Install and Secure Plausible Analytics on Ubuntu 20.04

In this article, we want to teach you how to Install and Secure Plausible Analytics on Ubuntu 20.04.

Plausible Analytics is an open-source, self-hosted web analytics application that focuses on simplicity and privacy.

It stores data about your website’s visitors in PostgreSQL and ClickHouse databases.

what you read in this post?

Install and Secure Plausible Analytics on Ubuntu 20.04

Install and Secure Plausible Analytics on Ubuntu 20.04

To install and Secure Plausible Analytics on Ubuntu 20.04, you need some requirements first.

Requirements

You need to log in to your server as a non-root user with sudo privileges and set up a basic firewall. To do this you can check our article about the Initial Server Setup with Ubuntu 20.04.

Install Docker on your server. you can follow our guide on How To Install and Use Docker on Ubuntu 20.04.

Also, you need to install Docker Compose. For this, you can visit our article about installing and Using Docker Compose on Ubuntu 20.04.

You need a Domain name pointed at your server’s public IP address to enable SSL.

When you are finished with these requirements, you can start to download and install Plausible Analytics on Ubuntu 20.04.

Install Plausible Analytics on Ubuntu 20.04

First, you need to clone the Plausible repository from GitHub, update two configuration files, and then start the Plausible app and database containers.

To do this, go to the /opt directory with the following command:

cd /opt

Then, clone the repo from GitHub with the following command:

sudo git clone https://github.com/plausible/hosting plausible

Now move into the new directory that you have created:

cd plausible

You need to edit the Plausible configuration file on Ubuntu 20.04. Before this, it’s recommended to generate a new random hash with the following command:

openssl rand 64 | base64 -w 0 ; echo

This command will create 64 random characters, copy them then open the Plausible configuration file with your favorite text editor:

sudo vi plausible-conf.env

The file contains five variables that you’ll need to fill in:

ADMIN_USER_EMAIL=your_email_here
ADMIN_USER_NAME=admin_username
ADMIN_USER_PWD=admin_password
BASE_URL=your_domain_here
SECRET_KEY_BASE=paste_your_random_characters_here

Remember that the password you define here must be at least 6 characters.

When you are done, save and close the file.

Now you need to update the docker-compose.yml file. open the file with the following command:

sudo vi docker-compose.yml

Find the Plausible section in the file and search for the ports, and update it to the following:

ports:
- 127.0.0.1:8000:8000

This ensures that Plausible is only listening on the localhost interface, and is not publicly available.

Save and close the file, when you are done.

Now use the following command to download, configure, and launch the containers:

sudo docker-compose up --detach

In your output you will see:

Output
...
Status: Downloaded newer image for plausible/analytics:latest
Creating plausible_plausible_db_1 ... done
Creating plausible_plausible_events_db_1 ... done
Creating plausible_mail_1 ... done
Creating plausible_plausible_1 ... done

The app container and all of its supporting mail and database containers should now be running.

You can verify this with the following command:

curl http://localhost:8000

Output
<html><body>You are being <a href="/login">redirected</a>.</body></html>...

If you see the HTML in your output, means that your server is up and running.

Let’s see how to set up Nginx to reverse proxy Plausible from localhost to the public.

Install and Configure Nginx on Ubuntu 20.04

At this step, you will install and configure Nginx to reverse proxy requests to Plausible, which means that it will take care of handling requests from your users to Plausible and back again.

First, update your local package index and install Nginx on Ubuntu 20.04 with the following command:

sudo apt update
sudo apt install nginx

You need to allow Nginx traffic through the firewall on ports 80 and 443 with the following command:

sudo ufw allow "Nginx Full"

Now open a new Nginx configuration file and name it plausible.conf with the following command:

sudo vi /etc/nginx/sites-available/plausible.conf

Then, paste the following content into the file:

server {
listen 80;
listen [::]:80;
server_name your_domain_here;

access_log /var/log/nginx/plausible.access.log;
error_log /var/log/nginx/plausible.error.log;

location / {
proxy_pass http://localhost:8000;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}

Remember to replace the server name with the domain that you’ve configured to point to your Plausible server.

When you are finished, save and close the file:

Enable the configuration with the following command:

sudo ln -s /etc/nginx/sites-available/plausible.conf /etc/nginx/sites-enabled/

Now verify that your configuration file syntax is ok with the command below:

sudo nginx -t

Output
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

Then, reload Nginx to apply these changes:

sudo systemctl reload nginx

Now you can access the Plausible site on Ubuntu 20.04 by typing your domain name in your web browser:

http://your-domain

You will see a page like this:

Now when you have your site up and running, let’s secure Plausible Analytics on Ubuntu 20.04 with Certbot and Let’s Encrypt certificates.

Set Up an SSL certificate for Plausible Analytics

First, you need to install Certbot and its Nginx plugin with the following command:

sudo apt install certbot python3-certbot-nginx

Then, run the certbot with the following command:

sudo certbot --nginx -d your_domain_here

You will be asked some questions. The first is to enter your email address. then, enter y to accept the terms of services.

The third is Would you be willing, once your first certificate is successfully issued, to
Share your email address with the Electronic Frontier Foundation. type y or n as your wish.

In your output you will see:

Output
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Congratulations! You have successfully enabled https://plausible.orcacore.net
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/plausible.orcacore.net/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/plausible.orcacore.net/privkey.pem
Your certificate will expire on 2022-01-28. To obtain a new or
tweaked version of this certificate in the future, simply run
certbot again with the "certonly" option. To non-interactively
renew *all* of your certificates, run "certbot renew"
- If you like Certbot, please consider supporting our work by:

Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le

Now reload your site and it should switch you over to HTTPS automatically.

Your site is now secure and it’s safe to log in with the default user details you have set up before.

You will then be asked to verify your registration, and a verification code will be emailed to the address you configured.

When you successfully log in, you’ll see a prompt to get your first website set up with Plausible:

You have successfully installed and secured your Plausible analytics software on Ubuntu 20.04.

Conclusion

At this point, you learn to install the Plausible Analytics, Also you learn to set up an Nginx reverse proxy and secure it using Let’s Encrypt SSL certificates.

You’re now ready to set up your website and add the Plausible Analytics tracking script.

Hope you enjoy this article about Install and Secure Plausible Analytics on Ubuntu 20.04.