Plausibe Analytics hosted on the Google Cloud Platform
Report Bug
·
Request Feature
This was a largely academic exercise intended to learn a about cloud technology and infrastructure. If you utilize this self-hosting solution for Plausible Analytics, PLEASE make an effort to support them by either using their hosted solution or contributing to their project.
Self-hosted, privacy focused web analytics deployed to Kubernetes on the Google Cloud Platform. Built using Pulumi (TypeScript), an open source Infrastructure as Code framework.
- Plausible Analytics: lightweight and open source web analytics (no cookies) and fully compliant with GDPR, CCPA and PECR
- NOTE:
- SMTP server not configured
- MaxMind IP Geolocation not configured (TODO)
- NOTE:
- Traefik Proxy: leading modern reverse proxy and load balancer that makes deploying microservices easy
- SSL Termination
- Cloudflare integration
- Pulumi: build, deploy, and manage cloud applications and infrastructure using the power of familiar programming languages and tooling
- Google Kubernetes Engine: automated and scalable managed Kubernetes platform
- Single-click clusters which can scale up to 15,000 nodes (four-way autoscaling)
- High-availability control plane including multi-zonal and regional clusters
- Secure: container image vulnerability scanning and data encryption
- Autopilot Mode: hands-off, fully managed solution that manages the entire cluster’s infrastructure without worrying about configuring and monitoring
- Pulumi
$ pulumi version v3.34.1
- Google Cloud SDK and Command Line Interface
$ gcloud --version Google Cloud SDK 390.0.0 alpha 2022.06.10 beta 2022.06.10 bq 2.0.75 bundled-python3-unix 3.9.12 core 2022.06.10 gsutil 5.10
- Configured Google Cloud Platform (GCP) project w/Google Kubernetes Engine (GKE) API enabled
$ gcloud config list [compute] region = us-central1 [core] account = someone@someplace.com disable_usage_reporting = True project = project-name-here
$ gcloud services list | grep Kubernetes container.googleapis.com Kubernetes Engine API - Node and Node Package Management (yarn or npm)
$ node -v && npm -v && yarn -v v16.14.0 8.12.1 1.22.19
- Clone the repo
$ git clone https://github.com/snarkipus/gcp-plausible
- Install the node package manager
$ cd gcp-plausible && yarn install
NOTE: This works for me - someone who is 'not' me might need to figure out how pulumi handles things like secrets. Hopefully somebody will let me know if my cloudflare credentials are exposed ...
- Verify the pulumi configuration file
$ pulumi config --show-secrets Please choose a stack, or create a new one: alpha KEY VALUE gcp:project project-name-here cfi-api-email someone@someplace.com cfi-api-key U5Mb9IROTUJ0btByIsMlkIuTxZ7qdFh4T7Ov clickhouse-password anotherpassword clickhouse-user clickhouse gke-min-version 1.22 postgres-password somepassword postgres-user postgres
- Ensure that
project-name-herematches the gcloud configuration cfi-api-emailandcfi-api-keywill need to be updated to match your cloudflare credentials
- Ensure that
- Comment out all lines except
export * from './gcp/index';inindex.ts(we're only building the infrastructure) NOTE: I'm sure there's an intelligent way to do this in one step - feel free to do smart things. - Preview the configuration
$ pulumi preview
- If everything looks good, build the cluster (takes ~5 minutes)
$ pulumi up
NOTE: I did this in steps which may not (and most likely shouldn't be) necessary
- Get credentials to deploy the applications to the cluster
NOTE: I'm sure there's a way to programmatically do this - I just don't know it.
gcloud container clusters get-credentials primary-alpha --zone=us-central1
- Uncomment
export * from './app/plausible-db';inindex.ts - Deploy
plausible-db(postgres)$ pulumi update
- Once successful, uncomment
export * from './app/plausible-events-db'; - Deploy
plausible-events-db(clickhouse) viapulumi update. - Create your plausible-conf.env file (full details here - Example here):
ADMIN_USER_EMAIL=your_email_here ADMIN_USER_NAME=admin_username ADMIN_USER_PWD=admin_password BASE_URL=https://your_domain_here SECRET_KEY_BASE=paste_your_random_characters_here
- Create kubernetes secret from the plausible-conf.env file
$ kubectl create secret generic plausible-config --from-env-file=plausible-conf.env
- Uncomment
export * from './app/plausible';inindex.ts - Deploy the
plausibleapplication viapulumi update. NOTE: this defaults toClusterIPsince I used Traefik as a reverse proxy/load balancer. If that isn't required, then you can change the type toLoadBalancerinapp/plausible.ts. - (Optional: Traefik w/Cloudflare Integration) Update the
cfi-api-emailandcfi-api-keyto reflect your needs:$ pulumi config set --secret cfi-api-email someone@somewhere.com $ pulumi config set --secret cfi-api-key long-hex-string-goes-here
- (Optional: Traefik w/Cloudflare Integration) uncomment
export * from './app/traefik';inindex.ts - (Optional: Traefik w/Cloudflare Integration) deploy Traefik via
pulumi update
If everything went well, then you should have the applications deployed and your plausible analytics interface should be available at whatever subdomain you specified in your DNS settings (e.g. plausible.example.com). Just copy the javascript snippet into the head of your site and metrics should begin populating.
Contributions are what make the open source community such an amazing place to learn, inspire, and create. Any contributions you make are greatly appreciated.
If you have a suggestion that would make this better, please fork the repo and create a pull request. You can also simply open an issue with the tag "enhancement". Don't forget to give the project a star! Thanks again!
- Fork the Project
- Create your Feature Branch (
git checkout -b feature/AmazingFeature) - Commit your Changes (
git commit -m 'Add some AmazingFeature') - Push to the Branch (
git push origin feature/AmazingFeature) - Open a Pull Request
Distributed under the MIT License. See LICENSE for more information.
Matt Jackson - @snarkipus - matt@jacksonsix.com
Project Link: https://github.com/snarkipus/gcp-plausible