blob: ba8c9349631805322c97f09a27dc806176703ad6 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
|
# Maintainer: Chris Morgan <me@chrismorgan.info>
# Maintainer: Carsten Feuls <archlinux dot carstenfeuls dot de>
# Co-Maintainer: Nils Czernia <nils at czserver dot de>
pkgname=matomo
pkgver=3.13.3
pkgrel=1
pkgdesc="real time web analytics platform"
arch=("any")
url="https://matomo.org/"
license=("GPL3")
depends=("php>=5.5.9" "php-gd")
replaces=("piwik")
optdepends=("mysql>=5.5: database server"
"python2: log importer script"
"geoip2-database: GeoIP database")
install="$pkgname.install"
source=("https://builds.matomo.org/${pkgname}-${pkgver}.tar.gz"
"https://builds.matomo.org/${pkgname}-${pkgver}.tar.gz.asc")
backup=("usr/share/webapps/${pkgname}/piwik.js" "usr/share/webapps/${pkgname}/matomo.js")
sha256sums=("3ff7795897e8a658577be0e4a74fae91845bc2d030f3aaa94f9f423b063ebb86"
"408ce580c0b8cbb62a0e607a95c5e8ddd4e09b58f150c1fbb0347ceb5189b777")
validpgpkeys=("814E346FA01A20DBB04B6807B5DBD5925590A237")
package() {
install -d "${pkgdir}/usr/share/webapps"
cp -r "${srcdir}/${pkgname}" "${pkgdir}/usr/share/webapps/${pkgname}"
# Some extensions want to append to piwik.js (matomo.js from 3.8.0 onwards),
# so we relectantly let them.
chmod g+w "${pkgdir}/usr/share/webapps/${pkgname}/piwik.js"
chmod g+w "${pkgdir}/usr/share/webapps/${pkgname}/matomo.js"
# While installing matomo, it insists on being able to write to the config directory,
# because it creates config.ini.php. After it’s installed, you can make it read-only,
# e.g. by `chown -R root:http /etc/webapps/${pkgname}`
install -d "${pkgdir}/etc/webapps"
mv "${pkgdir}/usr/share/webapps/${pkgname}/config" "${pkgdir}/etc/webapps/${pkgname}"
ln -s "../../../../etc/webapps/${pkgname}" "${pkgdir}/usr/share/webapps/matomo/config"
# matomo uses this tmp dir for writing its own data;
# but it belongs in /var rather than /usr.
rmdir "${pkgdir}/usr/share/webapps/matomo/tmp"
install -dm700 "${pkgdir}/var/lib/webapps/matomo/tmp"
ln -s "../../../../var/lib/webapps/matomo/tmp" "${pkgdir}/usr/share/webapps/matomo/tmp"
# Installing or upgrading non-core plugins requires write access to plugins/;
# we could try g+w on the directory and try to restrict core plugins, but
# then you’ve got mixed ownership (anything it creates will be http:http
# instead of root:http) which is nasty. Another approach is to put `plugins`
# in /var/lib with core plugins *actually* in /usr/share and symlinked back;
# but that’s getting too clever for my sanity at present: this is all getting
# rather bothersome; I’m tired of messing around with PHP apps that are
# ill-designed for hardening and not designed for use in the scope of a
# system package manager. So for now at least, we’re just going to leave it
# as it is, chown the whole plugins directory in matomo.install, and wash our
# hands of it.
# GeoLite2-City.mmdb is provided by geoip2-database, which is optdepends.
# I figure a dead symlink should be safe if it’s missing.
ln -s "../../../../../usr/share/GeoIP/GeoLite2-City.mmdb" "${pkgdir}/usr/share/webapps/matomo/misc"
}
|