matomo/matomo.spec
Eric Schirra 393c8d9328 - Update to 5.2.1
* Security updates
    - Installer timestamp mechanism for a more secure On-Premise setup

OBS-URL: https://build.opensuse.org/package/show/network:utilities/matomo?expand=0&rev=134
2024-12-21 12:58:21 +00:00

247 lines
11 KiB
RPMSpec

#
# spec file for package matomo
#
# Copyright (c) 2020 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
# See also http://en.opensuse.org/openSUSE:Specfile_guidelines
%{!?_tmpfilesdir:%global _tmpfilesdir %{_prefix}/lib/tmpfiles.d}
Name: matomo
Version: 5.2.1
Release: 0
Summary: Web analytics platform
License: GPL-3.0-or-later
Group: Productivity/Networking/Web/Utilities
URL: http://matomo.org/
Source0: http://builds.matomo.org/%{name}-%{version}.tar.gz
Source2: %{name}.conf
Source3: %{name}.logrotate
Source4: %{name}-README.SUSE
Source10: %{name}-archive.cron
Source11: %{name}-archive.service
Source12: %{name}-archive.timer
Source13: %{name}.my.cnf
Source14: %{name}-tmpfile.conf
Source99: %{name}.rpmlintrc
# PATCH-FIX-OPENSUSE: Don't show wrong message with wrong owner of %%{apache_serverroot}/%%{name} when disable enable_auto_update through package installation.
Patch1: %{name}-package_update.patch
BuildArch: noarch
%if 0%{?suse_version} >= 1500
Requires(pre): user(wwwrun)
Requires(pre): group(www)
%else
Requires(pre): aaa_base
%endif
BuildRequires: apache-rpm-macros
BuildRequires: cron
BuildRequires: fdupes
BuildRequires: logrotate
BuildRequires: mariadb
BuildRequires: unzip
BuildRequires: pkgconfig(systemd)
Requires: nodejs
Requires: python3
Requires: logrotate
Requires: php-ctype
Requires: php-curl
Requires: php-dom
Requires: php-gd
Requires: php-iconv
# for the upgrade process:
Requires(pre): php-json
Requires: php-json
Requires: php-mbstring
Requires: php-mysql
Requires: php-pdo
#Requires: php-sqlite
Requires: php-tokenizer
Requires: php-xmlreader
Requires: php-xmlwriter
Requires: php-zlib
Requires(pre): php
%{?systemd_requires}
Recommends: php-geoip
Recommends: php-openssl
Recommends: mariadb
Recommends: cron
Conflicts: piwik
%description
Matomo, formerly Piwik, is a web analytics platform that gives
insights into a website's visitors and marketing campaigns, so the
strategy and online experience of visitors may be optimized.
%package apache
Summary: Apache configuration for %{name}
Group: Productivity/Networking/Web/Utilities
BuildRequires: apache2
Requires: apache2
Requires: mod_php_any >= 7.2.5
Recommends: apache2-mod_geoip
Supplements: packageand(apache2:%name)
%description apache
This subpackage contains the Apache configuration files
%prep
%setup -q -n %{name}
%patch -P 1 -p1
install -m644 %{SOURCE4} README.SUSE
# remove unwanted files
find . -type f "(" -name .htaccess -o -name .travis.sh -o -name .gitkeep ")" -delete
#find . -name ".git*" -exec rm -Rf "{}" "+"
find . -type f "(" -name "*.c" -o -name "*.h" -o -name "*.js.orig" ")" -delete
# env-script-interpreter
find . -type f -exec sed -i -e 's|\/usr\/bin\/env php|\/usr\/bin\/php|g' {} +
find . -type f -name "*.sh" -exec sed -i -e 's|\/usr\/bin\/env bash|\/bin\/bash|g' {} +
sed -i 's|python$|python3|' misc/log-analytics/import_logs.py
#
# disable the auto updater, it can't work properly with the new, more secure permissions and is a bad idea on a RPM based setup anyways.
#
sed -i '/enable_auto_update/s/1$/0/' config/global.ini.php
#
# Fix integrity check triggered from fix of rpmlint errors.
# Drop moved files
for i in CHANGELOG.md CONTRIBUTING.md PRIVACY.md README.md SECURITY.md LEGALNOTICE LICENSE 'misc\/cron\/.htaccess' 'misc\/How to install Matomo.html' 'vendor\/tecnickcom\/tcpdf\/tools\/.htaccess' 'vendor\/twig\/twig\/ext\/twig\/php_twig.h' 'vendor\/twig\/twig\/ext\/twig\/twig.c' 'js\/piwik.js.orig' '.eslintignore' '.eslintrc.js' '.browserslistrc' 'vendor\/lox\/xhprof\/extension\/php_xhprof.h' 'vendor\/lox\/xhprof\/extension\/xhprof.c'
do
sed -i "/\W\"${i}\"\W/d" config/manifest.inc.php
done
# Insert new hashes for chanded files
for file in console 'vendor/tecnickcom/tcpdf/tools/tcpdf_addfont.php' 'config/global.ini.php' 'core/CliMulti/Output.php' 'plugins/CoreUpdater/Commands/Update.php' 'vendor/matomo/matomo-php-tracker/run_tests.sh' 'vendor/wikimedia/less.php/bin/lessc' 'misc/log-analytics/import_logs.py' 'core/CliMulti.php' 'vendor/symfony/error-handler/Resources/bin/extract-tentative-return-types.php' 'vendor/symfony/error-handler/Resources/bin/patch-type-declarations' 'vendor/symfony/var-dumper/Resources/bin/var-dump-server'
do
size=$(ls -l $file | awk '{ print $5 }')
checksum=$(sha256sum $file | awk '{ print $1 }')
file2=$(echo "$file" | sed 's/\//\\\//g')
sed -i "/\W\"$file2\"\W/c \"$file\" => array(\"$size\", \"$checksum\")," config/manifest.inc.php
done
%build
# nothing to build
%install
# make directories
install -d -m0755 %{buildroot}/%{apache_serverroot}/%{name}
install -d -m0755 %{buildroot}/%{apache_serverroot}/%{name}/tmp
install -d -m0755 %{buildroot}/%{_sysconfdir}/%{name}
install -d -m0755 %{buildroot}/%{_defaultdocdir}/%{name}
# copy src from build to buildroot
mv *SUSE %{buildroot}/%{_defaultdocdir}/%{name}
mv LEGALNOTICE %{buildroot}/%{_defaultdocdir}/%{name}
mv LICENSE %{buildroot}/%{_defaultdocdir}/%{name}
mv "misc/How to install Matomo.html" %{buildroot}/%{_defaultdocdir}/%{name}
mv *md %{buildroot}/%{_defaultdocdir}/%{name}
cp -dR * %{buildroot}/%{apache_serverroot}/%{name}
# install matomo.conf to apache conf.d
mkdir -p %{buildroot}/%{apache_sysconfdir}/conf.d
sed -e 's|__matomo_web__|%{apache_serverroot}/%{name}|g' \
-e 's|__matomo_conf__|%{_sysconfdir}/%{name}|g' \
-e 's|__matomo_log__|/var/log/%{name}|g' \
%{SOURCE2} > %{buildroot}/%{apache_sysconfdir}/conf.d/%{name}.conf
# install logrotate
install -D -m0644 %{SOURCE3} %{buildroot}/%{_sysconfdir}/logrotate.d/%{name}
sed -i -e 's|@APACHE_USER@|%{apache_user}|g' %{buildroot}/%{_sysconfdir}/logrotate.d/%{name}
sed -i -e 's|@APACHE_GROUP@|%{apache_group}|g' %{buildroot}/%{_sysconfdir}/logrotate.d/%{name}
# move config to etc/matomo and make symlink
mv %{buildroot}/%{apache_serverroot}/%{name}/config/* \
%{buildroot}/%{_sysconfdir}/%{name}
rm -d %{buildroot}/%{apache_serverroot}/%{name}/config
ln -s %{_sysconfdir}/%{name} %{buildroot}/%{apache_serverroot}/%{name}/config
# install cronscript and systemd-timer
install -d -m 0755 %{buildroot}/%{_sysconfdir}/cron.d
install -d -m 0755 %{buildroot}/var/log/%{name}
install -D -m 0644 %{SOURCE10} %{buildroot}/%{_sysconfdir}/cron.d/%{name}-archive
install -D -m 0644 %{SOURCE11} %{buildroot}%{_unitdir}/%{name}-archive.service
install -D -m 0644 %{SOURCE12} %{buildroot}%{_unitdir}/%{name}-archive.timer
install -D -m 0644 %{SOURCE14} %{buildroot}%{_tmpfilesdir}/%{name}.conf
sed -i -e 's|@APACHE_USER@|%{apache_user}|g' %{buildroot}%{_sysconfdir}/cron.d/%{name}-archive
sed -i -e 's|@APACHE_SERVERROOT@|%{apache_serverroot}|g' %{buildroot}%{_sysconfdir}/cron.d/%{name}-archive
sed -i -e 's|@APACHE_USER@|%{apache_user}|g' %{buildroot}%{_unitdir}/%{name}-archive.service
sed -i -e 's|@APACHE_GROUP@|%{apache_group}|g' %{buildroot}%{_unitdir}/%{name}-archive.service
sed -i -e 's|@APACHE_SERVERROOT@|%{apache_serverroot}|g' %{buildroot}%{_unitdir}/%{name}-archive.service
# install changes for mariadb
install -D -m0644 %{SOURCE13} %{buildroot}/%{_sysconfdir}/my.cnf.d/%{name}.my.cnf
%fdupes %{buildroot}/%{_prefix}
%fdupes %{buildroot}/srv
%pre
%service_add_pre matomo-archive.timer matomo-archive.service
%post
# BSC#1154324
# # # chown -R %{apache_user}:%{apache_group} %{apache_serverroot}/%{name}
%service_add_post matomo-archive.timer matomo-archive.service apache2.service
%tmpfiles_create %{_tmpfilesdir}/%{name}.conf
if [ $1 -gt 1 ]; then
# Update matomo if this is an upgrade $1 == 2
echo "matomo: Update matomo:core..."
su %{apache_user} -s /bin/sh -c "%{_bindir}/php %{apache_serverroot}/%{name}/console config:set 'Tracker.record_statistics="0"'" || :
su %{apache_user} -s /bin/sh -c "%{_bindir}/php %{apache_serverroot}/%{name}/console config:set 'General.maintenance_mode="1"'" || :
su %{apache_user} -s /bin/sh -c "%{_bindir}/php %{apache_serverroot}/%{name}/console core:update --yes" || :
su %{apache_user} -s /bin/sh -c "%{_bindir}/php %{apache_serverroot}/%{name}/console config:set 'General.maintenance_mode="0"'" || :
su %{apache_user} -s /bin/sh -c "%{_bindir}/php %{apache_serverroot}/%{name}/console config:set 'Tracker.record_statistics="1"'" || :
:
fi
%preun
%service_del_preun matomo-archive.timer matomo-archive.service
%postun
%service_del_postun matomo-archive.timer matomo-archive.service apache2.service
%files
%defattr(-,root,root,-)
%dir %{_defaultdocdir}/%{name}
%{_defaultdocdir}/%{name}/*
%config(noreplace) %{_sysconfdir}/logrotate.d/%{name}
%config(noreplace) %{_sysconfdir}/cron.d/%{name}-archive
%config(noreplace) %{_sysconfdir}/my.cnf.d/%{name}.my.cnf
%{_unitdir}/%{name}-archive.service
%{_unitdir}/%{name}-archive.timer
%{_tmpfilesdir}/%{name}.conf
%dir %attr(0750,%{apache_user},%{apache_group}) %{_sysconfdir}/%{name}
%dir %attr(0750,%{apache_user},%{apache_group}) %{_sysconfdir}/%{name}/environment
%attr(0640,%{apache_user},%{apache_group}) %{_sysconfdir}/%{name}/*.php
%attr(0640,%{apache_user},%{apache_group}) %{_sysconfdir}/%{name}/environment/*.php
%ghost %attr(0750,%{apache_user},%{apache_group}) /run/%{name}_sessions
%defattr(644,root,root,755)
%dir %{apache_serverroot}
%dir %{apache_serverroot}/%{name}
%dir %attr(0750,%{apache_user},%{apache_group}) %{apache_serverroot}/%{name}/js
%dir %attr(0750,%{apache_user},%{apache_group}) %{apache_serverroot}/%{name}/misc
%dir %attr(0750,%{apache_user},%{apache_group}) %{apache_serverroot}/%{name}/plugins
%dir %attr(0750,%{apache_user},%{apache_group}) %{apache_serverroot}/%{name}/tmp
%dir %attr(0750,%{apache_user},%{apache_group}) /var/log/%{name}
%config(noreplace) %attr(600,%{apache_user},%{apache_group}) %{_sysconfdir}/%{name}/*php
%{_sysconfdir}/%{name}/environment/*php
%attr(0644,%{apache_user},%{apache_group}) %{apache_serverroot}/%{name}/matomo.js
%attr(0644,%{apache_user},%{apache_group}) %{apache_serverroot}/%{name}/piwik.js
%attr(0644,%{apache_user},%{apache_group}) %{apache_serverroot}/%{name}/js/piwik.min.js
%attr(0770,%{apache_user},%{apache_group}) %{apache_serverroot}/%{name}/console
%attr(0770,%{apache_user},%{apache_group}) %{apache_serverroot}/%{name}/misc/cron/archive.sh
%attr(0770,%{apache_user},%{apache_group}) %{apache_serverroot}/%{name}/misc/log-analytics/import_logs.py
%attr(0770,%{apache_user},%{apache_group}) %{apache_serverroot}/%{name}/vendor/pear/archive_tar/sync-php4
%attr(0770,%{apache_user},%{apache_group}) %{apache_serverroot}/%{name}/vendor/wikimedia/less.php/bin/lessc
%{apache_serverroot}/%{name}/*
%files apache
%config(noreplace) %{apache_sysconfdir}/conf.d/%{name}.conf
%changelog