Plausible analytics with Material for MkDocs
I have been publishing my wiki for a year yet I have never actually bother to setup any analytics to see if people actually use it. My dentropys-obsidian-publisher now supports analytics using Plausible which can be self hosted preserving at least some privacy.
Plausible Setup
Plausible was about as easy as it can be to setup for me personally following the docs end to end was good enough, though there was one vaciate.
The steps summarized are,
- Clone
- Update plausible lausible-conf.env
- SECRET_KEY_BASE using the command in the docs
- BASE_URL for where plausible is hosted, remember the HTTPS
docker-compose up -d
The caviate is that when you initally boot plausible you need to go to the web UI and create your first account with a password, so make sure it is not exposed to the interwebs.
Material for MkDocs Setup
So turns out there is a native package that configured plausible for MkDocs called material-plausible-plugin.
Getting material-plausible-plugin up and running was as simple as a pip install and adding some config to the mkdocs-bak.yml document in my dentropys-obsidian-publisher repo, check out the comments along the bottom. To use Plausible analytics just make sure to uncomment those lines around analytics
Setting up ddaemon.org
My wiki is not located at ddaemon.org, running on my VPS, and wiki.ddaemon.org running on github pages. I use nginx-proxy-manager for managing all my reverse procies and Letsencrypt certs.
I did find it easier to setup a separate nginx container to host my wiki rather than setting some custom config in nginx-proxy-manager. Turns out a docker-compose script for a static nginx site is pretty simple.
Static Site
services:
nginx:
image: nginx:latest
hostname: wiki
ports:
- "8082:80"
volumes:
- ./html:/usr/share/nginx/html:ro
Example nginx.conf
server {
listen 80;
server_name localhost;
root /var/www/html;
index index.html;
# serve static files as per the below configuration. The static file will be cached for 5 days
location / {
try_files $uri $uri/ =404;
}
}
apps/static/default.conf · master · Paul Mullins / DentropyCloud-traefik · GitLab
Proxy Nginx Config
server {
listen 80;
location / {
proxy_pass http://backend_service_name;
}
}
docker run -d
--name=nginx-proxy
--network=quivr_default
-p 80:80 \
-v \ $(pwd)/nginx.conf:/etc/nginx/conf.d/default.conf \ nginx
networks:
quivr_default:
external:
name: quivr_default
services:
nginx:
image: nginx:latest
hostname: wiki
ports:
- "8082:80"
networks:
- quivr_default
volumes:
- ./nginx.conf:/etc/nginx/conf.d/default.conf:ro
Port Forwarding using Nginx with SSL
Check nginx config
sudo nginx -t
Restart nginx
sudo systemctl reload nginx
Port Forwarding using Nginx with Self Signed SSL Cert
-
Setup a ubuntu VM and install nginx
sudo apt update sudo apt install -y nginx -
Create some self signed certs
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/nginx-selfsigned.key -out /etc/ssl/certs/nginx-selfsigned.crt -
Create file to manage proxy site at
/etc/nginx/sites-available/{site hostname}}the following format
server {
listen 80;
server_name {site hostname}};
return 302 https://{site hostname}};
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name {site hostname}};
ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt;
ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key;
ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
location / {
proxy_pass {http or https}}://{proxied hostname or IP address}};
}
}
- Link site to site-available folder
ln -s /etc/nginx/sites-available/{site hostname}} /etc/nginx/sites-enabled/{site hostname}}
Port Forwarding using Nginx with Letsencrypt SSL Cert
-
Install Letsencrypt
sudo apt update sudo apt install -y letsencrypt -
Run command to generate certs
sudo mkdir -p /var/lib/letsencrypt/ sudo certbot certonly --email {your@emailaddress}} -d {yourdomain}} --standalone -
Modify as necessary
server { listen 80; server_name {site hostname}}; return 302 https://{site hostname}}; } server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name {site hostname}}; #ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt; #ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key; ssl_trusted_certificate /etc/letsencrypt/live/{site hostname}}/chain.pem; ssl_certificate /etc/letsencrypt/live/{site hostname}}/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/{site hostname}}/privkey.pem; ssl_protocols TLSv1.2 TLSv1.1 TLSv1; location / { proxy_pass {http or https}}://{proxied hostname or IP address}}; } } -
Run the following commands
sudo apt install certbot sudo mkdir -p /var/lib/letsencrypt/ sudo certbot certonly --email <your@emailaddress> -d <yourdomain> --standalone* Alternative virtual host setup
One can copy just the server section of config code and put it in between the http brackets of /etc/nginx.conf as long as the line container proxy\~cache~ is removed
Add a HTTP Password
Docker compose
version: '3'
services:
nginx:
image: nginx:latest
container_name: production_nginx
volumes:
- ./nginx.conf:/etc/nginx/nginx.conf
ports:
- 7080:80
- 7443:443
user www www; ## Default: nobody worker\~processes~ 5; ## Default: 1 error\~log~ logs/error.log; pid logs/nginx.pid; worker\~rlimit~\~nofile~ 8192;
events { worker\~connections~ 4096; ## Default: 1024 }
http { include conf/mime.types; include /etc/nginx/proxy.conf; include /etc/nginx/fastcgi.conf; index index.html index.htm index.php;
default\~type~ application/octet-stream; log\~format~ main '$remote\~addr~ - $remote~user~ [$time\~local~] $status ' '"$request" $body~bytessent~ "$http\~referer~"' '"$http~useragent~" "$http\~x~\~forwarded~\~for~"'; access\~log~ logs/access.log main; sendfile on; tcp\~nopush~ on; server\~names~\~hash~\~bucket~\~size~ 128; # this seems to be required for some vhosts
server { # simple reverse-proxy listen 80; server\~name~ domain2.com www.domain2.com; access\~log~ logs/domain2.access.log main;
# pass requests for dynamic content to rails/turbogears/zope, et al
location / {
proxy_pass https://127.0.0.1:7001;
}
} }