blob: 10aac20a240dcdd468ef6e3f92f67c5b4889ab52 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
|
# Maintainer: Martin Rys <https://rys.rs/contact> | Toss a coin on https://rys.rs/donate
# Previous maintainers:
# Chris Morgan <me@chrismorgan.info>
# Carsten Feuls <archlinux dot carstenfeuls dot de>
# Nils Czernia <nils at czserver dot de>
pkgname=matomo
pkgver=5.2.1
pkgrel=1
pkgdesc="A real-time web analytics platform"
arch=("any")
url="https://matomo.org/"
license=("GPL-3.0-or-later")
depends=("php" "php-gd")
replaces=("piwik")
optdepends=(
"mariadb: Database server"
"python: Log importer script"
"geoipupdate: GeoIP database")
install="$pkgname.install"
source=(
"https://builds.matomo.org/${pkgname}-${pkgver}.tar.gz"
"https://builds.matomo.org/${pkgname}-${pkgver}.tar.gz.asc")
backup=("usr/share/webapps/${pkgname}/piwik.js" "usr/share/webapps/${pkgname}/matomo.js")
sha256sums=('e6094cc30206d14a3c6eef74e2ee341546bec9a525ad07b59d40a4bfdfc04e4b'
'SKIP')
validpgpkeys=("F529A27008477483777FC23D63BB30D0E5D2C749")
package() {
install -d "${pkgdir}/usr/share/webapps"
cp -r "${srcdir}/${pkgname}" "${pkgdir}/usr/share/webapps/${pkgname}"
# Some extensions want to append to piwik.js (matomo.js from 3.8.0 onwards),
# so we reluctantly let them.
chmod g+w "${pkgdir}/usr/share/webapps/${pkgname}/piwik.js"
chmod g+w "${pkgdir}/usr/share/webapps/${pkgname}/matomo.js"
# While installing matomo, it insists on being able to write to the config directory,
# because it creates config.ini.php. After it’s installed, you can make it read-only,
# e.g. by `chown -R root:http /etc/webapps/${pkgname}`
install -d "${pkgdir}/etc/webapps"
mv "${pkgdir}/usr/share/webapps/${pkgname}/config" "${pkgdir}/etc/webapps/${pkgname}"
ln -s "../../../../etc/webapps/${pkgname}" "${pkgdir}/usr/share/webapps/matomo/config"
# matomo uses this tmp dir for writing its own data;
# but it belongs in /var rather than /usr.
rmdir "${pkgdir}/usr/share/webapps/matomo/tmp"
install -dm700 "${pkgdir}/var/lib/webapps/matomo/tmp"
ln -s "../../../../var/lib/webapps/matomo/tmp" "${pkgdir}/usr/share/webapps/matomo/tmp"
# Installing or upgrading non-core plugins requires write access to plugins/;
# we could try g+w on the directory and try to restrict core plugins, but
# then you’ve got mixed ownership (anything it creates will be http:http
# instead of root:http) which is nasty. Another approach is to put `plugins`
# in /var/lib with core plugins *actually* in /usr/share and symlinked back;
# but that’s getting too clever for my sanity at present: this is all getting
# rather bothersome; I’m tired of messing around with PHP apps that are
# ill-designed for hardening and not designed for use in the scope of a
# system package manager. So for now at least, we’re just going to leave it
# as it is, chown the whole plugins directory in matomo.install, and wash our
# hands of it.
# GeoLite2-City.mmdb is provided by geoipupdate, which is optdepends.
# See /etc/GeoIP.conf and make sure to enable geoipupdate's timer
# Keep in mind it takes a while before a newly generated license becomes active
# I figure a dead symlink should be safe if the DB is missing.
ln -s "../../../../../var/lib/GeoIP/GeoLite2-City.mmdb" "${pkgdir}/usr/share/webapps/matomo/misc"
}
|