From: Tom Hughes Date: Fri, 29 Jul 2022 16:18:43 +0000 (+0100) Subject: Rename piwik to matomo X-Git-Url: https://git.openstreetmap.org./chef.git/commitdiff_plain/ba9dff51d4737f22436abe1359d3b24f7f69e8fd Rename piwik to matomo --- diff --git a/.github/workflows/test-kitchen.yml b/.github/workflows/test-kitchen.yml index 5072dbe24..5c622df16 100644 --- a/.github/workflows/test-kitchen.yml +++ b/.github/workflows/test-kitchen.yml @@ -56,6 +56,7 @@ jobs: - logstash-forwarder - mail - mailman + - matomo - memcached - munin - munin-plugins @@ -75,7 +76,6 @@ jobs: - php - php-apache - php-fpm - - piwik - planet - planet-current - planet-dump diff --git a/.kitchen.yml b/.kitchen.yml index f9ac5d243..84a501546 100644 --- a/.kitchen.yml +++ b/.kitchen.yml @@ -191,6 +191,9 @@ suites: - name: mailman run_list: - recipe[mailman::default] + - name: matomo + run_list: + - recipe[matomo::default] - name: memcached run_list: - recipe[memcached::default] @@ -248,9 +251,6 @@ suites: - name: php-fpm run_list: - recipe[php::fpm] - - name: piwik - run_list: - - recipe[piwik::default] - name: planet run_list: - recipe[planet::default] diff --git a/cookbooks/matomo/README.md b/cookbooks/matomo/README.md new file mode 100644 index 000000000..6cb8ee476 --- /dev/null +++ b/cookbooks/matomo/README.md @@ -0,0 +1,4 @@ +# Matomo Cookbook + +This cookbook installs and configures the Matomo server-side software used for +analytics on openstreetmap.org diff --git a/cookbooks/piwik/attributes/default.rb b/cookbooks/matomo/attributes/default.rb similarity index 89% rename from cookbooks/piwik/attributes/default.rb rename to cookbooks/matomo/attributes/default.rb index ff933400e..6a9220b02 100644 --- a/cookbooks/piwik/attributes/default.rb +++ b/cookbooks/matomo/attributes/default.rb @@ -1,5 +1,5 @@ -default[:piwik][:version] = "4.10.1" -default[:piwik][:plugins] = { +default[:matomo][:version] = "4.10.1" +default[:matomo][:plugins] = { "Actions" => nil, "Annotations" => nil, "API" => nil, @@ -67,4 +67,4 @@ default[:piwik][:plugins] = { "Widgetize" => nil, } -default[:mysql][:settings][:mysqld][:secure_file_priv] = "/opt/piwik-#{node[:piwik][:version]}/piwik/tmp/assets" +default[:mysql][:settings][:mysqld][:secure_file_priv] = "/opt/matomo-#{node[:matomo][:version]}/matomo/tmp/assets" diff --git a/cookbooks/piwik/metadata.rb b/cookbooks/matomo/metadata.rb similarity index 78% rename from cookbooks/piwik/metadata.rb rename to cookbooks/matomo/metadata.rb index 54054e0e0..6160ec17e 100644 --- a/cookbooks/piwik/metadata.rb +++ b/cookbooks/matomo/metadata.rb @@ -1,8 +1,8 @@ -name "piwik" +name "matomo" maintainer "OpenStreetMap Administrators" maintainer_email "admins@openstreetmap.org" license "Apache-2.0" -description "Installs and configures Piwik" +description "Installs and configures Matomo" version "1.0.0" supports "ubuntu" diff --git a/cookbooks/matomo/recipes/default.rb b/cookbooks/matomo/recipes/default.rb new file mode 100644 index 000000000..8b79c54f9 --- /dev/null +++ b/cookbooks/matomo/recipes/default.rb @@ -0,0 +1,171 @@ +# +# Cookbook:: matomo +# Recipe:: default +# +# Copyright:: 2011, OpenStreetMap Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +include_recipe "apache" +include_recipe "geoipupdate" +include_recipe "mysql" +include_recipe "php::fpm" + +passwords = data_bag_item("matomo", "passwords") + +package %w[ + php-cli + php-curl + php-mbstring + php-mysql + php-gd + php-xml + php-apcu +] + +apache_module "expires" +apache_module "rewrite" + +version = node[:matomo][:version] + +geoip_directory = node[:geoipupdate][:directory] + +directory "/opt/matomo-#{version}" do + owner "root" + group "root" + mode "0755" +end + +remote_file "#{Chef::Config[:file_cache_path]}/matomo-#{version}.zip" do + source "https://builds.matomo.org/matomo-#{version}.zip" + not_if { ::File.exist?("/opt/matomo-#{version}/matomo") } +end + +archive_file "#{Chef::Config[:file_cache_path]}/matomo-#{version}.zip" do + destination "/opt/matomo-#{version}" + overwrite true + owner "root" + group "root" + not_if { ::File.exist?("/opt/matomo-#{version}/matomo") } +end + +node[:matomo][:plugins].each do |plugin_name, plugin_version| + next if plugin_version.nil? + + remote_file "#{Chef::Config[:file_cache_path]}/matomo-#{plugin_name}-#{plugin_version}.zip" do + source "https://plugins.matomo.org/api/2.0/plugins/#{plugin_name}/download/#{plugin_version}" + end + + archive_file "#{Chef::Config[:file_cache_path]}/matomo-#{plugin_name}-#{plugin_version}.zip" do + action :nothing + destination "/opt/matomo-#{version}/matomo/plugins" + overwrite true + owner "root" + group "root" + subscribes :extract, "remote_file[#{Chef::Config[:file_cache_path]}/matomo-#{plugin_name}-#{plugin_version}.zip]", :immediately + end +end + +execute "/opt/matomo-#{version}/matomo/matomo.js" do + command "gzip -k -9 /opt/matomo-#{version}/matomo/matomo.js" + cwd "/opt/matomo-#{version}" + user "root" + group "root" + not_if { ::File.exist?("/opt/matomo-#{version}/matomo/matomo.js.gz") } +end + +execute "/opt/matomo-#{version}/matomo/piwik.js" do + command "gzip -k -9 /opt/matomo-#{version}/matomo/piwik.js" + cwd "/opt/matomo-#{version}" + user "root" + group "root" + not_if { ::File.exist?("/opt/matomo-#{version}/matomo/piwik.js.gz") } +end + +directory "/opt/matomo-#{version}/matomo/config" do + owner "www-data" + group "www-data" + mode "0755" +end + +template "/opt/matomo-#{version}/matomo/config/config.ini.php" do + source "config.erb" + owner "root" + group "root" + mode "0644" + variables :passwords => passwords, + :directory => "/opt/matomo-#{version}/matomo", + :plugins => node[:matomo][:plugins].keys.sort +end + +directory "/opt/matomo-#{version}/matomo/tmp" do + owner "www-data" + group "www-data" + mode "0755" +end + +directory "/opt/matomo-#{version}/matomo/tmp/assets" do + owner "www-data" + group "mysql" + mode "0750" +end + +link "/opt/matomo-#{version}/matomo/misc/GeoLite2-ASN.mmdb" do + to "#{geoip_directory}/GeoLite2-ASN.mmdb" +end + +link "/opt/matomo-#{version}/matomo/misc/GeoLite2-City.mmdb" do + to "#{geoip_directory}/GeoLite2-City.mmdb" +end + +link "/opt/matomo-#{version}/matomo/misc/GeoLite2-Country.mmdb" do + to "#{geoip_directory}/GeoLite2-Country.mmdb" +end + +link "/srv/matomo.openstreetmap.org" do + to "/opt/matomo-#{version}/matomo" + notifies :restart, "service[php#{node[:php][:version]}-fpm]" +end + +mysql_user "piwik@localhost" do + password passwords["database"] +end + +mysql_database "piwik" do + permissions "piwik@localhost" => :all +end + +ssl_certificate "matomo.openstreetmap.org" do + domains ["matomo.openstreetmap.org", "matomo.osm.org", + "piwik.openstreetmap.org", "piwik.osm.org"] + notifies :reload, "service[apache2]" +end + +php_fpm "matomo.openstreetmap.org" do + prometheus_port 9253 +end + +apache_site "matomo.openstreetmap.org" do + template "apache.erb" +end + +cron_d "matomo" do + minute "5" + user "www-data" + command "/usr/bin/php /srv/matomo.openstreetmap.org/console core:archive --quiet --url=https://matomo.openstreetmap.org/" +end + +cron_d "piwik" do + action :delete +end diff --git a/cookbooks/piwik/templates/default/apache.erb b/cookbooks/matomo/templates/default/apache.erb similarity index 55% rename from cookbooks/piwik/templates/default/apache.erb rename to cookbooks/matomo/templates/default/apache.erb index f1278a31f..45b8bc0f3 100644 --- a/cookbooks/piwik/templates/default/apache.erb +++ b/cookbooks/matomo/templates/default/apache.erb @@ -1,20 +1,22 @@ # DO NOT EDIT - This file is being maintained by Chef - ServerName piwik.openstreetmap.org + ServerName matomo.openstreetmap.org + ServerAlias matomo.osm.org + ServerAlias piwik.openstreetmap.org ServerAlias piwik.osm.org ServerAdmin webmaster@openstreetmap.org SSLEngine on - SSLCertificateFile /etc/ssl/certs/piwik.openstreetmap.org.pem - SSLCertificateKeyFile /etc/ssl/private/piwik.openstreetmap.org.key + SSLCertificateFile /etc/ssl/certs/matomo.openstreetmap.org.pem + SSLCertificateKeyFile /etc/ssl/private/matomo.openstreetmap.org.key - CustomLog /var/log/apache2/piwik.openstreetmap.org-access.log combined - ErrorLog /var/log/apache2/piwik.openstreetmap.org-error.log + CustomLog /var/log/apache2/matomo.openstreetmap.org-access.log combined + ErrorLog /var/log/apache2/matomo.openstreetmap.org-error.log Options -Indexes - DocumentRoot /srv/piwik.openstreetmap.org + DocumentRoot /srv/matomo.openstreetmap.org Redirect 403 /core/ Redirect 403 /config/ @@ -23,18 +25,20 @@ - ServerName piwik.openstreetmap.org + ServerName matomo.openstreetmap.org + ServerAlias matomo.osm.org + ServerAlias piwik.openstreetmap.org ServerAlias piwik.osm.org ServerAdmin webmaster@openstreetmap.org - CustomLog /var/log/apache2/piwik.openstreetmap.org-access.log combined - ErrorLog /var/log/apache2/piwik.openstreetmap.org-error.log + CustomLog /var/log/apache2/matomo.openstreetmap.org-access.log combined + ErrorLog /var/log/apache2/matomo.openstreetmap.org-error.log RedirectPermanent /.well-known/acme-challenge/ http://acme.openstreetmap.org/.well-known/acme-challenge/ - RedirectPermanent / https://piwik.openstreetmap.org/ + RedirectPermanent / https://matomo.openstreetmap.org/ - + Require all granted ExpiresActive On @@ -57,6 +61,6 @@ - SetHandler "proxy:unix:/run/php/piwik.openstreetmap.org.sock|fcgi://127.0.0.1" + SetHandler "proxy:unix:/run/php/matomo.openstreetmap.org.sock|fcgi://127.0.0.1" diff --git a/cookbooks/piwik/templates/default/config.erb b/cookbooks/matomo/templates/default/config.erb similarity index 92% rename from cookbooks/piwik/templates/default/config.erb rename to cookbooks/matomo/templates/default/config.erb index 469adeeec..457badc83 100644 --- a/cookbooks/piwik/templates/default/config.erb +++ b/cookbooks/matomo/templates/default/config.erb @@ -13,11 +13,12 @@ force_ssl = 1 force_ssl_login = 1 login_allowlist_apply_to_reporting_api_requests = "0" proxy_client_headers[] = "HTTP_X_FORWARDED_FOR" +trusted_hosts[] = "matomo.openstreetmap.org" trusted_hosts[] = "piwik.openstreetmap.org" salt = "<%= @passwords['salt'] %>" [Tracker] -ignore_visits_cookie_name = "piwik_ignore" +ignore_visits_cookie_name = "matomo_ignore" [Plugins] <% @plugins.each do |plugin| -%> diff --git a/cookbooks/piwik/README.md b/cookbooks/piwik/README.md deleted file mode 100644 index a968336a3..000000000 --- a/cookbooks/piwik/README.md +++ /dev/null @@ -1,4 +0,0 @@ -# Piwik Cookbook - -This cookbook installs and configures the Piwiki server-side software used for -analytics on openstreetmap.org diff --git a/cookbooks/piwik/recipes/default.rb b/cookbooks/piwik/recipes/default.rb deleted file mode 100644 index 483a348cb..000000000 --- a/cookbooks/piwik/recipes/default.rb +++ /dev/null @@ -1,158 +0,0 @@ -# -# Cookbook:: piwik -# Recipe:: default -# -# Copyright:: 2011, OpenStreetMap Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -include_recipe "apache" -include_recipe "geoipupdate" -include_recipe "mysql" -include_recipe "php::fpm" - -passwords = data_bag_item("piwik", "passwords") - -package %w[ - php-cli - php-curl - php-mbstring - php-mysql - php-gd - php-xml - php-apcu -] - -apache_module "expires" -apache_module "rewrite" - -version = node[:piwik][:version] - -geoip_directory = node[:geoipupdate][:directory] - -directory "/opt/piwik-#{version}" do - owner "root" - group "root" - mode "0755" -end - -remote_file "#{Chef::Config[:file_cache_path]}/piwik-#{version}.zip" do - source "https://builds.matomo.org/piwik-#{version}.zip" - not_if { ::File.exist?("/opt/piwik-#{version}/piwik") } -end - -archive_file "#{Chef::Config[:file_cache_path]}/piwik-#{version}.zip" do - destination "/opt/piwik-#{version}" - overwrite true - owner "root" - group "root" - not_if { ::File.exist?("/opt/piwik-#{version}/piwik") } -end - -node[:piwik][:plugins].each do |plugin_name, plugin_version| - next if plugin_version.nil? - - remote_file "#{Chef::Config[:file_cache_path]}/piwik-#{plugin_name}-#{plugin_version}.zip" do - source "https://plugins.matomo.org/api/2.0/plugins/#{plugin_name}/download/#{plugin_version}" - end - - archive_file "#{Chef::Config[:file_cache_path]}/piwik-#{plugin_name}-#{plugin_version}.zip" do - action :nothing - destination "/opt/piwik-#{version}/piwik/plugins" - overwrite true - owner "root" - group "root" - subscribes :extract, "remote_file[#{Chef::Config[:file_cache_path]}/piwik-#{plugin_name}-#{plugin_version}.zip]", :immediately - end -end - -execute "/opt/piwik-#{version}/piwik/piwik.js" do - command "gzip -k -9 /opt/piwik-#{version}/piwik/piwik.js" - cwd "/opt/piwik-#{version}" - user "root" - group "root" - not_if { ::File.exist?("/opt/piwik-#{version}/piwik/piwik.js.gz") } -end - -directory "/opt/piwik-#{version}/piwik/config" do - owner "www-data" - group "www-data" - mode "0755" -end - -template "/opt/piwik-#{version}/piwik/config/config.ini.php" do - source "config.erb" - owner "root" - group "root" - mode "0644" - variables :passwords => passwords, - :directory => "/opt/piwik-#{version}/piwik", - :plugins => node[:piwik][:plugins].keys.sort -end - -directory "/opt/piwik-#{version}/piwik/tmp" do - owner "www-data" - group "www-data" - mode "0755" -end - -directory "/opt/piwik-#{version}/piwik/tmp/assets" do - owner "www-data" - group "mysql" - mode "0750" -end - -link "/opt/piwik-#{version}/piwik/misc/GeoLite2-ASN.mmdb" do - to "#{geoip_directory}/GeoLite2-ASN.mmdb" -end - -link "/opt/piwik-#{version}/piwik/misc/GeoLite2-City.mmdb" do - to "#{geoip_directory}/GeoLite2-City.mmdb" -end - -link "/opt/piwik-#{version}/piwik/misc/GeoLite2-Country.mmdb" do - to "#{geoip_directory}/GeoLite2-Country.mmdb" -end - -link "/srv/piwik.openstreetmap.org" do - to "/opt/piwik-#{version}/piwik" - notifies :restart, "service[php#{node[:php][:version]}-fpm]" -end - -mysql_user "piwik@localhost" do - password passwords["database"] -end - -mysql_database "piwik" do - permissions "piwik@localhost" => :all -end - -ssl_certificate "piwik.openstreetmap.org" do - domains ["piwik.openstreetmap.org", "piwik.osm.org"] - notifies :reload, "service[apache2]" -end - -php_fpm "piwik.openstreetmap.org" do - prometheus_port 9253 -end - -apache_site "piwik.openstreetmap.org" do - template "apache.erb" -end - -cron_d "piwik" do - minute "5" - user "www-data" - command "/usr/bin/php /srv/piwik.openstreetmap.org/console core:archive --quiet --url=https://piwik.openstreetmap.org/" -end diff --git a/roles/eustace.rb b/roles/eustace.rb index 4aa2fdd31..bd11cb345 100644 --- a/roles/eustace.rb +++ b/roles/eustace.rb @@ -23,5 +23,5 @@ default_attributes( run_list( "role[ucl]", "role[hp-dl360-g6]", - "role[piwik]" + "role[matomo]" ) diff --git a/roles/piwik.rb b/roles/matomo.rb similarity index 85% rename from roles/piwik.rb rename to roles/matomo.rb index 7f161753b..ae632f898 100644 --- a/roles/piwik.rb +++ b/roles/matomo.rb @@ -1,5 +1,5 @@ -name "piwik" -description "Role applied to all Piwik servers" +name "matomo" +description "Role applied to all Matomo servers" default_attributes( :apache => { @@ -24,5 +24,5 @@ default_attributes( ) run_list( - "recipe[piwik]" + "recipe[matomo]" ) diff --git a/test/data_bags/piwik/passwords.json b/test/data_bags/matomo/passwords.json similarity index 100% rename from test/data_bags/piwik/passwords.json rename to test/data_bags/matomo/passwords.json diff --git a/test/data_bags/web/piwik.json b/test/data_bags/web/matomo.json similarity index 77% rename from test/data_bags/web/piwik.json rename to test/data_bags/web/matomo.json index f9b73748a..0bae1e267 100644 --- a/test/data_bags/web/piwik.json +++ b/test/data_bags/web/matomo.json @@ -1,6 +1,6 @@ { - "id": "piwik", - "location": "piwik", + "id": "matomo", + "location": "matomo", "site": 100, "goals": { "signup": 1001, diff --git a/test/integration/piwik/serverspec/apache_spec.rb b/test/integration/matomo/serverspec/apache_spec.rb similarity index 100% rename from test/integration/piwik/serverspec/apache_spec.rb rename to test/integration/matomo/serverspec/apache_spec.rb