Matomo¶
Managed instance of Matomo, a real-time Web analytics application. By default, we use the the latest LTS version provided by NixOS which is 4.x.x.
Matomo 5.x.x is also supported by this platform version.
The next platform version 24.11 will use Matomo 5 as default version. Matomo 4 is supported only until the end of 2024.
Upgrading to Matomo 5¶
Warning
Before upgrading, test Matomo 5 on a separate staging instance, if possible. Migrating from Matomo 4 to 5 is irreversible without manual admin intervention!
To use Matomo 5, set the services.matomo.package
option manually in custom config, like this:
(note the added pkgs
argument at the top of the module)
# /etc/local/nixos/matomo.nix
# XXX: Example config for Matomo 5
{ config, lib, pkgs, ... }:
{
flyingcircus.roles.matomo = {
hostname = "matomo.test.example.org";
};
services.matomo.package = pkgs.matomo_5;
}
The database and other Matomo state will be migrated automatically on service start after switching the system to the new config.
Initial Setup¶
The matomo
role sets up the Matomo PHP application and Nginx as reverse proxy
with an automatically managed Letsencrypt certificate.
Note
Matomo requires manual setup: you need to set the host name, create a database and run the Web installer.
Matomo requires a MySQL-compatible database which is not activated automatically. You can put the database on the same machine or use a separate one. We recommend the percona80 role for the database.
Add Matomo NixOS config¶
Before activating the matomo
role, add at least the following custom config:
# /etc/local/nixos/matomo.nix
# XXX: Example config for Matomo 4
{ config, lib, ... }:
{
flyingcircus.roles.matomo = {
hostname = "matomo.test.example.org";
};
}
See Custom NixOS-native configuration for general information about writing custom NixOS
modules in /etc/local/nixos
.
If you want to use Matomo 5 instead, see the config example in Upgrading to Matomo 5.
Create the database¶
Assuming that percona80
is running on the same machine, create a database with
full privileges for the local matomo user. Matomo will create the necessary
database objects during the Web installer process.
sudo -u mysql mysql
create user matomo@localhost;
create database matomo;
grant all on matomo.* to matomo@localhost;
Run the Web installer¶
Go to the configured URL, for example https://matomo.test.example.org
and
start the Web installer.
On the third step which sets up the database, use localhost
as “Database
Server” and matomo
for both “Login” and “Database Name”. Keep “Password”
empty and remove the default “Table Prefix”. “Adapter” should be
PDO\MySQL
.
After clicking “Next”, Matomo confirms that tables have been created.
Finish the following steps and log in with your admin credentials.
Geolocation¶
You probably want geolocation which requires an external database.
Set it up it via Administration -> System -> Geolocation
.
Choose DBIP / GeoIP 2
and Matomo will automatically download the database.
Also see Setting up accurate visitors geolocation in the Matomo FAQ.
Archive Processing¶
The role automatically sets up the matomo-archive-processing
service which
runs every hour. You can disable browser-triggered archiving, especially for
high-traffic websites:
Go to Administration > System -> General Settings
, and select:
Archive reports when viewed from the browser: No
Updates¶
Warning
Please do not try to update Matomo manually, files will be overwritten!
Updates are handled by the role. New versions overwrite files in the
installation directory, copied from the matomo
Nix package. If needed,
database migrations are also run automatically.
Interaction¶
As sudo-srv
user, use matomo-console to run various Matomo management
commands:
sudo -u matomo matomo-console
Configuration¶
Plugins¶
As sudo-srv
or service
user, put plugin bundles in /var/lib/matomo/plugins
.
Activate plugins with:
sudo -u matomo matomo-console plugin:activate ExamplePlugin
NixOS Options¶
services.matomo.periodicArchiveProcessing
Archive processing is enabled by default.
services.matomo.nginx.
Put additional nginx virtual host settings here which are the same options as
services.nginx.virtualHosts.<name>.*
, for example:
{
services.matomo.nginx = {
default = true;
basicAuth = "FCIO login";
basicAuthFile = "/etc/local/htpasswd_fcio_users";
};
}
services.matomo.package
Package version to use. Default is pkgs.matomo
, which is Matomo 4 at the moment.
pkgs.matomo_5
is also supported by us and pkgs.matomo_beta
might be a newer but unsupported version.
Monitoring¶
The role defines the following Sensu checks:
matomo-config
matomo-permissions
matomo-unexpected-files
matomo-version