diff --git a/playbook.yml b/playbook.yml index 9c96498e..c4203ca5 100644 --- a/playbook.yml +++ b/playbook.yml @@ -190,6 +190,14 @@ vars: domain: baserow.{{top_domain}} http_port: 8017 +- name: setup matomo hosts + hosts: matomo + become: true + roles: + - role: docker-matomo + vars: + domain: matomo.{{top_domain}} + http_port: 8018 - name: setup akaunting hosts hosts: akaunting become: true diff --git a/roles/docker-matomo/README.md b/roles/docker-matomo/README.md new file mode 100644 index 00000000..261df2b4 --- /dev/null +++ b/roles/docker-matomo/README.md @@ -0,0 +1,32 @@ +# Docker Matomo Role + +This Ansible role deploys a Matomo analytics platform instance using Docker. + +## Requirements + +- Docker and Docker-Compose installed on the host machine. +- Nginx installed for reverse proxy configuration. +- Certbot installed for SSL certificate generation. + +## Role Variables + +- `domain`: The domain where Matomo will be accessible. +- `administrator_email`: The email used for SSL certificate registration. +- `path_docker_compose_files`: Path to store Docker Compose files. +- `http_port`: The host port that Matomo will be accessible on. +- `matomo_database_password`: Password for the Matomo database. + +## Dependencies + +- `docker-reverse-proxy`: An Ansible role for configuring the reverse proxy. + +## Example Playbook + +```yaml +- hosts: servers + roles: + - { role: docker-matomo, domain: 'example.com', http_port: 8080 } +``` + +## AI Generated +This script was created with the help of ChatGPT. The full conversation is [here](https://chat.openai.com/share/49e0c7e4-a2af-4a04-adad-7a735bdd85c4) available. \ No newline at end of file diff --git a/roles/docker-matomo/handlers/main.yml b/roles/docker-matomo/handlers/main.yml new file mode 100644 index 00000000..09cddb78 --- /dev/null +++ b/roles/docker-matomo/handlers/main.yml @@ -0,0 +1,8 @@ +--- +- name: recreate matomo + command: + cmd: docker-compose -p matomo up -d --force-recreate + chdir: "{{path_docker_compose_files}}matomo/" + environment: + COMPOSE_HTTP_TIMEOUT: 600 + DOCKER_CLIENT_TIMEOUT: 600 diff --git a/roles/docker-matomo/meta/main.yml b/roles/docker-matomo/meta/main.yml new file mode 100644 index 00000000..f25ef891 --- /dev/null +++ b/roles/docker-matomo/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: +- docker-reverse-proxy diff --git a/roles/docker-matomo/tasks/main.yml b/roles/docker-matomo/tasks/main.yml new file mode 100644 index 00000000..a9a5080c --- /dev/null +++ b/roles/docker-matomo/tasks/main.yml @@ -0,0 +1,21 @@ +--- +- name: recieve {{domain}} certificate + command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{domain}} + +- name: configure {{domain}}.conf + template: + src: "roles/docker-reverse-proxy/templates/domain.conf.j2" + dest: "/etc/nginx/conf.d/{{domain}}.conf" + notify: restart nginx + +- name: "create {{path_docker_compose_files}}matomo/" + file: + path: "{{path_docker_compose_files}}matomo/" + state: directory + mode: 0755 + +- name: add docker-compose.yml + template: + src: "docker-compose.yml.j2" + dest: "{{path_docker_compose_files}}matomo/docker-compose.yml" + notify: recreate matomo diff --git a/roles/docker-matomo/templates/docker-compose.yml.j2 b/roles/docker-matomo/templates/docker-compose.yml.j2 new file mode 100644 index 00000000..9f8e85ee --- /dev/null +++ b/roles/docker-matomo/templates/docker-compose.yml.j2 @@ -0,0 +1,43 @@ +version: '3' + +services: + application: + logging: + driver: journald + image: matomo + restart: always + ports: + - "127.0.0.1:{{http_port}}:80" + environment: + MATOMO_DATABASE_HOST: "database:3306" + MATOMO_DATABASE_ADAPTER: "mysql" + MATOMO_DATABASE_USERNAME: "matomo" + MATOMO_DATABASE_PASSWORD: "{{matomo_database_password}}" + MATOMO_DATABASE_DBNAME: "matomo" + links: + - database + depends_on: + - database + database: + logging: + driver: journald + image: mariadb + restart: always + environment: + MYSQL_DATABASE: "matomo" + MYSQL_USER: "matomo" + MYSQL_PASSWORD: "{{matomo_database_password}}" + MYSQL_ROOT_PASSWORD: "{{matomo_database_password}}" + MARIADB_AUTO_UPGRADE: "1" + volumes: + - database:/var/lib/mysql + healthcheck: + test: "/usr/bin/mariadb --user=matomo --password={{matomo_database_password}} --execute \"SHOW DATABASES;\"" + interval: 3s + timeout: 1s + retries: 5 +volumes: + database: +networks: + default: + driver: bridge