Update to 2022-03-07 16:00

roles/unmaintained/matomo/tasks/archive_post.yml

@@ -0,0 +1,7 @@
+---
+
+- import_tasks: ../includes/webapps_compress_archive.yml
+  vars:
+    - root_dir: "{{ matomo_root_dir }}"
+    - version: "{{ matomo_current_version }}"
+  tags: matomo

roles/unmaintained/matomo/tasks/archive_pre.yml

@@ -0,0 +1,8 @@
+---
+
+- import_tasks: ../includes/webapps_archive.yml
+  vars:
+    - root_dir: "{{ matomo_root_dir }}"
+    - version: "{{ matomo_current_version }}"
+    - db_name: "{{ matomo_db_name }}"
+  tags: matomo

roles/unmaintained/matomo/tasks/cleanup.yml

@@ -0,0 +1,29 @@
+---
+
+- name: Remove uneeded files
+  file: path={{ matomo_root_dir }}/{{ item }} state=absent
+  with_items:
+    - web/vendor/maxmind-db/reader/autoload.php
+  tags: matomo
+
+- name: Remove temp files
+  file: path={{ matomo_root_dir }}/tmp/{{ item }} state=absent
+  with_items:
+    - matomo
+    - "How to install Matomo.html"
+    - matomo-{{ matomo_version }}.tar.gz
+    - matomo.sql
+  tags: matomo
+
+- name: Remove plugins archives
+  file: path={{ matomo_root_dir }}/tmp/{{ item }}-{{ matomo_plugins[item].version }}.zip state=absent
+  with_items: "{{ matomo_plugins.keys() | list }}"
+  tags: matomo
+
+- name: Remove obsolete files
+  file: path={{ item }} state=absent
+  loop:
+    - /etc/backup/pre.d/matomo_{{ matomo_id }}_pre-backup
+    - /etc/backup/post.d/matomo_{{ matomo_id }}_post-backup
+    - "{{ matomo_root_dir }}/db_dumps"
+  tags: matomo

roles/unmaintained/matomo/tasks/conf.yml

@@ -0,0 +1,140 @@
+---
+
+- name: Restore configuration
+  copy: src={{ matomo_root_dir }}/archives/{{ matomo_current_version }}/web/config/config.ini.php dest={{ matomo_root_dir }}/web/config/config.ini.php remote_src=True
+  when: matomo_install_mode == "upgrade"
+  tags: matomo
+
+- name: Configure Matomo
+  ini_file:
+    path: "{{ matomo_root_dir }}/web/config/config.ini.php"
+    option: "{{ item.option }}"
+    section: "{{ item.section }}"
+    value: "{{ item.value }}"
+    mode: 0660
+    group: "{{ matomo_php_user }}"
+  with_items:
+    - option: host
+      section: database
+      value: '"{{ matomo_db_server }}"'
+    - option: username
+      section: database
+      value: '"{{ matomo_db_user }}"'
+    - option: password
+      section: database
+      value: '"{{ matomo_db_pass }}"'
+    - option: dbname
+      section: database
+      value: '"{{ matomo_db_name }}"'
+    - option: assume_secure_protocol
+      section: General
+      value: 1
+    - option: salt
+      section: General
+      value: '"{{ matomo_salt }}"'
+    - option: enable_load_data_infile
+      section: General
+      value: 0
+    - option: tmp_path
+      section: General
+      value: "/../tmp"
+    - option: enable_auto_update
+      section: General
+      value: 0
+    - option: piwik_professional_support_ads_enabled
+      section: General
+      value: 0
+    - option: enable_fingerprinting_across_websites
+      section: Tracker
+      value: 1
+    - option: transport
+      section: mail
+      value: '"smtp"'
+    - option: host
+      section: mail
+      value: '"localhost"'
+  tags: matomo
+
+- name: Configure system proxy
+  ini_file:
+    path: "{{ matomo_root_dir }}/web/config/config.ini.php"
+    option: "{{ item.option }}"
+    section: "{{ item.section }}"
+    value: "{{ item.value }}"
+  with_items:
+    - option: host
+      section: proxy
+      value: "{{ system_proxy | urlsplit('hostname') }}"
+    - option: port
+      section: proxy
+      value: "{{ system_proxy | urlsplit('port') | default('8080') }}"
+  when: system_proxy is defined
+  tags: matomo
+
+- name: Configure reverse proxy
+  ini_file:
+    path: "{{ matomo_root_dir }}/web/config/config.ini.php"
+    option: "{{ item.option }}"
+    section: "{{ item.section }}"
+    value: "{{ item.value }}"
+  with_items:
+    - option: "proxy_client_headers[]"
+      section: General
+      value: '"HTTP_X_FORWARDED_FOR"'
+    - option: "proxy_host_headers[]"
+      section: General
+      value: '"HTTP_X_FORWARDED_HOST"'
+  when: httpd_src_ip is defined and httpd_src_ip | length > 0 and '0.0.0.0/0' not in httpd_src_ip
+  tags: matomo
+
+- name: Configure LDAP Authentication
+  ini_file:
+    path: "{{ matomo_root_dir }}/web/config/config.ini.php"
+    option: "{{ item }}"
+    section: LoginLdap
+    value: "{{ (matomo_ldap_all[item] is number) | ternary(matomo_ldap_all[item],'\"' + matomo_ldap_all[item] | string + '\"') }}"
+    state: "{{ matomo_ldap_all.enabled | ternary('present','absent') }}"
+  with_items: "{{ matomo_ldap_all.keys() | list | difference(['enabled','hostname','admin_user','admin_pass','base_dn','port']) }}"
+  tags: matomo
+
+- name: Configure LDAP Servers
+  ini_file:
+    path: "{{ matomo_root_dir }}/web/config/config.ini.php"
+    option: "{{ item }}"
+    section: LoginLdap_ldap
+    value: "{{ (matomo_ldap_all[item] is number) | ternary(matomo_ldap_all[item],'\"' + matomo_ldap_all[item] | string + '\"') }}"
+    state: "{{ (matomo_ldap_all.enabled and matomo_ldap_all[item] is defined) | ternary('present','absent') }}"
+  with_items: [hostname,port,base_dn,admin_user,admin_pass]
+  tags: matomo
+
+- name: Clear cache
+  command: php{{ (matomo_php_version == '54') | ternary('',matomo_php_version) }} {{ matomo_root_dir }}/web/console cache:clear
+  changed_when: False
+  when: matomo_install_mode == 'upgrade'
+  tags: matomo
+
+- name: Enable plugins
+  command: php{{ (matomo_php_version == '54') | ternary('',matomo_php_version) }} {{ matomo_root_dir }}/web/console plugin:activate {{ item }}
+  with_items: "{{ matomo_plugins_to_install }}"
+  changed_when: False
+  tags: matomo
+
+- name: Update Matomo database
+  command: /bin/php{{ (matomo_php_version == '54') | ternary('',matomo_php_version) }} {{ matomo_root_dir }}/web/console --no-interaction core:update --yes
+  when: matomo_install_mode != 'none'
+  tags: matomo
+
+- name: Sync LDAP users
+  command: php{{ (matomo_php_version == '54') | ternary('',matomo_php_version) }} {{ matomo_root_dir }}/web/console loginldap:synchronize-users
+  when:
+    - matomo_ldap_all.enabled
+    - '"LoginLdap" in matomo_plugins_to_install'
+  changed_when: False
+  tags: matomo
+
+- import_tasks: ../includes/webapps_webconf.yml
+  vars:
+    - app_id: matomo_{{ glpi_id }}
+    - php_version: "{{ matomo_php_version }}"
+    - php_fpm_pool: "{{ matomo_php_fpm_pool | default('') }}"
+  tags: matomo

roles/unmaintained/matomo/tasks/directories.yml

@@ -0,0 +1,20 @@
+---
+
+- name: Create directories
+  file: path={{ item.path }} state=directory owner={{ item.owner | default(omit) }} group={{ item.group | default(omit) }} mode={{ item.mode | default(omit) }}
+  with_items:
+    - path: "{{ matomo_root_dir }}/sessions"
+      group: "{{ matomo_php_user }}"
+      mode: 770
+    - path: "{{ matomo_root_dir }}/tmp"
+      group: "{{ matomo_php_user }}"
+      mode: 770
+    - path: "{{ matomo_root_dir }}/cache"
+      group: "{{ matomo_php_user }}"
+      mode: 770
+    - path: "{{ matomo_root_dir }}/web"
+    - path: "{{ matomo_root_dir }}/meta"
+      mode: 700
+    - path: "{{ matomo_root_dir }}/backup"
+      mode: 700
+  tags: matomo

roles/unmaintained/matomo/tasks/facts.yml

@@ -0,0 +1,31 @@
+---
+
+- import_tasks: ../includes/webapps_set_install_mode.yml
+  vars:
+    - root_dir: "{{ matomo_root_dir }}"
+    - version: "{{ matomo_version }}"
+  tags: matomo
+- set_fact: matomo_install_mode={{ (install_mode == 'upgrade' and not matomo_manage_upgrade) | ternary('none',install_mode) }}
+  tags: matomo
+- set_fact: matomo_current_version={{ current_version | default('') }}
+  tags: matomo
+
+- import_tasks: ../includes/get_rand_pass.yml
+  vars:
+    - pass_file: "{{ matomo_root_dir }}/meta/salt.txt"
+  tags: matomo
+- set_fact: matomo_salt={{ rand_pass }}
+  tags: matomo
+
+- import_tasks: ../includes/get_rand_pass.yml
+  vars:
+    - pass_file: "{{matomo_root_dir }}/meta/ansible_dbpass"
+  when: matomo_db_pass is not defined
+  tags: matomo
+- set_fact: matomo_db_pass={{ rand_pass }}
+  when: matomo_db_pass is not defined
+  tags: matomo
+
+- name: Combine default and custom LDAP settings
+  set_fact: matomo_ldap_all={{ matomo_ldap_base | combine(matomo_ldap) }}
+  tags: matomo

roles/unmaintained/matomo/tasks/install.yml

@@ -0,0 +1,181 @@
+---
+
+- name: Install needed tools
+  yum:
+    name:
+      - unzip
+      - mariadb
+      - acl
+      - php{{ matomo_php_version }}-php-pecl-geoip
+  tags: matomo
+
+- name: Download Matomo
+  get_url:
+    url: "{{ matomo_archive_url }}"
+    dest: "{{ matomo_root_dir }}/tmp/"
+    checksum: "sha1:{{ matomo_archive_sha1 }}"
+  when: matomo_install_mode != 'none'
+  tags: matomo
+
+- name: Extract matomo archive
+  unarchive:
+    src: "{{ matomo_root_dir }}/tmp/matomo-{{ matomo_version }}.tar.gz"
+    dest: "{{ matomo_root_dir }}/tmp"
+    remote_src: yes
+  when: matomo_install_mode != 'none'
+  tags: matomo
+
+- name: Check if we have the list of core plugins
+  stat: path={{ matomo_root_dir }}/meta/core_plugins.txt
+  register: matomo_core_plugins_list
+  tags: matomo
+
+- name: Build a list of core plugins, which should never be removed
+  shell: find {{ matomo_root_dir }}/web/plugins/ -mindepth 1 -maxdepth 1 -type d -exec basename "{}" \; > {{ matomo_root_dir }}/meta/core_plugins.txt
+  when:
+    - matomo_install_mode == 'none'
+    - not matomo_core_plugins_list.stat.exists
+  changed_when: False
+  tags: matomo
+
+- name: Build a list of core plugins, which should never be removed
+  shell: find {{ matomo_root_dir }}/tmp/matomo/plugins/ -mindepth 1 -maxdepth 1 -type d -exec basename "{}" \; > {{ matomo_root_dir }}/meta/core_plugins.txt
+  when: matomo_install_mode != "none"
+  changed_when: False
+  tags: matomo
+
+- name: Remove known non core plugins from the list
+  lineinfile: path={{ matomo_root_dir }}/meta/core_plugins.txt regexp='^{{ item }}$' state=absent
+  with_items: "{{ matomo_plugins.keys() | list }}"
+  tags: matomo
+
+- name: Read core plugins list
+  command: cat {{ matomo_root_dir }}/meta/core_plugins.txt
+  register: matomo_core_plugins
+  changed_when: False
+  tags: matomo
+
+- name: List previously installed plugins
+  shell: find {{ matomo_root_dir }}/archives/{{ matomo_current_version }}/web/plugins/ -mindepth 1 -maxdepth 1 -type d -exec basename "{}" \;
+  register: matomo_previous_plugins
+  when: matomo_install_mode == "upgrade"
+  changed_when: False
+  tags: matomo
+
+- name: Move matomo to the web directory
+  synchronize:
+    src: "{{ matomo_root_dir }}/tmp/matomo/"
+    dest: "{{ matomo_root_dir }}/web/"
+    recursive: True
+    delete: True
+    rsync_opts:
+      - '--exclude=config/config.ini.php'
+  delegate_to: "{{ inventory_hostname }}"
+  when: matomo_install_mode != "none"
+  tags: matomo
+
+- name: Restore previous unmanaged plugins
+  synchronize:
+    src: "{{ matomo_root_dir }}/archives/{{ matomo_current_version }}/web/plugins/{{ item }}"
+    dest: "{{ matomo_root_dir }}/web/plugins/"
+    delegate_to: "{{ inventory_hostname }}"
+    recursive: True
+  with_items: "{{ matomo_previous_plugins.stdout_lines }}"
+  when:
+    - matomo_install_mode == 'upgrade'
+    - not matomo_remove_unmanaged_plugins
+  tags: matomo
+
+- name: List installed plugins
+  shell: find {{ matomo_root_dir }}/web/plugins/ -mindepth 1 -maxdepth 1 -type d -exec basename "{}" \;
+  register: matomo_current_plugins
+  changed_when: False
+  tags: matomo
+
+- name: Disable unmanaged plugins
+  command: php{{ (matomo_php_version == '54') | ternary('',matomo_php_version) }} {{ matomo_root_dir }}/web/console plugin:deactivate {{ item }}
+  with_items: "{{ matomo_current_plugins.stdout_lines }}"
+  when:
+    - item not in matomo_plugins_to_install
+    - item not in matomo_core_plugins.stdout
+    - matomo_remove_unmanaged_plugins
+  tags: matomo
+
+- name: Remove unmanaged plugins
+  file: path={{ matomo_root_dir }}/web/plugins/{{ item }} state=absent
+  with_items: "{{ matomo_current_plugins.stdout_lines }}"
+  when:
+    - item not in matomo_plugins_to_install
+    - item not in matomo_core_plugins.stdout
+    - matomo_remove_unmanaged_plugins
+  tags: matomo
+
+- import_tasks: ../includes/webapps_create_mysql_db.yml
+  vars:
+    - db_name: "{{ matomo_db_name }}"
+    - db_user: "{{ matomo_db_user }}"
+    - db_server: "{{ matomo_db_server }}"
+    - db_pass: "{{ matomo_db_pass }}"
+  tags: matomo
+
+- set_fact: matomo_db_created={{ db_created }}
+  tags: matomo
+
+- name: Copy the DB structure
+  copy: src=matomo.sql dest={{ matomo_root_dir }}/tmp/matomo.sql
+  when: matomo_install_mode == 'install'
+  tags: matomo
+
+- name: Init the database
+  mysql_db:
+    state: import
+    login_host: "{{ matomo_db_server }}"
+    login_user: sqladmin
+    login_password: "{{ mysql_admin_pass }}"
+    name: "{{ matomo_db_name }}"
+    target: "{{ matomo_root_dir }}/tmp/matomo.sql"
+  when:
+    - matomo_install_mode == 'install'
+    - matomo_db_created.changed
+  tags: matomo
+
+- name: Build a list of installed plugins
+  shell: find {{ matomo_root_dir }}/web/plugins -maxdepth 1 -mindepth 1 -type d -exec basename "{}" \;
+  register: matomo_installed_plugins
+  changed_when: False
+  tags: matomo
+
+- name: Download plugins
+  get_url:
+    url: http://plugins.matomo.org/api/2.0/plugins/{{ item }}/download/{{ matomo_plugins[item].version }}
+    dest: "{{ matomo_root_dir }}/tmp"
+    checksum: "sha1:{{ matomo_plugins[item].sha1 }}"
+  when: item not in matomo_installed_plugins.stdout_lines
+  with_items: "{{ matomo_plugins_to_install }}"
+  tags: matomo
+
+- name: Extract plugins
+  unarchive:
+    src: "{{ matomo_root_dir }}/tmp/{{ item }}-{{ matomo_plugins[item].version }}.zip"
+    dest: "{{ matomo_root_dir }}/web/plugins/"
+    remote_src: yes
+  when: item not in matomo_installed_plugins.stdout_lines
+  with_items: "{{ matomo_plugins_to_install }}"
+  tags: matomo
+
+- name: Deploy backup scripts
+  template: src={{ item }}-backup.j2 dest=/etc/backup/{{ item }}.d/matomo_{{ matomo_id }} mode=750
+  loop:
+    - pre
+    - post
+  tags: matomo
+
+- name: Setup cron task
+  cron:
+    name: matomo_{{ matomo_id }}
+    special_time: hourly
+    user: "{{ matomo_php_user }}"
+    job: "/bin/php{{ (matomo_php_version == '54') | ternary('',matomo_php_version) }} {{ matomo_root_dir }}/web/console core:archive --url={{ matomo_public_url }} 2>&1 | /bin/systemd-cat -t matomo_{{ matomo_id }}"
+    cron_file: matomo_{{ matomo_id }}
+  tags: matomo
+

roles/unmaintained/matomo/tasks/main.yml

@@ -0,0 +1,31 @@
+---
+
+- include_tasks: user.yml
+  tags: always
+
+- include_tasks: directories.yml
+  tags: always
+
+- include_tasks: facts.yml
+  tags: always
+
+- include_tasks: archive_pre.yml
+  when: matomo_install_mode | default('none') == 'upgrade'
+  tags: always
+
+- include_tasks: install.yml
+  tags: always
+
+- include_tasks: conf.yml
+  tags: always
+
+- include_tasks: archive_post.yml
+  when: matomo_install_mode | default('none') == 'upgrade'
+  tags: always
+
+- include_tasks: write_version.yml
+  tags: always
+
+- include_tasks: cleanup.yml
+  tags: always
+

roles/unmaintained/matomo/tasks/user.yml

@@ -0,0 +1,7 @@
+---
+
+- import_tasks: ../includes/create_system_user.yml
+  vars:
+    - user: "{{ matomo_php_user }}"
+    - comment: "PHP FPM for matomo {{ matomo_id }}"
+  tags: matomo

roles/unmaintained/matomo/tasks/write_version.yml

@@ -0,0 +1,7 @@
+---
+
+- import_tasks: ../includes/webapps_post.yml
+  vars:
+    - root_dir: "{{ matomo_root_dir }}"
+    - version: "{{ matomo_version }}"
+  tags: matomo