install.yml

---
# file: roles/matomo/tasks/install.yml

- block:
    - name: Set facts without jail
      set_fact:
        webRoot: /var/www/matomo/{{ matomo.id }}
        apacheUser: www-data
        apacheLogDir: /var/log/apache2
      when: matomo.jail is not defined
    - name: Set facts with jail
      set_fact:
        webRoot: '{{ jailroot }}/{{ matomo.id }}/var/www/matomo'
        apacheUser: '{{ matomo.id }}'
        apacheLogDir: '{{ jailroot }}/{{ matomo.id }}/var/log/apache2'
      when: matomo.jail is defined
  tags:
    - always

- name: Configure Apache
  include_tasks: apache.yml
  tags:
    - ApacheConfig

- name: Remove existing components
  file:
    path: '{{ item }}'
    state: absent
  with_items:
    - '{{ webRoot }}'
  when: matomo_force_reset
  tags:
    - always

- name: Ensure Root Directories
  file:
    path: '{{ item }}'
    state: directory
    owner: '{{ apacheUser }}'
    group: '{{ apacheUser }}'
    mode: 0775
  with_items:
    - '{{ webRoot }}'
  tags:
    - always

- name: File Modes and Ownership
  file:
    path: '{{ webRoot }}'
    owner: '{{ apacheUser }}'
    group: '{{ apacheUser }}'
    mode: g+w
    recurse: yes
    follow: no
  tags:
    - deploy

- name: Clone Git Repository
  git:
    accept_hostkey: yes
    repo: 'git@github.com:matomo-org/matomo.git'
    dest: '{{ webRoot }}'
    track_submodules: yes
    force: yes
    version: '{{ matomo_version }}'
    depth: 1
  become: no
  environment:
    GIT_LFS_SKIP_SMUDGE: 1
  tags:
    - deploy

- name: Download plugins
  unarchive:
    src: '{{ item }}'
    dest: '{{ webRoot }}/plugins'
    remote_src: yes
  with_items:
    - https://plugins.matomo.org/api/2.0/plugins/LoginOIDC/download/0.1.4
  tags:
    - deploy

- name: Configuration file
  template:
    src: config.ini.php
    dest: '{{ webRoot }}/config/config.ini.php'
    owner: '{{ apacheUser }}'
    group: '{{ apacheUser }}'
    mode: 0664
  tags:
    - deploy

- name: Composer
  composer:
    command: update
    working_dir: '{{ webRoot }}'
    no_dev: yes
    optimize_autoloader: yes
    prefer_dist: yes
  ignore_errors: yes
  tags:
    - deploy

- name: Ensure Working Directories
  file:
    path: '{{ item }}'
    state: directory
    owner: '{{ apacheUser }}'
    group: '{{ apacheUser }}'
    mode: 0775
  with_items:
    - '{{ webRoot }}/tmp'
  tags:
    - always

- name: Enable Plugins
  command: '{{ webRoot }}/console plugin:activate {{ item }}'
  become_user: '{{ apacheUser }}'
  ignore_errors: yes
  with_items: '{{ matomo_plugins }}'
  tags:
    - deploy

- name: Enable Extra Plugins
  command: '{{ webRoot }}/console plugin:activate {{ item }}'
  become_user: '{{ apacheUser }}'
  ignore_errors: yes
  with_items:
    - LoginOIDC
  tags:
    - deploy

- name: File Modes and Ownership
  file:
    path: '{{ webRoot }}'
    owner: '{{ apacheUser }}'
    group: '{{ apacheUser }}'
    mode: a-w
    recurse: yes
    follow: no
  tags:
    - deploy

- name: File Modes for .git Directory
  file:
    path: '{{ webRoot }}/.git'
    mode: og+w
    recurse: yes
    follow: no
  tags:
    - deploy

- name: File Modes for tmp
  file:
    path: '{{ webRoot }}/{{ item }}'
    mode: ug+w
    recurse: yes
    follow: no
  with_items:
    - tmp
    - config
  tags:
    - deploy

- name: Ensure Database
  mysql_db:
    name: matomo_{{ matomo.id }}
    login_user: root
    login_password: '{{ mysql_root_password|default("root") }}'
    login_host: 127.0.0.1
    login_port: '{{ matomo.db_port|default("3306") }}'
    state: present

- name: Run Upgrade
  command: '{{ webRoot }}/console core:update --yes --no-interaction'
  become_user: '{{ apacheUser }}'
  ignore_errors: yes
  tags:
    - deploy

- name: Ensure Log Directory
  file:
    path: /var/log/matomo
    state: directory
    owner: '{{ apacheUser }}'
    group: '{{ apacheUser }}'
    mode: 0775
  tags:
    - cron

- name: Configure cron
  cron:
    name: Matomo Cron {{ matomo.id }}
    minute: 20
    job: cd /var/www/matomo/{{ matomo.id }} && ./console core:archive --url=https://{{ matomo.domain }}/ >> /var/log/matomo/{{ matomo.id }}.log 2>&1
    user: '{{ apacheUser }}'
    disabled: '{{ crons_disabled|default(false) }}'
  tags:
    - cron