v2.1.0

save CH logs into a named volume

README.md

@@ -88,8 +88,6 @@ $ openssl rand -base64 32
 dsxvbn3jxDd16az2QpsX5B8O+llxjQ2SJE2i5Bzx38I=
 ```
 
-> ⚠️ [`SECRET_KEY_BASE`](#secret_key_base) needs to be Base64 encoded 32 (or more) bytes and [`TOTP_VAULT_KEY`](#totp_vault_key) needs to be Base64 encoded 32 bytes.
-
 And then we decide on the [`BASE_URL`](#base_url) where the instance would be accessible. Let's assume we choose `http://plausible.example.com`
 
 <sub><kbd>plausible-conf.env</kbd></sub>
@@ -104,6 +102,20 @@ And then we decide on the [`BASE_URL`](#base_url) where the instance would be ac
 
 We can start our instance now but the requests would be served over HTTP. Not cool! Let's configure [Caddy](https://caddyserver.com) to enable HTTPS.
 
+<details><summary>Don't need reverse proxy?</summary>
+
+If you're **opting out** of a reverse proxy and HTTPS, you'll need to adjust the Plausible service [configuration](https://github.com/plausible/community-edition/blob/v2.0.0/docker-compose.yml#L38) to ensure it's not limited to localhost (127.0.0.1). This change allows the service to be accessible from any network interface:
+
+<sub><kbd>[docker-compose.yml](https://github.com/plausible/community-edition/blob/v2.0.0/docker-compose.yml#L38)</kbd></sub>
+```diff
+plausible:
+  ports:
+-   - 127.0.0.1:8000:8000
++   - 8000:8000
+```
+
+</details>
+
 <!-- TODO note about CloudFlare -->
 
 > For other reverse-proxy setups please see [reverse-proxy](https://github.com/plausible/community-edition/tree/master/reverse-proxy) docs.
@@ -278,8 +290,6 @@ SECRET_KEY_BASE=GLVzDZW04FzuS1gMcmBRVhwgd4Gu9YmSl/k/TqfTUXti7FLBd7aflXeQDdwCj6Cz
 
 > ⚠️ Don't use this exact value or someone would be able to sign a cookie with `user_id=1` and log in as the admin!
 
-> ⚠️ [`SECRET_KEY_BASE`](#secret_key_base) needs to be either Bsde16 or Base64 encoded 32 (or more) bytes.
-
 #### `TOTP_VAULT_KEY`
 
 Configures the secret used for encrypting TOTP secrets at rest, doesn't have any defaults and needs to be provided in the ENV vars, can be generated with `openssl rand -base64 32`
@@ -295,8 +305,6 @@ dsxvbn3jxDd16az2QpsX5B8O+llxjQ2SJE2i5Bzx38I=
 TOTP_VAULT_KEY=dsxvbn3jxDd16az2QpsX5B8O+llxjQ2SJE2i5Bzx38I=
 ``````
 
-> [`TOTP_VAULT_KEY`](#totp_vault_key) needs to be Base64 encoded 32 bytes.
-
 ### Optional
 
 <details>

docker-compose.yml

@@ -5,7 +5,8 @@ services:
     restart: always
 
   plausible_db:
-    # supported versions are 13, 14, and 15
+    # Plausible v2.0.0 was tested against PostgreSQL versions 12, 13, and 14
+    # https://github.com/plausible/analytics/blob/v2.0.0/.github/workflows/elixir.yml#L16
     image: postgres:14-alpine
     restart: always
     volumes:
@@ -18,6 +19,7 @@ services:
     restart: always
     volumes:
       - event-data:/var/lib/clickhouse
+      - event-logs:/var/log/clickhouse-server
       - ./clickhouse/clickhouse-config.xml:/etc/clickhouse-server/config.d/logging.xml:ro
       - ./clickhouse/clickhouse-user-config.xml:/etc/clickhouse-server/users.d/logging.xml:ro
     ulimits:
@@ -43,3 +45,6 @@ volumes:
     driver: local
   event-data:
     driver: local
+  event-logs:
+    driver: local
+

reverse-proxy/README.md

@@ -38,10 +38,10 @@ $ docker-compose -f docker-compose.yml -f reverse-proxy/traefik/docker-compose.t
 Install the necessary Apache modules and restart Apache. Edit the file `reverse-proxy/apache2/plausible.conf` to contain the domain name you use for your server, then copy it into Apache's configuration folder. Enable it by creating a symlink in Apache's enabled sites folder with `a2ensite` command. Finally use Certbot to create a TLS certificate for your site:
 
 ```shell
-$ sudo a2enmod proxy proxy_http proxy_ajp remoteip headers
+$ sudo a2enmod proxy proxy_http proxy_ajp remoteip headers proxy_wstunnel
 $ sudo systemctl restart apache2
 $ sudo cp reverse-proxy/apache2/plausible.conf /etc/apache2/sites-available/
 $ sudo a2ensite plausible.conf
 $ sudo systemctl restart apache2
 $ sudo certbot --apache
-```
+```