document analytics config

docs/docs/self-hosting/deploy/docker-compose-sa.yaml

@@ -14,6 +14,7 @@ services:
       - 'ZITADEL_FIRSTINSTANCE_ORG_MACHINE_MACHINE_USERNAME=zitadel-admin-sa'
       - 'ZITADEL_FIRSTINSTANCE_ORG_MACHINE_MACHINE_NAME=Admin'
       - 'ZITADEL_FIRSTINSTANCE_ORG_MACHINE_MACHINEKEY_TYPE=1'
+      - 'ZITADEL_ANALYTICS_PUSH_ALLENABLED=true'
     depends_on:
       crdb:
         condition: 'service_healthy'

docs/docs/self-hosting/deploy/docker-compose.yaml

@@ -10,6 +10,7 @@ services:
     environment:
       - 'ZITADEL_DATABASE_COCKROACH_HOST=crdb'
       - 'ZITADEL_EXTERNALSECURE=false'
+      - 'ZITADEL_ANALYTICS_PUSH_ALLENABLED=true'
     depends_on:
       crdb:
         condition: 'service_healthy'

docs/docs/self-hosting/deploy/knative.mdx

@@ -31,7 +31,8 @@ kn service create zitadel \
 --env ZITADEL_EXTERNALPORT=80 \
 --env ZITADEL_TLS_ENABLED=false \
 --env ZITADEL_EXTERNALDOMAIN=zitadel.default.127.0.0.1.sslip.io \
---arg "start-from-init" --arg "--masterkey" --arg "MasterkeyNeedsToHave32Characters" 
+--env ZITADEL_ANALYTICS_PUSH_ALLENABLED=true \
+--arg "start-from-init" --arg "--masterkey" --arg "MasterkeyNeedsToHave32Characters"
 ```
 
 ### Knavite yaml

docs/docs/self-hosting/deploy/kubernetes.mdx

@@ -38,6 +38,7 @@ helm install my-zitadel zitadel/zitadel \
   --set zitadel.configmapConfig.ExternalSecure=false \
   --set zitadel.configmapConfig.TLS.Enabled=false \
   --set zitadel.secretConfig.Database.cockroach.User.Password="a-zitadel-db-user-password" \
+  --set zitadel.configmapConfig.Analytics.Push.AllEnabled=true \
   --set replicaCount=1
 
 # Make ZITADEL locally accessible
@@ -70,6 +71,7 @@ helm install --namespace zitadel --create-namespace my-zitadel zitadel/zitadel \
   --set zitadel.configmapConfig.ExternalSecure=false \
   --set zitadel.configmapConfig.TLS.Enabled=false \
   --set zitadel.secretConfig.Database.cockroach.User.Password="a-zitadel-db-user-password" \
+  --set zitadel.configmapConfig.Analytics.Push.AllEnabled=true \
   --set replicaCount=1 \
   --set zitadel.configmapConfig.FirstInstance.MachineKeyPath="/machinekey/zitadel-admin-sa.json" \
   --set zitadel.configmapConfig.FirstInstance.Org.Machine.Machine.Username="zitadel-admin-sa" \

docs/docs/self-hosting/deploy/linux.mdx

@@ -33,7 +33,7 @@ LATEST=$(curl -i https://github.com/zitadel/zitadel/releases/latest | grep locat
 ## Run ZITADEL
 
 ```bash
-ZITADEL_EXTERNALSECURE=false zitadel start-from-init --masterkey "MasterkeyNeedsToHave32Characters" --tlsMode disabled
+ZITADEL_EXTERNALSECURE=false ZITADEL_ANALYTICS_PUSH_ALLENABLED=true zitadel start-from-init --masterkey "MasterkeyNeedsToHave32Characters" --tlsMode disabled
 ```
 
 <DefaultUser components={props.components} />
@@ -44,7 +44,7 @@ ZITADEL_EXTERNALSECURE=false zitadel start-from-init --masterkey "MasterkeyNeeds
 ### Setup ZITADEL with a service account
 
 ```bash
-ZITADEL_EXTERNALSECURE=false ZITADEL_FIRSTINSTANCE_MACHINEKEYPATH=/tmp/zitadel-admin-sa.json ZITADEL_FIRSTINSTANCE_ORG_MACHINE_MACHINE_USERNAME=zitadel-admin-sa ZITADEL_FIRSTINSTANCE_ORG_MACHINE_MACHINE_NAME=Admin ZITADEL_FIRSTINSTANCE_ORG_MACHINE_MACHINEKEY_TYPE=1 zitadel start-from-init --masterkey "MasterkeyNeedsToHave32Characters" --tlsMode disabled
+ZITADEL_EXTERNALSECURE=false ZITADEL_ANALYTICS_PUSH_ALLENABLED=true ZITADEL_FIRSTINSTANCE_MACHINEKEYPATH=/tmp/zitadel-admin-sa.json ZITADEL_FIRSTINSTANCE_ORG_MACHINE_MACHINE_USERNAME=zitadel-admin-sa ZITADEL_FIRSTINSTANCE_ORG_MACHINE_MACHINE_NAME=Admin ZITADEL_FIRSTINSTANCE_ORG_MACHINE_MACHINEKEY_TYPE=1 zitadel start-from-init --masterkey "MasterkeyNeedsToHave32Characters" --tlsMode disabled
 
 # then you can move your machine key
 mv /tmp/zitadel-admin-sa.json $HOME/zitadel-admin-sa.json

docs/docs/self-hosting/deploy/loadbalancing-example/example-zitadel-config.yaml

@@ -2,6 +2,11 @@
 Log:
   Level: 'info'
 
+# Help the ZITADEL maintainers improve the products usability by giving them some insights
+Analytics:
+  Push:
+    AllEnabled: true
+
 # Make ZITADEL accessible over HTTP, not HTTPS
 ExternalSecure: true
 ExternalDomain: my.domain

docs/docs/self-hosting/deploy/macos.mdx

@@ -40,7 +40,7 @@ LATEST=$(curl -i https://github.com/zitadel/zitadel/releases/latest | grep locat
 ## Run ZITADEL
 
 ```bash
-ZITADEL_EXTERNALSECURE=false zitadel start-from-init --masterkey "MasterkeyNeedsToHave32Characters" --tlsMode disabled
+ZITADEL_EXTERNALSECURE=false ZITADEL_ANALYTICS_PUSH_ALLENABLED=true zitadel start-from-init --masterkey "MasterkeyNeedsToHave32Characters" --tlsMode disabled
 ```
 
 <DefaultUser components={props.components} />
@@ -51,7 +51,7 @@ ZITADEL_EXTERNALSECURE=false zitadel start-from-init --masterkey "MasterkeyNeeds
 ### Setup ZITADEL with a service account
 
 ```bash
-ZITADEL_EXTERNALSECURE=false ZITADEL_FIRSTINSTANCE_MACHINEKEYPATH=/tmp/zitadel-admin-sa.json ZITADEL_FIRSTINSTANCE_ORG_MACHINE_MACHINE_USERNAME=zitadel-admin-sa ZITADEL_FIRSTINSTANCE_ORG_MACHINE_MACHINE_NAME=Admin ZITADEL_FIRSTINSTANCE_ORG_MACHINE_MACHINEKEY_TYPE=1 zitadel start-from-init --masterkey "MasterkeyNeedsToHave32Characters" --tlsMode disabled
+ZITADEL_EXTERNALSECURE=false ZZITADEL_ANALYTICS_PUSH_ALLENABLED=true ITADEL_FIRSTINSTANCE_MACHINEKEYPATH=/tmp/zitadel-admin-sa.json ZITADEL_FIRSTINSTANCE_ORG_MACHINE_MACHINE_USERNAME=zitadel-admin-sa ZITADEL_FIRSTINSTANCE_ORG_MACHINE_MACHINE_NAME=Admin ZITADEL_FIRSTINSTANCE_ORG_MACHINE_MACHINEKEY_TYPE=1 zitadel start-from-init --masterkey "MasterkeyNeedsToHave32Characters" --tlsMode disabled
 
 # then you can move your machine key
 mv /tmp/zitadel-admin-sa.json $HOME/zitadel-admin-sa.json

docs/docs/self-hosting/manage/production.md

@@ -61,6 +61,16 @@ Instead, your execution environment should provide tooling for managing logs in
 This includes tasks like rotating files, routing, collecting, archiving and cleaning-up.
 For example, systemd has journald and kubernetes has fluentd and fluentbit.
 
+## Analytics
+
+If you want some usage metrics pushed to external systems, enable the metrics you need in the ZITADEL configuration.
+Include https://zitadel.com/usage in the list of endpoints if you want to help the ZITADEL maintainers improve the product's usability by giving them some insights.
+Don't forget to opt in by setting Analytics.Push.AllEnabled to true.
+
+ZITADEL pushes the metrics by projecting certain events.
+Therefore, you can configure delivery guarantees not in the Analytics section of the ZITADEL configuration,
+but in the Projections.Customizations.Analytics section
+
 ## Database
 
 ### Prefer CockroachDB

docs/docs/self-hosting/manage/productionchecklist.md

@@ -42,6 +42,7 @@ To apply best practices to your production setup we created a step by step check
 - [ ] Configure your privacy policy, terms of service and a help Link if needed
 - [ ] Keep your [masterkey](https://zitadel.com/docs/self-hosting/manage/configure) in a secure storage
 - [ ] Declare and apply zitadel configuration using the zitadel terraform [provider](https://github.com/zitadel/terraform-provider-zitadel) 
+- [ ] Opt in to sending analytics to the ZITADEL maintainers by setting Analytics.Push.AllEnabled to true in the runtime configuration.
 
 ### Security