Merge pull request #9 from anmol26s/master

Added upgrade,backup,restore file, app is multi-instance now
2018-04-03 12:56:13 +05:30 · 2018-04-03 12:56:13 +05:30 · f17e7a1dd1
parent d7ff82ab6b 8c5e9ef20b
commit f17e7a1dd1
14 changed files with 686 additions and 139 deletions
--- a/README.md
+++ b/README.md
@ -4,23 +4,19 @@
 ## Installation
 1. Require dedicated domain like **peertube.domain.tld**.
 1. No LDAP support (blocked until upstream implements it)
 1. No Multi-instance
 1. No url change possible
 1. Peertube is under development stage, **don't use it for production**
 1. Take notice that this YunoHost package *claims* the following features:
   - [x] Install
   - [x] Remove
-   - [ ] Upgrade
+   - [x] Upgrade
-   - [ ] Backup
+   - [x] Backup
-   - [ ] Restore
+   - [x] Restore
 1. **Install the app by following command:**
         $ sudo yunohost app install https://github.com/YunoHost-Apps/peertube_ynh
 1. **root** is the admin username and the admin email is the email address given at the time of installation.
 1. **After installation change the password by this command:**
         $ cd /var/www/peertube && NODE_ENV=production npm run reset-password -- -u root
    <h1 align="center">
      PeerTube
@ -51,12 +47,8 @@ Thanks to [WebTorrent](https://github.com/feross/webtorrent), we can make P2P (t
 ### Dependencies
-  * **NodeJS >= 6.x**
+  * NodeJS, PostgreSQL
-  * **npm >= 3.x**
+  * It adds jessie-backports for ffmpeg
  * yarn
  * OpenSSL (cli)
  * PostgreSQL
  * FFmpeg
 ## LICENSE
--- a/14
+++ b/14
@ -16,9 +16,9 @@
 		setup_nourl=0
 		setup_private=1
 		setup_public=1
-		upgrade=0
+		upgrade=1
-		backup_restore=0
+		backup_restore=1
-		multi_instance=0
+		multi_instance=1
 		incorrect_path=0
 		port_already_use=1
 		change_url=0
@ -26,8 +26,8 @@
 	Level 1=auto
 	Level 2=auto
 	Level 3=auto
-# Level 4:
+# Level 4: not supported by upstream
-	Level 4=0
+	Level 4=1
 # Level 5:
 	Level 5=auto
 	Level 6=auto
@ -36,5 +36,5 @@
 	Level 9=0
 	Level 10=0
 ;;; Options
-Email=
+Email=anmol@datamol.org
-Notification=none
+Notification=yes
--- a/conf/app.src
+++ b/conf/app.src
@ -1,5 +1,5 @@
-SOURCE_URL=https://github.com/Chocobozzz/PeerTube/releases/download/v1.0.0-beta.1/peertube-v1.0.0-beta.1.zip
+SOURCE_URL=https://github.com/Chocobozzz/PeerTube/releases/download/v1.0.0-beta.3/peertube-v1.0.0-beta.3.zip
-SOURCE_SUM=8e80aaa503de0d28be209375b48dd9242abec16a3bde473b684286c67e19af13
+SOURCE_SUM=6c6714d5229fcfaa5215fedc40e3dd476f39cf7cc62a27ab55e5bb082bd2509c
 SOURCE_SUM_PRG=sha256sum
 SOURCE_FORMAT=zip
 SOURCE_IN_SUBDIR=true
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@ -1,18 +1,37 @@
-location / {
+	location ~ ^/client/(.*\.(js|css|woff2|otf|ttf|woff|eot))$ {
    add_header Cache-Control "public, max-age=31536000, immutable";
    alias __FINALPATH__/client/dist/$1;
  }
 	location ~ ^/static/(thumbnails|avatars)/(.*)$ {
    add_header Cache-Control "public, max-age=31536000, immutable";
    alias /home/yunohost.app/__NAME__/storage/$1/$2;
  }
 	location / {
     if ($scheme = http) {
        rewrite ^ https://$server_name$request_uri? permanent;
      }
-    proxy_pass http://localhost:9000;
+    proxy_pass http://localhost:__PORT__;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-    # For the video upload
+    # Hard limit, PeerTube does not support videos > 4GB
    client_max_body_size 4G;
    proxy_connect_timeout       600;
    proxy_send_timeout          600;
    proxy_read_timeout          600;
    send_timeout                600;
  }
-  # Bypass PeerTube webseed route for better performances
+	# Bypass PeerTube webseed route for better performances
-  location /static/webseed {
+	location /static/webseed {
    # Clients usually have 4 simultaneous webseed connections, so the real limit is 3MB/s per client
    limit_rate 800k;
    if ($request_method = 'OPTIONS') {
      add_header 'Access-Control-Allow-Origin' '*';
      add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS';
@ -27,9 +46,12 @@ location / {
      add_header 'Access-Control-Allow-Origin' '*';
      add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS';
      add_header 'Access-Control-Allow-Headers' 'Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
      # Don't spam access log file with byte range requests
      access_log off;
    }
-    alias __FINALPATH__/videos;
+    alias /home/yunohost.app/__NAME__/storage/videos;
  }
  # Websocket tracker
@ -42,5 +64,5 @@ location / {
    proxy_http_version 1.1;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $host;
-    proxy_pass http://localhost:9000;
+    proxy_pass http://localhost:__PORT__;
  }
--- a/conf/production.yaml
+++ b/conf/production.yaml
@ -1,5 +1,5 @@
 listen:
-  port: 9000
+  port: __PORT__
 # Correspond to your reverse proxy "listen" configuration
 webserver:
@ -11,8 +11,8 @@ webserver:
 database:
  hostname: 'localhost'
  port: 5432
-  suffix: '_prod'
+  suffix: '___db_name__'
-  username: 'peertube'
+  username: '__db_name__'
  password: '__db_pwd__'
 # Your object store
@ -21,22 +21,45 @@ redis:
  port: 6379
  auth: null
 # SMTP server to send emails
 smtp:
  hostname: null
  port: 465
  username: null
  password: null
  tls: true
  disable_starttls: false
  ca_file: null # Used for self signed certificates
  from_address: 'admin@__domain__'
 # From the project root directory
 storage:
-  avatars: 'avatars/'
+  avatars: '/home/yunohost.app/__app__/storage/avatars/'
-  videos: 'videos/'
+  videos: '/home/yunohost.app/__app__/storage/videos/'
-  logs: 'logs/'
+  logs: '/home/yunohost.app/__app__/storage/logs/'
-  previews: 'previews/'
+  previews: '/home/yunohost.app/__app__/storage/previews/'
-  thumbnails: 'thumbnails/'
+  thumbnails: '/home/yunohost.app/__app__/storage/thumbnails/'
-  torrents: 'torrents/'
+  torrents: '/home/yunohost.app/__app__/storage/torrents/'
-  cache: 'cache/'
+  cache: '/home/yunohost.app/__app__/storage/cache/'
 log:
  level: 'info' # debug/info/warning/error
 ###############################################################################
 #
 # From this point, all the following keys can be overriden by the web interface
 # (local-production.json file). If you need to change some values, prefer to
 # use the web interface because the configuration will be automatically
 # reloaded without any need to restart PeerTube.
 #
 # /!\ If you already have a local-production.json file, the modification of the
 # following keys will have no effect /!\.
 #
 ###############################################################################
 cache:
  previews:
-    size: 1 # Max number of previews you want to cache
+    size: 100 # Max number of previews you want to cache
 admin:
  email: '__email__'
@ -62,10 +85,13 @@ transcoding:
    720p: true
    1080p: true
 # Instance settings
 instance:
  name: 'PeerTube'
-  description: 'Welcome to this PeerTube instance!' # Support markdown
+  short_description: 'PeerTube, a federated (ActivityPub) video streaming platform using P2P (BitTorrent) directly in the web browser with WebTorrent and Angular.'
-  terms: 'No terms for now.' # Support markdown
+  description: '' # Support markdown
  terms: '' # Support markdown
  default_client_route: '/videos/trending'
  customizations:
    javascript: '' # Directly your JavaScript code (without <script> tags). Will be eval at runtime
    css: '' # Directly your CSS code (without <style> tags). Will be injected at runtime
--- a/conf/systemd.service
+++ b/conf/systemd.service
@ -4,13 +4,14 @@ Description=PeerTube daemon
 [Service]
 Type=simple
 Environment=NODE_ENV=production
 Environment=NODE_CONFIG_DIR=__FINALPATH__/config
 User=__APP__
 Group=__APP__
 ExecStart=/bin/sh -c 'PATH=/opt/node_n/bin:$PATH exec npm start'
 WorkingDirectory=__FINALPATH__/
 StandardOutput=syslog
 StandardError=syslog
-SyslogIdentifier=peertube
+SyslogIdentifier=__APP__
 Restart=always
 [Install]
--- a/manifest.json
+++ b/manifest.json
@ -5,17 +5,17 @@
    "description": {
        "en": "Video streaming platform using P2P directly in the web browser, connected to a federated network"
    },
-    "version": "1.1",
+    "version": "1.0.0-beta.3-1",
    "url": "https://github.com/Chocobozzz/PeerTube",
-    "license": "free",
+    "license": "AGPL-3.0-only",
    "maintainer": {
        "name": "Anmol Sharma",
        "email": "anmol@datamol.org"
    },
    "requirements": {
-        "yunohost": ">= 2.7.2"
+        "yunohost": ">= 2.7.9"
    },
-    "multi_instance": false,
+    "multi_instance": true,
    "services": [
        "nginx"
    ],
@ -32,19 +32,10 @@
            {
                "name": "email",
                "ask": {
-                    "en": "Choose an admin(root) email(Can be other then LDAP emails and can't be changed after installation)"
+                    "en": "Choose an admin email (can be changed after installation)"
                },
                "example": "johndoe@example.com"
            },
            {
                "name": "pass",
                "type": "password",
                "ask": {
                    "en": "Enter password of this administrator ≥ 6 character",
                    "fr": "Ajouter le mot de passe pour cette administrateur ≥ 6 charactères"
                },
                "example": "battery horse staple nenuphar"
            },
            {
                "name": "is_public",
                "type": "boolean",
--- a/scripts/_common.sh
+++ b/scripts/_common.sh
@ -11,3 +11,52 @@ ynh_delete_file_checksum () {
 	local checksum_setting_name=checksum_${1//[\/ ]/_}	# Replace all '/' and ' ' by '_'
 	ynh_app_setting_delete $app $checksum_setting_name
 }
 # Send an email to inform the administrator
 #
 # usage: ynh_send_readme_to_admin app_message [recipients]
 # | arg: app_message - The message to send to the administrator.
 # | arg: recipients - The recipients of this email. Use spaces to separate multiples recipients. - default: root
 #	example: "root admin@domain"
 #	If you give the name of a YunoHost user, ynh_send_readme_to_admin will find its email adress for you
 #	example: "root admin@domain user1 user2"
 ynh_send_readme_to_admin() {
 	local app_message="${1:-...No specific information...}"
 	local recipients="${2:-root}"
 	# Retrieve the email of users
 	find_mails () {
 		local list_mails="$1"
 		local mail
 		local recipients=" "
 		# Read each mail in argument
 		for mail in $list_mails
 		do
 			# Keep root or a real email address as it is
 			if [ "$mail" = "root" ] || echo "$mail" | grep --quiet "@"
 			then
 				recipients="$recipients $mail"
 			else
 				# But replace an user name without a domain after by its email
 				if mail=$(ynh_user_get_info "$mail" "mail" 2> /dev/null)
 				then
 					recipients="$recipients $mail"
 				fi
 			fi
 		done
 		echo "$recipients"
 	}
 	recipients=$(find_mails "$recipients")
 	local mail_subject="☁️🆈🅽🅷☁️: \`$app\` was just installed!"
 	local mail_message="This is an automated message from your beloved YunoHost server.
 Specific information for the application $app.
 $app_message
 ---
 Automatic diagnosis data from YunoHost
 $(yunohost tools diagnosis | grep -B 100 "services:" | sed '/services:/d')"
 	# Send the email to the recipients
 	echo "$mail_message" | mail -a "Content-Type: text/plain; charset=UTF-8" -s "$mail_subject" "$recipients"
 }
--- a/scripts/backup
+++ b/scripts/backup
@ -0,0 +1,77 @@
 #!/bin/bash
 #=================================================
 # GENERIC START
 #=================================================
 # IMPORT GENERIC HELPERS
 #=================================================
 if [ ! -e _common.sh ]; then
 	# Get the _common.sh file if it's not in the current directory
 	cp ../settings/scripts/_common.sh ./_common.sh
 	cp ../settings/scripts/psql.sh ./psql.sh
 	cp ../settings/scripts/nodejs.sh ./nodejs.sh
 	chmod a+rx _common.sh psql.sh nodejs.sh
 fi
 source _common.sh
 source /usr/share/yunohost/helpers
 source psql.sh
 source nodejs.sh
 #=================================================
 # MANAGE SCRIPT FAILURE
 #=================================================
 # Exit if an error occurs during the execution of the script
 ynh_abort_if_errors
 #=================================================
 # LOAD SETTINGS
 #=================================================
 app=$YNH_APP_INSTANCE_NAME
 final_path=$(ynh_app_setting_get $app final_path)
 domain=$(ynh_app_setting_get $app domain)
 db_name=$(ynh_app_setting_get $app psql_db)
 #=================================================
 # STANDARD BACKUP STEPS
 #=================================================
 # BACKUP THE APP MAIN DIR
 #=================================================
 ynh_backup "$final_path"
 # Copy the data directory
 datadir="/home/yunohost.app/${app}/storage"
 ynh_backup "$datadir"
 #=================================================
 # BACKUP THE NGINX CONFIGURATION
 #=================================================
 ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf"
 #=================================================
 # BACKUP THE PostgreSQL DATABASE
 #=================================================
 ynh_psql_dump_db "$db_name" > db.sql
 ynh_backup "db.sql"
 #=================================================
 # SPECIFIC BACKUP
 #=================================================
 # BACKUP LOGROTATE
 #=================================================
 ynh_backup "/etc/logrotate.d/$app"
 #=================================================
 # BACKUP SYSTEMD
 #=================================================
 ynh_backup "/etc/systemd/system/$app.service"
--- a/scripts/install
+++ b/scripts/install
@ -7,9 +7,9 @@
 #=================================================
 source _common.sh
 source /usr/share/yunohost/helpers
 source psql.sh
 source nodejs.sh
 source /usr/share/yunohost/helpers
 #=================================================
 # MANAGE SCRIPT FAILURE
@ -17,9 +17,6 @@ source /usr/share/yunohost/helpers
 # Exit if an error occurs during the execution of the script
 ynh_abort_if_errors
 #ynh_clean_setup () {
 #
 #}
 #=================================================
 # RETRIEVE ARGUMENTS FROM THE MANIFEST
@ -28,9 +25,10 @@ ynh_abort_if_errors
 domain=$YNH_APP_ARG_DOMAIN
 path_url="/"
 admin_email=$YNH_APP_ARG_EMAIL
-admin_pass=$YNH_APP_ARG_PASS
+admin_pass=$(ynh_string_random 24)
 is_public=$YNH_APP_ARG_IS_PUBLIC
 # This is a multi-instance app, meaning it can be installed several times independently
 # The id of the app as stated in the manifest is available as $YNH_APP_ID
 # The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2", ...)
@ -51,18 +49,18 @@ final_path=/var/www/$app
 test ! -e "$final_path" || ynh_die "This path already contains a folder"
 # Check web path availability
-ynh_webpath_available $domain $path_url
+ynh_webpath_available "$domain" "$path_url"
 # Register (book) web path
-ynh_webpath_register $app $domain $path_url
+ynh_webpath_register "$app" "$domain" "$path_url"
 #=================================================
 # STORE SETTINGS FROM MANIFEST
 #=================================================
-ynh_app_setting_set $app domain $domain
+ynh_app_setting_set "$app" domain "$domain"
-ynh_app_setting_set $app admin_email $admin_email
+ynh_app_setting_set "$app" admin_email "$admin_email"
-ynh_app_setting_set $app admin_pass $admin_pass
+ynh_app_setting_set "$app" admin_pass "$admin_pass"
-ynh_app_setting_set $app is_public $is_public
+ynh_app_setting_set "$app" is_public "$is_public"
 #=================================================
 # STANDARD MODIFICATIONS
@ -71,10 +69,19 @@ ynh_app_setting_set $app is_public $is_public
 #=================================================
 # Find a free port
-port=$(ynh_find_port 9000)
+port=(ynh_find_port "9000")
 # Open this port
-yunohost firewall allow Both $port 2>&1
+yunohost firewall allow Both "$port" 2>&1
-ynh_app_setting_set $app port $port
+ynh_app_setting_set "$app" port "$port"
 #=================================================
 # CREATE THE DATA DIRECTORY
 #=================================================
 # Define app's data directory
 datadir="/home/yunohost.app/${app}/storage"
 # Create app folders
 mkdir -p "$datadir"
 #=================================================
 # INSTALL DEPENDENCIES
@ -83,10 +90,10 @@ ynh_app_setting_set $app port $port
 # install yarn
 wget https://github.com/yarnpkg/yarn/releases/download/v1.5.1/yarn_1.5.1_all.deb
 echo "a4770cd8dcb13dc9a9218940dbd24b510ddf5eec78adb4e0da9ef3760b55a76e yarn_1.5.1_all.deb" | sha256sum -c || ynh_die
-sudo dpkg -i yarn_1.5.1_all.deb
+dpkg -i yarn_1.5.1_all.deb
 # add backports (required to install ffmpeg)
-echo "deb http://httpredir.debian.org/debian jessie-backports main" | sudo tee /etc/apt/sources.list.d/jessie-backports.list
+echo "deb http://httpredir.debian.org/debian jessie-backports main" | tee /etc/apt/sources.list.d/jessie-backports.list
 ynh_package_update
 # install postgresql, ffmpeg, redis
@ -100,38 +107,38 @@ ynh_install_nodejs 8
 #=================================================
 # Create postgresql database
-db_name="peertube_prod"
+db_name="peertube_${app}"
 db_pwd=$(ynh_string_random 30)
-ynh_app_setting_set $app psql_db $db_name
+ynh_app_setting_set "$app" psql_db "$db_name"
-ynh_app_setting_set $app psqlpwd $db_pwd
+ynh_app_setting_set "$app" psqlpwd "$db_pwd"
 ynh_psql_test_if_first_run
-ynh_psql_create_user $app $db_pwd
+ynh_psql_create_user "$app" "$db_pwd"
 ynh_psql_execute_as_root \
-"CREATE DATABASE $db_name ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' template=template0 OWNER $app;"
+"CREATE DATABASE $db_name ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' template=template0 OWNER "$app";"
 #=================================================
 # CREATE DEDICATED USER
 #=================================================
 # Create a system user
-ynh_system_user_create $app
+ynh_system_user_create "$app"
 #=================================================
 # DOWNLOAD, CHECK AND UNPACK PEERTUBE SOURCE
 #=================================================
-ynh_app_setting_set $app final_path $final_path
+ynh_app_setting_set "$app" final_path "$final_path"
 # Download, check integrity, uncompress and patch the source from app.src
 ynh_setup_source "$final_path"
-cp ../conf/production.yaml $final_path/config/production.yaml
+cp ../conf/production.yaml "$final_path/config/production.yaml"
-(cd $final_path && yarn install --production --pure-lockfile)
+(cd "$final_path" && yarn install --production --pure-lockfile)
 #=================================================
 # NGINX CONFIGURATION
 #=================================================
 # Create a dedicated nginx config
-sudo mkdir -p "/etc/nginx/conf.d/${domain}.d"
+mkdir -p "/etc/nginx/conf.d/${domain}.d"
 ynh_add_nginx_config
 #=================================================
@ -139,7 +146,7 @@ ynh_add_nginx_config
 #=================================================
 # Set right permissions for curl install
-chown -R $app:$app $final_path
+chown -R "$app" "$datadir"
 # Reload Nginx
 systemctl reload nginx
@ -150,8 +157,11 @@ systemctl reload nginx
 ynh_replace_string "__domain__" "$domain" "$final_path/config/production.yaml"
 ynh_replace_string "__db_name__" "$app" "$final_path/config/production.yaml"
 ynh_replace_string "__app__" "$app" "$final_path/config/production.yaml"
 ynh_replace_string "__db_pwd__" "$db_pwd" "$final_path/config/production.yaml"
 ynh_replace_string "__email__" "$admin_email" "$final_path/config/production.yaml"
 ynh_replace_string "__PORT__" "$port" "$final_path/config/production.yaml"
 #=================================================
 # STORE THE CHECKSUM OF THE CONFIG FILE
@ -174,15 +184,15 @@ ynh_use_logrotate
 # SETUP SSOWAT
 #=================================================
-if [ $is_public -eq 0 ]
+if [ "$is_public" -eq 0 ]
 then	# Remove the public access
-	ynh_app_setting_delete $app skipped_uris
+	ynh_app_setting_delete "$app" skipped_uris
 fi
 # Make app public if necessary
-if [ $is_public -eq 1 ]
+if [ "$is_public" -eq 1 ]
 then
 	# unprotected_uris allows SSO credentials to be passed anyway.
-	ynh_app_setting_set $app unprotected_uris "/"
+	ynh_app_setting_set "$app" unprotected_uris "/"
 fi
 #=================================================
@ -191,17 +201,31 @@ fi
 # Create a dedicated systemd config
 ynh_add_systemd_config
-sudo systemctl start peertube
+systemctl start "$app"
 #=================================================
 # CHANGE PEERTUBE ADMIN PASSWORD AFTER INITIAL GEN
 #=================================================
 # we need to wait for the service to init peertube's database
-(cd /var/www/peertube && sleep 5 && exec /bin/sh -c "echo $admin_pass | NODE_CONFIG_DIR=/var/www/peertube/config NODE_ENV=production PATH=/opt/node_n/bin:$PATH npm run reset-password -- -u root")
+(cd "/var/www/$app" && sleep 15 && exec /bin/sh -c "echo $admin_pass | NODE_CONFIG_DIR=/var/www/$app/config NODE_ENV=production PATH=/opt/node_n/bin:$PATH npm run reset-password -- -u root")
 #=================================================
 # RELOAD NGINX
 #=================================================
 systemctl reload nginx
 #=================================================
 # SEND A README FOR THE ADMIN
 #=================================================
 message="PeerTube was successfully installed :)
 Please open "https://$domain$path_url"
 Here is the admin password: "$admin_pass"
 If you facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/peertube_ynh"
 ynh_send_readme_to_admin "$message"
--- a/scripts/psql.sh
+++ b/scripts/psql.sh
@ -1,9 +1,41 @@
 #!/bin/bash
 #=================================================
 #
 # POSTGRES HELPERS
 #
 # Point of contact : Jean-Baptiste Holcroft <jean-baptiste@holcroft.fr>
 #=================================================
 ynh_psql_test_if_first_run() {
 	if [ -f /etc/yunohost/psql ];
 	then
 		echo "PostgreSQL is already installed, no need to create master password"
 	else
 		pgsql=$(ynh_string_random)
 		pg_hba=""
 		echo "$pgsql" >> /etc/yunohost/psql
 		if [ -e /etc/postgresql/9.4/ ]
 		then
 			pg_hba=/etc/postgresql/9.4/main/pg_hba.conf
 		elif [ -e /etc/postgresql/9.6/ ]
 		then
 			pg_hba=/etc/postgresql/9.6/main/pg_hba.conf
 		else
 			ynh_die "postgresql shoud be 9.4 or 9.6"
 		fi
 		systemctl start postgresql
                su --command="psql -c\"ALTER user postgres WITH PASSWORD '${pgsql}'\"" postgres
 		# we can't use peer since YunoHost create users with nologin
 		sed -i '/local\s*all\s*all\s*peer/i \
 		local all all password' "$pg_hba"
 		systemctl enable postgresql
 		systemctl reload postgresql
 	fi
 }
 # Open a connection as a user
 #
 # example: ynh_psql_connect_as 'user' 'pass' <<< "UPDATE ...;"
@ -14,7 +46,10 @@
 # | arg: pwd - the user password
 # | arg: db - the database to connect to
 ynh_psql_connect_as() {
-    ynh_die "ynh_psql_connect_as is not yet implemented"
+	user="$1"
 	pwd="$2"
 	db="$3"
 	su --command="PGUSER=\"${user}\" PGPASSWORD=\"${pwd}\" psql \"${db}\"" postgres
 }
 # # Execute a command as root user
@ -23,8 +58,8 @@ ynh_psql_connect_as() {
 # | arg: sql - the SQL command to execute
 # | arg: db - the database to connect to
 ynh_psql_execute_as_root () {
-        sudo su -c "psql" - postgres <<< ${1}
+	sql="$1"
-#TODO support db argument ?
+	su --command="psql" postgres <<< "$sql"
 }
 # Execute a command from a file as root user
@ -33,7 +68,29 @@ ynh_psql_execute_as_root () {
 # | arg: file - the file containing SQL commands
 # | arg: db - the database to connect to
 ynh_psql_execute_file_as_root() {
-     ynh_die "ynh_psql_execute_file_as_root is not yet implemented"
+	file="$1"
 	db="$2"
 	su -c "psql $db" postgres < "$file"
 }
 # Create a database, an user and its password. Then store the password in the app's config
 #
 # After executing this helper, the password of the created database will be available in $db_pwd
 # It will also be stored as "psqlpwd" into the app settings.
 #
 # usage: ynh_psql_setup_db user name [pwd]
 # | arg: user - Owner of the database
 # | arg: name - Name of the database
 # | arg: pwd - Password of the database. If not given, a password will be generated
 ynh_psql_setup_db () {
 	db_user="$1"
 	app="$1"
 	db_name="$2"
 	new_db_pwd=$(ynh_string_random)	# Generate a random password
 	# If $3 is not given, use new_db_pwd instead for db_pwd.
 	db_pwd="${3:-$new_db_pwd}"
 	ynh_psql_create_db "$db_name" "$db_user" "$db_pwd"	# Create the database
 	ynh_app_setting_set "$app" psqlpwd "$db_pwd"	# Store the password in the app's config
 }
 # Create a database and grant optionnaly privilegies to a user
@ -41,25 +98,25 @@ ynh_psql_execute_file_as_root() {
 # usage: ynh_psql_create_db db [user [pwd]]
 # | arg: db - the database name to create
 # | arg: user - the user to grant privilegies
-# | arg: pwd - the password to identify user by
+# | arg: pwd  - the user password
 ynh_psql_create_db() {
-    db=$1
+	db="$1"
-    # grant all privilegies to user
+	user="$2"
-    if [[ $# -gt 1 ]]; then
+	pwd="$3"
-        ynh_psql_create_user ${2} "${3}"
+	ynh_psql_create_user "$user" "$pwd"
-        sudo su -c "createdb -O ${2} $db" -  postgres
+	su --command="createdb --owner=\"${user}\" \"${db}\"" postgres
    else
        sudo su -c "createdb $db" -  postgres
    fi
 }
 # Drop a database
 #
 # usage: ynh_psql_drop_db db
 # | arg: db - the database name to drop
-ynh_psql_drop_db() {
+# | arg: user - the user to drop
-    sudo su -c "dropdb ${1}" -  postgres
+ynh_psql_remove_db() {
 	db="$1"
 	user="$2"
 	su --command="dropdb \"${db}\"" postgres
 	ynh_psql_drop_user "${user}"
 }
 # Dump a database
@ -70,7 +127,8 @@ ynh_psql_drop_db() {
 # | arg: db - the database name to dump
 # | ret: the psqldump output
 ynh_psql_dump_db() {
-    ynh_die "ynh_psql_dump_db is not yet implemented"
+	db="$1"
 	su --command="pg_dump \"${db}\"" postgres
 }
@ -78,10 +136,10 @@ ynh_psql_dump_db() {
 #
 # usage: ynh_psql_create_user user pwd [host]
 # | arg: user - the user name to create
 # | arg: pwd - the password to identify user by
 ynh_psql_create_user() {
-        ynh_psql_execute_as_root \
+	user="$1"
-        "CREATE USER ${1} WITH PASSWORD '${2}';"
+	pwd="$2"
        su --command="psql -c\"CREATE USER ${user} WITH PASSWORD '${pwd}'\"" postgres
 }
 # Drop a user
@ -89,22 +147,6 @@ ynh_psql_create_user() {
 # usage: ynh_psql_drop_user user
 # | arg: user - the user name to drop
 ynh_psql_drop_user() {
-    sudo su -c "dropuser ${1}" - postgres
+	user="$1"
-}
+	su --command="dropuser \"${user}\"" postgres
 ynh_psql_test_if_first_run() {
 	if [ -f /etc/yunohost/psql ];
 	then
 		echo "PostgreSQL is already installed, no need to create master password"
 	else
 		local pgsql=$(ynh_string_random)
 		echo "$pgsql" >> /etc/yunohost/psql
 		systemctl start postgresql
 		sudo -u postgres psql -c"ALTER user postgres WITH PASSWORD '${pgsql}'"
 		# we can't use peer since YunoHost create users with nologin
 		sed -i '/local\s*all\s*all\s*peer/i \
 			local all all password' /etc/postgresql/9.4/main/pg_hba.conf
 		systemctl enable postgresql
 		systemctl reload postgresql
 	fi
 }
--- a/scripts/remove
+++ b/scripts/remove
@ -1,3 +1,4 @@
 #!/bin/bash
 #=================================================
@ -7,9 +8,9 @@
 #=================================================
 source _common.sh
 source /usr/share/yunohost/helpers
 source psql.sh
 source nodejs.sh
 source /usr/share/yunohost/helpers
 #=================================================
 # LOAD SETTINGS
@ -17,10 +18,10 @@ source /usr/share/yunohost/helpers
 app=$YNH_APP_INSTANCE_NAME
-domain=$(ynh_app_setting_get $app domain)
+domain=$(ynh_app_setting_get "$app" domain)
-port=$(ynh_app_setting_get $app port)
+port=$(ynh_app_setting_get "$app" port)
-db_name=$(ynh_app_setting_get $app psql_db)
+db_name=$(ynh_app_setting_get "$app" psql_db)
-final_path=$(ynh_app_setting_get $app final_path)
+final_path=$(ynh_app_setting_get "$app" final_path)
 #=================================================
 # STANDARD REMOVE
@ -35,10 +36,10 @@ ynh_remove_systemd_config
 # REMOVE SERVICE FROM ADMIN PANEL
 #=================================================
-if yunohost service status | grep -q $app
+if yunohost service status | grep -q "$app"
 then
 	echo "Remove $app service"
-	yunohost service remove $app
+	yunohost service remove "$app"
 fi
 #=================================================
@ -54,14 +55,14 @@ ynh_remove_nodejs
 #=================================================
 # Remove a database if it exists, along with the associated user
-ynh_psql_drop_db $db_name
+ynh_psql_remove_db "$db_name" "$app"
 ynh_psql_drop_user $app
 #=================================================
 # REMOVE APP MAIN DIR
 #=================================================
 # Remove the app directory securely
 ynh_secure_remove "$final_path"
 ynh_secure_remove /home/yunohost.app/"$app"
 #=================================================
 # REMOVE NGINX CONFIGURATION
@ -77,6 +78,7 @@ ynh_remove_nginx_config
 # Remove the app-specific logrotate config
 ynh_remove_logrotate
 ynh_secure_remove /var/log/"$app"
 #=================================================
 # CLOSE A PORT
 #=================================================
@ -84,7 +86,7 @@ ynh_secure_remove /var/log/"$app"
 if yunohost firewall list | grep -q "\- $port$"
 then
 	echo "Close port $port"
-	yunohost firewall disallow TCP $port 2>&1
+	yunohost firewall disallow Both "$port" 2>&1
 fi
 #=================================================
@ -98,4 +100,4 @@ fi
 #=================================================
 # Delete a system user
-ynh_system_user_delete $app
+ynh_system_user_delete "$app"
--- a/scripts/restore
+++ b/scripts/restore
@ -0,0 +1,142 @@
 #!/bin/bash
 #=================================================
 # GENERIC START
 #=================================================
 # IMPORT GENERIC HELPERS
 #=================================================
 if [ ! -e _common.sh ]; then
 	# Get the _common.sh file if it's not in the current directory
 	cp ../settings/scripts/_common.sh ./_common.sh
 	cp ../settings/scripts/psql.sh ./psql.sh
 	cp ../settings/scripts/nodejs.sh ./nodejs.sh
 	chmod a+rx _common.sh psql.sh nodejs.sh
 fi
 source _common.sh
 source /usr/share/yunohost/helpers
 source psql.sh
 source nodejs.sh
 #=================================================
 # MANAGE SCRIPT FAILURE
 #=================================================
 # Exit if an error occurs during the execution of the script
 ynh_abort_if_errors
 #=================================================
 # LOAD SETTINGS
 #=================================================
 app=$YNH_APP_INSTANCE_NAME
 domain=$(ynh_app_setting_get "$app" domain)
 path_url="/"
 final_path=$(ynh_app_setting_get "$app" final_path)
 port=$(ynh_app_setting_get "$app" port)
 db_name=$(ynh_app_setting_get "$app" psql_db)
 db_pwd=$(ynh_app_setting_get "$app" psqlpwd)
 #=================================================
 # CHECK IF THE APP CAN BE RESTORED
 #=================================================
 ynh_webpath_available "$domain" "$path_url" \
 	|| ynh_die "Path not available: ${domain}${path_url}"
 test ! -d "$final_path" \
 	|| ynh_die "There is already a directory: $final_path "
 #=================================================
 # STANDARD RESTORATION STEPS
 #=================================================
 # RESTORE THE NGINX CONFIGURATION
 #=================================================
 ynh_restore_file "/etc/nginx/conf.d/$domain.d/$app.conf"
 #=================================================
 # RESTORE THE APP MAIN DIR
 #=================================================
 ynh_restore_file "$final_path"
 datadir="/home/yunohost.app/${app}/storage"
 ynh_restore_file "$datadir"
 # Open this port
 yunohost firewall allow Both "$port" 2>&1
 #=================================================
 # RECREATE THE DEDICATED USER
 #=================================================
 # Create the dedicated user (if not existing)
 ynh_system_user_create "$app"
 #=================================================
 # RESTORE USER RIGHTS
 #=================================================
 # Set right permissions for curl install
 datadir="/home/yunohost.app/${app}/storage"
 chown -R "$app" "$datadir"
 #=================================================
 # SPECIFIC RESTORATION
 #=================================================
 # REINSTALL DEPENDENCIES
 #=================================================
 # install yarn
 wget https://github.com/yarnpkg/yarn/releases/download/v1.5.1/yarn_1.5.1_all.deb
 echo "a4770cd8dcb13dc9a9218940dbd24b510ddf5eec78adb4e0da9ef3760b55a76e yarn_1.5.1_all.deb" | sha256sum -c || ynh_die
 dpkg -i yarn_1.5.1_all.deb
 # add backports (required to install ffmpeg)
 echo "deb http://httpredir.debian.org/debian jessie-backports main" | tee /etc/apt/sources.list.d/jessie-backports.list
 ynh_package_update
 # Define and install dependencies
 ynh_install_app_dependencies postgresql-9.4 ffmpeg redis-server redis-tools
 # install nodejs
 ynh_install_nodejs 8
 #=================================================
 # RESTORE THE PostgreSQL DATABASE
 #=================================================
 ynh_psql_test_if_first_run
 ynh_psql_setup_db "$app" "$db_name" "$db_pwd"
 ynh_psql_execute_file_as_root ./db.sql "$db_name"
 #=================================================
 # RESTORE SYSTEMD
 #=================================================
 ynh_restore_file "/etc/systemd/system/$app.service"
 systemctl enable "$app.service"
 #=================================================
 # RESTORE THE LOGROTATE CONFIGURATION
 #=================================================
 ynh_restore_file "/etc/logrotate.d/$app"
 #=================================================
 # RESTORE THE LOGROTATE CONFIGURATION
 #=================================================
 (cd "$final_path" && yarn install --production --pure-lockfile)
 #=================================================
 # GENERIC FINALIZATION
 #=================================================
 # RELOAD NGINX AND PeerTube
 #=================================================
 systemctl reload nginx
 service  "$app" restart
--- a/scripts/upgrade
+++ b/scripts/upgrade
@ -0,0 +1,179 @@
 #!/bin/bash
 #=================================================
 # GENERIC START
 #=================================================
 # IMPORT GENERIC HELPERS
 #=================================================
 source _common.sh
 source /usr/share/yunohost/helpers
 source psql.sh
 source nodejs.sh
 #=================================================
 # LOAD SETTINGS
 #=================================================
 app=$YNH_APP_INSTANCE_NAME
 domain=$(ynh_app_setting_get "$app" domain)
 path_url="/"
 is_public=$(ynh_app_setting_get "$app" is_public)
 admin_email=$(ynh_app_setting_get "$app" admin_email)
 admin_pass=$(ynh_app_setting_get "$app" admin_pass)
 final_path=$(ynh_app_setting_get "$app" final_path)
 port=$(ynh_app_setting_get "$app" port)
 db_name=$(ynh_app_setting_get "$app" psql_db)
 db_pwd=$(ynh_app_setting_get "$app" psqlpwd)
 #=================================================
 # ENSURE DOWNWARD COMPATIBILITY
 #=================================================
 # Fix is_public as a boolean value
 if [ "$is_public" = "Yes" ]; then
 	ynh_app_setting_set "$app" is_public 1
 	is_public=1
 elif [ "$is_public" = "No" ]; then
 	ynh_app_setting_set "$app" is_public 0
 	is_public=0
 fi
 #=================================================
 # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
 #=================================================
 # Backup the current version of the app
 ynh_backup_before_upgrade
 ynh_clean_setup () {
 	# restore it if the upgrade fails
 	ynh_restore_upgradebackup
 }
 # Exit if an error occurs during the execution of the script
 ynh_abort_if_errors
 #=================================================
 # REMOVE APP MAIN DIR
 #=================================================
 # Remove the app directory securely
 ynh_secure_remove "$final_path"
 # Define app's data directory
 datadir="/home/yunohost.app/${app}/storage"
 # Create app folders
 mkdir -p "$datadir"
 # Open this port
 yunohost firewall allow Both "$port" 2>&1
 #=================================================
 # CREATE DEDICATED USER
 #=================================================
 # Create a system user
 ynh_system_user_create "$app"
 #=================================================
 # INSTALL DEPENDENCIES
 #=================================================
 # install yarn
 wget https://github.com/yarnpkg/yarn/releases/download/v1.5.1/yarn_1.5.1_all.deb
 echo "a4770cd8dcb13dc9a9218940dbd24b510ddf5eec78adb4e0da9ef3760b55a76e yarn_1.5.1_all.deb" | sha256sum -c || ynh_die
 dpkg -i yarn_1.5.1_all.deb
 # add backports (required to install ffmpeg)
 echo "deb http://httpredir.debian.org/debian jessie-backports main" | tee /etc/apt/sources.list.d/jessie-backports.list
 ynh_package_update
 # install postgresql, ffmpeg, redis
 ynh_install_app_dependencies postgresql-9.4 ffmpeg redis-server redis-tools
 # install nodejs
 ynh_install_nodejs 8
 #=================================================
 # CHECK THE PATH
 #=================================================
 # Normalize the URL path syntax
 path_url=$(ynh_normalize_url_path "$path_url")
 # Download, check integrity, uncompress and patch the source from app.src
 ynh_setup_source "$final_path"
 cp ../conf/production.yaml "$final_path/config/production.yaml"
 (cd "$final_path" && yarn install --production --pure-lockfile)
 #=================================================
 # NGINX CONFIGURATION
 #=================================================
 # Create a dedicated nginx config
 ynh_add_nginx_config
 chown -R root:root   "$final_path"
 chown -R "$app" "$datadir"
 # Reload Nginx
 systemctl reload nginx
 #=================================================
 # MODIFY A CONFIG FILE
 #=================================================
 ynh_replace_string "__domain__" "$domain" "$final_path/config/production.yaml"
 ynh_replace_string "__db_name__" "$app" "$final_path/config/production.yaml"
 ynh_replace_string "__app__" "$app" "$final_path/config/production.yaml"
 ynh_replace_string "__db_pwd__" "$db_pwd" "$final_path/config/production.yaml"
 ynh_replace_string "__email__" "$admin_email" "$final_path/config/production.yaml"
 ynh_replace_string "__PORT__" "$port" "$final_path/config/production.yaml"
 # Recalculate and store the config file checksum into the app settings
 ynh_store_file_checksum "$final_path/config/production.yaml"
 #=================================================
 # SETUP LOGROTATE
 #=================================================
 # Use logrotate to manage app-specific logfile(s)
 ynh_use_logrotate --non-append
 #=================================================
 # SETUP SYSTEMD
 #=================================================
 # Create a dedicated systemd config
 ynh_add_systemd_config
 # Set right permissions for curl installation
 chown -R "$app":$app "$final_path" "$datadir"
 #=================================================
 # SETUP SSOWAT
 #=================================================
 if [ $is_public -eq 0 ]
 then	# Remove the public access
 	ynh_app_setting_delete "$app" skipped_uris
 fi
 # Make app public if necessary
 if [ $is_public -eq 1 ]
 then
 	# unprotected_uris allows SSO credentials to be passed anyway
 	ynh_app_setting_set "$app" unprotected_uris "/"
 fi
 #=================================================
 # RELOAD NGINX
 #=================================================
 systemctl reload nginx