1 files changed, 0 insertions, 204 deletions
diff --git a/content/posts/2021-01-25-goaccess.md b/content/posts/2021-01-25-goaccess.md
deleted file mode 100644
index 84ea3cd..0000000
--- a/content/posts/2021-01-25-goaccess.md
+++ /dev/null
@@ -1,204 +0,0 @@
---
-title: Using GoAccess with Nginx to replace Google Analytics
-url: using-goaccess-with-nginx-to-replace-google-analytics.html
-date: 2021-01-25T12:00:00+02:00
-type: post
-draft: false
---
-## Introduction
-I know! You cannot simply replace Google Analytics with parsing access logs and
-displaying a couple of charts. But to be honest, I actually never used Google
-Analytics to the fullest extent and was usually interested in seeing page hits
-and which pages were visited most often.
-I recently moved my blog from Firebase to a VPS and also decided to remove
-Google Analytics tracking code from the site since its quite malicious and
-tracks users across other pages also and is creating a profile of a user, and
-I've had it. But I also need some insight of what is happening on a server and
-which content is being read the most etc.
-I have looked at many existing solutions like:
- [Umami](https://umami.is/)
- [Freshlytics](https://github.com/sheshbabu/freshlytics)
- [Matomo](https://matomo.org/)
-But the more I looked at them the more I noticed that I am replacing one evil
-with another one. Don't get me wrong. Some of these solutions are absolutely
-fantastic but would require installation of databases and something like PHP or
-Node. And I was not ready to put those things on my fresh server. Also having
-Docker installed is out of the question.
-## Opting for log parsing
-So, I defaulted to parsing already existing logs and generating HTML reports
-from this data.
-I found this amazing software [GoAccess](https://goaccess.io/) which provides
-all the functionalities I need, and it's a single binary. Written in Go.
-GoAccess can be used in two different modes.
-![GoAccess Terminal](/posts/goaccess/goaccess-dash-term.png)
-*Running in a terminal*
-![GoAccess HTML](/posts/goaccess/goaccess-dash-html.png)
-*Running in a browser*
-I, however, need this to run in a browser. So, the second option is the way to
-go. The Idea is to periodically run cronjob and export this report into a folder
-that gets then server by Nginx behind a Basic authentication.
-## Getting Nginx ready
-I choose Ubuntu on [DigitalOcean](https://www.digitalocean.com/). First I
-installed [Nginx](https://nginx.org/en/), and
-[Letsencrypt](https://letsencrypt.org/getting-started/) certbot and all the
-necessary dependencies.
-```sh
-# log in as root user
-sudo su -
-# first let's update the system
-apt update && apt upgrade -y
-# let's install
-apt install nginx certbot python3-certbot-nginx apache2-utils
-```
-After all this is installed we can create a new configuration for a statistics.
-Stats will be available at `stats.domain.com`.
-```sh
-# creates directory where html will be hosted
-mkdir -p /var/www/html/stats.domain.com
-cp /etc/nginx/sites-available/default /etc/nginx/sites-available/stats.domain.com
-nano /etc/nginx/sites-available/stats.domain.com
-```
-```nginx
-server {
-  root /var/www/html/stats.domain.com;
-  server_name stats.domain.com;
-  index index.html;
-  location / {
-    try_files $uri $uri/ =404;
-  }
-}
-```
-Now we check if the configuration is ok. We can do this with `nginx -t`. If all
-is ok, we can restart Nginx with `service nginx restart`.
-After all that you should add A record for this domain that points to IP of a
-droplet.
-Before enabling SSL you should test if DNS records have propagated with `curl
-stats.domain.com`.
-Now, it's time to provision TLS certificate. To achieve this, you execute
-command `certbot --nginx`. Follow the wizard and when you are asked about
-redirection always choose 2 (always redirect to HTTPS).
-When this is done you can visit https://stats.domain.com and you should get 404
-not found error which is correct.
-## Getting GoAccess ready
-If you are using Debian like system GoAccess should be available in repository.
-Otherwise refer to the official website.
-```sh
-apt install goaccess
-```
-To enable Geo location we also need one additiona thing.
-```sh
-cd /var/www/html/stats.stats.com
-wget https://github.com/P3TERX/GeoLite.mmdb/raw/download/GeoLite2-City.mmdb
-```
-Now we create a shell script that will be executed every 10 minutes.
-```sh
-nano /var/www/html/stats.domain.com/generate-stats.sh
-```
-Contents of this file should look like this.
-```sh
-#!/bin/sh
-zcat -f /var/log/nginx/access.log* > /var/log/nginx/access-all.log
-goaccess \
-  --log-file=/var/log/nginx/access-all.log \
-  --log-format=COMBINED \
-  --exclude-ip=0.0.0.0 \
-  --geoip-database=/var/www/html/stats.domain.com/GeoLite2-City.mmdb \
-  --ignore-crawlers \
-  --real-os \
-  --output=/var/www/html/stats.domain.com/index.html
-rm /var/log/nginx/access-all.log
-```
-Because after a while nginx creates multiple files with access logs we use
-[`zcat`](https://linux.die.net/man/1/zcat) to extract Gziped contents and create
-a file that has all the access logs. After this file is used we delete it.
-If you want to exclude your home IP's result look at the `--exclude-ip` option
-in script and instead of `0.0.0.0` add your own home IP address. You can find
-your home IP by executing `curl ifconfig.me` from your local machine and NOT
-from the droplet.
-Test the script by executing `sh
-/var/www/html/stats.domain.com/generate-stats.sh` and then checking
-`https://stats.domain.com`. If you can see stats instead of 404 than you are
-set.
-It's time to add this script to cron with `cron -e`.
-```go
-*/10 * * * * sh /var/www/html/stats.domain.com/generate-stats.sh
-```
-## Securing with Basic authentication
-You probably don't want stats to be publicly available, so we should create a
-user and a password for Basic authentication.
-First we create a password for a user `stats` with `htpasswd -c /etc/nginx/.htpasswd stats`.
-Now we update config file with `nano
-/etc/nginx/sites-available/stats.domain.com`.  You probably noticed that the
-file looks a bit different from before. This is because `certbot` added
-additional rules for SSL.
-Your location portion the config file should now look like. You should add
-`auth_basic` and `auth_basic_user_file` lines to the file.
-```nginx
-location / {
-  try_files $uri $uri/ =404;
-  auth_basic "Private Property";
-  auth_basic_user_file /etc/nginx/.htpasswd;
-}
-```
-Test if config is still ok with `nginx -t` and if it is you can restart Nginx
-with `service nginx restart`.
-If you now visit `https://stats.domain.com` you should be prompted for username
-and password. If not, try reopening your browser.
-That is all. You now have analytics for your server that gets refreshed every 10
-minutes.

diff --git a/content/posts/2021-01-25-goaccess.md b/content/posts/2021-01-25-goaccess.md deleted file mode 100644 index 84ea3cd..0000000 --- a/content/posts/2021-01-25-goaccess.md +++ /dev/null
@@ -1,204 +0,0 @@
1	---
2	title: Using GoAccess with Nginx to replace Google Analytics
3	url: using-goaccess-with-nginx-to-replace-google-analytics.html
4	date: 2021-01-25T12:00:00+02:00
5	type: post
6	draft: false
7	---
8
9	## Introduction
10
11	I know! You cannot simply replace Google Analytics with parsing access logs and
12	displaying a couple of charts. But to be honest, I actually never used Google
13	Analytics to the fullest extent and was usually interested in seeing page hits
14	and which pages were visited most often.
15
16	I recently moved my blog from Firebase to a VPS and also decided to remove
17	Google Analytics tracking code from the site since its quite malicious and
18	tracks users across other pages also and is creating a profile of a user, and
19	I've had it. But I also need some insight of what is happening on a server and
20	which content is being read the most etc.
21
22	I have looked at many existing solutions like:
23
24	- [Umami](https://umami.is/)
25	- [Freshlytics](https://github.com/sheshbabu/freshlytics)
26	- [Matomo](https://matomo.org/)
27
28	But the more I looked at them the more I noticed that I am replacing one evil
29	with another one. Don't get me wrong. Some of these solutions are absolutely
30	fantastic but would require installation of databases and something like PHP or
31	Node. And I was not ready to put those things on my fresh server. Also having
32	Docker installed is out of the question.
33
34	## Opting for log parsing
35
36	So, I defaulted to parsing already existing logs and generating HTML reports
37	from this data.
38
39	I found this amazing software [GoAccess](https://goaccess.io/) which provides
40	all the functionalities I need, and it's a single binary. Written in Go.
41
42	GoAccess can be used in two different modes.
43
44	![GoAccess Terminal](/posts/goaccess/goaccess-dash-term.png)
45
46	Running in a terminal
47
48	![GoAccess HTML](/posts/goaccess/goaccess-dash-html.png)
49
50	Running in a browser
51
52	I, however, need this to run in a browser. So, the second option is the way to
53	go. The Idea is to periodically run cronjob and export this report into a folder
54	that gets then server by Nginx behind a Basic authentication.
55
56	## Getting Nginx ready
57
58	I choose Ubuntu on [DigitalOcean](https://www.digitalocean.com/). First I
59	installed [Nginx](https://nginx.org/en/), and
60	[Letsencrypt](https://letsencrypt.org/getting-started/) certbot and all the
61	necessary dependencies.
62
63	```sh
64	# log in as root user
65	sudo su -
66
67	# first let's update the system
68	apt update && apt upgrade -y
69
70	# let's install
71	apt install nginx certbot python3-certbot-nginx apache2-utils
72	```
73
74	After all this is installed we can create a new configuration for a statistics.
75	Stats will be available at `stats.domain.com`.
76
77	```sh
78	# creates directory where html will be hosted
79	mkdir -p /var/www/html/stats.domain.com
80
81	cp /etc/nginx/sites-available/default /etc/nginx/sites-available/stats.domain.com
82	nano /etc/nginx/sites-available/stats.domain.com
83	```
84
85	```nginx
86	server {
87	root /var/www/html/stats.domain.com;
88	server_name stats.domain.com;
89
90	index index.html;
91	location / {
92	try_files $uri $uri/ =404;
93	}
94	}
95	```
96
97	Now we check if the configuration is ok. We can do this with `nginx -t`. If all
98	is ok, we can restart Nginx with `service nginx restart`.
99
100	After all that you should add A record for this domain that points to IP of a
101	droplet.
102
103	Before enabling SSL you should test if DNS records have propagated with `curl
104	stats.domain.com`.
105
106	Now, it's time to provision TLS certificate. To achieve this, you execute
107	command `certbot --nginx`. Follow the wizard and when you are asked about
108	redirection always choose 2 (always redirect to HTTPS).
109
110	When this is done you can visit https://stats.domain.com and you should get 404
111	not found error which is correct.
112
113	## Getting GoAccess ready
114
115	If you are using Debian like system GoAccess should be available in repository.
116	Otherwise refer to the official website.
117
118	```sh
119	apt install goaccess
120	```
121
122	To enable Geo location we also need one additiona thing.
123
124	```sh
125	cd /var/www/html/stats.stats.com
126	wget https://github.com/P3TERX/GeoLite.mmdb/raw/download/GeoLite2-City.mmdb
127	```
128
129	Now we create a shell script that will be executed every 10 minutes.
130
131	```sh
132	nano /var/www/html/stats.domain.com/generate-stats.sh
133	```
134
135	Contents of this file should look like this.
136
137	```sh
138	#!/bin/sh
139
140	zcat -f /var/log/nginx/access.log* > /var/log/nginx/access-all.log
141
142	goaccess \
143	--log-file=/var/log/nginx/access-all.log \
144	--log-format=COMBINED \
145	--exclude-ip=0.0.0.0 \
146	--geoip-database=/var/www/html/stats.domain.com/GeoLite2-City.mmdb \
147	--ignore-crawlers \
148	--real-os \
149	--output=/var/www/html/stats.domain.com/index.html
150
151	rm /var/log/nginx/access-all.log
152	```
153
154	Because after a while nginx creates multiple files with access logs we use
155	[`zcat`](https://linux.die.net/man/1/zcat) to extract Gziped contents and create
156	a file that has all the access logs. After this file is used we delete it.
157
158	If you want to exclude your home IP's result look at the `--exclude-ip` option
159	in script and instead of `0.0.0.0` add your own home IP address. You can find
160	your home IP by executing `curl ifconfig.me` from your local machine and NOT
161	from the droplet.
162
163	Test the script by executing `sh
164	/var/www/html/stats.domain.com/generate-stats.sh` and then checking
165	`https://stats.domain.com`. If you can see stats instead of 404 than you are
166	set.
167
168	It's time to add this script to cron with `cron -e`.
169
170	```go
171	/10 * * * sh /var/www/html/stats.domain.com/generate-stats.sh
172	```
173
174	## Securing with Basic authentication
175
176	You probably don't want stats to be publicly available, so we should create a
177	user and a password for Basic authentication.
178
179	First we create a password for a user `stats` with `htpasswd -c /etc/nginx/.htpasswd stats`.
180
181	Now we update config file with `nano
182	/etc/nginx/sites-available/stats.domain.com`. You probably noticed that the
183	file looks a bit different from before. This is because `certbot` added
184	additional rules for SSL.
185
186	Your location portion the config file should now look like. You should add
187	`auth_basic` and `auth_basic_user_file` lines to the file.
188
189	```nginx
190	location / {
191	try_files $uri $uri/ =404;
192	auth_basic "Private Property";
193	auth_basic_user_file /etc/nginx/.htpasswd;
194	}
195	```
196
197	Test if config is still ok with `nginx -t` and if it is you can restart Nginx
198	with `service nginx restart`.
199
200	If you now visit `https://stats.domain.com` you should be prompted for username
201	and password. If not, try reopening your browser.
202
203	That is all. You now have analytics for your server that gets refreshed every 10
204	minutes.