From 748f9ec110966f98326e116b3f40651b6fcd8c83 Mon Sep 17 00:00:00 2001 From: Carl Wivagg Date: Sat, 30 Apr 2022 07:07:09 -0400 Subject: [PATCH 01/28] Add initial draft of Matomo role --- roles/matomo/tasks/install.yml | 137 +++++++++++++++++++++++++++++++++ roles/matomo/tasks/main.yml | 9 +++ 2 files changed, 146 insertions(+) create mode 100644 roles/matomo/tasks/install.yml create mode 100644 roles/matomo/tasks/main.yml diff --git a/roles/matomo/tasks/install.yml b/roles/matomo/tasks/install.yml new file mode 100644 index 000000000..53b2838f1 --- /dev/null +++ b/roles/matomo/tasks/install.yml @@ -0,0 +1,137 @@ +- name: Start MariaDB + action: service name=mysql state=started +- name: Create MariaDB Database for Matomo + community.mysql.mysql_db: + name: "{{ mdb_dbname }}" + state: present + login_unix_socket: /var/run/mysqld/mysqld.sock +- name: Add Admin User to MariaDB Database + community.mysql.mysql_user: + name: "{{ mdb_username }}" + password: "{{ mdb_password }}" + host: localhost + state: present + update_password: on_create + priv: "{{ mdb_dbname }}.*:ALL" + login_unix_socket: /var/run/mysqld/mysqld.sock +- name: Download and Extract Matomo + unarchive: + src: https://builds.matomo.org/matomo.zip + dest: /var/www/html + remote_src: yes + creates: /var/www/html/matomo +- name: Set Matomo Directory Permissions + file: + path: /var/www/html/matomo + recurse: yes + owner: www-data + group: www-data +- name: HTTP Get Welcome + uri: + url: "{{ matomo_url }}index.php?action=welcome" + method: GET + status_code: 200 + register: matomo_welcome +- name: Set a variable for the MATOMO_SESSID cookie + set_fact: + matomo_session_cookie: "MATOMO_SESSID={{ cookie.value }}" + when: cookie.key == "MATOMO_SESSID" + loop: "{{ matomo_welcome.cookies | dict2items }}" + loop_control: + loop_var: cookie +- name: Get Matomo System Check + uri: + url: "{{matomo_url}}index.php?action=systemCheck" + method: GET + headers: + Cookie: "{{ matomo_session_cookie }}" + return_content: true + timeout: 120 + status_code: 200 + register: matomo_system_check +- name: Matomo Database Setup + uri: + url: "{{ matomo_url }}index.php?action=databaseSetup" + method: POST + headers: + Cookie: "{{ matomo_session_cookie }}" + body: + username: "{{ mdb_username }}" + password: "{{ mdb_password }}" + dbname: "{{ mdb_dbname }}" + adapter: "PDO\\MYSQL" + body_format: form-urlencoded + status_code: 302 + register: matomo_database_setup +- name: Matomo Table Creation + uri: + url: "{{ matomo_url }}index.php?action=tablesCreation&module=Installation" + method: GET + status_code: 200 + register: matomo_table_creation +- name: Matomo User Setup + uri: + url: "{{ matomo_url }}index.php?action=setupSuperUser&module=Installation" + method: POST + headers: + Cookie: "{{ matomo_session_cookie }}" + body: + login: "{{ mdb_username }}" + password: "{{ mdb_password }}" + password_bis: "{{ mdb_password }}" + e-mail: "nobody@dev.null" + subscribe_newsletter_piwikorg: 0 + subscribe_newsletter_professionalservices: 0 + body_format: form-urlencoded + status_code: 302 + register: matomo_setup_superuser +- name: Configure Matomo to track IIAB + uri: + url: "{{ matomo_url }}index.php?action=firstWebsiteSetup&module=Installation" + method: POST + headers: + Cookie: "{{ matomo_session_cookie }}" + body: + name: "IIAB" + url: "host_url" + timezone: "Europe/London" + ecommerce: 0 + body_format: form-urlencoded + status_code: 302 + register: matomo_first_website_setup +- name: Matomo Tracking Code + uri: + url: "{{ matomo_url }}index.php?action=trackingCode&module=Installation&site_idSite=1&site_name=http://10.0.0.72" + method: GET + headers: + Cookie: "{{ matomo_session_cookie }}" + return_content: true + status_code: 200 + register: matomo_tracking_code +- name: Finish Matomo Setup + uri: + url: "{{ matomo_url }}index.php?action=finished&module=Installation" + method: POST + headers: + Cookie: "{{ matomo_session_cookie }}" + body: + do_not_track: 1 + anonymise_ip: 1 + submit: "Continue to Matomo" + body_format: form-urlencoded + status_code: 302 +- name: Start Collecting Matomo Data + cron: + name: "MatomoDataIngestionOnReboot" + special_time: reboot + job: "{{ matomo_cronjob }}" + user: root + cron_file: "matomo_reboot" +- name: Run Daily Job Collecting Matomo Data + cron: + name: "DailyMatomoDataIngestion" + minute: "0" + hour: "0" + job: "{{ matomo_cronjob }}" + user: root + cron_file: "matomo_daily" diff --git a/roles/matomo/tasks/main.yml b/roles/matomo/tasks/main.yml new file mode 100644 index 000000000..a11d20b5f --- /dev/null +++ b/roles/matomo/tasks/main.yml @@ -0,0 +1,9 @@ +- name: Install Matomo main + include_tasks: install.yml + vars: + mdb_dbname: "matomodb" + mdb_username: "mariadb_admin" + mdb_password: "pw_set_by_ansible" + host_url: "http://{{ ansible_default_ipv4.address}}" + matomo_url: "{{ host_url }}/matomo/" + matomo_cronjob: "sudo python3 /library/www/html/matomo/misc/log-analytics/import_logs.py --url={{ matomo_url }} --idsite=1 --recorders=4 --enable-http-errors --enable-http-redirects --enable-static --enable-bots /var/log/nginx/access.log" From 37e750417d0a4d873a8924cfa707564382a78c28 Mon Sep 17 00:00:00 2001 From: Carl Wivagg Date: Sun, 1 May 2022 06:09:49 -0400 Subject: [PATCH 02/28] Add citation for website interaction section. --- roles/matomo/tasks/install.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/roles/matomo/tasks/install.yml b/roles/matomo/tasks/install.yml index 53b2838f1..06fdaa9ed 100644 --- a/roles/matomo/tasks/install.yml +++ b/roles/matomo/tasks/install.yml @@ -1,3 +1,7 @@ +# The sections of code interacting with the Matomo website are modified from code found at https://git.coop/webarch/matomo/. This code is distributed under +# Version 3 of the GNU General Public License. We modified this code and applied it here in April 2022. The derived sections correspond to the tasks running +# from "HTTP Get Welcome" through "Finish Matomo Setup", lines 29 through 126. + - name: Start MariaDB action: service name=mysql state=started - name: Create MariaDB Database for Matomo From 1f2bd60002d74070d68d19ea1411bb7571a0ae50 Mon Sep 17 00:00:00 2001 From: Carl Wivagg Date: Sun, 1 May 2022 06:10:39 -0400 Subject: [PATCH 03/28] Update password to IIAB default. --- roles/matomo/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/matomo/tasks/main.yml b/roles/matomo/tasks/main.yml index a11d20b5f..77442e50e 100644 --- a/roles/matomo/tasks/main.yml +++ b/roles/matomo/tasks/main.yml @@ -2,8 +2,8 @@ include_tasks: install.yml vars: mdb_dbname: "matomodb" - mdb_username: "mariadb_admin" - mdb_password: "pw_set_by_ansible" + mdb_username: "iiab-admin" + mdb_password: "g0adm1n" host_url: "http://{{ ansible_default_ipv4.address}}" matomo_url: "{{ host_url }}/matomo/" matomo_cronjob: "sudo python3 /library/www/html/matomo/misc/log-analytics/import_logs.py --url={{ matomo_url }} --idsite=1 --recorders=4 --enable-http-errors --enable-http-redirects --enable-static --enable-bots /var/log/nginx/access.log" From 30620a803409e76a14f5a72b7f909fbc97cb58da Mon Sep 17 00:00:00 2001 From: Carl Wivagg Date: Mon, 2 May 2022 06:24:50 -0400 Subject: [PATCH 04/28] changes to Matomo role to record state --- roles/matomo/tasks/install.yml | 8 ++++++++ roles/matomo/tasks/main.yml | 1 + 2 files changed, 9 insertions(+) diff --git a/roles/matomo/tasks/install.yml b/roles/matomo/tasks/install.yml index 06fdaa9ed..fdf8fa823 100644 --- a/roles/matomo/tasks/install.yml +++ b/roles/matomo/tasks/install.yml @@ -139,3 +139,11 @@ job: "{{ matomo_cronjob }}" user: root cron_file: "matomo_daily" +- name: Set Matomo state variable + set_fact: + matomo_installed: True +- name: Set Matomo state variable in IIAB state file + lineinfile: + path: "{{ iiab_state_file }}" + regexp: '^matomo_installed' + line: 'matomo_installed: True' diff --git a/roles/matomo/tasks/main.yml b/roles/matomo/tasks/main.yml index 77442e50e..36272833a 100644 --- a/roles/matomo/tasks/main.yml +++ b/roles/matomo/tasks/main.yml @@ -1,5 +1,6 @@ - name: Install Matomo main include_tasks: install.yml + when: matomo_installed is undefined vars: mdb_dbname: "matomodb" mdb_username: "iiab-admin" From 04fbec1f4b2da564b503d048c1617271676ba678 Mon Sep 17 00:00:00 2001 From: Carl Wivagg Date: Mon, 2 May 2022 06:26:55 -0400 Subject: [PATCH 05/28] changes for matomo in mgmt tools --- roles/8-mgmt-tools/tasks/main.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/roles/8-mgmt-tools/tasks/main.yml b/roles/8-mgmt-tools/tasks/main.yml index e75f97e23..d9ea58dc1 100644 --- a/roles/8-mgmt-tools/tasks/main.yml +++ b/roles/8-mgmt-tools/tasks/main.yml @@ -13,6 +13,11 @@ name: awstats when: awstats_install +- name: MATOMO + include_role: + name: matomo + when: matomo_install + - name: MONIT include_role: name: monit From ba33825d6ad7d7a114e171b26b220eeaecf49e7e Mon Sep 17 00:00:00 2001 From: Carl Wivagg Date: Tue, 3 May 2022 06:03:03 -0400 Subject: [PATCH 06/28] changes for matomo in validate vars --- roles/0-init/tasks/validate_vars.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/0-init/tasks/validate_vars.yml b/roles/0-init/tasks/validate_vars.yml index f29525daf..2ccd77860 100644 --- a/roles/0-init/tasks/validate_vars.yml +++ b/roles/0-init/tasks/validate_vars.yml @@ -111,6 +111,7 @@ - osm_vector_maps - transmission - awstats + - matomo - monit - munin - phpmyadmin From 45e1fd2c0efeb67fb1f9bddf6255a54eeb500488 Mon Sep 17 00:00:00 2001 From: Carl Wivagg Date: Tue, 3 May 2022 06:33:15 -0400 Subject: [PATCH 07/28] correct matomo path and move to variable --- roles/matomo/tasks/install.yml | 4 ++-- roles/matomo/tasks/main.yml | 1 + 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/roles/matomo/tasks/install.yml b/roles/matomo/tasks/install.yml index fdf8fa823..1fa5ab147 100644 --- a/roles/matomo/tasks/install.yml +++ b/roles/matomo/tasks/install.yml @@ -23,10 +23,10 @@ src: https://builds.matomo.org/matomo.zip dest: /var/www/html remote_src: yes - creates: /var/www/html/matomo + creates: "{{ matomo_nginx_loc }}" - name: Set Matomo Directory Permissions file: - path: /var/www/html/matomo + path: "{{ matomo_nginx_loc }}" recurse: yes owner: www-data group: www-data diff --git a/roles/matomo/tasks/main.yml b/roles/matomo/tasks/main.yml index 36272833a..b926afc3f 100644 --- a/roles/matomo/tasks/main.yml +++ b/roles/matomo/tasks/main.yml @@ -2,6 +2,7 @@ include_tasks: install.yml when: matomo_installed is undefined vars: + matomo_nginx_loc: "/library/www/html/matomo" mdb_dbname: "matomodb" mdb_username: "iiab-admin" mdb_password: "g0adm1n" From bd989dbbe2e6e2a18bd6e0d44e7696ee3057af40 Mon Sep 17 00:00:00 2001 From: Carl Wivagg Date: Wed, 4 May 2022 06:25:16 -0400 Subject: [PATCH 08/28] Fix some bugs in paths/URLs --- roles/matomo/tasks/install.yml | 9 ++++----- roles/matomo/tasks/main.yml | 2 +- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/roles/matomo/tasks/install.yml b/roles/matomo/tasks/install.yml index 1fa5ab147..5d8240905 100644 --- a/roles/matomo/tasks/install.yml +++ b/roles/matomo/tasks/install.yml @@ -21,12 +21,11 @@ - name: Download and Extract Matomo unarchive: src: https://builds.matomo.org/matomo.zip - dest: /var/www/html + dest: "{{ nginx_loc }}" remote_src: yes - creates: "{{ matomo_nginx_loc }}" - name: Set Matomo Directory Permissions file: - path: "{{ matomo_nginx_loc }}" + path: "{{ nginx_loc }}/matomo" recurse: yes owner: www-data group: www-data @@ -97,7 +96,7 @@ Cookie: "{{ matomo_session_cookie }}" body: name: "IIAB" - url: "host_url" + url: "{{ host_url }}" timezone: "Europe/London" ecommerce: 0 body_format: form-urlencoded @@ -105,7 +104,7 @@ register: matomo_first_website_setup - name: Matomo Tracking Code uri: - url: "{{ matomo_url }}index.php?action=trackingCode&module=Installation&site_idSite=1&site_name=http://10.0.0.72" + url: "{{ matomo_url }}index.php?action=trackingCode&module=Installation&site_idSite=1&site_name={{ host_url }}" method: GET headers: Cookie: "{{ matomo_session_cookie }}" diff --git a/roles/matomo/tasks/main.yml b/roles/matomo/tasks/main.yml index b926afc3f..799b171cf 100644 --- a/roles/matomo/tasks/main.yml +++ b/roles/matomo/tasks/main.yml @@ -2,7 +2,7 @@ include_tasks: install.yml when: matomo_installed is undefined vars: - matomo_nginx_loc: "/library/www/html/matomo" + nginx_loc: "/library/www/html" mdb_dbname: "matomodb" mdb_username: "iiab-admin" mdb_password: "g0adm1n" From d456ec3b919a0cde303ae8350c66780b982d603e Mon Sep 17 00:00:00 2001 From: Carl Wivagg Date: Wed, 4 May 2022 06:29:21 -0400 Subject: [PATCH 09/28] revert breaking change in 0-init role --- roles/0-init/tasks/validate_vars.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/roles/0-init/tasks/validate_vars.yml b/roles/0-init/tasks/validate_vars.yml index 2ccd77860..f29525daf 100644 --- a/roles/0-init/tasks/validate_vars.yml +++ b/roles/0-init/tasks/validate_vars.yml @@ -111,7 +111,6 @@ - osm_vector_maps - transmission - awstats - - matomo - monit - munin - phpmyadmin From 3e9541ab7e937d6ec3917ec9dd3face0aca2944b Mon Sep 17 00:00:00 2001 From: Carl Wivagg Date: Sat, 14 May 2022 14:19:14 -0400 Subject: [PATCH 10/28] Add missing field in Matomo cURL command --- roles/matomo/tasks/install.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/matomo/tasks/install.yml b/roles/matomo/tasks/install.yml index 5d8240905..0a5684f4b 100644 --- a/roles/matomo/tasks/install.yml +++ b/roles/matomo/tasks/install.yml @@ -62,6 +62,7 @@ username: "{{ mdb_username }}" password: "{{ mdb_password }}" dbname: "{{ mdb_dbname }}" + tables_prefix: "matomo_" adapter: "PDO\\MYSQL" body_format: form-urlencoded status_code: 302 From fb326651a001b592dc04f6a035200a16922c128d Mon Sep 17 00:00:00 2001 From: Carl Wivagg Date: Wed, 25 May 2022 06:51:24 -0400 Subject: [PATCH 11/28] Add section for cookie resetting --- roles/matomo/tasks/install.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/roles/matomo/tasks/install.yml b/roles/matomo/tasks/install.yml index 0a5684f4b..5c2303519 100644 --- a/roles/matomo/tasks/install.yml +++ b/roles/matomo/tasks/install.yml @@ -89,6 +89,16 @@ body_format: form-urlencoded status_code: 302 register: matomo_setup_superuser +- name: Set a variable for the MATOMO_SESSID cookie + set_fact: + matomo_session_cookie: "MATOMO_SESSID={{ cookie.value }}" + when: + - matomo_table_creation.cookies is defined + - matomo_table_creation.cookies | length > 0 + - cookie.key == "MATOMO_SESSID" + loop: "{{ matomo_table_creation.cookies | dict2items }}" + loop_control: + loop_var: cookie - name: Configure Matomo to track IIAB uri: url: "{{ matomo_url }}index.php?action=firstWebsiteSetup&module=Installation" From 4edc6c22bd7175e3c60a226b4f38e1a97b98bd2c Mon Sep 17 00:00:00 2001 From: Carl Wivagg Date: Tue, 31 May 2022 06:51:57 -0400 Subject: [PATCH 12/28] Fix bug in cookie placement --- roles/matomo/tasks/install.yml | 32 ++++++++++++++++++++++---------- 1 file changed, 22 insertions(+), 10 deletions(-) diff --git a/roles/matomo/tasks/install.yml b/roles/matomo/tasks/install.yml index 5c2303519..ac3aa0e9c 100644 --- a/roles/matomo/tasks/install.yml +++ b/roles/matomo/tasks/install.yml @@ -35,6 +35,10 @@ method: GET status_code: 200 register: matomo_welcome +- name: debug welcome + debug: + var: matomo_welcome + verbosity: 2 - name: Set a variable for the MATOMO_SESSID cookie set_fact: matomo_session_cookie: "MATOMO_SESSID={{ cookie.value }}" @@ -52,6 +56,10 @@ timeout: 120 status_code: 200 register: matomo_system_check +- name: debug syscheck + debug: + var: matomo_system_check + verbosity: 2 - name: Matomo Database Setup uri: url: "{{ matomo_url }}index.php?action=databaseSetup" @@ -73,6 +81,20 @@ method: GET status_code: 200 register: matomo_table_creation +- name: Set a variable for the MATOMO_SESSID cookie + set_fact: + matomo_session_cookie: "MATOMO_SESSID={{ cookie.value }}" + when: + - matomo_table_creation.cookies is defined + - matomo_table_creation.cookies | length > 0 + - cookie.key == "MATOMO_SESSID" + loop: "{{ matomo_table_creation.cookies | dict2items }}" + loop_control: + loop_var: cookie +- name: debug tablecreation + debug: + var: matomo_table_creation + verbosity: 2 - name: Matomo User Setup uri: url: "{{ matomo_url }}index.php?action=setupSuperUser&module=Installation" @@ -89,16 +111,6 @@ body_format: form-urlencoded status_code: 302 register: matomo_setup_superuser -- name: Set a variable for the MATOMO_SESSID cookie - set_fact: - matomo_session_cookie: "MATOMO_SESSID={{ cookie.value }}" - when: - - matomo_table_creation.cookies is defined - - matomo_table_creation.cookies | length > 0 - - cookie.key == "MATOMO_SESSID" - loop: "{{ matomo_table_creation.cookies | dict2items }}" - loop_control: - loop_var: cookie - name: Configure Matomo to track IIAB uri: url: "{{ matomo_url }}index.php?action=firstWebsiteSetup&module=Installation" From 0381225f531db6db3024fdef9ba2f7d760205868 Mon Sep 17 00:00:00 2001 From: Carl Wivagg Date: Sun, 12 Jun 2022 06:27:27 -0400 Subject: [PATCH 13/28] Fix remaining bugs --- roles/matomo/tasks/install.yml | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/roles/matomo/tasks/install.yml b/roles/matomo/tasks/install.yml index ac3aa0e9c..4cad7236d 100644 --- a/roles/matomo/tasks/install.yml +++ b/roles/matomo/tasks/install.yml @@ -105,7 +105,7 @@ login: "{{ mdb_username }}" password: "{{ mdb_password }}" password_bis: "{{ mdb_password }}" - e-mail: "nobody@dev.null" + email: "nobody@dev.null" subscribe_newsletter_piwikorg: 0 subscribe_newsletter_professionalservices: 0 body_format: form-urlencoded @@ -118,7 +118,7 @@ headers: Cookie: "{{ matomo_session_cookie }}" body: - name: "IIAB" + siteName: "IIAB" url: "{{ host_url }}" timezone: "Europe/London" ecommerce: 0 @@ -161,11 +161,3 @@ job: "{{ matomo_cronjob }}" user: root cron_file: "matomo_daily" -- name: Set Matomo state variable - set_fact: - matomo_installed: True -- name: Set Matomo state variable in IIAB state file - lineinfile: - path: "{{ iiab_state_file }}" - regexp: '^matomo_installed' - line: 'matomo_installed: True' From 4e04780ec568e82483abde3377442f746b8c6fba Mon Sep 17 00:00:00 2001 From: root Date: Wed, 15 Jun 2022 02:40:28 -0400 Subject: [PATCH 14/28] Matomo-IIAB integration begins --- roles/0-init/tasks/validate_vars.yml | 3 +- roles/8-mgmt-tools/tasks/main.yml | 4 +- roles/matomo/README.adoc | 48 ++++++++++ roles/matomo/defaults/main.yml | 18 ++++ roles/matomo/tasks/install.yml | 128 +++++++++++++++++---------- roles/matomo/tasks/main.yml | 52 +++++++++-- vars/default_vars.yml | 4 + vars/local_vars_large.yml | 4 + vars/local_vars_medium.yml | 4 + vars/local_vars_small.yml | 4 + vars/local_vars_unittest.yml | 4 + 11 files changed, 214 insertions(+), 59 deletions(-) create mode 100644 roles/matomo/README.adoc create mode 100644 roles/matomo/defaults/main.yml diff --git a/roles/0-init/tasks/validate_vars.yml b/roles/0-init/tasks/validate_vars.yml index f29525daf..764d39f31 100644 --- a/roles/0-init/tasks/validate_vars.yml +++ b/roles/0-init/tasks/validate_vars.yml @@ -63,7 +63,7 @@ # # 2020-11-04: Fix validation of 5 [now 4] core dependencies, for ./runrole etc -- name: Set vars_checklist for 44 + 44 + 40 vars ("XYZ_install" + "XYZ_enabled" + "XYZ_installed") to be checked +- name: Set vars_checklist for 45 + 45 + 41 vars ("XYZ_install" + "XYZ_enabled" + "XYZ_installed") to be checked set_fact: vars_checklist: - hostapd @@ -95,6 +95,7 @@ - gitea - jupyterhub - lokole + - matomo - mediawiki - mosquitto - nodejs # Dependency - excluded from _installed check below diff --git a/roles/8-mgmt-tools/tasks/main.yml b/roles/8-mgmt-tools/tasks/main.yml index d9ea58dc1..61ac785ad 100644 --- a/roles/8-mgmt-tools/tasks/main.yml +++ b/roles/8-mgmt-tools/tasks/main.yml @@ -12,12 +12,12 @@ include_role: name: awstats when: awstats_install - + - name: MATOMO include_role: name: matomo when: matomo_install - + - name: MONIT include_role: name: monit diff --git a/roles/matomo/README.adoc b/roles/matomo/README.adoc new file mode 100644 index 000000000..fa4f2e980 --- /dev/null +++ b/roles/matomo/README.adoc @@ -0,0 +1,48 @@ += Matomo README + +https://matomo.org/[Matomo] is a web analytics alternative to Google Analytics, emphasizing privacy and data ownership, that you can use with https://internet-in-a-box.org[Internet-in-a-Box] (IIAB). + +== Install it + +Prior to installing Matomo with IIAB, the default URL (http://box.lan/matomo) can be customized in https://wiki.iiab.io/go/FAQ#What_is_local_vars.yml_and_how_do_I_customize_it.3F[/etc/iiab/local_vars.yml] + +One way to do that is by changing these 2 lines: + +---- +iiab_hostname: box +iiab_domain: lan +---- + +Or, you can change the Matomo URL by putting your IIAB IP Address in a line like: + +---- +matomo_host_url: http://192.168.0.199 +---- + +Either way, consider setting a Matomo username and password using lines like: + +---- +matomo_db_user: Admin +matomo_db_pass: changeme +---- + +Also ensure that your `/etc/iiab/local_vars.yml` contains these lines: + +---- +matomo_install: True +matomo_enabled: True +---- + +_Finally, continue to https://download.iiab.io[install IIAB], e.g. by running `sudo iiab`, until software installation is complete._ + +== Use it + +Log in to your IIAB's full Matomo URL, e.g. http://box.lan/matomo, as arranged above. + +Take a look at Matomo's official guides to further set this up: https://matomo.org/guides/ + +WARNING: Matomo won't show any traffic statistics until after 1 day or reboot (which are the events that trigger the log scraper!) + +== Credits + +Carl Wivagg diff --git a/roles/matomo/defaults/main.yml b/roles/matomo/defaults/main.yml new file mode 100644 index 000000000..1ec6c8500 --- /dev/null +++ b/roles/matomo/defaults/main.yml @@ -0,0 +1,18 @@ +# matomo_install: True +# matomo_enabled: True + +# All above are set in: github.com/iiab/iiab/blob/master/vars/default_vars.yml +# If nec, change them by editing /etc/iiab/local_vars.yml prior to installing! + +matomo_dl_url: https://builds.matomo.org/matomo.tar.gz +matomo_path: "{{ doc_root }}" # e.g. /library/www/html + +matomo_db_name: matomodb +matomo_db_user: Admin +matomo_db_pass: changeme + +#matomo_host_url: http://{{ ansible_default_ipv4.address }} +matomo_host_url: http://{{ iiab_hostname }}.{{ iiab_domain }} # e.g. http://box.lan +matomo_full_url: "{{ matomo_host_url }}/matomo/" + +matomo_cronjob: "sudo python3 {{ matomo_path }}/matomo/misc/log-analytics/import_logs.py --url={{ matomo_full_url }} --idsite=1 --recorders=4 --enable-http-errors --enable-http-redirects --enable-static --enable-bots /var/log/nginx/access.log" diff --git a/roles/matomo/tasks/install.yml b/roles/matomo/tasks/install.yml index 4cad7236d..a36e1d3ec 100644 --- a/roles/matomo/tasks/install.yml +++ b/roles/matomo/tasks/install.yml @@ -1,44 +1,57 @@ # The sections of code interacting with the Matomo website are modified from code found at https://git.coop/webarch/matomo/. This code is distributed under # Version 3 of the GNU General Public License. We modified this code and applied it here in April 2022. The derived sections correspond to the tasks running -# from "HTTP Get Welcome" through "Finish Matomo Setup", lines 29 through 126. +# from "HTTP Get Welcome" through "Finish Matomo Setup", lines 45 through 156. + +- name: "WARNING: './runrole --reinstall matomo' CAN FAIL AS OF 2022-06-15, e.g. if /library/www/html/matomo already exists" + meta: noop + +# EXAMPLE OF ABOVE ERROR: + +# TASK [matomo : HTTP Get Welcome] *************************************************************************************************************************************** +# fatal: [127.0.0.1]: FAILED! => {"cache_control": "private, no-cache, no-store", "changed": false, "connection": "close", "content_type": "text/html; charset=utf-8", "date": "Wed, 15 Jun 2022 05:07:41 GMT", "elapsed": 0, "expires": "Thu, 19 Nov 1981 08:52:00 GMT", "msg": "Status code was 500 and not [200]: HTTP Error 500: Internal Server Error", "pragma": "no-cache", "redirected": false, "server": "nginx/1.18.0 (Ubuntu)", "set_cookie": "MATOMO_SESSID=psak3aem27vrdrt8t2f016600f; path=/; HttpOnly; SameSite=Lax", "status": 500, "transfer_encoding": "chunked", "url": "http://box.lan/matomo/index.php?action=welcome", "x_matomo_request_id": "fbfd2"} - name: Start MariaDB - action: service name=mysql state=started + #action: service name=mysql state=started + systemd: + name: "{{ mysql_service }}" + state: started + - name: Create MariaDB Database for Matomo community.mysql.mysql_db: - name: "{{ mdb_dbname }}" - state: present - login_unix_socket: /var/run/mysqld/mysqld.sock + name: "{{ matomo_db_name }}" + #login_unix_socket: /var/run/mysqld/mysqld.sock + - name: Add Admin User to MariaDB Database community.mysql.mysql_user: - name: "{{ mdb_username }}" - password: "{{ mdb_password }}" - host: localhost - state: present - update_password: on_create - priv: "{{ mdb_dbname }}.*:ALL" - login_unix_socket: /var/run/mysqld/mysqld.sock -- name: Download and Extract Matomo + name: "{{ matomo_db_user }}" + password: "{{ matomo_db_pass }}" + update_password: on_create # OR SHOULD './runrole --reinstall matomo' FORCE A COMPLETELY CLEAN INSTALL? + priv: "{{ matomo_db_name }}.*:ALL" + #login_unix_socket: /var/run/mysqld/mysqld.sock + +- name: Download and Extract Matomo (~1 min) unarchive: - src: https://builds.matomo.org/matomo.zip - dest: "{{ nginx_loc }}" + src: "{{ matomo_dl_url }}" # e.g. https://builds.matomo.org/matomo.zip + dest: "{{ matomo_path }}" # e.g. /library/www/html remote_src: yes + - name: Set Matomo Directory Permissions file: - path: "{{ nginx_loc }}/matomo" + path: "{{ matomo_path }}/matomo" recurse: yes - owner: www-data - group: www-data + owner: "{{ apache_user }}" # e.g. www-data + group: "{{ apache_user }}" + - name: HTTP Get Welcome uri: - url: "{{ matomo_url }}index.php?action=welcome" + url: "{{ matomo_full_url }}index.php?action=welcome" # e.g. http://box.lan/matomo method: GET status_code: 200 register: matomo_welcome -- name: debug welcome - debug: + +- debug: var: matomo_welcome - verbosity: 2 + - name: Set a variable for the MATOMO_SESSID cookie set_fact: matomo_session_cookie: "MATOMO_SESSID={{ cookie.value }}" @@ -46,9 +59,10 @@ loop: "{{ matomo_welcome.cookies | dict2items }}" loop_control: loop_var: cookie + - name: Get Matomo System Check uri: - url: "{{matomo_url}}index.php?action=systemCheck" + url: "{{ matomo_full_url }}index.php?action=systemCheck" method: GET headers: Cookie: "{{ matomo_session_cookie }}" @@ -56,31 +70,33 @@ timeout: 120 status_code: 200 register: matomo_system_check -- name: debug syscheck - debug: + +- debug: var: matomo_system_check - verbosity: 2 + - name: Matomo Database Setup uri: - url: "{{ matomo_url }}index.php?action=databaseSetup" + url: "{{ matomo_full_url }}index.php?action=databaseSetup" method: POST headers: Cookie: "{{ matomo_session_cookie }}" body: - username: "{{ mdb_username }}" - password: "{{ mdb_password }}" - dbname: "{{ mdb_dbname }}" + username: "{{ matomo_db_user }}" + password: "{{ matomo_db_pass }}" + dbname: "{{ matomo_db_name }}" tables_prefix: "matomo_" adapter: "PDO\\MYSQL" body_format: form-urlencoded status_code: 302 - register: matomo_database_setup + #register: matomo_database_setup + - name: Matomo Table Creation uri: - url: "{{ matomo_url }}index.php?action=tablesCreation&module=Installation" + url: "{{ matomo_full_url }}index.php?action=tablesCreation&module=Installation" method: GET status_code: 200 register: matomo_table_creation + - name: Set a variable for the MATOMO_SESSID cookie set_fact: matomo_session_cookie: "MATOMO_SESSID={{ cookie.value }}" @@ -91,52 +107,55 @@ loop: "{{ matomo_table_creation.cookies | dict2items }}" loop_control: loop_var: cookie -- name: debug tablecreation - debug: + +- debug: var: matomo_table_creation - verbosity: 2 + - name: Matomo User Setup uri: - url: "{{ matomo_url }}index.php?action=setupSuperUser&module=Installation" + url: "{{ matomo_full_url }}index.php?action=setupSuperUser&module=Installation" method: POST headers: Cookie: "{{ matomo_session_cookie }}" body: - login: "{{ mdb_username }}" - password: "{{ mdb_password }}" - password_bis: "{{ mdb_password }}" + login: "{{ matomo_db_user }}" + password: "{{ matomo_db_pass }}" + password_bis: "{{ matomo_db_pass }}" email: "nobody@dev.null" subscribe_newsletter_piwikorg: 0 subscribe_newsletter_professionalservices: 0 body_format: form-urlencoded status_code: 302 - register: matomo_setup_superuser + #register: matomo_setup_superuser + - name: Configure Matomo to track IIAB uri: - url: "{{ matomo_url }}index.php?action=firstWebsiteSetup&module=Installation" + url: "{{ matomo_full_url }}index.php?action=firstWebsiteSetup&module=Installation" method: POST headers: Cookie: "{{ matomo_session_cookie }}" body: siteName: "IIAB" - url: "{{ host_url }}" - timezone: "Europe/London" + url: "{{ matomo_host_url }}" + timezone: "Europe/London" # CONSIDER IIAB'S OWN TIMEZONE? (Or if that's too hard, UTC to avoid UK's March + October time changes?) ecommerce: 0 body_format: form-urlencoded status_code: 302 - register: matomo_first_website_setup + #register: matomo_first_website_setup + - name: Matomo Tracking Code uri: - url: "{{ matomo_url }}index.php?action=trackingCode&module=Installation&site_idSite=1&site_name={{ host_url }}" + url: "{{ matomo_full_url }}index.php?action=trackingCode&module=Installation&site_idSite=1&site_name={{ matomo_host_url }}" method: GET headers: Cookie: "{{ matomo_session_cookie }}" return_content: true status_code: 200 - register: matomo_tracking_code + #register: matomo_tracking_code + - name: Finish Matomo Setup uri: - url: "{{ matomo_url }}index.php?action=finished&module=Installation" + url: "{{ matomo_full_url }}index.php?action=finished&module=Installation" method: POST headers: Cookie: "{{ matomo_session_cookie }}" @@ -146,6 +165,7 @@ submit: "Continue to Matomo" body_format: form-urlencoded status_code: 302 + - name: Start Collecting Matomo Data cron: name: "MatomoDataIngestionOnReboot" @@ -153,6 +173,7 @@ job: "{{ matomo_cronjob }}" user: root cron_file: "matomo_reboot" + - name: Run Daily Job Collecting Matomo Data cron: name: "DailyMatomoDataIngestion" @@ -161,3 +182,16 @@ job: "{{ matomo_cronjob }}" user: root cron_file: "matomo_daily" + + +# RECORD Matomo AS INSTALLED + +- name: "Set 'matomo_installed: True'" + set_fact: + matomo_installed: True + +- name: "Add 'matomo_installed: True' to {{ iiab_state_file }}" + lineinfile: + path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + regexp: '^matomo_installed' + line: 'matomo_installed: True' diff --git a/roles/matomo/tasks/main.yml b/roles/matomo/tasks/main.yml index 799b171cf..1c08e3fac 100644 --- a/roles/matomo/tasks/main.yml +++ b/roles/matomo/tasks/main.yml @@ -1,11 +1,45 @@ -- name: Install Matomo main +# "How do i fail a task in Ansible if the variable contains a boolean value? +# I want to perform input validation for Ansible playbooks" +# https://stackoverflow.com/questions/46664127/how-do-i-fail-a-task-in-ansible-if-the-variable-contains-a-boolean-value-i-want/46667499#46667499 + +# We assume 0-init/tasks/validate_vars.yml has DEFINITELY been run, so no need +# to re-check whether vars are defined here. As Ansible vars cannot be unset: +# https://serverfault.com/questions/856729/how-to-destroy-delete-unset-a-variable-value-in-ansible + +- name: Assert that "matomo_install is sameas true" (boolean not string etc) + assert: + that: matomo_install is sameas true + fail_msg: "PLEASE SET 'matomo_install: True' e.g. IN: /etc/iiab/local_vars.yml" + quiet: yes + +- name: Assert that "matomo_enabled | type_debug == 'bool'" (boolean not string etc) + assert: + that: matomo_enabled | type_debug == 'bool' + fail_msg: "PLEASE GIVE VARIABLE 'matomo_enabled' A PROPER (UNQUOTED) ANSIBLE BOOLEAN VALUE e.g. IN: /etc/iiab/local_vars.yml" + quiet: yes + + +- name: Install Matomo if 'matomo_installed' not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml include_tasks: install.yml when: matomo_installed is undefined - vars: - nginx_loc: "/library/www/html" - mdb_dbname: "matomodb" - mdb_username: "iiab-admin" - mdb_password: "g0adm1n" - host_url: "http://{{ ansible_default_ipv4.address}}" - matomo_url: "{{ host_url }}/matomo/" - matomo_cronjob: "sudo python3 /library/www/html/matomo/misc/log-analytics/import_logs.py --url={{ matomo_url }} --idsite=1 --recorders=4 --enable-http-errors --enable-http-redirects --enable-static --enable-bots /var/log/nginx/access.log" + + +# LET'S ADD THIS "ON/OFF SWITCH" IF POSS! +# - include_tasks: enable-or-disable.yml + + +- name: Add 'matomo' variable values to {{ iiab_ini_file }} + ini_file: + path: "{{ iiab_ini_file }}" # /etc/iiab/iiab.ini + section: matomo + option: "{{ item.option }}" + value: "{{ item.value | string }}" + with_items: + - option: name + value: Matomo + - option: description + value: '"Matomo is a web analytics alternative to Google Analytics, that focuses on data ownership and privacy."' + - option: matomo_install + value: "{{ matomo_install }}" + - option: matomo_enabled + value: "{{ matomo_enabled }}" diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 17b614453..77f5b5d6c 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -567,6 +567,10 @@ transmission_kalite_languages: awstats_install: True awstats_enabled: True +# Matomo is a web analytics alternative to Google Analytics, emphasizing privacy and data ownership. +matomo_install: True +matomo_enabled: True + # Process supervision tool - from https://mmonit.com/monit/ # 2020-09-22 WARNING: both vars are IGNORED on Debian 10 due to: iiab/iiab#1849 monit_install: False diff --git a/vars/local_vars_large.yml b/vars/local_vars_large.yml index c5cda1688..dca172e6f 100644 --- a/vars/local_vars_large.yml +++ b/vars/local_vars_large.yml @@ -343,6 +343,10 @@ transmission_kalite_languages: awstats_install: True awstats_enabled: True +# Matomo is a web analytics alternative to Google Analytics, emphasizing privacy and data ownership. +matomo_install: True +matomo_enabled: True + # Process supervision tool - from https://mmonit.com/monit/ # 2020-09-22 WARNING: both vars are IGNORED on Debian 10 due to: iiab/iiab#1849 monit_install: False diff --git a/vars/local_vars_medium.yml b/vars/local_vars_medium.yml index 0958e1470..f7a3a8642 100644 --- a/vars/local_vars_medium.yml +++ b/vars/local_vars_medium.yml @@ -343,6 +343,10 @@ transmission_kalite_languages: awstats_install: True awstats_enabled: True +# Matomo is a web analytics alternative to Google Analytics, emphasizing privacy and data ownership. +matomo_install: True +matomo_enabled: True + # Process supervision tool - from https://mmonit.com/monit/ # 2020-09-22 WARNING: both vars are IGNORED on Debian 10 due to: iiab/iiab#1849 monit_install: False diff --git a/vars/local_vars_small.yml b/vars/local_vars_small.yml index dc2e25bcb..423c2bc53 100644 --- a/vars/local_vars_small.yml +++ b/vars/local_vars_small.yml @@ -343,6 +343,10 @@ transmission_kalite_languages: awstats_install: True awstats_enabled: True +# Matomo is a web analytics alternative to Google Analytics, emphasizing privacy and data ownership. +matomo_install: True +matomo_enabled: True + # Process supervision tool - from https://mmonit.com/monit/ # 2020-09-22 WARNING: both vars are IGNORED on Debian 10 due to: iiab/iiab#1849 monit_install: False diff --git a/vars/local_vars_unittest.yml b/vars/local_vars_unittest.yml index 14e90b185..24ae7074d 100644 --- a/vars/local_vars_unittest.yml +++ b/vars/local_vars_unittest.yml @@ -343,6 +343,10 @@ transmission_kalite_languages: awstats_install: False awstats_enabled: False +# Matomo is a web analytics alternative to Google Analytics, emphasizing privacy and data ownership. +matomo_install: False +matomo_enabled: False + # Process supervision tool - from https://mmonit.com/monit/ # 2020-09-22 WARNING: both vars are IGNORED on Debian 10 due to: iiab/iiab#1849 monit_install: False From 698e261220d99e6124f70c70abca8f011a0d488a Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 15 Jun 2022 03:19:36 -0400 Subject: [PATCH 15/28] validate_vars.yml: Preserve install order (awstats, matomo) --- roles/0-init/tasks/validate_vars.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/0-init/tasks/validate_vars.yml b/roles/0-init/tasks/validate_vars.yml index 764d39f31..2a972370d 100644 --- a/roles/0-init/tasks/validate_vars.yml +++ b/roles/0-init/tasks/validate_vars.yml @@ -95,7 +95,6 @@ - gitea - jupyterhub - lokole - - matomo - mediawiki - mosquitto - nodejs # Dependency - excluded from _installed check below @@ -112,6 +111,7 @@ - osm_vector_maps - transmission - awstats + - matomo - monit - munin - phpmyadmin From 4074a75c0fcf3ed964676bb069ffade7f10f7ccb Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 15 Jun 2022 04:01:58 -0400 Subject: [PATCH 16/28] install.yml: Mention matomo.tar.gz (download) --- roles/matomo/tasks/install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matomo/tasks/install.yml b/roles/matomo/tasks/install.yml index a36e1d3ec..becdbd5d7 100644 --- a/roles/matomo/tasks/install.yml +++ b/roles/matomo/tasks/install.yml @@ -31,7 +31,7 @@ - name: Download and Extract Matomo (~1 min) unarchive: - src: "{{ matomo_dl_url }}" # e.g. https://builds.matomo.org/matomo.zip + src: "{{ matomo_dl_url }}" # e.g. https://builds.matomo.org/matomo.tar.gz dest: "{{ matomo_path }}" # e.g. /library/www/html remote_src: yes From d4154e09a5721e31b0a241e442e452f44f031327 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 15 Jun 2022 09:07:14 -0400 Subject: [PATCH 17/28] matomo/tasks/main.yml: Update description for iiab.ini --- roles/matomo/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matomo/tasks/main.yml b/roles/matomo/tasks/main.yml index 1c08e3fac..fa30b573f 100644 --- a/roles/matomo/tasks/main.yml +++ b/roles/matomo/tasks/main.yml @@ -38,7 +38,7 @@ - option: name value: Matomo - option: description - value: '"Matomo is a web analytics alternative to Google Analytics, that focuses on data ownership and privacy."' + value: '"Matomo is a web analytics alternative to Google Analytics, emphasizing privacy and data ownership."' - option: matomo_install value: "{{ matomo_install }}" - option: matomo_enabled From bacef12a1f52776493be295d1a00b7cc52f71ba5 Mon Sep 17 00:00:00 2001 From: root Date: Sat, 18 Jun 2022 13:23:42 +0000 Subject: [PATCH 18/28] update Matomo timezone to autodetect --- roles/matomo/tasks/install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matomo/tasks/install.yml b/roles/matomo/tasks/install.yml index becdbd5d7..ede730dbc 100644 --- a/roles/matomo/tasks/install.yml +++ b/roles/matomo/tasks/install.yml @@ -137,7 +137,7 @@ body: siteName: "IIAB" url: "{{ matomo_host_url }}" - timezone: "Europe/London" # CONSIDER IIAB'S OWN TIMEZONE? (Or if that's too hard, UTC to avoid UK's March + October time changes?) + timezone: "{{ ansible_date_time.tz }}" ecommerce: 0 body_format: form-urlencoded status_code: 302 From c431400a7fff40080d6d351bc56686e81964d062 Mon Sep 17 00:00:00 2001 From: Carl Wivagg Date: Sat, 18 Jun 2022 13:43:43 -0400 Subject: [PATCH 19/28] first try at moving matomo to doc base --- roles/matomo/defaults/main.yml | 2 +- roles/matomo/tasks/install.yml | 4 ++-- roles/matomo/tasks/main.yml | 4 ++++ roles/matomo/tasks/nginx.yml | 16 ++++++++++++++++ roles/matomo/templates/matomo-nginx.conf.j2 | 17 +++++++++++++++++ 5 files changed, 40 insertions(+), 3 deletions(-) create mode 100644 roles/matomo/tasks/nginx.yml create mode 100644 roles/matomo/templates/matomo-nginx.conf.j2 diff --git a/roles/matomo/defaults/main.yml b/roles/matomo/defaults/main.yml index 1ec6c8500..cf332c0e1 100644 --- a/roles/matomo/defaults/main.yml +++ b/roles/matomo/defaults/main.yml @@ -5,7 +5,7 @@ # If nec, change them by editing /etc/iiab/local_vars.yml prior to installing! matomo_dl_url: https://builds.matomo.org/matomo.tar.gz -matomo_path: "{{ doc_root }}" # e.g. /library/www/html +matomo_path: "{{ doc_base }}" # e.g. /library/www matomo_db_name: matomodb matomo_db_user: Admin diff --git a/roles/matomo/tasks/install.yml b/roles/matomo/tasks/install.yml index ede730dbc..3e41602e2 100644 --- a/roles/matomo/tasks/install.yml +++ b/roles/matomo/tasks/install.yml @@ -2,7 +2,7 @@ # Version 3 of the GNU General Public License. We modified this code and applied it here in April 2022. The derived sections correspond to the tasks running # from "HTTP Get Welcome" through "Finish Matomo Setup", lines 45 through 156. -- name: "WARNING: './runrole --reinstall matomo' CAN FAIL AS OF 2022-06-15, e.g. if /library/www/html/matomo already exists" +- name: "WARNING: './runrole --reinstall matomo' CAN FAIL AS OF 2022-06-15, e.g. if /library/www/matomo already exists" meta: noop # EXAMPLE OF ABOVE ERROR: @@ -32,7 +32,7 @@ - name: Download and Extract Matomo (~1 min) unarchive: src: "{{ matomo_dl_url }}" # e.g. https://builds.matomo.org/matomo.tar.gz - dest: "{{ matomo_path }}" # e.g. /library/www/html + dest: "{{ matomo_path }}" # e.g. /library/www remote_src: yes - name: Set Matomo Directory Permissions diff --git a/roles/matomo/tasks/main.yml b/roles/matomo/tasks/main.yml index fa30b573f..eb19c533a 100644 --- a/roles/matomo/tasks/main.yml +++ b/roles/matomo/tasks/main.yml @@ -24,6 +24,10 @@ when: matomo_installed is undefined +- name: Enable/Disable/Reload NGINX for OSM, if nginx_enabled + include_tasks: nginx.yml + + # LET'S ADD THIS "ON/OFF SWITCH" IF POSS! # - include_tasks: enable-or-disable.yml diff --git a/roles/matomo/tasks/nginx.yml b/roles/matomo/tasks/nginx.yml new file mode 100644 index 000000000..8d432ee8c --- /dev/null +++ b/roles/matomo/tasks/nginx.yml @@ -0,0 +1,16 @@ +- name: Enable http://box/maps & http://box/matomo via NGINX, by installing {{ nginx_conf_dir }}/matomo-nginx.conf from template + template: + src: matomo-nginx.conf.j2 + dest: "{{ nginx_conf_dir }}/matomo-nginx.conf" # /etc/nginx/conf.d + when: matomo_enabled + +- name: Disable http://box/maps & http://box/matomo via NGINX, by removing {{ nginx_conf_dir }}/matomo-nginx.conf + file: + path: "{{ nginx_conf_dir }}/matomo-nginx.conf" # /etc/nginx/conf.d + state: absent + when: not matomo_enabled + +- name: Reload 'nginx' systemd service + systemd: + name: nginx + state: reloaded diff --git a/roles/matomo/templates/matomo-nginx.conf.j2 b/roles/matomo/templates/matomo-nginx.conf.j2 new file mode 100644 index 000000000..21ae9ddfa --- /dev/null +++ b/roles/matomo/templates/matomo-nginx.conf.j2 @@ -0,0 +1,17 @@ +location ~ ^/matomo(.*)\.php(.*)$ { + alias /library/www/matomo$1.php$2; # /library/www/matomo + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header Host $host; + fastcgi_pass php; + fastcgi_index index.html; + include fastcgi_params; + fastcgi_split_path_info ^(.+\.php)(.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param SCRIPT_NAME $fastcgi_script_name; + fastcgi_param PATH_INFO $2; +} + +location ~ ^/matomo/ { + root /library/www; +} From a91b56169c9c318bef0f706ace7d39e4cc03cbcb Mon Sep 17 00:00:00 2001 From: Carl Wivagg Date: Sat, 18 Jun 2022 13:53:10 -0400 Subject: [PATCH 20/28] Add Matomo to nginx before install so web install works --- roles/matomo/tasks/main.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/matomo/tasks/main.yml b/roles/matomo/tasks/main.yml index eb19c533a..7453b4821 100644 --- a/roles/matomo/tasks/main.yml +++ b/roles/matomo/tasks/main.yml @@ -19,15 +19,15 @@ quiet: yes +- name: Enable/Disable/Reload NGINX for OSM, if nginx_enabled + include_tasks: nginx.yml + + - name: Install Matomo if 'matomo_installed' not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml include_tasks: install.yml when: matomo_installed is undefined -- name: Enable/Disable/Reload NGINX for OSM, if nginx_enabled - include_tasks: nginx.yml - - # LET'S ADD THIS "ON/OFF SWITCH" IF POSS! # - include_tasks: enable-or-disable.yml From ab5f4c5fe988435bd710371df6b1996d7bf239fc Mon Sep 17 00:00:00 2001 From: cwivagg Date: Tue, 12 Jul 2022 08:21:29 -0400 Subject: [PATCH 21/28] Update README.adoc --- roles/matomo/README.adoc | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/roles/matomo/README.adoc b/roles/matomo/README.adoc index fa4f2e980..bcb110c2f 100644 --- a/roles/matomo/README.adoc +++ b/roles/matomo/README.adoc @@ -43,6 +43,20 @@ Take a look at Matomo's official guides to further set this up: https://matomo.o WARNING: Matomo won't show any traffic statistics until after 1 day or reboot (which are the events that trigger the log scraper!) +=== Getting Started + +Matomo is developed with commercial websites in mind. After navigating to http://box.lan/matomo and logging in with the user name and password you set above, you will see a variety of references to revenue, marketplaces, and other terms focused on commercialization and advertising. Don't worry about that. + +The heart of Matomo's value for you is in the navigation bar on the left side of the page. Click on "Visitors" and then below "Visitors", "Overview", to see how many different users are visiting your site. The top of the page will show a graph of how many visits occur on each day (although your device can't keep track of time when it is off and has no connection to the Internet, so this graph might not be perfectly accurate). Below the graph, you'll see some overall statistics, like how many unique visitors you've had. Matomo thinks of visitors in terms of devices, so it won't know if two people are connecting to Internet in a Box using the same phone. There are several other interesting statistics here, like the average visit duration, or average time your visitors are spending using Internet in a Box. + +Below the "Visitors" button is a second button, "Behavior". Click on the "Pages" button after clicking "Behavior" and you can see the various pages that have been visited by your users. You may not see activity from the most recent day, since Matomo only updates its records once per day. + +=== IIAB Tips, Tricks, and Gotchas + +1. If your Internet In A Box setup is without power and Internet access, it will not be a ble to keep time correctly. This is okay! But it means that the time-of-visit information in Matomo will not be correct. + +2. One thing Matomo can't track correctly is navigation within Khan Academy pages. If your users are spending a lot of time here, it won't be visible in the Matomo statistics. + == Credits Carl Wivagg From 6c5a42ffeaefdaee1c44e3c5a85a6369f41ec466 Mon Sep 17 00:00:00 2001 From: cwivagg Date: Tue, 12 Jul 2022 09:13:45 -0400 Subject: [PATCH 22/28] Update roles/0-init/tasks/validate_vars.yml Co-authored-by: A Holt --- roles/0-init/tasks/validate_vars.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/0-init/tasks/validate_vars.yml b/roles/0-init/tasks/validate_vars.yml index 2a972370d..06d565c3d 100644 --- a/roles/0-init/tasks/validate_vars.yml +++ b/roles/0-init/tasks/validate_vars.yml @@ -63,7 +63,7 @@ # # 2020-11-04: Fix validation of 5 [now 4] core dependencies, for ./runrole etc -- name: Set vars_checklist for 45 + 45 + 41 vars ("XYZ_install" + "XYZ_enabled" + "XYZ_installed") to be checked +- name: Set vars_checklist for 46 + 46 + 42 vars ("XYZ_install" + "XYZ_enabled" + "XYZ_installed") to be checked set_fact: vars_checklist: - hostapd From 594386073a8caff42eeed2904fe4f982d94687c2 Mon Sep 17 00:00:00 2001 From: cwivagg Date: Tue, 12 Jul 2022 09:13:54 -0400 Subject: [PATCH 23/28] Update roles/matomo/README.adoc Co-authored-by: A Holt --- roles/matomo/README.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matomo/README.adoc b/roles/matomo/README.adoc index bcb110c2f..4d7ca6589 100644 --- a/roles/matomo/README.adoc +++ b/roles/matomo/README.adoc @@ -53,7 +53,7 @@ Below the "Visitors" button is a second button, "Behavior". Click on the "Pages" === IIAB Tips, Tricks, and Gotchas -1. If your Internet In A Box setup is without power and Internet access, it will not be a ble to keep time correctly. This is okay! But it means that the time-of-visit information in Matomo will not be correct. +1. If your Internet-in-a-Box setup is without power and Internet access, it will not be able to keep time correctly. This is okay! But it means that the time-of-visit information in Matomo will not be correct. 2. One thing Matomo can't track correctly is navigation within Khan Academy pages. If your users are spending a lot of time here, it won't be visible in the Matomo statistics. From 9c812e16e7f0e227ad2fae225d1f09b389794770 Mon Sep 17 00:00:00 2001 From: cwivagg Date: Tue, 12 Jul 2022 11:50:43 -0400 Subject: [PATCH 24/28] Update validate_vars.yml --- roles/0-init/tasks/validate_vars.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/0-init/tasks/validate_vars.yml b/roles/0-init/tasks/validate_vars.yml index 8520f31ba..e72677e44 100644 --- a/roles/0-init/tasks/validate_vars.yml +++ b/roles/0-init/tasks/validate_vars.yml @@ -64,7 +64,7 @@ # 2020-11-04: Fix validation of 5 [now 4] core dependencies, for ./runrole etc -- name: Set vars_checklist for 45 + 45 + 41 vars ("XYZ_install" + "XYZ_enabled" + "XYZ_installed") to be checked +- name: Set vars_checklist for 46 + 46 + 42 vars ("XYZ_install" + "XYZ_enabled" + "XYZ_installed") to be checked set_fact: vars_checklist: - hostapd From 4018d7fe04d8a94f590373ee666f1df816ff9a61 Mon Sep 17 00:00:00 2001 From: Avni Khatri Date: Wed, 20 Jul 2022 00:12:23 -0400 Subject: [PATCH 25/28] Correcting typo in comment on L67 Correcting per https://github.com/iiab/iiab/pull/3304#issuecomment-1189063200 to change: 44 + 44 + 0 to: 44 + 44 + 40 --- roles/0-init/tasks/validate_vars.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/0-init/tasks/validate_vars.yml b/roles/0-init/tasks/validate_vars.yml index bfa7a1a70..f5277d2d9 100644 --- a/roles/0-init/tasks/validate_vars.yml +++ b/roles/0-init/tasks/validate_vars.yml @@ -64,7 +64,7 @@ # 2020-11-04: Fix validation of 5 [now 4] core dependencies, for ./runrole etc -- name: Set vars_checklist for 44 + 44 + 0 vars ("XYZ_install" + "XYZ_enabled" + "XYZ_installed") to be checked +- name: Set vars_checklist for 44 + 44 + 40 vars ("XYZ_install" + "XYZ_enabled" + "XYZ_installed") to be checked set_fact: vars_checklist: - hostapd From c6ee32d0c08bf7d6595d7c9b707d3f47352bc043 Mon Sep 17 00:00:00 2001 From: Carl Wivagg Date: Thu, 28 Jul 2022 06:36:33 -0400 Subject: [PATCH 26/28] fix timezone issue --- roles/matomo/tasks/install.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/roles/matomo/tasks/install.yml b/roles/matomo/tasks/install.yml index 3e41602e2..68942ea3c 100644 --- a/roles/matomo/tasks/install.yml +++ b/roles/matomo/tasks/install.yml @@ -137,7 +137,6 @@ body: siteName: "IIAB" url: "{{ matomo_host_url }}" - timezone: "{{ ansible_date_time.tz }}" ecommerce: 0 body_format: form-urlencoded status_code: 302 From cd6358514d0cab3e660aa916a7b6f5420888c0ac Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 28 Jul 2022 16:55:16 -0400 Subject: [PATCH 27/28] Modernize matomo/tasks/main.yml for skip_role_on_error #3255 --- roles/matomo/tasks/main.yml | 52 +++++++++++++++++++++---------------- 1 file changed, 29 insertions(+), 23 deletions(-) diff --git a/roles/matomo/tasks/main.yml b/roles/matomo/tasks/main.yml index 7453b4821..eec80e81a 100644 --- a/roles/matomo/tasks/main.yml +++ b/roles/matomo/tasks/main.yml @@ -19,31 +19,37 @@ quiet: yes -- name: Enable/Disable/Reload NGINX for OSM, if nginx_enabled - include_tasks: nginx.yml +- block: + - name: Enable/Disable/Reload NGINX for OSM, if nginx_enabled + include_tasks: nginx.yml -- name: Install Matomo if 'matomo_installed' not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml - include_tasks: install.yml - when: matomo_installed is undefined + - name: Install Matomo if 'matomo_installed' not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml + include_tasks: install.yml + when: matomo_installed is undefined + # LET'S ADD THIS "ON/OFF SWITCH" IF POSS! + # - include_tasks: enable-or-disable.yml -# LET'S ADD THIS "ON/OFF SWITCH" IF POSS! -# - include_tasks: enable-or-disable.yml + - name: Add 'matomo' variable values to {{ iiab_ini_file }} + ini_file: + path: "{{ iiab_ini_file }}" # /etc/iiab/iiab.ini + section: matomo + option: "{{ item.option }}" + value: "{{ item.value | string }}" + with_items: + - option: name + value: Matomo + - option: description + value: '"Matomo is a web analytics alternative to Google Analytics, emphasizing privacy and data ownership."' + - option: matomo_install + value: "{{ matomo_install }}" + - option: matomo_enabled + value: "{{ matomo_enabled }}" + + rescue: - -- name: Add 'matomo' variable values to {{ iiab_ini_file }} - ini_file: - path: "{{ iiab_ini_file }}" # /etc/iiab/iiab.ini - section: matomo - option: "{{ item.option }}" - value: "{{ item.value | string }}" - with_items: - - option: name - value: Matomo - - option: description - value: '"Matomo is a web analytics alternative to Google Analytics, emphasizing privacy and data ownership."' - - option: matomo_install - value: "{{ matomo_install }}" - - option: matomo_enabled - value: "{{ matomo_enabled }}" + - name: 'SEE ERROR ABOVE (skip_role_on_error: {{ skip_role_on_error }})' + fail: + msg: "" + when: not skip_role_on_error From f1eb4f381f366b1c5dbe89bca1ee2ad1f284de87 Mon Sep 17 00:00:00 2001 From: cwivagg Date: Sat, 13 Aug 2022 09:01:00 -0400 Subject: [PATCH 28/28] Update README.adoc Instructions for getting into Matomo --- roles/matomo/README.adoc | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/roles/matomo/README.adoc b/roles/matomo/README.adoc index 4d7ca6589..0fdbb3a4d 100644 --- a/roles/matomo/README.adoc +++ b/roles/matomo/README.adoc @@ -39,6 +39,13 @@ _Finally, continue to https://download.iiab.io[install IIAB], e.g. by running `s Log in to your IIAB's full Matomo URL, e.g. http://box.lan/matomo, as arranged above. +WARNING: If your IIAB URL is *not* http://box.lan, you may run into a big orange warning from Matomo that it has been configured to run from a different address. Here are the steps to fix this problem. + +1. Copy the IP address listed in the box below "How do I fix this problem and how do I log in again?" For example, I see 'trusted_hosts[] = "192.168.64.10"', so I copy "192.168.64.10". +2. Run "sudo nano /library/www/matomo/config/config.ini.php" to edit Matomo's config file. +3. Paste or type the IP address from Step 1 to replace "box.lan" in the trusted_hosts line, which should be about line 13. When I'm done, my line 13 says 'trusted_hosts[] = "192.168.64.10"' instead of 'trusted_hosts[] = "box.lan"'. +4. Refresh the Matomo homepage and the warning should be gone. + Take a look at Matomo's official guides to further set this up: https://matomo.org/guides/ WARNING: Matomo won't show any traffic statistics until after 1 day or reboot (which are the events that trigger the log scraper!)