Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Matomo - https://github.com/jenkins-infra/helpdesk/issues/3530 #4032

Open
wants to merge 5 commits into
base: main
Choose a base branch
from
Open

Matomo - https://github.com/jenkins-infra/helpdesk/issues/3530 #4032

wants to merge 5 commits into from
+300 −0

Conversation

halkeye
Copy link
Member

@halkeye halkeye commented Jun 3, 2023

Uses bitnami helm chart as a template

  • Add in crontab for background tasks
  • secrets secrets
externalDatabase:
    host: ENC[AES256_GCM,data:NbnjIVsBhNk27YGP2yP4+o/DmCGnKhRJkbetwWUeEhjHQFe2xpIevo8RQmWS9llmSfXDd17veSSThqze2A==,iv:ku6IS6kncpBBaypIPx3fmLYhdzjdK0dYJNHuHZ9RlAo=,tag:1/asHAhxjMpOITcecP+9Wg==,type:str]
    port: ENC[AES256_GCM,data:49ca2eQ=,iv:6jV9yghdXk8pbaj4r49f4WFGXXkaniRNdu2cX7Iczlk=,tag:X3Sgg9ablyhUYAkEVnzzlQ==,type:int]
    password: ENC[AES256_GCM,data:0SaYwMSD0ZeV3YYsVdizn59bwgFoTfBB,iv:1nI9T7+ar76aUmbaWGDRRwqvRFRnfCeVyplIpQz8S4Q=,tag:UWSdOaTbiWYlsGRJT5xZSQ==,type:str]
    database: ENC[AES256_GCM,data:rWAolO19,iv:bOTYryTfafyukp3w1K65NUlSuVXWPzT6LrOKriiRr8E=,tag:fmr3XtBISmtXUAktAXKOqQ==,type:str]
    user: ENC[AES256_GCM,data:6PBLoNwz,iv:UhdLRKvhkZWfKQSxXzeGdChqUu4qFwS7iQOXQQIW2YA=,tag:gzXQEPkZbE0rcCFSBYWKMw==,type:str]
matomoSalt: ENC[AES256_GCM,data:HlpwX9pAGuoWlE0nXbv5TZUv+UhYfDtkEqC26nO7jas=,iv:ZRYsHjRxtHDvA9v+j6uK45/sG50GT1VAM7XT40DW/DI=,tag:9vS0BU4nEaHY+qXpyKOa6w==,type:str]
matomoPassword: ENC[AES256_GCM,data:SdWGZ8KqaLAp2EVXustDAjtch5Ts9XeSHhQFcctgMoi8OHewPxjYu0TvtrSRVKWXXjRkzvqnK3XDfhf1Lg47ew==,iv:5WE4t/V+Qq8XF3Mc5SrJEtMD35vSPG2d1O1kcXqsUa8=,tag:gBdfYORQ/aiNCkINcp10/Q==,type:str]
maxmind:
    account_id: ENC[AES256_GCM,data:p598Og7W,iv:PTPXY5iAPzDybOcUPmWJho1AJH7V9bBUPs1LsAvU+Ps=,tag:7m7yOA2fjnaro4OLUqV1yg==,type:int]
    license_key: ENC[AES256_GCM,data:sAPhcOowpR7ioFxfa9Zh8B2ZFO4s5IJ5hgRj1EyREgCWLft6C+X1wg==,iv:y1EWCChrk9lb6JgoY2UCnQAWIIhoCGp+i9L+PDor82Q=,tag:US+JKDFGtK3cO4V53zJMVg==,type:str]
sops:
    kms: []
    gcp_kms: []
    azure_kv: []
    hc_vault: []
    age: []
    lastmodified: "2023-06-03T20:13:48Z"
    mac: ENC[AES256_GCM,data:wYm+k7EYUwlMyZ4MmwCNQgvf/GrkpPDZj+BN3/V9wtF08H+i7EZ1aPnuuTeo9op7VKdWBqRI3YdUH3ee3jw1/VEPNGHFgW/IWO3DzSvLJclWYdFpc/NF+DEL31y0u/bD3AdoDERSfTykQz0rd9j3Vdk26TqdK2phUoXt4lC9bD4=,iv:fCPh0DOuk2ykXph07d+UiIttX/JkmnSQ70JTqP/FBfc=,tag:WNtd3aXQdW5Y0pILWVjLOw==,type:str]
    pgp:
        - created_at: "2023-06-03T20:08:35Z"
          enc: |
            -----BEGIN PGP MESSAGE-----

            hQIMA7pRwZh7mkwAARAAl7k41IUupAtRurH3STM/9GWHxL//r8cUMWhg+gUytvPF
            0kJkay3l3PhUx0UyXHxdLvbOiFF8zNkeiQl7YMlrU7c+vLgLce+XmnM8WZI8ktWl
            CQrBJp8II0Rzj2XsGFdnrmQtlnMBw9KG3c+5PgndVyx3Cunku6qG0y4rQTYslhcC
            UKGRMFsea6NL/o/UVILqD6QHnVYDthZt5KnM2UwWpRMs5mE8Sr4g9al1Gg/ZTy/T
            KiZ3ZWgSjZj7LeaIEEYb7/r5/uzF9gBSzu9YPHxlmRSXQTEapbbmOXgdxKSkn65o
            qU9gJZdnWlckFNrWltZ0AcHfhVoD5UavIXWWxByWpoI8B6X5RBmomhMPD9B+2Y2E
            qjhxjch11N6LyZXzZ6T59iFlFGSThdjLGsCzYP/CbfDJf2yzEI/NBCwKhEUQ6FHE
            iuFtYEog6oNMs22TdUdcoTnrRD6YsjEytNF4ftWuDJvp1x5C4Jbg0lCUjO5dflY3
            MkDE+2rYyuo/JCjMZULoXQDonU3kogKjyjIgEtPMEaueXIA4mUaFl7HX06DjGX87
            EtbVSh+ILgNxtTCzBzU0IJd2EKemduu3lMcOAlIQsmxuThWxbkfCpWZ5cfNGUc1j
            jVmUGOa9NF5S4ralzNcHdtvhBl8+3JWeozUI7XkmhfMy2rQEfVI5THeZP663w1LS
            UQF8vuMdpwUG68FW49QSvT6oRGirVPNe/nu6/7u8PG+iVMrj1zfowD+ag07L+DEa
            xW3jwMIMji20GIVyfN2azIRSRQHR3F2UVZJpBQKutXc80g==
            =p0tJ
            -----END PGP MESSAGE-----
          fp: 88fabf5f307fb5870b6ad2e8a266f2d3f9d60c45
    unencrypted_suffix: _unencrypted
    version: 3.7.3

@halkeye halkeye requested a review from a team as a code owner June 3, 2023 20:50
@dduportal
Copy link
Contributor

@halkeye could you describe, in jenkins-infra/helpdesk#3530 or here, a summary of matomo: we're not against the fact of using it but we need to now what kind of service and requirements it has:

  • Storage (to allow us anticipate the storage policy and backups) or any persistence storage
  • Web service (are there different exposed services so we can check the DNS names/requirements for certificates and loadbalancing)

?

@halkeye
Copy link
Member Author

halkeye commented Jun 4, 2023

@dduportal hope thats enough jenkins-infra/helpdesk#3530 (comment)

@dduportal
Copy link
Contributor

Hello @halkeye sorry for the delays here. We haven't forgotten you but the migration of the services to publick8s + team members being off, we have to delay the matomoto initial deployment.

We have enough information from you from jenkins-infra/helpdesk#3530 (comment) so thanks!

Btw, we'll have to start with setting up a flexible MySQL database in Azure (as matomot does not support postgres). Not a problem but it has to be done first.

@halkeye
Copy link
Member Author

halkeye commented Jun 14, 2023

👍

if you give me ssh keys, i can add you to jenkins-matomo.do.g4v.dev if you want to do some sort of mysql replica or mysqldump to sync the data. I'm not sure how important it'll be to keep historical data though.

@dduportal
Copy link
Contributor

That is a good idea! A mysql dump would be useful

@dduportal dduportal self-assigned this Oct 9, 2023
@dduportal dduportal mentioned this pull request Oct 9, 2023
Open
@dduportal
Copy link
Contributor

Uses bitnami helm chart as a template

* Add in crontab for background tasks

* secrets secrets

externalDatabase:
    host: ENC[AES256_GCM,data:NbnjIVsBhNk27YGP2yP4+o/DmCGnKhRJkbetwWUeEhjHQFe2xpIevo8RQmWS9llmSfXDd17veSSThqze2A==,iv:ku6IS6kncpBBaypIPx3fmLYhdzjdK0dYJNHuHZ9RlAo=,tag:1/asHAhxjMpOITcecP+9Wg==,type:str]
    port: ENC[AES256_GCM,data:49ca2eQ=,iv:6jV9yghdXk8pbaj4r49f4WFGXXkaniRNdu2cX7Iczlk=,tag:X3Sgg9ablyhUYAkEVnzzlQ==,type:int]
    password: ENC[AES256_GCM,data:0SaYwMSD0ZeV3YYsVdizn59bwgFoTfBB,iv:1nI9T7+ar76aUmbaWGDRRwqvRFRnfCeVyplIpQz8S4Q=,tag:UWSdOaTbiWYlsGRJT5xZSQ==,type:str]
    database: ENC[AES256_GCM,data:rWAolO19,iv:bOTYryTfafyukp3w1K65NUlSuVXWPzT6LrOKriiRr8E=,tag:fmr3XtBISmtXUAktAXKOqQ==,type:str]
    user: ENC[AES256_GCM,data:6PBLoNwz,iv:UhdLRKvhkZWfKQSxXzeGdChqUu4qFwS7iQOXQQIW2YA=,tag:gzXQEPkZbE0rcCFSBYWKMw==,type:str]
matomoSalt: ENC[AES256_GCM,data:HlpwX9pAGuoWlE0nXbv5TZUv+UhYfDtkEqC26nO7jas=,iv:ZRYsHjRxtHDvA9v+j6uK45/sG50GT1VAM7XT40DW/DI=,tag:9vS0BU4nEaHY+qXpyKOa6w==,type:str]
matomoPassword: ENC[AES256_GCM,data:SdWGZ8KqaLAp2EVXustDAjtch5Ts9XeSHhQFcctgMoi8OHewPxjYu0TvtrSRVKWXXjRkzvqnK3XDfhf1Lg47ew==,iv:5WE4t/V+Qq8XF3Mc5SrJEtMD35vSPG2d1O1kcXqsUa8=,tag:gBdfYORQ/aiNCkINcp10/Q==,type:str]
maxmind:
    account_id: ENC[AES256_GCM,data:p598Og7W,iv:PTPXY5iAPzDybOcUPmWJho1AJH7V9bBUPs1LsAvU+Ps=,tag:7m7yOA2fjnaro4OLUqV1yg==,type:int]
    license_key: ENC[AES256_GCM,data:sAPhcOowpR7ioFxfa9Zh8B2ZFO4s5IJ5hgRj1EyREgCWLft6C+X1wg==,iv:y1EWCChrk9lb6JgoY2UCnQAWIIhoCGp+i9L+PDor82Q=,tag:US+JKDFGtK3cO4V53zJMVg==,type:str]
sops:
    kms: []
    gcp_kms: []
    azure_kv: []
    hc_vault: []
    age: []
    lastmodified: "2023-06-03T20:13:48Z"
    mac: ENC[AES256_GCM,data:wYm+k7EYUwlMyZ4MmwCNQgvf/GrkpPDZj+BN3/V9wtF08H+i7EZ1aPnuuTeo9op7VKdWBqRI3YdUH3ee3jw1/VEPNGHFgW/IWO3DzSvLJclWYdFpc/NF+DEL31y0u/bD3AdoDERSfTykQz0rd9j3Vdk26TqdK2phUoXt4lC9bD4=,iv:fCPh0DOuk2ykXph07d+UiIttX/JkmnSQ70JTqP/FBfc=,tag:WNtd3aXQdW5Y0pILWVjLOw==,type:str]
    pgp:
        - created_at: "2023-06-03T20:08:35Z"
          enc: |
            -----BEGIN PGP MESSAGE-----

            hQIMA7pRwZh7mkwAARAAl7k41IUupAtRurH3STM/9GWHxL//r8cUMWhg+gUytvPF
            0kJkay3l3PhUx0UyXHxdLvbOiFF8zNkeiQl7YMlrU7c+vLgLce+XmnM8WZI8ktWl
            CQrBJp8II0Rzj2XsGFdnrmQtlnMBw9KG3c+5PgndVyx3Cunku6qG0y4rQTYslhcC
            UKGRMFsea6NL/o/UVILqD6QHnVYDthZt5KnM2UwWpRMs5mE8Sr4g9al1Gg/ZTy/T
            KiZ3ZWgSjZj7LeaIEEYb7/r5/uzF9gBSzu9YPHxlmRSXQTEapbbmOXgdxKSkn65o
            qU9gJZdnWlckFNrWltZ0AcHfhVoD5UavIXWWxByWpoI8B6X5RBmomhMPD9B+2Y2E
            qjhxjch11N6LyZXzZ6T59iFlFGSThdjLGsCzYP/CbfDJf2yzEI/NBCwKhEUQ6FHE
            iuFtYEog6oNMs22TdUdcoTnrRD6YsjEytNF4ftWuDJvp1x5C4Jbg0lCUjO5dflY3
            MkDE+2rYyuo/JCjMZULoXQDonU3kogKjyjIgEtPMEaueXIA4mUaFl7HX06DjGX87
            EtbVSh+ILgNxtTCzBzU0IJd2EKemduu3lMcOAlIQsmxuThWxbkfCpWZ5cfNGUc1j
            jVmUGOa9NF5S4ralzNcHdtvhBl8+3JWeozUI7XkmhfMy2rQEfVI5THeZP663w1LS
            UQF8vuMdpwUG68FW49QSvT6oRGirVPNe/nu6/7u8PG+iVMrj1zfowD+ag07L+DEa
            xW3jwMIMji20GIVyfN2azIRSRQHR3F2UVZJpBQKutXc80g==
            =p0tJ
            -----END PGP MESSAGE-----
          fp: 88fabf5f307fb5870b6ad2e8a266f2d3f9d60c45
    unencrypted_suffix: _unencrypted
    version: 3.7.3

Hello @halkeye, could you encode this data with my public GPG key to allow me inserting it into sops ? (or insert it in sops if you still have access)?

@halkeye
Copy link
Member Author

halkeye commented Oct 9, 2023

I'm not sure you want my data for that. The MySQL credentials are probably pointing at a local container, and you probably don't want to use my maxmind account. I think the intention was just to show the keys and not need the values.

But I can certainly do it later today

@dduportal
Copy link
Contributor

I'm not sure you want my data for that. The MySQL credentials are probably pointing at a local container, and you probably don't want to use my maxmind account. I think the intention was just to show the keys and not need the values.

But I can certainly do it later today

Oh I see, make sense! In that case I'll start a new sops. Thanks your work and the answer!

halkeye and others added 5 commits October 18, 2023 12:22
@halkeye @dduportal
Matomo - jenkins-infra/helpdesk#3530
6fc9628 
Uses bitnami helm chart as a template
* Add in crontab for background tasks
* secrets secrets
@halkeye @dduportal
yamllint fixes
e147b5d
@halkeye @dduportal
enable metrics (especially since the default template looks at 9117 a…
1ea8f5b 
…nyways)
@dduportal
feat: use ARM64
fe514f1 
Signed-off-by: Damien Duportal <damien.duportal@gmail.com>
@dduportal
debug: initial setup with mysql managed database
b4efb36 
Signed-off-by: Damien Duportal <damien.duportal@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@dduportal dduportal

Labels
matomo
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@halkeye @dduportal @lemeurherve