rework configuration and docs

docs/docs/self-hosting/deploy/docker-compose-sa.yaml

@@ -14,7 +14,7 @@ services:
       - 'ZITADEL_FIRSTINSTANCE_ORG_MACHINE_MACHINE_USERNAME=zitadel-admin-sa'
       - 'ZITADEL_FIRSTINSTANCE_ORG_MACHINE_MACHINE_NAME=Admin'
       - 'ZITADEL_FIRSTINSTANCE_ORG_MACHINE_MACHINEKEY_TYPE=1'
-      - 'ZITADEL_ANALYTICS_PUSH_ALLENABLED=true'
+      - 'ZITADEL_TELEMETRY_ENABLED=true'
     depends_on:
       crdb:
         condition: 'service_healthy'

docs/docs/self-hosting/deploy/docker-compose.yaml

@@ -10,7 +10,7 @@ services:
     environment:
       - 'ZITADEL_DATABASE_COCKROACH_HOST=crdb'
       - 'ZITADEL_EXTERNALSECURE=false'
-      - 'ZITADEL_ANALYTICS_PUSH_ALLENABLED=true'
+      - 'ZITADEL_TELEMETRY_ENABLED=true'
     depends_on:
       crdb:
         condition: 'service_healthy'

docs/docs/self-hosting/deploy/knative.mdx

@@ -31,7 +31,7 @@ kn service create zitadel \
 --env ZITADEL_EXTERNALPORT=80 \
 --env ZITADEL_TLS_ENABLED=false \
 --env ZITADEL_EXTERNALDOMAIN=zitadel.default.127.0.0.1.sslip.io \
---env ZITADEL_ANALYTICS_PUSH_ALLENABLED=true \
+--env ZITADEL_TELEMETRY_ENABLED=true \
 --arg "start-from-init" --arg "--masterkey" --arg "MasterkeyNeedsToHave32Characters"
 ```
 

docs/docs/self-hosting/deploy/kubernetes.mdx

@@ -37,8 +37,8 @@ helm install my-zitadel zitadel/zitadel \
   --set zitadel.masterkey="MasterkeyNeedsToHave32Characters" \
   --set zitadel.configmapConfig.ExternalSecure=false \
   --set zitadel.configmapConfig.TLS.Enabled=false \
+  --set zitadel.configmapConfig.Telemetry.Enabled=true \
   --set zitadel.secretConfig.Database.cockroach.User.Password="a-zitadel-db-user-password" \
-  --set zitadel.configmapConfig.Analytics.Push.AllEnabled=true \
   --set replicaCount=1
 
 # Make ZITADEL locally accessible
@@ -70,8 +70,8 @@ helm install --namespace zitadel --create-namespace my-zitadel zitadel/zitadel \
   --set zitadel.masterkey="MasterkeyNeedsToHave32Characters" \
   --set zitadel.configmapConfig.ExternalSecure=false \
   --set zitadel.configmapConfig.TLS.Enabled=false \
+  --set zitadel.configmapConfig.Telemetry.Enabled=true \
   --set zitadel.secretConfig.Database.cockroach.User.Password="a-zitadel-db-user-password" \
-  --set zitadel.configmapConfig.Analytics.Push.AllEnabled=true \
   --set replicaCount=1 \
   --set zitadel.configmapConfig.FirstInstance.MachineKeyPath="/machinekey/zitadel-admin-sa.json" \
   --set zitadel.configmapConfig.FirstInstance.Org.Machine.Machine.Username="zitadel-admin-sa" \

docs/docs/self-hosting/deploy/linux.mdx

@@ -44,7 +44,7 @@ ZITADEL_EXTERNALSECURE=false ZITADEL_ANALYTICS_PUSH_ALLENABLED=true zitadel star
 ### Setup ZITADEL with a service account
 
 ```bash
-ZITADEL_EXTERNALSECURE=false ZITADEL_ANALYTICS_PUSH_ALLENABLED=true ZITADEL_FIRSTINSTANCE_MACHINEKEYPATH=/tmp/zitadel-admin-sa.json ZITADEL_FIRSTINSTANCE_ORG_MACHINE_MACHINE_USERNAME=zitadel-admin-sa ZITADEL_FIRSTINSTANCE_ORG_MACHINE_MACHINE_NAME=Admin ZITADEL_FIRSTINSTANCE_ORG_MACHINE_MACHINEKEY_TYPE=1 zitadel start-from-init --masterkey "MasterkeyNeedsToHave32Characters" --tlsMode disabled
+ZITADEL_EXTERNALSECURE=false ZITADEL_TELEMETRY_ENABLED=true ZITADEL_FIRSTINSTANCE_MACHINEKEYPATH=/tmp/zitadel-admin-sa.json ZITADEL_FIRSTINSTANCE_ORG_MACHINE_MACHINE_USERNAME=zitadel-admin-sa ZITADEL_FIRSTINSTANCE_ORG_MACHINE_MACHINE_NAME=Admin ZITADEL_FIRSTINSTANCE_ORG_MACHINE_MACHINEKEY_TYPE=1 zitadel start-from-init --masterkey "MasterkeyNeedsToHave32Characters" --tlsMode disabled
 
 # then you can move your machine key
 mv /tmp/zitadel-admin-sa.json $HOME/zitadel-admin-sa.json

docs/docs/self-hosting/deploy/macos.mdx

@@ -51,7 +51,7 @@ ZITADEL_EXTERNALSECURE=false ZITADEL_ANALYTICS_PUSH_ALLENABLED=true zitadel star
 ### Setup ZITADEL with a service account
 
 ```bash
-ZITADEL_EXTERNALSECURE=false ZZITADEL_ANALYTICS_PUSH_ALLENABLED=true ITADEL_FIRSTINSTANCE_MACHINEKEYPATH=/tmp/zitadel-admin-sa.json ZITADEL_FIRSTINSTANCE_ORG_MACHINE_MACHINE_USERNAME=zitadel-admin-sa ZITADEL_FIRSTINSTANCE_ORG_MACHINE_MACHINE_NAME=Admin ZITADEL_FIRSTINSTANCE_ORG_MACHINE_MACHINEKEY_TYPE=1 zitadel start-from-init --masterkey "MasterkeyNeedsToHave32Characters" --tlsMode disabled
+ZITADEL_EXTERNALSECURE=false ZITADEL_TELEMETRY_ENABLED=true ZITADEL_FIRSTINSTANCE_MACHINEKEYPATH=/tmp/zitadel-admin-sa.json ZITADEL_FIRSTINSTANCE_ORG_MACHINE_MACHINE_USERNAME=zitadel-admin-sa ZITADEL_FIRSTINSTANCE_ORG_MACHINE_MACHINE_NAME=Admin ZITADEL_FIRSTINSTANCE_ORG_MACHINE_MACHINEKEY_TYPE=1 zitadel start-from-init --masterkey "MasterkeyNeedsToHave32Characters" --tlsMode disabled
 
 # then you can move your machine key
 mv /tmp/zitadel-admin-sa.json $HOME/zitadel-admin-sa.json

docs/docs/self-hosting/manage/production.md

@@ -61,15 +61,27 @@ Instead, your execution environment should provide tooling for managing logs in
 This includes tasks like rotating files, routing, collecting, archiving and cleaning-up.
 For example, systemd has journald and kubernetes has fluentd and fluentbit.
 
-## Analytics
+## Telemetry
 
-If you want some usage metrics pushed to external systems, enable the metrics you need in the ZITADEL configuration.
+If you want to have some usage data pushed to external systems, enable telemetry in the ZITADEL configuration.
 Include https://zitadel.com/usage in the list of endpoints if you want to help the ZITADEL maintainers improve the product's usability by giving them some insights.
-Don't forget to opt in by setting Analytics.Push.AllEnabled to true.
+Don't forget to opt in by setting Telemetry.Enabled to true.
+
+The following table describes the data points that are sent to the endpoints:
+
+| Trigger                                                                           | Description                                                                                                                                        |
+|-----------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------|
+| A virtual instance is created.                                                    | This data point is also sent when the first instance is automatically created during the ZITADEL binaries setup phase in a self-hosting scenario.  |
+| An authentication succeeded for the first time on an instance.                    | This is the first authentication with the instances automatically created admin user during the instance setup, which can be a human or a machine. |
+| A project is created for the first time in a virtual instance.                    | The ZITADEL project that is automatically created during the instance setup is omitted.                                                            |
+| An application is created for the first time in a virtual instance.               | The applications in the ZITADEL project that are automatically created during the instance setup are omitted.                                      |
+| An authentication succeeded for the first time in a virtal instances application. | This is the first authentication using a ZITADEL application that is not created during the instance setup phase.                                  |
+| A virtual instance is deleted.                                                    | This data point is sent when a virtual instance is deleted via ZITADELs system API                                                                 |
+
 
 ZITADEL pushes the metrics by projecting certain events.
-Therefore, you can configure delivery guarantees not in the Analytics section of the ZITADEL configuration,
-but in the Projections.Customizations.Analytics section
+Therefore, you can configure delivery guarantees not in the Telemetry section of the ZITADEL configuration,
+but in the Projections.Customizations.Telemetry section
 
 ## Database
 

docs/docs/self-hosting/manage/productionchecklist.md

@@ -42,7 +42,7 @@ To apply best practices to your production setup we created a step by step check
 - [ ] Configure your privacy policy, terms of service and a help Link if needed
 - [ ] Keep your [masterkey](https://zitadel.com/docs/self-hosting/manage/configure) in a secure storage
 - [ ] Declare and apply zitadel configuration using the zitadel terraform [provider](https://github.com/zitadel/terraform-provider-zitadel) 
-- [ ] Opt in to sending analytics to the ZITADEL maintainers by setting Analytics.Push.AllEnabled to true in the runtime configuration.
+- [ ] Opt in to sending telemetry data to the ZITADEL maintainers by setting Telemetry.Enabled to true in the runtime configuration.
 
 ### Security