Conversation
dosubot
bot
added
the
size:M
built with Refined Cloudflare Pages Action⚡ Cloudflare Pages Deployment
|
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
meta.json
Outdated
| "id": "matomo", | ||
| "name": "Matomo", | ||
| "version": "latest", | ||
| "description": "Leading open-source web analytics platform with global data ownership.", |
There was a problem hiding this comment.
meta.json specifies "version": "latest", but docker-compose.yml pins the image to matomo:5.1-apache. Per AGENTS.md: "Version: MUST match Docker image version in docker-compose.yml."
| "description": "Leading open-source web analytics platform with global data ownership.", | |
| "version": "5.1-apache", |
blueprints/matomo/docker-compose.yml
Outdated
| healthcheck: | ||
| test: ["CMD", "mysqladmin", "ping", "-h", "localhost", "-u", "root", "-p${DATABASE_ROOT_PASSWORD}"] | ||
| timeout: 5s | ||
| retries: 5 |
There was a problem hiding this comment.
interval field
The healthcheck block omits interval, which defaults to 30 seconds in Docker. Adding an explicit interval (and optionally start_period) makes the startup behaviour clearer and avoids surprises on slow hosts.
Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time!
blueprints/matomo/template.toml
Outdated
| name = "Matomo" | ||
| id = "matomo" | ||
| description = "Leading open-source web analytics platform" | ||
|
|
||
| [[variables]] | ||
| name = "DOMAINS" | ||
| label = "Matomo Domain" | ||
| defaultValue = "" | ||
| placeholder = "analytics.example.com" | ||
|
|
||
| [[variables]] | ||
| name = "DATABASE_ROOT_PASSWORD" | ||
| label = "MariaDB Root Password" | ||
| defaultValue = "change-me-root" | ||
|
|
||
| [[variables]] | ||
| name = "DATABASE_NAME" | ||
| label = "Database Name" | ||
| defaultValue = "matomo" | ||
|
|
||
| [[variables]] | ||
| name = "DATABASE_USERNAME" | ||
| label = "Database User" | ||
| defaultValue = "matomo" | ||
|
|
||
| [[variables]] | ||
| name = "DATABASE_PASSWORD" | ||
| label = "Database Password" | ||
| defaultValue = "change-me-user" |
There was a problem hiding this comment.
template.toml format — likely broken
This template uses [[variables]] (array-of-tables) with name, label, defaultValue, and placeholder keys. This format is not used by any other blueprint in the repository — every other template uses [variables] as a flat key-value table and includes [config], [[config.domains]], and env = [...] sections.
Per AGENTS.md, the correct schema mirrors templates like blueprints/unleash/template.toml or blueprints/akaunting/template.toml: a flat [variables] table containing key-value pairs (using Dokploy helpers for secrets), a [config] block with an env array, and [[config.domains]] for routing.
The [[variables]] array schema is unrecognised by all other blueprints and will likely not be parsed correctly by Dokploy. Additionally, the missing [[config.domains]] section means reverse-proxy routing for the service won't be configured at all.
blueprints/matomo/template.toml
Outdated
| label = "MariaDB Root Password" | ||
| defaultValue = "change-me-root" |
There was a problem hiding this comment.
DATABASE_ROOT_PASSWORD and DATABASE_PASSWORD (line 28) use literal placeholder strings as default values. Per AGENTS.md: "NEVER hardcode secrets in templates — use Dokploy's variable system with helpers."
All other database-backed templates in this repo (e.g. blueprints/unleash/template.toml, blueprints/akaunting/template.toml) auto-generate strong, unique passwords using Dokploy's built-in password helper so that every deployment gets distinct credentials rather than a shared, predictable default.
1 participant
What is this PR about?
New PR of Matomo Template.
Checklist
Issues related
Adds Matomo one-click deployment.
Greptile Summary
This PR adds a Matomo web analytics blueprint for one-click deployment via Dokploy. The
docker-compose.ymlis mostly well-structured (correct version, health-checked MariaDB, named volumes, noports/container_name/networks), but there are two blocking issues intemplate.tomland one inmeta.jsonthat need to be resolved before this template will work correctly.Key issues found:
template.tomlschema is incorrect (P1): The file uses a[[variables]]array-of-tables format withname/label/defaultValue/placeholderkeys — a schema used by no other blueprint in the repo. Every other template uses a flat[variables]table (key = value) plus a[config]block with anenvarray and[[config.domains]]for routing. Without the[[config.domains]]section, Dokploy won't configure the Traefik reverse-proxy route for the service.DATABASE_ROOT_PASSWORDandDATABASE_PASSWORDdefault to literal placeholder strings. PerAGENTS.md, secrets must use Dokploy's built-in helpers so each deployment receives unique credentials.meta.json(P1):\"version\": \"latest\"does not match the pinned image tagmatomo:5.1-apacheindocker-compose.yml.AGENTS.mdrequires these to match exactly.AGENTS.mdprefers SVG logos; a PNG is provided.Confidence Score: 2/5
Not safe to merge — the template.toml uses an unsupported schema and is missing the domain-routing section, making the template non-functional as submitted.
Three P1 issues: wrong template.toml format (unsupported schema + missing [[config.domains]]), hardcoded credentials that violate the project's explicit security policy, and a version mismatch in meta.json. All three are straightforward to fix but must be addressed before the template can be used reliably in Dokploy.
blueprints/matomo/template.toml needs a full rewrite to match the standard schema. meta.json needs the version field corrected.
Reviews (1): Last reviewed commit: "feat: add Matomo blueprint (v2 - fixed b..." | Re-trigger Greptile
(3/5) Reply to the agent's comments like "Can you suggest a fix for this @greptileai?" or ask follow-up questions!
Context used: