Merge branch 'stretch' of https://github.com/bashrc/freedombone

doc/EN/devguide.org

@@ -15,257 +15,82 @@
 #+end_export
 
 * Introduction
-Freedombone consists of a set of bash scripts. There are a lot of them, but they're not very complicated. If you're familiar with the GNU/Linux commandline and can hack a bash script then you can probably add a new app or fix a bug in the system. There are no trendy development frameworks to learn or to get in your way. You might also want to consult the [[./codeofconduct.html][Code of Conduct]].
+Freedombone consists of a set of bash scripts. There are a lot of them, but they're not very complicated. If you're familiar with the GNU/Linux commandline and can hack a bash script then you can probably add a new app or fix a bug in the system. There are no trendy development frameworks to learn or to get in your way. You might also want to consult the [[./codeofconduct.html][Code of Conduct]], and there is a Matrix room at *#fbone:matrix.freedombone.net*
 * Adding extra apps
 Suppose you have some internet application which you want to add to the system. To do this you need to create an app script which tells the system how to install/remove and also backup/restore. The script should be designed to work with the current stable version of Debian.
 
-On an installed system the app scripts go into the directory:
+There's a command which you can use to generate scripts for new apps. Some examples are as follows:
+
+To create a script for a generic PHP plus MySql/MariaDB web app:
 
 #+begin_src bash
-/usr/share/freedombone/apps
+freedombone-template --app [name] -e [email] -r [repo url] \
+                     -c [commit] --php yes -d mariadb > \
+                     src/freedombone-app-myappname
 #+end_src
 
-and within the project repo they appear within the /src/ directory. Your new app script should have the name:
+For a Nodejs app with MySql/MariaDB database:
 
 #+begin_src bash
-freedombone-app-[myappname]
+freedombone-template --app [name] -e [email] -r [repo url] \
+                     -c [commit] --node yes -d mariadb \
+                     --dir /etc/myappname --daemon yes > \
+                     src/freedombone-app-myappname
 #+end_src
 
-The /myappname/ value should not contain any spaces and will appear in the list of available apps.
-
-An example template for an app script is shown below. Copy this and add whatever variables and configuration you need. Search and replace /myappname/ with your own.
+For a Python app with Postgresql database:
 
 #+begin_src bash
-#!/bin/bash
-# Copyright (C) Year YourName <YourEmail>
-#
-# This program is free software: you can redistribute it
-# and/or modify it under the terms of the GNU Affero General
-# Public License as published by the Free Software Foundation,
-# either version 3 of the License, or (at your option) any
-# later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU Affero General Public License for more details.
-
-# 'full' includes your app in the full installation and you
-# can also add other variants, separated by spaces. The
-# available variants will be detected automatically from the
-# app scripts. In most cases don't change this.
-VARIANTS='full'
-
-# If you want this to appear on the control panel About screen
-SHOW_ON_ABOUT=1
-
-# If you want this app to be in the default installation,
-# otherwise it will be available but not selected by default
-IN_DEFAULT_INSTALL=1
-
-SOME_IMPORTANT_CONFIG_VARIABLE='some important value'
-ANOTHER_IMPORTANT_CONFIG_VARIABLE='foo'
-MY_FUNKY_AVATAR=https://some-domain-or-other/fro.png
-MYAPPNAME_ONION_PORT=[port number]
-MYAPPNAME_DB_PASSWORD=
-
-# A directory where the data for this app exists
-MYAPP_DATA_DIR=/var/lib/somedirectory
-
-# List of configuration variables used by the app
-myappname_variables=(ONION_ONLY
-                     MY_USERNAME
-                     SOME_IMPORTANT_CONFIG_VARIABLE
-                     ANOTHER_IMPORTANT_CONFIG_VARIABLE
-                     MY_FUNKY_AVATAR
-                     MYAPPNAME_ONION_PORT
-                     MYAPPNAME_DB_PASSWORD)
-
-function logging_on_myappname {
-    echo -n ''
-    # Commands to turn on logging go here
-}
-
-function logging_off_myappname {
-    echo -n ''
-    # Commands to turn off logging go here
-}
-
-function change_password_myappname {
-    PASSWORD_USERNAME="$1"
-    PASSWORD_NEW="$2"
-    # Do something to change the password
-}
-
-function reconfigure_myappname {
-    echo -n ''
-    # Do something to delete existing keys/identity and
-    # generate new ones
-}
-
-function upgrade_myappname {
-    echo -n ''
-    # Do something to upgrade this app.
-    # If it's a debian package then it will be maintained by the
-    # operating system and you don't need anything here
-}
-
-function backup_local_myappname {
-    # If your app has a MariaDB/MySQL database
-    backup_database_to_usb myappname
-
-    # To backup a directory
-    backup_directory_to_usb $MYAPP_DATA_DIR myappname
-
-    # if you need to backup data within individual user
-    # home directories
-    for d in /home/*/ ; do
-        USERNAME=$(echo "$d" | awk -F '/' '{print $3}')
-        if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
-            echo $"Backing up myappname config for $USERNAME"
-            if [ -d /home/$USERNAME/.config/myappname ]; then
-                backup_directory_to_usb \
-                    /home/$USERNAME/.config/myappname \
-                    myappname_users/$USERNAME
-            fi
-        fi
-    done
-}
-
-function restore_local_myappname {
-    temp_restore_dir=/root/tempmyappname
-
-    # If your app has a MariaDB/MySQL database
-    restore_database myappname
-
-    # Restore some data from a directory
-    # Note that we don't restore directly but to a temporary
-    # directory and then copy the files. This ensures that if
-    # there is a restore failure you don't end up with
-    # half-copied or corrupted files
-    restore_directory_from_usb $MYAPP_DATA_DIR myappname
-    cp -r $temp_restore_dir/$MYAPP_DATA_DIR $MYAPP_DATA_DIR
-    rm -rf $temp_restore_dir
-
-    # If you need to restore a configuration directory for each user
-    if [ -d $USB_MOUNT/backup/myappname_users ]; then
-        for d in $USB_MOUNT/backup/myappname_users/*/ ; do
-            USERNAME=$(echo "$d" | awk -F '/' '{print $6}')
-            if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
-                if [ ! -d /home/$USERNAME ]; then
-                    ${PROJECT_NAME}-adduser $USERNAME
-                fi
-                echo $"Restoring Vim config for $USERNAME"
-                function_check restore_directory_from_usb
-                restore_directory_from_usb $temp_restore_dir \
-                                           myappname_users/$USERNAME
-                cp -r $temp_restore_dir/home/$USERNAME/.config \
-                      /home/$USERNAME/
-                if [ ! "$?" = "0" ]; then
-                    rm -rf $temp_restore_dir
-                    set_user_permissions
-                    backup_unmount_drive
-                    exit 664
-                fi
-                rm -rf $temp_restore_dir
-            fi
-        done
-    fi
-}
-
-function backup_remote_myappname {
-    # this should be the same as backup_local_myappname,
-    # but call the backup functions backup_directory_to_friend
-    # and backup_database_to_friend
-}
-
-function restore_remote_vim {
-    # this should be the same as restore_local_myappname,
-    # but call the restore function restore_directory_from_friend
-    # and restore_database_from_friend
-}
-
-function remove_myappname {
-    # if it's a debian package then:
-    apt-get -y remove --purge [my-app-package-name]
-
-    # If your app has a MariaDB/MySQL database
-    drop_database myappname
-
-    # If your app uses an onion address
-    remove_onion_service myappname ${MYAPPNAME_ONION_PORT}
-}
-
-function install_myappname {
-    # if it's a debian package then:
-    apt-get -y install [my-app-package-name]
-
-    # If you need to create a MariaDB/MySQL database for the app
-    MYAPPNAME_DB_PASSWORD="$(create_password 20)"
-    create_database myappname "$MYAPPNAME_DB_PASSWORD" $MY_USERNAME
-
-    # If you need to create an onion address for the app
-    MYAPPNAME_ONION_HOSTNAME=$(add_onion_service myappname \
-                               80 ${MYAPPNAME_ONION_PORT})
-
-    # Do any other configuration
-    # Here you might use $ONION_ONLY or
-    # $SOME_IMPORTANT_CONFIG_VARIABLE
+freedombone-template --app [name] -e [email] -r [repo url] \
+                     -c [commit] -d postgresql \
+                     --dir /etc/myappname --daemon yes > \
+                     src/freedombone-app-myappname
+#+end_src
 
-    # Mark the app as having installed successfully
-    # If this variable isn't set then it will be assumed that
-    # the install has failed
-    APP_INSTALLED=1
-}
+For a Python app without any database, communicating between the daemon and the web server on port 1234:
 
-function install_interactive_myappname {
-    # Interactively obtain some values using dialog, such as
-    # domain names. An avatar changing example is:
-    data=$(tempfile 2>/dev/null)
-    trap "rm -f $data" 0 1 2 5 15
-    dialog --title $"Change your avatar" \
-           --backtitle $"Freedombone Control Panel" \
-           --inputbox $"Enter a URL for an image. It should be " \
-                      $"approximately a square image." 8 75 2>$data
-    sel=$?
-    case $sel in
-        0)
-            MY_FUNKY_AVATAR=$(<$data)
-            if [ ${#MY_FUNKY_AVATAR} -gt 3 ]; then
-                clear
+#+begin_src bash
+freedombone-template --app [name] -e [email] -r [repo url] \
+                     -c [commit] --dir /etc/myappname \
+                     --daemon yes --portinternal 1234 > \
+                     src/freedombone-app-myappname
+#+end_src
 
-                # do whatever is needed to change the avatar
-                # in your app
+For an app without any database which communicates directly on a particular port through the firewall:
 
-                dialog --title $"Change your avatar" \
-                       --msgbox $"Your avatar has been changed" 6 40
-            fi
-            ;;
-    esac
+#+begin_src bash
+freedombone-template --app [name] -e [email] -r [repo url] \
+                     -c [commit] --dir /etc/myappname \
+                     --daemon yes --port 5000 > \
+                     src/freedombone-app-myappname
+#+end_src
 
-    # install_myappname will be called automatically after this function
-}
+A generic PHP plus MySql/MariaDB web app which is only available on an onion address:
 
-# NOTE: deliberately no exit 0
+#+begin_src bash
+freedombone-template --app [name] -e [email] -r [repo url] \
+                     -c [commit] --php yes -d mariadb \
+                     --onion yes > \
+                     src/freedombone-app-myappname
 #+end_src
 
-To test your app log into your system, select *Exit to command line* then gain root powers with:
+For more details see the manpage:
 
 #+begin_src bash
-sudo su
+man freedombone-template
 #+end_src
 
-Copy your app script to */usr/share/freedombone/apps/freedombone-app-myappname*.
+The template command won't give you a fully working app, but it will give you a big head start and avoid a lot of potential mistakes. It's highly likely that you'll still need to add extra configuration for your particular app, especially within the *install_app* function.
 
-And run the admin control panel:
+When your new script is ready for testing you can install it with:
 
 #+begin_src bash
-control
+make install
 #+end_src
 
-Select *Add/Remove Apps* and if all is well then you should see your app listed as installable. Test that installing and removing it works as expected.
+Then run the administrator control panel and you should see the new app within *Add/Remove apps*.
 
-Submit your working app to *https://github.com/bashrc/freedombone/issues*
+Submit your working app to *https://github.com/bashrc/freedombone/issues* or create a pull request.
 
 * Customising mesh images
 If you want to make your own specially branded version of the mesh images, such as for a particular event, then to change the default desktop backgrounds edit the images within *img/backgrounds* and to change the available avatars and desktop icons edit the images within *img/avatars*. Re-create disk images using the instructions shown previously.

src/freedombone-app-nextcloud

@@ -39,8 +39,8 @@ NEXTCLOUD_DOMAIN_NAME=
 NEXTCLOUD_CODE=
 NEXTCLOUD_ONION_PORT=8112
 NEXTCLOUD_REPO="https://github.com/nextcloud/server"
-# Stable 12 branch
-NEXTCLOUD_COMMIT='cd095bb0b85eed6a9a9f6f0f7d10f2366c4667a7'
+# Stable 13 branch
+NEXTCLOUD_COMMIT='b16824db31cd00e26e72216bf995d52389b9c93c'
 NEXTCLOUD_ADMIN_PASSWORD=
 
 nextcloud_variables=(ONION_ONLY

src/freedombone-template

@@ -31,13 +31,19 @@
 PROJECT_NAME='freedombone'
 
 app_name='noapp'
-app_name_lower="$(tr '[:upper:]' '[:lower:]' <<< ${app_name:0:1})${app_name:1}"
+app_name_lower=$(echo ${app_name} | tr '[:upper:]' '[:lower:]')
 app_name=$app_name_lower
-app_name_upper="$(tr '[:lower:]' '[:upper:]' <<< ${app_name:0:1})${app_name:1}"
+app_name_upper=$(echo ${app_name} | tr '[:lower:]' '[:upper:]')
+echo "test: $app_name_upper"
 app_repo="TODO"
 app_repo_commit='TODO'
 app_php=
 app_node=
+app_onion_only=
+app_port=
+app_port_internal=
+app_daemon=
+app_dir=
 your_name=''
 your_email=''
 SHOW_ON_ABOUT=1
@@ -56,9 +62,14 @@ function show_help {
     echo $'  -e --email [address]                 Your email address'
     echo $'  -r --repo [url]                      Git repo url for the app'
     echo $'  -c --commit [hash]                   Git commit'
+    echo $'     --port [number]                   Port number for the app'
+    echo $'     --portinternal [number]           Internal port between a daemon and the web server'
     echo $'     --node [yes|no]                   Is this a nodejs app?'
+    echo $'  -o --onion [yes|no]                  Is this app only available on an onion address?'
     echo $'  -p --php [yes|no]                    Is this a PHP app?'
+    echo $'  -s --daemon [yes|no]                 Add a daemon'
     echo $'  -d --database [mariadb|postgresql]   Type of database'
+    echo $'     --dir [directory]                 Where to install to'
     echo ''
     exit 0
 }
@@ -74,9 +85,9 @@ do
         -a|--app|--appname)
             shift
             app_name="$1"
-            app_name_lower="$(tr '[:upper:]' '[:lower:]' <<< ${app_name:0:1})${app_name:1}"
+            app_name_lower=$(echo ${app_name} | tr '[:upper:]' '[:lower:]')
             app_name=$app_name_lower
-            app_name_upper="$(tr '[:lower:]' '[:upper:]' <<< ${app_name:0:1})${app_name:1}"
+            app_name_upper=$(echo ${app_name} | tr '[:lower:]' '[:upper:]')
             ;;
         -r|--repo)
             shift
@@ -106,6 +117,30 @@ do
             shift
             app_node="$1"
             ;;
+        -s|--daemon|--systemd)
+            shift
+            if [[ "$1" == 'yes' ]]; then
+                app_daemon=1
+            fi
+            ;;
+        -o|--onion)
+            shift
+            if [[ "$1" == 'yes' ]]; then
+                app_onion_only=1
+            fi
+            ;;
+        --port)
+            shift
+            app_port="$1"
+            ;;
+        --portinternal|--portint)
+            shift
+            app_port_internal="$1"
+            ;;
+        --dir)
+            shift
+            app_dir="$1"
+            ;;
         *)
             # unknown option
             ;;
@@ -185,12 +220,25 @@ echo "VARIANTS='full full-vim'"
 echo ''
 echo 'IN_DEFAULT_INSTALL=0'
 echo "SHOW_ON_ABOUT=${SHOW_ON_ABOUT}"
+if [ $app_onion_only ]; then
+    echo 'SHOW_ICANN_ADDRESS_ON_ABOUT=0'
+fi
 echo ''
 echo "${app_name_upper}_DOMAIN_NAME="
 echo "${app_name_upper}_CODE="
+if [ $app_port ]; then
+    echo "${app_name_upper}_PORT=$app_port"
+fi
 echo "${app_name_upper}_ONION_PORT=$(( ( RANDOM % 1000 )  + 9010 ))"
 echo "${app_name_upper}_REPO=\"${app_repo}\""
 echo "${app_name_upper}_COMMIT='${app_repo_commit}'"
+if [ $app_daemon ]; then
+    if [ ! $app_port_internal ]; then
+        echo "${app_name_upper}_PORT_INTERNAL=TODO"
+    else
+        echo "${app_name_upper}_PORT_INTERNAL=$app_port_internal"
+    fi
+fi
 echo ''
 echo "${app_name}=(ONION_ONLY"
 echo "             ${app_name_upper}_DOMAIN_NAME"
@@ -221,16 +269,20 @@ echo "    echo '0'"
 echo '}'
 echo ''
 echo "function install_interactive_${app_name} {"
-echo '    if [ ! $ONION_ONLY ]; then'
-echo "        ONION_ONLY='no'"
-echo '    fi'
-echo ''
-echo '    if [[ $ONION_ONLY != "no" ]]; then'
-echo "        ${app_name_upper}_DOMAIN_NAME='${app_name}.local'"
-echo "        write_config_param \"${app_name_upper}_DOMAIN_NAME\" \"\$${app_name_upper}_DOMAIN_NAME\""
-echo '    else'
-echo "        interactive_site_details \"${app_name}\" \"${app_name_upper}_DOMAIN_NAME\" \"${app_name}_CODE\""
-echo '    fi'
+if [ ! $app_onion_only ]; then
+    echo '    if [ ! $ONION_ONLY ]; then'
+    echo "        ONION_ONLY='no'"
+    echo '    fi'
+    echo ''
+    echo '    if [[ $ONION_ONLY != "no" ]]; then'
+    echo "        ${app_name_upper}_DOMAIN_NAME='${app_name}.local'"
+    echo "        write_config_param \"${app_name_upper}_DOMAIN_NAME\" \"\$${app_name_upper}_DOMAIN_NAME\""
+    echo '    else'
+    echo "        interactive_site_details \"${app_name}\" \"${app_name_upper}_DOMAIN_NAME\" \"${app_name}_CODE\""
+    echo '    fi'
+else
+    echo "    echo -n ''"
+fi
 echo '    APP_INSTALLED=1'
 echo '}'
 echo ''
@@ -311,8 +363,13 @@ echo "        ${app_name_upper}_DOMAIN_NAME=\$(get_completion_param \"${app_name
 echo '    fi'
 echo ''
 echo '    # update to the next commit'
-echo "    set_repo_commit /var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs \"${app_name} commit\" \"\$${app_name_upper}_COMMIT\" \$${app_name_upper}_REPO"
-echo "    chown -R www-data:www-data /var/www/\${${app_name_upper}_DOMAIN_NAME}/htdocs"
+if [ ! $app_dir ]; then
+    echo "    set_repo_commit /var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs \"${app_name} commit\" \"\$${app_name_upper}_COMMIT\" \$${app_name_upper}_REPO"
+    echo "    chown -R www-data:www-data /var/www/\${${app_name_upper}_DOMAIN_NAME}/htdocs"
+else
+    echo "    set_repo_commit ${app_dir} \"${app_name} commit\" \"\$${app_name_upper}_COMMIT\" \$${app_name_upper}_REPO"
+    echo "    chown -R ${app_name}:${app_name} ${app_dir}"
+fi
 echo '}'
 echo ''
 echo "function backup_local_${app_name} {"
@@ -321,7 +378,11 @@ echo "    if grep -q \"${app_name} domain\" \$COMPLETION_FILE; then"
 echo "        ${app_name_upper}_DOMAIN_NAME=\$(get_completion_param \"${app_name} domain\")"
 echo '    fi'
 echo ''
-echo "    source_directory=/var/www/\${${app_name_upper}_DOMAIN_NAME}/htdocs"
+if [ ! $app_dir ]; then
+    echo "    source_directory=/var/www/\${${app_name_upper}_DOMAIN_NAME}/htdocs"
+else
+    echo "    source_directory=${app_dir}"
+fi
 echo ''
 echo "    suspend_site \${${app_name_upper}_DOMAIN_NAME}"
 echo ''
@@ -347,7 +408,11 @@ echo '    fi'
 echo "    ${app_name_upper}_DOMAIN_NAME=\$(get_completion_param \"${app_name} domain\")"
 echo "    if [ \$${app_name_upper}_DOMAIN_NAME ]; then"
 echo "        temp_restore_dir=/root/temp${app_name}"
-echo "        ${app_name}_dir=/var/www/\${${app_name_upper}_DOMAIN_NAME}/htdocs"
+if [ ! $app_dir ]; then
+    echo "        ${app_name}_dir=/var/www/\${${app_name_upper}_DOMAIN_NAME}/htdocs"
+else
+    echo "        ${app_name}_dir=${app_dir}"
+fi
 echo ''
 if [[ "$database_type" == "mariadb" || "$database_type" == "mysql" ]]; then
     echo "        ${app_name}_create_database"
@@ -391,7 +456,11 @@ echo "    if grep -q \"${app_name} domain\" \$COMPLETION_FILE; then"
 echo "        ${app_name_upper}_DOMAIN_NAME=\$(get_completion_param \"${app_name} domain\")"
 echo '    fi'
 echo ''
-echo "    source_directory=/var/www/\${${app_name_upper}_DOMAIN_NAME}/htdocs"
+if [ ! $app_dir ]; then
+    echo "    source_directory=/var/www/\${${app_name_upper}_DOMAIN_NAME}/htdocs"
+else
+    echo "    source_directory=${app_dir}"
+fi
 echo ''
 echo "    suspend_site \${${app_name_upper}_DOMAIN_NAME}"
 echo ''
@@ -417,7 +486,11 @@ echo '    fi'
 echo "    ${app_name_upper}_DOMAIN_NAME=\$(get_completion_param \"${app_name} domain\")"
 echo "    if [ \$${app_name_upper}_DOMAIN_NAME ]; then"
 echo "        temp_restore_dir=/root/temp${app_name}"
-echo "        ${app_name}_dir=/var/www/\${${app_name_upper}_DOMAIN_NAME}/htdocs"
+if [ ! $app_dir ]; then
+    echo "        ${app_name}_dir=/var/www/\${${app_name_upper}_DOMAIN_NAME}/htdocs"
+else
+    echo "        ${app_name}_dir=${app_dir}"
+fi
 echo ''
 if [[ "$database_type" == "mariadb" || "$database_type" == "mysql" ]]; then
     echo "        ${app_name}_create_database"
@@ -463,6 +536,15 @@ fi
 echo "    nginx_dissite \$${app_name_upper}_DOMAIN_NAME"
 echo "    remove_certs \$${app_name_upper}_DOMAIN_NAME"
 echo ''
+if [ $app_daemon ]; then
+    echo "    if [ -f /etc/systemd/system/${app_name}.service ]; then"
+    echo "        systemctl stop ${app_name}"
+    echo "        systemctl disable ${app_name}"
+    echo "        rm /etc/systemd/system/${app_name}.service"
+    echo '    fi'
+    echo "    userdel -r ${app_name}"
+fi
+echo ''
 echo "    if [ -d /var/www/\$${app_name_upper}_DOMAIN_NAME ]; then"
 echo "        rm -rf /var/www/\$${app_name_upper}_DOMAIN_NAME"
 echo '    fi'
@@ -482,10 +564,10 @@ echo '    fi'
 echo "    remove_app ${app_name}"
 echo "    remove_completion_param install_${app_name}"
 echo "    sed -i '/${app_name}/d' \$COMPLETION_FILE"
-echo ''
-echo "    if grep -q '${app_name}-firewall' /etc/crontab; then"
-echo "        sed -i '/${app_name}-firewall/d' /etc/crontab"
-echo '    fi'
+if [ $app_port ]; then
+    echo ''
+    echo "    firewall_remove ${app_port} tcp"
+fi
 echo ''
 echo "    remove_ddns_domain \$${app_name_upper}_DOMAIN_NAME"
 echo '}'
@@ -515,27 +597,44 @@ echo '    fi'
 echo "    if [ ! -d /var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs ]; then"
 echo "        if [ -d /repos/${app_name} ]; then"
 echo "            mkdir /var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs"
-echo "            cp -r -p /repos/${app_name}/. /var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs"
-echo "            cd /var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs"
+if [ ! $app_dir ]; then
+    echo "            cp -r -p /repos/${app_name}/. /var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs"
+    echo "            cd /var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs"
+else
+    echo "            cp -r -p /repos/${app_name}/. ${app_dir}"
+    echo "            cd ${app_dir}"
+fi
 echo '            git pull'
 echo '        else'
-echo "            git_clone \$${app_name_upper}_REPO /var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs"
+if [ ! $app_dir ]; then
+    echo "            git_clone \$${app_name_upper}_REPO /var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs"
+else
+    echo "            git_clone \$${app_name_upper}_REPO ${app_dir}"
+fi
 echo '        fi'
 echo ''
-echo "        if [ ! -d /var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs ]; then"
+if [ ! $app_dir ]; then
+    echo "        if [ ! -d /var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs ]; then"
+else
+    echo "        if [ ! -d ${app_dir} ]; then"
+fi
 echo "            echo \$'Unable to clone ${app_name} repo'"
 echo '            exit 87525'
 echo '        fi'
 echo '    fi'
 echo ''
-echo "    cd /var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs"
+if [ ! $app_dir ]; then
+    echo "    cd /var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs"
+else
+    echo "    cd ${app_dir}"
+fi
 echo "    git checkout \$${app_name_upper}_COMMIT -b \$${app_name_upper}_COMMIT"
 echo "    set_completion_param \"${app_name} commit\" \"\$${app_name_upper}_COMMIT\""
 echo ''
 echo "    chmod g+w /var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs"
 echo "    chown -R www-data:www-data /var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs"
 
-if [[ "$database_type" == "mariadb" || "$database_type" == "mysql" ]]; then
+if [[ "$database_type" == "mariadb" || "$database_type" == "mysql" || "$database_type" == "postgres"*  ]]; then
     echo ''
     echo "    ${app_name}_create_database"
 fi
@@ -545,53 +644,62 @@ echo ''
 echo "    ${app_name_upper}_ONION_HOSTNAME=\$(add_onion_service ${app_name} 80 \${${app_name_upper}_ONION_PORT})"
 echo ''
 echo "    ${app_name}_nginx_site=/etc/nginx/sites-available/\$${app_name_upper}_DOMAIN_NAME"
-echo '    if [[ $ONION_ONLY == "no" ]]; then'
-if [[ "$app_php" == 'yes' ]]; then
-    echo "        nginx_http_redirect \$${app_name_upper}_DOMAIN_NAME \"index index.php\""
-else
-    echo "        nginx_http_redirect \$${app_name_upper}_DOMAIN_NAME \"index index.html\""
-fi
-echo "        echo 'server {' >> \$${app_name}_nginx_site"
-echo "        echo '  listen 443 ssl;' >> \$${app_name}_nginx_site"
-echo "        echo '  listen [::]:443 ssl;' >> \$${app_name}_nginx_site"
-echo "        echo \"  server_name \$${app_name_upper}_DOMAIN_NAME;\" >> \$${app_name}_nginx_site"
-echo "        echo '' >> \$${app_name}_nginx_site"
-echo "        nginx_compress \$${app_name_upper}_DOMAIN_NAME"
-echo "        echo '' >> \$${app_name}_nginx_site"
-echo "        echo '  # Security' >> \$${app_name}_nginx_site"
-echo "        nginx_ssl \$${app_name_upper}_DOMAIN_NAME"
-echo ''
-echo "        nginx_disable_sniffing \$${app_name_upper}_DOMAIN_NAME"
-echo ''
-echo "        echo '  add_header Strict-Transport-Security max-age=15768000;' >> \$${app_name}_nginx_site"
-echo "        echo '' >> \$${app_name}_nginx_site"
-echo "        echo '  # Logs' >> \$${app_name}_nginx_site"
-echo "        echo '  access_log /dev/null;' >> \$${app_name}_nginx_site"
-echo "        echo '  error_log /dev/null;' >> \$${app_name}_nginx_site"
-echo "        echo '' >> \$${app_name}_nginx_site"
-echo "        echo '  # Root' >> \$${app_name}_nginx_site"
-echo "        echo \"  root /var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs;\" >> \$${app_name}_nginx_site"
-echo "        echo '' >> \$${app_name}_nginx_site"
-if [[ "$app_php" == 'yes' ]]; then
-    echo "        echo '  index index.php;' >> \$${app_name}_nginx_site"
-    echo "        echo '  location ~ \.php {' >> \$${app_name}_nginx_site"
-    echo "        echo '    include snippets/fastcgi-php.conf;' >> \$${app_name}_nginx_site"
-    echo "        echo '    fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;' >> \$${app_name}_nginx_site"
-    echo "        echo '    fastcgi_read_timeout 30;' >> \$${app_name}_nginx_site"
-    echo "        echo '  }' >> \$${app_name}_nginx_site"
+
+if [ $app_onion_only ]; then
+    echo '    if [[ $ONION_ONLY == "no" ]]; then'
+    if [[ "$app_php" == 'yes' ]]; then
+        echo "        nginx_http_redirect \$${app_name_upper}_DOMAIN_NAME \"index index.php\""
+    else
+        echo "        nginx_http_redirect \$${app_name_upper}_DOMAIN_NAME \"index index.html\""
+    fi
+    echo "        echo 'server {' >> \$${app_name}_nginx_site"
+    echo "        echo '  listen 443 ssl;' >> \$${app_name}_nginx_site"
+    echo "        echo '  listen [::]:443 ssl;' >> \$${app_name}_nginx_site"
+    echo "        echo \"  server_name \$${app_name_upper}_DOMAIN_NAME;\" >> \$${app_name}_nginx_site"
+    echo "        echo '' >> \$${app_name}_nginx_site"
+    echo "        nginx_compress \$${app_name_upper}_DOMAIN_NAME"
+    echo "        echo '' >> \$${app_name}_nginx_site"
+    echo "        echo '  # Security' >> \$${app_name}_nginx_site"
+    echo "        nginx_ssl \$${app_name_upper}_DOMAIN_NAME"
+    echo ''
+    echo "        nginx_disable_sniffing \$${app_name_upper}_DOMAIN_NAME"
+    echo ''
+    echo "        echo '  add_header Strict-Transport-Security max-age=15768000;' >> \$${app_name}_nginx_site"
+    echo "        echo '' >> \$${app_name}_nginx_site"
+    echo "        echo '  # Logs' >> \$${app_name}_nginx_site"
+    echo "        echo '  access_log /dev/null;' >> \$${app_name}_nginx_site"
+    echo "        echo '  error_log /dev/null;' >> \$${app_name}_nginx_site"
     echo "        echo '' >> \$${app_name}_nginx_site"
+    echo "        echo '  # Root' >> \$${app_name}_nginx_site"
+    echo "        echo \"  root /var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs;\" >> \$${app_name}_nginx_site"
+    echo "        echo '' >> \$${app_name}_nginx_site"
+    if [[ "$app_php" == 'yes' ]]; then
+        echo "        echo '  index index.php;' >> \$${app_name}_nginx_site"
+        echo "        echo '  location ~ \.php {' >> \$${app_name}_nginx_site"
+        echo "        echo '    include snippets/fastcgi-php.conf;' >> \$${app_name}_nginx_site"
+        echo "        echo '    fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;' >> \$${app_name}_nginx_site"
+        echo "        echo '    fastcgi_read_timeout 30;' >> \$${app_name}_nginx_site"
+        echo "        echo '  }' >> \$${app_name}_nginx_site"
+        echo "        echo '' >> \$${app_name}_nginx_site"
+    else
+        echo "        echo '  index index.html;' >> \$${app_name}_nginx_site"
+    fi
+    echo "        echo '  # Location' >> \$${app_name}_nginx_site"
+    echo "        echo '  location / {' >> \$${app_name}_nginx_site"
+    echo "        nginx_limits \$${app_name_upper}_DOMAIN_NAME '15m'"
+    if [ ! $app_daemon ]; then
+        echo "        echo '    try_files \$uri \$uri/ /index.html;' >> \$${app_name}_nginx_site"
+    else
+        echo "        echo \"    proxy_pass http://localhost:\$${app_name_upper}_PORT_INTERNAL;\" >> \$${app_name}_nginx_site"
+    fi
+    echo "        echo '  }' >> \$${app_name}_nginx_site"
+    echo "        echo '}' >> \$${app_name}_nginx_site"
+    echo '    else'
+    echo "        echo -n '' > \$${app_name}_nginx_site"
+    echo '    fi'
 else
-    echo "        echo '  index index.html;' >> \$${app_name}_nginx_site"
+    echo "    echo -n '' > \$${app_name}_nginx_site"
 fi
-echo "        echo '  # Location' >> \$${app_name}_nginx_site"
-echo "        echo '  location / {' >> \$${app_name}_nginx_site"
-echo "        nginx_limits \$${app_name_upper}_DOMAIN_NAME '15m'"
-echo "        echo '    try_files \$uri \$uri/ @${app_name};' >> \$${app_name}_nginx_site"
-echo "        echo '  }' >> \$${app_name}_nginx_site"
-echo "        echo '}' >> \$${app_name}_nginx_site"
-echo '    else'
-echo "        echo -n '' > \$${app_name}_nginx_site"
-echo '    fi'
 echo "    echo 'server {' >> \$${app_name}_nginx_site"
 echo "    echo \"    listen 127.0.0.1:\$${app_name_upper}_ONION_PORT default_server;\" >> \$${app_name}_nginx_site"
 echo "    echo \"    server_name \$${app_name_upper}_ONION_HOSTNAME;\" >> \$${app_name}_nginx_site"
@@ -621,13 +729,47 @@ fi
 echo "    echo '  # Location' >> \$${app_name}_nginx_site"
 echo "    echo '  location / {' >> \$${app_name}_nginx_site"
 echo "    nginx_limits \$${app_name_upper}_DOMAIN_NAME '15m'"
-echo "    echo '    try_files \$uri \$uri/ @${app_name};' >> \$${app_name}_nginx_site"
+if [ ! $app_daemon ]; then
+    echo "    echo '    try_files \$uri \$uri/ index.html;' >> \$${app_name}_nginx_site"
+else
+    echo "    echo \"    proxy_pass http://localhost:\$${app_name_upper}_PORT_INTERNAL;\" >> \$${app_name}_nginx_site"
+fi
 echo "    echo '  }' >> \$${app_name}_nginx_site"
 echo "    echo '}' >> \$${app_name}_nginx_site"
 if [[ "$app_php" == 'yes' ]]; then
     echo ''
     echo '    configure_php'
 fi
+if [ $app_daemon ]; then
+    echo ''
+    echo "    useradd -d TODO_PATH_TO_INSTALL -s /bin/false ${app_name}"
+    echo ''
+    echo "    echo '[Unit]' > /etc/systemd/system/${app_name}.service"
+    echo "    echo 'Description=${app_name}' >> /etc/systemd/system/${app_name}.service"
+    echo "    echo 'After=syslog.target' >> /etc/systemd/system/${app_name}.service"
+    echo "    echo 'After=network.target' >> /etc/systemd/system/${app_name}.service"
+    echo "    echo '' >> /etc/systemd/system/${app_name}.service"
+    echo "    echo '[Service]' >> /etc/systemd/system/${app_name}.service"
+    echo "    echo 'Type=simple' >> /etc/systemd/system/${app_name}.service"
+    echo "    echo 'User=${app_name}' >> /etc/systemd/system/${app_name}.service"
+    echo "    echo 'Group=${app_name}' >> /etc/systemd/system/${app_name}.service"
+    if [ ! $app_dir ]; then
+        echo "    echo 'WorkingDirectory=TODO' >> /etc/systemd/system/${app_name}.service"
+    else
+        echo "    echo 'WorkingDirectory=${app_dir}' >> /etc/systemd/system/${app_name}.service"
+    fi
+    echo "    echo 'ExecStart=TODO' >> /etc/systemd/system/${app_name}.service"
+    echo "    echo 'Restart=always' >> /etc/systemd/system/${app_name}.service"
+    echo "    echo 'Environment=\"USER=${app_name}\"' >> /etc/systemd/system/${app_name}.service"
+    echo "    echo '' >> /etc/systemd/system/${app_name}.service"
+    echo "    echo '[Install]' >> /etc/systemd/system/${app_name}.service"
+    echo "    echo 'WantedBy=multi-user.target' >> /etc/systemd/system/${app_name}.service"
+    echo "    systemctl enable ${app_name}"
+    if [ $app_dir ]; then
+        echo "    chown -R ${app_name}:${app_name} ${app_dir}"
+    fi
+    echo "    systemctl start ${app_name}"
+fi
 echo ''
 echo "    create_site_certificate \$${app_name_upper}_DOMAIN_NAME 'yes'"
 echo ''
@@ -643,6 +785,10 @@ echo '    systemctl restart nginx'
 echo ''
 echo "    \${PROJECT_NAME}-pass -u \$MY_USERNAME -a ${app_name} -p \"\$${app_name_upper}_ADMIN_PASSWORD\""
 echo "    set_completion_param \"${app_name} domain\" \"\$${app_name_upper}_DOMAIN_NAME\""
+if [ $app_port ]; then
+    echo ''
+    echo "    firewall_add ${app_name} ${app_port} tcp"
+fi
 echo ''
 echo '    APP_INSTALLED=1'
 echo '}'

website/EN/devguide.html

@@ -3,7 +3,7 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
 <head>
-<!-- 2017-12-20 Wed 12:42 -->
+<!-- 2018-02-07 Wed 10:46 -->
 <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
 <meta name="viewport" content="width=device-width, initial-scale=1" />
 <title>&lrm;</title>
@@ -246,297 +246,131 @@ for the JavaScript code in this tag.
 
 <center><h1>Developers Guide</h1></center>
 
-<div id="outline-container-org6818d03" class="outline-2">
-<h2 id="org6818d03">Introduction</h2>
-<div class="outline-text-2" id="text-org6818d03">
+<div id="outline-container-orgcb772bb" class="outline-2">
+<h2 id="orgcb772bb">Introduction</h2>
+<div class="outline-text-2" id="text-orgcb772bb">
 <p>
-Freedombone consists of a set of bash scripts. There are a lot of them, but they're not very complicated. If you're familiar with the GNU/Linux commandline and can hack a bash script then you can probably add a new app or fix a bug in the system. There are no trendy development frameworks to learn or to get in your way. You might also want to consult the <a href="./codeofconduct.html">Code of Conduct</a>.
+Freedombone consists of a set of bash scripts. There are a lot of them, but they're not very complicated. If you're familiar with the GNU/Linux commandline and can hack a bash script then you can probably add a new app or fix a bug in the system. There are no trendy development frameworks to learn or to get in your way. You might also want to consult the <a href="./codeofconduct.html">Code of Conduct</a>, and there is a Matrix room at <b>#fbone:matrix.freedombone.net</b>
 </p>
 </div>
 </div>
-<div id="outline-container-org080672c" class="outline-2">
-<h2 id="org080672c">Adding extra apps</h2>
-<div class="outline-text-2" id="text-org080672c">
+<div id="outline-container-org8fd5474" class="outline-2">
+<h2 id="org8fd5474">Adding extra apps</h2>
+<div class="outline-text-2" id="text-org8fd5474">
 <p>
 Suppose you have some internet application which you want to add to the system. To do this you need to create an app script which tells the system how to install/remove and also backup/restore. The script should be designed to work with the current stable version of Debian.
 </p>
 
 <p>
-On an installed system the app scripts go into the directory:
+There's a command which you can use to generate scripts for new apps. Some examples are as follows:
+</p>
+
+<p>
+To create a script for a generic PHP plus MySql/MariaDB web app:
 </p>
 
 <div class="org-src-container">
-<pre class="src src-bash">/usr/share/freedombone/apps
+<pre class="src src-bash">freedombone-template --app [name] -e [email] -r [repo url] <span class="org-sh-escaped-newline">\</span>
+                     -c [commit] --php yes -d mariadb &gt; <span class="org-sh-escaped-newline">\</span>
+                     src/freedombone-app-myappname
 </pre>
 </div>
 
 <p>
-and within the project repo they appear within the <i>src</i> directory. Your new app script should have the name:
+For a Nodejs app with MySql/MariaDB database:
 </p>
 
 <div class="org-src-container">
-<pre class="src src-bash">freedombone-app-[myappname]
+<pre class="src src-bash">freedombone-template --app [name] -e [email] -r [repo url] <span class="org-sh-escaped-newline">\</span>
+                     -c [commit] --node yes -d mariadb <span class="org-sh-escaped-newline">\</span>
+                     --dir /etc/myappname --daemon yes &gt; <span class="org-sh-escaped-newline">\</span>
+                     src/freedombone-app-myappname
 </pre>
 </div>
 
 <p>
-The <i>myappname</i> value should not contain any spaces and will appear in the list of available apps.
+For a Python app with Postgresql database:
 </p>
 
+<div class="org-src-container">
+<pre class="src src-bash">freedombone-template --app [name] -e [email] -r [repo url] <span class="org-sh-escaped-newline">\</span>
+                     -c [commit] -d postgresql <span class="org-sh-escaped-newline">\</span>
+                     --dir /etc/myappname --daemon yes &gt; <span class="org-sh-escaped-newline">\</span>
+                     src/freedombone-app-myappname
+</pre>
+</div>
+
 <p>
-An example template for an app script is shown below. Copy this and add whatever variables and configuration you need. Search and replace <i>myappname</i> with your own.
+For a Python app without any database, communicating between the daemon and the web server on port 1234:
 </p>
 
 <div class="org-src-container">
-<pre class="src src-bash"><span class="org-comment-delimiter">#</span><span class="org-comment">!/bin/</span><span class="org-keyword">bash</span>
-<span class="org-comment-delimiter"># </span><span class="org-comment">Copyright (C) Year YourName &lt;YourEmail&gt;</span>
-<span class="org-comment-delimiter">#</span>
-<span class="org-comment-delimiter"># </span><span class="org-comment">This program is free software: you can redistribute it</span>
-<span class="org-comment-delimiter"># </span><span class="org-comment">and/or modify it under the terms of the GNU Affero General</span>
-<span class="org-comment-delimiter"># </span><span class="org-comment">Public License as published by the Free Software Foundation,</span>
-<span class="org-comment-delimiter"># </span><span class="org-comment">either version 3 of the License, or (at your option) any</span>
-<span class="org-comment-delimiter"># </span><span class="org-comment">later version.</span>
-<span class="org-comment-delimiter">#</span>
-<span class="org-comment-delimiter"># </span><span class="org-comment">This program is distributed in the hope that it will be useful,</span>
-<span class="org-comment-delimiter"># </span><span class="org-comment">but WITHOUT ANY WARRANTY; without even the implied warranty of</span>
-<span class="org-comment-delimiter"># </span><span class="org-comment">MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the</span>
-<span class="org-comment-delimiter"># </span><span class="org-comment">GNU Affero General Public License for more details.</span>
-
-<span class="org-comment-delimiter"># </span><span class="org-comment">'full' includes your app in the full installation and you</span>
-<span class="org-comment-delimiter"># </span><span class="org-comment">can also add other variants, separated by spaces. The</span>
-<span class="org-comment-delimiter"># </span><span class="org-comment">available variants will be detected automatically from the</span>
-<span class="org-comment-delimiter"># </span><span class="org-comment">app scripts. In most cases don't change this.</span>
-<span class="org-variable-name">VARIANTS</span>=<span class="org-string">'full'</span>
-
-<span class="org-comment-delimiter"># </span><span class="org-comment">If you want this to appear on the control panel About screen</span>
-<span class="org-variable-name">SHOW_ON_ABOUT</span>=1
-
-<span class="org-comment-delimiter"># </span><span class="org-comment">If you want this app to be in the default installation,</span>
-<span class="org-comment-delimiter"># </span><span class="org-comment">otherwise it will be available but not selected by default</span>
-<span class="org-variable-name">IN_DEFAULT_INSTALL</span>=1
-
-<span class="org-variable-name">SOME_IMPORTANT_CONFIG_VARIABLE</span>=<span class="org-string">'some important value'</span>
-<span class="org-variable-name">ANOTHER_IMPORTANT_CONFIG_VARIABLE</span>=<span class="org-string">'foo'</span>
-<span class="org-variable-name">MY_FUNKY_AVATAR</span>=https://some-domain-or-other/fro.png
-<span class="org-variable-name">MYAPPNAME_ONION_PORT</span>=[port number]
-<span class="org-variable-name">MYAPPNAME_DB_PASSWORD</span>=
-
-<span class="org-comment-delimiter"># </span><span class="org-comment">A directory where the data for this app exists</span>
-<span class="org-variable-name">MYAPP_DATA_DIR</span>=/var/lib/somedirectory
-
-<span class="org-comment-delimiter"># </span><span class="org-comment">List of configuration variables used by the app</span>
-<span class="org-variable-name">myappname_variables</span>=(ONION_ONLY
-                     MY_USERNAME
-                     SOME_IMPORTANT_CONFIG_VARIABLE
-                     ANOTHER_IMPORTANT_CONFIG_VARIABLE
-                     MY_FUNKY_AVATAR
-                     MYAPPNAME_ONION_PORT
-                     MYAPPNAME_DB_PASSWORD)
-
-<span class="org-keyword">function</span> <span class="org-function-name">logging_on_myappname</span> {
-    <span class="org-builtin">echo</span> -n <span class="org-string">''</span>
-    <span class="org-comment-delimiter"># </span><span class="org-comment">Commands to turn on logging go here</span>
-}
-
-<span class="org-keyword">function</span> <span class="org-function-name">logging_off_myappname</span> {
-    <span class="org-builtin">echo</span> -n <span class="org-string">''</span>
-    <span class="org-comment-delimiter"># </span><span class="org-comment">Commands to turn off logging go here</span>
-}
-
-<span class="org-keyword">function</span> <span class="org-function-name">change_password_myappname</span> {
-    <span class="org-variable-name">PASSWORD_USERNAME</span>=<span class="org-string">"$1"</span>
-    <span class="org-variable-name">PASSWORD_NEW</span>=<span class="org-string">"$2"</span>
-    <span class="org-comment-delimiter"># </span><span class="org-comment">Do something to change the password</span>
-}
-
-<span class="org-keyword">function</span> <span class="org-function-name">reconfigure_myappname</span> {
-    <span class="org-builtin">echo</span> -n <span class="org-string">''</span>
-    <span class="org-comment-delimiter"># </span><span class="org-comment">Do something to delete existing keys/identity and</span>
-    <span class="org-comment-delimiter"># </span><span class="org-comment">generate new ones</span>
-}
-
-<span class="org-keyword">function</span> <span class="org-function-name">upgrade_myappname</span> {
-    <span class="org-builtin">echo</span> -n <span class="org-string">''</span>
-    <span class="org-comment-delimiter"># </span><span class="org-comment">Do something to upgrade this app.</span>
-    <span class="org-comment-delimiter"># </span><span class="org-comment">If it's a debian package then it will be maintained by the</span>
-    <span class="org-comment-delimiter"># </span><span class="org-comment">operating system and you don't need anything here</span>
-}
-
-<span class="org-keyword">function</span> <span class="org-function-name">backup_local_myappname</span> {
-    <span class="org-comment-delimiter"># </span><span class="org-comment">If your app has a MariaDB/MySQL database</span>
-    backup_database_to_usb myappname
-
-    <span class="org-comment-delimiter"># </span><span class="org-comment">To backup a directory</span>
-    backup_directory_to_usb $<span class="org-variable-name">MYAPP_DATA_DIR</span> myappname
-
-    <span class="org-comment-delimiter"># </span><span class="org-comment">if you need to backup data within individual user</span>
-    <span class="org-comment-delimiter"># </span><span class="org-comment">home directories</span>
-    <span class="org-keyword">for</span> d<span class="org-keyword"> in</span> /home/*/ ; <span class="org-keyword">do</span>
-        <span class="org-variable-name">USERNAME</span>=$(<span class="org-sh-quoted-exec">echo</span> <span class="org-string">"$d"</span> | awk -F <span class="org-string">'/'</span> <span class="org-string">'{print $3}'</span>)
-        <span class="org-keyword">if</span> [[ $(<span class="org-sh-quoted-exec">is_valid_user</span> <span class="org-string">"$USERNAME"</span>) == <span class="org-string">"1"</span> ]]; <span class="org-keyword">then</span>
-            <span class="org-builtin">echo</span> $<span class="org-string">"Backing up myappname config for $USERNAME"</span>
-            <span class="org-keyword">if</span> [ -d /home/$<span class="org-variable-name">USERNAME</span>/.config/myappname ]; <span class="org-keyword">then</span>
-                backup_directory_to_usb <span class="org-sh-escaped-newline">\</span>
-                    /home/$<span class="org-variable-name">USERNAME</span>/.config/myappname <span class="org-sh-escaped-newline">\</span>
-                    myappname_users/$<span class="org-variable-name">USERNAME</span>
-            <span class="org-keyword">fi</span>
-        <span class="org-keyword">fi</span>
-    <span class="org-keyword">done</span>
-}
-
-<span class="org-keyword">function</span> <span class="org-function-name">restore_local_myappname</span> {
-    <span class="org-variable-name">temp_restore_dir</span>=/root/tempmyappname
-
-    <span class="org-comment-delimiter"># </span><span class="org-comment">If your app has a MariaDB/MySQL database</span>
-    restore_database myappname
-
-    <span class="org-comment-delimiter"># </span><span class="org-comment">Restore some data from a directory</span>
-    <span class="org-comment-delimiter"># </span><span class="org-comment">Note that we don't restore directly but to a temporary</span>
-    <span class="org-comment-delimiter"># </span><span class="org-comment">directory and then copy the files. This ensures that if</span>
-    <span class="org-comment-delimiter"># </span><span class="org-comment">there is a restore failure you don't end up with</span>
-    <span class="org-comment-delimiter"># </span><span class="org-comment">half-copied or corrupted files</span>
-    restore_directory_from_usb $<span class="org-variable-name">MYAPP_DATA_DIR</span> myappname
-    cp -r $<span class="org-variable-name">temp_restore_dir</span>/$<span class="org-variable-name">MYAPP_DATA_DIR</span> $<span class="org-variable-name">MYAPP_DATA_DIR</span>
-    rm -rf $<span class="org-variable-name">temp_restore_dir</span>
-
-    <span class="org-comment-delimiter"># </span><span class="org-comment">If you need to restore a configuration directory for each user</span>
-    <span class="org-keyword">if</span> [ -d $<span class="org-variable-name">USB_MOUNT</span>/backup/myappname_users ]; <span class="org-keyword">then</span>
-        <span class="org-keyword">for</span> d<span class="org-keyword"> in</span> $<span class="org-variable-name">USB_MOUNT</span>/backup/myappname_users/*/ ; <span class="org-keyword">do</span>
-            <span class="org-variable-name">USERNAME</span>=$(<span class="org-sh-quoted-exec">echo</span> <span class="org-string">"$d"</span> | awk -F <span class="org-string">'/'</span> <span class="org-string">'{print $6}'</span>)
-            <span class="org-keyword">if</span> [[ $(<span class="org-sh-quoted-exec">is_valid_user</span> <span class="org-string">"$USERNAME"</span>) == <span class="org-string">"1"</span> ]]; <span class="org-keyword">then</span>
-                <span class="org-keyword">if</span> [ <span class="org-negation-char">!</span> -d /home/$<span class="org-variable-name">USERNAME</span> ]; <span class="org-keyword">then</span>
-                    ${<span class="org-variable-name">PROJECT_NAME</span>}-adduser $<span class="org-variable-name">USERNAME</span>
-                <span class="org-keyword">fi</span>
-                <span class="org-builtin">echo</span> $<span class="org-string">"Restoring Vim config for $USERNAME"</span>
-                function_check restore_directory_from_usb
-                restore_directory_from_usb $<span class="org-variable-name">temp_restore_dir</span> <span class="org-sh-escaped-newline">\</span>
-                                           myappname_users/$<span class="org-variable-name">USERNAME</span>
-                cp -r $<span class="org-variable-name">temp_restore_dir</span>/home/$<span class="org-variable-name">USERNAME</span>/.config <span class="org-sh-escaped-newline">\</span>
-                      /home/$<span class="org-variable-name">USERNAME</span>/
-                <span class="org-keyword">if</span> [ <span class="org-negation-char">!</span> <span class="org-string">"$?"</span> = <span class="org-string">"0"</span> ]; <span class="org-keyword">then</span>
-                    rm -rf $<span class="org-variable-name">temp_restore_dir</span>
-                    set_user_permissions
-                    backup_unmount_drive
-                    <span class="org-keyword">exit</span> 664
-                <span class="org-keyword">fi</span>
-                rm -rf $<span class="org-variable-name">temp_restore_dir</span>
-            <span class="org-keyword">fi</span>
-        <span class="org-keyword">done</span>
-    <span class="org-keyword">fi</span>
-}
-
-<span class="org-keyword">function</span> <span class="org-function-name">backup_remote_myappname</span> {
-    <span class="org-comment-delimiter"># </span><span class="org-comment">this should be the same as backup_local_myappname,</span>
-    <span class="org-comment-delimiter"># </span><span class="org-comment">but call the backup functions backup_directory_to_friend</span>
-    <span class="org-comment-delimiter"># </span><span class="org-comment">and backup_database_to_friend</span>
-}
-
-<span class="org-keyword">function</span> <span class="org-function-name">restore_remote_vim</span> {
-    <span class="org-comment-delimiter"># </span><span class="org-comment">this should be the same as restore_local_myappname,</span>
-    <span class="org-comment-delimiter"># </span><span class="org-comment">but call the restore function restore_directory_from_friend</span>
-    <span class="org-comment-delimiter"># </span><span class="org-comment">and restore_database_from_friend</span>
-}
-
-<span class="org-keyword">function</span> <span class="org-function-name">remove_myappname</span> {
-    <span class="org-comment-delimiter"># </span><span class="org-comment">if it's a debian package then:</span>
-    apt-get -y remove --purge [my-app-package-name]
-
-    <span class="org-comment-delimiter"># </span><span class="org-comment">If your app has a MariaDB/MySQL database</span>
-    drop_database myappname
-
-    <span class="org-comment-delimiter"># </span><span class="org-comment">If your app uses an onion address</span>
-    remove_onion_service myappname ${<span class="org-variable-name">MYAPPNAME_ONION_PORT</span>}
-}
-
-<span class="org-keyword">function</span> <span class="org-function-name">install_myappname</span> {
-    <span class="org-comment-delimiter"># </span><span class="org-comment">if it's a debian package then:</span>
-    apt-get -y install [my-app-package-name]
-
-    <span class="org-comment-delimiter"># </span><span class="org-comment">If you need to create a MariaDB/MySQL database for the app</span>
-    <span class="org-variable-name">MYAPPNAME_DB_PASSWORD</span>=<span class="org-string">"$(</span><span class="org-sh-quoted-exec">create_password</span><span class="org-string"> 20)"</span>
-    create_database myappname <span class="org-string">"$MYAPPNAME_DB_PASSWORD"</span> $<span class="org-variable-name">MY_USERNAME</span>
-
-    <span class="org-comment-delimiter"># </span><span class="org-comment">If you need to create an onion address for the app</span>
-    <span class="org-variable-name">MYAPPNAME_ONION_HOSTNAME</span>=$(<span class="org-sh-quoted-exec">add_onion_service</span> myappname <span class="org-sh-escaped-newline">\</span>
-                               80 ${<span class="org-variable-name">MYAPPNAME_ONION_PORT</span>})
+<pre class="src src-bash">freedombone-template --app [name] -e [email] -r [repo url] <span class="org-sh-escaped-newline">\</span>
+                     -c [commit] --dir /etc/myappname <span class="org-sh-escaped-newline">\</span>
+                     --daemon yes --portinternal 1234 &gt; <span class="org-sh-escaped-newline">\</span>
+                     src/freedombone-app-myappname
+</pre>
+</div>
 
-    <span class="org-comment-delimiter"># </span><span class="org-comment">Do any other configuration</span>
-    <span class="org-comment-delimiter"># </span><span class="org-comment">Here you might use $ONION_ONLY or</span>
-    <span class="org-comment-delimiter"># </span><span class="org-comment">$SOME_IMPORTANT_CONFIG_VARIABLE</span>
+<p>
+For an app without any database which communicates directly on a particular port through the firewall:
+</p>
 
-    <span class="org-comment-delimiter"># </span><span class="org-comment">Mark the app as having installed successfully</span>
-    <span class="org-comment-delimiter"># </span><span class="org-comment">If this variable isn't set then it will be assumed that</span>
-    <span class="org-comment-delimiter"># </span><span class="org-comment">the install has failed</span>
-    <span class="org-variable-name">APP_INSTALLED</span>=1
-}
+<div class="org-src-container">
+<pre class="src src-bash">freedombone-template --app [name] -e [email] -r [repo url] <span class="org-sh-escaped-newline">\</span>
+                     -c [commit] --dir /etc/myappname <span class="org-sh-escaped-newline">\</span>
+                     --daemon yes --port 5000 &gt; <span class="org-sh-escaped-newline">\</span>
+                     src/freedombone-app-myappname
+</pre>
+</div>
 
-<span class="org-keyword">function</span> <span class="org-function-name">install_interactive_myappname</span> {
-    <span class="org-comment-delimiter"># </span><span class="org-comment">Interactively obtain some values using dialog, such as</span>
-    <span class="org-comment-delimiter"># </span><span class="org-comment">domain names. An avatar changing example is:</span>
-    <span class="org-variable-name">data</span>=$(<span class="org-sh-quoted-exec">tempfile</span> 2&gt;/dev/null)
-    <span class="org-keyword">trap</span> <span class="org-string">"rm -f $data"</span> 0 1 2 5 15
-    dialog --title $<span class="org-string">"Change your avatar"</span> <span class="org-sh-escaped-newline">\</span>
-           --backtitle $<span class="org-string">"Freedombone Control Panel"</span> <span class="org-sh-escaped-newline">\</span>
-           --inputbox $<span class="org-string">"Enter a URL for an image. It should be "</span> <span class="org-sh-escaped-newline">\</span>
-                      $<span class="org-string">"approximately a square image."</span> 8 75 2&gt;$<span class="org-variable-name">data</span>
-    <span class="org-variable-name">sel</span>=$<span class="org-variable-name">?</span>
-    <span class="org-keyword">case</span> $<span class="org-variable-name">sel</span><span class="org-keyword"> in</span>
-        0)
-            <span class="org-variable-name">MY_FUNKY_AVATAR</span>=$(&lt;$<span class="org-variable-name">data</span>)
-            <span class="org-keyword">if</span> [ ${#<span class="org-variable-name">MY_FUNKY_AVATAR</span>} -gt 3 ]; <span class="org-keyword">then</span>
-                clear
-
-                <span class="org-comment-delimiter"># </span><span class="org-comment">do whatever is needed to change the avatar</span>
-                <span class="org-comment-delimiter"># </span><span class="org-comment">in your app</span>
-
-                dialog --title $<span class="org-string">"Change your avatar"</span> <span class="org-sh-escaped-newline">\</span>
-                       --msgbox $<span class="org-string">"Your avatar has been changed"</span> 6 40
-            <span class="org-keyword">fi</span>
-            ;;
-    <span class="org-keyword">esac</span>
-
-    <span class="org-comment-delimiter"># </span><span class="org-comment">install_myappname will be called automatically after this function</span>
-}
+<p>
+A generic PHP plus MySql/MariaDB web app which is only available on an onion address:
+</p>
 
-<span class="org-comment-delimiter"># </span><span class="org-comment">NOTE: deliberately no exit 0</span>
+<div class="org-src-container">
+<pre class="src src-bash">freedombone-template --app [name] -e [email] -r [repo url] <span class="org-sh-escaped-newline">\</span>
+                     -c [commit] --php yes -d mariadb <span class="org-sh-escaped-newline">\</span>
+                     --onion yes &gt; <span class="org-sh-escaped-newline">\</span>
+                     src/freedombone-app-myappname
 </pre>
 </div>
 
 <p>
-To test your app log into your system, select <b>Exit to command line</b> then gain root powers with:
+For more details see the manpage:
 </p>
 
 <div class="org-src-container">
-<pre class="src src-bash">sudo su
+<pre class="src src-bash">man freedombone-template
 </pre>
 </div>
 
 <p>
-Copy your app script to <b>/usr/share/freedombone/apps/freedombone-app-myappname</b>.
+The template command won't give you a fully working app, but it will give you a big head start and avoid a lot of potential mistakes. It's highly likely that you'll still need to add extra configuration for your particular app, especially within the <b>install_app</b> function.
 </p>
 
 <p>
-And run the admin control panel:
+When your new script is ready for testing you can install it with:
 </p>
 
 <div class="org-src-container">
-<pre class="src src-bash">control
+<pre class="src src-bash">make install
 </pre>
 </div>
 
 <p>
-Select <b>Add/Remove Apps</b> and if all is well then you should see your app listed as installable. Test that installing and removing it works as expected.
+Then run the administrator control panel and you should see the new app within <b>Add/Remove apps</b>.
 </p>
 
 <p>
-Submit your working app to <b><a href="https://github.com/bashrc/freedombone/issues">https://github.com/bashrc/freedombone/issues</a></b>
+Submit your working app to <b><a href="https://github.com/bashrc/freedombone/issues">https://github.com/bashrc/freedombone/issues</a></b> or create a pull request.
 </p>
 </div>
 </div>
 
-<div id="outline-container-orge29cd52" class="outline-2">
-<h2 id="orge29cd52">Customising mesh images</h2>
-<div class="outline-text-2" id="text-orge29cd52">
+<div id="outline-container-orgaefd9da" class="outline-2">
+<h2 id="orgaefd9da">Customising mesh images</h2>
+<div class="outline-text-2" id="text-orgaefd9da">
 <p>
 If you want to make your own specially branded version of the mesh images, such as for a particular event, then to change the default desktop backgrounds edit the images within <b>img/backgrounds</b> and to change the available avatars and desktop icons edit the images within <b>img/avatars</b>. Re-create disk images using the instructions shown previously.
 </p>