Piwik requires the php setting always_populate_raw_post_data=-1 when running on PHP 5.6

It should be added to /etc/php/fpm/php.ini

See matomo-org/matomo#6468

This is the output I get from starting this container. As you can see at the bottom the nginx is unable to bind to port 80. The result is that the piwik instance is not running correctly.

Welcome to the marvambass/nginx-ssl-secure container

IMPORTANT:
  IF you use SSL inside your personal NGINX-config,
  you should add the Strict-Transport-Security header like:

    add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";

  to your config.
  After this you should gain a A+ Grade on the Qualys SSL Test

>> copy /etc/nginx/external/*.conf files to /etc/nginx/conf.d/
>> piwik is configured to listen behind a reverse proxy now
>> HSTS Headers disabled
>> set MYSQL Host: mysql
>> set MYSQL Port: 3306
>> set MYSQL User: <hidden>
>> set MYSQL Password: <hidden>
>> set MYSQL DB Name: piwik
>> set MYSQL Prefix: piwik_
>> making piwik available beneath: /
>> adding softlink from /piwik to /

>> #####################
>> init piwik
>> #####################

>> update CorePlugins
Add the following JS-Code to your Site -> don't forget to change the URLs ;)

<!-- Piwik -->
<script type="text/javascript">
  var _paq = _paq || [];
  _paq.push(['trackPageView']);
  _paq.push(['enableLinkTracking']);
  (function() {
    var u="//!!!YOUR-URL!!!/";
    _paq.push(['setTrackerUrl', u+'piwik.php']);
    _paq.push(['setSiteId', 1]);
    var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0];
    g.type='text/javascript'; g.async=true; g.defer=true; g.src=u+'piwik.js'; s.parentNode.insertBefore(g,s);
  })();
</script>
<noscript><p><img src="//!!!YOUR-URL!!!/piwik.php?idsite=1" style="border:0;" alt="" /></p></noscript>
<!-- End Piwik Code -->
>> exec docker CMD
nginx
2015/01/13 19:45:09 [emerg] 53#0: bind() to 0.0.0.0:80 failed (98: Address already in use)
2015/01/13 19:45:09 [emerg] 53#0: bind() to 0.0.0.0:443 failed (98: Address already in use)
2015/01/13 19:45:09 [notice] 53#0: try again to bind() after 500ms
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
2015/01/13 19:45:09 [notice] 53#0: using the "epoll" event method
2015/01/13 19:45:09 [notice] 53#0: nginx/1.7.9
2015/01/13 19:45:09 [notice] 53#0: built by gcc 4.7.2 (Debian 4.7.2-5)
2015/01/13 19:45:09 [notice] 53#0: OS: Linux 3.18.1-x86_64-linode50
2015/01/13 19:45:09 [notice] 53#0: getrlimit(RLIMIT_NOFILE): 524288:1048576
2015/01/13 19:45:09 [notice] 53#0: start worker processes
2015/01/13 19:45:09 [notice] 53#0: start worker process 54

Any idea what could cause this?

While investigating why my piwik installation is so slow I saw that the images uses APC https://github.com/MarvAmBass/docker-piwik/blob/master/Dockerfile#L14

But a quick run of php -v reveals that the container runs php 5.6

PHP 5.6.20-0+deb8u1 (cli) (built: Apr 27 2016 11:26:05) 
Copyright (c) 1997-2016 The PHP Group
Zend Engine v2.6.0, Copyright (c) 1998-2016 Zend Technologies
    with Zend OPcache v7.0.6-dev, Copyright (c) 1999-2016, by Zend Technologies

It seems like APC isn't supported since php 5.5 and got replaced by OPcache.
Maybe APC should be removed and OPcache configured:

http://www.php.net/manual/en/opcache.configuration.php

Piwik 2.15.0 is now out. It has improvements for performance and to the UI.

Piwik new version is now available.

Could you push the new image please? I think there are no big changes needed.

It would be great if its also tagged.

Thanks!

When I run pivik with a linked mysql container, it looks like everything is OK (the log tells me that a password was autogenerated and then the whole pivik setup was done). But then I cannot login with the generated password. Is there any way I could debug this? The user table in the database does not contain an entry for 'admin'...

There is a Strict Transport Header inside the NGINX config file.

On the other hand you are listening on non https traffic (which is needed for tracking)

Remove it by default and activate it only on request (ENV) you then may disable the whole listen to unencrypted traffic on port 80. Split the NGINX config in two config files (unencrypted, encrypted)

I've stated the container and linked it against a mysql container.
I've created the database named piwik manually.

When starting your container without providing PIWIK_MYSQL_USER and PIWIK_MYSQL_PASSWORD it gives SQLSTATE[28000] [1045] Access denied for user 'www-data'@'172.17.0.28' (using password: NO)
That's ok I think.

When I provide these values I get SQLSTATE[42S02]: Base table or view not found: 1146 Table 'piwik.piwik_option' doesn't exist at Piwik setup step 1
Shouldn't this stuff be generated by startup-piwik.sh or did I forget something?

Configuring a container with a password that contains the & character fails.

If my password was foobarpass&word, then the config.ini.php contained:

password = foobarpassPIWIK_MYSQL_PASSWORDword

Docker Hub reports

Last pushed: 2 months ago

and throws many 404. Maybe you should have a look into it.

Hi!

Would you like to collaborate on this: matomo-org/docker#1

Then we could share the work to maintain upstream image. And you could then base this image on the official one?

What do you think?

Best!

Pierre

The bug was introduced in commit 775e02a

I am getting a 403 - Forbidden - nginx error when browsing to http://localhost:9002.

I installed a mysql-container like this (source: https://hub.docker.com/_/mysql/ ):

docker run --name mysqlcontainer -e MYSQL_ROOT_PASSWORD=my-secret-pw -d mysql:latest

Then I started the marvambass/piwik-container like this:

docker run -d -p 9002:80 -p 9003:443 --link mysqlcontainer:mysql --name piwik marvambass/piwik

This is the output of docker ps:

[root@localhost mysql]# docker ps
CONTAINER ID        IMAGE                    COMMAND                  CREATED             STATUS              PORTS                                         NAMES
39cb46ef28d5        marvambass/piwik         "/opt/entrypoint.sh n"   8 minutes ago       Up 8 minutes        0.0.0.0:9002->80/tcp, 0.0.0.0:9003->443/tcp   piwik
5cfa5b727c84        mysqlcontainer:latest      "/entrypoint.sh mysql"   10 minutes ago      Up 10 minutes       3306/tcp                                      mysqlcontainer

Now i browse to the container like this:

[root@localhost mysql]# lynx localhost:9002
Alert!: HTTP/1.1 403 Forbidden

 403 Forbidden
    _______
 nginx

My questions are:

1. What have I done wrong?
2. Which steps I need to do in order to configure the container properly?

I get this error:

directory index of "/usr/share/nginx/html/" is forbidden

in the container.

I started the container with minimal config and got the trusted host warning.
I looked into the piwik/config/config.ini.php and it looked like this.
Seems like the enable_trusted_host_check=0 option gets overwritten or something.

[database]
host = "mysql"
username = "root"
password = "example"
dbname = "piwik"
tables_prefix = "piwik_"
charset = "utf8"

[General]
salt = "the random salt"
trusted_hosts[] = "localhost"

[PluginsInstalled]
Long list of all the plugins

Currently the Setup asumes that piwik is behind a reverse Proxy

make it possible to only connect directly to it via ENV

Good evening Piwik team!

Quick docker related question:
How do you load your own /piwik/config/config.ini.php file?
Mapping this file in piwik container run (-v $PWD/config.ini.php:/piwik/config/config.ini.php) makes piwik config fail.

Seems like I can only map it after piwik finished its initialization, doing a simple copy, which add some step.
docker cp $PWD/config.ini.php piwik:/piwik/config/config.ini.php

Is there another cleaner solution or I missed something? I don't wish to create/manage my own container with this only addition.

Thanks a lot for your help.
And very good week! ;-)

Greg.