Installing Matomo Web Analytics on Fedora 29

by

Matomo (formerly Piwik) is a free and open source web analytics application developed by a team of international developers. It runs on a PHP/MySQL web server, tracking online visits to one or more websites and displaying reports for analysis. Think of it as a robust alternative to Google Analytics. Matomo’s source code is publicly available on Github and boasts features like A/B Testing, Heatmaps, Funnels, Tracking and Reporting API, and integration with advertising platforms (Google AdWords, Facebook Ads, Bing Ads, and others). This tutorial guides you through installing Matomo on a Fedora 29 system using Nginx as the web server, and securing the site with a Let’s Encrypt SSL certificate.

Requirements

To run Matomo (Piwik) on your Fedora 29 system, ensure you have the following:

  • Web server: Apache, Nginx, or IIS.
  • PHP: Version 5.5.9 or higher with pdo, pdo_mysql or mysqli, gd, xml, curl, and mbstring extensions. PHP 7+ is recommended.
  • Database: MySQL version 5.5 or higher, or the equivalent MariaDB version. MySQL 5.7+ is recommended.

Prerequisites

  • An operating system running Fedora 29.
  • A non-root user with sudo privileges.

Initial steps

Begin by checking your Fedora version:

cat /etc/fedora-release
# Fedora release 29 (Twenty Nine)

Set up the correct time zone:

timedatectl list-timezones
sudo timedatectl set-timezone 'Region/City'

Update your operating system packages to gain the latest updates and security fixes:

sudo dnf check-update; sudo dnf update -y

Install essential packages needed for basic administration:

sudo dnf install -y curl wget vim git unzip socat

Step 1 – Install MariaDB and create a database for Matomo

Matomo supports MySQL and MariaDB databases. Here, we will use MariaDB.

Install the MariaDB database server:

sudo dnf install -y mariadb-server

Verify the MariaDB version:

mysql --version
# mysql  Ver 15.1 Distrib 10.3.11-MariaDB, for Linux (x86_64) using readline 5.1

Start and enable the MariaDB service:

sudo systemctl start mariadb.service
sudo systemctl enable mariadb.service

Run the mysql_secure_installation script to improve MariaDB security and set a password for the MariaDB root user:

sudo mysql_secure_installation

Respond to the questions as follows:

Would you like to setup VALIDATE PASSWORD plugin? N
New password: your_secure_password
Re-enter new password: your_secure_password
Remove anonymous users? [Y/n] Y
Disallow root login remotely? [Y/n] Y
Remove test database and access to it? [Y/n] Y
Reload privilege tables now? [Y/n] Y

Connect to the MariaDB shell as the root user:

sudo mysql -u root -p
# Enter password

Create a MariaDB database and user for Matomo:

MariaDB> CREATE DATABASE dbname;
MariaDB> GRANT ALL ON dbname.* TO 'username' IDENTIFIED BY 'password';
MariaDB> FLUSH PRIVILEGES;

Exit from MariaDB:

mysql> exit

Replace dbname, username, and password with your specific values.

Step 2 – Install PHP and necessary PHP extensions

Install PHP and its dependencies:

sudo dnf install -y php php-cli php-fpm php-common php-curl php-gd php-xml php-mbstring php-mysqlnd php-json

Verify the PHP version:

php --version
# PHP 7.2.14 (cli) (built: Jan 8 2019 09:59:17) ( NTS )
# Copyright (c) 1997-2018 The PHP Group
# Zend Engine v3.2.0, Copyright (c) 1998-2018 Zend Technologies

Start and enable PHP-FPM service:

sudo systemctl start php-fpm.service
sudo systemctl enable php-fpm.service

Step 3 – Install acme.sh client and obtain Let’s Encrypt certificate (optional)

Securing your website with HTTPS is optional but recommended. We’ll use Acme.sh, a minimalistic shell client, to obtain SSL certificates from Let’s Encrypt.

Download and install Acme.sh:

sudo mkdir /etc/letsencrypt
git clone https://github.com/Neilpang/acme.sh.git
cd acme.sh
sudo ./acme.sh --install --home /etc/letsencrypt --accountemail your_email@example.com
cd ~

Verify the Acme.sh version:

/etc/letsencrypt/acme.sh --version
# v2.8.0

Obtain RSA and ECC/ECDSA certificates for your domain:

# RSA 2048
sudo /etc/letsencrypt/acme.sh --issue --standalone --home /etc/letsencrypt -d example.com --keylength 2048
# ECDSA
sudo /etc/letsencrypt/acme.sh --issue --standalone --home /etc/letsencrypt -d example.com --keylength ec-256

Your certificates and keys will be stored in the following directories:

  • RSA: /etc/letsencrypt/example.com
  • ECC/ECDSA: /etc/letsencrypt/example.com_ecc

Step 4 – Install NGINX and configure NGINX for Matomo

We’ll use Nginx as our web server.

Install Nginx from the Fedora repository:

sudo dnf install -y nginx

Verify the Nginx version:

sudo nginx -v
# nginx version: nginx/1.14.1

Start and enable the Nginx service:

sudo systemctl start nginx.service
sudo systemctl enable nginx.service

Configure Nginx for Matomo:

sudo vim /etc/nginx/conf.d/matomo.conf

Populate the configuration file:

server {
      listen [::]:443 ssl http2;
      listen 443 ssl http2;
      listen [::]:80;
      listen 80;
      server_name example.com;
      root /var/www/matomo/;
      index index.php;
    
      ssl_certificate /etc/letsencrypt/example.com/fullchain.cer; 
      ssl_certificate_key /etc/letsencrypt/example.com/example.com.key; 
      ssl_certificate /etc/letsencrypt/example.com_ecc/fullchain.cer;
      ssl_certificate_key /etc/letsencrypt/example.com_ecc/example.com.key;
    
      location ~ ^/(index|matomo|piwik|js/index).php {
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        try_files $fastcgi_script_name =404;
        set $path_info $fastcgi_path_info;
        fastcgi_param PATH_INFO $path_info;
        fastcgi_index index.php;
        include fastcgi.conf;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param SCRIPT_NAME $fastcgi_script_name;
        fastcgi_param HTTP_PROXY ""; 
        fastcgi_pass unix:/run/php-fpm/www.sock; 
      }
    
      location = /plugins/HeatmapSessionRecording/configs.php {
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        try_files $fastcgi_script_name =404;
        set $path_info $fastcgi_path_info;
        fastcgi_param PATH_INFO $path_info;
        fastcgi_index index.php;
        include fastcgi.conf;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param SCRIPT_NAME $fastcgi_script_name;
        fastcgi_param HTTP_PROXY ""; 
        fastcgi_pass unix:/run/php-fpm/www.sock;
      }
    
      location ~* ^.+\.php$ {
        deny all;
        return 403;
      }
    
      location / {
        try_files $uri $uri/ =404;
      }
    
      location ~ /(config|tmp|core|lang) {
        deny all;
        return 403;
      }
    
      location ~ \.(gif|ico|jpg|png|svg|js|css|htm|html|mp3|mp4|wav|ogg|avi|ttf|eot|woff|woff2|json)$ {
        allow all;
      }
    
      location ~ /(libs|vendor|plugins|misc/user) {
        deny all;
        return 403;
      }
    }

NOTE: For a complete and production-ready Nginx config for Matomo, visit https://github.com/matomo-org/matomo-nginx.

Check Nginx configuration for syntax errors:

sudo nginx -t

Reload the Nginx service:

sudo systemctl reload nginx.service

Step 5 – Install Matomo Analytics

Create the /var/www directory:

sudo mkdir -p /var/www/

Navigate to the /var/www directory:

cd /var/www/

Download the latest release of Matomo using wget and unzip it:

sudo wget https://builds.matomo.org/matomo.zip && sudo unzip matomo.zip

Remove the downloaded matomo.zip file:

sudo rm matomo.zip

Change the ownership of the /var/www/matomo directory to the nginx user:

sudo chown -R nginx:nginx /var/www/matomo

Open the sudo vim /etc/php-fpm.d/www.conf file and set the user and group to nginx. By default, these will be set to apache.

sudo vim /etc/php-fpm.d/www.conf
# user = nginx
# group = nginx

Restart the PHP-FPM service:

sudo systemctl restart php-fpm.service

Step 6 – Complete the Matomo Analytics setup

Open your site in a web browser and follow the Matomo web installation wizard.

Upon starting the wizard, you’ll be welcomed by Matomo. Click on the “Next” button:

Matomo installation Wizard

On the “System Check” page, review any warnings. Ensure everything has a green checkmark and click “Next”:

System check

Enter your database details and click “Next”:

Database setup

If the database setup is successful, you should see the message “Tables created with success!”:

Creating database tables

Create your Matomo super user account and click “Next”:

Create super user account

Set up the first website you plan to track. Additional sites can be added later:

Add website to Matomo

Receive your JavaScript tracking code to insert into your website:

Javascript tracking code

Finally, you should see the completion screen. Matomo is now installed!

Matomo installation completed

Congratulations! Your Matomo installation is complete.

FAQ

What is Matomo?

Matomo is an open-source web analytics application that tracks visits to websites and provides analysis reports. It offers features comparable to Google Analytics and additional functionalities.

Can Matomo run on web servers other than Nginx?

Yes, Matomo can also run on web servers such as Apache and IIS.

Is SSL mandatory for Matomo installation?

No, but using an SSL certificate to secure your site traffic is recommended for additional security.

What PHP and database versions are recommended for Matomo?

Matomo is compatible with PHP version 5.5.9 or higher, and MySQL version 5.5 or higher. However, it is recommended to use PHP 7+ and MySQL 5.7+ for better performance and security.

Can I manage multiple websites with Matomo?

Yes, Matomo allows you to track and analyze multiple websites from a single installation.