Procedures

This is a WIP where we try to describe all the required steps to get our premium matomo instances up and running.

Know problems

Loadbalancing
Plugin activation on all sites (copy config after all plugins has been activated)

Create new servers att Glesys

Add domain names to servers on Glesys

Add the correct dns entries to the correct servers. And remember that if you gonna use a loadbalancer you will need to tweak the configuration a bit.

Create required files in `hosting-20.04` git projekt

Add a file in `hosts` folder with hostname

Example

hosts-file example

[matomo-test]
194.54.164.6

[web]
194.54.164.6

It is important thet you have both hostname with an IP and add it in the web-group. This is a Trellis specific thing. i.e We are then referencing servers in both the web and matomo-test groups.

In ansible this is called "Intersection of groups"

More info link

Add a folder in `group-vars` folder with hostname

This folder should contain the following files:

main.yml

mysql_root_password: "{{ vault_mysql_root_password }}" # Define this variable in group_vars/production/vault.yml

cron_enabled: false
node_exporter_enabled: true

vault.yml

# Documentation: https://roots.io/trellis/docs/vault/
vault_mysql_root_password: somerandompassword

# Documentation: https://roots.io/trellis/docs/security/
vault_users:
  - name: "{{ admin_user }}"
    password: somerandompassword
    salt: "some random salt"

# Variables to accompany `group_vars/production/wordpress_sites.yml`
# Note: the site name (`example.com`) must match up with the site name in the above file.
vault_wordpress_sites:
  analytics.matomo.devspace.se:
    env:
      db_password: somerandompassword
  tracker.matomo.devspace.se:
    env:
      db_password: somerandompassword

PRO TIP

An easy way to create a good secure password is to use the generate random password in 1Password function.

CMD+* -> +Generate password

wordpress_sites.yml

# Documentation: https://roots.io/trellis/docs/remote-server-setup/
# `wordpress_sites` options: https://roots.io/trellis/docs/wordpress-sites
# Define accompanying passwords/secrets in group_vars/production/vault.yml

wordpress_sites:
  tracker.matomo.devspace.se:
    site_hosts:
      - canonical: tracker.matomo.devspace.se
    ssl:
      enabled: true
      provider: letsencrypt
    cache:
      enabled: true
    multisite:
      enabled: false
    db_create: false
    nginx_wordpress_site_conf: whitespace/nginx/matomo/tracking.conf.j2
  analytics.matomo.devspace.se:
    site_hosts:
      - canonical: analytics.matomo.devspace.se
    ssl:
      enabled: true
      provider: letsencrypt
    cache:
      enabled: true
    multisite:
      enabled: false
    nginx_wordpress_site_conf: whitespace/nginx/matomo/default.conf.j2

Run ansible playbook for matomo

ansible-playbook server-matomo.yml -e env=matomo-test

Known hosts problem

After the first run througt of the playbook you will get and error that ansible can't connect anymore. This is because SSH is warning about a host key change.

matomo-projects (or How to install matomo on the server)

Edit flightplan.js

Start by added the new how to flightplan.js file.

Example for new host:

plan.target(
  "matomo-test-tracker",
  {
    host: "matomo.devspace.se",
    username: "whitespace",
    agent: process.env.SSH_AUTH_SOCK,
  },
  {
    root: "/srv/www",
    targets: ["tracker.matomo.devspace.se"],
    user: "web",
  },
);

You also need to add the new host to the list at line 376. depending on the PHP version you are using.

  if (
      target == "matomo.test.repair" ||
      target == "analys.hoor.se" ||
      target == "tracker.matomo.devspace.se" ||
      ...
      // Add your target here
      target == "analys.whitespace.se"
    ) {
      remote.sudo("service php7.4-fpm reload");
    } else {
      if (target == "nsr.analys.co" || target == "whitespace.analys.co") {
        remote.sudo("service php7.3-fpm reload");
      } else {
        remote.sudo("service php7.2-fpm reload");
      }
    }

Install matomo on the servers

Enter https://<your matomo hostname> in the browser.
Move through the installation steps.
Enter database information from earlier.
- database name is always sitename with underscores instead of dots.
  - analytics_matomo_devspace_se
- mysql username should then be database name + hostname
  - analytics_matomo_devspace_se_matomo-test
Create a good and secure password for the adminuser.
- Use username super
- Generate password with 1Password and store the password in 1Password

Update config.ini.php files for environments

WIP

Activate Glesys loadbalancer

Activate glesys loadbalancer in http mode port 443 in.

Know problems

Create new servers att Glesys​

Add domain names to servers on Glesys​

Create required files in hosting-20.04 git projekt​

Add a file in hosts folder with hostname​

Add a folder in group-vars folder with hostname​

PRO TIP​

Run ansible playbook for matomo​

Known hosts problem​

matomo-projects (or How to install matomo on the server)​

Edit flightplan.js​

Install matomo on the servers​

Update config.ini.php files for environments​

Activate Glesys loadbalancer​