From https://github.com/piwik/piwik/issues/1453#issuecomment-48299263 by @robocoder, I learned that you should be able to overwrite
bootstrap.php to move the writable piwik folders,
tmp, to a read-write directory, and keep the rest read-only.
I found out that I need to copy the
config folder to
PIWIK_USER_PATH, and tmp is created automatically.
Problem is: Afterwards, there are errors about missing plugin folders and unfound stylesheet files. I investigated the code and found suspicious uses of
core/AssetManager/UIAssetMerger/StylesheetUIAssetMerger.php which look like they should be
PIWIK_INCLUDE_PATH. I tried to patch them to
PIWIK_INCLUDE_PATH, I can load the page then, but it renders without stylesheets. 😢 In that state, I could not find any error messages, so I don't really know what's not working.
https://piwik.org/docs/include-piwik-in-your-project/#bootstrap-php-execute-custom-code-before-piwik-runs notes that using
PIWIK_INCLUDE_PATH “facilitates a ‘best practice’ of preventing direct access to PHP files.” – I could not find concrete examples on how and what exactly to do to achieve this, e.g. whether I also should copy
plugins or so.
<?php define('PIWIK_USER_PATH', '/var/lib/piwik'); ?>
/var/lib/piwikand make it writable from the webserver
Piwik encoutered an error: An exception has been thrown during the rendering of a template ("The ui asset with 'href' = /var/lib/piwik/plugins/Morpheus/stylesheets/base/bootstrap.css is not readable").
I don't know how to get a working
PIWIK_USER_PATH, seems like there is more to it that the presumably wrong use of
PIWIK_USER_PATH in AssetManager classes which I do not understand.
(Not important for the problem, but for people who find this through search: I'm trying to do this to create a Nix package and NixOS module, where I have to separate statefull and stateless files)
PIWIK_USER_PATH was a kludge as it accommodated the ability to drop piwik into a web folder and treat that as the doc root, instead of doing the right thing from the beginning.
Nowadays, it would be more conventional to have
piwik.js in a
public folder and force the user to set the DocumentRoot correctly.
@robocoder I understand your suggestion with a
public folder, it sounds like something I want as well. 😄 Thank you!
Can I achieve this setup by creating a
public folder like this myself, move the relevant files in there, and use
PIWIK_INCLUDE_PATH to point outside of
But even then, I think I need something like
PIWIK_USER_PATH to separate local state files from files that can be read-only and get upgraded on a new release only.
I found out my other problem after patching
PIWIK_INCLUDE_PATH were resulting from whitespace in my
bootstrap.php, and vanished after I found them and cleaned up.
I wrote a PR at #11661 which seems to fix all problems I had with
PIWIK_USER_PATH- at least I could not find something else that does not work.