python-scripttease/scripttease/data/inventory/matomo/steps.ini

[install dependencies]
install: $item
sudo: yes
items: apache2 mariadb-server php libapache2-mod-php php-cli php-fpm php-json php-common php-mysql php-zip php-gd php-mbstring php-curl php-xml php-pear phpbcmath curl unzip

[make sure a maintenance root exists]
dir: /var/www/maint/www
group: {{ apache_group }}
owner: {{ apache_user }}
recursive: yes
sudo: yes

[disable the default site]
apache.disable_site: 000-default
sudo: yes

[install certbot]
install: certbot
sudo: yes

[enable apache modules]
apache.enable_module: $item
items: rewrite headers enc dif mime setenvif ssl
sudo: yes

; Is this really necessary?
[enable php]
run: systemctl enable --now php7.4-fpm
sudo: yes

[create virtual host without SSL]
template: http.conf /etc/apache2/sites-available/{{ domain_name }}.conf
sudo: yes

[enable the non-SSL site]
apache.enable_site: {{ domain_name }}
sudo: yes

[reload apache with non-SSL site in place]
apache.reload:
sudo: yes

[create the database]
mysql.create: {{ database_name }}
host: {{ database_host }}

[create the database user]
mysql.user: {{ database_user }}
host: {{ database_host }}
password: {{ database_password }}

[set privileges for database user]
mysql.grant: {{ database_user }}
database: {{ database_name }}
host: {{ database_host }}

[download the latest copy of matomo]
run: wget http://builds.matomo.org/matomo-latest.zip
cd: /tmp

[unzip the matomo package]
run: unzip matomo-latest.zip
cd: /tmp

[move the matomo package]
move: /tmp/matomo {{ install_path }}/{{ domain_tld }}
sudo: yes

[set permissions on the matomo directory]
perms: {{ install_path }}/{{ domain_tld }}
owner: {{ apache_user }}
group: {{ apache_group }}
mode: 755
recursive: yes
sudo: yes

{% if not file_exists(letsencrypt_file, host=current_host) %}
[acquire SSL certificate]
certbot: {{ domain_name }}
email: {{ webmaster_email }}
webroot: /var/www/maint/www
sudo: yes
{% endif %}

[create virtual host with SSL]
template: https.conf /etc/apache2/sites-available/{{ domain_name }}.conf
sudo: yes

[reload apache with SSL in place]
apache.reload:
sudo: yes
Finished initial inventory for Matomo installer. 12 months ago			`[install dependencies]`
			`install: $item`
			`sudo: yes`
			`items: apache2 mariadb-server php libapache2-mod-php php-cli php-fpm php-json php-common php-mysql php-zip php-gd php-mbstring php-curl php-xml php-pear phpbcmath curl unzip`

			`[make sure a maintenance root exists]`
			`dir: /var/www/maint/www`
			`group: {{ apache_group }}`
			`owner: {{ apache_user }}`
			`recursive: yes`
			`sudo: yes`

			`[disable the default site]`
			`apache.disable_site: 000-default`
			`sudo: yes`

			`[install certbot]`
			`install: certbot`
			`sudo: yes`

			`[enable apache modules]`
			`apache.enable_module: $item`
			`items: rewrite headers enc dif mime setenvif ssl`
			`sudo: yes`

			`; Is this really necessary?`
			`[enable php]`
			`run: systemctl enable --now php7.4-fpm`
			`sudo: yes`

			`[create virtual host without SSL]`
			`template: http.conf /etc/apache2/sites-available/{{ domain_name }}.conf`
			`sudo: yes`

			`[enable the non-SSL site]`
			`apache.enable_site: {{ domain_name }}`
			`sudo: yes`

			`[reload apache with non-SSL site in place]`
			`apache.reload:`
			`sudo: yes`

			`[create the database]`
			`mysql.create: {{ database_name }}`
			`host: {{ database_host }}`

			`[create the database user]`
			`mysql.user: {{ database_user }}`
			`host: {{ database_host }}`
			`password: {{ database_password }}`

			`[set privileges for database user]`
			`mysql.grant: {{ database_user }}`
			`database: {{ database_name }}`
			`host: {{ database_host }}`

			`[download the latest copy of matomo]`
			`run: wget http://builds.matomo.org/matomo-latest.zip`
			`cd: /tmp`

			`[unzip the matomo package]`
			`run: unzip matomo-latest.zip`
			`cd: /tmp`

			`[move the matomo package]`
			`move: /tmp/matomo {{ install_path }}/{{ domain_tld }}`
			`sudo: yes`

			`[set permissions on the matomo directory]`
			`perms: {{ install_path }}/{{ domain_tld }}`
			`owner: {{ apache_user }}`
			`group: {{ apache_group }}`
			`mode: 755`
			`recursive: yes`
			`sudo: yes`

			`{% if not file_exists(letsencrypt_file, host=current_host) %}`
			`[acquire SSL certificate]`
			`certbot: {{ domain_name }}`
			`email: {{ webmaster_email }}`
			`webroot: /var/www/maint/www`
			`sudo: yes`
			`{% endif %}`

			`[create virtual host with SSL]`
			`template: https.conf /etc/apache2/sites-available/{{ domain_name }}.conf`
			`sudo: yes`

			`[reload apache with SSL in place]`
			`apache.reload:`
			`sudo: yes`