Packaging v2 (#399)

* Convert to v2 (#383)

* convert script

* v2

* Auto-update README

* Update documentation cc @panomaki

* Bump ruby version from 3.0.6 to 3.2.2

* v2

* Auto-update README

* woops

* v2

* v2

* s/final_path/install_dir

* Update PRE_INSTALL.md

* too soon...

* v2

* v2

* v2

* Update tests.toml

* Update doc/PRE_INSTALL.md

Co-authored-by: Alexandre Aubin <alex.aubin@mailoo.org>

* Update doc/PRE_INSTALL_fr.md

Co-authored-by: Alexandre Aubin <alex.aubin@mailoo.org>

* Update tests.toml

Co-authored-by: Alexandre Aubin <alex.aubin@mailoo.org>

* Update tests.toml

Co-authored-by: Alexandre Aubin <alex.aubin@mailoo.org>

* Update doc/PRE_INSTALL.md

Co-authored-by: Alexandre Aubin <alex.aubin@mailoo.org>

* Update doc/PRE_INSTALL_fr.md

Co-authored-by: Alexandre Aubin <alex.aubin@mailoo.org>

* Apply suggestions

* Update manifest.toml

* Auto-update README

* Update manifest.toml

* Update scripts

* Auto-update README

* Remove SSO integration

* Use new mail mechanism

* cleaning

* Update manifest.toml

---------

Co-authored-by: yunohost-bot <yunohost@yunohost.org>
Co-authored-by: Alexandre Aubin <alex.aubin@mailoo.org>
Co-authored-by: Éric Gaspar <46165813+ericgaspar@users.noreply.github.com>

* Bump ynh version

* Auto-update README

* Update manifest.toml

* Update doc/PRE_INSTALL.md

Co-authored-by: Alexandre Aubin <alex.aubin@mailoo.org>

* Add service setting for app shell

* Use logrotate

* smtp config follow-up

Sidekiq service can be properly hardened since it doesn't use sendmail anymore o/

* Fix mkdir failing if /var/log/mastodon already exists

* upgrade: Rename database to match packaging v2

* Bump 4.1.6~ynh2

* Auto-update README

* Disable install.private test

* remove full_domain

* 4.1.7 (#403)

* 4.1.7

* Auto-update README

* Update manifest.toml

* Auto-update README

---------

Co-authored-by: yunohost-bot <yunohost@yunohost.org>
Co-authored-by: Tagada <36127788+Tagadda@users.noreply.github.com>

* fix

* fix

* Don't swap when running on a LXC

* Hardcore the needed RAM

* Auto-update README

* Auto-update README

* Update manifest.toml

* Auto-update README

* Update _common.sh

* Auto-update README

* cleaning

* cleaning

* Auto-update README

* Auto-update README

* Update tests.toml

* Fix restore

* Fix manifest.toml

* Auto-update README

* Auto-update README

* add `tootctl self-destruct` info

* format

* Auto-update README

* lol autotranslate

* break line

* break lines

* translation from french

* update version

* Auto-update README

* Update manifest.toml

---------

Co-authored-by: yunohost-bot <yunohost@yunohost.org>
Co-authored-by: Alexandre Aubin <alex.aubin@mailoo.org>
Co-authored-by: Éric Gaspar <46165813+ericgaspar@users.noreply.github.com>
Co-authored-by: ericgaspar <junk.eg@free.fr>
Co-authored-by: OniriCorpe <oniricorpe@disroot.org>

30 files changed, 509 insertions, 1045 deletions

diff --git a/.github/workflows/updater.sh b/.github/workflows/updater.sh
deleted file mode 100644
index 1499a0f..0000000
--- a/.github/workflows/updater.sh
+++ /dev/null
@@ -1,107 +0,0 @@
-#!/bin/bash
-
-#=================================================
-# PACKAGE UPDATING HELPER
-#=================================================
-
-# This script is meant to be run by GitHub Actions
-# The YunoHost-Apps organisation offers a template Action to run this script periodically
-# Since each app is different, maintainers can adapt its contents so as to perform
-# automatic actions when a new upstream release is detected.
-
-#=================================================
-# FETCHING LATEST RELEASE AND ITS ASSETS
-#=================================================
-
-# Fetching information
-current_version=$(cat manifest.json | jq -j '.version|split("~")[0]')
-repo=$(cat manifest.json | jq -j '.upstream.code|split("https://github.com/")[1]')
-# Some jq magic is needed, because the latest upstream release is not always the latest version (e.g. security patches for older versions)
-version=$(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '.[] | select( .prerelease != true ) | .tag_name' | sort -V | tail -1)
-assets="https://github.com/tootsuite/mastodon/archive/refs/tags/$version.tar.gz"
-
-# Later down the script, we assume the version has only digits and dots
-# Sometimes the release name starts with a "v", so let's filter it out.
-# You may need more tweaks here if the upstream repository has different naming conventions.
-if [[ ${version:0:1} == "v" || ${version:0:1} == "V" ]]; then
-	version=${version:1}
-fi
-
-# Setting up the environment variables
-echo "Current version: $current_version"
-echo "Latest release from upstream: $version"
-echo "VERSION=$version" >> $GITHUB_ENV
-echo "REPO=$repo" >> $GITHUB_ENV
-# For the time being, let's assume the script will fail
-echo "PROCEED=false" >> $GITHUB_ENV
-
-# Proceed only if the retrieved version is greater than the current one
-if ! dpkg --compare-versions "$current_version" "lt" "$version" ; then
-	echo "::warning ::No new version available"
-	exit 0
-# Proceed only if a PR for this new version does not already exist
-elif git ls-remote -q --exit-code --heads https://github.com/$GITHUB_REPOSITORY.git ci-auto-update-v$version ; then
-	echo "::warning ::A branch already exists for this update"
-	exit 0
-fi
-
-#=================================================
-# UPDATE SOURCE FILES
-#=================================================
-
-# Let's download source tarball
-asset_url=$assets
-
-echo "Handling asset at $asset_url"
-
-src="app"
-
-# Create the temporary directory
-tempdir="$(mktemp -d)"
-
-# Download sources and calculate checksum
-filename=${asset_url##*/}
-curl --silent -4 -L $asset_url -o "$tempdir/$filename"
-checksum=$(sha256sum "$tempdir/$filename" | head -c 64)
-
-# Delete temporary directory
-rm -rf $tempdir
-
-# Get extension
-if [[ $filename == *.tar.gz ]]; then
-  extension=tar.gz
-else
-  extension=${filename##*.}
-fi
-
-# Rewrite source file
-cat <<EOT > conf/$src.src
-SOURCE_URL=$asset_url
-SOURCE_SUM=$checksum
-SOURCE_SUM_PRG=sha256sum
-SOURCE_FORMAT=$extension
-SOURCE_IN_SUBDIR=true
-SOURCE_FILENAME=
-SOURCE_EXTRACT=true
-EOT
-echo "... conf/$src.src updated"
-
-#=================================================
-# SPECIFIC UPDATE STEPS
-#=================================================
-
-# Any action on the app's source code can be done.
-# The GitHub Action workflow takes care of committing all changes after this script ends.
-
-#=================================================
-# GENERIC FINALIZATION
-#=================================================
-
-# Replace new version in manifest
-echo "$(jq -s --indent 4 ".[] | .version = \"$version~ynh1\"" manifest.json)" > manifest.json
-
-# No need to update the README, yunohost-bot takes care of it
-
-# The Action will proceed only if the PROCEED environment variable is set to true
-echo "PROCEED=true" >> $GITHUB_ENV
-exit 0
diff --git a/.github/workflows/updater.yml b/.github/workflows/updater.yml
deleted file mode 100644
index a56d7cb..0000000
--- a/.github/workflows/updater.yml
+++ /dev/null
@@ -1,49 +0,0 @@
-# This workflow allows GitHub Actions to automagically update your app whenever a new upstream release is detected.
-# You need to enable Actions in your repository settings, and fetch this Action from the YunoHost-Apps organization.
-# This file should be enough by itself, but feel free to tune it to your needs.
-# It calls updater.sh, which is where you should put the app-specific update steps.
-name: Check for new upstream releases
-on:
-  # Allow to manually trigger the workflow
-  workflow_dispatch:
-  # Run it every day at 6:00 UTC
-  schedule:
-    - cron:  '0 6 * * *'
-jobs:
-  updater:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Fetch the source code
-        uses: actions/checkout@v3
-        with:
-          token: ${{ secrets.GITHUB_TOKEN }}
-      - name: Run the updater script
-        id: run_updater
-        run: |
-          # Setting up Git user
-          git config --global user.name 'yunohost-bot'
-          git config --global user.email 'yunohost-bot@users.noreply.github.com'
-          # Run the updater script
-          /bin/bash .github/workflows/updater.sh
-      - name: Commit changes
-        id: commit
-        if: ${{ env.PROCEED == 'true' }}
-        run: |
-          git commit -am "Upgrade to v$VERSION"
-      - name: Create Pull Request
-        id: cpr
-        if: ${{ env.PROCEED == 'true' }}
-        uses: peter-evans/create-pull-request@v4
-        with:
-          token: ${{ secrets.GITHUB_TOKEN }}
-          commit-message: Update to version ${{ env.VERSION }}
-          committer: 'yunohost-bot <yunohost-bot@users.noreply.github.com>'
-          author: 'yunohost-bot <yunohost-bot@users.noreply.github.com>'
-          signoff: false
-          base: testing
-          branch: ci-auto-update-v${{ env.VERSION }}
-          delete-branch: true
-          title: 'Upgrade to version ${{ env.VERSION }}'
-          body: |
-            Upgrade to v${{ env.VERSION }}
-          draft: false
diff --git a/README.md b/README.md
index 0f7a714..d9b4a89 100644
--- a/README.md
+++ b/README.md
@@ -16,7 +16,8 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in
 
 ## Overview
 
-Mastodon is a free, open-source microblogging social network. It is a decentralized alternative to commercial platforms like Twitter and avoids the risks of a single company monopolizing your communication for commercial purposes. 
+Mastodon is a free, open-source microblogging social network. It is a decentralized alternative to commercial platforms like Twitter and avoids the risks of a single company monopolizing your communication for commercial purposes.
+
 
 **Shipped version:** 4.2.8~ynh1
 
@@ -26,49 +27,6 @@ Mastodon is a free, open-source microblogging social network. It is a decentrali
 
 ![Screenshot of Mastodon](./doc/screenshots/mastodon.png)
 
-## Disclaimers / important information
-
-## Important points to read before installing
-
-1. **Mastodon** require a dedicated **root domain**, eg. mastodon.domain.tld
-1. The user choosen during the installation is automatically created in Mastodon with admin rights
-1. At the end of the installation a mail is sent to the user with the automatically generated password
-1. It seems important to close the inscriptions for your Mastodon, so that it remains a private body. We invite you to block remote malicious instances from the administration interface. You can also add text on your home page.
-
-## Configuration
-
-### Install
-
-#### Using *screen* in case of disconnect
-```
-$ sudo apt-get install screen
-$ screen
-$ sudo yunohost app install https://github.com/YunoHost-Apps/mastodon_ynh.git
-```
-Recover after disconnect:
-```
-$ screen -d
-$ screen -r
-```
-
-### Update
-
-#### Using *screen* highly recommended
-
-`$ sudo yunohost app upgrade mastodon -u https://github.com/YunoHost-Apps/mastodon_ynh --debug `
-
-### Administrate with tootctl
-
-`$ (cd /var/www/mastodon/live && sudo -u mastodon RAILS_ENV=production PATH=/opt/rbenv/versions/mastodon/bin bin/tootctl --help)`
-
-## YunoHost specific features
-
-#### Multi-users support
-
-LDAP authentication is activated. All YunoHost users can authenticate.
-
-Log-out from YunoHost's portal doesn't log out from Mastodon. See https://github.com/YunoHost/issues/issues/501
-
 ## Documentation and resources
 
 * Official app website: <https://joinmastodon.org/>
diff --git a/README_fr.md b/README_fr.md
index ac775e7..0d7e1a0 100644
--- a/README_fr.md
+++ b/README_fr.md
@@ -27,54 +27,6 @@ Mastodon est un réseau social de microblog auto-hébergé et open source. C'est
 
 ![Capture d’écran de Mastodon](./doc/screenshots/mastodon.png)
 
-## Avertissements / informations importantes
-
-## Points importants à lire avant l'installation
-
-1. **Mastodon** nécessite un **nom de domaine** dédié, par exemple : mastodon.domain.tld
-1. L'utilisateur sélectionné pendant l'installation sera créé automatiquement dans Mastodon avec des droits d'administration.
-1. À la fin de l'installation, un mail est envoyé à cet utilisateur avec un mot de passe généré automatiquement.
-1. Pour que votre instance Mastodon reste privée, il est important de fermer les inscriptions. Nous vous invitons à bloquer les instances distantes indésirables depuis l'interface d'administration. Vous pouvez également ajouter un texte sur votre page d'accueil dans l'administration.
-
-## Captures d'écran
-
-![](https://framalibre.org/sites/default/files/mastodon.png)
-
-## Configuration
-
-### Installation
-
-#### Utilisation de *screen* en cas de déconnection
-```
-$ sudo apt-get install screen
-$ screen
-$ sudo yunohost app install https://github.com/YunoHost-Apps/mastodon_ynh.git
-```
-Récupérer l'installation après une deconnection :
-```
-$ screen -d
-$ screen -r
-```
-L'utilisateur admin est créé automatiquement comme : user@domain.tld
-
-### Mise à jour
-
-#### Utilisation de *screen* fortement recommandée
-
-`$ sudo yunohost app upgrade mastodon -u https://github.com/YunoHost-Apps/mastodon_ynh --debug `
-
-### Administration avec tootctl
-
-`$ (cd /var/www/mastodon/live && sudo -u mastodon RAILS_ENV=production PATH=/opt/rbenv/versions/mastodon/bin bin/tootctl --help)`
-
-## Caractéristiques spécifiques YunoHost
-
-#### Support multi-utilisateur
-
-L'authentification LDAP est activée. Tous les utilisateurs YunoHost peuvent s'authentifier.
-
-Se déconnecter depuis le portail YunoHost ne vous déconnecte pas de Mastodon. Voir https://github.com/YunoHost/issues/issues/501
-
 ## Documentations et ressources
 
 * Site officiel de l’app : <https://joinmastodon.org/>
diff --git a/check_process b/check_process
deleted file mode 100644
index 8714241..0000000
--- a/check_process
+++ /dev/null
@@ -1,22 +0,0 @@
-;; Test complet
-	; Manifest
-		domain="domain.tld"
-		is_public=1
-		admin="john"
-		language="fr_FR"
-	; Checks
-		pkg_linter=1
-		setup_sub_dir=0
-		setup_root=1
-		setup_nourl=0
-		setup_private=1
-		setup_public=1
-		upgrade=1
-		# 4.02~ynh2
-		upgrade=1	from_commit=94381183ca2d14da72234b53c9a83972ffb16e54		
-		backup_restore=1
-		multi_instance=0
-		change_url=0
-;;; Options
-Email=yalh@yahoo.com
-Notification=all
diff --git a/conf/.env.production.sample b/conf/.env.production.sample
index 21cc8e5..7005b5d 100644
--- a/conf/.env.production.sample
+++ b/conf/.env.production.sample
@@ -30,11 +30,14 @@ DB_NAME=__DB_NAME__
 DB_PASS=__DB_PWD__
 DB_PORT=5432
 
-# ElasticSearch (optional)
+# Elasticsearch (optional)
 # ------------------------
-# ES_ENABLED=true
-# ES_HOST=es
+ES_ENABLED=false
+# ES_HOST=localhost
 # ES_PORT=9200
+# Authentication for ES (optional)
+# ES_USER=elastic
+# ES_PASS=password
 
 # Secrets
 # -------
@@ -54,17 +57,12 @@ VAPID_PUBLIC_KEY=__VAPID_PUBLIC_KEY__
 # ------------
 SMTP_SERVER=localhost
 SMTP_PORT=25
-#SMTP_LOGIN=
-#SMTP_PASSWORD=
-SMTP_FROM_ADDRESS=__ADMIN_MAIL__
-#SMTP_REPLY_TO=
-#SMTP_DOMAIN= # defaults to LOCAL_DOMAIN
-SMTP_DELIVERY_METHOD=sendmail # delivery method can also be smtp
-SMTP_AUTH_METHOD=none
-#SMTP_CA_FILE=/etc/ssl/certs/ca-certificates.crt
+SMTP_LOGIN=__APP__
+SMTP_PASSWORD=__MAIL_PWD__
+SMTP_FROM_ADDRESS=Mastodon <__APP__@__DOMAIN__>
+SMTP_DELIVERY_METHOD=smtp
+SMTP_AUTH_METHOD=plain
 SMTP_OPENSSL_VERIFY_MODE=none
-#SMTP_ENABLE_STARTTLS_AUTO=true
-#SMTP_TLS=true
 
 # Registrations
 # ------------
@@ -80,16 +78,13 @@ DEFAULT_LOCALE=__LANGUAGE__
 
 # File storage (optional)
 # -----------------------
-# S3_ENABLED=true
-# S3_BUCKET=
+S3_ENABLED=false
+# S3_BUCKET=files.example.com
 # AWS_ACCESS_KEY_ID=
 # AWS_SECRET_ACCESS_KEY=
-# S3_REGION=
-# S3_PROTOCOL=http
-# S3_HOSTNAME=192.168.1.123:9000
-# S3_ALIAS_HOST=
+# S3_ALIAS_HOST=files.example.com
 
-# LDAP authentication (optional)
+# IP and session retention
 # -----------------------
 LDAP_ENABLED=true
 LDAP_HOST=localhost
@@ -105,3 +100,9 @@ LDAP_UID_CONVERSION_ENABLED=true
 LDAP_UID_CONVERSION_SEARCH=., -
 LDAP_UID_CONVERSION_REPLACE=_
 LDAP_TLS_NO_VERIFY=true
+
+# Make sure to modify the scheduling of ip_cleanup_scheduler in config/sidekiq.yml
+# to be less than daily if you lower IP_RETENTION_PERIOD below two days (172800).
+# -----------------------
+IP_RETENTION_PERIOD=1209600
+SESSION_RETENTION_PERIOD=1209600
diff --git a/conf/app.src b/conf/app.src
deleted file mode 100644
index a6999e4..0000000
--- a/conf/app.src
+++ /dev/null
@@ -1,7 +0,0 @@
-SOURCE_URL=https://github.com/tootsuite/mastodon/archive/refs/tags/v4.2.8.tar.gz
-SOURCE_SUM=ccecdfaab5f84cfaeb193eff2b7b795f7bdd08aa872e265dcb2625310f2c9478
-SOURCE_SUM_PRG=sha256sum
-SOURCE_FORMAT=tar.gz
-SOURCE_IN_SUBDIR=true
-SOURCE_FILENAME=
-SOURCE_EXTRACT=true
diff --git a/conf/cron b/conf/cron
index 339d3c4..02b2a6a 100644
--- a/conf/cron
+++ b/conf/cron
@@ -1,7 +1,7 @@
 # This is a system cron file, see crontab(5)
 # m h dom mon dow user command
-@daily __APP__ cd __FINAL_PATH__/live && __YNH_RUBY_LOAD_PATH__ __LD_PRELOAD__ RAILS_ENV=production bin/tootctl media remove
-@monthly __APP__ cd __FINAL_PATH__/live && __YNH_RUBY_LOAD_PATH__ __LD_PRELOAD__ RAILS_ENV=production bin/tootctl media remove-orphans
-@monthly __APP__ cd __FINAL_PATH__/live && __YNH_RUBY_LOAD_PATH__ __LD_PRELOAD__ RAILS_ENV=production bin/tootctl accounts cull
-@monthly __APP__ cd __FINAL_PATH__/live && __YNH_RUBY_LOAD_PATH__ __LD_PRELOAD__ RAILS_ENV=production bin/tootctl statuses remove
-@monthly __APP__ cd __FINAL_PATH__/live && __YNH_RUBY_LOAD_PATH__ __LD_PRELOAD__ RAILS_ENV=production bin/tootctl preview_cards remove
+@daily __APP__ cd __INSTALL_DIR__/live && __YNH_RUBY_LOAD_PATH__ __LD_PRELOAD__ RAILS_ENV=production bin/tootctl media remove
+@monthly __APP__ cd __INSTALL_DIR__/live && __YNH_RUBY_LOAD_PATH__ __LD_PRELOAD__ RAILS_ENV=production bin/tootctl media remove-orphans
+@monthly __APP__ cd __INSTALL_DIR__/live && __YNH_RUBY_LOAD_PATH__ __LD_PRELOAD__ RAILS_ENV=production bin/tootctl accounts cull
+@monthly __APP__ cd __INSTALL_DIR__/live && __YNH_RUBY_LOAD_PATH__ __LD_PRELOAD__ RAILS_ENV=production bin/tootctl statuses remove
+@monthly __APP__ cd __INSTALL_DIR__/live && __YNH_RUBY_LOAD_PATH__ __LD_PRELOAD__ RAILS_ENV=production bin/tootctl preview_cards remove
diff --git a/conf/mastodon-sidekiq.service b/conf/mastodon-sidekiq.service
index 25a46fb..14bd592 100644
--- a/conf/mastodon-sidekiq.service
+++ b/conf/mastodon-sidekiq.service
@@ -5,15 +5,17 @@ After=network.target
 [Service]
 Type=simple
 User=__APP__
-WorkingDirectory=__FINALPATH__/live
+WorkingDirectory=__INSTALL_DIR__/live
 Environment="__LD_PRELOAD__"
 Environment="RAILS_ENV=production"
 Environment="DB_POOL=25"
 Environment="MALLOC_ARENA_MAX=2"
 Environment="__YNH_RUBY_LOAD_PATH__"
-ExecStart=__FINALPATH__/live/bin/bundle exec sidekiq -c 25
+ExecStart=__INSTALL_DIR__/live/bin/bundle exec sidekiq -c 25
 TimeoutSec=15
 Restart=always
+StandardOutput=append:/var/log/__APP__/__APP__-sidekiq.log
+StandardError=inherit
 
 # Sandboxing options to harden security
 # Depending on specificities of your service/app, you may need to tweak these 
@@ -21,17 +23,17 @@ Restart=always
 # Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html
 NoNewPrivileges=no
 PrivateTmp=yes
-#PrivateDevices=yes
-#RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 AF_NETLINK
-#RestrictNamespaces=yes
-#RestrictRealtime=yes
+PrivateDevices=yes
+RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 AF_NETLINK
+RestrictNamespaces=yes
+RestrictRealtime=yes
 DevicePolicy=closed
 ProtectSystem=full
 ProtectControlGroups=yes
-#ProtectKernelModules=yes
-#ProtectKernelTunables=yes
-#LockPersonality=yes
-#SystemCallFilter=~@clock @debug @module @mount @obsolete @reboot @setuid @swap
+ProtectKernelModules=yes
+ProtectKernelTunables=yes
+LockPersonality=yes
+SystemCallFilter=~@clock @debug @module @mount @obsolete @reboot @setuid @swap
 
 # Denying access to capabilities that should not be relevant for webapps
 # Doc: https://man7.org/linux/man-pages/man7/capabilities.7.html
diff --git a/conf/mastodon-streaming.service b/conf/mastodon-streaming.service
index c88e0fa..f63945e 100644
--- a/conf/mastodon-streaming.service
+++ b/conf/mastodon-streaming.service
@@ -5,7 +5,7 @@ After=network.target
 [Service]
 Type=simple
 User=__APP__
-WorkingDirectory=__FINALPATH__/live
+WorkingDirectory=__INSTALL_DIR__/live
 Environment="NODE_ENV=production"
 Environment="PORT=__PORT_STREAM__"
 Environment="STREAMING_CLUSTER_NUM=1"
@@ -13,6 +13,8 @@ Environment="__YNH_NODE_LOAD_PATH__"
 ExecStart=__YNH_NODE__ ./streaming
 TimeoutSec=15
 Restart=always
+StandardOutput=append:/var/log/__APP__/__APP__-streaming.log
+StandardError=inherit
 
 # Sandboxing options to harden security
 # Depending on specificities of your service/app, you may need to tweak these 
diff --git a/conf/mastodon-web.service b/conf/mastodon-web.service
index 334233b..133fc3b 100644
--- a/conf/mastodon-web.service
+++ b/conf/mastodon-web.service
@@ -5,15 +5,17 @@ After=network.target
 [Service]
 Type=simple
 User=__APP__
-WorkingDirectory=__FINALPATH__/live
+WorkingDirectory=__INSTALL_DIR__/live
 Environment="__LD_PRELOAD__"
 Environment="RAILS_ENV=production"
 Environment="PORT=__PORT_WEB__"
 Environment="__YNH_RUBY_LOAD_PATH__"
-ExecStart=__FINALPATH__/live/bin/bundle exec puma -C config/puma.rb
+ExecStart=__INSTALL_DIR__/live/bin/bundle exec puma -C config/puma.rb
 ExecReload=/bin/kill -SIGUSR1 $MAINPID
 TimeoutSec=15
 Restart=always
+StandardOutput=append:/var/log/__APP__/__APP__-web.log
+StandardError=inherit
 
 # Sandboxing options to harden security
 # Depending on specificities of your service/app, you may need to tweak these 
diff --git a/conf/nginx.conf b/conf/nginx.conf
index 4b1f76b..09e4a84 100644
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@@ -1,6 +1,6 @@
 client_max_body_size 99m;
 
-root __FINALPATH__/live/public;
+root __INSTALL_DIR__/live/public;
 
 location / {
 
diff --git a/doc/ADMIN.md b/doc/ADMIN.md
new file mode 100644
index 0000000..6cb69e2
--- /dev/null
+++ b/doc/ADMIN.md
@@ -0,0 +1,63 @@
+## Administrate with tooctl
+
+`$ (cd /var/www/mastodon/live && sudo -u mastodon RAILS_ENV=production PATH=/opt/rbenv/versions/mastodon/bin bin/tootctl --help)`
+
+## Update
+
+**`screen` (or `tmux`) can be used to make sure your session is not interrupted in case of connection problems.**  
+See [tutorial](https://www.howtogeek.com/662422/how-to-use-linuxs-screen-command/) for more background information.
+
+```bash
+screen
+sudo yunohost app upgrade mastodon
+```
+
+## Backups
+
+First of all: Mastodon uses a local cache to save media (such as posted images, videos etc.). This cache can grow huge.  
+You could consider cleaning up your local cache first as otherwise your backup will be very big and you might run out of disk space:
+
+To check your space usage, on a command line run:
+
+```bash
+sudo cd /var/www/mastodon/live && sudo -u mastodon RAILS_ENV=production PATH=/opt/rbenv/versions/mastodon/bin bin/tootctl media usage
+```
+
+If your cache is too big to backup, you can run the following command to clean up Attachments (the first line).  
+Substitute X by the number of days you want to keep, e.g. 1 day.  
+All older images will be deleted but will be refetched from the original server if necessary.
+
+First dry-run to see how much space is freed up (without actually removing):
+
+```bash
+sudo cd /var/www/mastodon/live && sudo -u mastodon RAILS_ENV=production PATH=/opt/rbenv/versions/mastodon/bin bin/tootctl media remove --days=X --dry-run`
+```
+
+If all looks good commit the cleanup:
+
+```bash
+sudo cd /var/www/mastodon/live && sudo -u mastodon RAILS_ENV=production PATH=/opt/rbenv/versions/mastodon/bin bin/tootctl media remove --days=X`
+```
+
+Check [the official documentation](https://docs.joinmastodon.org/admin/tootctl/#media-remove) for more details.
+
+## Before your Mastodon instance deletion
+
+Before definitively uninstalling Mastodon, you have to run `tootctl self-destruct` to broadcast your users and instance deletion to the federation.  
+Otherwise your data will remain in federation cache for ever.
+
+⚠️ Make sure you know exactly what you are doing before running this command.  
+⚠️ This operation is NOT reversible, and it can take a long time.  
+⚠️ The server will be in a BROKEN STATE after this command finishes.  
+⚠️ A running Sidekiq process is required, so do not shut down the server until the queues are fully cleared.
+
+```bash
+screen
+sudo cd /var/www/mastodon/live && sudo -u mastodon RAILS_ENV=production PATH=/opt/rbenv/versions/mastodon/bin bin/tootctl self-destruct
+```
+
+Check [the official documentation](https://docs.joinmastodon.org/admin/tootctl/#self-destruct) for more details.
+
+## Known Bugs
+
+- Log-out from YunoHost's portal doesn't log out from Mastodon. See <https://github.com/YunoHost/issues/issues/501>
diff --git a/doc/ADMIN_fr.md b/doc/ADMIN_fr.md
new file mode 100644
index 0000000..91125ba
--- /dev/null
+++ b/doc/ADMIN_fr.md
@@ -0,0 +1,63 @@
+## Administration avec tooctl
+
+`$ cd /var/www/mastodon/live && sudo -u mastodon RAILS_ENV=production PATH=/opt/rbenv/versions/mastodon/bin bin/tootctl --help`
+
+## Mise à jour
+
+**`screen` (ou `tmux`) peut être utilisé pour vous assurer que votre session n'est pas interrompue en cas de problème de connection.**  
+Consultez ce [tutoriel](https://www.howtogeek.com/662422/how-to-use-linuxs-screen-command/) pour plus de détails.
+
+```bash
+screen
+sudo yunohost app upgrade mastodon
+```
+
+## Sauvegardes
+
+Tout d'abord : Mastodon utilise un cache local pour sauvegarder les médias (comme les images, vidéos, etc). Ce cache peut devenir énorme.  
+Vous devriez réfléchir à vider votre cache local avant de faire une sauvegarde, qui pourrait être énorme et vous pourriez manquer d'espace de stockage.
+
+Pour vérifier l'utilisation du stockage, en ligne de commande utilisez :
+
+```bash
+sudo cd /var/www/mastodon/live && sudo -u mastodon RAILS_ENV=production PATH=/opt/rbenv/versions/mastodon/bin bin/tootctl media usage
+```
+
+Si le cache est trop gros pour être sauvegardé, vous pouvez lancer la commande suivante pour en supprimer les médias attachés.  
+Changez `X` par le nombre de cache à conserver, par ex. 1 jour.  
+Tous les médias plus anciens seront supprimés, mais ils pourront être rechargé du serveur d'origine si nécessaire.
+
+En premier faite un essai à blanc pour voir combien de place sera libérée (sans rien supprimer):
+
+```bash
+sudo cd /var/www/mastodon/live && sudo -u mastodon RAILS_ENV=production PATH=/opt/rbenv/versions/mastodon/bin bin/tootctl media remove --days=X --dry-run`
+```
+
+Si cela semble bon, effectuez le nettoyage :
+
+```bash
+sudo cd /var/www/mastodon/live && sudo -u mastodon RAILS_ENV=production PATH=/opt/rbenv/versions/mastodon/bin bin/tootctl media remove --days=X
+```
+
+Consulter [la documentation officielle](<https://docs.joinmastodon.org/admin/tootctl/#media-remove>) pour plus de détails.
+
+## Avant la suppression de votre instance Mastodon
+
+Avant de désinstaller définitivement Mastodon, vous devez lancer `tootctl self-destruct` pour annoncer à la fédération la suppression de vos utilisateurs et de votre instance.  
+Sinon, vos données resteront dans le cache de la fédération pour toujours.
+
+⚠️ Assurez-vous de savoir exactement ce que vous faites avant d'exécuter cette commande.  
+⚠️ Cette opération n'est PAS réversible et peut prendre beaucoup de temps.  
+⚠️ Le serveur sera dans un ÉTAT BRISÉ après la fin de cette commande.  
+⚠️Un processus Sidekiq en cours d'exécution est nécessaire, donc n'arrêtez pas le serveur avant que les files d'attente ne soient complètement vidées.
+
+```bash
+screen
+sudo cd /var/www/mastodon/live && sudo -u mastodon RAILS_ENV=production PATH=/opt/rbenv/versions/mastodon/bin bin/tootctl self-destruct
+```
+
+Consulter [la documentation officielle](<https://docs.joinmastodon.org/admin/tootctl/#self-destruct>) pour plus de détails.
+
+## Bugs connus
+
+- Se déconnecter depuis le portail YunoHost ne vous déconnecte pas de Mastodon. Voir <https://github.com/YunoHost/issues/issues/501>
diff --git a/doc/DESCRIPTION.md b/doc/DESCRIPTION.md
index 72981f6..1bea4ef 100644
--- a/doc/DESCRIPTION.md
+++ b/doc/DESCRIPTION.md
@@ -1 +1 @@
-Mastodon is a free, open-source microblogging social network. It is a decentralized alternative to commercial platforms like Twitter and avoids the risks of a single company monopolizing your communication for commercial purposes. 
\ No newline at end of file
+Mastodon is a free, open-source microblogging social network. It is a decentralized alternative to commercial platforms like Twitter and avoids the risks of a single company monopolizing your communication for commercial purposes.
diff --git a/doc/DISCLAIMER.md b/doc/DISCLAIMER.md
deleted file mode 100644
index e08b255..0000000
--- a/doc/DISCLAIMER.md
+++ /dev/null
@@ -1,40 +0,0 @@
-## Important points to read before installing
-
-1. **Mastodon** require a dedicated **root domain**, eg. mastodon.domain.tld
-1. The user choosen during the installation is automatically created in Mastodon with admin rights
-1. At the end of the installation a mail is sent to the user with the automatically generated password
-1. It seems important to close the inscriptions for your Mastodon, so that it remains a private body. We invite you to block remote malicious instances from the administration interface. You can also add text on your home page.
-
-## Configuration
-
-### Install
-
-#### Using *screen* in case of disconnect
-```
-$ sudo apt-get install screen
-$ screen
-$ sudo yunohost app install https://github.com/YunoHost-Apps/mastodon_ynh.git
-```
-Recover after disconnect:
-```
-$ screen -d
-$ screen -r
-```
-
-### Update
-
-#### Using *screen* highly recommended
-
-`$ sudo yunohost app upgrade mastodon -u https://github.com/YunoHost-Apps/mastodon_ynh --debug `
-
-### Administrate with tootctl
-
-`$ (cd /var/www/mastodon/live && sudo -u mastodon RAILS_ENV=production PATH=/opt/rbenv/versions/mastodon/bin bin/tootctl --help)`
-
-## YunoHost specific features
-
-#### Multi-users support
-
-LDAP authentication is activated. All YunoHost users can authenticate.
-
-Log-out from YunoHost's portal doesn't log out from Mastodon. See https://github.com/YunoHost/issues/issues/501
diff --git a/doc/DISCLAIMER_fr.md b/doc/DISCLAIMER_fr.md
deleted file mode 100644
index 09ed5c9..0000000
--- a/doc/DISCLAIMER_fr.md
+++ /dev/null
@@ -1,45 +0,0 @@
-## Points importants à lire avant l'installation
-
-1. **Mastodon** nécessite un **nom de domaine** dédié, par exemple : mastodon.domain.tld
-1. L'utilisateur sélectionné pendant l'installation sera créé automatiquement dans Mastodon avec des droits d'administration.
-1. À la fin de l'installation, un mail est envoyé à cet utilisateur avec un mot de passe généré automatiquement.
-1. Pour que votre instance Mastodon reste privée, il est important de fermer les inscriptions. Nous vous invitons à bloquer les instances distantes indésirables depuis l'interface d'administration. Vous pouvez également ajouter un texte sur votre page d'accueil dans l'administration.
-
-## Captures d'écran
-
-![](https://framalibre.org/sites/default/files/mastodon.png)
-
-## Configuration
-
-### Installation
-
-#### Utilisation de *screen* en cas de déconnection
-```
-$ sudo apt-get install screen
-$ screen
-$ sudo yunohost app install https://github.com/YunoHost-Apps/mastodon_ynh.git
-```
-Récupérer l'installation après une deconnection :
-```
-$ screen -d
-$ screen -r
-```
-L'utilisateur admin est créé automatiquement comme : user@domain.tld
-
-### Mise à jour
-
-#### Utilisation de *screen* fortement recommandée
-
-`$ sudo yunohost app upgrade mastodon -u https://github.com/YunoHost-Apps/mastodon_ynh --debug `
-
-### Administration avec tootctl
-
-`$ (cd /var/www/mastodon/live && sudo -u mastodon RAILS_ENV=production PATH=/opt/rbenv/versions/mastodon/bin bin/tootctl --help)`
-
-## Caractéristiques spécifiques YunoHost
-
-#### Support multi-utilisateur
-
-L'authentification LDAP est activée. Tous les utilisateurs YunoHost peuvent s'authentifier.
-
-Se déconnecter depuis le portail YunoHost ne vous déconnecte pas de Mastodon. Voir https://github.com/YunoHost/issues/issues/501
diff --git a/doc/PRE_INSTALL.md b/doc/PRE_INSTALL.md
new file mode 100644
index 0000000..c08f99b
--- /dev/null
+++ b/doc/PRE_INSTALL.md
@@ -0,0 +1,23 @@
+## Important points to read before installing
+
+- **Mastodon** require a dedicated **root domain**, eg. `domaine.tld` or `mastodon.domain.tld`, with no other apps installed on that domain. You can't change the domain once installed.
+- The user choosen during the installation is automatically created in Mastodon with admin rights
+- It seems important to close registrations for your Mastodon, so that it remains a private body. We invite you to block remote malicious instances from the administration interface. You can also add text on your home page.
+
+## Using *screen* in case of disconnect
+
+Mastodon can take a long time to install, depending on server performance.  
+To avoid the process being interrupted by a disconnection, you can use `screen`.
+
+```bash
+sudo apt install screen
+screen
+sudo yunohost app install https://github.com/YunoHost-Apps/mastodon_ynh.git
+```
+
+Recover after disconnect:
+
+```bash
+screen -d
+screen -r
+```
diff --git a/doc/PRE_INSTALL_fr.md b/doc/PRE_INSTALL_fr.md
new file mode 100644
index 0000000..2a407a6
--- /dev/null
+++ b/doc/PRE_INSTALL_fr.md
@@ -0,0 +1,23 @@
+## Points importants à lire avant l'installation
+
+- **Mastodon** nécessite un **nom de domaine** dédié, par exemple : `domaine.tld` ou `mastodon.domaine.tld` sans apps installées sur ce domaine. Il est impossible de changer le nom de domaine après l'installation.
+- L'utilisateur sélectionné pendant l'installation sera créé automatiquement dans Mastodon avec des droits d'administration.
+- Pour que votre instance Mastodon reste privée, il est important de fermer les inscriptions. Nous vous invitons à bloquer les instances indésirables depuis l'interface d'administration. Vous pouvez également ajouter un texte sur votre page d'accueil dans l'administration.
+
+## Utilisation de *screen* en cas de déconnexion
+
+L'installation de Mastodon peut être longue, selon les performances du serveur.  
+Pour éviter que le processus soit interrompu par une déconnexion, on peut utiliser `screen`.
+
+```bash
+sudo apt install screen
+screen
+sudo yunohost app install mastodon
+```
+
+Récupérer l'installation après une deconnection :
+
+```bash
+screen -d
+screen -r
+```
diff --git a/manifest.json b/manifest.json
deleted file mode 100644
index 8f72071..0000000
--- a/manifest.json
+++ /dev/null
@@ -1,69 +0,0 @@
-{
-    "name": "Mastodon",
-    "id": "mastodon",
-    "packaging_format": 1,
-    "description": {
-        "en": "Libre and federated social network",
-        "fr": "Réseau social libre et fédéré"
-    },
-    "version": "4.2.8~ynh1",
-    "url": "https://github.com/mastodon/mastodon",
-    "upstream": {
-        "license": "AGPL-3.0-or-later",
-        "website": "https://joinmastodon.org/",
-        "demo": "https://joinmastodon.org/",
-        "admindoc": "https://docs.joinmastodon.org/",
-        "code": "https://github.com/mastodon/mastodon"
-    },
-    "license": "AGPL-3.0-or-later",
-    "maintainer": {
-        "name": "yalh76"
-    },
-    "previous_maintainer": [
-        {
-            "name": "cyp",
-            "email": "cyp@rouquin.me"
-        },
-        {
-            "name": "nemsia",
-            "email": "nemsia@nemsia.org"
-        }
-    ],
-    "requirements": {
-        "yunohost": ">= 11.2"
-    },
-    "multi_instance": true,
-    "services": [
-        "nginx"
-    ],
-    "arguments": {
-        "install": [
-            {
-                "name": "domain",
-                "type": "domain"
-            },
-            {
-                "name": "is_public",
-                "type": "boolean",
-                "default": true
-            },
-            {
-                "name": "language",
-                "type": "select",
-                "ask": {
-                    "en": "Choose the application language",
-                    "fr": "Choisissez la langue de l'application"
-                },
-                "choices": [
-                    "en_EN",
-                    "fr_FR"
-                ],
-                "default": "fr_FR"
-            },
-            {
-                "name": "admin",
-                "type": "user"
-            }
-        ]
-    }
-}
diff --git a/manifest.toml b/manifest.toml
new file mode 100644
index 0000000..f45a854
--- /dev/null
+++ b/manifest.toml
@@ -0,0 +1,86 @@
+packaging_format = 2
+
+id = "mastodon"
+name = "Mastodon"
+description.en = "Libre and federated social network"
+description.fr = "Réseau social libre et fédéré"
+
+version = "4.2.8~ynh1"
+
+maintainers = ["Tagada"]
+
+[upstream]
+license = "AGPL-3.0-or-later"
+website = "https://joinmastodon.org/"
+demo = "https://joinmastodon.org/"
+admindoc = "https://docs.joinmastodon.org/"
+code = "https://github.com/mastodon/mastodon"
+cpe = "cpe:2.3:a:joinmastodon:mastodon"
+fund = "https://joinmastodon.org/sponsors"
+
+[integration]
+yunohost = ">= 11.2"
+architectures = "all"
+multi_instance = true
+
+ldap = true
+
+sso = false
+
+disk = "2G"
+ram.build = "1G"
+ram.runtime = "500M"
+
+[install]
+    [install.domain]
+    type = "domain"
+
+    [install.init_main_permission]
+    type = "group"
+    default = "visitors"
+
+    [install.language]
+    ask.en = "Choose the application language"
+    ask.fr = "Choisissez la langue de l'application"
+    type = "select"
+    choices = ["en_EN", "fr_FR"]
+    default = "fr_FR"
+
+    [install.admin]
+    type = "user"
+
+[resources]
+    [resources.sources]
+        [resources.sources.main]
+        url = "https://github.com/tootsuite/mastodon/archive/refs/tags/v4.2.8.tar.gz"
+        sha256 = "ccecdfaab5f84cfaeb193eff2b7b795f7bdd08aa872e265dcb2625310f2c9478"
+        autoupdate.strategy = "latest_github_release"
+
+    [resources.system_user]
+    allow_email = true
+
+    [resources.install_dir]
+
+    [resources.permissions]
+    main.url = "/"
+
+    api.url = "/api"
+    api.allowed = "visitors"
+    api.auth_header = false
+    api.show_tile = false
+    api.protected = true
+
+    [resources.ports]
+    web.default = 3000
+    stream.default = 4000
+
+    [resources.apt]
+    packages = "imagemagick, ffmpeg, libpq-dev, libxml2-dev, libxslt1-dev, file, git, git-core, g++, libprotobuf-dev, protobuf-compiler, pkg-config, gcc, autoconf, bison, build-essential, libssl-dev, libyaml-dev, libreadline6-dev, zlib1g-dev, libncurses5-dev, libffi-dev, libgdbm6, libgdbm-dev, redis-tools, redis-server, postgresql, postgresql-contrib, libidn11-dev, libicu-dev, libjemalloc-dev, curl, apt-transport-https"
+
+        [resources.apt.extras.yarn]
+        repo = "deb https://dl.yarnpkg.com/debian/ stable main"
+        key = "https://dl.yarnpkg.com/debian/pubkey.gpg"
+        packages = "yarn"
+
+    [resources.database]
+    type = "postgresql"
diff --git a/scripts/_common.sh b/scripts/_common.sh
index d6028ea..4049d21 100644
--- a/scripts/_common.sh
+++ b/scripts/_common.sh
@@ -4,17 +4,14 @@
 # COMMON VARIABLES
 #=================================================
 
-# dependencies used by the app (must be on a single line)
-pkg_dependencies="imagemagick ffmpeg libpq-dev libxml2-dev libxslt1-dev file git-core g++ libprotobuf-dev protobuf-compiler pkg-config gcc autoconf bison build-essential libssl-dev libyaml-dev libreadline6-dev zlib1g-dev libncurses5-dev libffi-dev libgdbm3|libgdbm6 libgdbm-dev redis-tools redis-server postgresql postgresql-contrib libidn11-dev libicu-dev libjemalloc-dev curl apt-transport-https"
-build_pkg_dependencies=""
-
 memory_needed="2560"
 ruby_version=3.2.2
-nodejs_version=16
+nodejs_version=20
 
 # Workaround for Mastodon on Bullseye
 # See https://github.com/mastodon/mastodon/issues/15751#issuecomment-873594463
-if [ "$(lsb_release --codename --short)" = "bullseye" ]; then
+if [ "$(lsb_release --codename --short)" = "bullseye" ];
+then
 	case $YNH_ARCH in
 		amd64)
 			ld_preload="LD_PRELOAD=/usr/lib/x86_64-linux-gnu/libjemalloc.so"
diff --git a/scripts/backup b/scripts/backup
index 96a895d..de1ba98 100644
--- a/scripts/backup
+++ b/scripts/backup
@@ -11,27 +11,6 @@ source ../settings/scripts/_common.sh
 source /usr/share/yunohost/helpers
 
 #=================================================
-# MANAGE SCRIPT FAILURE
-#=================================================
-
-ynh_clean_setup () {
-	true
-}
-# Exit if an error occurs during the execution of the script
-ynh_abort_if_errors
-
-#=================================================
-# LOAD SETTINGS
-#=================================================
-ynh_print_info --message="Loading installation settings..."
-
-app=$YNH_APP_INSTANCE_NAME
-
-final_path=$(ynh_app_setting_get --app=$app --key=final_path)
-domain=$(ynh_app_setting_get --app=$app --key=domain)
-db_name=$(ynh_app_setting_get --app=$app --key=db_name)
-
-#=================================================
 # DECLARE DATA AND CONF FILES TO BACKUP
 #=================================================
 ynh_print_info --message="Declaring files to be backed up..."
@@ -40,7 +19,7 @@ ynh_print_info --message="Declaring files to be backed up..."
 # BACKUP THE APP MAIN DIR
 #=================================================
 
-ynh_backup --src_path="$final_path"
+ynh_backup --src_path="$install_dir"
 
 #=================================================
 # BACKUP THE NGINX CONFIGURATION
@@ -51,6 +30,12 @@ ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
 #=================================================
 # SPECIFIC BACKUP
 #=================================================
+# BACKUP LOGROTATE
+#=================================================
+
+ynh_backup --src_path="/etc/logrotate.d/$app"
+
+#=================================================
 # BACKUP SYSTEMD
 #=================================================
 
diff --git a/scripts/install b/scripts/install
index d5976f7..283e9d9 100644
--- a/scripts/install
+++ b/scripts/install
@@ -11,121 +11,31 @@ source ynh_install_ruby__2
 source ynh_add_swap
 source /usr/share/yunohost/helpers
 
-#=================================================
-# MANAGE SCRIPT FAILURE
-#=================================================
-
-ynh_clean_setup () {
-	true
-}
-# Exit if an error occurs during the execution of the script
-ynh_abort_if_errors
-
-#=================================================
-# RETRIEVE ARGUMENTS FROM THE MANIFEST
-#=================================================
-
-domain=$YNH_APP_ARG_DOMAIN
-path_url="/"
-is_public=$YNH_APP_ARG_IS_PUBLIC
-language=$YNH_APP_ARG_LANGUAGE
-admin=$YNH_APP_ARG_ADMIN
-
-app=$YNH_APP_INSTANCE_NAME
-
 admin_mail=$(ynh_user_get_info --username=$admin --key=mail)
+# Set `service` settings to support `yunohost app shell` command
+ynh_app_setting_set --app="$app" --key=service --value="$app-web.service"
 
 #=================================================
-# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
-#=================================================
-ynh_script_progression --message="Validating installation parameters..." --weight=1
-
-final_path=/var/www/$app
-test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
-
-# Register (book) web path
-ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
-
-#=================================================
-# STORE SETTINGS FROM MANIFEST
-#=================================================
-ynh_script_progression --message="Storing installation settings..." --weight=1
-
-ynh_app_setting_set --app=$app --key=domain --value=$domain
-ynh_app_setting_set --app=$app --key=path --value=$path_url
-ynh_app_setting_set --app=$app --key=language --value=$language
-ynh_app_setting_set --app=$app --key=admin --value=$admin
-
-#=================================================
-# STANDARD MODIFICATIONS
-#=================================================
-# FIND AND OPEN A PORT
-#=================================================
-ynh_script_progression --message="Finding an available port..." --weight=1
-
-# Find an available port
-port_web=$(ynh_find_port --port=3000)
-ynh_app_setting_set --app=$app --key=port_web --value=$port_web
-
-port_stream=$(ynh_find_port --port=4000)
-ynh_app_setting_set --app=$app --key=port_stream --value=$port_stream
-
-#=================================================
-# INSTALL DEPENDENCIES
-#=================================================
-ynh_script_progression --message="Installing dependencies..." --weight=1
-
-ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies $build_pkg_dependencies
-ynh_exec_warn_less ynh_install_ruby --ruby_version=$ruby_version
-ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version
-ynh_exec_warn_less ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ stable main" --package="yarn" --key="https://dl.yarnpkg.com/debian/pubkey.gpg"
-
-#=================================================
-# CREATE DEDICATED USER
-#=================================================
-ynh_script_progression --message="Configuring system user..." --weight=1
-
-# Create a system user
-ynh_system_user_create --username=$app --home_dir="$final_path"
-
-#=================================================
-# CREATE A POSTGRESQL DATABASE
-#=================================================
-ynh_script_progression --message="Creating a PostgreSQL database..." --weight=1
-
-db_name=$(ynh_sanitize_dbid --db_name="${app}_production")
-db_user=$(ynh_sanitize_dbid --db_name=$app)
-ynh_app_setting_set --app=$app --key=db_name --value=$db_name
-ynh_app_setting_set --app=$app --key=db_user --value=$db_user
-ynh_psql_test_if_first_run
-ynh_psql_setup_db --db_user=$db_user --db_name=$db_name
-ynh_psql_execute_as_root --sql="ALTER USER $db_user CREATEDB;"
-db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd)
-
+# APP "BUILD" (DEPLOYING SOURCES, VENV, COMPILING ETC)
 #=================================================
 # DOWNLOAD, CHECK AND UNPACK SOURCE
 #=================================================
 ynh_script_progression --message="Setting up source files..." --weight=1
 
-ynh_app_setting_set --app=$app --key=final_path --value=$final_path
 # Download, check integrity, uncompress and patch the source from app.src
-ynh_setup_source --dest_dir="$final_path/live"
+ynh_setup_source --dest_dir="$install_dir/live"
 
-chmod 750 "$final_path"
-chmod -R o-rwx "$final_path"
-chown -R $app:www-data "$final_path"
+chown -R $app:www-data "$install_dir"
 
 #=================================================
-# NGINX CONFIGURATION
+# INSTALL DEPENDENCIES
 #=================================================
-ynh_script_progression --message="Configuring NGINX web server..." --weight=1
+ynh_script_progression --message="Installing Ruby and NodeJS..." --weight=1
 
-# Create a dedicated NGINX config
-ynh_add_nginx_config
+ynh_exec_warn_less ynh_install_ruby --ruby_version=$ruby_version
+ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version
 
 #=================================================
-# SPECIFIC SETUP
-#=================================================
 # ADD SWAP IF NEEDED
 #=================================================
 ynh_script_progression --message="Adding swap if needed..." --weight=1
@@ -138,7 +48,8 @@ if [ $total_memory -lt $memory_needed ]; then
 	swap_needed=$(($memory_needed - $total_memory))
 fi
 
-ynh_script_progression --message="Adding $swap_needed Mo to swap..."
+ynh_script_progression --message="Adding $swap_needed Mo to swap..." --weight=1
+
 ynh_add_swap --size=$swap_needed
 
 #=================================================
@@ -146,7 +57,7 @@ ynh_add_swap --size=$swap_needed
 #=================================================
 ynh_script_progression --message="Adding a configuration file..." --weight=1
 
-config="$final_path/live/.env.production"
+config="$install_dir/live/.env.production"
 
 language="$(echo $language | head -c 2)"
 
@@ -159,28 +70,29 @@ ynh_app_setting_set --app="$app" --key=secret_key_base --value="$secret_key_base
 otp_secret=$(ynh_string_random --length=128)
 ynh_app_setting_set --app="$app" --key=otp_secret --value="$otp_secret"
 
+# We need rake to build vapid keys, we generate them later once the app is installed
 vapid_private_key=""
 vapid_public_key=""
 
-ynh_add_config --template="../conf/.env.production.sample" --destination="$config"
-
+ynh_add_config --template=".env.production.sample" --destination="$config"
 chmod 400 "$config"
 chown $app:$app "$config"
 
-ynh_replace_string --match_string="registrations_mode: 'open'" --replace_string="registrations_mode: 'none'" --target_file="$final_path/live/config/settings.yml"
-ynh_replace_string --match_string="min_invite_role: 'admin'" --replace_string="min_invite_role: 'none'" --target_file="$final_path/live/config/settings.yml"
+ynh_replace_string --match_string="registrations_mode: 'open'" --replace_string="registrations_mode: 'none'" --target_file="$install_dir/live/config/settings.yml"
+ynh_replace_string --match_string="min_invite_role: 'admin'" --replace_string="min_invite_role: 'none'" --target_file="$install_dir/live/config/settings.yml"
 
-ynh_store_file_checksum --file="$final_path/live/config/settings.yml"
+ynh_store_file_checksum --file="$install_dir/live/config/settings.yml"
 
-chmod 400 "$final_path/live/config/settings.yml"
-chown $app:$app "$final_path/live/config/settings.yml"
+chmod 400 "$install_dir/live/config/settings.yml"
+chown $app:$app "$install_dir/live/config/settings.yml"
 
 #=================================================
 # BUILD APP
 #=================================================
 ynh_script_progression --message="Building app..." --weight=1
 
-pushd "$final_path/live"
+pushd "$install_dir/live"
+	# Building ruby packages
 	ynh_use_ruby
 	ynh_gem update --system
 	ynh_gem install bundler --no-document
@@ -188,92 +100,65 @@ pushd "$final_path/live"
 	ynh_exec_as $app $ynh_ruby_load_path $ld_preload bin/bundle config without 'development test'
 	ynh_exec_as $app $ynh_ruby_load_path $ld_preload bin/bundle config set force_ruby_platform true
 	ynh_exec_as $app $ynh_ruby_load_path $ld_preload bin/bundle install -j$(getconf _NPROCESSORS_ONLN)
+	# Building assets
 	ynh_use_nodejs
-	ynh_exec_warn_less ynh_exec_as $app $ynh_node_load_PATH yarn install --pure-lockfile
+	ynh_exec_warn_less ynh_exec_as $app $ynh_node_load_PATH yarn install --pure-lockfile --production --network-timeout 600000
 	echo "SAFETY_ASSURED=1">> $config
-	ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path $ld_preload bin/bundle exec rails db:setup --quiet
+	ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path $ld_preload bin/bundle exec rails db:migrate --quiet
 	ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path $ld_preload bin/bundle exec rails assets:precompile --quiet
+	# Generate vapid keys
 	ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path $ld_preload bin/bundle exec rake mastodon:webpush:generate_vapid_key > key.txt
+	# Create the first admin user
 	ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path $ld_preload bin/tootctl accounts create "$admin" --email="$admin_mail" --confirmed --role=Owner > /dev/null
-	ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path $ld_preload bin/tootctl accounts modify "$admin" --approve
 popd
 
-vapid_private_key=$(grep -oP "VAPID_PRIVATE_KEY=\K.+" "$final_path/live/key.txt")
+# Re-generate config with vapid keys
+vapid_private_key=$(grep -oP "VAPID_PRIVATE_KEY=\K.+" "$install_dir/live/key.txt")
 ynh_app_setting_set --app="$app" --key=vapid_private_key --value="$vapid_private_key"
-
-vapid_public_key=$(grep -oP "VAPID_PUBLIC_KEY=\K.+" "$final_path/live/key.txt")
+vapid_public_key=$(grep -oP "VAPID_PUBLIC_KEY=\K.+" "$install_dir/live/key.txt")
 ynh_app_setting_set --app="$app" --key=vapid_public_key --value="$vapid_public_key"
-
-ynh_secure_remove --file="$final_path/live/key.txt"
-
+ynh_secure_remove --file="$install_dir/live/key.txt"
 ynh_delete_file_checksum --file="$config"
-
-ynh_add_config --template="../conf/.env.production.sample" --destination="$config"
-
+ynh_add_config --template=".env.production.sample" --destination="$config"
 chmod 400 "$config"
 chown $app:$app "$config"
 
-ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies
-ynh_package_autoremove
-
 #=================================================
-# SETUP SYSTEMD
+# SYSTEM CONFIGURATION
 #=================================================
-ynh_script_progression --message="Configuring a systemd service..." --weight=1
+ynh_script_progression --message="Adding system configurations related to $app..." --weight=1
+
+# Create a dedicated NGINX config using the conf/nginx.conf template
+ynh_add_nginx_config
 
 # Create a dedicated systemd config
 ynh_add_systemd_config --service="$app-web" --template="mastodon-web.service"
+yunohost service add "$app-web" --description="$app web service"
+
 ynh_add_systemd_config --service="$app-sidekiq" --template="mastodon-sidekiq.service"
+yunohost service add "$app-sidekiq" --description="$app sidekiq service"
+
 ynh_add_systemd_config --service="$app-streaming" --template="mastodon-streaming.service"
+yunohost service add "$app-streaming" --description="$app streaming service"
 
-#=================================================
-# SETUP THE CRON FILE
-#=================================================
-ynh_script_progression --message="Setuping the cron file..." --weight=1
+# Create a cron file
+ynh_add_config --template="cron" --destination="/etc/cron.d/$app"
 
-ynh_add_config --template="../conf/cron" --destination="/etc/cron.d/$app"
+# Use logrotate to manage application logfile(s)
+mkdir -p /var/log/$app
+chown $app:$app /var/log/$app
+ynh_use_logrotate
 
 #=================================================
 # GENERIC FINALIZATION
 #=================================================
-# INTEGRATE SERVICE IN YUNOHOST
-#=================================================
-ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
-
-yunohost service add "$app-web" --description="$app web service"
-yunohost service add "$app-sidekiq" --description="$app sidekiq service"
-yunohost service add "$app-streaming" --description="$app streaming service"
-
-#=================================================
 # START SYSTEMD SERVICE
 #=================================================
-ynh_script_progression --message="Starting a systemd service..." --weight=1
-
-ynh_systemd_action --service_name=${app}-web --action="start" --log_path=systemd --line_match="Listening on"
-ynh_systemd_action --service_name=${app}-sidekiq --action="start" --log_path=systemd --line_match="Schedules Loaded"
-ynh_systemd_action --service_name=${app}-streaming --action="start" --log_path=systemd --line_match="Streaming API now listening"
-
-#=================================================
-# SETUP SSOWAT
-#=================================================
-ynh_script_progression --message="Configuring permissions..." --weight=1
-
-# Make app public if necessary
-if [ $is_public -eq 1 ]
-then
-	# Everyone can access the app.
-	# The "main" permission is automatically created before the install script.
-	ynh_permission_update --permission="main" --add="visitors"
-fi
-
-ynh_permission_create --permission="api" --url="/api" --allowed="visitors" --auth_header="false" --show_tile="false" --protected="true"
-
-#=================================================
-# RELOAD NGINX
-#=================================================
-ynh_script_progression --message="Reloading NGINX web server..." --weight=1
+ynh_script_progression --message="Starting all systemd services..." --weight=1
 
-ynh_systemd_action --service_name=nginx --action=reload
+ynh_systemd_action --service_name=${app}-web --action="start" --log_path=/var/log/$app/$app-web.log --line_match="Listening on"
+ynh_systemd_action --service_name=${app}-sidekiq --action="start" --log_path=/var/log/$app/$app-sidekiq.log --line_match="Schedules Loaded"
+ynh_systemd_action --service_name=${app}-streaming --action="start" --log_path=/var/log/$app/$app-streaming.log --line_match="Streaming API now listening"
 
 #=================================================
 # END OF SCRIPT
diff --git a/scripts/remove b/scripts/remove
index 69fc9ec..7df4fda 100644
--- a/scripts/remove
+++ b/scripts/remove
@@ -12,22 +12,11 @@ source ynh_add_swap
 source /usr/share/yunohost/helpers
 
 #=================================================
-# LOAD SETTINGS
+# REMOVE SYSTEM CONFIGURATIONS
 #=================================================
-ynh_script_progression --message="Loading installation settings..." --weight=1
-
-app=$YNH_APP_INSTANCE_NAME
-
-domain=$(ynh_app_setting_get --app=$app --key=domain)
-db_name=$(ynh_app_setting_get --app=$app --key=db_name)
-db_user=$(ynh_app_setting_get --app=$app --key=db_user)
-final_path=$(ynh_app_setting_get --app=$app --key=final_path)
-
-#=================================================
-# STANDARD REMOVE
-#=================================================
-# REMOVE SERVICE INTEGRATION IN YUNOHOST
+# REMOVE SYSTEMD SERVICE 
 #=================================================
+ynh_script_progression --message="Removing system configurations related to $app..." --weight=1
 
 # Remove the service from the list of services known by YunoHost (added from `yunohost service add`)
 if ynh_exec_warn_less yunohost service status "$app-web" >/dev/null
@@ -48,74 +37,28 @@ then
 	yunohost service remove "$app-streaming"
 fi
 
-#=================================================
-# STOP AND REMOVE SERVICE
-#=================================================
-ynh_script_progression --message="Stopping and removing the systemd service..." --weight=1
-
 # Remove the dedicated systemd config
 ynh_remove_systemd_config --service="$app-web"
 ynh_remove_systemd_config --service="$app-sidekiq"
 ynh_remove_systemd_config --service="$app-streaming"
 
-#=================================================
-# REMOVE THE POSTGRESQL DATABASE
-#=================================================
-ynh_script_progression --message="Removing the PostgreSQL database..." --weight=1
-
-# Remove a database if it exists, along with the associated user
-ynh_psql_remove_db --db_user=$db_user --db_name=$db_name
-
-#=================================================
-# REMOVE APP MAIN DIR
-#=================================================
-ynh_script_progression --message="Removing app main directory..." --weight=1
-
-# Remove the app directory securely
-ynh_secure_remove --file="$final_path"
-
-#=================================================
-# REMOVE NGINX CONFIGURATION
-#=================================================
-ynh_script_progression --message="Removing NGINX web server configuration..." --weight=1
-
 # Remove the dedicated NGINX config
 ynh_remove_nginx_config
 
-#=================================================
-# REMOVE DEPENDENCIES
-#=================================================
-ynh_script_progression --message="Removing dependencies..." --weight=1
+# Remove a cron file
+ynh_secure_remove --file="/etc/cron.d/$app"
+
+# Remote logrotate config
+ynh_remove_logrotate
 
 # Remove metapackage and its dependencies
 ynh_remove_ruby
 ynh_remove_nodejs
-ynh_remove_app_dependencies
-
-#=================================================
-# SPECIFIC REMOVE
-#=================================================
-# REMOVE VARIOUS FILES
-#=================================================
-ynh_script_progression --message="Removing various files..." --weight=1
-
-# Remove a cron file
-ynh_secure_remove --file="/etc/cron.d/$app"
 
 # Remove swap
 ynh_del_swap
 
 #=================================================
-# GENERIC FINALIZATION
-#=================================================
-# REMOVE DEDICATED USER
-#=================================================
-ynh_script_progression --message="Removing the dedicated system user..." --weight=1
-
-# Delete a system user
-ynh_system_user_delete --username=$app
-
-#=================================================
 # END OF SCRIPT
 #=================================================
 
diff --git a/scripts/restore b/scripts/restore
index a03e3ba..c843227 100644
--- a/scripts/restore
+++ b/scripts/restore
@@ -13,85 +13,23 @@ source ../settings/scripts/ynh_add_swap
 source /usr/share/yunohost/helpers
 
 #=================================================
-# MANAGE SCRIPT FAILURE
-#=================================================
-
-ynh_clean_setup () {
-	true
-}
-# Exit if an error occurs during the execution of the script
-ynh_abort_if_errors
-
-#=================================================
-# LOAD SETTINGS
-#=================================================
-ynh_script_progression --message="Loading installation settings..." --weight=1
-
-app=$YNH_APP_INSTANCE_NAME
-
-domain=$(ynh_app_setting_get --app=$app --key=domain)
-path_url=$(ynh_app_setting_get --app=$app --key=path)
-final_path=$(ynh_app_setting_get --app=$app --key=final_path)
-db_name=$(ynh_app_setting_get --app=$app --key=db_name)
-db_user=$(ynh_app_setting_get --app=$app --key=db_user)
-
-#=================================================
-# CHECK IF THE APP CAN BE RESTORED
-#=================================================
-ynh_script_progression --message="Validating restoration parameters..." --weight=1
-
-test ! -d $final_path \
-	|| ynh_die --message="There is already a directory: $final_path "
-
-#=================================================
 # STANDARD RESTORATION STEPS
 #=================================================
-# RECREATE THE DEDICATED USER
-#=================================================
-ynh_script_progression --message="Recreating the dedicated system user..." --weight=1
-
-# Create the dedicated user (if not existing)
-ynh_system_user_create --username=$app --home_dir="$final_path"
-
-#=================================================
 # RESTORE THE APP MAIN DIR
 #=================================================
 ynh_script_progression --message="Restoring the app main directory..." --weight=1
 
-ynh_restore_file --origin_path="$final_path"
-
-chmod 750 "$final_path"
-chmod -R o-rwx "$final_path"
-chown -R $app:www-data "$final_path"
-
-#=================================================
-# SPECIFIC RESTORATION
-#=================================================
-# REINSTALL DEPENDENCIES
-#=================================================
-ynh_script_progression --message="Reinstalling dependencies..." --weight=1
-
-# Define and install dependencies
-ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies $build_pkg_dependencies
-ynh_exec_warn_less ynh_install_ruby --ruby_version=$ruby_version
-ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version
-ynh_exec_warn_less ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ stable main" --package="yarn" --key="https://dl.yarnpkg.com/debian/pubkey.gpg"
-
-#=================================================
-# RESTORE THE NGINX CONFIGURATION
-#=================================================
-ynh_script_progression --message="Restoring the NGINX web server configuration..." --weight=1
+ynh_restore_file --origin_path="$install_dir"
 
-ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
+chmod 750 "$install_dir"
+chmod -R o-rwx "$install_dir"
+chown -R $app:www-data "$install_dir"
 
 #=================================================
 # RESTORE THE POSTGRESQL DATABASE
 #=================================================
 ynh_script_progression --message="Restoring the PostgreSQL database..." --weight=1
 
-ynh_psql_test_if_first_run
-db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd)
-ynh_psql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd
 ynh_psql_execute_as_root --sql="ALTER USER $db_user CREATEDB;"
 ynh_psql_execute_file_as_root --file="./db.sql" --database="$db_name"
 
@@ -109,64 +47,63 @@ if [ $total_memory -lt $memory_needed ]; then
 fi
 
 ynh_script_progression --message="Adding $swap_needed Mo to swap..." --weight=1
+
 ynh_add_swap --size=$swap_needed
 
 #=================================================
+# REINSTALL DEPENDENCIES
+#=================================================
+ynh_script_progression --message="Reinstalling Ruby and NodeJS..." --weight=1
+
+ynh_exec_warn_less ynh_install_ruby --ruby_version=$ruby_version
+ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version
+
+#=================================================
 # BUILD APP
 #=================================================
 ynh_script_progression --message="Building app..." --weight=1
 
-pushd "$final_path/live"
+pushd "$install_dir/live"
 	ynh_use_ruby
 	ynh_gem update --system
 	ynh_gem install bundler --no-document
 	ynh_exec_as $app $ynh_ruby_load_path $ld_preload bin/bundle install --redownload -j$(getconf _NPROCESSORS_ONLN)
 popd
 
-ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies
-ynh_package_autoremove
-
 #=================================================
-# RESTORE VARIOUS FILES
+# RESTORE SYSTEM CONFIGURATIONS
 #=================================================
-ynh_script_progression --message="Restoring various files..." --weight=1
-
-ynh_restore_file --origin_path="/etc/cron.d/$app"
-
-#=================================================
-# RESTORE SYSTEMD
+# RESTORE THE PHP-FPM CONFIGURATION
 #=================================================
-ynh_script_progression --message="Restoring the systemd configuration..." --weight=1
+ynh_script_progression --message="Restoring system configurations related to $app..." --weight=1
+
+ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
 
 ynh_restore_file --origin_path="/etc/systemd/system/$app-web.service"
 ynh_restore_file --origin_path="/etc/systemd/system/$app-sidekiq.service"
 ynh_restore_file --origin_path="/etc/systemd/system/$app-streaming.service"
 systemctl enable "$app-web" "$app-sidekiq" "$app-streaming" --quiet
 
-#=================================================
-# INTEGRATE SERVICE IN YUNOHOST
-#=================================================
-ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
-
 yunohost service add "$app-web" --description="$app web service"
 yunohost service add "$app-sidekiq" --description="$app sidekiq service"
 yunohost service add "$app-streaming" --description="$app streaming service"
 
-#=================================================
-# START SYSTEMD SERVICE
-#=================================================
-ynh_script_progression --message="Starting a systemd service..." --weight=1
+ynh_restore_file --origin_path="/etc/cron.d/$app"
 
-ynh_systemd_action --service_name=${app}-web --action="start" --log_path=systemd --line_match="Listening on"
-ynh_systemd_action --service_name=${app}-sidekiq --action="start" --log_path=systemd --line_match="Schedules Loaded"
-ynh_systemd_action --service_name=${app}-streaming --action="start" --log_path=systemd --line_match="Streaming API now listening"
+mkdir -p /var/log/$app
+chown -R $app:$app /var/log/$app
+ynh_restore_file --origin_path="/etc/logrotate.d/$app"
 
 #=================================================
 # GENERIC FINALIZATION
 #=================================================
-# RELOAD NGINX
+# RELOAD NGINX AND THE APP SERVICE
 #=================================================
-ynh_script_progression --message="Reloading NGINX web server..." --weight=1
+ynh_script_progression --message="Reloading NGINX web server and $app's service..." --weight=1
+
+ynh_systemd_action --service_name=${app}-web --action="start" --log_path=/var/log/$app/$app-web.log --line_match="Listening on"
+ynh_systemd_action --service_name=${app}-sidekiq --action="start" --log_path=/var/log/$app/$app-sidekiq.log --line_match="Schedules Loaded"
+ynh_systemd_action --service_name=${app}-streaming --action="start" --log_path=/var/log/$app/$app-streaming.log --line_match="Streaming API now listening"
 
 ynh_systemd_action --service_name=nginx --action=reload
 
diff --git a/scripts/upgrade b/scripts/upgrade
index e041939..aaafcc0 100644
--- a/scripts/upgrade
+++ b/scripts/upgrade
@@ -11,231 +11,82 @@ source ynh_install_ruby__2
 source ynh_add_swap
 source /usr/share/yunohost/helpers
 
-#=================================================
-# LOAD SETTINGS
-#=================================================
-ynh_script_progression --message="Loading installation settings..." --weight=1
-
-app=$YNH_APP_INSTANCE_NAME
-
-domain=$(ynh_app_setting_get --app=$app --key=domain)
-path_url=$(ynh_app_setting_get --app=$app --key=path)
-language=$(ynh_app_setting_get --app=$app --key=language)
-admin=$(ynh_app_setting_get --app=$app --key=admin)
-final_path=$(ynh_app_setting_get --app=$app --key=final_path)
-redis_namespace=$(ynh_app_setting_get --app=$app --key=db_name)
-db_name=$(ynh_app_setting_get --app=$app --key=db_name)
-db_user=$(ynh_app_setting_get --app=$app --key=db_user)
-db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd)
-admin_mail=$(ynh_user_get_info --username=$admin --key='mail')
-port_web=$(ynh_app_setting_get --app=$app --key=port_web)
-port_stream=$(ynh_app_setting_get --app=$app --key=port_stream)
-
-secret_key_base=$(ynh_app_setting_get --app=$app --key=secret_key_base)
-otp_secret=$(ynh_app_setting_get --app=$app --key=otp_secret)
-vapid_private_key=$(ynh_app_setting_get --app=$app --key=vapid_private_key)
-vapid_public_key=$(ynh_app_setting_get --app=$app --key=vapid_public_key)
-
-config="$final_path/live/.env.production"
-
-#=================================================
-# CHECK VERSION
-#=================================================
-ynh_script_progression --message="Checking version..." --weight=1
-
 upgrade_type=$(ynh_check_app_version_changed)
-
-#=================================================
-# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
-#=================================================
-ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=1
-
-# Backup the current version of the app
-ynh_backup_before_upgrade
-ynh_clean_setup () {
-	# Restore it if the upgrade fails
-	ynh_restore_upgradebackup
-}
-# Exit if an error occurs during the execution of the script
-ynh_abort_if_errors
+config="$install_dir/live/.env.production"
 
 #=================================================
 # STANDARD UPGRADE STEPS
 #=================================================
-# STOP SYSTEMD SERVICE
-#=================================================
-ynh_script_progression --message="Stopping a systemd service..." --weight=1
-
-ynh_systemd_action --service_name=${app}-web --action="stop" --log_path=systemd
-ynh_systemd_action --service_name=${app}-sidekiq --action="stop" --log_path=systemd
-ynh_systemd_action --service_name=${app}-streaming --action="stop" --log_path=systemd
-
-#=================================================
 # ENSURE DOWNWARD COMPATIBILITY
 #=================================================
 ynh_script_progression --message="Ensuring downward compatibility..." --weight=1
 
-# Cleaning legacy permissions
-if ynh_legacy_permissions_exists; then
-	ynh_legacy_permissions_delete_all
-
-	ynh_app_setting_delete --app=$app --key=is_public
-fi
-
-# Create a permission if needed
-if ! ynh_permission_exists --permission="api"; then
-	ynh_permission_create --permission="api" --url="/api" --allowed="visitors" --auth_header="false" --show_tile="false" --protected="true"
-fi
-
-# If port_web doesn't exist, create it, needed for old install
-if [[ -z "$port_web" ]]; then
-	port_web=3000
-	ynh_app_setting_set --app=$app --key=port_web --value=$port_web
-fi
-
-# If port_web doesn't exist, create it, needed for old install
-if [[ -z "$port_stream" ]]; then
-	port_stream=4000
-	ynh_app_setting_set --app=$app --key=port_stream --value=$port_stream
-fi
-
-# If db_user doesn't exist, create it, needed for old install
-if [[ -z "$db_user" ]]; then
-	db_user=$(ynh_sanitize_dbid --db_name=$app)
-	ynh_app_setting_set --app=$app --key=db_user --value=$db_user
-fi
-
-# If db_pwd doesn't exist, create it, needed for old install
-if [[ -z "$db_pwd" ]]; then
-	db_pwd=$(ynh_string_random)
-	ynh_app_setting_set --app=$app --key=db_pwd --value=$db_pwd
-	ynh_psql_test_if_first_run
-	sudo --login --user=postgres psql -c"ALTER user $app WITH PASSWORD '$db_pwd'" postgres
-	ynh_replace_string --match_string="DB_PASS=" --replace_string="DB_PASS=${db_pwd}" --target_file="$config"
-fi
-
-# Remove paperclip_secret
-ynh_app_setting_delete --app=$app --key=paperclip_secret
-
-# If secret_key_base doesn't exist, retrieve it or create it
-if [[ -z "$secret_key_base" ]]; then
-	secret_key_base=$(grep -oP "SECRET_KEY_BASE=\K\w+" $config)
-	if [[ -z "$secret_key_base" ]]; then
-		secret_key_base=$(ynh_string_random --length=128)
-	fi
-	ynh_app_setting_set --app=$app --key=secret_key_base --value="$secret_key_base"
-fi
-
-# If otp_secret doesn't exist, retrieve it or create it
-if [[ -z "$otp_secret" ]]; then
-	otp_secret=$(grep -oP "OTP_SECRET=\K\w+" $config)
-	if [[ -z "$otp_secret" ]]; then
-		otp_secret=$(ynh_string_random --length=128)
-	fi
-	ynh_app_setting_set --app=$app --key=otp_secret --value="$otp_secret"
-fi
-
-# If vapid_private_key doesn't exist, retrieve it or create it
-if [[ -z "$vapid_private_key" ]]; then
-	vapid_private_key=$(grep -oP "VAPID_PRIVATE_KEY=\K.+" $config)
-	vapid_public_key=$(grep -oP "VAPID_PUBLIC_KEY=\K.+" $config)
-	ynh_app_setting_set "$app" vapid_private_key "$vapid_private_key"
-	ynh_app_setting_set "$app" vapid_public_key "$vapid_public_key"
-fi
-
-# If redis_namespace doesn't exist, create it
-if [[ -z "$redis_namespace" ]]; then
-	redis_namespace=${app}_production
-	ynh_app_setting_set --app=$app --key=redis_namespace --value=$redis_namespace
+# Set `service` settings to support `yunohost app shell` command
+if [[ -z "${service:-}" ]]; then
+	service="$app-web.service"
+	ynh_app_setting_set --app="$app" --key=service --value="$service"
 fi
 
 #Remove previous added repository
 ynh_remove_extra_repo
 
 #=================================================
-# CREATE DEDICATED USER
+# STOP SYSTEMD SERVICE
 #=================================================
-ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1
+ynh_script_progression --message="Stopping a systemd service..." --weight=1
 
-# Create a dedicated user (if not existing)
-ynh_system_user_create --username=$app --home_dir="$final_path"
+ynh_systemd_action --service_name=${app}-web --action="stop" --log_path=/var/log/$app/$app-web.log --line_match="Goodbye"
+ynh_systemd_action --service_name=${app}-sidekiq --action="stop" --log_path=/var/log/$app/$app-sidekiq.log --line_match="Bye"
+ynh_systemd_action --service_name=${app}-streaming --action="stop" --log_path=/var/log/$app/$app-streaming.log --line_match="exiting"
 
 #=================================================
-# DOWNLOAD, CHECK AND UNPACK SOURCE
+# ADD SWAP IF NEEDED
 #=================================================
+ynh_script_progression --message="Adding swap if needed..." --weight=1
 
-if [ "$upgrade_type" == "UPGRADE_APP" ]
-then
-	ynh_script_progression --message="Upgrading source files..." --weight=1
-
-	# Download Mastodon
-	tmpdir="$(mktemp -d)"
-
-	mkdir $tmpdir/system
-	if [ -d "$final_path/live/public/system" ]; then
-		mv --verbose --no-target-directory --backup=numbered "$final_path/live/public/system" "$final_path/system.tmp"
-	fi
-	rsync -a "$config" "$tmpdir/."
-	ynh_secure_remove --file="$final_path/live"
-	
-	ynh_setup_source --dest_dir="$final_path/live"
-
-	if [ -d "$final_path/system.tmp" ]; then
-		mv --verbose --no-target-directory "$final_path/system.tmp" "$final_path/live/public/system"
-	fi
-	rsync -a "$tmpdir/.env.production" "$final_path/live/."
-	ynh_secure_remove --file="$tmpdir"
+total_memory=$(ynh_get_ram --total)
+swap_needed=0
 
-	# Clean files which are not needed anymore
-	ynh_secure_remove --file="$final_path/live/config/initializers/timeout.rb"
+if [ $total_memory -lt $memory_needed ]; then
+	# Need a minimum of 8Go of memory
+	swap_needed=$(($memory_needed - $total_memory))
 fi
 
-chmod 750 "$final_path"
-chmod -R o-rwx "$final_path"
-chown -R $app:www-data "$final_path"
+ynh_script_progression --message="Adding $swap_needed Mo to swap..."
+ynh_add_swap --size=$swap_needed
 
 #=================================================
 # UPGRADE DEPENDENCIES
 #=================================================
-ynh_script_progression --message="Upgrading dependencies..." --weight=1
+ynh_script_progression --message="Upgrading Ruby and NodeJS..." --weight=1
 
-ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies $build_pkg_dependencies
 ynh_exec_warn_less ynh_install_ruby --ruby_version=$ruby_version
 ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version
-ynh_exec_warn_less ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ stable main" --package="yarn" --key="https://dl.yarnpkg.com/debian/pubkey.gpg"
 
 #=================================================
-# NGINX CONFIGURATION
+# "REBUILD" THE APP (DEPLOY NEW SOURCES, RERUN NPM BUILD...)
 #=================================================
-ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=1
-
-# Create a dedicated NGINX config
-ynh_add_nginx_config
-
-#=================================================
-# SPECIFIC UPGRADE
-#=================================================
-# ADD SWAP IF NEEDED
+# DOWNLOAD, CHECK AND UNPACK SOURCE
 #=================================================
-ynh_script_progression --message="Adding swap if needed..." --weight=1
 
-total_memory=$(ynh_get_ram --total)
-swap_needed=0
+if [ "$upgrade_type" == "UPGRADE_APP" ]
+then
+	ynh_script_progression --message="Upgrading source files..." --weight=1
 
-if [ $total_memory -lt $memory_needed ]; then
-	# Need a minimum of 8Go of memory
-	swap_needed=$(($memory_needed - $total_memory))
-fi
+	# Download Mastodon
+	ynh_setup_source --dest_dir="$install_dir/live" --keep="public/system/"
 
-ynh_script_progression --message="Adding $swap_needed Mo to swap..."
-ynh_add_swap --size=$swap_needed
+	chmod 750 "$install_dir"
+	chmod -R o-rwx "$install_dir"
+	chown -R $app:www-data "$install_dir"
+fi
 
 #=================================================
-# BUILD APP
+# BUILD ASSETS
 #=================================================
-ynh_script_progression --message="Building app..." --weight=1
+ynh_script_progression --message="Building assets..." --weight=1
 
-pushd "$final_path/live"
+pushd "$install_dir/live"
 	ynh_use_ruby
 	ynh_gem update --system
 	ynh_gem install bundler --no-document
@@ -244,71 +95,68 @@ pushd "$final_path/live"
 	ynh_exec_as $app $ynh_ruby_load_path $ld_preload bin/bundle config set force_ruby_platform true --quiet
 	ynh_exec_as $app $ynh_ruby_load_path $ld_preload bin/bundle install -j$(getconf _NPROCESSORS_ONLN)
 	ynh_use_nodejs
-	ynh_exec_as $app $ynh_node_load_PATH yarn install --pure-lockfile
+	ynh_exec_as $app $ynh_node_load_PATH yarn install --pure-lockfile --production --network-timeout 600000
 	ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path $ld_preload bin/bundle exec rails assets:clean
 	ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path $ld_preload bin/bundle exec rails assets:precompile
-	ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path $ld_preload bin/bundle exec rails db:migrate
-	ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path $ld_preload bin/tootctl cache clear
 popd
 
-ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies
-ynh_package_autoremove
-
 #=================================================
-# UPDATE A CONFIG FILE
+# REAPPLY SYSTEM CONFIGURATIONS
 #=================================================
-ynh_script_progression --message="Updating a config file..." --weight=1
-
-language="$(echo $language | head -c 2)"
+ynh_script_progression --message="Upgrading system configurations related to $app..." --weight=1
 
-ynh_add_config --template="../conf/.env.production.sample" --destination="$config"
-
-chmod 400 "$config"
-chown $app:$app "$config"
-
-#=================================================
-# SETUP SYSTEMD
-#=================================================
-ynh_script_progression --message="Upgrading systemd configuration..." --weight=1
+ynh_add_nginx_config
 
 # Create a dedicated systemd config
 ynh_add_systemd_config --service="$app-web" --template="mastodon-web.service"
+yunohost service add "$app-web" --description="$app web service"
+
 ynh_add_systemd_config --service="$app-sidekiq" --template="mastodon-sidekiq.service"
+yunohost service add "$app-sidekiq" --description="$app sidekiq service"
+
 ynh_add_systemd_config --service="$app-streaming" --template="mastodon-streaming.service"
+yunohost service add "$app-streaming" --description="$app streaming service"
 
-#=================================================
-# SETUP THE CRON FILE
-#=================================================
-ynh_script_progression --message="Setuping the cron file..." --weight=1
+ynh_add_config --template="cron" --destination="/etc/cron.d/$app"
 
-ynh_add_config --template="../conf/cron" --destination="/etc/cron.d/$app"
+# Use logrotate to manage app-specific logfile(s)
+mkdir -p /var/log/$app
+chown $app:$app /var/log/$app
+ynh_use_logrotate --non-append
 
 #=================================================
-# GENERIC FINALIZATION
+# RECONFIGURE THE APP (UPDATE CONF, APPLY MIGRATIONS...)
 #=================================================
-# INTEGRATE SERVICE IN YUNOHOST
+# UPDATE A CONFIG FILE
 #=================================================
-ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
+ynh_script_progression --message="Updating a config file..." --weight=1
 
-yunohost service add "$app-web" --description="$app web service"
-yunohost service add "$app-sidekiq" --description="$app sidekiq service"
-yunohost service add "$app-streaming" --description="$app streaming service"
+language="$(echo $language | head -c 2)"
+
+ynh_add_config --template=".env.production.sample" --destination="$config"
+
+chmod 400 "$config"
+chown $app:$app "$config"
 
 #=================================================
-# START SYSTEMD SERVICE
+# APPLY MIGRATIONS
 #=================================================
-ynh_script_progression --message="Starting a systemd service..." --weight=1
+ynh_script_progression --message="Applying migrations..." --weight=1
 
-ynh_systemd_action --service_name=${app}-web --action="start" --log_path=systemd --line_match="Listening on"
-ynh_systemd_action --service_name=${app}-sidekiq --action="start" --log_path=systemd --line_match="Schedules Loaded"
-ynh_systemd_action --service_name=${app}-streaming --action="start" --log_path=systemd --line_match="Streaming API now listening"
+pushd "$install_dir/live"
+	ynh_use_ruby
+	ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path $ld_preload bin/bundle exec rails db:migrate
+	ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path $ld_preload bin/tootctl cache clear
+popd
 
 #=================================================
-# RELOAD NGINX
+# START SYSTEMD SERVICE
 #=================================================
-ynh_script_progression --message="Reloading NGINX web server..." --weight=1
+ynh_script_progression --message="Starting a systemd service..." --weight=1
 
-ynh_systemd_action --service_name=nginx --action=reload
+ynh_systemd_action --service_name=${app}-web --action="start" --log_path=/var/log/$app/$app-web.log --line_match="Listening on"
+ynh_systemd_action --service_name=${app}-sidekiq --action="start" --log_path=/var/log/$app/$app-sidekiq.log --line_match="Schedules Loaded"
+ynh_systemd_action --service_name=${app}-streaming --action="start" --log_path=/var/log/$app/$app-streaming.log --line_match="Streaming API now listening"
 
 #=================================================
 # END OF SCRIPT
diff --git a/scripts/ynh_add_swap b/scripts/ynh_add_swap
index d7ec44b..aa82c51 100644
--- a/scripts/ynh_add_swap
+++ b/scripts/ynh_add_swap
@@ -19,6 +19,13 @@ ynh_add_swap () {
 
  	SD_CARD_CAN_SWAP=${SD_CARD_CAN_SWAP:-0}
 
+	# Can't swap inside an LXD
+	if [ "$(systemd-detect-virt)" == "lxc" ]
+	then
+		ynh_print_warn --message="You are inside a LXC container, swap will not be added, but that can cause troubles for the app $app. Please make sure you have more than 2.5G available RAM."
+		return
+	fi
+
 	# Swap on SD card only if it's is specified
 	if ynh_is_main_device_a_sd_card && [ "$SD_CARD_CAN_SWAP" == "0" ]
 	then
diff --git a/scripts/ynh_install_ruby__2 b/scripts/ynh_install_ruby__2
index a2a83d0..521a182 100644
--- a/scripts/ynh_install_ruby__2
+++ b/scripts/ynh_install_ruby__2
@@ -36,7 +36,7 @@ build_pkg_dependencies="$build_pkg_dependencies $build_ruby_dependencies"
 # However, $PATH is duplicated into $ruby_path to outlast any manipulation of $PATH
 # You can use the variable `$ynh_ruby_load_path` to quickly load your Ruby version
 #  in $PATH for an usage into a separate script.
-# Exemple: $ynh_ruby_load_path $final_path/script_that_use_gem.sh`
+# Exemple: $ynh_ruby_load_path $install_dir/script_that_use_gem.sh`
 #
 #
 # Finally, to start a Ruby service with the correct version, 2 solutions
@@ -81,7 +81,7 @@ ynh_use_ruby () {
 	ynh_ruby_load_path="PATH=$PATH"
 
 	# Sets the local application-specific Ruby version
-	pushd $final_path
+	pushd $install_dir
 		$rbenv_install_dir/bin/rbenv local $ruby_version
 	popd
 }
diff --git a/tests.toml b/tests.toml
new file mode 100644
index 0000000..c1f2069
--- /dev/null
+++ b/tests.toml
@@ -0,0 +1,26 @@
+test_format = 1.0
+
+[default]
+
+    # ------------
+    # Tests to run
+    # ------------
+
+    exclude = ["install.multi", "install.private", "change_url"]
+    # The test IDs to be used in only/exclude statements are: install.root, install.subdir, install.nourl, install.multi, backup_restore, upgrade, upgrade.someCommitId change_url
+
+    # -------------------------------
+    # Default args to use for install
+    # -------------------------------
+
+    # Nothing to do here...yet
+
+    # -------------------------------
+    # Commits to test upgrade from
+    # -------------------------------
+
+    test_upgrade_from.43504e6.name = "Upgrade from 4.2.5~ynh1"
+    test_upgrade_from.43504e6.args.domain="domain.tld"
+    test_upgrade_from.43504e6.args.is_public=1
+    test_upgrade_from.43504e6.args.admin="john"
+    test_upgrade_from.43504e6.args.language="fr_FR"