colin/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

nixos/matomo: improve serverName default

Browse Source 
when we need to change it anyway for the rename.
This commit is contained in:
Florian Jacob 2018-01-17 11:00:15 +01:00
parent 48e449ee70
commit 885e762d47
2 changed files with 25 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
nixos/doc/manual/release-notes/rl-1803.xml
View File

@ -255,6 +255,18 @@ following incompatible changes:</para>
All files will be moved automatically on first startup, but you might need to adjust your backup scripts. All files will be moved automatically on first startup, but you might need to adjust your backup scripts.
</para> </para>
</listitem> </listitem>
<listitem>
<para>
The default <option>serverName</option> for the nginx configuration changed from
<literal>piwik.${config.networking.hostName}</literal> to
<literal>matomo.${config.networking.hostName}.${config.networking.domain}</literal>
if <option>config.networking.domain</option> is set,
<literal>matomo.${config.networking.hostName}</literal> if it is not set.
If you change your <option>serverName</option>, remember you'll need to update the
<literal>trustedHosts[]</literal> array in <filename>/var/lib/matomo/config/config.ini.php</filename>
as well.
</para>
</listitem>
<listitem> <listitem>
<para> <para>
The <literal>piwik</literal> user was renamed to <literal>matomo</literal>. The <literal>piwik</literal> user was renamed to <literal>matomo</literal>.

18
nixos/modules/services/web-apps/matomo.nix
View File

@ -14,6 +14,11 @@ let
phpExecutionUnit = "phpfpm-${pool}"; phpExecutionUnit = "phpfpm-${pool}";
databaseService = "mysql.service"; databaseService = "mysql.service";
fqdn =
let
join = hostName: domain: hostName + optionalString (domain != null) ".${domain}";
in join config.networking.hostName config.networking.domain;
in { in {
options = { options = {
services.matomo = { services.matomo = {
@ -75,15 +80,19 @@ in {
); );
default = null; default = null;
example = { example = {
serverName = "stats.$\{config.networking.hostName\}"; serverAliases = [
"matomo.$\{config.networking.domain\}"
"stats.$\{config.networking.domain\}"
];
enableACME = false; enableACME = false;
}; };
description = '' description = ''
With this option, you can customize an nginx virtualHost which already has sensible defaults for matomo. With this option, you can customize an nginx virtualHost which already has sensible defaults for matomo.
Either this option or the webServerUser option is mandatory. Either this option or the webServerUser option is mandatory.
Set this to {} to just enable the virtualHost if you don't need any customization. Set this to {} to just enable the virtualHost if you don't need any customization.
If enabled, then by default, the serverName is ${user}.$\{config.networking.hostName\}, SSL is active, If enabled, then by default, the <option>serverName</option> is
and certificates are acquired via ACME. <literal>${user}.$\{config.networking.hostName\}.$\{config.networking.domain\}</literal>,
SSL is active, and certificates are acquired via ACME.
If this is set to null (the default), no nginx virtualHost will be configured. If this is set to null (the default), no nginx virtualHost will be configured.
''; '';
}; };
@ -183,8 +192,7 @@ in {
# References: # References:
# https://fralef.me/piwik-hardening-with-nginx-and-php-fpm.html # https://fralef.me/piwik-hardening-with-nginx-and-php-fpm.html
# https://github.com/perusio/piwik-nginx # https://github.com/perusio/piwik-nginx
# TODO: better default "${user}.${fqdn}" = mkMerge [ cfg.nginx {
"${user}.${config.networking.hostName}" = mkMerge [ cfg.nginx {
# don't allow to override the root easily, as it will almost certainly break matomo. # don't allow to override the root easily, as it will almost certainly break matomo.
# disadvantage: not shown as default in docs. # disadvantage: not shown as default in docs.
root = mkForce "${pkgs.matomo}/share"; root = mkForce "${pkgs.matomo}/share";