciar a migración a Bookworm.",
+    "global_settings_setting_smtp_backup_mx_domains": "Dominios que actúan como MX secundario para",
+    "global_settings_setting_smtp_backup_mx_emails_whitelisted": "Lista de enderezos para apoio MX de SMTP",
+    "diagnosis_rfkill_wifi": "A tarxeta Wi-Fi está desactivada e un aviso do sistema podería previr a instalación de apps",
+    "diagnosis_rfkill_wifi_details": "Este aviso aparece na saída de varias ordes, estragando algunhas apps. Normalmente require indicar o código de país coa orde <code>sudo raspi-config</code>. Aquí tes o erro:<br>{rfkill_wifi_error}",
+    "global_settings_setting_smtp_backup_mx_domains_help": "Permitir a este servidor actuar como un dominio MX *secundario* de apoio para o dominio da lista. Así se o MX principal para o dominio non está accesible (por exemplo por quedar ser electricidade), os correos seguirán enviándose ao servidor, que os gardará un máximo de 20 días e intentará entregalos ao destino real unha vez volva ser accesible. Pódense indicar varios dominios, separados por comas.",
+    "global_settings_setting_smtp_backup_mx_emails_whitelisted_help": "Para actuar como MX secundario, hai que proporcionar unha lista detallada de enderezos de correspondentes permitidos (doutro xeito os correos serán rexeitados e desbotados). Pódense indicar varias entradas, separadas por comas."
 }

locales/id.json

@@ -336,8 +336,8 @@
     "domain_config_cert_summary_abouttoexpire": "Sertifikat saat ini akan kedaluwarsa. Akan secara otomatis diperbarui secepatnya.",
     "domain_config_mail_in": "Surel datang",
     "password_too_simple_1": "Panjang kata sandi harus paling tidak 8 karakter",
-    "password_too_simple_2": "Panjang kata sandi harus paling tidak 8 karakter dan mengandung digit, huruf kapital, dan huruf kecil",
-    "password_too_simple_3": "Kata sandi harus terdiri dari minimal 8 karakter dan berisi karakter angka, besar, kecil, dan khusus",
+    "password_too_simple_2": "Kata sandi harus terdiri dari minimal 8 karakter dan berisi karakter angka, besar, dan kecil",
+    "password_too_simple_3": "Kata sandi harus terdiri dari minimal 8 karakter dan berisi karakter angka, besar, kecil dan khusus",
     "password_too_simple_4": "Panjang kata sandi harus paling tidak 12 karakter dan mengandung digit, huruf kapital, huruf kecil, dan karakter khusus",
     "port_already_closed": "Porta {port} telah ditutup untuk koneksi {ip_version}",
     "service_description_yunomdns": "Membuat Anda bisa menemukan peladen Anda menggunakan 'yunohost.local' di jaringan lokal Anda",
@@ -469,7 +469,7 @@
     "config_unknown_filter_key": "Kunci filter '{filter_key}' tidak sesuai.",
     "backup_permission": "Izin pencadangan untuk {app}",
     "config_forbidden_keyword": "Kata kunci '{keyword}' sudah ada, Anda tidak dapat membuat atau menggunakan panel konfigurasi disertai pertanyaan dengan id ini.",
-    "good_practices_about_user_password": "Anda sekarang akan menentukan kata sandi pengguna baru. Kata sandi harus terdiri dari minimal 8 karakter—walaupun sebaiknya menggunakan kata sandi yang lebih panjang (cth. parafrasa) dan/atau menggunakan variasi karakter (huruf besar, huruf kecil, angka, dan karakter khusus).",
+    "good_practices_about_user_password": "Sekarang Anda akan menentukan kata sandi pengguna baru. Kata sandi harus terdiri dari minimal 8 karakter—meskipun sebaiknya menggunakan kata sandi yang lebih panjang (misalnya parafrasa) dan/atau menggunakan beragam karakter (huruf besar, huruf kecil, angka, dan karakter khusus).",
     "domain_dns_push_failed_to_authenticate": "Autentikasi gagal pada API registrar untuk domain '{domain}'. Besar kemungkinan karena kredensial tidak sesuai? (Galat: {error})",
     "certmanager_domain_dns_ip_differs_from_public_ip": "Rekaman DNS untuk domain '{domain}' berbeda dengan IP server ini. Silakan periksa kategori 'Catatan DNS' (dasar) dalam diagnosis untuk info lebih lanjut. Jika Anda baru saja memodifikasi rekaman A, silakan menunggu hingga rekaman tersebut disebarkan (beberapa pemeriksa sebaran DNS tersedia online). (Jika Anda tahu apa yang Anda lakukan, gunakan '--no-checks' untuk mematikan pemeriksaan ini.)",
     "certmanager_hit_rate_limit": "Terlalu banyak sertifikat yang telah diterbitkan untuk kumpulan domain {domain} ini baru-baru ini. Silakan coba lagi nanti. Lihat https://letsencrypt.org/docs/rate-limits/ untuk detail lebih lanjut",
@@ -483,7 +483,7 @@
     "config_cant_set_value_on_section": "Anda tidak dapat menetapkan satu nilai pun di seluruh bagian konfigurasi.",
     "backup_applying_method_custom": "Memanggil metode pencadangan khusus '{method}'…",
     "backup_ask_for_copying_if_needed": "Apakah Anda ingin melakukan pencadangan menggunakan {size}MB untuk sementara? (Cara ini digunakan karena beberapa berkas tidak dapat disiapkan menggunakan metode yang lebih efisien.)",
-    "good_practices_about_admin_password": "Sekarang Anda akan menentukan kata sandi administrasi baru. Kata sandi harus terdiri dari minimal 8 karakter—walaupun sebaiknya menggunakan kata sandi yang lebih panjang (cth. parafrasa) dan/atau menggunakan variasi karakter (huruf besar, huruf kecil, angka, dan karakter khusus).",
+    "good_practices_about_admin_password": "Sekarang Anda akan menentukan kata sandi administrasi baru. Kata sandi harus terdiri dari minimal 8 karakter—meskipun sebaiknya menggunakan kata sandi yang lebih panjang (misalnya parafrasa) dan/atau menggunakan beragam karakter (huruf besar, huruf kecil, angka, dan karakter khusus).",
     "certmanager_acme_not_configured_for_domain": "Tantangan ACME tidak dapat dijalankan untuk {domain} saat ini karena konfigurasi pada nginx tidak memiliki potongan kode yang sesuai… Pastikan konfigurasi nginx Anda mutakhir menggunakan `yunohost tools regen-conf nginx --dry-run --with-diff`.",
     "diagnosis_http_special_use_tld": "Domain {domain} berdasarkan pada domain tingkat atas (TLD) penggunaan khusus seperti .local atau .test dan oleh karena itu tidak diharapkan untuk diekspos di luar jaringan lokal.",
     "certmanager_self_ca_conf_file_not_found": "Tidak dapat menemukan berkas konfigurasi untuk otoritas teken mandiri (berkas: {file})",
@@ -803,5 +803,11 @@
     "service_description_redis-server": "Basis data khusus yang digunakan untuk akses data cepat, antrian tugas, dan komunikasi antar program",
     "update_apt_cache_warning": "Ada yang tidak sesuai saat memperbarui cache APT (manajer paket Debian). Berikut ini adalah kumpulan baris source.list, yang mungkin membantu mengidentifikasi baris yang bermasalah:\n{sourceslist}",
     "user_import_missing_columns": "Kehilangan kolom berikut: {columns}",
-    "user_import_nothing_to_do": "Tidak ada pengguna yang perlu diimpor"
+    "user_import_nothing_to_do": "Tidak ada pengguna yang perlu diimpor",
+    "global_settings_setting_smtp_backup_mx_domains": "Domain yang digunakan sebagai MX sekunder",
+    "global_settings_setting_smtp_backup_mx_domains_help": "Izinkan server ini digunakan sebagai domain MX *sekunder* cadangan pada domain yang terdaftar. Ini berarti bahwa jika MX utama untuk domain tersebut tidak dapat dijangkau (misalnya karena gangguan), surel akan tetap dikirim ke server ini, yang akan menyimpannya selama maksimal 20 hari dan mencoba meneruskannya ke tujuan yang sebenarnya setelah kembali aktif. Beberapa domain dapat disediakan, dipisahkan dengan koma.",
+    "global_settings_setting_smtp_backup_mx_emails_whitelisted": "Daftar surel yang diperbolehkan sebagai MX cadangan SMTP",
+    "diagnosis_rfkill_wifi": "Kartu Wi-Fi dinonaktifkan dan peringatan sistem mungkin akan mencegah pemasangan aplikasi",
+    "diagnosis_rfkill_wifi_details": "Peringatan ini muncul di banyak keluaran perintah, sehingga merusak beberapa aplikasi. Biasanya Anda diminta untuk menentukan kode negara dengan perintah <code>sudo raspi-config</code>. Galat yang muncul:<br>{rfkill_wifi_error}",
+    "global_settings_setting_smtp_backup_mx_emails_whitelisted_help": "Bila digunakan sebagai MX sekunder, daftar lengkap alamat surel penerima yang diizinkan harus disediakan (sebaliknya surel akan ditolak dan dibuang). Beberapa alamat dapat diberikan, dipisahkan dengan koma."
 }

locales/ru.json

@@ -18,7 +18,7 @@
     "app_not_installed": "{app} не найдено в списке установленных приложений: {all_apps}",
     "app_not_properly_removed": "{app} удалены неправильно",
     "app_removed": "{app} удалено",
-    "app_requirements_checking": "Проверка необходимых пакетов для {app}…",
+    "app_requirements_checking": "Проверка зависимостей для {app}…",
     "app_sources_fetch_failed": "Невозможно получить исходные файлы, проверьте правильность URL?",
     "app_unknown": "Неизвестное приложение",
     "app_upgrade_app_name": "Обновление {app}…",
@@ -44,7 +44,7 @@
     "ask_new_domain": "Новый домен",
     "ask_new_path": "Новый путь",
     "ask_password": "Пароль",
-    "app_remove_after_failed_install": "Удаление приложения после сбоя установки…",
+    "app_remove_after_failed_install": "Удаление приложения после ошибки установки…",
     "app_upgrade_script_failed": "Внутри скрипта обновления приложения произошла ошибка",
     "upnp_disabled": "UPnP отключен",
     "app_manifest_install_ask_domain": "Выберите домен, в котором должно быть установлено это приложение",
@@ -76,13 +76,13 @@
     "apps_catalog_init_success": "Система каталога приложений инициализирована!",
     "backup_abstract_method": "Этот метод резервного копирования еще не реализован",
     "backup_actually_backuping": "Создание резервного архива из собранных файлов…",
-    "backup_applying_method_custom": "Вызов пользовательского метода резервного копирования {method}'…",
+    "backup_applying_method_custom": "Вызов пользовательского метода резервного копирования «{method}»…",
     "backup_archive_app_not_found": "Не удалось найти {app} в резервной копии",
     "backup_applying_method_tar": "Создание резервной копии в TAR-архиве…",
     "backup_archive_broken_link": "Не удалось получить доступ к резервной копии (неправильная ссылка {path})",
     "apps_catalog_failed_to_download": "Невозможно загрузить каталог приложений {apps_catalog}: {error}",
     "apps_catalog_obsolete_cache": "Кэш каталога приложений пуст или устарел.",
-    "backup_archive_cant_retrieve_info_json": "Не удалось загрузить информацию об архиве '{archive}'… info.json не может быть получен (или не является корректным json).",
+    "backup_archive_cant_retrieve_info_json": "Не удалось загрузить информацию об архиве «{archive}»… Файл info.json не может быть получен (или не является корректным json).",
     "app_packaging_format_not_supported": "Это приложение не может быть установлено, поскольку его формат не поддерживается вашей версией YunoHost. Возможно, вам следует обновить систему.",
     "app_restore_failed": "Не удалось восстановить {app}: {error}",
     "app_restore_script_failed": "Произошла ошибка внутри сценария восстановления приложения",
@@ -91,7 +91,7 @@
     "app_start_backup": "Сбор файлов для резервного копирования {app}…",
     "app_start_install": "Устанавливается {app}…",
     "backup_app_failed": "Не удалось создать резервную копию {app}",
-    "backup_archive_name_exists": "Резервная копия с таким именем уже существует.",
+    "backup_archive_name_exists": "Резервная копия с именем «{name}» уже существует.",
     "backup_archive_name_unknown": "Неизвестный локальный архив резервного копирования с именем '{name}'",
     "backup_archive_open_failed": "Не удалось открыть архив резервной копии",
     "backup_archive_corrupted": "Похоже, что архив резервной копии '{archive}' поврежден : {error}",
@@ -114,7 +114,7 @@
     "config_no_panel": "Панель конфигурации не найдена.",
     "danger": "Опасно:",
     "certmanager_warning_subdomain_dns_record": "Субдомен '{subdomain}' не соответствует IP-адресу основного домена '{domain}'. Некоторые функции будут недоступны, пока вы не исправите это и не сгенерируете сертификат снова.",
-    "app_argument_password_no_default": "Ошибка при парсинге аргумента пароля '{name}': аргумент пароля не может иметь значение по умолчанию по причинам безопасности",
+    "app_argument_password_no_default": "Ошибка при парсинге аргумента пароля «{name}»: аргумент пароля не может иметь значение по умолчанию по причинам безопасности",
     "custom_app_url_required": "Вы должны указать URL для обновления вашего пользовательского приложения {app}",
     "backup_creation_failed": "Не удалось создать резервную копию",
     "backup_csv_addition_failed": "Не удалось добавить файлы для резервного копирования в CSV-файл",
@@ -136,8 +136,8 @@
     "diagnosis_apps_issue": "Обнаружена проблема для приложения {app}",
     "diagnosis_apps_not_in_app_catalog": "Этого приложения нет в каталоге приложений YunoHost. Если оно было там раньше, а теперь удалено, вам стоит подумать об удалении этого приложения, так как оно больше не получит обновлений и может нарушить целостность и безопасность вашей системы.",
     "diagnosis_apps_deprecated_practices": "Установленная версия этого приложения все еще использует некоторые устаревшие пакеты. Вам стоит подумать об обновлении.",
-    "additional_urls_already_added": "Этот URL '{url}' уже добавлен в дополнительный URL для разрешения '{permission}'",
-    "additional_urls_already_removed": "Этот URL '{url}' уже удален из дополнительных URL для разрешения '{permission}'",
+    "additional_urls_already_added": "Этот URL «{url}» уже добавлен в дополнительный URL для разрешения «{permission}»",
+    "additional_urls_already_removed": "Этот URL «{url}» уже удален из дополнительных URL для разрешения «{permission}»",
     "app_action_cannot_be_ran_because_required_services_down": "Для выполнения этого действия должны быть запущены следующие службы: {services}. Попробуйте перезапустить их, чтобы продолжить (и, возможно, выяснить, почему они не работают).",
     "app_unsupported_remote_type": "Неподдерживаемый удаленный тип, используемый для приложения",
     "backup_archive_system_part_not_available": "Системная часть '{part}' недоступна в этой резервной копии",
@@ -166,7 +166,7 @@
     "diagnosis_description_services": "Проверка статусов сервисов",
     "config_validate_color": "Должен быть правильный hex цвета RGB",
     "diagnosis_basesystem_hardware": "Аппаратная архитектура сервера – {virt} {arch}",
-    "certmanager_acme_not_configured_for_domain": "Задача ACME не может быть запущена для {domain} прямо сейчас, потому что в его nginx conf отсутствует соответствующий фрагмент кода… Пожалуйста, убедитесь, что конфигурация вашего nginx обновлена, используя 'yunohost tools regen-conf nginx --dry-run --with-diff'.",
+    "certmanager_acme_not_configured_for_domain": "Задача ACME не может быть запущена для {domain} прямо сейчас, потому что в его конфигурации nginx отсутствует соответствующий фрагмент кода… Пожалуйста, убедитесь, что Ваша конфигурация nginx обновлена, используя «yunohost tools regen-conf nginx --dry-run --with-diff».",
     "diagnosis_basesystem_ynh_single_version": "{package} версия: {version} ({repo})",
     "diagnosis_description_mail": "Электронная почта",
     "diagnosis_basesystem_kernel": "Версия ядра Linux на сервере {kernel_version}",
@@ -340,5 +340,24 @@
     "app_change_url_require_full_domain": "{app} не может быть перемещено на данный URL, потому что оно требует весь домен (т.е., путь - /)",
     "app_failed_to_download_asset": "Не удалось скачать материал «{source_id}» ({url}) для {app}: {out}",
     "app_failed_to_upgrade_but_continue": "Не удалось обновить приложение {failed_app}, обновления продолжаются, как запрошено. Выполните «yunohost log show {operation_logger_name}», чтобы увидеть журнал ошибки",
-    "app_not_upgraded_broken_system": "Не удалось обновить приложение «{failed_app}», система находится в сломанном состоянии, обновления следующих приложений были отменены: {apps}"
+    "app_not_upgraded_broken_system": "Не удалось обновить приложение «{failed_app}», система находится в сломанном состоянии, обновления следующих приложений были отменены: {apps}",
+    "ask_dyndns_recovery_password_explain_unavailable": "Этот домен DynDNS уже зарегистрирован. Если Вы — личность, которая изначально зарегистрировала этот домен, Вы можете ввести пароль, чтобы заново занять этот домен.",
+    "ask_dyndns_recovery_password": "Пароль восстановления DynDNS",
+    "certmanager_cert_install_failed": "Не удалась установка сертификата Let's Encrypt для {domains}",
+    "certmanager_cert_install_failed_selfsigned": "Установка само-подписанного сертификата для {domains} не удалась",
+    "backup_hook_unknown": "Хук резервного копирования «{hook}» неизвестен",
+    "backup_no_uncompress_archive_dir": "Такой несжатой директории не существует",
+    "backup_unable_to_organize_files": "Невозможно использовать быстрый метод организации файлов в архиве",
+    "app_resource_failed": "Установка, удаление или обновление ресурсов {app} провалилась: {error}",
+    "ask_dyndns_recovery_password_explain": "Пожалуйста, выберите пароль восстановления для Вашего домена DynDNS, для случая, если Вам понадобится сбросить его позже.",
+    "ask_dyndns_recovery_password_explain_during_unsubscribe": "Пожалуйста, выберите пароль восстановления для Вашего домена DynDNS.",
+    "app_not_upgraded_broken_system_continue": "Приложение «{failed_app}» не смогло обновиться и сломало систему (так что --continue-on-failure игнорируется), и, в свою очередь, обновления других приложений были отменены: {apps}",
+    "backup_output_symlink_dir_broken": "Директория «{path}» Вашего архива — сломанная символьная ссылка. Может быть, Вы забыли смонтировать или подключить устройство, на которое она ссылается.",
+    "ask_fullname": "Полное имя",
+    "ask_admin_username": "Имя пользователя администратора",
+    "backup_running_hooks": "Выполняются хуки резервного копирования…",
+    "app_yunohost_version_not_supported": "Это приложение требует YunoHost версии {required} или выше, но сейчас установлена версия {current}",
+    "apps_failed_to_upgrade": "Не удалось обновить данные приложения:{apps}",
+    "apps_failed_to_upgrade_line": "\n * {app_id} (чтобы увидеть соответствующий журнал, выполните «yunohost log show {operation_logger_name}»)",
+    "ask_admin_fullname": "Полное имя администратора"
 }

locales/sk.json

@@ -280,4 +280,4 @@
     "domain_config_xmpp": "Krátke správy (XMPP)",
     "log_app_makedefault": "Nastaviť '{}' ako predvolenú aplikáciu",
     "domain_config_cert_renew_help": "Certifikát bude automaticky obnovený po 15 dňoch platnosti. Ak chcete, môžete ho obnoviť aj ručne. (Neodporúča sa)."
-}
+}

locales/tr.json

@@ -1,7 +1,7 @@
 {
     "password_too_simple_1": "Şifre en az 8 karakter uzunluğunda olmalı",
     "action_invalid": "Geçersiz işlem '{action}'",
-    "admin_password": "Yönetici şifresi",
+    "admin_password": "Yönetici parolası",
     "already_up_to_date": "Yapılacak yeni bir şey yok. Her şey zaten güncel.",
     "app_action_broke_system": "Bu işlem bazı hizmetleri bozmuş olabilir: {services}",
     "good_practices_about_user_password": "Şimdi yeni bir kullanıcı şifresi tanımlamak üzeresiniz. Parola en az 8 karakter uzunluğunda olmalıdır - ancak daha uzun bir parola (yani bir parola) ve/veya çeşitli karakterler (büyük harf, küçük harf, rakamlar ve özel karakterler) daha iyidir.",
@@ -20,5 +20,16 @@
     "app_change_url_failed": "{app}: {error} için url değiştirilemedi",
     "app_argument_required": "'{name}' değeri gerekli",
     "app_argument_invalid": "'{name}': {error} için geçerli bir değer giriniz",
-    "app_argument_password_no_default": "'{name}': çözümlenirken bir hata meydana geldi. Parola argümanı güvenlik nedeniyle varsayılan değer alamaz"
+    "app_argument_password_no_default": "'{name}': çözümlenirken bir hata meydana geldi. Parola argümanı güvenlik nedeniyle varsayılan değer alamaz",
+    "app_failed_to_download_asset": "{app} uygulaması için {source_id}{url} adresinden indirme işlemi sağlanamadı: {out}",
+    "app_extraction_failed": "Kurulum dosyaları çıkarılamadı",
+    "app_change_url_require_full_domain": "{app} bu yeni URL'ye taşınamaz. Çünkü ana etki alanı gerekli (Yani path = / olmalı )",
+    "app_change_url_script_failed": "URL değiştirme betiğinde bir hata oluştu",
+    "app_change_url_success": "{app} URL artık {domain}{path}",
+    "app_config_unable_to_apply": "Yapılandırma paneli değerleri uygulanamadı.",
+    "app_config_unable_to_read": "Yapılandırma paneli değerleri okunamadı.",
+    "app_change_url_no_script": "{app_name} uygulaması henüz URL değişikliğini desteklemiyor. Paket yükseltmeniz gerekebilir.",
+    "app_change_url_identical_domains": "('{domain}{path}') Eski ve yeni alan adının veya URL adresler aynı.Şu anda yapacak bir şey bulunmuyor.",
+    "app_corrupt_source": "YunoHost, {app} için '{source_id}' ({url}) adresinden indirebildi, ancak varlık olması gereken yapılandırmalarla eşleşmiyor. Bu, sunucunuzda geçici bir ağ arızası meydana geldiği veya varlığın bir şekilde yayın yapılan veri sağlacıyısı (veya kötü niyetli bir kişi?) tarafından değiştirildiği ve YunoHost yapımcılarının araştırması ve belki de bu değişikliği dikkate almak için uygulama bildirimini güncellemesi gerektiği anlamına gelebilir.\n    Beklenen sha256 sağlama toplamı: {expected_sha256}\n    İndirilen sha256 sağlama toplamı: {computed_sha256}\n    İndirilen dosya boyutu: {size}",
+    "app_failed_to_upgrade_but_continue": "{failed_app} uygulaması yükseltilirken başarısız oldu. Sıradaki güncellemeler devam ediyor. Konu ile ilgili hata kayıtlarını görüntülemek için 'yunohost log show {operation_logger_name}' komutunu çalıştırın"
 }

maintenance/shfmt.sh

@@ -0,0 +1,16 @@
+#!/usr/bin/env bash
+set -Eeuo pipefail
+
+shfmt_args=(
+    --indent 4
+    --keep-padding      # keep column alignment paddings
+    --space-redirects   # redirect operators will be followed by a space
+    --binary-next-line  # binary ops like && and | may start a line
+    --case-indent       # switch cases will be indented
+)
+
+shfmt "${shfmt_args[@]}" "$@" \
+    helpers/helpers \
+    helpers/helpers.v2.1.d/* \
+    helpers/helpers.v2.d/* \
+    hooks/*

share/config_global.toml

@@ -107,7 +107,7 @@ name = "Email"
         [email.pop3.pop3_enabled]
         type = "boolean"
         default = false
-    
+
     [email.smtp]
     name = "SMTP"
         [email.smtp.smtp_allow_ipv6]
@@ -117,7 +117,7 @@ name = "Email"
         [email.smtp.smtp_relay_enabled]
         type = "boolean"
         default = false
-        
+
         [email.smtp.smtp_relay_host]
         type = "string"
         default = ""
@@ -134,7 +134,7 @@ name = "Email"
         default = ""
         optional = true
         visible="smtp_relay_enabled"
-        
+
         [email.smtp.smtp_relay_password]
         type = "password"
         default = ""
@@ -142,6 +142,17 @@ name = "Email"
         visible="smtp_relay_enabled"
         help = ""  # This is empty string on purpose, otherwise the core automatically set the 'good_practice_admin_password' string here which is not relevant, because the admin is not actually "choosing" the password ...
 
+        [email.smtp.smtp_backup_mx_domains]
+        type = "string"
+        default = ""
+        optional = true
+
+        [email.smtp.smtp_backup_mx_emails_whitelisted]
+        type = "string"
+        default = ""
+        optional = true
+        visible = "smtp_backup_mx_domains"
+
 [misc]
 name = "Other"
     [misc.portal]

src/app.py

@@ -328,10 +328,7 @@ def app_map(app=None, raw=False, user=None):
     result = {}
 
     if app is not None:
-        if not _is_installed(app):
-            raise YunohostValidationError(
-                "app_not_installed", app=app, all_apps=_get_all_installed_apps_id()
-            )
+        _assert_is_installed(app)
         apps = [
             app,
         ]
@@ -1424,10 +1421,7 @@ def app_remove(operation_logger, app, purge=False, force_workdir=None):
     )
     from yunohost.domain import domain_list, domain_config_get, domain_config_set
 
-    if not _is_installed(app):
-        raise YunohostValidationError(
-            "app_not_installed", app=app, all_apps=_get_all_installed_apps_id()
-        )
+    _assert_is_installed(app)
 
     operation_logger.start()
 
@@ -2004,6 +1998,7 @@ ynh_app_config_run $1
                 "install_dir": settings.get("install_dir", ""),
                 "YNH_APP_BASEDIR": os.path.join(APPS_SETTING_PATH, app),
                 "YNH_APP_PACKAGING_FORMAT": str(manifest["packaging_format"]),
+                "YNH_APP_CONFIG_PANEL_OPTIONS_TYPES_AND_BINDS": self._dump_options_types_and_binds(),
             }
         )
         app_script_env = _make_environment_for_app_script(app)
@@ -2022,8 +2017,68 @@ ynh_app_config_run $1
                 raise YunohostError("app_action_failed", action=action, app=app)
         return values
 
+    def _get_config_panel(self):
 
-def _get_app_settings(app):
+        ret = super()._get_config_panel()
+
+        self._compute_binds()
+
+        return ret
+
+    def _compute_binds(self):
+        """
+        This compute the 'bind' statement for every option
+        In particular to handle __FOOBAR__ syntax
+        and to handle the fact that bind statements may be defined panel-wide or section-wide
+        """
+
+        settings = _get_app_settings(self.entity)
+
+        for panel, section, option in self._iterate():
+
+            bind_panel = panel.get("bind")
+
+            bind_section = section.get("bind")
+            if not bind_section:
+                bind_section = bind_panel
+            elif bind_section[-1] == ":" and bind_panel and ":" in bind_panel:
+                selector, bind_panel_file = bind_panel.split(":")
+                if ">" in bind_section:
+                    bind_section = bind_section + bind_panel_file
+                else:
+                    bind_section = selector + bind_section + bind_panel_file
+
+            bind = option.get("bind")
+            if not bind:
+                if bind_section:
+                    bind = bind_section
+                else:
+                    bind = "settings"
+            elif bind[-1] == ":" and bind_section and ":" in bind_section:
+                selector, bind_file = bind_section.split(":")
+                if ">" in bind:
+                    bind = bind + bind_file
+                else:
+                    bind = selector + bind + bind_file
+            if bind == "settings" and option.get("type", "string") == "file":
+                bind = "null"
+
+            option["bind"] = _hydrate_app_template(bind, settings)
+
+    def _dump_options_types_and_binds(self):
+        lines = []
+        for _, _, option in self._iterate():
+            lines.append(
+                "|".join([option["id"], option.get("type", "string"), option["bind"]])
+            )
+        return "\n".join(lines)
+
+
+app_settings_cache: Dict[str, Dict[str, Any]] = {}
+app_settings_cache_timestamp: Dict[str, float] = {}
+
+
+def _get_app_settings(app: str) -> Dict[str, Any]:
     """
     Get settings of an installed app
 
@@ -2031,12 +2086,22 @@ def _get_app_settings(app):
         app -- The app id (like nextcloud__2)
 
     """
-    if not _is_installed(app):
-        raise YunohostValidationError(
-            "app_not_installed", app=app, all_apps=_get_all_installed_apps_id()
-        )
+    _assert_is_installed(app)
+
+    global app_settings_cache
+    global app_settings_cache_timestamp
+
+    app_setting_path = os.path.join(APPS_SETTING_PATH, app, "settings.yml")
+    app_setting_timestamp = os.path.getmtime(app_setting_path)
+
+    # perf: app settings are cached using the settings.yml's modification date,
+    # such that we don't have to worry too much about calling this function
+    # too many times (because ultimately parsing yml is not free)
+    if app_settings_cache_timestamp.get(app) == app_setting_timestamp:
+        return app_settings_cache[app].copy()
+
     try:
-        with open(os.path.join(APPS_SETTING_PATH, app, "settings.yml")) as f:
+        with open(app_setting_path) as f:
             settings = yaml.safe_load(f) or {}
         # If label contains unicode char, this may later trigger issues when building strings...
         # FIXME: this should be propagated to read_yaml so that this fix applies everywhere I think...
@@ -2068,8 +2133,15 @@ def _get_app_settings(app):
         # Make the app id available as $app too
         settings["app"] = app
 
-        if app == settings["id"]:
-            return settings
+        # FIXME: it's not clear why this code exists... Shouldn't we hard-define 'id' as $app ...?
+        if app != settings["id"]:
+            return {}
+
+        # Cache the settings
+        app_settings_cache[app] = settings.copy()
+        app_settings_cache_timestamp[app] = app_setting_timestamp
+
+        return settings
     except (IOError, TypeError, KeyError):
         logger.error(m18n.n("app_not_correctly_installed", app=app))
     return {}
@@ -2087,6 +2159,11 @@ def _set_app_settings(app, settings):
     with open(os.path.join(APPS_SETTING_PATH, app, "settings.yml"), "w") as f:
         yaml.safe_dump(settings, f, default_flow_style=False)
 
+    if app in app_settings_cache_timestamp:
+        del app_settings_cache_timestamp[app]
+    if app in app_settings_cache:
+        del app_settings_cache[app]
+
 
 def _get_manifest_of_app(path):
     "Get app manifest stored in json or in toml"
@@ -2694,16 +2771,6 @@ def _list_upgradable_apps():
 
 
 def _is_installed(app: str) -> bool:
-    """
-    Check if application is installed
-
-    Keyword arguments:
-        app -- id of App to check
-
-    Returns:
-        Boolean
-
-    """
     return os.path.isdir(APPS_SETTING_PATH + app)
 
 
@@ -2937,7 +3004,9 @@ def _get_conflicting_apps(domain, path, ignore_app=None):
         for p, a in apps_map[domain].items():
             if a["id"] == ignore_app:
                 continue
-            if path == p or path == "/" or p == "/":
+            if path == p or (
+                not path.startswith("/.well-known/") and (path == "/" or p == "/")
+            ):
                 conflicts.append((p, a["id"], a["label"]))
 
     return conflicts

src/diagnosers/00-basesystem.py

@@ -192,6 +192,16 @@ class MyDiagnoser(Diagnoser):
                 summary="diagnosis_high_number_auth_failures",
             )
 
+        rfkill_wifi = self.rfkill_wifi()
+        if len(rfkill_wifi) > 0:
+            yield dict(
+                meta={"test": "rfkill_wifi"},
+                status="ERROR",
+                summary="diagnosis_rfkill_wifi",
+                details=["diagnosis_rfkill_wifi_details"],
+                data={"rfkill_wifi_error": rfkill_wifi},
+            )
+
     def bad_sury_packages(self):
         packages_to_check = ["openssl", "libssl1.1", "libssl-dev"]
         for package in packages_to_check:
@@ -301,3 +311,10 @@ class MyDiagnoser(Diagnoser):
         )
         write_to_json(cache_file, CVEs)
         return CVEs[0]["VULNERABLE"]
+
+    def rfkill_wifi(self):
+        if os.path.isfile("/etc/profile.d/wifi-check.sh"):
+            cmd = "bash /etc/profile.d/wifi-check.sh"
+            return check_output(cmd)
+        else:
+            return ""

src/dns.py

@@ -481,9 +481,18 @@ def _get_dns_zone_for_domain(domain):
     else:
         zone = parent_list[-1]
 
-    logger.warning(
-        f"Could not identify correctly the dns zone for domain {domain}, returning {zone}"
-    )
+    # Adding this otherwise the CI is flooding about those ...
+    if domain not in [
+        "example.tld",
+        "sub.example.tld",
+        "domain.tld",
+        "sub.domain.tld",
+        "domain_a.dev",
+        "domain_b.dev",
+    ]:
+        logger.warning(
+            f"Could not identify correctly the dns zone for domain {domain}, returning {zone}"
+        )
     return zone
 
 

src/settings.py

@@ -335,6 +335,8 @@ def reconfigure_ssh_and_fail2ban(setting_name, old_value, new_value):
 @post_change_hook("smtp_relay_port")
 @post_change_hook("smtp_relay_user")
 @post_change_hook("smtp_relay_password")
+@post_change_hook("smtp_backup_mx_domains")
+@post_change_hook("smtp_backup_mx_emails_whitelisted")
 @post_change_hook("postfix_compatibility")
 def reconfigure_postfix(setting_name, old_value, new_value):
     if old_value != new_value:

src/user.py

@@ -1137,6 +1137,7 @@ def user_group_update(
 ):
     from yunohost.permission import permission_sync_to_user
     from yunohost.utils.ldap import _get_ldap_interface, _ldap_path_extract
+    from yunohost.hook import hook_callback
 
     existing_users = list(user_list()["users"].keys())
 
@@ -1176,6 +1177,11 @@ def user_group_update(
     new_group_members = copy.copy(current_group_members)
     new_attr_dict = {}
 
+    # Group permissions
+    current_group_permissions = [
+        _ldap_path_extract(p, "cn") for p in group.get("permission", [])
+    ]
+
     if add:
         users_to_add = [add] if not isinstance(add, list) else add
 
@@ -1289,6 +1295,26 @@ def user_group_update(
     if sync_perm:
         permission_sync_to_user()
 
+    if add and users_to_add:
+        for permission in current_group_permissions:
+            app = permission.split(".")[0]
+            sub_permission = permission.split(".")[1]
+
+            hook_callback(
+                "post_app_addaccess",
+                args=[app, ",".join(users_to_add), sub_permission, ""],
+            )
+
+    if remove and users_to_remove:
+        for permission in current_group_permissions:
+            app = permission.split(".")[0]
+            sub_permission = permission.split(".")[1]
+
+            hook_callback(
+                "post_app_removeaccess",
+                args=[app, ",".join(users_to_remove), sub_permission, ""],
+            )
+
     if not from_import:
         if groupname != "all_users":
             if not new_attr_dict:

src/utils/resources.py

@@ -1170,7 +1170,10 @@ class AptDependenciesAppResource(AppResource):
         super().__init__(properties, *args, **kwargs)
 
         if isinstance(self.packages, str):
-            self.packages = [value.strip() for value in self.packages.split(",")]
+            if self.packages.strip() == "":
+                self.packages = []
+            else:
+                self.packages = [value.strip() for value in self.packages.split(",")]
 
         if self.packages_from_raw_bash:
             out, err = self.check_output_bash_snippet(self.packages_from_raw_bash)
@@ -1194,7 +1197,7 @@ class AptDependenciesAppResource(AppResource):
                         f"Error while running apt resource packages_from_raw_bash snippet for '{key}' extras:"
                     )
                     logger.error(err)
-                values["packages"] = values.get("packages", []) + [value.strip() for value in out.split("\n")]  # type: ignore
+                values["packages"] = values.get("packages", []) + [value.strip() for value in out.split("\n") if value.strip()]  # type: ignore
 
             if (
                 not isinstance(values.get("repo"), str)
@@ -1224,7 +1227,9 @@ class AptDependenciesAppResource(AppResource):
                 "ynh_install_extra_app_dependencies"
             )
 
-        script = " ".join([ynh_apt_install_dependencies, *self.packages])
+        script = ""
+        if self.packages:
+            script += " ".join([ynh_apt_install_dependencies, *self.packages])
         for repo, values in self.extras.items():
             script += "\n" + " ".join(
                 [