From b270eecc65b4019541c0c16b65185372d4e29bf5 Mon Sep 17 00:00:00 2001 From: Joe Corall Date: Thu, 6 Jun 2024 20:29:08 -0400 Subject: [PATCH] Remove matomo (#396) * Remove matomo * rm matomo * Delete build/docker-compose/docker-compose.matomo.yml * rm matomo * Delete secrets/template/MATOMO_USER_PASS * Delete secrets/template/MATOMO_DB_PASSWORD * Update README.md --- Makefile | 5 +-- README.md | 1 - build/docker-compose/docker-compose.acme.yml | 3 -- .../docker-compose/docker-compose.drupal.yml | 1 - .../docker-compose/docker-compose.matomo.yml | 41 ------------------- .../docker-compose/docker-compose.secrets.yml | 9 ---- .../docker-compose/docker-compose.traefik.yml | 2 +- .../rootfs/etc/cont-init.d/04-custom-setup.sh | 1 - build/scripts/generate-secrets.sh | 11 ----- sample.env | 6 +-- secrets/template/MATOMO_DB_PASSWORD | 1 - secrets/template/MATOMO_USER_PASS | 1 - 12 files changed, 4 insertions(+), 78 deletions(-) delete mode 100644 build/docker-compose/docker-compose.matomo.yml delete mode 100644 secrets/template/MATOMO_DB_PASSWORD delete mode 100644 secrets/template/MATOMO_USER_PASS diff --git a/Makefile b/Makefile index 212466da3..b08d014f8 100644 --- a/Makefile +++ b/Makefile @@ -45,7 +45,7 @@ export EXTERNAL_SERVICES := etcd watchtower traefik # The minimal set of docker compose files required to be able to run anything. -REQUIRED_SERVICES ?= activemq alpaca blazegraph cantaloupe crayfish crayfits drupal mariadb matomo solr +REQUIRED_SERVICES ?= activemq alpaca blazegraph cantaloupe crayfish crayfits drupal mariadb solr ifeq ($(USE_SECRETS), true) SECRETS := secrets @@ -594,14 +594,13 @@ install: drupal-database .PHONY: update-config-from-environment ## Updates configuration from environment variables. -## Allow all commands to fail as the user may not have all the modules like matomo, etc. +## Allow all commands to fail as the user may not have all the modules. .SILENT: update-config-from-environment update-config-from-environment: -docker compose exec -T drupal with-contenv bash -lc "for_all_sites configure_islandora_module" -docker compose exec -T drupal with-contenv bash -lc "for_all_sites configure_jwt_module" -docker compose exec -T drupal with-contenv bash -lc "for_all_sites configure_islandora_default_module" -docker compose exec -T drupal with-contenv bash -lc "for_all_sites configure_search_api_solr_module" - -docker compose exec -T drupal with-contenv bash -lc "for_all_sites configure_matomo_module" -docker compose exec -T drupal with-contenv bash -lc "for_all_sites configure_openseadragon" -docker compose exec -T drupal with-contenv bash -lc "for_all_sites configure_islandora_default_module" diff --git a/README.md b/README.md index e7a9636d9..9e620ac04 100644 --- a/README.md +++ b/README.md @@ -94,7 +94,6 @@ the things you can do. If you want to poke around, here's all the services that | Activemq | [http://islandora.traefik.me:8161](http://islandora.traefik.me:8161) | No | | Solr | [http://islandora.traefik.me:8983](http://islandora.traefik.me:8983) | No | | Cantaloupe | [https://islandora.traefik.me/cantaloupe](https://islandora.traefik.me/cantaloupe) | Yes | -| Matomo | [https://islandora.traefik.me/matomo/](https://islandora.traefik.me/matomo/) | Yes | | Code Server | [https://islandora.traefik.me:8443/](https://islandora.traefik.me:8443/) | No | > **Exposed**: the act of allowing the containerized application's ports to be accessible to the host machine (or public). In most cases this makes the specified URL available for the browser. diff --git a/build/docker-compose/docker-compose.acme.yml b/build/docker-compose/docker-compose.acme.yml index 8fb4c5196..229be0e1d 100644 --- a/build/docker-compose/docker-compose.acme.yml +++ b/build/docker-compose/docker-compose.acme.yml @@ -40,6 +40,3 @@ services: drupal: labels: - traefik.http.routers.${COMPOSE_PROJECT_NAME-isle-dc}-drupal_https.tls.certresolver=myresolver - matomo: - labels: - - traefik.http.routers.${COMPOSE_PROJECT_NAME-isle-dc}-matomo_https.tls.certresolver=myresolver diff --git a/build/docker-compose/docker-compose.drupal.yml b/build/docker-compose/docker-compose.drupal.yml index 3e8d670de..9de21bfa3 100644 --- a/build/docker-compose/docker-compose.drupal.yml +++ b/build/docker-compose/docker-compose.drupal.yml @@ -12,7 +12,6 @@ services: DRUPAL_DEFAULT_CANTALOUPE_URL: https://${DOMAIN}/cantaloupe/iiif/2 DRUPAL_DEFAULT_FCREPO_HOST: ${DOMAIN} DRUPAL_DEFAULT_FCREPO_PORT: 8081 - DRUPAL_DEFAULT_MATOMO_URL: https://${DOMAIN}/matomo/ DRUPAL_DEFAULT_SITE_URL: http://${DOMAIN} # Make sure this is just http and not https! DRUPAL_DEFAULT_PROFILE: ${DRUPAL_INSTALL_PROFILE} PHP_MEMORY_LIMIT: ${PHP_MEMORY_LIMIT} diff --git a/build/docker-compose/docker-compose.matomo.yml b/build/docker-compose/docker-compose.matomo.yml deleted file mode 100644 index 962f4a0c3..000000000 --- a/build/docker-compose/docker-compose.matomo.yml +++ /dev/null @@ -1,41 +0,0 @@ -version: "3.7" -networks: - default: - internal: true -volumes: - matomo-config-data: -services: - matomo: - restart: ${RESTART_POLICY:-unless-stopped} - image: ${REPOSITORY:-islandora}/matomo:${TAG:-latest} - environment: - MATOMO_DEFAULT_HOST: ${DOMAIN} - volumes: - - matomo-config-data:/var/www/matomo - depends_on: - - mariadb - networks: - default: - labels: - # Do not expose in production over http, setup https. - - traefik.enable=${EXPOSE_MATOMO:-true} - - traefik.http.services.${COMPOSE_PROJECT_NAME-isle-dc}-matomo.loadbalancer.server.port=80 - - traefik.http.middlewares.${COMPOSE_PROJECT_NAME-isle-dc}-matomo-redirectscheme.redirectscheme.scheme=https - - traefik.http.middlewares.${COMPOSE_PROJECT_NAME-isle-dc}-matomo-redirectscheme.redirectscheme.permanent=true - - traefik.http.routers.${COMPOSE_PROJECT_NAME-isle-dc}-matomo_http.service=${COMPOSE_PROJECT_NAME-isle-dc}-matomo - - traefik.http.routers.${COMPOSE_PROJECT_NAME-isle-dc}-matomo_http.entrypoints=http - - traefik.http.routers.${COMPOSE_PROJECT_NAME-isle-dc}-matomo_http.rule=Host(`${DOMAIN}`) && PathPrefix(`/matomo`) - - traefik.http.routers.${COMPOSE_PROJECT_NAME-isle-dc}-matomo_http.middlewares=${COMPOSE_PROJECT_NAME-isle-dc}-matomo-redirectscheme - - traefik.http.middlewares.${COMPOSE_PROJECT_NAME-isle-dc}-matomo-stripprefix.stripprefix.prefixes=/matomo - - traefik.http.middlewares.${COMPOSE_PROJECT_NAME-isle-dc}-matomo-customrequestheaders.headers.customrequestheaders.X-Forwarded-Uri=/matomo - - traefik.http.middlewares.${COMPOSE_PROJECT_NAME-isle-dc}-matomo.chain.middlewares=${COMPOSE_PROJECT_NAME-isle-dc}-matomo-stripprefix,${COMPOSE_PROJECT_NAME-isle-dc}-matomo-customrequestheaders - - traefik.http.routers.${COMPOSE_PROJECT_NAME-isle-dc}-matomo_https.entrypoints=https - - traefik.http.routers.${COMPOSE_PROJECT_NAME-isle-dc}-matomo_https.rule=Host(`${DOMAIN}`) && PathPrefix(`/matomo`) - - traefik.http.routers.${COMPOSE_PROJECT_NAME-isle-dc}-matomo_https.tls=true - - traefik.http.routers.${COMPOSE_PROJECT_NAME-isle-dc}-matomo_https.middlewares=${COMPOSE_PROJECT_NAME-isle-dc}-matomo - deploy: - resources: - limits: - memory: ${MATOMO_MEMORY_LIMIT:-1G} - reservations: - memory: 512M diff --git a/build/docker-compose/docker-compose.secrets.yml b/build/docker-compose/docker-compose.secrets.yml index 80c69e99b..dfb9e91e9 100644 --- a/build/docker-compose/docker-compose.secrets.yml +++ b/build/docker-compose/docker-compose.secrets.yml @@ -26,10 +26,6 @@ secrets: file: "../../secrets/live/JWT_PUBLIC_KEY" JWT_PRIVATE_KEY: file: "../../secrets/live/JWT_PRIVATE_KEY" - MATOMO_DB_PASSWORD: - file: "../../secrets/live/MATOMO_DB_PASSWORD" - MATOMO_USER_PASS: - file: "../../secrets/live/MATOMO_USER_PASS" TOMCAT_ADMIN_PASSWORD: file: "../../secrets/live/TOMCAT_ADMIN_PASSWORD" services: @@ -74,11 +70,6 @@ services: mariadb: secrets: - DB_ROOT_PASSWORD - matomo: - secrets: - - DB_ROOT_PASSWORD - - MATOMO_DB_PASSWORD - - MATOMO_USER_PASS milliner: secrets: - JWT_ADMIN_TOKEN diff --git a/build/docker-compose/docker-compose.traefik.yml b/build/docker-compose/docker-compose.traefik.yml index 0b88c0380..cb9c65d8e 100644 --- a/build/docker-compose/docker-compose.traefik.yml +++ b/build/docker-compose/docker-compose.traefik.yml @@ -40,7 +40,7 @@ services: - --providers.file.filename=/etc/traefik/tls.yml - '--providers.docker.defaultRule=Host(`${DOMAIN}`)' ports: - - 80:80 # drupal, cantaloupe, matomo + - 80:80 # drupal, cantaloupe - 443:443 # https for ^^^ - ${FEDORA_PORT:-8081}:8081 # fedora, needs to be exposed for cantaloupe # Don't do any of these in production diff --git a/build/rootfs/etc/cont-init.d/04-custom-setup.sh b/build/rootfs/etc/cont-init.d/04-custom-setup.sh index 0b15ae944..b52c89744 100644 --- a/build/rootfs/etc/cont-init.d/04-custom-setup.sh +++ b/build/rootfs/etc/cont-init.d/04-custom-setup.sh @@ -17,7 +17,6 @@ function main { update_settings_php "${site}" # Ensure that settings which depend on environment variables like service urls are set dynamically on startup. configure_islandora_module "${site}" - configure_matomo_module "${site}" configure_openseadragon "${site}" configure_islandora_default_module "${site}" # The following commands require several services diff --git a/build/scripts/generate-secrets.sh b/build/scripts/generate-secrets.sh index 56aa48026..80290e71d 100755 --- a/build/scripts/generate-secrets.sh +++ b/build/scripts/generate-secrets.sh @@ -8,14 +8,6 @@ function generate_jwt_keys() { openssl rsa -pubout -in /tmp/private.key -out /tmp/public.key &>/dev/null } -function generate_matomo_password() { - # Password is in two parts, the part that is human readable and entered into - # the form, and the hashed version which is written into the database. - random_secret 'A-Za-z0-9' 48 MATOMO_USER_PASS_NON_HASHED - MATOMO_USER_PASS=$(cat /secrets/live/MATOMO_USER_PASS_NON_HASHED) - php -r "echo password_hash(md5('${MATOMO_USER_PASS}'), PASSWORD_DEFAULT);" >/secrets/live/MATOMO_USER_PASS -} - function random_secret() { local characters=${1} local size=${2} @@ -44,9 +36,6 @@ function main() { JWT_PUBLIC_KEY) cp /tmp/public.key /secrets/live/JWT_PUBLIC_KEY ;; - MATOMO_USER_PASS) - generate_matomo_password - ;; *) random_secret 'A-Za-z0-9' 48 "${secret}" ;; diff --git a/sample.env b/sample.env index 3ed7d7afb..c974539b1 100644 --- a/sample.env +++ b/sample.env @@ -80,7 +80,7 @@ INCLUDE_ETCD_SERVICE=false INCLUDE_CODE_SERVER_SERVICE=false # Choose which database backend to use: mariadb/postgresql -# Services that only support MySQL (Matomo) do not have the option to change. +# Services that only support MySQL do not have the option to change. # Also at this time not all Drupal modules work with PostgresSQL, it is provided # as option here so it can be tested and fixed at some later date. DRUPAL_DATABASE_SERVICE=mariadb @@ -103,9 +103,6 @@ TAG=3.2.2 # Expose Cantaloupe at ${DOMAIN}/cantaloupe EXPOSE_CANTALOUPE=true -# Expose Matomo at ${DOMAIN}/matomo -EXPOSE_MATOMO=true - # Expose Drupal at ${DOMAIN} EXPOSE_DRUPAL=true @@ -186,7 +183,6 @@ HOUDINI_MEMORY_LIMIT=1G HYPERCUBE_MEMORY_LIMIT=512M IDE_MEMORY_LIMIT=5G MARIADB_MEMORY_LIMIT=1G -MATOMO_MEMORY_LIMIT=1G MILLINER_MEMORY_LIMIT=1G RECAST_MEMORY_LIMIT=1G SOLR_MEMORY_LIMIT=8G diff --git a/secrets/template/MATOMO_DB_PASSWORD b/secrets/template/MATOMO_DB_PASSWORD deleted file mode 100644 index 7aa311adf..000000000 --- a/secrets/template/MATOMO_DB_PASSWORD +++ /dev/null @@ -1 +0,0 @@ -password \ No newline at end of file diff --git a/secrets/template/MATOMO_USER_PASS b/secrets/template/MATOMO_USER_PASS deleted file mode 100644 index 71bfb6d67..000000000 --- a/secrets/template/MATOMO_USER_PASS +++ /dev/null @@ -1 +0,0 @@ -$2y$10$QnpdLINFB5hTuiz2XfJSN.3Wxe4UDlhblagmUXIiIEFPiMDVMYr7O \ No newline at end of file