Matomo (fka PIWIK)
Matomo kommt von InnoCraft und hiess bis Januar 2018 PIWIK. Es konkurriert mit Google Analytics, ist aber Open Source und kann self-hosted betrieben werden.
Unsere Blogbeiträge zu Matomo.
Matomo sollte wegen Content Security Policy Headern am besten auf einem eigenen Host (z.B. analytics.example.com) und nicht unter der URL der Webseite betrieben werden. Für Matomo müssen die CSP recht offen sein („data:“ erlaubt), was von Security-Scannern moniert wird, und im Falle eines Mischens/Betrieb unter der Webseite (mysite.ch/analytics) die Webseite in einem Security-Ranking runterstufen könnte.
Installation
Ein aktuelles PHP unter Apache httpd verwenden, als Datenbank ist MariaDB empfohlen.
PHP: memory_limit >= 192M setzen.
Darüber hinaus wird benötigt:
yum -y install gd
yum -y install php php-pdo php-mysqlnd php-mbstring php-gd php-dom
Download:
rm -f /tmp/latest.zip*
rm -rf /tmp/matomo*
wget http://builds.matomo.org/latest.zip --output-document=/tmp/latest.zip
unzip -o /tmp/latest.zip -d /var/www/html/
rm -rf /var/www/html/matomo/tmp/*
chown -R apache:apache /var/www/html/matomo
find /var/www/html/matomo/tmp -type f -exec chmod 644 {} \;
find /var/www/html/matomo/tmp -type d -exec chmod 755 {} \;
find /var/www/html/matomo/tmp/assets -type f -exec chmod 644 {} \;
find /var/www/html/matomo/tmp/assets -type d -exec chmod 755 {} \;
find /var/www/html/matomo/tmp/cache -type f -exec chmod 644 {} \;
find /var/www/html/matomo/tmp/cache -type d -exec chmod 755 {} \;
find /var/www/html/matomo/tmp/tcpdf -type f -exec chmod 644 {} \;
find /var/www/html/matomo/tmp/tcpdf -type d -exec chmod 755 {} \;
find /var/www/html/matomo/tmp/templates_c -type f -exec chmod 644 {} \;
find /var/www/html/matomo/tmp/templates_c -type d -exec chmod 755 {} \;
SELinux:
semanage fcontext --add --type httpd_sys_rw_content_t "/var/www/html/matomo/config(/.*)?"
semanage fcontext --add --type httpd_sys_rw_content_t "/var/www/html/matomo/matomo.js"
semanage fcontext --add --type httpd_sys_rw_content_t "/var/www/html/matomo/piwik.js"
semanage fcontext --add --type httpd_sys_rw_content_t "/var/www/html/matomo/tmp(/.*)?"
restorecon -Fvr /var/www/html/matomo
Wenn Matomo hinter einem Reverse Proxy läuft:
/var/www/html/matomo/config/config.ini.php
[General]
; for Reverse Proxying https://matomo.org/faq/how-to-install/faq_98/
assume_secure_protocol = 1
proxy_client_headers[] = HTTP_X_FORWARDED_FOR
proxy_host_headers[] = HTTP_X_FORWARDED_HOST
Cronjob für automatische Datenarchivierung und -optimierung einrichten. Sind diese nicht aktiv, macht sich das nach einiger Zeit im Betrieb in kaputten Widgets in der Weboberfläche aufgrund von Timeouts wegen zu grosser Datenmengen bemerkbar.
# Matomo Auto Archiving
5 * * * * /usr/bin/php /var/www/html/matomo/console core:archive --url=https://analytics.example.com/ > /var/log/matomo-archive.log 1> /dev/null
Der gleiche Cronjob als Systemd-Timer:
/etc/systemd/system/matomo-archive.service
[Unit]
Description=Matomo Archive Service
[Service]
ExecStart=/usr/bin/php /var/www/html/matomo/console --matomo-domain=analytics.linuxfabrik.ch core:archive
Type=oneshot
User=root
[Install]
WantedBy=basic.target
/etc/systemd/system/matomo-archive.timer
[Unit]
Description=Matomo Archive Timer
[Timer]
OnCalendar=05:07:00
Unit=matomo-archive.service
[Install]
WantedBy=timers.target
Jetzt die Instanz per http://matomo/index.php aufrufen und im Setup-Wizard den ersten Benutzer anlegen.
Matomo ohne Tracking-Code (matomo.js)
Adblocker verhindern die Ausführung der matomo.js. Wer trotzdem grundlegende Statistiken haben möchte, kann den Webserver anweisen, bei Bedarf sogar in Echtzeit direkt nach Matomo zu loggen.
Zunächst das Python-Script https://github.com/matomo-org/matomo-log-analytics/blob/5.x-dev/import_logs.py z.B. in /usr/local/sbin/import_logs.py auf dem Webserver ablegen, welcher die Seite über die Domain-Namen verarbeitet (also beispielsweise auf dem Reverse Proxy). Eventuell den Shebang auf #!/usr/bin/python3 ändern, damit das Skript auch wirklich ausgeführt werden kann.
In Matomo muss im „Administration“-Bereich (oben rechts über das Gear-Icon erreichbar) unter Personal > Security ein neues „Auth Token“ angelegt werden. Die „Description“ könnte „srv-proxy site.example.com import_logs.py“ lauten, wenn es ein Token für „site.example.com“ auf dem Reverse Proxy „srv-proxy“ sein soll.
Dann:
chmod +x /usr/local/sbin/import_logs.py
Bemerkung
Mit
--urlist die URL des Matomo-Servers gemeint, nicht die der auszuwertenden Seite.--token-authmuss von einem User mit Admin- oder Superuser-Rechten kommen.Es funktionieren (Stand 2024-01) nur Auth-Token, bei denen „Only allow secure requests“ („Secure use only“) NICHT aktiv ist.
Das Import-Tool prüft rein gar nichts vor dem Import. Mehrfache Aufrufe auf die gleichen Log-Daten führen in Matomo also auch zu mehrfach gezählten Daten.
- Real-time-Auswertung der Logfiles
chown apache:apache /usr/local/sbin/import_logs.py
Für eine die Apache vHost-Definition anpassen:
vhost.conf# Matomo Realtime Logging LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" matomo CustomLog "||/usr/local/sbin/import_logs.py \ --debug \ --enable-bots \ --enable-http-errors \ --idsite=1234 \ --output=/var/log/matomo.log \ --recorders=4 \ --token-auth=2ac48e93-2ca7-4df3-9e7c-c81b36d0a474 \ --url=https://analytics.example.com \ -" matomoAuswertung aktivieren:
httpd -t setsebool -P httpd_can_network_connect on systemctl reload httpd
SELinux:
semanage fcontext --add --type httpd_log_t "/var/log/matomo.log" restorecon -Fv /var/log/matomo.log
- Periodische Auswertung der Logfiles
Per Cronjob oder systemd-timer folgenden Aufruf konfigurieren:
/usr/local/sbin/import_logs.py \ --debug \ --enable-bots \ --enable-http-errors \ --idsite=1234 \ --output=/var/log/matomo.log \ --recorders=4 \ --token-auth=2ac48e93-2ca7-4df3-9e7c-c81b36d0a474 \ --url=https://analytics.example.com \ /path/to/analytics.example.com-access.log
Um bereits rotierte Logfiles von gestern zu importieren, folgendes Konstrukt verwenden:
/usr/local/sbin/import_logs.py \ ... \ $(date --date=yesterday +/path/to/analytics.example.com-access.log-\%Y\%m\%d)
Logging:
tail -f /var/log/audit/audit.log /var/log/httpd/analytics.example.com-error.log /var/log/matomo.log
Alle Kommandozeilen-Parameter auf einen Blick:
usage: import_logs.py [-h] [--auth-user AUTH_USER]
[--auth-password AUTH_PASSWORD] [--debug]
[--debug-tracker]
[--debug-request-limit DEBUG_REQUEST_LIMIT] --url
MATOMO_URL [--api-url MATOMO_API_URL]
[--tracker-endpoint-path MATOMO_TRACKER_ENDPOINT_PATH]
[--dry-run] [--show-progress]
[--show-progress-delay SHOW_PROGRESS_DELAY]
[--add-sites-new-hosts] [--idsite SITE_ID]
[--idsite-fallback SITE_ID_FALLBACK]
[--config CONFIG_FILE] [--login LOGIN]
[--password PASSWORD] [--token-auth MATOMO_TOKEN_AUTH]
[--hostname HOSTNAMES] [--exclude-path EXCLUDED_PATHS]
[--exclude-path-from EXCLUDE_PATH_FROM]
[--include-path INCLUDED_PATHS]
[--include-path-from INCLUDE_PATH_FROM]
[--useragent-exclude EXCLUDED_USERAGENTS]
[--enable-static] [--enable-bots] [--enable-http-errors]
[--enable-http-redirects] [--enable-reverse-dns]
[--strip-query-string]
[--query-string-delimiter QUERY_STRING_DELIMITER]
[--log-format-name LOG_FORMAT_NAME]
[--log-format-regex LOG_FORMAT_REGEX]
[--log-date-format LOG_DATE_FORMAT]
[--log-hostname LOG_HOSTNAME] [--skip SKIP]
[--recorders RECORDERS]
[--recorder-max-payload-size RECORDER_MAX_PAYLOAD_SIZE]
[--replay-tracking]
[--replay-tracking-expected-tracker-file REPLAY_TRACKING_EXPECTED_TRACKER_FILE]
[--output OUTPUT] [--encoding ENCODING]
[--disable-bulk-tracking]
[--debug-force-one-hit-every-Ns FORCE_ONE_ACTION_INTERVAL]
[--force-lowercase-path] [--enable-testmode]
[--download-extensions DOWNLOAD_EXTENSIONS]
[--add-download-extensions EXTRA_DOWNLOAD_EXTENSIONS]
[--w3c-map-field KEY=VAL] [--w3c-time-taken-millisecs]
[--w3c-fields W3C_FIELDS] [--w3c-field-regex KEY=VAL]
[--title-category-delimiter TITLE_CATEGORY_DELIMITER]
[--dump-log-regex]
[--ignore-groups REGEX_GROUPS_TO_IGNORE]
[--regex-group-to-visit-cvar KEY=VAL]
[--regex-group-to-page-cvar KEY=VAL]
[--track-http-method TRACK_HTTP_METHOD]
[--retry-max-attempts MAX_ATTEMPTS]
[--retry-delay DELAY_AFTER_FAILURE]
[--request-timeout REQUEST_TIMEOUT]
[--include-host INCLUDE_HOST]
[--exclude-host EXCLUDE_HOST]
[--exclude-older-than EXCLUDE_OLDER_THAN]
[--exclude-newer-than EXCLUDE_NEWER_THAN]
[--add-to-date SECONDS_TO_ADD_TO_DATE]
[--request-suffix REQUEST_SUFFIX]
[--accept-invalid-ssl-certificate]
[--php-binary PHP_BINARY]
file [file ...]
Import HTTP access logs to Matomo. log_file is the path to a server access log
file (uncompressed, .gz, .bz2, or specify - to read from stdin). You may also
import many log files at once (for example set log_file to *.log or *.log.gz).
By default, the script will try to produce clean reports and will exclude
bots, static files, discard http error and redirects, etc. This is
customizable, see below.
positional arguments:
file
optional arguments:
-h, --help show this help message and exit
--auth-user AUTH_USER
Basic auth user
--auth-password AUTH_PASSWORD
Basic auth password
--debug, -d Enable debug output (specify multiple times for more
verbose)
--debug-tracker Appends &debug=1 to tracker requests and prints out
the result so the tracker can be debugged. If using
the log importer results in errors with the tracker or
improperly recorded visits, this option can be used to
find out what the tracker is doing wrong. To see debug
tracker output, you must also set the [Tracker]
debug_on_demand INI config to 1 in your Matomo's
config.ini.php file.
--debug-request-limit DEBUG_REQUEST_LIMIT
Debug option that will exit after N requests are
parsed. Can be used w/ --debug-tracker to limit the
output of a large log file.
--url MATOMO_URL REQUIRED Your Matomo server URL, eg.
https://example.com/matomo/ or
https://analytics.example.net
--api-url MATOMO_API_URL
This URL will be used to send API requests (use it if
your tracker URL differs from UI/API url), eg.
https://other-example.com/matomo/ or
https://analytics-api.example.net
--tracker-endpoint-path MATOMO_TRACKER_ENDPOINT_PATH
The tracker endpoint path to use when tracking.
Defaults to /piwik.php.
--dry-run Perform a trial run with no tracking data being
inserted into Matomo
--show-progress Print a progress report X seconds (default: 1, use
--show-progress-delay to override)
--show-progress-delay SHOW_PROGRESS_DELAY
Change the default progress delay
--add-sites-new-hosts
When a hostname is found in the log file, but not
matched to any website in Matomo, automatically create
a new website in Matomo with this hostname to import
the logs
--idsite SITE_ID When specified, data in the specified log files will
be tracked for this Matomo site ID. The script will
not auto-detect the website based on the log line
hostname (new websites will not be automatically
created).
--idsite-fallback SITE_ID_FALLBACK
Default Matomo site ID to use if the hostname doesn't
match any known Website's URL. New websites will not
be automatically created. Used only if --add-sites-
new-hosts or --idsite are not set
--config CONFIG_FILE This is only used when --login and --password is not
used. Matomo will read the configuration file
(default: /usr/config/config.ini.php) to fetch the
Super User token_auth from the config file.
--login LOGIN You can manually specify the Matomo Super User login
--password PASSWORD You can manually specify the Matomo Super User
password
--token-auth MATOMO_TOKEN_AUTH
Matomo user token_auth, the token_auth is found in
Matomo > Settings > API. You must use a token_auth
that has at least 'admin' or 'super user' permission.
If you use a token_auth for a non admin user, your
users' IP addresses will not be tracked properly.
--hostname HOSTNAMES Accepted hostname (requests with other hostnames will
be excluded). You may use the star character *
Example: --hostname=*domain.com Can be specified
multiple times
--exclude-path EXCLUDED_PATHS
Any URL path matching this exclude-path will not be
imported in Matomo. You must use the star character *.
Example: --exclude-path=*/admin/* Can be specified
multiple times.
--exclude-path-from EXCLUDE_PATH_FROM
Each line from this file is a path to exclude. Each
path must contain the character * to match a string.
(see: --exclude-path)
--include-path INCLUDED_PATHS
Paths to include. Can be specified multiple times. If
not specified, all paths are included.
--include-path-from INCLUDE_PATH_FROM
Each line from this file is a path to include
--useragent-exclude EXCLUDED_USERAGENTS
User agents to exclude (in addition to the standard
excluded user agents). Can be specified multiple times
--enable-static Track static files (images, css, js, ico, ttf, etc.)
--enable-bots Track bots. All bot visits will have a Custom Variable
set with name='Bot' and value='$Bot_user_agent_here$'
--enable-http-errors Track HTTP errors (status code 4xx or 5xx)
--enable-http-redirects
Track HTTP redirects (status code 3xx except 304)
--enable-reverse-dns Enable reverse DNS, used to generate the 'Providers'
report in Matomo. Disabled by default, as it impacts
performance
--strip-query-string Strip the query string from the URL
--query-string-delimiter QUERY_STRING_DELIMITER
The query string delimiter (default: ?)
--log-format-name LOG_FORMAT_NAME
Access log format to detect (supported are:
amazon_cloudfront, common, common_complete,
common_vhost, elb, gandi, haproxy, icecast2, iis,
incapsula_w3c, ncsa_extended, nginx_json, ovh, s3,
shoutcast, traefik_json, w3c_extended). When not
specified, the log format will be autodetected by
trying all supported log formats.
--log-format-regex LOG_FORMAT_REGEX
Regular expression used to parse log entries. Regexes
must contain named groups for different log fields.
Recognized fields include: date, path, query_string,
ip, user_agent, referrer, status, length, host,
userid, generation_time_milli, event_action,
event_name, timezone, session_time. For an example of
a supported Regex, see the source code of this file.
Overrides --log-format-name.
--log-date-format LOG_DATE_FORMAT
Format string used to parse dates. You can specify any
format that can also be specified to the strptime
python function.
--log-hostname LOG_HOSTNAME
Force this hostname for a log format that doesn't
include it. All hits will seem to come to this host
--skip SKIP Skip the n first lines to start parsing/importing data
at a given line for the specified log file
--recorders RECORDERS
Number of simultaneous recorders (default: 1). It
should be set to the number of CPU cores in your
server. You can also experiment with higher values
which may increase performance until a certain point
--recorder-max-payload-size RECORDER_MAX_PAYLOAD_SIZE
Maximum number of log entries to record in one
tracking request (default: 200).
--replay-tracking Replay piwik.php requests found in custom logs (only
piwik.php requests expected). See
https://matomo.org/faq/how-to/faq_17033/
--replay-tracking-expected-tracker-file REPLAY_TRACKING_EXPECTED_TRACKER_FILE
The expected suffix for tracking request paths. Only
logs whose paths end with this will be imported. By
default requests to the piwik.php file or the
matomo.php file will be imported.
--output OUTPUT Redirect output (stdout and stderr) to the specified
file
--encoding ENCODING Log files encoding (default: utf8)
--disable-bulk-tracking
Disables use of bulk tracking so recorders record one
hit at a time.
--debug-force-one-hit-every-Ns FORCE_ONE_ACTION_INTERVAL
Debug option that will force each recorder to record
one hit every N secs.
--force-lowercase-path
Make URL path lowercase so paths with the same letters
but different cases are treated the same.
--enable-testmode If set, it will try to get the token_auth from the
matomo_tests directory
--download-extensions DOWNLOAD_EXTENSIONS
By default Matomo tracks as Downloads the most popular
file extensions. If you set this parameter (format:
pdf,doc,...) then files with an extension found in the
list will be imported as Downloads, other file
extensions downloads will be skipped.
--add-download-extensions EXTRA_DOWNLOAD_EXTENSIONS
Add extensions that should be treated as downloads.
See --download-extensions for more info.
--w3c-map-field KEY=VAL
Map a custom log entry field in your W3C log to a
default one. Use this option to load custom log files
that use the W3C extended log format such as those
from the Advanced Logging W3C module. Used as, eg,
--w3c-map-field my-date=date. Recognized default
fields include: date, time, cs-uri-stem, cs-uri-query,
c-ip, cs(User-Agent), cs(Referer), sc-status, sc-
bytes, cs-host, cs-method, cs-username, time-taken
Formats that extend the W3C extended log format (like
the cloudfront RTMP log format) may define more fields
that can be mapped.
--w3c-time-taken-millisecs
If set, interprets the time-taken W3C log field as a
number of milliseconds. This must be set for importing
IIS logs.
--w3c-fields W3C_FIELDS
Specify the '#Fields:' line for a log file in the W3C
Extended log file format. Use this option if your log
file doesn't contain the '#Fields:' line which is
required for parsing. This option must be used in
conjunction with --log-format-name=w3c_extended.
Example: --w3c-fields='#Fields: date time c-ip ...'
--w3c-field-regex KEY=VAL
Specify a regex for a field in your W3C extended log
file. You can use this option to parse fields the
importer does not natively recognize and then use one
of the --regex-group-to-XXX-cvar options to track the
field in a custom variable. For example, specifying
--w3c-field-regex=sc-
win32-status=(?P<win32_status>\S+) --regex-group-to-
page-cvar="win32_status=Windows Status Code" will
track the sc-win32-status IIS field in the 'Windows
Status Code' custom variable. Regexes must contain a
named group.
--title-category-delimiter TITLE_CATEGORY_DELIMITER
If --enable-http-errors is used, errors are shown in
the page titles report. If you have changed
General.action_title_category_delimiter in your Matomo
configuration, you need to set this option to the same
value in order to get a pretty page titles report.
--dump-log-regex Prints out the regex string used to parse log lines
and exists. Can be useful for using formats in newer
versions of the script in older versions of the
script. The output regex can be used with the --log-
format-regex option.
--ignore-groups REGEX_GROUPS_TO_IGNORE
Comma separated list of regex groups to ignore when
parsing log lines. Can be used to, for example,
disable normal user id tracking. See documentation for
--log-format-regex for list of available regex groups.
--regex-group-to-visit-cvar KEY=VAL
Track an attribute through a custom variable with
visit scope instead of through Matomo's normal
approach. For example, to track usernames as a custom
variable instead of through the uid tracking
parameter, supply --regex-group-to-visit-
cvar="userid=User Name". This will track usernames in
a custom variable named 'User Name'. The list of
available regex groups can be found in the
documentation for --log-format-regex (additional regex
groups you may have defined in --log-format-regex can
also be used).
--regex-group-to-page-cvar KEY=VAL
Track an attribute through a custom variable with page
scope instead of through Matomo's normal approach. For
example, to track usernames as a custom variable
instead of through the uid tracking parameter, supply
--regex-group-to-page-cvar="userid=User Name". This
will track usernames in a custom variable named 'User
Name'. The list of available regex groups can be found
in the documentation for --log-format-regex
(additional regex groups you may have defined in
--log-format-regex can also be used).
--track-http-method TRACK_HTTP_METHOD
Enables tracking of http method as custom page
variable if method group is available in log format.
--retry-max-attempts MAX_ATTEMPTS
The maximum number of times to retry a failed tracking
request.
--retry-delay DELAY_AFTER_FAILURE
The number of seconds to wait before retrying a failed
tracking request.
--request-timeout REQUEST_TIMEOUT
The maximum number of seconds to wait before
terminating an HTTP request to Matomo.
--include-host INCLUDE_HOST
Only import logs from the specified host(s).
--exclude-host EXCLUDE_HOST
Only import logs that are not from the specified
host(s).
--exclude-older-than EXCLUDE_OLDER_THAN
Ignore logs older than the specified date. Exclusive.
Date format must be YYYY-MM-DD hh:mm:ss +/-0000. The
timezone offset is required.
--exclude-newer-than EXCLUDE_NEWER_THAN
Ignore logs newer than the specified date. Exclusive.
Date format must be YYYY-MM-DD hh:mm:ss +/-0000. The
timezone offset is required.
--add-to-date SECONDS_TO_ADD_TO_DATE
A number of seconds to add to each date value in the
log file.
--request-suffix REQUEST_SUFFIX
Extra parameters to append to tracker and API
requests.
--accept-invalid-ssl-certificate
Do not verify the SSL / TLS certificate when
contacting the Matomo server.
--php-binary PHP_BINARY
Specify the PHP binary to use.
About Matomo Server Log Analytics: https://matomo.org/log-analytics/ Found a
bug? Please create a ticket in https://github.com/matomo-org/matomo-log-
analytics/ Please send your suggestions or successful user story to
hello@matomo.org
Quelle: https://github.com/matomo-org/matomo-log-analytics/#readme
Matomo Console Cheat Sheet
cd /var/www/html/matomo
./console list
./console cache:clear-caches
./console core:archive
./console core:archive --url=https://analytics.example.com > /var/log/piwik-archive.log 1> /dev/null
./console core:convert-to-utf8mb4 --show
./console core:run-scheduled-tasks
./console core:update
# You'll find the names of all sections in /var/www/html/matomo/config/global.ini.php
./console config:get --section=APISettings
./console config:get --section=ArrayCache
./console config:get --section=Cache
./console config:get --section=ChainedCache
./console config:get --section=CoreUpdater
./console config:get --section=Debug
./console config:get --section=Deletelogs
./console config:get --section=Deletereports
./console config:get --section=Development
./console config:get --section=FileCache
./console config:get --section=General
./console config:get --section=GeoIp2
./console config:get --section=Languages
./console config:get --section=Live
./console config:get --section=log
./console config:get --section=Login
./console config:get --section=LoginOIDC
./console config:get --section=mail
./console config:get --section=Plugins
./console config:get --section=PluginsInstalled
./console config:get --section=PrivacyManager
./console config:get --section=proxy
./console config:get --section=RedisCache
./console config:get --section=Segments
./console config:get --section=Tracker
./console config:get --section=TwoFactorAuth
./console config:set --section database --key=host --value=127.0.0.1
./console database:optimize-archive-tables 2016-0{1..9} 2016-1{0..2} 2017-0{1..9} 2017-1{0..2}
./console diagnostics:run
Daten aufräumen
Rohdaten für einen bestimmten Tag löschen:
Zunächst Rohdaten per Matomo > Administration > Privacy > GDPR Tools löschen, beispielsweise auf Basis „Time in UTC“ „Starts with“ „2020-12-09“. Muss evtl. mehrfach wiederholt werden, da die Seite die Ergebnisliste begrenzt.
Dann historische Daten entfernen:
./console core:invalidate-report-data --periods=all --cascade --dates=2020-12-09,2020-12-10 --sites=2
Update/Upgrade
Eine bestehende Matomo-Installation wird wie folgt per Kommandozeile aktualisiert:
Dateibasis aktualisieren:
INSTALL_DIR=/var/www/html/matomo
MATOMO_URL=analytics.example.com
rm -f /tmp/latest.zip*
rm -rf /tmp/matomo*
wget http://builds.matomo.org/latest.zip --output-document=/tmp/latest.zip
unzip -o /tmp/latest.zip -d /tmp
mkdir -p $INSTALL_DIR
\cp -r /tmp/matomo/* $INSTALL_DIR/
rm -rf /tmp/matomo
chmod +w $INSTALL_DIR/matomo.js
chmod +w $INSTALL_DIR/config/config.ini.php
chown -R apache:apache $INSTALL_DIR
restorecon -Fvr $INSTALL_DIR
systemctl restart php-fpm.service
Das eigentliche Upgrade:
php $INSTALL_DIR/console --matomo-domain=$MATOMO_URL core:update
php $INSTALL_DIR/console --matomo-domain=$MATOMO_URL core:clear-caches
php $INSTALL_DIR/console --matomo-domain=$MATOMO_URL core:run-scheduled-tasks
php $INSTALL_DIR/console diagnostics:run
GeoIP
Im Web-GUI unter System > Geolocation nachsehen, wie eine GeoIP-Datenbank (Maxmind empfohlen) aufzusetzen ist.
Troubleshooting
- Probleme?
php /var/www/html/matomo/console diagnostics:run
- Probleme nach dem Update? z.B.
PHP Fatal error: Cannot override final method Piwik\Plugin\ConsoleCommand::execute() in /var/www/html/matomo/plugins/CoreConsole/Commands/GenerateAngularComponent.php on line 27beim Aufruf vonconsole Der oben beschriebene (und von Matomo empfohlene) Update-Vorgang aktualisiert nur bestehende und neue Files auf dem Server, löscht aber niemals alte Files. Das kann zu Problemen führen, wenn es Files in einer neueren Version von Matomo nicht mehr geben sollte. Um dies zu beheben müssen die überflüssigen Files entfernen werden, am besten indem die Files auf dem Server mit den Files in der ZIP-Datei vergleicht werden. Bei der obigen Fehlermeldung hilft folgendes (siehe https://github.com/matomo-org/matomo/issues/21718):
\rm -f /var/www/html/matomo/plugins/CoreConsole/Commands/GenerateAngularComponent.php \rm -f /var/www/html/matomo/plugins/CoreConsole/Commands/GenerateAngularConstructBase.php \rm -f /var/www/html/matomo/plugins/CoreConsole/Commands/GenerateAngularDirective.php php /var/www/html/matomo/console diagnostics:run
- Unable to write in the cache directory (var/www/html/matomo/tmp/templates_c/8a).
php /var/www/html/matomo/console core:clear-caches
- Unable to execute check for https://analytics.example.com/tmp/: curl_exec: Connection timed out after 2000 milliseconds. Hostname requested was: analytics.example.com
Matomo rennt bei lokalem Aufruf von
curl https://analytics.example.comin einen Timeout. Könnte an fehlenden/etc/hosts-Einträgen auf dem Matomo-Host liegen.
Built on 2025-05-09