Add Matomo Analytics

data/services/matomo/containers.sh

@@ -0,0 +1,22 @@
+matomo_db_dockerbunker() {
+	docker run -d \
+		--name=${FUNCNAME[0]//_/-} \
+		--restart=always \
+		--network dockerbunker-${SERVICE_NAME} --net-alias=db \
+		--env-file="${SERVICE_ENV}"\
+		-v ${SERVICE_NAME}-db-vol-1:${volumes[${SERVICE_NAME}-db-vol-1]} \
+		-v "${SERVICES_DIR}"/${SERVICE_NAME}/mysql/:/etc/mysql/conf.d/:ro \
+		--health-cmd="mysqladmin ping --host localhost --silent" --health-interval=10s --health-retries=5 --health-timeout=30s \
+	${IMAGES[db]} >/dev/null
+
+	wait_for_db ${FUNCNAME[0]//_/-}
+}
+
+matomo_service_dockerbunker() {
+	docker run -d \
+		--name=${SERVICE_NAME}-service-dockerbunker \
+		--restart=always \
+		--network dockerbunker-matomo \
+		-v ${SERVICE_NAME}-data-vol-1:${volumes[${SERVICE_NAME}-data-vol-1]} \
+	${IMAGES[service]} >/dev/null
+}

data/services/matomo/matomo.sh

@@ -0,0 +1,75 @@
+#!/usr/bin/env bash
+
+while true;do ls | grep -q dockerbunker.sh;if [[ $? == 0 ]];then BASE_DIR=$PWD;break;else cd ../;fi;done
+
+PROPER_NAME="Matomo"
+SERVICE_NAME="$(echo -e "${PROPER_NAME,,}" | tr -d '[:space:]')"
+PROMPT_SSL=1
+safe_to_keep_volumes_when_reconfiguring=1
+
+declare -a environment=( "data/env/dockerbunker.env" "data/include/init.sh" )
+
+for env in "${environment[@]}";do
+	[[ -f "${BASE_DIR}"/$env ]] && source "${BASE_DIR}"/$env
+done
+
+declare -A WEB_SERVICES
+declare -a containers=( "${SERVICE_NAME}-service-dockerbunker" "${SERVICE_NAME}-db-dockerbunker" )
+declare -A volumes=( [${SERVICE_NAME}-data-vol-1]="/var/www/html" [${SERVICE_NAME}-db-vol-1]="/var/lib/mysql" )
+declare -a add_to_network=( "${SERVICE_NAME}-service-dockerbunker" )
+declare -a networks=( "dockerbunker-${SERVICE_NAME}" )
+declare -A IMAGES=( [service]="matomo" [db]="mariadb:10.2" )
+
+[[ -z $1 ]] && options_menu
+
+configure() {
+	pre_configure_routine
+
+	echo -e "# \e[4mMatomo Settings\e[0m"
+	set_domain
+	
+	# avoid tr illegal byte sequence in macOS when generating random strings
+	if [[ $OSTYPE =~ "darwin" ]];then
+		if [[ $LC_ALL ]];then
+			oldLC_ALL=$LC_ALL
+			export LC_ALL=C
+		else
+			export LC_ALL=C
+		fi
+	fi
+	cat <<-EOF >> ${SERVICE_ENV}
+	SSL_CHOICE=${SSL_CHOICE}
+	LE_EMAIL=${LE_EMAIL}
+
+	# ------------------------------
+	# General Settings
+	# ------------------------------
+	
+	SERVICE_DOMAIN=${SERVICE_DOMAIN}
+	
+	# ------------------------------
+	# Matomo SQL database configuration
+	# ------------------------------
+	
+	MYSQL_DATABASE=matomo
+	MYSQL_USER=matomo
+	
+	# Please use long, random alphanumeric strings (A-Za-z0-9)
+	MYSQL_PASSWORD=$(tr -dc 'a-zA-Z0-9' < /dev/urandom | head -c 28)
+	MYSQL_ROOT_PASSWORD=$(tr -dc 'a-zA-Z0-9' < /dev/urandom | head -c 28)
+	EOF
+	
+	if [[ $OSTYPE =~ "darwin" ]];then
+		[[ $oldLC_ALL ]] && export LC_ALL=$oldLC_ALL || unset LC_ALL
+	fi
+
+	post_configure_routine
+}
+
+# i think this can/should go now... if it goes, change tests in letsencrypt function (\$1, \$2 \$* etc)
+if [[ $1 == "letsencrypt" ]];then
+	$1 $*
+else
+	$1
+fi
+

data/services/matomo/nginx/matomo.conf

@@ -0,0 +1,56 @@
+map $sent_http_content_type $expires {
+	default                    off;
+	text/html                  epoch;
+	text/css                   max;
+	application/javascript     max;
+	~image/                    max;
+}
+
+upstream matomo {
+	server matomo-service-dockerbunker:80;
+}
+
+server {
+	listen 80;
+	server_name ${SERVICE_DOMAIN};
+	return 301 https://$host$request_uri;
+}
+
+server {
+
+    listen 443 ssl;
+	server_name ${SERVICE_DOMAIN};
+	ssl_certificate /etc/nginx/ssl/${SERVICE_DOMAIN}/cert.pem;
+	ssl_certificate_key /etc/nginx/ssl/${SERVICE_DOMAIN}/key.pem;
+	include /etc/nginx/includes/ssl.conf;
+
+	add_header Strict-Transport-Security "max-age=15768000; includeSubDomains";
+	add_header X-Frame-Options SAMEORIGIN;
+	add_header X-XSS-Protection "1; mode=block";
+
+	proxy_set_header X-Real-IP $remote_addr;
+	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+	proxy_set_header Host $http_host; 
+
+	include /etc/nginx/includes/gzip.conf;
+
+	location / {
+		proxy_pass http://matomo/;
+	}
+
+	expires $expires;
+
+	location = /favicon.ico {
+		log_not_found off;
+		access_log off;
+	}
+
+	location ^~ /.well-known/ {
+	    access_log           off;
+	    log_not_found        off;
+	    root                 /var/www/html;
+#	    autoindex            off;
+	    index                index.html; # "no-such-file.txt",if expected protos don't need it
+	    try_files            $uri $uri/ =404;
+	}
+}

dockerbunker.sh

@@ -41,6 +41,7 @@ declare -a ALL_SERVICES=( \
 	"Mailcow (Dockerized)" \
 	"Mailpile" \
 	"Mastodon" \
+	"Matomo" \
 	"Nextcloud" \
 	"Open Project" \
 	"Padlock Cloud" \