nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-01-07 05:23:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
a68cd68b45
nixpkgs/nixos/modules/services/web-apps/matomo.xml

108 lines
4.9 KiB
XML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!-- Do not edit this file directly, edit its companion .md instead
and regenerate this file using nixos/doc/manual/md-to-db.sh -->
<chapter xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="module-services-matomo">
<title>Matomo</title>
<para>
Matomo is a real-time web analytics application. This module
configures php-fpm as backend for Matomo, optionally configuring an
nginx vhost as well.
</para>
<para>
An automatic setup is not suported by Matomo, so you need to
configure Matomo itself in the browser-based Matomo setup.
</para>
<section xml:id="module-services-matomo-database-setup">
<title>Database Setup</title>
<para>
You also need to configure a MariaDB or MySQL database and -user
for Matomo yourself, and enter those credentials in your browser.
You can use passwordless database authentication via the
UNIX_SOCKET authentication plugin with the following SQL commands:
</para>
<programlisting>
# For MariaDB
INSTALL PLUGIN unix_socket SONAME 'auth_socket';
CREATE DATABASE matomo;
CREATE USER 'matomo'@'localhost' IDENTIFIED WITH unix_socket;
GRANT ALL PRIVILEGES ON matomo.* TO 'matomo'@'localhost';
# For MySQL
INSTALL PLUGIN auth_socket SONAME 'auth_socket.so';
CREATE DATABASE matomo;
CREATE USER 'matomo'@'localhost' IDENTIFIED WITH auth_socket;
GRANT ALL PRIVILEGES ON matomo.* TO 'matomo'@'localhost';
</programlisting>
<para>
Then fill in <literal>matomo</literal> as database user and
database name, and leave the password field blank. This
authentication works by allowing only the
<literal>matomo</literal> unix user to authenticate as the
<literal>matomo</literal> database user (without needing a
password), but no other users. For more information on
passwordless login, see
<link xlink:href="https://mariadb.com/kb/en/mariadb/unix_socket-authentication-plugin/">https://mariadb.com/kb/en/mariadb/unix_socket-authentication-plugin/</link>.
</para>
<para>
Of course, you can use password based authentication as well, e.g.
when the database is not on the same host.
</para>
</section>
<section xml:id="module-services-matomo-archive-processing">
<title>Archive Processing</title>
<para>
This module comes with the systemd service
<literal>matomo-archive-processing.service</literal> and a timer
that automatically triggers archive processing every hour. This
means that you can safely
<link xlink:href="https://matomo.org/docs/setup-auto-archiving/#disable-browser-triggers-for-matomo-archiving-and-limit-matomo-reports-to-updating-every-hour">disable
browser triggers for Matomo archiving</link> at
<literal>Administration &gt; System &gt; General Settings</literal>.
</para>
<para>
With automatic archive processing, you can now also enable to
<link xlink:href="https://matomo.org/docs/privacy/#step-2-delete-old-visitors-logs">delete
old visitor logs</link> at
<literal>Administration &gt; System &gt; Privacy</literal>, but
make sure that you run
<literal>systemctl start matomo-archive-processing.service</literal>
at least once without errors if you have already collected data
before, so that the reports get archived before the source data
gets deleted.
</para>
</section>
<section xml:id="module-services-matomo-backups">
<title>Backup</title>
<para>
You only need to take backups of your MySQL database and the
<filename>/var/lib/matomo/config/config.ini.php</filename> file.
Use a user in the <literal>matomo</literal> group or root to
access the file. For more information, see
<link xlink:href="https://matomo.org/faq/how-to-install/faq_138/">https://matomo.org/faq/how-to-install/faq_138/</link>.
</para>
</section>
<section xml:id="module-services-matomo-issues">
<title>Issues</title>
<itemizedlist spacing="compact">
<listitem>
<para>
Matomo will warn you that the JavaScript tracker is not
writable. This is because its located in the read-only nix
store. You can safely ignore this, unless you need a plugin
that needs JavaScript tracker access.
</para>
</listitem>
</itemizedlist>
</section>
<section xml:id="module-services-matomo-other-web-servers">
<title>Using other Web Servers than nginx</title>
<para>
You can use other web servers by forwarding calls for
<filename>index.php</filename> and <filename>piwik.php</filename>
to the
<link linkend="opt-services.phpfpm.pools._name_.socket"><literal>services.phpfpm.pools.&lt;name&gt;.socket</literal></link>
fastcgi unix socket. You can use the nginx configuration in the
module code as a reference to what else should be configured.
</para>
</section>
</chapter>
Reference in New Issue View Git Blame Copy Permalink