matomo-standalone
Example:
# Install Matomo with Nginx and letsencrypt certificate. - matomo-standalone: hostnames: - dev.frkl.io server_admin: [email protected] use_https: true
Description
Install Matomo web analytics service.
This also installs Nginx as a reverse proxy, and, optionally, configures https with a letsencrypt certificate.
Make sure to specify the 'server_admin' email address when using this with https. There is no validation check for this yet.
Once finished, and you visit the hostname you provided (or localhost if you didn't), you'll be presented with a setup page. If you didn't change the defaults (which you should, at least for 'matomo_db_password'), here are the defaults:
Database Server: 127.0.0.1 Login: matomo Password: matomo_password Database Name: matomo
Leave the other settings.
Resources
Variables
| Name | Type | Default | Description |
|---|---|---|---|
|
string | /var/www | The matomo webapp parent directory. |
|
list | ['localhost'] | The hostname(s) of the server. Will be used in the vhost configuration, as well as to request https certificates from letsencrypt. |
|
boolean | False | "Whether to use the letsencrypt staging server. This is useful for developing -- the letsencrypt production server only allows a few requests per day. This option is disabled in the cli, as it is not used very often. Just use an overlay dict to enable this. |
|
string | -- | An (optional) database dump file. |
|
boolean | False | Whether to import a sql dump. |
|
string | matomo | The name of the database to use. |
|
string | matomo_password | The password for the database. |
|
string | matomo | The db user. |
|
string | /etc/nginx/sites-enabled/matomo.conf | The path to the vhost file. |
|
string | -- | The email address to use in the vhost file and with letsencrypt. |
|
boolean | -- | Request a lets-encrypt certificate and serve devpi via https (needs 'server_admin' set). |
|
string | www-data | The group to run the webserver as (if applicable). |
|
string | www-data | The user to run the webserver as. |
Examples
Example 1
Install Matomo with Nginx and letsencrypt certificate.
Code
- matomo-standalone: hostnames: - dev.frkl.io server_admin: [email protected] use_https: true
Description
This will use the defaults for database-related settings. You should, in practice, at least set a proper database password.
Code
doc: short_help: Install Matomo analytics service. help: | Install [Matomo](https://matomo.org/) web analytics service. This also installs Nginx as a reverse proxy, and, optionally, configures https with a letsencrypt certificate. Make sure to specify the 'server_admin' email address when using this with https. There is no validation check for this yet. Once finished, and you visit the hostname you provided (or localhost if you didn't), you'll be presented with a setup page. If you didn't change the defaults (which you should, at least for 'matomo_db_password'), here are the defaults: Database Server: 127.0.0.1 Login: matomo Password: matomo_password Database Name: matomo Leave the other settings. references: Matomo homepage: https://matomo.org/ examples: - title: Install Matomo with Nginx and letsencrypt certificate. desc: | This will use the defaults for database-related settings. You should, in practice, at least set a proper database password. vars: hostnames: - dev.frkl.io server_admin: [email protected] use_https: true args: path: doc: short_help: The path to the vhost file. required: false default: /etc/nginx/sites-enabled/matomo.conf type: string cli: show_default: true base_path: doc: short_help: The matomo webapp parent directory. type: string required: false default: /var/www cli: show_default: true hostnames: doc: short_help: The hostname(s) of the server. help: | The hostname(s) of the server. Will be used in the vhost configuration, as well as to request https certificates from letsencrypt. type: list schema: type: string default: - localhost required: true cli: metavar: HOST param_decls: - --hostname letsencrypt_staging: doc: short_help: Whether to use the letsencrypt staging server. help: | "Whether to use the letsencrypt staging server. This is useful for developing -- the letsencrypt production server only allows a few requests per day. This option is disabled in the cli, as it is not used very often. Just use an overlay dict to enable this. type: boolean required: false default: false server_admin: type: string doc: short_help: The email address to use in the vhost file and with letsencrypt. required: false use_https: type: boolean required: false doc: short_help: Request a lets-encrypt certificate and serve devpi via https (needs 'server_admin' set). cli: is_flag: true webserver_user: doc: short_help: The user to run the webserver as. type: string required: false default: www-data cli: metavar: USERNAME webserver_group: doc: short_help: The group to run the webserver as (if applicable). type: string required: false default: www-data cli: metavar: GROUP listen_ip: doc: short_help: The ip to listen to. help: | The address to listen to, can be any of the following, optionally followed by a colon and a port number (or *): - The IP address of the virtual host; - A fully qualified domain name for the IP address of the virtual host (not recommended); - The character *, which acts as a wildcard and matches any IP address. - The string _default_, which is an alias for * references: - '[Apache VirtualHost documentation](https://httpd.apache.org/docs/current/mod/core.html#virtualhost)' type: string required: false default: _default_ matomo_db_user: doc: short_help: The db user. type: string required: true default: matomo cli: metavar: DB_USER matomo_db_password: doc: short_help: The password for the database. type: string secret: true required: true default: matomo_password matomo_db_import: doc: short_help: Whether to import a sql dump. type: boolean default: false required: false cli: is_flag: true matomo_db_dump_file: doc: short_help: An (optional) database dump file. type: string required: false cli: metavar: PATH matomo_db_name: doc: short_help: The name of the database to use. type: string required: true default: matomo cli: metavar: DB_NAME frecklets: - folder-exists: path: '{{:: base_path ::}}' owner: '{{:: webserver_user ::}}' group: '{{:: webserver_group ::}}' become: true - unzip-installed - archive-extracted: src: https://builds.piwik.org/piwik.zip dest: /var/www owner: '{{:: webserver_user ::}}' group: '{{:: webserver_user ::}}' creates: '{{:: base_path ::}}/piwik' remote_src: true # creating database & installing server if necessary - mariadb-database-exists: db_import: '{{:: matomo_db_import ::}}' db_dump_file: '{{:: matomo_db_dump_file ::}}' db_name: '{{:: matomo_db_name ::}}' db_user: '{{:: matomo_db_user ::}}' db_user_password: '{{:: matomo_db_password ::}}' # # creating matomo vhost - nginx-server-block-file: path: '{{:: path ::}}' owner: root become: true server_names: '{{:: hostnames ::}}' use_https: '{{:: use_https ::}}' document_root: '{{:: base_path ::}}/piwik' index: - index.php add_header: Referrer-Policy origin server_admin: '{{:: server_admin ::}}' location_blocks: # for details, check: https://github.com/matomo-org/matomo-nginx/blob/master/sites-available/matomo.conf - location_match: ^/(index|matomo|piwik|js/index).php location_modifier: '~' properties: | include snippets/fastcgi-php.conf; # if your Nginx setup doesn't come with a default fastcgi-php config replace this with the one from this repository fastcgi_param HTTP_PROXY ""; # prohibit httpoxy: https://httpoxy.org/ # fastcgi_pass unix:/var/run/php/php7.2-fpm.sock; #replace with the path to your PHP socket file fastcgi_pass 127.0.0.1:9000; - location_match: /plugins/HeatmapSessionRecording/configs.php location_modifier: '=' properties: | include snippets/fastcgi-php.conf; fastcgi_param HTTP_PROXY ""; # fastcgi_pass unix:/var/run/php/php7.2-fpm.sock; #replace with the path to your PHP socket file fastcgi_pass 127.0.0.1:9000; # uncomment if you are using PHP via TCP sockets - location_match: ^.+\.php$ location_modifier: ~* properties: | deny all; return 403; - location_match: / properties: | try_files $uri $uri/ =404; - location_match: /(config|tmp|core|lang) location_modifier: '~' properties: | deny all; return 403; # replace with 404 to not show these directories exist - location_match: /\.ht location_modifier: '~' properties: | deny all; return 403; - location_match: \.(gif|ico|jpg|png|svg|js|css|htm|html|mp3|mp4|wav|ogg|avi|ttf|eot|woff|woff2|json)$ location_modifier: '~' properties: | allow all; ## Cache images,CSS,JS and webfonts for an hour ## Increasing the duration may improve the load-time, but may cause old files to show after an Matomo upgrade expires 1h; add_header Pragma public; add_header Cache-Control "public"; - location_match: /(libs|vendor|plugins|misc/user) location_modifier: '~' properties: | deny all; return 403; - location_match: /(.*\.md|LEGALNOTICE|LICENSE) location_modifier: '~' properties: | default_type text/plain; # # installing webserver and dependencies (php, https-cert...) - webserver-service: webserver: nginx letsencrypt_webroot: '{{:: base_path ::}}/piwik' use_https: '{{:: use_https | default(false) ::}}' letsencrypt_email: '{{:: server_admin ::}}' letsencrypt_staging: '{{:: letsencrypt_staging ::}}' letsencrypt_domains: '{{:: hostnames ::}}' webserver_user: '{{:: webserver_user ::}}' webserver_group: '{{:: webserver_group ::}}' use_php: true # php_fpm_config: # php_fpm_listen_allowed_clients: "{{:: host ::}}" php_packages: debian: - php-curl - php-gd - php-cli - php-mysql - php-xml - php-zip - php-mbstring
frecklecute matomo-standalone --help Usage: frecklecute matomo-standalone [OPTIONS] Install [Matomo](https://matomo.org/) web analytics service. This also installs Nginx as a reverse proxy, and, optionally, configures https with a letsencrypt certificate. Make sure to specify the 'server_admin' email address when using this with https. There is no validation check for this yet. Once finished, and you visit the hostname you provided (or localhost if you didn't), you'll be presented with a setup page. If you didn't change the defaults (which you should, at least for 'matomo_db_password'), here are the defaults: Database Server: 127.0.0.1 Login: matomo Password: matomo_password Database Name: matomo Leave the other settings. Options: --base-path BASE_PATH The matomo webapp parent directory. --hostname HOST The hostname(s) of the server. --letsencrypt-staging / --no-letsencrypt-staging Whether to use the letsencrypt staging server. --matomo-db-dump-file PATH An (optional) database dump file. --matomo-db-import / --no-matomo-db-import Whether to import a sql dump. --matomo-db-name DB_NAME The name of the database to use. --matomo-db-password MATOMO_DB_PASSWORD The password for the database. --matomo-db-user DB_USER The db user. --path PATH The path to the vhost file. --server-admin SERVER_ADMIN The email address to use in the vhost file and with letsencrypt. --use-https / --no-use-https Request a lets-encrypt certificate and serve devpi via https (needs 'server_admin' set). --webserver-group GROUP The group to run the webserver as (if applicable). --webserver-user USERNAME The user to run the webserver as. --help Show this message and exit.
# -*- coding: utf-8 -*- # # module path: pycklets.matomo_standalone.MatomoStandalone # from dataclasses import dataclass from pyckles import AutoPycklet from typing import * # noqa @dataclass class MatomoStandalone(AutoPycklet): """Install [Matomo](https://matomo.org/) web analytics service. This also installs Nginx as a reverse proxy, and, optionally, configures https with a letsencrypt certificate. Make sure to specify the 'server_admin' email address when using this with https. There is no validation check for this yet. Once finished, and you visit the hostname you provided (or localhost if you didn't), you'll be presented with a setup page. If you didn't change the defaults (which you should, at least for 'matomo_db_password'), here are the defaults: Database Server: 127.0.0.1 Login: matomo Password: matomo_password Database Name: matomo Leave the other settings. Args: base_path: The matomo webapp parent directory. hostnames: The hostname(s) of the server. letsencrypt_staging: Whether to use the letsencrypt staging server. matomo_db_dump_file: An (optional) database dump file. matomo_db_import: Whether to import a sql dump. matomo_db_name: The name of the database to use. matomo_db_password: The password for the database. matomo_db_user: The db user. path: The path to the vhost file. server_admin: The email address to use in the vhost file and with letsencrypt. use_https: Request a lets-encrypt certificate and serve devpi via https (needs 'server_admin' set). webserver_group: The group to run the webserver as (if applicable). webserver_user: The user to run the webserver as. """ FRECKLET_ID = "matomo-standalone" base_path: str = None hostnames: List = None letsencrypt_staging: bool = None matomo_db_dump_file: str = None matomo_db_import: bool = None matomo_db_name: str = None matomo_db_password: str = None matomo_db_user: str = None path: str = None server_admin: str = None use_https: bool = None webserver_group: str = None webserver_user: str = None def __post_init__(self): super(MatomoStandalone, self).__init__(var_names=["base_path", "hostnames", "letsencrypt_staging", "matomo_db_dump_file", "matomo_db_import", "matomo_db_name", "matomo_db_password", "matomo_db_user", "path", "server_admin", "use_https", "webserver_group", "webserver_user"]) frecklet_class = MatomoStandalone
# -*- coding: utf-8 -*- # # module path: pycklets.matomo_standalone.MatomoStandalone # from pyckles import AutoPycklet class MatomoStandalone(AutoPycklet): """Install [Matomo](https://matomo.org/) web analytics service. This also installs Nginx as a reverse proxy, and, optionally, configures https with a letsencrypt certificate. Make sure to specify the 'server_admin' email address when using this with https. There is no validation check for this yet. Once finished, and you visit the hostname you provided (or localhost if you didn't), you'll be presented with a setup page. If you didn't change the defaults (which you should, at least for 'matomo_db_password'), here are the defaults: Database Server: 127.0.0.1 Login: matomo Password: matomo_password Database Name: matomo Leave the other settings. Args: base_path: The matomo webapp parent directory. hostnames: The hostname(s) of the server. letsencrypt_staging: Whether to use the letsencrypt staging server. matomo_db_dump_file: An (optional) database dump file. matomo_db_import: Whether to import a sql dump. matomo_db_name: The name of the database to use. matomo_db_password: The password for the database. matomo_db_user: The db user. path: The path to the vhost file. server_admin: The email address to use in the vhost file and with letsencrypt. use_https: Request a lets-encrypt certificate and serve devpi via https (needs 'server_admin' set). webserver_group: The group to run the webserver as (if applicable). webserver_user: The user to run the webserver as. """ FRECKLET_ID = "matomo-standalone" def __init__(self, base_path="/var/www", hostnames=['localhost'], letsencrypt_staging=None, matomo_db_dump_file=None, matomo_db_import=None, matomo_db_name="matomo", matomo_db_password="matomo_password", matomo_db_user="matomo", path="/etc/nginx/sites-enabled/matomo.conf", server_admin=None, use_https=None, webserver_group="www-data", webserver_user="www-data"): super(MatomoStandalone, self).__init__(var_names=["base_path", "hostnames", "letsencrypt_staging", "matomo_db_dump_file", "matomo_db_import", "matomo_db_name", "matomo_db_password", "matomo_db_user", "path", "server_admin", "use_https", "webserver_group", "webserver_user"]) self._base_path = base_path self._hostnames = hostnames self._letsencrypt_staging = letsencrypt_staging self._matomo_db_dump_file = matomo_db_dump_file self._matomo_db_import = matomo_db_import self._matomo_db_name = matomo_db_name self._matomo_db_password = matomo_db_password self._matomo_db_user = matomo_db_user self._path = path self._server_admin = server_admin self._use_https = use_https self._webserver_group = webserver_group self._webserver_user = webserver_user @property def base_path(self): return self._base_path @base_path.setter def base_path(self, base_path): self._base_path = base_path @property def hostnames(self): return self._hostnames @hostnames.setter def hostnames(self, hostnames): self._hostnames = hostnames @property def letsencrypt_staging(self): return self._letsencrypt_staging @letsencrypt_staging.setter def letsencrypt_staging(self, letsencrypt_staging): self._letsencrypt_staging = letsencrypt_staging @property def matomo_db_dump_file(self): return self._matomo_db_dump_file @matomo_db_dump_file.setter def matomo_db_dump_file(self, matomo_db_dump_file): self._matomo_db_dump_file = matomo_db_dump_file @property def matomo_db_import(self): return self._matomo_db_import @matomo_db_import.setter def matomo_db_import(self, matomo_db_import): self._matomo_db_import = matomo_db_import @property def matomo_db_name(self): return self._matomo_db_name @matomo_db_name.setter def matomo_db_name(self, matomo_db_name): self._matomo_db_name = matomo_db_name @property def matomo_db_password(self): return self._matomo_db_password @matomo_db_password.setter def matomo_db_password(self, matomo_db_password): self._matomo_db_password = matomo_db_password @property def matomo_db_user(self): return self._matomo_db_user @matomo_db_user.setter def matomo_db_user(self, matomo_db_user): self._matomo_db_user = matomo_db_user @property def path(self): return self._path @path.setter def path(self, path): self._path = path @property def server_admin(self): return self._server_admin @server_admin.setter def server_admin(self, server_admin): self._server_admin = server_admin @property def use_https(self): return self._use_https @use_https.setter def use_https(self, use_https): self._use_https = use_https @property def webserver_group(self): return self._webserver_group @webserver_group.setter def webserver_group(self, webserver_group): self._webserver_group = webserver_group @property def webserver_user(self): return self._webserver_user @webserver_user.setter def webserver_user(self, webserver_user): self._webserver_user = webserver_user frecklet_class = MatomoStandalone