Matomo¶
Managed instance of Matomo, a real-time Web analytics application.
Setup¶
The matomo role sets up the Matomo PHP application and Nginx as reverse proxy
with an automatically managed Letsencrypt certificate.
Note
Matomo requires manual setup: you need to set the host name, create a database and run the Web installer.
Matomo requires a MySQL-compatible database which is not activated automatically. You can put the database on the same machine or use a separate one. We recommend the percona80 role for the database.
Add Matomo NixOS config¶
Before activating the matomo role, add at least the following custom config:
# /etc/local/nixos/matomo.nix
{ config, lib, ... }:
{
flyingcircus.roles.matomo = {
hostname = "matomo.test.example.org";
};
}
See Custom NixOS-native configuration for general information about writing custom NixOS
modules in /etc/local/nixos.
Create the database¶
Assuming that percona80 is running on the same machine, create a database with
full privileges for the local matomo user. Matomo will create the necessary
database objects during the Web installer process.
sudo -u mysql mysql
create user matomo@localhost;
create database matomo;
grant all on matomo.* to matomo@localhost;
Run the Web installer¶
Go to the configured URL, for example https://matomo.test.example.org and
start the Web installer.
On the third step which sets up the database, use localhost as “Database
Server” and matomo for both “Login” and “Database Name”. Keep “Password”
empty and remove the default “Table Prefix”. “Adapter” should be
PDO\MySQL.
After clicking “Next”, Matomo confirms that tables have been created.
Finish the following steps and log in with your admin credentials.
Geolocation¶
You probably want geolocation which requires an external database.
Set it up it via Administration -> System -> Geolocation.
Choose DBIP / GeoIP 2 and Matomo will automatically download the database.
Also see Setting up accurate visitors geolocation in the Matomo FAQ.
Archive Processing¶
The role automatically sets up the matomo-archive-processing service which
runs every hour. You can disable browser-triggered archiving, especially for
high-traffic websites:
Go to Administration > System -> General Settings, and select:
Archive reports when viewed from the browser: No
Updates¶
Warning
Please do not try to update Matomo manually, files will be overwritten!
Updates are handled by the role. New versions overwrite files in the
installation directory, copied from the matomo Nix package.
Interaction¶
As sudo-srv user, use matomo-console to run various Matomo management
commands:
sudo -u matomo matomo-console
Configuration¶
Plugins¶
As sudo-srv or service user, put plugin bundles in /var/lib/matomo/plugins.
Activate plugins with:
sudo -u matomo matomo-console plugin:activate ExamplePlugin
NixOS Options¶
services.matomo.periodicArchiveProcessing
Archive processing is enabled by default.
services.matomo.nginx.
Put additional nginx virtual host settings here which are the same options as
services.nginx.virtualHosts.<name>.*, for example:
{
services.matomo.nginx = {
default = true;
basicAuth = "FCIO login";
basicAuthFile = "/etc/local/htpasswd_fcio_users";
};
}
Monitoring¶
The role defines the following Sensu checks:
matomo-configmatomo-permissionsmatomo-unexpected-filesmatomo-version