fix: apply shell formatting

2025-10-03 15:01:00 +08:00 · 2025-07-16 15:11:55 +02:00 · 2025-07-16 15:11:55 +02:00 · 925b32ddab
commit 925b32ddab
parent b87618e8cb
14 changed files with 383 additions and 383 deletions
--- a/24
+++ b/24
@ -4,33 +4,33 @@ echo "Weblate domain:"
 read -r domain
 cloud_domain="${domain%.weblate.cloud}"
 if [ "$cloud_domain" = "$domain" ]; then
-	echo "Cloud domain (without .weblate.cloud):"
-	read -r cloud_domain
+    echo "Cloud domain (without .weblate.cloud):"
+    read -r cloud_domain
 fi
 echo "Weblate title:"
 read -r title
 if [ -f ~/.config/weblate-bootstrap/sentry_dsn ]; then
-	sentry=$(cat ~/.config/weblate-bootstrap/sentry_dsn)
+    sentry=$(cat ~/.config/weblate-bootstrap/sentry_dsn)
 else
-	echo "Sentry DSN:"
-	read -r sentry
+    echo "Sentry DSN:"
+    read -r sentry
 fi
 if [ -f ~/.config/weblate-bootstrap/sentry_token ]; then
-	sentry_token=$(cat ~/.config/weblate-bootstrap/sentry_token)
+    sentry_token=$(cat ~/.config/weblate-bootstrap/sentry_token)
 else
-	echo "Sentry Token:"
-	read -r sentry_token
+    echo "Sentry Token:"
+    read -r sentry_token
 fi
 if [ -f ~/.config/weblate-bootstrap/graylog_token ]; then
-	graylog_token=$(cat ~/.config/weblate-bootstrap/graylog_token)
+    graylog_token=$(cat ~/.config/weblate-bootstrap/graylog_token)
 else
-	echo "Graylog Token:"
-	read -r graylog_token
+    echo "Graylog Token:"
+    read -r graylog_token
 fi

 smtp_pass=$(openssl rand -hex 32)

-cat >"${1:-/etc/weblate-bootstrap}" <<EOT
+cat > "${1:-/etc/weblate-bootstrap}" << EOT
 WEBLATE_DOMAIN="$domain"
 WEBLATE_CLOUD_DOMAIN="$cloud_domain"
 WEBLATE_TITLE="$title"
--- a/2
+++ b/2
@ -7,7 +7,7 @@ apt update
 apt install -y fail2ban vim
 apt purge -y vim-tiny cryptsetup-initramfs

-cat >/etc/fail2ban/jail.d/sshd.conf <<EOT
+cat > /etc/fail2ban/jail.d/sshd.conf << EOT
 [sshd]
 mode   = aggressive
 EOT
--- a/28
+++ b/28
@ -4,26 +4,26 @@ KEY="$(sed -n '/^env.KEY/ s/^env.KEY \(.*\)/\1/p' /etc/munin/plugin-conf.d/webla
 SERVER="$(sed -n '/^env.SERVER/ s/^env.SERVER \(.*\)/\1/p' /etc/munin/plugin-conf.d/weblate_servers)"

 if [ -z "$SERVER" ]; then
-	echo "Missing server configuration!"
-	exit 1
+    echo "Missing server configuration!"
+    exit 1
 fi

 if [ -n "$KEY" ]; then
-	if ! curl -f -s -H "Authorization: Token $KEY" "${SERVER}api/metrics/" -o /dev/null; then
-		echo "Key not working, recreating"
-		KEY=""
-	fi
+    if ! curl -f -s -H "Authorization: Token $KEY" "${SERVER}api/metrics/" -o /dev/null; then
+        echo "Key not working, recreating"
+        KEY=""
+    fi
 fi

 if [ -z "$KEY" ]; then

-	echo "Generating new key"
-	if [ -f "/home/weblate/weblate/docker-compose.override.yml" ]; then
-		cd /home/weblate/weblate || exit 1
-		KEY="$(sudo -u weblate docker compose exec --user weblate weblate weblate shell --no-imports -c 'from weblate.auth.models import User; user = User.objects.get_or_create(username="monitor")[0]; print(user.auth_token.key)')"
-	else
-		KEY="$(sudo -u weblate /home/weblate/weblate-env/bin/weblate shell --no-imports -c 'from weblate.auth.models import User; user = User.objects.get_or_create(username="monitor")[0]; print(user.auth_token.key)')"
-	fi
+    echo "Generating new key"
+    if [ -f "/home/weblate/weblate/docker-compose.override.yml" ]; then
+        cd /home/weblate/weblate || exit 1
+        KEY="$(sudo -u weblate docker compose exec --user weblate weblate weblate shell --no-imports -c 'from weblate.auth.models import User; user = User.objects.get_or_create(username="monitor")[0]; print(user.auth_token.key)')"
+    else
+        KEY="$(sudo -u weblate /home/weblate/weblate-env/bin/weblate shell --no-imports -c 'from weblate.auth.models import User; user = User.objects.get_or_create(username="monitor")[0]; print(user.auth_token.key)')"
+    fi

-	sed -i "s/^env.KEY .*/env.KEY $KEY/" /etc/munin/plugin-conf.d/weblate_servers
+    sed -i "s/^env.KEY .*/env.KEY $KEY/" /etc/munin/plugin-conf.d/weblate_servers
 fi
--- a/24
+++ b/24
@ -5,11 +5,11 @@
 apt-get update

 apt-get install -y \
-	ca-certificates \
-	curl \
-	gnupg \
-	apparmor \
-	lsb-release
+    ca-certificates \
+    curl \
+    gnupg \
+    apparmor \
+    lsb-release

 # Keyring
 # shellcheck disable=SC2174
@ -18,14 +18,14 @@ curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o

 # APT source
 echo \
-	"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/$(lsb_release -is | tr '[:upper:]' '[:lower:]') \
-  $(lsb_release -cs) stable" >/etc/apt/sources.list.d/docker.list
+    "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/$(lsb_release -is | tr '[:upper:]' '[:lower:]') \
+  $(lsb_release -cs) stable" > /etc/apt/sources.list.d/docker.list

 # Install Docker
 apt-get update
 apt-get install -y \
-	docker-ce \
-	docker-ce-cli \
-	containerd.io \
-	docker-buildx-plugin \
-	docker-compose-plugin
+    docker-ce \
+    docker-ce-cli \
+    containerd.io \
+    docker-buildx-plugin \
+    docker-compose-plugin
--- a/12
+++ b/12
@ -8,12 +8,12 @@ set -e
 apt install -y exim4

 sed -i \
-	-e "s#dc_eximconfig_configtype=.*#dc_eximconfig_configtype='satellite'#" \
-	-e "s#dc_local_interfaces=.*#dc_local_interfaces='127.0.0.1'#" \
-	-e "s#dc_readhost=.*#dc_readhost='$WEBLATE_DOMAIN'#" \
-	-e "s#dc_smarthost=.*#dc_smarthost='172.16.0.84'#" \
-	-e "s#dc_hide_mailname=.*#dc_hide_mailname='true'#" \
-	/etc/exim4/update-exim4.conf.conf
+    -e "s#dc_eximconfig_configtype=.*#dc_eximconfig_configtype='satellite'#" \
+    -e "s#dc_local_interfaces=.*#dc_local_interfaces='127.0.0.1'#" \
+    -e "s#dc_readhost=.*#dc_readhost='$WEBLATE_DOMAIN'#" \
+    -e "s#dc_smarthost=.*#dc_smarthost='172.16.0.84'#" \
+    -e "s#dc_hide_mailname=.*#dc_hide_mailname='true'#" \
+    /etc/exim4/update-exim4.conf.conf

 #cat >> /etc/exim4/passwd.client <<EOT
 #mail.cihar.com:$WEBLATE_DOMAIN:$EXIM_PASS
--- a/6
+++ b/6
@ -3,10 +3,10 @@
 set -e

 if [ -n "$1" ]; then
-	WEBLATE_GRAYLOG_TOKEN="$1"
+    WEBLATE_GRAYLOG_TOKEN="$1"
 else
-	# shellcheck disable=SC1091
-	. /etc/weblate-bootstrap
+    # shellcheck disable=SC1091
+    . /etc/weblate-bootstrap
 fi

 # Install package
--- a/10
+++ b/10
@ -3,8 +3,8 @@
 set -e

 if [ -z "$1" ] || [ "$1" = "--help" ]; then
-	echo "Usage: install-mail-delivery HOSTNAME"
-	exit 1
+    echo "Usage: install-mail-delivery HOSTNAME"
+    exit 1
 fi

 ssh "$1" apt update
@ -20,7 +20,7 @@ scp ~/Nextcloud/Weblate/Servers/Mail/DKIM/dkim.private.key "$1":/etc/exim4/dkim.
 ssh "$1" chgrp Debian-exim /etc/exim4/dkim.private.key
 ssh "$1" chmod 640 /etc/exim4/dkim.private.key

-ssh "$1" tee /etc/exim4/update-exim4.conf.conf <<EOT
+ssh "$1" tee /etc/exim4/update-exim4.conf.conf << EOT
 dc_eximconfig_configtype='internet'
 dc_other_hostnames=''
 dc_local_interfaces=''
@ -36,7 +36,7 @@ dc_mailname_in_oh='true'
 dc_localdelivery='mail_spool'
 EOT

-ssh "$1" tee /etc/exim4/conf.d/main/00_local_settings <<EOT
+ssh "$1" tee /etc/exim4/conf.d/main/00_local_settings << EOT
 daemon_smtp_ports = 25 : 587
 REMOTE_SMTP_HELO_DATA = md.weblate.org
 MAIN_HARDCODE_PRIMARY_HOSTNAME = md.weblate.org
@ -55,7 +55,7 @@ ssh "$1" systemctl restart exim4
 ssh "$1" ./scripts/install-graylog "'$(cat ~/.config/weblate-bootstrap/graylog_token)'"

 # shellcheck disable=SC2087
-ssh "$1" mail -r "noreply@weblate.org" -s "Test" -- "michal@weblate.org" <<EOT
+ssh "$1" mail -r "noreply@weblate.org" -s "Test" -- "michal@weblate.org" << EOT
 E-mail delivery from $1.

 --
--- a/6
+++ b/6
@ -11,14 +11,14 @@ export PATH

 # Munin
 mkdir -p /etc/munin/plugin-conf.d/
-cat >/etc/munin/plugin-conf.d/postgres <<EOT
+cat > /etc/munin/plugin-conf.d/postgres << EOT
 [postgres_*]
 user weblate
 env.PGHOST 127.0.0.1
 env.PGUSER weblate
 env.PGPASSWORD weblate
 EOT
-cat >/etc/munin/plugin-conf.d/redis <<EOT
+cat > /etc/munin/plugin-conf.d/redis << EOT
 [redis]
 env.host1 127.0.0.1
 env.port1 6379
@ -31,7 +31,7 @@ wget https://raw.githubusercontent.com/munin-monitoring/contrib/master/plugins/r
 wget https://raw.githubusercontent.com/WeblateOrg/munin/master/weblate
 wget https://raw.githubusercontent.com/WeblateOrg/munin/master/ksm
 chmod +x redis weblate ksm
-cat >/etc/munin/plugin-conf.d/weblate_servers <<EOT
+cat > /etc/munin/plugin-conf.d/weblate_servers << EOT
 [weblate]
 env.SERVER https://$WEBLATE_DOMAIN/
 env.KEY
--- a/30
+++ b/30
@ -4,13 +4,13 @@
 set -e

 if [ ! -f .venv/bin/activate ]; then
-	echo "Missing virtual environment!"
-	exit 2
+    echo "Missing virtual environment!"
+    exit 2
 fi

 if [ -z "$1" ] || [ "$1" = "--help" ]; then
-	echo "Usage: install-remote HOSTNAME [VERSION]"
-	exit 1
+    echo "Usage: install-remote HOSTNAME [VERSION]"
+    exit 1
 fi

 SERVER_NAME="$1"
@ -24,7 +24,7 @@ TMPFILE=$(mktemp --tmpdir weblate-log.XXXXXXXXXX)

 # Gather basic configuration
 bootstrap "$BOOTSTRAP" "$2"
-cat >>"$BOOTSTRAP" <<EOT
+cat >> "$BOOTSTRAP" << EOT
 WEBLATE_PASSWORD="$(apg -a 0 -M sncl -n 1 -x 10 -m 20)"
 EOT

@ -42,14 +42,14 @@ pip install -r requirements.txt
 # debian-12 arm64: 114690389
 # debian-12 amd64: 114690387
 hcloud server create \
-	--image 114690389 \
-	--location fsn1 \
-	--name "$SERVER_NAME" \
-	--network 19990 \
-	--firewall 13110 \
-	--ssh-key 1056953 \
-	--ssh-key 1494306 \
-	--type cax11 | tee "$TMPFILE"
+    --image 114690389 \
+    --location fsn1 \
+    --name "$SERVER_NAME" \
+    --network 19990 \
+    --firewall 13110 \
+    --ssh-key 1056953 \
+    --ssh-key 1494306 \
+    --type cax11 | tee "$TMPFILE"

 IPADDRESS=$(sed -n 's/IPv4: \(.*\)/\1/p' "$TMPFILE")
 IP6ADDRESS=$(sed -n 's/IPv6: \(.*\)/\1/p' "$TMPFILE")
@ -65,8 +65,8 @@ echo "Created server with address $IPADDRESS, please ensure $WEBLATE_DOMAIN poin
 read -r dummy

 s() {
-	# shellcheck disable=SC2029
-	ssh "root@$IPADDRESS" "$@"
+    # shellcheck disable=SC2029
+    ssh "root@$IPADDRESS" "$@"
 }

 # Configure mail sending
--- a/168
+++ b/168
@ -10,58 +10,58 @@ cd /tmp
 # Install deps
 apt-get update
 apt-get install --no-install-recommends -y build-essential \
-	certbot \
-	curl \
-	cython3 \
-	fail2ban python3-pyinotify python3-systemd \
-	g++ \
-	gcc \
-	gettext \
-	gir1.2-pango-1.0 \
-	gir1.2-rsvg-2.0 \
-	git \
-	git-svn \
-	git-lfs \
-	gnupg \
-	libcairo2-dev \
-	libenchant-2-2 \
-	libfreetype6-dev \
-	libgirepository1.0-dev \
-	libjpeg-dev \
-	libldap2-dev \
-	libleptonica-dev \
-	libsasl2-dev \
-	libssl-dev \
-	libtesseract-dev \
-	libxml2-dev \
-	libxmlsec1-dev \
-	libxslt1-dev \
-	libyaml-dev \
-	libacl1-dev \
-	zlib1g-dev \
-	liblz4-dev \
-	libzstd-dev \
-	libxxhash-dev \
-	nginx \
-	openssh-client \
-	pkg-config \
-	postgresql-client \
-	python3-certbot-nginx \
-	python3-dev \
-	python3-gdbm \
-	python3-pip \
-	python3-virtualenv \
-	redis-server \
-	rsync \
-	subversion \
-	tesseract-ocr \
-	virtualenv \
-	uwsgi \
-	uwsgi-plugin-python3
+    certbot \
+    curl \
+    cython3 \
+    fail2ban python3-pyinotify python3-systemd \
+    g++ \
+    gcc \
+    gettext \
+    gir1.2-pango-1.0 \
+    gir1.2-rsvg-2.0 \
+    git \
+    git-svn \
+    git-lfs \
+    gnupg \
+    libcairo2-dev \
+    libenchant-2-2 \
+    libfreetype6-dev \
+    libgirepository1.0-dev \
+    libjpeg-dev \
+    libldap2-dev \
+    libleptonica-dev \
+    libsasl2-dev \
+    libssl-dev \
+    libtesseract-dev \
+    libxml2-dev \
+    libxmlsec1-dev \
+    libxslt1-dev \
+    libyaml-dev \
+    libacl1-dev \
+    zlib1g-dev \
+    liblz4-dev \
+    libzstd-dev \
+    libxxhash-dev \
+    nginx \
+    openssh-client \
+    pkg-config \
+    postgresql-client \
+    python3-certbot-nginx \
+    python3-dev \
+    python3-gdbm \
+    python3-pip \
+    python3-virtualenv \
+    redis-server \
+    rsync \
+    subversion \
+    tesseract-ocr \
+    virtualenv \
+    uwsgi \
+    uwsgi-plugin-python3

 # Install ruby deps for licesee
 apt-get install -y \
-	ruby bundler cmake pkg-config git libssl-dev ruby-dev
+    ruby bundler cmake pkg-config git libssl-dev ruby-dev

 # Add user
 adduser weblate --disabled-password --gecos Weblate
@ -82,42 +82,42 @@ sudo -u weblate cp "$WEBLATE_HOME/weblate-env/lib/python$PYVER/site-packages/web

 # shellcheck disable=SC1004
 sed -i \
-	-e "s#^DATA_DIR.*#DATA_DIR = \"$WEBLATE_HOME/data\"#" \
-	-e 's#^ENABLE_HTTPS.*#ENABLE_HTTPS = True#' \
-	-e 's#^SERVER_EMAIL.*#SERVER_EMAIL = "noreply@weblate.org"#' \
-	-e 's#^DEFAULT_FROM_EMAIL.*#DEFAULT_FROM_EMAIL = "noreply@weblate.org"#' \
-	-e "s#^SECRET_KEY.*#SECRET_KEY = '$WEBLATE_SECRET'#" \
-	-e "s#^SITE_TITLE.*#SITE_TITLE = '$WEBLATE_TITLE'#" \
-	-e "s#^SITE_DOMAIN.*#SITE_DOMAIN = '$WEBLATE_DOMAIN'#" \
-	-e "s#^SENTRY_DSN.*#SENTRY_DSN = '$WEBLATE_SENTRY'#" \
-	-e "s#^SENTRY_ENVIRONMENT.*#SENTRY_ENVIRONMENT = SITE_DOMAIN#" \
-	-e "/HiredisParser/ D" \
-	-e "/SENTRY_DSN/ a \
+    -e "s#^DATA_DIR.*#DATA_DIR = \"$WEBLATE_HOME/data\"#" \
+    -e 's#^ENABLE_HTTPS.*#ENABLE_HTTPS = True#' \
+    -e 's#^SERVER_EMAIL.*#SERVER_EMAIL = "noreply@weblate.org"#' \
+    -e 's#^DEFAULT_FROM_EMAIL.*#DEFAULT_FROM_EMAIL = "noreply@weblate.org"#' \
+    -e "s#^SECRET_KEY.*#SECRET_KEY = '$WEBLATE_SECRET'#" \
+    -e "s#^SITE_TITLE.*#SITE_TITLE = '$WEBLATE_TITLE'#" \
+    -e "s#^SITE_DOMAIN.*#SITE_DOMAIN = '$WEBLATE_DOMAIN'#" \
+    -e "s#^SENTRY_DSN.*#SENTRY_DSN = '$WEBLATE_SENTRY'#" \
+    -e "s#^SENTRY_ENVIRONMENT.*#SENTRY_ENVIRONMENT = SITE_DOMAIN#" \
+    -e "/HiredisParser/ D" \
+    -e "/SENTRY_DSN/ a \
 SENTRY_TOKEN = '$WEBLATE_SENTRY_TOKEN'" \
-	-e "s#^        \"PASSWORD\":.*#        \"PASSWORD\": '$POSTGRES_PASS',#" \
-	-e "s#.*your_email@example.com.*#    ('Michal Čihař', 'michal@cihar.com'),#" \
-	-e '/social_core.pipeline.social_auth.load_extra_data/ a \
+    -e "s#^        \"PASSWORD\":.*#        \"PASSWORD\": '$POSTGRES_PASS',#" \
+    -e "s#.*your_email@example.com.*#    ('Michal Čihař', 'michal@cihar.com'),#" \
+    -e '/social_core.pipeline.social_auth.load_extra_data/ a \
    "weblate.legal.pipeline.tos_confirm",' \
-	-e '/weblate.middleware.SecurityMiddleware/ a \
+    -e '/weblate.middleware.SecurityMiddleware/ a \
    "weblate.legal.middleware.RequireTOSMiddleware",' \
-	-e '/weblate.gitexport/ a \
+    -e '/weblate.gitexport/ a \
    "wllegal",' \
-	-e '/weblate.gitexport/ a \
+    -e '/weblate.gitexport/ a \
    "weblate.legal",' \
-	-e 's#^MT_APERTIUM_APY.*#MT_APERTIUM_APY = "http://172.16.0.9:2737/"#' \
-	-e 's/^# MT_SERVICES/MT_SERVICES/' \
-	-e 's/^#     "weblate.machinery.apertium./   "weblate.machinery.apertium./' \
-	-e 's/^#     "weblate.machinery.weblatetm./    "weblate.machinery.weblatetm./' \
-	-e 's/^#     "weblate.memory.machine/    "weblate.memory.machine/' \
-	-e 's/^DEBUG =.*/DEBUG = False/' \
-	-e 's/"admin.E408"/"admin.E408", "weblate.E012", "weblate.E013"/' \
-	-e 's/^REGISTRATION_OPEN =.*/REGISTRATION_OPEN = False/' \
-	-e 's/^REQUIRE_LOGIN =.*/REQUIRE_LOGIN = True/' \
-	-e 's/^COMPRESS_OFFLINE =.*/COMPRESS_OFFLINE = True/' \
-	-e 's/#     "weblate.machinery.apertium.ApertiumAPYTranslation",/"weblate.machinery.apertium.ApertiumAPYTranslation",/' \
-	"$SETTINGS_PY"
+    -e 's#^MT_APERTIUM_APY.*#MT_APERTIUM_APY = "http://172.16.0.9:2737/"#' \
+    -e 's/^# MT_SERVICES/MT_SERVICES/' \
+    -e 's/^#     "weblate.machinery.apertium./   "weblate.machinery.apertium./' \
+    -e 's/^#     "weblate.machinery.weblatetm./    "weblate.machinery.weblatetm./' \
+    -e 's/^#     "weblate.memory.machine/    "weblate.memory.machine/' \
+    -e 's/^DEBUG =.*/DEBUG = False/' \
+    -e 's/"admin.E408"/"admin.E408", "weblate.E012", "weblate.E013"/' \
+    -e 's/^REGISTRATION_OPEN =.*/REGISTRATION_OPEN = False/' \
+    -e 's/^REQUIRE_LOGIN =.*/REQUIRE_LOGIN = True/' \
+    -e 's/^COMPRESS_OFFLINE =.*/COMPRESS_OFFLINE = True/' \
+    -e 's/#     "weblate.machinery.apertium.ApertiumAPYTranslation",/"weblate.machinery.apertium.ApertiumAPYTranslation",/' \
+    "$SETTINGS_PY"

-cat <<EOT >>"$SETTINGS_PY"
+cat << EOT >> "$SETTINGS_PY"

 # Hosted customization
 ADMINS_CONTACT = ['care@weblate.org']
@ -131,15 +131,15 @@ EOT
 # Fill the database
 sudo -u weblate $WEBLATE_HOME/weblate-env/bin/weblate migrate
 if [ -n "$WEBLATE_PASSWORD" ]; then
-	sudo -u weblate $WEBLATE_HOME/weblate-env/bin/weblate createadmin --username nijel --email michal@cihar.com --name 'Michal Čihař' --password "$WEBLATE_PASSWORD"
+    sudo -u weblate $WEBLATE_HOME/weblate-env/bin/weblate createadmin --username nijel --email michal@cihar.com --name 'Michal Čihař' --password "$WEBLATE_PASSWORD"
 else
-	sudo -u weblate $WEBLATE_HOME/weblate-env/bin/weblate createadmin --username nijel --email michal@cihar.com --name 'Michal Čihař'
+    sudo -u weblate $WEBLATE_HOME/weblate-env/bin/weblate createadmin --username nijel --email michal@cihar.com --name 'Michal Čihař'
 fi
 sudo -u weblate $WEBLATE_HOME/weblate-env/bin/weblate collectstatic --noinput
 sudo -u weblate $WEBLATE_HOME/weblate-env/bin/weblate compress --force
 # Track deploy at Sentry
 if ! grep -q "SENTRY_TOKEN = ''" "$SETTINGS_PY"; then
-	sudo -u weblate "$WEBLATE_HOME/weblate-env/bin/weblate" sentry_deploy
+    sudo -u weblate "$WEBLATE_HOME/weblate-env/bin/weblate" sentry_deploy
 fi

 # Celery and uwsgi
@ -156,7 +156,7 @@ systemctl restart uwsgi.service

 # SSL cert
 if [ "$1" != "--nocert" ]; then
-	certbot --agree-tos --email care@weblate.org --redirect --no-eff-email -d "$WEBLATE_DOMAIN"
+    certbot --agree-tos --email care@weblate.org --redirect --no-eff-email -d "$WEBLATE_DOMAIN"
 fi

 # Enable http/2
@ -168,7 +168,7 @@ sed -i 's/^\t# gzip/\tgzip/' /etc/nginx/nginx.conf
 # Hide server version
 sed -i 's/# server_tokens off/server_tokens off/' /etc/nginx/nginx.conf
 # Weblate nginx snippet
-cat >/etc/nginx/snippets/weblate.conf <<EOT
+cat > /etc/nginx/snippets/weblate.conf << EOT
    location /static/ {
        # DATA_DIR/static/
        alias $WEBLATE_HOME/data/static/;
--- a/76
+++ b/76
@ -6,29 +6,29 @@ set -e
 . /etc/weblate-bootstrap

 if [ "$1" = "--nocert" ]; then
-	CERT=0
-	shift
+    CERT=0
+    shift
 else
-	CERT=1
+    CERT=1
 fi

 if [ "$1" = "--nomail" ]; then
-	IGNORE_CHECKS=,weblate.E003
-	shift
+    IGNORE_CHECKS=,weblate.E003
+    shift
 else
-	IGNORE_CHECKS=""
+    IGNORE_CHECKS=""
 fi

 if [ "$1" = "--migrate" ]; then
-	MIGRATE=1
-	CERT=0
-	shift
+    MIGRATE=1
+    CERT=0
+    shift
 else
-	MIGRATE=0
+    MIGRATE=0
 fi

 if [ "$MIGRATE" -eq 0 ]; then
-	adduser weblate --disabled-password --gecos Weblate
+    adduser weblate --disabled-password --gecos Weblate
 fi
 usermod --append --groups adm weblate
 usermod --append --groups docker weblate
@ -39,32 +39,32 @@ WEBLATE_DOCKER="$WEBLATE_HOME/weblate"
 cd /tmp
 apt-get update
 apt-get install --no-install-recommends -y fail2ban python3-pyinotify python3-systemd \
-	systemd-timesyncd \
-	rsyslog \
-	nginx \
-	openssh-client \
-	python3-certbot-nginx \
-	git
+    systemd-timesyncd \
+    rsyslog \
+    nginx \
+    openssh-client \
+    python3-certbot-nginx \
+    git

 # Legal stuff
 sudo -u weblate git clone https://github.com/WeblateOrg/wllegal.git $WEBLATE_HOME/wllegal

 # SSL cert
 if [ "$CERT" -eq 1 ]; then
-	certbot --agree-tos --email care@weblate.org --redirect --no-eff-email -d "$WEBLATE_DOMAIN"
+    certbot --agree-tos --email care@weblate.org --redirect --no-eff-email -d "$WEBLATE_DOMAIN"
 fi

 # Enable http/2
 sed -i -e 's/ssl;/ssl http2;/' -e 's/ssl ipv6only=on/ssl ipv6only=on http2/' /etc/nginx/sites-available/default
 if [ "$MIGRATE" -eq 0 ]; then
-	# Enable status locally
-	sed -i '/server_name _/a location = /nginx_status {\n    stub_status;\n}' /etc/nginx/sites-available/default
+    # Enable status locally
+    sed -i '/server_name _/a location = /nginx_status {\n    stub_status;\n}' /etc/nginx/sites-available/default
 fi
 # Hide server version
 sed -i 's/# server_tokens off/server_tokens off/' /etc/nginx/nginx.conf

 # Weblate nginx snippet
-cat >/etc/nginx/snippets/weblate.conf <<EOT
+cat > /etc/nginx/snippets/weblate.conf << EOT
    location / {
        proxy_pass http://127.0.0.1:8080;
        proxy_read_timeout 3600s;
@ -89,20 +89,20 @@ cat >/etc/nginx/snippets/weblate.conf <<EOT
 EOT

 if [ "$MIGRATE" -eq 0 ]; then
-	# Insert include after first server_name stanza
-	sed -i "0,/server_name $WEBLATE_DOMAIN.*/s//&\\ninclude snippets\/weblate.conf;/" /etc/nginx/sites-available/default
-	# Delete default location, replaced by snippet
-	sed -i ':a;N;$!ba;s/\(snippets\/weblate.conf;\)[^}]*}/\1/g' /etc/nginx/sites-available/default
+    # Insert include after first server_name stanza
+    sed -i "0,/server_name $WEBLATE_DOMAIN.*/s//&\\ninclude snippets\/weblate.conf;/" /etc/nginx/sites-available/default
+    # Delete default location, replaced by snippet
+    sed -i ':a;N;$!ba;s/\(snippets\/weblate.conf;\)[^}]*}/\1/g' /etc/nginx/sites-available/default
 fi
 systemctl enable nginx.service
 systemctl restart nginx.service

 # Fail2ban
 if [ ! -d "$WEBLATE_HOME/fail2ban" ]; then
-	sudo -u weblate git clone https://github.com/WeblateOrg/fail2ban.git $WEBLATE_HOME/fail2ban
-	ln -s $WEBLATE_HOME/fail2ban/filter.d/* /etc/fail2ban/filter.d/
-	ln -s $WEBLATE_HOME/fail2ban/jail.d/* /etc/fail2ban/jail.d/
-	systemctl restart fail2ban.service
+    sudo -u weblate git clone https://github.com/WeblateOrg/fail2ban.git $WEBLATE_HOME/fail2ban
+    ln -s $WEBLATE_HOME/fail2ban/filter.d/* /etc/fail2ban/filter.d/
+    ln -s $WEBLATE_HOME/fail2ban/jail.d/* /etc/fail2ban/jail.d/
+    systemctl restart fail2ban.service
 fi

 # Install Weblate dirs
@ -111,9 +111,9 @@ mkdir -p "$WEBLATE_DOCKER" "$WEBLATE_HOME/cache" "$WEBLATE_HOME/data" "$WEBLATE_
 # Go to the docker dir
 cd "$WEBLATE_DOCKER"

-curl -fsSL https://raw.githubusercontent.com/WeblateOrg/docker-compose/main/docker-compose.yml >docker-compose.yml
-curl -fsSL https://raw.githubusercontent.com/WeblateOrg/docker-compose/main/environment >environment
-cat >docker-compose.override.yml <<EOT
+curl -fsSL https://raw.githubusercontent.com/WeblateOrg/docker-compose/main/docker-compose.yml > docker-compose.yml
+curl -fsSL https://raw.githubusercontent.com/WeblateOrg/docker-compose/main/environment > environment
+cat > docker-compose.override.yml << EOT
 services:
  weblate:
    image: weblate/weblate:latest
@ -153,7 +153,7 @@ volumes:
      device: '$WEBLATE_HOME/redis'
 EOT

-cat >>environment <<EOT
+cat >> environment << EOT

 # E-mail setup
 WEBLATE_EMAIL_HOST=172.16.0.84
@ -200,7 +200,7 @@ chown -R weblate:weblate $WEBLATE_HOME
 sudo -u weblate docker compose pull

 if [ "$MIGRATE" -eq 1 ]; then
-	exit 0
+    exit 0
 fi

 # Start Weblate
@ -211,18 +211,18 @@ sudo -u weblate docker compose logs

 # Track deploy to Sentry
 if [ -n "$WEBLATE_SENTRY_TOKEN" ]; then
-	sudo -u weblate docker compose exec --user weblate weblate weblate sentry_deploy || true
+    sudo -u weblate docker compose exec --user weblate weblate weblate sentry_deploy || true
 fi

 # Create admin user
 if [ -n "$WEBLATE_PASSWORD" ]; then
-	sudo -u weblate docker compose exec --user weblate weblate weblate createadmin --username nijel --email michal@cihar.com --name 'Michal Čihař' --password "$WEBLATE_PASSWORD" --update
+    sudo -u weblate docker compose exec --user weblate weblate weblate createadmin --username nijel --email michal@cihar.com --name 'Michal Čihař' --password "$WEBLATE_PASSWORD" --update
 fi

 # Machinery configuration
 if [ "$CERT" -eq 1 ]; then
-	sudo -u weblate docker compose exec --user weblate weblate weblate install_machinery --service libretranslate --configuration '{"key": "", "url": "http://172.16.0.9:5000/"}'
-	sudo -u weblate docker compose exec --user weblate weblate weblate install_machinery --service apertium-apy --configuration '{"url": "http://172.16.0.9:2737/"}'
+    sudo -u weblate docker compose exec --user weblate weblate weblate install_machinery --service libretranslate --configuration '{"key": "", "url": "http://172.16.0.9:5000/"}'
+    sudo -u weblate docker compose exec --user weblate weblate weblate install_machinery --service apertium-apy --configuration '{"url": "http://172.16.0.9:2737/"}'
 fi

 # Check
--- a/14
+++ b/14
@ -22,7 +22,7 @@ install-docker
 # Stop services, wait for empty queue
 systemctl stop uwsgi
 while sudo -u "$WEBLATE_USERNAME" "$WEBLATE_ENV/bin/weblate" celery_queues | grep ': [^0]'; do
-	sleep 1
+    sleep 1
 done
 systemctl stop celery-weblate
 systemctl disable celery-weblate
@ -33,13 +33,13 @@ install-weblate-docker "$@" --migrate

 # Dump PostgreSQL and load it to Docker
 # shellcheck disable=SC2024
-sudo -u "postgres" pg_dump --no-privileges --no-owner --clean --if-exists weblate >"$WEBLATE_HOME/weblate.sql"
+sudo -u "postgres" pg_dump --no-privileges --no-owner --clean --if-exists weblate > "$WEBLATE_HOME/weblate.sql"
 systemctl stop postgresql

 cd "$WEBLATE_DOCKER"
 docker compose up -d database --wait
 sleep 60
-docker compose exec -T database psql --username weblate --dbname weblate <"$WEBLATE_HOME/weblate.sql"
+docker compose exec -T database psql --username weblate --dbname weblate < "$WEBLATE_HOME/weblate.sql"

 # Move redis data
 cp /var/lib/redis/dump.rdb "$WEBLATE_HOME/redis"
@ -50,9 +50,9 @@ chown -R 1000:1000 "$WEBLATE_HOME/data"

 # Cleanup system packages
 apt-get purge -y \
-	redis-server \
-	uwsgi \
-	postgresql
+    redis-server \
+    uwsgi \
+    postgresql

 # Start Weblate
 sudo -u weblate docker compose up -d --wait
@ -62,7 +62,7 @@ sudo -u weblate docker compose logs

 # Track deploy to Sentry
 if [ -n "$WEBLATE_SENTRY_TOKEN" ]; then
-	sudo -u weblate docker compose exec --user weblate weblate weblate sentry_deploy
+    sudo -u weblate docker compose exec --user weblate weblate weblate sentry_deploy
 fi

 # Check
--- a/4
+++ b/4
@ -9,7 +9,7 @@ sed -i '/\/etc\/letsencrypt\/options-ssl-nginx.conf/ D' /etc/nginx/sites-availab
 sed -i -e '/ssl_protocols/D' -e '/ssl_prefer_server_ciphers/D' /etc/nginx/nginx.conf

 # Update SSL config
-cat >/etc/nginx/conf.d/ssl.conf <<EOT
+cat > /etc/nginx/conf.d/ssl.conf << EOT
 ssl_session_timeout 1d;
 ssl_session_cache shared:SSL:50m;
 ssl_session_tickets off;
@ -26,7 +26,7 @@ EOT

 # Update DH params
 if [ ! -f /etc/nginx/ffdhe4096.pem ]; then
-	curl https://ssl-config.mozilla.org/ffdhe2048.txt >/etc/nginx/ffdhe4096.pem
+    curl https://ssl-config.mozilla.org/ffdhe2048.txt > /etc/nginx/ffdhe4096.pem
 fi

 # Reload ngxin
--- a/362
+++ b/362
@ -5,73 +5,73 @@ set -e
 cd /tmp

 if [ -f /etc/weblate-bootstrap ]; then
-	# shellcheck disable=SC1091
-	. /etc/weblate-bootstrap
+    # shellcheck disable=SC1091
+    . /etc/weblate-bootstrap
 fi

 DO_DIFF=1
 LAZY_RESTART=0

 usage() {
-	echo "Usage: upgrade-weblate [--no-diff] [--lazy-restart]"
+    echo "Usage: upgrade-weblate [--no-diff] [--lazy-restart]"
 }

 PARSED_ARGUMENTS=$(getopt -a -n upgrade-weblate -o drh --long help,nodiff,no-diff,lazy-restart -- "$@")
 VALID_ARGUMENTS=$?
 if [ "$VALID_ARGUMENTS" != "0" ]; then
-	echo "Invalid arguments"
-	usage
-	exit 1
+    echo "Invalid arguments"
+    usage
+    exit 1
 fi
 eval set -- "$PARSED_ARGUMENTS"
 while :; do
-	case "$1" in
-	-d | --nodiff | --no-diff)
-		DO_DIFF=0
-		shift
-		;;
-	-r | --lazy-restart)
-		LAZY_RESTART=1
-		shift
-		;;
-	-h | --help)
-		usage
-		exit
-		;;
-	--)
-		shift
-		break
-		;;
-	*)
-		echo "Unexpected option: $1 - this should not happen."
-		usage
-		exit 1
-		;;
-	esac
+    case "$1" in
+    -d | --nodiff | --no-diff)
+        DO_DIFF=0
+        shift
+        ;;
+    -r | --lazy-restart)
+        LAZY_RESTART=1
+        shift
+        ;;
+    -h | --help)
+        usage
+        exit
+        ;;
+    --)
+        shift
+        break
+        ;;
+    *)
+        echo "Unexpected option: $1 - this should not happen."
+        usage
+        exit 1
+        ;;
+    esac
 done

 # Detect user
 if [ -n "$WEBLATE_USERNAME" ]; then
-	USERNAME=$WEBLATE_USERNAME
+    USERNAME=$WEBLATE_USERNAME
 else
-	for u in weblate ec2-user apache; do
-		if id $u >/dev/null 2>&1; then
-			USERNAME=$u
-			break
-		fi
-	done
+    for u in weblate ec2-user apache; do
+        if id $u > /dev/null 2>&1; then
+            USERNAME=$u
+            break
+        fi
+    done
 fi
 if [ -z "$USERNAME" ]; then
-	echo "Could not detect username!"
-	exit 1
+    echo "Could not detect username!"
+    exit 1
 fi

 if [ "$USERNAME" = root ] && [ -d /opt/weblate ]; then
-	WEBLATE_HOME=/opt/weblate
-	WEBLATE_USERNAME=apache
+    WEBLATE_HOME=/opt/weblate
+    WEBLATE_USERNAME=apache
 else
-	WEBLATE_HOME=$(getent passwd "$USERNAME" | cut -d: -f 6)
-	WEBLATE_USERNAME=$USERNAME
+    WEBLATE_HOME=$(getent passwd "$USERNAME" | cut -d: -f 6)
+    WEBLATE_USERNAME=$USERNAME
 fi

 # At this point:
@ -79,173 +79,173 @@ fi
 # USERNAME is user owning Weblate sources

 if [ -f "$WEBLATE_HOME/weblate/docker-compose.override.yml" ]; then
-	# Docker based upgrade
-	cd "$WEBLATE_HOME/weblate"
-	sudo -u weblate docker compose pull
-	sudo -u weblate docker compose up -d --wait
-	sudo -u weblate docker compose logs
-	sudo -u weblate docker image prune --all --force
-	sudo -u weblate docker compose exec --user weblate weblate weblate check --deploy || true
-	sudo -u weblate docker compose exec --user weblate weblate weblate sentry_deploy || true
+    # Docker based upgrade
+    cd "$WEBLATE_HOME/weblate"
+    sudo -u weblate docker compose pull
+    sudo -u weblate docker compose up -d --wait
+    sudo -u weblate docker compose logs
+    sudo -u weblate docker image prune --all --force
+    sudo -u weblate docker compose exec --user weblate weblate weblate check --deploy || true
+    sudo -u weblate docker compose exec --user weblate weblate weblate sentry_deploy || true

 else

-	# Detect web service
-	for service in gunicorn.service uwsgi.service httpd.service; do
-		if systemctl cat -- $service >/dev/null 2>&1; then
-			SERVICE=$service
-			break
-		fi
-	done
-	if [ -z "$SERVICE" ]; then
-		echo "Could not detect web service!"
-		exit 1
-	fi
+    # Detect web service
+    for service in gunicorn.service uwsgi.service httpd.service; do
+        if systemctl cat -- $service > /dev/null 2>&1; then
+            SERVICE=$service
+            break
+        fi
+    done
+    if [ -z "$SERVICE" ]; then
+        echo "Could not detect web service!"
+        exit 1
+    fi

-	if [ "$WEBLATE_HOME" = /opt/weblate ]; then
-		WEBLATE_ENV="/opt/weblate"
-	else
-		WEBLATE_ENV="$WEBLATE_HOME/weblate-env"
-	fi
+    if [ "$WEBLATE_HOME" = /opt/weblate ]; then
+        WEBLATE_ENV="/opt/weblate"
+    else
+        WEBLATE_ENV="$WEBLATE_HOME/weblate-env"
+    fi

-	PYVER="$("$WEBLATE_ENV/bin/python" -c 'import sys; print("{}.{}".format(*sys.version_info[:2]))')"
+    PYVER="$("$WEBLATE_ENV/bin/python" -c 'import sys; print("{}.{}".format(*sys.version_info[:2]))')"

-	if [ -d "$WEBLATE_HOME/weblate-src" ]; then
-		WEBLATE_DIR="$WEBLATE_HOME/weblate-src"
-		WEBLATE_PKG="$WEBLATE_DIR"
-		PIP_ARGS="--editable"
-	elif [ -d "$WEBLATE_HOME/weblate" ]; then
-		WEBLATE_DIR="$WEBLATE_HOME/weblate"
-		WEBLATE_PKG="$WEBLATE_DIR"
-		PIP_ARGS="--editable"
-	else
-		WEBLATE_DIR="$WEBLATE_ENV/lib/python$PYVER/site-packages"
-		WEBLATE_PKG="Weblate"
-		PIP_ARGS=""
-	fi
-	WEBLATE_FLAGS="all,zxcvbn,wllegal"
-	if [ -d "$WEBLATE_HOME/hosted" ]; then
-		PIP_ARGS="--editable $WEBLATE_HOME/hosted $PIP_ARGS"
-		WEBLATE_FLAGS="$WEBLATE_FLAGS,mysql,saml2idp"
-	fi
+    if [ -d "$WEBLATE_HOME/weblate-src" ]; then
+        WEBLATE_DIR="$WEBLATE_HOME/weblate-src"
+        WEBLATE_PKG="$WEBLATE_DIR"
+        PIP_ARGS="--editable"
+    elif [ -d "$WEBLATE_HOME/weblate" ]; then
+        WEBLATE_DIR="$WEBLATE_HOME/weblate"
+        WEBLATE_PKG="$WEBLATE_DIR"
+        PIP_ARGS="--editable"
+    else
+        WEBLATE_DIR="$WEBLATE_ENV/lib/python$PYVER/site-packages"
+        WEBLATE_PKG="Weblate"
+        PIP_ARGS=""
+    fi
+    WEBLATE_FLAGS="all,zxcvbn,wllegal"
+    if [ -d "$WEBLATE_HOME/hosted" ]; then
+        PIP_ARGS="--editable $WEBLATE_HOME/hosted $PIP_ARGS"
+        WEBLATE_FLAGS="$WEBLATE_FLAGS,mysql,saml2idp"
+    fi

-	# Backup settings
-	cp "$WEBLATE_DIR/weblate/settings.py" "/root/weblate-settings-$(date -I).py"
+    # Backup settings
+    cp "$WEBLATE_DIR/weblate/settings.py" "/root/weblate-settings-$(date -I).py"

-	# Upgrade pip
-	sudo -u "$USERNAME" "$WEBLATE_ENV/bin/pip" install -U pip wheel
+    # Upgrade pip
+    sudo -u "$USERNAME" "$WEBLATE_ENV/bin/pip" install -U pip wheel

-	# Prebuild wheels, they are stored in the cache
-	WHEELS=$(mktemp -d)
-	chown "$USERNAME" "$WHEELS"
-	sudo -u "$USERNAME" "$WEBLATE_ENV/bin/pip" wheel --wheel-dir "$WHEELS" "Weblate[${WEBLATE_FLAGS}]" 'pygobject<3.52'
-	rm -rf "$WHEELS"
+    # Prebuild wheels, they are stored in the cache
+    WHEELS=$(mktemp -d)
+    chown "$USERNAME" "$WHEELS"
+    sudo -u "$USERNAME" "$WEBLATE_ENV/bin/pip" wheel --wheel-dir "$WHEELS" "Weblate[${WEBLATE_FLAGS}]" 'pygobject<3.52'
+    rm -rf "$WHEELS"

-	if [ $LAZY_RESTART -eq 0 ]; then
-		# Stop web
-		if [ "$SERVICE" = gunicorn.service ]; then
-			systemctl disable gunicorn.socket
-		fi
-		systemctl stop "$SERVICE"
-		# Wait for celery to process all jobs
-		while sudo -u "$WEBLATE_USERNAME" "$WEBLATE_ENV/bin/weblate" celery_queues | grep ': [^0]'; do
-			sleep 1
-		done
+    if [ $LAZY_RESTART -eq 0 ]; then
+        # Stop web
+        if [ "$SERVICE" = gunicorn.service ]; then
+            systemctl disable gunicorn.socket
+        fi
+        systemctl stop "$SERVICE"
+        # Wait for celery to process all jobs
+        while sudo -u "$WEBLATE_USERNAME" "$WEBLATE_ENV/bin/weblate" celery_queues | grep ': [^0]'; do
+            sleep 1
+        done

-		# Stop celery
-		systemctl stop celery-weblate.service
-		for WORKER in $WEBLATE_WORKERS; do
-			ssh "root@$WORKER" systemctl stop celery-weblate.service
-		done
-	fi
+        # Stop celery
+        systemctl stop celery-weblate.service
+        for WORKER in $WEBLATE_WORKERS; do
+            ssh "root@$WORKER" systemctl stop celery-weblate.service
+        done
+    fi

-	# Upgrade modules
-	if [ "$WEBLATE_PKG" != "Weblate" ]; then
-		OLD_DIR=$PWD
-		cd "$WEBLATE_DIR"
-		git config --global safe.directory "$WEBLATE_DIR"
-		OLD_HEAD=$(git log -n1 --format=%H)
-		sudo -u "$USERNAME" sh -c "cd $WEBLATE_DIR; git pull"
-		if [ -d "$WEBLATE_HOME/hosted" ]; then
-			sudo -u "$WEBLATE_USERNAME" sh -c "cd $WEBLATE_HOME/hosted; git pull -q"
-		fi
-		if [ "$DO_DIFF" -eq 1 ] && git diff --exit-code "$OLD_HEAD".. -- weblate/settings_example.py >/dev/null; then
-			DO_DIFF="0"
-		fi
-		cd "$OLD_DIR"
-	fi
-	# shellcheck disable=SC2086
-	sudo -u "$USERNAME" "$WEBLATE_ENV/bin/pip" install 'pygobject<3.52' --upgrade-strategy eager --upgrade $PIP_ARGS "${WEBLATE_PKG}[${WEBLATE_FLAGS}]"
+    # Upgrade modules
+    if [ "$WEBLATE_PKG" != "Weblate" ]; then
+        OLD_DIR=$PWD
+        cd "$WEBLATE_DIR"
+        git config --global safe.directory "$WEBLATE_DIR"
+        OLD_HEAD=$(git log -n1 --format=%H)
+        sudo -u "$USERNAME" sh -c "cd $WEBLATE_DIR; git pull"
+        if [ -d "$WEBLATE_HOME/hosted" ]; then
+            sudo -u "$WEBLATE_USERNAME" sh -c "cd $WEBLATE_HOME/hosted; git pull -q"
+        fi
+        if [ "$DO_DIFF" -eq 1 ] && git diff --exit-code "$OLD_HEAD".. -- weblate/settings_example.py > /dev/null; then
+            DO_DIFF="0"
+        fi
+        cd "$OLD_DIR"
+    fi
+    # shellcheck disable=SC2086
+    sudo -u "$USERNAME" "$WEBLATE_ENV/bin/pip" install 'pygobject<3.52' --upgrade-strategy eager --upgrade $PIP_ARGS "${WEBLATE_PKG}[${WEBLATE_FLAGS}]"

-	# Adjust configuration
-	if [ "$DO_DIFF" -eq 1 ]; then
-		vimdiff "$WEBLATE_DIR/weblate/settings_example.py" "$WEBLATE_DIR/weblate/settings.py"
-	fi
-	if [ -z "$WEBLATE_WORKERS" ]; then
-		sed "s@/home/weblate/weblate-env@$WEBLATE_ENV@" "$WEBLATE_DIR/weblate/examples/celery-weblate.conf" >/etc/default/celery-weblate
-	fi
+    # Adjust configuration
+    if [ "$DO_DIFF" -eq 1 ]; then
+        vimdiff "$WEBLATE_DIR/weblate/settings_example.py" "$WEBLATE_DIR/weblate/settings.py"
+    fi
+    if [ -z "$WEBLATE_WORKERS" ]; then
+        sed "s@/home/weblate/weblate-env@$WEBLATE_ENV@" "$WEBLATE_DIR/weblate/examples/celery-weblate.conf" > /etc/default/celery-weblate
+    fi

-	# Migrate database, compile gettext and collect static files
-	sudo -u "$WEBLATE_USERNAME" "$WEBLATE_ENV/bin/weblate" migrate
-	sudo -u "$WEBLATE_USERNAME" "$WEBLATE_ENV/bin/weblate" ensure_stats
-	sudo -u "$WEBLATE_USERNAME" "$WEBLATE_ENV/bin/weblate" collectstatic --noinput
-	sudo -u "$WEBLATE_USERNAME" "$WEBLATE_ENV/bin/weblate" compress --force
-	if ! grep -q UPDATE_LANGUAGES "$WEBLATE_DIR/weblate/settings.py"; then
-		sudo -u "$WEBLATE_USERNAME" "$WEBLATE_ENV/bin/weblate" setuplang
-	fi
-	if [ "$WEBLATE_DIR" = "$WEBLATE_HOME/weblate" ]; then
-		sudo -u "$WEBLATE_USERNAME" sh -c "cd $WEBLATE_DIR; $WEBLATE_ENV/bin/weblate compilemessages"
-		if [ -d "$WEBLATE_HOME/hosted" ]; then
-			sudo -u "$WEBLATE_USERNAME" sh -c "cd $WEBLATE_HOME/hosted; $WEBLATE_ENV/bin/weblate compilemessages"
-		fi
-	fi
-	# Track deploy at Sentry
-	if ! grep -q "SENTRY_TOKEN = ''" "$WEBLATE_DIR/weblate/settings.py"; then
-		sudo -u "$WEBLATE_USERNAME" "$WEBLATE_ENV/bin/weblate" sentry_deploy
-	fi
+    # Migrate database, compile gettext and collect static files
+    sudo -u "$WEBLATE_USERNAME" "$WEBLATE_ENV/bin/weblate" migrate
+    sudo -u "$WEBLATE_USERNAME" "$WEBLATE_ENV/bin/weblate" ensure_stats
+    sudo -u "$WEBLATE_USERNAME" "$WEBLATE_ENV/bin/weblate" collectstatic --noinput
+    sudo -u "$WEBLATE_USERNAME" "$WEBLATE_ENV/bin/weblate" compress --force
+    if ! grep -q UPDATE_LANGUAGES "$WEBLATE_DIR/weblate/settings.py"; then
+        sudo -u "$WEBLATE_USERNAME" "$WEBLATE_ENV/bin/weblate" setuplang
+    fi
+    if [ "$WEBLATE_DIR" = "$WEBLATE_HOME/weblate" ]; then
+        sudo -u "$WEBLATE_USERNAME" sh -c "cd $WEBLATE_DIR; $WEBLATE_ENV/bin/weblate compilemessages"
+        if [ -d "$WEBLATE_HOME/hosted" ]; then
+            sudo -u "$WEBLATE_USERNAME" sh -c "cd $WEBLATE_HOME/hosted; $WEBLATE_ENV/bin/weblate compilemessages"
+        fi
+    fi
+    # Track deploy at Sentry
+    if ! grep -q "SENTRY_TOKEN = ''" "$WEBLATE_DIR/weblate/settings.py"; then
+        sudo -u "$WEBLATE_USERNAME" "$WEBLATE_ENV/bin/weblate" sentry_deploy
+    fi

-	# Start the services
-	if [ $LAZY_RESTART -eq 0 ]; then
-		systemctl start celery-weblate.service
-		for WORKER in $WEBLATE_WORKERS; do
-			ssh "root@$WORKER" systemctl start celery-weblate.service
-		done
-		systemctl start "$SERVICE"
-		if [ "$SERVICE" = gunicorn.service ]; then
-			systemctl enable gunicorn.socket
-		fi
-	else
-		systemctl restart celery-weblate.service &
-		for WORKER in $WEBLATE_WORKERS; do
-			ssh "root@$WORKER" systemctl restart celery-weblate.service &
-		done
-		systemctl restart "$SERVICE"
-	fi
+    # Start the services
+    if [ $LAZY_RESTART -eq 0 ]; then
+        systemctl start celery-weblate.service
+        for WORKER in $WEBLATE_WORKERS; do
+            ssh "root@$WORKER" systemctl start celery-weblate.service
+        done
+        systemctl start "$SERVICE"
+        if [ "$SERVICE" = gunicorn.service ]; then
+            systemctl enable gunicorn.socket
+        fi
+    else
+        systemctl restart celery-weblate.service &
+        for WORKER in $WEBLATE_WORKERS; do
+            ssh "root@$WORKER" systemctl restart celery-weblate.service &
+        done
+        systemctl restart "$SERVICE"
+    fi
 fi

 # Upgrade legal
 if [ -d "$WEBLATE_HOME/wllegal" ]; then
-	sudo -u "$USERNAME" sh -c "cd $WEBLATE_HOME/wllegal && git pull"
+    sudo -u "$USERNAME" sh -c "cd $WEBLATE_HOME/wllegal && git pull"
 fi

 # Upgrade munin plugin
 if [ -d /usr/share/munin/plugins ]; then
-	wget -O - https://raw.githubusercontent.com/WeblateOrg/munin/master/weblate >/usr/share/munin/plugins/weblate
-	wget -O - https://raw.githubusercontent.com/WeblateOrg/munin/master/ksm >/usr/share/munin/plugins/ksm
+    wget -O - https://raw.githubusercontent.com/WeblateOrg/munin/master/weblate > /usr/share/munin/plugins/weblate
+    wget -O - https://raw.githubusercontent.com/WeblateOrg/munin/master/ksm > /usr/share/munin/plugins/ksm
 fi

 # Upgrade fail2ban
 if [ -d "$WEBLATE_HOME/fail2ban" ]; then
-	sudo -u "$USERNAME" sh -c "cd $WEBLATE_HOME/fail2ban && git pull"
-	# shellcheck disable=SC2086
-	ln -sf $WEBLATE_HOME/fail2ban/filter.d/* /etc/fail2ban/filter.d/
-	# shellcheck disable=SC2086
-	ln -sf $WEBLATE_HOME/fail2ban/jail.d/* /etc/fail2ban/jail.d/
-	# shellcheck disable=SC2086
-	ln -sf $WEBLATE_HOME/fail2ban/action.d/* /etc/fail2ban/action.d/
-	systemctl reload fail2ban.service
+    sudo -u "$USERNAME" sh -c "cd $WEBLATE_HOME/fail2ban && git pull"
+    # shellcheck disable=SC2086
+    ln -sf $WEBLATE_HOME/fail2ban/filter.d/* /etc/fail2ban/filter.d/
+    # shellcheck disable=SC2086
+    ln -sf $WEBLATE_HOME/fail2ban/jail.d/* /etc/fail2ban/jail.d/
+    # shellcheck disable=SC2086
+    ln -sf $WEBLATE_HOME/fail2ban/action.d/* /etc/fail2ban/action.d/
+    systemctl reload fail2ban.service
 fi

 if [ -n "$WEBLATE_WORKERS" ]; then
-	echo "Celery configuration not updated, using remote workers!"
+    echo "Celery configuration not updated, using remote workers!"
 fi