Howto: install an open web analytics platform in 30 minutes

This is a very quick guide on how to install Matomo on DigitalOcean.

Matomo is an Open Source Web Analytics platform that lets you get precise insights into your website or web application’s traffic through a nice visual web panel, similar to Google Analytics. The big advantage of doing it through an Open Source software is you don’t have to share this information with Google, which makes it easier to respect the privacy of your visitors and to comply with EU’s GDPR rules.

DigitalOcean is a hosting services provider specialized in Virtual Machines, that lets you setup small web applications relatively easily.

This guide assumes you are familiar with the Linux command line.

We’ll first start by setting up a “Droplet”, as DigitalOcean calls their virtual machines. To do that, go to https://digitalocean.com/, create an account, then click on “Create” then on “Droplet”

Select an Ubuntu 20.04 (the version is not a strict requirement, but we just tested with this one and it works).

For Matomo, we recommend starting with a Basic Plan, with a 2GB RAM/1vCPU machine (the price in the screenshot will vary with time).

If you want to get your image immediately scaled up to your needs, check the excellent Requirements page Matomo has setup for this at https://matomo.org/docs/requirements/


Pick whatever data center is closest to you, No VPC, then either set a password or upload an SSH key to connect to your machine. You will later need to “SSH” your machine as root to use that password or SSH key.

Choose a hostname (preferrably the one you will define as a DNS entry for your Matomo instance) and click “Create Droplet”.

Before you start with the more complex stuff, make sure you direct a domain or subdomain to your new virtual machine’s IP. This can take some time, so we recommend you create your VM (just that), note the IP, set it up in your DNS configuration and come back a few hours later to continue with the process below. If you don’t give a DNS name to your instance, you won’t be able to use SSL (HTTPS), and most of your tracked sites (if HTTPS) will not work.

ssh root@your-vm-IP
apt update && apt -u upgrade
apt install nginx-full php-fpm php-mysql php-gd php-curl php-cli php-xml php-mbstring mariadb-server mariadb-client unzip certbot
mysql_secure_installation (enter, Y, password x 2, enter, enter, enter, enter, enter)
mysql -u root -p
mariadb> create database matomo;
mariadb> grant all privileges on matomo.* to matomo@localhost identified by 'somepassword';
mariadb> exit;
cd /var/www
wget https://builds.matomo.org/matomo.zip && unzip matomo.zip
certbot certonly -d [your.domain.name (without protocol or slashes)]
# Your webroot (as asked by certbot) is /var/www/html for now
# Yhis will generate some output and, if the operation is
# successful, it should give you 2 paths that you will need:
# one to a fullchain.pem file, another to a privkey.pem file
cd /etc/nginx/sites-available
cp default [your.domain.name]
vim [your.domain.name]
# edit the configuration to remove "default_server",
# add your domain name instead of "_" in server_name,
# add index.php in the indexes list and
# uncomment the PHP and ".ht" sections.
# Your final configuration should look something like this
# (replace your.domain.name by yours):
server {
listen 80;
listen [::]:80;
server_name your.domain.name;
return https://your.domain.name$request_uri;
}
server {
listen 443 ssl;
listen [::]:443 ssl;
root /var/www/matomo;
index index.php index.html index.htm;
server_name your.domain.name;
ssl_certificate /etc/letsencrypt/live/your.domain.name/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/your.domain.name/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;
ssl_ecdh_curve secp384r1;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
location / {
try_files $uri $uri/ =404;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
}
location ~ /\.ht {
deny all;
}
}

# Note that the "php7.4-fpm.sock" bit might change depending on when you follow these instructions. To get the right one, just "ls /var/run/php".
# Save and exit with escape + :wq + enter
<escape>:wq<enter>
cd ../sites-enabled
ln -s ../sites-available/[your.domain.name]
service nginx reload
cd /var/www/matomo
chown -R www-data:www-data /var/www/matomo
find /var/www/matomo/tmp -type f -exec chmod 644 {} \;
find /var/www/matomo/tmp -type d -exec chmod 755 {} \;

Now you can load the Matomo installer through http://your.domain.name (note that it should automatically redirect you to https).

Follow the instructions on screen and… you should be good to go!

It's only fair to share...Share on Facebook
Facebook
Tweet about this on Twitter
Twitter
Share on LinkedIn
Linkedin
Share on Tumblr
Tumblr
Email this to someone
email

Leave a Reply

Your email address will not be published. Required fields are marked *