1 files changed, 55 insertions, 54 deletions
diff --git a/content/posts/2021-01-25-goaccess.md b/content/posts/2021-01-25-goaccess.md
index efbd175..1b6a330 100644
--- a/content/posts/2021-01-25-goaccess.md
+++ b/content/posts/2021-01-25-goaccess.md
@@ -7,16 +7,16 @@ draft: false
 ## Introduction
-I know! You cannot simply replace Google Analytics with parsing access logs and 
+I know! You cannot simply replace Google Analytics with parsing access logs and
-displaying a couple of charts. But to be honest, I actually never used Google 
+displaying a couple of charts. But to be honest, I actually never used Google
-Analytics to the fullest extent and was usually interested in seeing page 
+Analytics to the fullest extent and was usually interested in seeing page hits
-hits and which pages were visited most often.
+and which pages were visited most often.
-I recently moved my blog from Firebase to a VPS and also decided to remove 
+I recently moved my blog from Firebase to a VPS and also decided to remove
-Google Analytics tracking code from the site since its quite malicious and 
+Google Analytics tracking code from the site since its quite malicious and
-tracks users across other pages also and is creating a profile of a user, and 
+tracks users across other pages also and is creating a profile of a user, and
-I've had it. But I also need some insight of what is happening on a server 
+I've had it. But I also need some insight of what is happening on a server and
-and which content is being read the most etc.
+which content is being read the most etc.
 I have looked at many existing solutions like:
@@ -24,18 +24,18 @@ I have looked at many existing solutions like:
 - [Freshlytics](https://github.com/sheshbabu/freshlytics)
 - [Matomo](https://matomo.org/)
-But the more I looked at them the more I noticed that I am replacing one evil 
+But the more I looked at them the more I noticed that I am replacing one evil
-with another one. Don't get me wrong. Some of these solutions are absolutely 
+with another one. Don't get me wrong. Some of these solutions are absolutely
-fantastic but would require installation of databases and something like PHP 
+fantastic but would require installation of databases and something like PHP or
-or Node. And I was not ready to put those things on my fresh server. Also 
+Node. And I was not ready to put those things on my fresh server. Also having
-having Docker installed is out of the question.
+Docker installed is out of the question.
 ## Opting for log parsing
-So, I defaulted to parsing already existing logs and generating HTML reports 
+So, I defaulted to parsing already existing logs and generating HTML reports
 from this data.
-I found this amazing software [GoAccess](https://goaccess.io/) which provides 
+I found this amazing software [GoAccess](https://goaccess.io/) which provides
 all the functionalities I need, and it's a single binary. Written in Go.
 GoAccess can be used in two different modes.
@@ -46,15 +46,16 @@ GoAccess can be used in two different modes.
 ![GoAccess HTML](/assets/goaccess/goaccess-dash-html.png)
 <center><i>Running in a browser</i></center>
-I, however, need this to run in a browser. So, the second option is the way 
+I, however, need this to run in a browser. So, the second option is the way to
-to go. The Idea is to periodically run cronjob and export this report into a 
+go. The Idea is to periodically run cronjob and export this report into a folder
-folder that gets then server by Nginx behind a Basic authentication.
+that gets then server by Nginx behind a Basic authentication.
 ## Getting Nginx ready
-I choose Ubuntu on [DigitalOcean](https://www.digitalocean.com/). First I 
+I choose Ubuntu on [DigitalOcean](https://www.digitalocean.com/). First I
-installed [Nginx](https://nginx.org/en/), and [Letsencrypt](https://letsencrypt.org/getting-started/) 
+installed [Nginx](https://nginx.org/en/), and
-certbot and all the necessary dependencies.
+[Letsencrypt](https://letsencrypt.org/getting-started/) certbot and all the
+necessary dependencies.
 ```sh
 # log in as root user
@@ -90,26 +91,25 @@ server {
 }
 ```
-Now we check if the configuration is ok. We can do this with `nginx -t`. If 
+Now we check if the configuration is ok. We can do this with `nginx -t`. If all
-all is ok, we can restart Nginx with `service nginx restart`.
+is ok, we can restart Nginx with `service nginx restart`.
-After all that you should add A record for this domain that points to IP of 
+After all that you should add A record for this domain that points to IP of a
-a droplet.
+droplet.
-Before enabling SSL you should test if DNS records have propagated with 
+Before enabling SSL you should test if DNS records have propagated with `curl
-`curl stats.domain.com`.
+stats.domain.com`.
-Now, it's time to provision TLS certificate. To achieve this, you execute command 
+Now, it's time to provision TLS certificate. To achieve this, you execute
-`certbot --nginx`. Follow the wizard and when you are asked about redirection 
+command `certbot --nginx`. Follow the wizard and when you are asked about
-always choose 2 (always redirect to HTTPS).
+redirection always choose 2 (always redirect to HTTPS).
-When this is done you can visit https://stats.domain.com and you should get 404 
+When this is done you can visit https://stats.domain.com and you should get 404
 not found error which is correct.
 ## Getting GoAccess ready
-If you are using Debian like system GoAccess should be available in repository. 
+If you are using Debian like system GoAccess should be available in repository.
 Otherwise refer to the official website.
 ```sh
@@ -148,19 +148,19 @@ goaccess \
 rm /var/log/nginx/access-all.log
 ```
-Because after a while nginx creates multiple files with access logs we use 
+Because after a while nginx creates multiple files with access logs we use
-[`zcat`](https://linux.die.net/man/1/zcat) to extract Gziped contents and 
+[`zcat`](https://linux.die.net/man/1/zcat) to extract Gziped contents and create
-create a file that has all the access logs. After this file is used we 
+a file that has all the access logs. After this file is used we delete it.
-delete it.
-If you want to exclude your home IP's result look at the `--exclude-ip` option 
+If you want to exclude your home IP's result look at the `--exclude-ip` option
-in script and instead of `0.0.0.0` add your own home IP address. You can find 
+in script and instead of `0.0.0.0` add your own home IP address. You can find
-your home IP by executing `curl ifconfig.me` from your local machine and NOT 
+your home IP by executing `curl ifconfig.me` from your local machine and NOT
 from the droplet.
-Test the script by executing `sh /var/www/html/stats.domain.com/generate-stats.sh` 
+Test the script by executing `sh
-and then checking `https://stats.domain.com`. If you can see stats instead of 
+/var/www/html/stats.domain.com/generate-stats.sh` and then checking
-404 than you are set.
+`https://stats.domain.com`. If you can see stats instead of 404 than you are
+set.
 It's time to add this script to cron with `cron -e`.
@@ -170,16 +170,17 @@ It's time to add this script to cron with `cron -e`.
 ## Securing with Basic authentication
-You probably don't want stats to be publicly available, so we should create a 
+You probably don't want stats to be publicly available, so we should create a
 user and a password for Basic authentication.
 First we create a password for a user `stats` with `htpasswd -c /etc/nginx/.htpasswd stats`.
-Now we update config file with `nano /etc/nginx/sites-available/stats.domain.com`. 
+Now we update config file with `nano
-You probably noticed that the file looks a bit different from before. This is 
+/etc/nginx/sites-available/stats.domain.com`.  You probably noticed that the
-because `certbot` added additional rules for SSL.
+file looks a bit different from before. This is because `certbot` added
+additional rules for SSL.
-Your location portion the config file should now look like. You should add 
+Your location portion the config file should now look like. You should add
 `auth_basic` and `auth_basic_user_file` lines to the file.
 ```nginx
@@ -190,12 +191,12 @@ location / {
 }
 ```
-Test if config is still ok with `nginx -t` and if it is you can restart 
+Test if config is still ok with `nginx -t` and if it is you can restart Nginx
-Nginx with `service nginx restart`.
+with `service nginx restart`.
-If you now visit `https://stats.domain.com` you should be prompted for username 
+If you now visit `https://stats.domain.com` you should be prompted for username
 and password. If not, try reopening your browser.
-That is all. You now have analytics for your server that gets refreshed every 
+That is all. You now have analytics for your server that gets refreshed every 10
-10 minutes.
+minutes.

diff --git a/content/posts/2021-01-25-goaccess.md b/content/posts/2021-01-25-goaccess.md index efbd175..1b6a330 100644 --- a/content/posts/2021-01-25-goaccess.md +++ b/content/posts/2021-01-25-goaccess.md
@@ -7,16 +7,16 @@ draft: false
7		7
8	## Introduction	8	## Introduction
9		9
10	I know! You cannot simply replace Google Analytics with parsing access logs and	10	I know! You cannot simply replace Google Analytics with parsing access logs and
11	displaying a couple of charts. But to be honest, I actually never used Google	11	displaying a couple of charts. But to be honest, I actually never used Google
12	Analytics to the fullest extent and was usually interested in seeing page	12	Analytics to the fullest extent and was usually interested in seeing page hits
13	hits and which pages were visited most often.	13	and which pages were visited most often.
14		14
15	I recently moved my blog from Firebase to a VPS and also decided to remove	15	I recently moved my blog from Firebase to a VPS and also decided to remove
16	Google Analytics tracking code from the site since its quite malicious and	16	Google Analytics tracking code from the site since its quite malicious and
17	tracks users across other pages also and is creating a profile of a user, and	17	tracks users across other pages also and is creating a profile of a user, and
18	I've had it. But I also need some insight of what is happening on a server	18	I've had it. But I also need some insight of what is happening on a server and
19	and which content is being read the most etc.	19	which content is being read the most etc.
20		20
21	I have looked at many existing solutions like:	21	I have looked at many existing solutions like:
22		22
@@ -24,18 +24,18 @@ I have looked at many existing solutions like:
24	- [Freshlytics](https://github.com/sheshbabu/freshlytics)	24	- [Freshlytics](https://github.com/sheshbabu/freshlytics)
25	- [Matomo](https://matomo.org/)	25	- [Matomo](https://matomo.org/)
26		26
27	But the more I looked at them the more I noticed that I am replacing one evil	27	But the more I looked at them the more I noticed that I am replacing one evil
28	with another one. Don't get me wrong. Some of these solutions are absolutely	28	with another one. Don't get me wrong. Some of these solutions are absolutely
29	fantastic but would require installation of databases and something like PHP	29	fantastic but would require installation of databases and something like PHP or
30	or Node. And I was not ready to put those things on my fresh server. Also	30	Node. And I was not ready to put those things on my fresh server. Also having
31	having Docker installed is out of the question.	31	Docker installed is out of the question.
32		32
33	## Opting for log parsing	33	## Opting for log parsing
34		34
35	So, I defaulted to parsing already existing logs and generating HTML reports	35	So, I defaulted to parsing already existing logs and generating HTML reports
36	from this data.	36	from this data.
37		37
38	I found this amazing software [GoAccess](https://goaccess.io/) which provides	38	I found this amazing software [GoAccess](https://goaccess.io/) which provides
39	all the functionalities I need, and it's a single binary. Written in Go.	39	all the functionalities I need, and it's a single binary. Written in Go.
40		40
41	GoAccess can be used in two different modes.	41	GoAccess can be used in two different modes.
@@ -46,15 +46,16 @@ GoAccess can be used in two different modes.
46	![GoAccess HTML](/assets/goaccess/goaccess-dash-html.png)	46	![GoAccess HTML](/assets/goaccess/goaccess-dash-html.png)
47	<center><i>Running in a browser</i></center>	47	<center><i>Running in a browser</i></center>
48		48
49	I, however, need this to run in a browser. So, the second option is the way	49	I, however, need this to run in a browser. So, the second option is the way to
50	to go. The Idea is to periodically run cronjob and export this report into a	50	go. The Idea is to periodically run cronjob and export this report into a folder
51	folder that gets then server by Nginx behind a Basic authentication.	51	that gets then server by Nginx behind a Basic authentication.
52		52
53	## Getting Nginx ready	53	## Getting Nginx ready
54		54
55	I choose Ubuntu on [DigitalOcean](https://www.digitalocean.com/). First I	55	I choose Ubuntu on [DigitalOcean](https://www.digitalocean.com/). First I
56	installed [Nginx](https://nginx.org/en/), and [Letsencrypt](https://letsencrypt.org/getting-started/)	56	installed [Nginx](https://nginx.org/en/), and
57	certbot and all the necessary dependencies.	57	[Letsencrypt](https://letsencrypt.org/getting-started/) certbot and all the
		58	necessary dependencies.
58		59
59	```sh	60	```sh
60	# log in as root user	61	# log in as root user
@@ -90,26 +91,25 @@ server {
90	}	91	}
91	```	92	```
92		93
93	Now we check if the configuration is ok. We can do this with `nginx -t`. If	94	Now we check if the configuration is ok. We can do this with `nginx -t`. If all
94	all is ok, we can restart Nginx with `service nginx restart`.	95	is ok, we can restart Nginx with `service nginx restart`.
95		96
96	After all that you should add A record for this domain that points to IP of	97	After all that you should add A record for this domain that points to IP of a
97	a droplet.	98	droplet.
98		99
99	Before enabling SSL you should test if DNS records have propagated with	100	Before enabling SSL you should test if DNS records have propagated with `curl
100	`curl stats.domain.com`.	101	stats.domain.com`.
101		102
102	Now, it's time to provision TLS certificate. To achieve this, you execute command	103	Now, it's time to provision TLS certificate. To achieve this, you execute
103	`certbot --nginx`. Follow the wizard and when you are asked about redirection	104	command `certbot --nginx`. Follow the wizard and when you are asked about
104	always choose 2 (always redirect to HTTPS).	105	redirection always choose 2 (always redirect to HTTPS).
105		106
106	When this is done you can visit https://stats.domain.com and you should get 404	107	When this is done you can visit https://stats.domain.com and you should get 404
107	not found error which is correct.	108	not found error which is correct.
108		109
109
110	## Getting GoAccess ready	110	## Getting GoAccess ready
111		111
112	If you are using Debian like system GoAccess should be available in repository.	112	If you are using Debian like system GoAccess should be available in repository.
113	Otherwise refer to the official website.	113	Otherwise refer to the official website.
114		114
115	```sh	115	```sh
@@ -148,19 +148,19 @@ goaccess \
148	rm /var/log/nginx/access-all.log	148	rm /var/log/nginx/access-all.log
149	```	149	```
150		150
151	Because after a while nginx creates multiple files with access logs we use	151	Because after a while nginx creates multiple files with access logs we use
152	[`zcat`](https://linux.die.net/man/1/zcat) to extract Gziped contents and	152	[`zcat`](https://linux.die.net/man/1/zcat) to extract Gziped contents and create
153	create a file that has all the access logs. After this file is used we	153	a file that has all the access logs. After this file is used we delete it.
154	delete it.
155		154
156	If you want to exclude your home IP's result look at the `--exclude-ip` option	155	If you want to exclude your home IP's result look at the `--exclude-ip` option
157	in script and instead of `0.0.0.0` add your own home IP address. You can find	156	in script and instead of `0.0.0.0` add your own home IP address. You can find
158	your home IP by executing `curl ifconfig.me` from your local machine and NOT	157	your home IP by executing `curl ifconfig.me` from your local machine and NOT
159	from the droplet.	158	from the droplet.
160		159
161	Test the script by executing `sh /var/www/html/stats.domain.com/generate-stats.sh`	160	Test the script by executing `sh
162	and then checking `https://stats.domain.com`. If you can see stats instead of	161	/var/www/html/stats.domain.com/generate-stats.sh` and then checking
163	404 than you are set.	162	`https://stats.domain.com`. If you can see stats instead of 404 than you are
		163	set.
164		164
165	It's time to add this script to cron with `cron -e`.	165	It's time to add this script to cron with `cron -e`.
166		166
@@ -170,16 +170,17 @@ It's time to add this script to cron with `cron -e`.
170		170
171	## Securing with Basic authentication	171	## Securing with Basic authentication
172		172
173	You probably don't want stats to be publicly available, so we should create a	173	You probably don't want stats to be publicly available, so we should create a
174	user and a password for Basic authentication.	174	user and a password for Basic authentication.
175		175
176	First we create a password for a user `stats` with `htpasswd -c /etc/nginx/.htpasswd stats`.	176	First we create a password for a user `stats` with `htpasswd -c /etc/nginx/.htpasswd stats`.
177		177
178	Now we update config file with `nano /etc/nginx/sites-available/stats.domain.com`.	178	Now we update config file with `nano
179	You probably noticed that the file looks a bit different from before. This is	179	/etc/nginx/sites-available/stats.domain.com`. You probably noticed that the
180	because `certbot` added additional rules for SSL.	180	file looks a bit different from before. This is because `certbot` added
		181	additional rules for SSL.
181		182
182	Your location portion the config file should now look like. You should add	183	Your location portion the config file should now look like. You should add
183	`auth_basic` and `auth_basic_user_file` lines to the file.	184	`auth_basic` and `auth_basic_user_file` lines to the file.
184		185
185	```nginx	186	```nginx
@@ -190,12 +191,12 @@ location / {
190	}	191	}
191	```	192	```
192		193
193	Test if config is still ok with `nginx -t` and if it is you can restart	194	Test if config is still ok with `nginx -t` and if it is you can restart Nginx
194	Nginx with `service nginx restart`.	195	with `service nginx restart`.
195		196
196	If you now visit `https://stats.domain.com` you should be prompted for username	197	If you now visit `https://stats.domain.com` you should be prompted for username
197	and password. If not, try reopening your browser.	198	and password. If not, try reopening your browser.
198		199
199	That is all. You now have analytics for your server that gets refreshed every	200	That is all. You now have analytics for your server that gets refreshed every 10
200	10 minutes.	201	minutes.
201		202