Usage Statistics for PASS

.docker/.env

@@ -84,3 +84,10 @@ DOWNLOAD_SERVICE_PORT=6502
 DOWNLOAD_SERVICE_DEST=http://fcrepo:8080/fcrepo/rest/files
 UNPAYWALL_REQUEST_EMAIL=admin@oa-pass.org
 UNPAYWALL_BASEURI=https://api.unpaywall.org/v2
+
+# mariadb
+MYSQL_DATABASE=matomo
+MYSQL_ROOT_PASSWORD=hello
+
+# matomo
+

.docker/config.ini.php

@@ -0,0 +1,82 @@
+; <?php exit; ?> DO NOT REMOVE THIS LINE
+; file automatically generated or modified by Matomo; you can manually override the default values in global.ini.php by redefining them in this file.
+[database]
+host = "db"
+username = "root"
+password = "hello"
+dbname = "matomo"
+tables_prefix = "matomo_"
+charset = "utf8mb4"
+
+[General]
+salt = "acc08f58025c33e0780767b669f9d236"
+assume_secure_protocol = 1
+force_ssl = 1
+proxy_client_headers[] = HTTP_X_FORWARDED_FOR
+proxy_host_headers[] = HTTP_X_FORWARDED_HOST
+proxy_uri_header = 1
+
+[PluginsInstalled]
+PluginsInstalled[] = "Diagnostics"
+PluginsInstalled[] = "Login"
+PluginsInstalled[] = "CoreAdminHome"
+PluginsInstalled[] = "UsersManager"
+PluginsInstalled[] = "SitesManager"
+PluginsInstalled[] = "Installation"
+PluginsInstalled[] = "Monolog"
+PluginsInstalled[] = "Intl"
+PluginsInstalled[] = "CorePluginsAdmin"
+PluginsInstalled[] = "CoreHome"
+PluginsInstalled[] = "WebsiteMeasurable"
+PluginsInstalled[] = "IntranetMeasurable"
+PluginsInstalled[] = "CoreVisualizations"
+PluginsInstalled[] = "Proxy"
+PluginsInstalled[] = "API"
+PluginsInstalled[] = "Widgetize"
+PluginsInstalled[] = "Transitions"
+PluginsInstalled[] = "LanguagesManager"
+PluginsInstalled[] = "Actions"
+PluginsInstalled[] = "Dashboard"
+PluginsInstalled[] = "MultiSites"
+PluginsInstalled[] = "Referrers"
+PluginsInstalled[] = "UserLanguage"
+PluginsInstalled[] = "DevicesDetection"
+PluginsInstalled[] = "Goals"
+PluginsInstalled[] = "Ecommerce"
+PluginsInstalled[] = "SEO"
+PluginsInstalled[] = "Events"
+PluginsInstalled[] = "UserCountry"
+PluginsInstalled[] = "GeoIp2"
+PluginsInstalled[] = "VisitsSummary"
+PluginsInstalled[] = "VisitFrequency"
+PluginsInstalled[] = "VisitTime"
+PluginsInstalled[] = "VisitorInterest"
+PluginsInstalled[] = "RssWidget"
+PluginsInstalled[] = "Feedback"
+PluginsInstalled[] = "TwoFactorAuth"
+PluginsInstalled[] = "CoreUpdater"
+PluginsInstalled[] = "CoreConsole"
+PluginsInstalled[] = "ScheduledReports"
+PluginsInstalled[] = "UserCountryMap"
+PluginsInstalled[] = "Live"
+PluginsInstalled[] = "PrivacyManager"
+PluginsInstalled[] = "ImageGraph"
+PluginsInstalled[] = "Annotations"
+PluginsInstalled[] = "MobileMessaging"
+PluginsInstalled[] = "Overlay"
+PluginsInstalled[] = "SegmentEditor"
+PluginsInstalled[] = "Insights"
+PluginsInstalled[] = "Morpheus"
+PluginsInstalled[] = "Contents"
+PluginsInstalled[] = "BulkTracking"
+PluginsInstalled[] = "Resolution"
+PluginsInstalled[] = "DevicePlugins"
+PluginsInstalled[] = "Heartbeat"
+PluginsInstalled[] = "Marketplace"
+PluginsInstalled[] = "ProfessionalServices"
+PluginsInstalled[] = "UserId"
+PluginsInstalled[] = "CustomJsTracker"
+PluginsInstalled[] = "Tour"
+PluginsInstalled[] = "PagePerformance"
+PluginsInstalled[] = "CustomDimensions"
+

.docker/docker-compose.yml

@@ -1,4 +1,4 @@
-version: '3.1'
+version: "3.1"
 
 services:
   ember:
@@ -11,7 +11,7 @@ services:
       - ../:/app:Z
       - /app/node_modules
     ports:
-      - '${EMBER_PORT}:${EMBER_PORT}'
+      - "${EMBER_PORT}:${EMBER_PORT}"
     networks:
       - back
 
@@ -64,7 +64,7 @@ services:
       - front
 
   proxy:
-    image: oapass/httpd-proxy:20200507@sha256:e8ad2e759fe270998efc80bdcacbeb3f965b4b83d875478e36b0ce4c104bb2d3
+    image: httpd-proxy:george
     container_name: proxy
     networks:
       - front
@@ -178,6 +178,30 @@ services:
       - front
       - back
 
+  matomo:
+    image: matomo
+    container_name: matomo
+    env_file: .env
+    networks:
+      - front
+      - back
+    ports:
+      - 3299:80
+    volumes:
+      - /Users/georgepara/PASS/geepara-pass-ember/pass-ember/.docker/config.ini.php:/var/www/html/config/config.ini.php
+
+  db:
+    image: mariadb
+    container_name: mariadb
+    env_file: .env
+    ports:
+      - 3306:3306
+    networks:
+      - back
+    volumes:
+      - /Users/georgepara/PASS/mariadb:/var/lib/mysql
+
+
 volumes:
   passdata:
     driver: local

.docker/httpd.conf

@@ -0,0 +1,162 @@
+#Rewrite Rules
+#Force SSL 
+RewriteEngine on
+ReWriteCond %{SERVER_PORT} !^443$
+RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L]
+
+ErrorLog /dev/stdout
+ErrorLogFormat "httpd-error [%{u}t] [%-m:%l] [pid %P:tid %T] %7F: %E: [client\ %a] %M% ,\ referer\ %{Referer}i"
+LogLevel warn
+
+ServerName pass
+
+<VirtualHost *:443>
+    DocumentRoot "/var/www/html"
+    AllowEncodedSlashes NoDecode
+
+    RewriteEngine on
+    RewriteCond %{REQUEST_URI} =/app
+    RewriteRule ^/(.*) https://%{HTTP_HOST}/$1/ [NC,R,L]
+
+    SSLEngine on
+
+    #Disable CRIME vulernability v2.4+
+    SSLCompression off
+
+    #Clean SSL Issues and enable perfect forward secrecy
+    SSLProtocol all -SSLv2 -SSLv3 -TLSv1
+    SSLHonorCipherOrder on
+    SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 \
+EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 \
+EECDH EDH+aRSA !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4"
+
+    #SSL Cert Stuff
+    SSLCertificateFile    /etc/httpd/ssl/domain.crt
+    SSLCertificateKeyFile /etc/httpd/ssl/domain.key
+    #SSLCertificateChainFile /etc/httpd/ssl/serverchain.pem
+
+    SSLProxyEngine on
+    #Bypassing certicate checking on self-signed client cert
+    SSLProxyVerify none
+    SSLProxyCheckPeerCN off
+    SSLProxyCheckPeerName off
+    SSLProxyCheckPeerExpire off
+
+    ProxyPreserveHost on
+    RequestHeader set X-Forwarded-Proto "https" env=HTTPS
+    RequestHeader set REMOTE-USER %{REMOTE_USER}s
+    # Upgrade insecure requests, as an alternative to mod_substitute
+    # for http -> https url rewriting in response bodies.
+    #Header set Strict-Transport-Security "max-age=300"
+    #Header set Content-Security-Policy: upgrade-insecure-requests
+
+    Header set Access-Control-Max-Age "300"
+    # could be 'localhost', <ip-of-docker-machine>, '</etc/hosts entry>'
+    Header set Access-Control-Allow-Origin "*"
+    # allow cookies to be sent cross origin
+    Header set Access-Control-Allow-Credentials "true"
+    Header merge Access-Control-Allow-Methods "PUT, OPTIONS"
+    Header merge Access-Control-Expose-Headers "authorization"
+
+    #Map /idp to Tomcat
+    ProxyPass /idp https://idp:4443/idp
+    ProxyPassReverse /idp https://idp:4443/idp
+
+    ProxyPass /Shibboleth.sso http://sp/Shibboleth.sso
+    ProxyPassReverse /Shibboleth.sso http://sp/Shibboleth.sso
+
+    ProxyPass /pass-user-service http://sp/pass-user-service
+    ProxyPassReverse /pass-user-service http://sp/pass-user-service
+
+    ProxyPass /fcrepo http://sp/fcrepo
+    ProxyPassReverse /fcrepo http://sp/fcrepo
+
+    # Allow the pass Elasticsearch index to be searched as /es
+    # Convert private Fedora URIs returned by Elasticsearch to public URIs.
+    <Location /es>
+        ProxyPass http://sp/es
+        ProxyPassReverse http://sp/es
+
+        # Needed for Substitute to work. Turns off compression.
+        RequestHeader unset Accept-Encoding
+
+        AddOutputFilterByType SUBSTITUTE application/json
+        Substitute "s|http://fcrepo:8080/fcrepo/rest/|https://pass.local/fcrepo/rest/|n"
+    </Location>
+
+    # Allow DSpace to be addressed through the proxy
+    # Allows RepositoryCopy externalId to be resolved in various docker environments
+    <Location /xmlui>
+        ProxyPass http://dspace:8181/xmlui/
+        ProxyPassReverse http://dspace:8181/xmlui/
+
+        # Needed for Substitute to work. Turns off compression.
+        RequestHeader unset Accept-Encoding
+
+        AddOutputFilterByType SUBSTITUTE application/json
+        Substitute "s|http://dspace:8181/xmlui/|https://pass.local/xmlui/|n"
+    </Location>
+
+    <Location /matomo>
+      Header Set HTTP-X-FORWARDED-URI /matomo
+
+      # Matomo
+      ProxyPass http://matomo/
+      ProxyPassReverse https://pass.local/matomo/
+
+    </Location>
+
+    # Ember app
+    ProxyPass /app http://sp/app
+    ProxyPassReverse /app http://sp/app
+
+    # Schema service
+    ProxyPass /schemaservice http://sp/schemaservice
+    ProxyPassReverse /schemaservice http://sp/schemaservice
+
+    # policy service
+    ProxyPass /policyservice http://sp/policyservice
+    ProxyPassReverse /policyservice http://sp/policyservice
+
+    # DOI service
+    ProxyPass /doiservice http://sp/doiservice
+    ProxyPassReverse /doiservice http://sp/doiservice
+
+    # OA Manuscript download service
+    ProxyPass /downloadservice http://sp/downloadservice
+    ProxyPassReverse /downloadservice http://sp/downloadservice
+
+    # Static pages
+    ProxyPass / http://static-html:82/
+    ProxyPassReverse / http://static-html:82/
+
+</VirtualHost>
+
+<IfModule log_config_module>
+    #
+    # The following directives define some format nicknames for use with
+    # a CustomLog directive (see below).
+    #
+    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
+    LogFormat "%h %l %u %t \"%r\" %>s %b" common
+
+    <IfModule logio_module>
+      # You need to enable mod_logio.c to use %I and %O
+      LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
+    </IfModule>
+
+    #
+    # The location and format of the access logfile (Common Logfile Format).
+    # If you do not define any access logfiles within a <VirtualHost>
+    # container, they will be logged here.  Contrariwise, if you *do*
+    # define per-<VirtualHost> access logfiles, transactions will be
+    # logged therein and *not* in this file.
+    #
+    #CustomLog "logs/access_log" common
+
+    #
+    # If you prefer a logfile with access, agent, and referer information
+    # (Combined Logfile Format) you can use the following directive.
+    #
+    CustomLog /dev/stdout "httpd-combined %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\""
+</IfModule>