Home / How To / How to install Matomo Web Analytics on Ubuntu 20.04

How to install Matomo Web Analytics on Ubuntu 20.04



Matomo, formerly known as Piwik, is a free and open source analytics application that helps you track visitors online to your site. It is an alternative to Google Analytics software that gives you full control over your own website analytics and data without using third-party solutions. It is designed for small and medium-sized businesses that can be used to track important performance indicators such as visits, downloads, goal conversion, keywords and many more.

In this tutorial we will show you how to install Matomo web analytics software on Ubuntu 20.04 with Nginx and Let’s Encrypt SSL.

conditions

  • A server running Ubuntu 20.04.
  • A valid domain name pointed to your server IP.
  • A root password is configured on the server.

Getting Started

First, it is recommended that you update your system packages with the latest version. You can update them by running the following command:

apt-get update -y

After all packages have been updated, install other necessary dependencies by running the following command:

apt-get install curl wget vim git unzip socat gnupg2 -y

Once you have installed all the necessary packages, you can proceed to the next step.

Install LEMP server

Matomo runs on a web server, written in PHP and uses MySQL for the database. So the LEMP stack must be installed on your server. You can install it with the following command:

apt-get install nginx mariadb-server php7.4 php7.4-cli php7.4-fpm php7.4-common php7.4-curl php7.4-gd php7.4-xml php7.4-mbstring php7.4-mysql -y

Once the LEMP stack is installed, you can proceed to the next step.

Create Matomo database

Matomo requires a database to store analysis data. So you need to create a database and a user for Matomo.

Log in to MariaDB with the following command:

mysql

Create a database and user for Matomo after login with the following command:

MariaDB [(none)]> CREATE DATABASE matomodb;
MariaDB [(none)]> GRANT ALL ON matomodb.* TO 'matomo' IDENTIFIED BY 'password';

Then flush the privileges and leave MariaDB with the following command:

MariaDB [(none)]> FLUSH PRIVILEGES;
MariaDB [(none)]> EXIT;

Once your database has been created, you can move on to the next step.

Download Matomo

First, download the latest version of Matomo to the Nginx Web Browser Directory from its official Web site with the following command:

cd /var/www/html/
wget https://builds.matomo.org/matomo.zip

Once downloaded, unzip the downloaded file with the following command:

unzip matomo.zip

Then change the ownership of matomo to www-data:

chown -R www-data:www-data /var/www/html/matomo

When you are done, you can move on to the next step.

Configure Nginx for Matomo

Next, you will need to create a new Nginx virtual host configuration file to serve Matomo.

nano /etc/nginx/sites-available/matomo.conf

Add the following lines:

server {

  listen 80;
  server_name matomo.linuxbuz.com;
  root /var/www/html/matomo/;
  index index.php;

  location ~ ^/(index|matomo|piwik|js/index).php {
    include snippets/fastcgi-php.conf;
    fastcgi_param HTTP_PROXY ""; 
    fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; 
  }
  
  location = /plugins/HeatmapSessionRecording/configs.php {
    include snippets/fastcgi-php.conf;
    fastcgi_param HTTP_PROXY "";
    fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
  }

  location ~* ^.+.php$ {
    deny all;
    return 403;
  }

  location / {
    try_files $uri $uri/ =404;
  }
  
  location ~ /(config|tmp|core|lang) {
    deny all;
    return 403;
  }

  location ~ .(gif|ico|jpg|png|svg|js|css|htm|html|mp3|mp4|wav|ogg|avi|ttf|eot|woff|woff2|json)$ {
    allow all;
  }

  location ~ /(libs|vendor|plugins|misc/user) {
    deny all;
    return 403;
  }

}

Save and close the file, then activate the virtual host with the following command:

ln -s /etc/nginx/sites-available/matomo.conf /etc/nginx/sites-enabled/

Then check Nginx for any configuration errors with the following command:

nginx -t

You should see the following output:

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

Finally, restart the Nginx service to apply the changes:

systemctl restart nginx

At this time, Nginx is configured to serve Matomo. You can now proceed to the next step.

Secure Matomo with Let’s Encrypt SSL

It is always a good idea to secure your website with Let’s Encrypt SSL. First install the Certbot Let’s Encrypt client on your server with the following command:

apt-get install python3-certbot-nginx -y

Once installed, secure your site with Let’s Encrypt SSL by running the following command:

certbot --nginx -d matomo.linuxbuz.com

You will be asked to enter a valid email address and accept the service shown below:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Enter email address (used for urgent renewal and security notices) (Enter 'c' to
cancel): [email protected]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server at
https://acme-v02.api.letsencrypt.org/directory
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(A)gree/(C)ancel: A

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let's Encrypt project and the non-profit
organization that develops Certbot? We'd like to send you email about our work
encrypting the web, EFF news, campaigns, and ways to support digital freedom.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: Y
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for matomo.linuxbuz.com
Waiting for verification...
Cleaning up challenges
Deploying Certificate to VirtualHost /etc/nginx/sites-enabled/matomo.conf

Then select whether to redirect HTTP traffic to HTTPS as shown below:

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2

Type 2 and press Enter to finish the installation. You should see the following output:

Redirecting all traffic on port 80 to ssl in /etc/nginx/sites-enabled/matomo.conf

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Congratulations! You have successfully enabled https://matomo.linuxbuz.com

You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=matomo.linuxbuz.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/matomo.linuxbuz.com/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/matomo.linuxbuz.com/privkey.pem
   Your cert will expire on 2020-10-30. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot again
   with the "certonly" option. To non-interactively renew *all* of
   your certificates, run "certbot renew"
 - Your account credentials have been saved in your Certbot
   configuration directory at /etc/letsencrypt. You should make a
   secure backup of this folder now. This configuration directory will
   also contain certificates and private keys obtained by Certbot so
   making regular backups of this folder is ideal.
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le

 - We were unable to subscribe you the EFF mailing list because your
   e-mail address appears to be invalid. You can try again later by
   visiting https://act.eff.org.

Now your Matomo website is secured with Let’s Encrypt SSL.

Go to Matomo Analytics

Now open your browser and enter the URL https://matomo.linuxbuz.com. You will be redirected to the Matomo Welcome Screen:

Matomo Analytics installer

click NEXT button. You should see the Matomo control screen provided:

System Control

click NEXT button. You should see the matomo database configuration screen:

database Settings

Enter your database information and click NEXT button. The following screen is displayed:

Create database tables

click NEXT button. You should see the admin settings screen:

Add a superuser

Enter your admin username, password, email and click NEXT button. You should see the site settings screen:

Setting Site

Enter your website information and click NEXT button. The following screen is displayed:

Website tracking code

click NEXT button. When the installation is complete, you will see the following screen:

Matomo has been installed

click CONTINUE TO MATOMO. You will be redirected to the Matomo login screen:

Matomo login

Enter your username, password and click SIGN IN button. You should see the Matomo dashboard on the following screen:

Matomo dashboard

Conclusion

Congratulations! you have installed and configured Matomo analytics with Nginx and Let’s Encrypt on Ubuntu 20.04. You can now integrate your site with Matomo and start tracking your site. Feel free to ask me if you have any questions.


Source link