WIP: feat(Matomo): Add service #28

Draft
kosssi wants to merge 1 commits from matomo into mariadb
8 changed files with 194 additions and 0 deletions

View File

@ -8,6 +8,7 @@ Vous trouverez dans ce dépôt l'ensemble des services Open Source que RésiLien
- [Directus](./directus) : Permet d'administrer une base de données
- [HedgeDoc](./hedgedoc) : Prise de note en Markdown collaborative en temps réel
- [Matomo](./matomo) : Logiciel libre et open source de mesure de statistiques web
- [Mobilizon](./mobilizon): Permet l'organisation d'évènements et de gestion de groupes
- [Nextcloud](./nextcloud) : Site d'hébergement de fichiers et une plateforme de collaboration

35
matomo/.env Normal file
View File

@ -0,0 +1,35 @@
########
# DOCKER
#DOCKER_CONTEXT=
#DOCKER_HOST=
SERVICES_DIR=..
COMPOSE_FILE=${SERVICES_DIR}/matomo/docker-compose.yml:${SERVICES_DIR}/matomo/docker-compose.local.yml:${SERVICES_DIR}/mariadb/docker-compose.yml
#COMPOSE_PROJECT_NAME=
## APP
#MATOMO_DOMAIN=matomo.cool.life
#MATOMO_CONTAINER_NAME=
#MATOMO_VOLUME_NAME=
#MATOMO_IMAGE=
#PHP_MEMORY_LIMIT=
##########
# MARIADB
#MARIADB_CONTAINER_NAME=
#MARIADB_VOLUME_NAME=
#MARIADB_IMAGE=
MARIADB_ROOT_PASSWORD=replace-me
MARIADB_USER=user-example
MARIADB_PASSWORD=password-example
MARIADB_DATABASE=mariadb-database-name-example
MARIADB_COMMAND=--max-allowed-packet=64MB
#########
# TRAEFIK
#TRAEFIK_NETWORK_NAME=
#TRAEFIK_ROUTER_NAME= # Don't use char '.'
#TRAEFIK_ENTRYPOINTS=

22
matomo/README.md Normal file
View File

@ -0,0 +1,22 @@
# Matomo
> Matomo, anciennement Piwik, est un logiciel libre et open source de mesure de statistiques web, conçu pour être une alternative libre à Google Analytics.
>
> <cite>[Wikipédia][wikipedia]</cite>
## Commande
```
docker compose exec --user www-data matomo-fpm php console
```
## Liens
- [Site Officiel][site]
- [Code source][source]
- [Docker Hub][dockerhub]
[wikipedia]: https://fr.wikipedia.org/wiki/Matomo_(logiciel)
[site]: https://fr.matomo.org/
[source]: https://github.com/matomo-org/matomo
[dockerhub]: https://hub.docker.com/_/matomo/

View File

@ -0,0 +1,6 @@
version: "3.8"
services:
matomo-web:
ports:
- ${LOCAL_PORT:-80}:80

View File

@ -0,0 +1,15 @@
version: "3.8"
networks:
default:
name: ${TRAEFIK_NETWORK_NAME:-traefik}
services:
matomo-web:
environment:
TRUSTED_PROXIES: ${TRAEFIK_NETWORK_NAME:-traefik}
labels:
- traefik.enable=true
- traefik.docker.network=${TRAEFIK_NETWORK_NAME:-traefik}
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-matomo}.rule=Host(`${MATOMO_DOMAIN:?err}`)
- traefik.http.routers.${TRAEFIK_ROUTER_NAME:-matomo}.entrypoints=${TRAEFIK_ENTRYPOINTS:-web}

42
matomo/docker-compose.yml Normal file
View File

@ -0,0 +1,42 @@
version: "3.8"
volumes:
matomo:
name: ${MATOMO_VOLUME_NAME:-matomo}
services:
matomo-fpm:
container_name: ${MATOMO_CONTAINER_NAME:-matomo}-fpm
image: ${MATOMO_IMAGE:-matomo:4.7.1-fpm-alpine}
restart: always
environment:
MATOMO_DATABASE_HOST: ${MARIADB_CONTAINER_NAME:-mariadb}
MATOMO_DATABASE_ADAPTER: mysql
MATOMO_DATABASE_TABLES_PREFIX: matomo_
MATOMO_DATABASE_USERNAME: ${MARIADB_USER:?err}
MATOMO_DATABASE_PASSWORD: ${MARIADB_PASSWORD:?err}
MATOMO_DATABASE_DBNAME: ${MARIADB_DATABASE:?err}
PHP_MEMORY_LIMIT: ${PHP_MEMORY_LIMIT:-256M}
PUID: ${MATOMO_PUID:-1000}
PGID: ${MATOMO_PGID:-1000}
depends_on:
- mariadb
volumes:
- matomo:/var/www/html
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
matomo-web:
container_name: ${MATOMO_CONTAINER_NAME:-matomo}-web
build: web
restart: always
environment:
MATOMO_FPM_CONTAINER_NAME: ${MATOMO_CONTAINER_NAME:-matomo}-fpm
PUID: ${MATOMO_PUID:-1000}
PGID: ${MATOMO_PGID:-1000}
depends_on:
- matomo-fpm
volumes:
- matomo:/var/www/html
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro

3
matomo/web/Dockerfile Normal file
View File

@ -0,0 +1,3 @@
FROM nginx:1.21.6-alpine
COPY matomo.conf.template /etc/nginx/templates/default.conf.template

View File

@ -0,0 +1,70 @@
upstream php-handler {
server ${MATOMO_FPM_CONTAINER_NAME}:9000;
}
server {
listen 80;
server_name ${MATOMO_DOMAIN}
add_header Referrer-Policy origin always; # make sure outgoing links don't show the URL to the Matomo instance
add_header X-Content-Type-Options "nosniff" always;
add_header X-XSS-Protection "1; mode=block" always;
root /var/www/html; # replace with path to your matomo instance
index index.php;
try_files $uri $uri/ =404;
## only allow accessing the following php files
location ~ ^/(index|matomo|piwik|js/index|plugins/HeatmapSessionRecording/configs).php {
# regex to split $uri to $fastcgi_script_name and $fastcgi_path
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# Check that the PHP script exists before passing it
try_files $fastcgi_script_name =404;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param HTTP_PROXY ""; # prohibit httpoxy: https://httpoxy.org/
fastcgi_pass php-handler;
}
## deny access to all other .php files
location ~* ^.+\.php$ {
deny all;
return 403;
}
## disable all access to the following directories
location ~ /(config|tmp|core|lang) {
deny all;
return 403; # replace with 404 to not show these directories exist
}
location ~ /\.ht {
deny all;
return 403;
}
location ~ js/container_.*_preview\.js$ {
expires off;
add_header Cache-Control 'private, no-cache, no-store';
}
location ~ \.(gif|ico|jpg|png|svg|js|css|htm|html|mp3|mp4|wav|ogg|avi|ttf|eot|woff|woff2|json)$ {
allow all;
## Cache images,CSS,JS and webfonts for an hour
## Increasing the duration may improve the load-time, but may cause old files to show after an Matomo upgrade
expires 1h;
add_header Pragma public;
add_header Cache-Control "public";
}
location ~ /(libs|vendor|plugins|misc/user) {
deny all;
return 403;
}
## properly display textfiles in root directory
location ~/(.*\.md|LEGALNOTICE|LICENSE) {
default_type text/plain;
}
}