NixOS · leona-ya · Jan 21, 2025 · Jan 15, 2025 · Jan 15, 2025 · Jan 15, 2025
diff --git a/nixos/doc/manual/release-notes/rl-2505.section.md b/nixos/doc/manual/release-notes/rl-2505.section.md
@@ -263,6 +263,8 @@
 
 - `matomo` now defaults to version 5 (previously available as `matomo_5`). Version 4 has been removed as it reached EOL on December 19, 2024.
 
+- `matomo-beta` has been removed as the version of the `matomo` package can now be easily overriden through `overrideAttrs` (see [PR #374022](https://github.com/NixOS/nixpkgs/pull/374022))
+
 - `docker_24` has been removed, as it was EOL with vulnerabilites since June 08, 2024.
 
 - `containerd` has been updated to v2, which contains breaking changes. See the [containerd

diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix
@@ -585,7 +585,7 @@ in {
   mate = handleTest ./mate.nix {};
   mate-wayland = handleTest ./mate-wayland.nix {};
   matter-server = handleTest ./matter-server.nix {};
-  matomo = handleTest ./matomo.nix {};
+  matomo = runTest ./matomo.nix;
   matrix-appservice-irc = runTest ./matrix/appservice-irc.nix;
   matrix-conduit = handleTest ./matrix/conduit.nix {};
   matrix-synapse = handleTest ./matrix/synapse.nix {};

diff --git a/nixos/tests/matomo.nix b/nixos/tests/matomo.nix
@@ -1,84 +1,58 @@
+{ lib, ... }:
 {
-  system ? builtins.currentSystem,
-  config ? { },
-  pkgs ? import ../.. { inherit system config; },
-}:
-
-with import ../lib/testing-python.nix { inherit system pkgs; };
-with pkgs.lib;
-
-let
-  matomoTest =
-    package:
-    makeTest {
-      name = "matomo";
-
-      nodes.machine =
-        { config, pkgs, ... }:
-        {
-          services.matomo = {
-            package = package;
-            enable = true;
-            nginx = {
-              forceSSL = false;
-              enableACME = false;
-            };
-          };
-          services.mysql = {
-            enable = true;
-            package = pkgs.mariadb;
-          };
-          services.nginx.enable = true;
+  name = "matomo";
+
+  nodes.machine =
+    { config, pkgs, ... }:
+    {
+      services.matomo = {
+        enable = true;
+        nginx = {
+          forceSSL = false;
+          enableACME = false;
         };
+      };
+      services.mysql = {
+        enable = true;
+        package = pkgs.mariadb;
+      };
+      services.nginx.enable = true;
+    };
 
-      testScript = ''
-        start_all()
-        machine.wait_for_unit("mysql.service")
-        machine.wait_for_unit("phpfpm-matomo.service")
-        machine.wait_for_unit("nginx.service")
+  testScript = ''
+    start_all()
+    machine.wait_for_unit("mysql.service")
+    machine.wait_for_unit("phpfpm-matomo.service")
+    machine.wait_for_unit("nginx.service")
 
-        with subtest("matomo.js reachable via HTTP"):
-          machine.succeed("curl -sSfk http://machine/matomo.js")
+    with subtest("matomo.js reachable via HTTP"):
+      machine.succeed("curl -sSfk http://machine/matomo.js")
 
-        with subtest("js/piwik.js reachable via HTTP"):
-          machine.succeed("curl -sSfk http://machine/js/piwik.js")
+    with subtest("js/piwik.js reachable via HTTP"):
+      machine.succeed("curl -sSfk http://machine/js/piwik.js")
 
-        with subtest("matomo.php (API) reachable via HTTP"):
-          machine.succeed("curl -sSfk http://machine/matomo.php")
+    with subtest("matomo.php (API) reachable via HTTP"):
+      machine.succeed("curl -sSfk http://machine/matomo.php")
 
-        # without the grep the command does not produce valid utf-8 for some reason
-        with subtest("welcome screen loads"):
-            machine.succeed(
-                "curl -sSfL http://localhost/ | grep '<title>Matomo[^<]*Installation'"
-            )
+    # without the grep the command does not produce valid utf-8 for some reason
+    with subtest("welcome screen loads"):
+      machine.succeed(
+        "curl -sSfL http://localhost/ | grep '<title>Matomo[^<]*Installation'"
+      )
 
-        with subtest("killing the phpfpm process should trigger an automatic restart"):
-          machine.succeed("systemctl kill -s KILL phpfpm-matomo")
-          machine.sleep(1)
-          machine.wait_for_unit("phpfpm-matomo.service")
-      '';
-    };
-in
-{
-  matomo = matomoTest pkgs.matomo // {
-    name = "matomo";
-    meta.maintainers =
-      with maintainers;
-      [
-        florianjacob
-        mmilata
-        twey
-        boozedog
-      ]
-      ++ lib.teams.flyingcircus.members;
-  };
-  matomo-beta = matomoTest pkgs.matomo-beta // {
-    name = "matomo-beta";
-    meta.maintainers = with maintainers; [
+    with subtest("killing the phpfpm process should trigger an automatic restart"):
+      machine.succeed("systemctl kill -s KILL phpfpm-matomo")
+      machine.sleep(1)
+      machine.wait_for_unit("phpfpm-matomo.service")
+  '';
+
+  meta.maintainers =
+    with lib.maintainers;
+    [
       florianjacob
       mmilata
       twey
       boozedog
-    ];
-  };
+    ]
+    ++ lib.teams.flyingcircus.members;
 }
diff --git a/pkgs/servers/web-apps/matomo/bootstrap.php → pkgs/by-name/ma/matomo/bootstrap.php b/pkgs/servers/web-apps/matomo/bootstrap.php → pkgs/by-name/ma/matomo/bootstrap.php
diff --git a/...-apps/matomo/change-path-geoip2-5.x.patch → ...me/ma/matomo/change-path-geoip2-5.x.patch b/...-apps/matomo/change-path-geoip2-5.x.patch → ...me/ma/matomo/change-path-geoip2-5.x.patch
diff --git a/...ake-localhost-default-database-host.patch → ...ake-localhost-default-database-host.patch b/...ake-localhost-default-database-host.patch → ...ake-localhost-default-database-host.patch
diff --git a/pkgs/by-name/ma/matomo/package.nix b/pkgs/by-name/ma/matomo/package.nix
@@ -0,0 +1,123 @@
+{
+  lib,
+  stdenv,
+  fetchurl,
+  makeWrapper,
+  php,
+  nixosTests,
+  nix-update-script,
+}:
+
+stdenv.mkDerivation (finalAttrs: {
+  pname = "matomo";
+  version = "5.2.1";
+
+  src = fetchurl {
+    url = "https://builds.matomo.org/matomo-${finalAttrs.version}.tar.gz";
+    hash = "sha256-5glMwwIG0Uo8bu904u40FUa+yaUlrQe1nUCkv9/ATks=";
+  };
+
+  nativeBuildInputs = [ makeWrapper ];
+
+  patches = [
+    # This changes the default value of the database server field
+    # from 127.0.0.1 to localhost.
+    # unix socket authentication only works with localhost,
+    # but password-based SQL authentication works with both.
+    # TODO: is upstream interested in this?
+    # -> discussion at https://github.com/matomo-org/matomo/issues/12646
+    ./make-localhost-default-database-host.patch
+    # This changes the default config for path.geoip2 so that it doesn't point
+    # to the nix store.
+    ./change-path-geoip2-5.x.patch
+  ];
+
+  # this bootstrap.php adds support for getting PIWIK_USER_PATH
+  # from an environment variable. Point it to a mutable location
+  # to be able to use matomo read-only from the nix store
+  postPatch = ''
+    cp ${./bootstrap.php} bootstrap.php
+  '';
+
+  # TODO: future versions might rename the PIWIK_… variables to MATOMO_…
+  # TODO: Move more unnecessary files from share/, especially using PIWIK_INCLUDE_PATH.
+  #       See https://forum.matomo.org/t/bootstrap-php/5926/10 and
+  #       https://github.com/matomo-org/matomo/issues/11654#issuecomment-297730843
+  installPhase = ''
+    runHook preInstall
+
+    # copy everything to share/, used as webroot folder, and then remove what's known to be not needed
+    mkdir -p $out/share
+    cp -ra * $out/share/
+    # tmp/ is created by matomo in PIWIK_USER_PATH
+    rmdir $out/share/tmp
+    # config/ needs to be accessed by PIWIK_USER_PATH anyway
+    ln -s $out/share/config $out/
+
+    makeWrapper ${php}/bin/php $out/bin/matomo-console \
+      --add-flags "$out/share/console"
+
+    runHook postInstall
+  '';
+
+  filesToFix = [
+    "misc/composer/build-xhprof.sh"
+    "misc/composer/clean-xhprof.sh"
+    "misc/cron/archive.sh"
+    "plugins/GeoIp2/config/config.php"
+    "plugins/Installation/FormDatabaseSetup.php"
+    "vendor/pear/archive_tar/sync-php4"
+    "vendor/szymach/c-pchart/coverage.sh"
+    "vendor/matomo/matomo-php-tracker/run_tests.sh"
+    "vendor/twig/twig/drupal_test.sh"
+  ];
+
+  # This fixes the consistency check in the admin interface
+  #
+  # The filesToFix list may contain files that are exclusive to only one of the versions we build
+  # make sure to test for existence to avoid erroring on an incompatible version and failing
+  postFixup = ''
+    pushd $out/share > /dev/null
+    for f in $filesToFix; do
+      if [ -f "$f" ]; then
+        length="$(wc -c "$f" | cut -d' ' -f1)"
+        hash="$(md5sum "$f" | cut -d' ' -f1)"
+        sed -i "s:\\(\"$f\"[^(]*(\\).*:\\1\"$length\", \"$hash\"),:g" config/manifest.inc.php
+      else
+        echo "INFO(files-to-fix): $f does not exist in this version"
+      fi
+    done
+    popd > /dev/null
+  '';
+
+  passthru = {
+    updateScript = nix-update-script {
+      extraArgs = [
+        "--url"
+        "https://github.com/matomo-org/matomo"
+      ];
+    };
+    tests = lib.optionalAttrs stdenv.hostPlatform.isLinux {
+      inherit (nixosTests) matomo;
+    };
+  };
+
+  meta = {
+    description = "Real-time web analytics application";
+    mainProgram = "matomo-console";
+    license = lib.licenses.gpl3Plus;
+    homepage = "https://matomo.org/";
+    changelog = "https://github.com/matomo-org/matomo/releases/tag/${finalAttrs.version}";
+    platforms = lib.platforms.all;
+    maintainers =
+      with lib.maintainers;
+      [
+        florianjacob
+        sebbel
+        twey
+        boozedog
+        niklaskorz
+      ]
+      ++ lib.teams.flyingcircus.members;
+  };
+})