From 886e7d423b98d3fc4b7053e2665c452fbf17d14b Mon Sep 17 00:00:00 2001 From: William Desportes Date: Wed, 15 Jan 2025 00:44:27 +0100 Subject: [PATCH 1/5] Update phpMyAdmin with new ENVs and settings --- phpmyadmin/content.md | 64 +++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 62 insertions(+), 2 deletions(-) diff --git a/phpmyadmin/content.md b/phpmyadmin/content.md index cb5abbf2b629..5500f85360e7 100644 --- a/phpmyadmin/content.md +++ b/phpmyadmin/content.md @@ -8,7 +8,7 @@ Run phpMyAdmin with Alpine, Apache and PHP FPM. # How to use this image -All of the following examples will bring you phpMyAdmin on `http://localhost:8080` where you can enjoy your happy MySQL administration. +All of the following examples will bring you phpMyAdmin on `http://localhost:8080` where you can enjoy your happy MySQL and MariaDB administration. ## Credentials @@ -62,7 +62,7 @@ You can use arbitrary servers by adding the environment variable `PMA_ARBITRARY= docker run --name phpmyadmin -d -e PMA_ARBITRARY=1 -p 8080:80 %%IMAGE%% ``` -## Usage with Docker Compose and arbitrary server +## Usage with docker compose and an arbitrary server This will run phpMyAdmin with the arbitrary server option - allowing you to specify any MySQL/MariaDB server on the login page. @@ -97,10 +97,43 @@ See the following links for config file information: - https://docs.phpmyadmin.net/en/latest/config.html#config - https://docs.phpmyadmin.net/en/latest/setup.html +## Adding custom configuration in `/etc/phpmyadmin/conf.d` + +you can also consider storing your custom configuration files in the folder `/etc/phpmyadmin/conf.d`, which is very suitable for managing multiple phpMyAdmin configuration files for different hosts,Then you can create `server-1.php`, `server-2.php`, or any file name you want, and store them in the conf.d directory mounted on the host. + +On the `docker run` line like this: + +```sh +docker run --name phpmyadmin -d --link mysql_db_server:db -p 8080:80 -v /some/local/directory/conf.d:/etc/phpmyadmin/conf.d:ro %%IMAGE%% +``` + ## Usage behind a reverse proxy Set the variable `PMA_ABSOLUTE_URI` to the fully-qualified path (`https://pma.example.net/`) where the reverse proxy makes phpMyAdmin available. +## Sessions persistence + +In order to keep your sessions active between container updates you will need to mount the `/sessions` folder. + +```sh +-v /some/local/directory/sessions:/sessions:rw +``` + +## Connect to the database over SSL + +Set the variable `PMA_SSL` to `1` to enable SSL usage from phpMyAdmin to the MySQL server. +The default value is `0`. +The variable `PMA_SSLS` can be used as a comma seperated sequence of `0` and `1` where multiple hosts are mentioned. +Values order must follow the `PMA_HOSTS` and will be computed accordingly. + +```sh +docker run --name phpmyadmin -d -e PMA_HOSTS=sslhost -e PMA_SSL=1 -p 8080:80 %%IMAGE%% +``` + +```sh +docker run --name phpmyadmin -d -e PMA_HOSTS='sslhost,nosslhost' -e PMA_SSLS='1,0' -p 8080:80 %%IMAGE%% +``` + ## Environment variables summary - `PMA_ARBITRARY` - when set to 1 connection to the arbitrary server will be allowed @@ -110,6 +143,19 @@ Set the variable `PMA_ABSOLUTE_URI` to the fully-qualified path (`https://pma.ex - `PMA_HOSTS` - define comma separated list of address/host names of the MySQL servers - `PMA_VERBOSES` - define comma separated list of verbose names of the MySQL servers - `PMA_PORTS` - define comma separated list of ports of the MySQL servers +- `PMA_SOCKET` - define socket file for the MySQL connection +- `PMA_SOCKETS` - define comma separated list of socket files for the MySQL connections +- `PMA_SSL_DIR` - define the path used for SSL files generated from environement variables, default value is `/etc/phpmyadmin/ssl` +- `PMA_SSL` - when set to 1, defines SSL usage for the MySQL connection +- `PMA_SSLS` - comma separated list of `0` and `1` defining SSL usage for the corresponding MySQL connections +- `PMA_SSL_VERIFY` - when set to 1, enables SSL certificate verification for the MySQL connection. +- `PMA_SSL_VERIFIES` - comma-separated list of `0` and `1` to enable or disable SSL certificate verification for multiple MySQL connections. +- `PMA_SSL_CA` - in the context of mutual TLS security, allows setting your CA certificate file as a string inside the default `config.inc.php`. +- `PMA_SSL_CAS` - in the context of mutual TLS security, allows setting multiple CA certificate files as a comma-separated list of strings inside the default `config.inc.php`. +- `PMA_SSL_CERT` - in the context of mutual TLS security, allows setting your certificate file as a string inside the default `config.inc.php`. +- `PMA_SSL_CERTS` - in the context of mutual TLS security, allows setting multiple certificate files as a comma-separated list of strings inside the default `config.inc.php`. +- `PMA_SSL_KEY` - in the context of mutual TLS security, allows setting your private key file as a string inside the default `config.inc.php`. +- `PMA_SSL_KEYS` - in the context of mutual TLS security, allows setting multiple private key files as a comma-separated list of strings inside the default `config.inc.php`. - `PMA_USER` and `PMA_PASSWORD` - define username and password to use only with the `config` authentication method - `PMA_ABSOLUTE_URI` - the full URL to phpMyAdmin. Sometimes needed when used in a reverse-proxy configuration. Don't set this unless needed. See [documentation](https://docs.phpmyadmin.net/en/latest/config.html#cfg_PmaAbsoluteUri). - `PMA_CONFIG_BASE64` - if set, this option will override the default `config.inc.php` with the base64 decoded contents of the variable @@ -126,6 +172,7 @@ Set the variable `PMA_ABSOLUTE_URI` to the fully-qualified path (`https://pma.ex - `MAX_EXECUTION_TIME` - if set, will override the maximum execution time in seconds (default 600) for phpMyAdmin ([$cfg['ExecTimeLimit']](https://docs.phpmyadmin.net/en/latest/config.html#cfg_ExecTimeLimit)) and PHP [max_execution_time](https://www.php.net/manual/en/info.configuration.php#ini.max-execution-time) (format as `[0-9+]`) - `MEMORY_LIMIT` - if set, will override the memory limit (default 512M) for phpMyAdmin ([$cfg['MemoryLimit']](https://docs.phpmyadmin.net/en/latest/config.html#cfg_MemoryLimit)) and PHP [memory_limit](https://www.php.net/manual/en/ini.core.php#ini.memory-limit) (format as `[0-9+](K,M,G)` where K is for Kilobytes, M for Megabytes, G for Gigabytes and 1K = 1024 bytes) - `UPLOAD_LIMIT` - if set, this option will override the default value for apache and php-fpm (format as `[0-9+](K,M,G)` default value is 2048K, this will change `upload_max_filesize` and `post_max_size` values) +- `TZ` - if defined, this option will change the default PHP `date.timezone` from `UTC`. See [documentation](https://www.php.net/manual/en/timezones.php) for supported values. - `HIDE_PHP_VERSION` - if defined, this option will hide the PHP version (`expose_php = Off`). Set to any value (such as `HIDE_PHP_VERSION=true`). - `APACHE_PORT` - if defined, this option will change the default Apache port from `80` in case you want it to run on a different port like an unprivileged port. Set to any port value (such as `APACHE_PORT=8090`) @@ -135,6 +182,19 @@ For usage with Docker secrets, appending `_FILE` to the `PMA_PASSWORD` environme docker run --name phpmyadmin -d -e PMA_PASSWORD_FILE=/run/secrets/db_password.txt -p 8080:80 %%IMAGE%% ``` +#### Variables that can store the file contents using `_BASE64` + +- `PMA_SSL_CA` +- `PMA_SSL_CAS` +- `PMA_SSL_KEY` +- `PMA_SSL_KEYS` +- `PMA_SSL_CERT` +- `PMA_SSL_CERTS` + +Also includes: `PMA_CONFIG_BASE64` or `PMA_USER_CONFIG_BASE64`. + +For example, the variable would be named `PMA_SSL_CA_BASE64` and the value is the base64 encoded contents of the file. + #### Variables that can be read from a file using `_FILE` - `MYSQL_ROOT_PASSWORD` From 138536b55cfad2183a8d5042cbe6dbb938bb9660 Mon Sep 17 00:00:00 2001 From: William Desportes Date: Wed, 15 Jan 2025 00:50:52 +0100 Subject: [PATCH 2/5] Also add in developer-tools --- phpmyadmin/metadata.json | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/phpmyadmin/metadata.json b/phpmyadmin/metadata.json index 3d3937b21fb1..68932ac9ba2d 100644 --- a/phpmyadmin/metadata.json +++ b/phpmyadmin/metadata.json @@ -1,7 +1,8 @@ { "hub": { "categories": [ - "databases-and-storage" + "databases-and-storage", + "developer-tools" ] } } From 38c99f47bc28c571bdc7999e7be6930a1ab555e9 Mon Sep 17 00:00:00 2001 From: William Desportes Date: Wed, 15 Jan 2025 00:51:02 +0100 Subject: [PATCH 3/5] Use MariaDB 10.11 LTS --- phpmyadmin/stack.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpmyadmin/stack.yml b/phpmyadmin/stack.yml index 4912da59794e..b3110239483d 100644 --- a/phpmyadmin/stack.yml +++ b/phpmyadmin/stack.yml @@ -2,7 +2,7 @@ version: '3.1' services: db: - image: mariadb:10.6 + image: mariadb:10.11 restart: always environment: MYSQL_ROOT_PASSWORD: notSecureChangeMe From deeee81edc27ee535e25f78c71a2d1822cadaa79 Mon Sep 17 00:00:00 2001 From: William Desportes Date: Wed, 15 Jan 2025 00:52:52 +0100 Subject: [PATCH 4/5] Apply markdown formatting --- phpmyadmin/content.md | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/phpmyadmin/content.md b/phpmyadmin/content.md index 5500f85360e7..79c4b2e41f92 100644 --- a/phpmyadmin/content.md +++ b/phpmyadmin/content.md @@ -121,10 +121,7 @@ In order to keep your sessions active between container updates you will need to ## Connect to the database over SSL -Set the variable `PMA_SSL` to `1` to enable SSL usage from phpMyAdmin to the MySQL server. -The default value is `0`. -The variable `PMA_SSLS` can be used as a comma seperated sequence of `0` and `1` where multiple hosts are mentioned. -Values order must follow the `PMA_HOSTS` and will be computed accordingly. +Set the variable `PMA_SSL` to `1` to enable SSL usage from phpMyAdmin to the MySQL server. The default value is `0`. The variable `PMA_SSLS` can be used as a comma seperated sequence of `0` and `1` where multiple hosts are mentioned. Values order must follow the `PMA_HOSTS` and will be computed accordingly. ```sh docker run --name phpmyadmin -d -e PMA_HOSTS=sslhost -e PMA_SSL=1 -p 8080:80 %%IMAGE%% From 6316f55fac517a28d10df0fb0b198c9f4e8b1e9e Mon Sep 17 00:00:00 2001 From: William Desportes Date: Wed, 15 Jan 2025 00:14:23 +0000 Subject: [PATCH 5/5] Fence the tool name --- phpmyadmin/content.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpmyadmin/content.md b/phpmyadmin/content.md index 79c4b2e41f92..b3b15f25acbb 100644 --- a/phpmyadmin/content.md +++ b/phpmyadmin/content.md @@ -62,7 +62,7 @@ You can use arbitrary servers by adding the environment variable `PMA_ARBITRARY= docker run --name phpmyadmin -d -e PMA_ARBITRARY=1 -p 8080:80 %%IMAGE%% ``` -## Usage with docker compose and an arbitrary server +## Usage with `docker compose` and an arbitrary server This will run phpMyAdmin with the arbitrary server option - allowing you to specify any MySQL/MariaDB server on the login page.