search

phpmyadmin / docker

Docker container for phpMyAdmin
https://hub.docker.com/_/phpmyadmin
GNU General Public License v3.0
665 stars 456 forks source link

FPM and Apache get different results when running phpmyadmin with docker #380

Open Iamzz-cn opened 2 years ago

Iamzz-cn commented 2 years ago

I use the following file to run phpmyadmin, for ENV configuration apache can run but fpm can't, Dockerfile

FROM nginx:alpine as nginx
COPY nginx.conf /etc/nginx/nginx.conf
COPY --from=pma /var/www/html /var/www/html

FROM phpmyadmin:fpm as pma

#RUN mv /var/www/html/config.sample.inc.php /var/www/html/config.inc.php

docker-compose.yml

version: '3'
networks:
  net-pma:
services:
  db1:
    image: mysql:5.7
    environment:
      MYSQL_ROOT_PASSWORD: root
      MYSQL_DATABASE: db1
      MYSQL_USER: db1
      MYSQL_PASSWORD: db1
    networks:
      - net-pma
  db2:
    image: mysql:5.7
    environment:
      MYSQL_ROOT_PASSWORD: root
      MYSQL_DATABASE: db2
      MYSQL_USER: db2
      MYSQL_PASSWORD: db2
    networks:
      - net-pma
  nginx:
    build:
      context: .
      target: nginx
    environment:
      PMA_HOSTS: db1,db2
    depends_on:
      - phpmyadmin
    volumes:
      - ./logs/nginx/log/:/var/log/nginx/
    ports:
      - "9088:80"
    networks:
      - net-pma
  phpmyadmin:
    image: phpmyadmin:fpm
    environment:
      PMA_HOSTS: db1,db2
    networks:
      - net-pma
  pma:
    image: phpmyadmin
    environment:
      PMA_HOSTS: db1,db2
    ports:
      - "8088:80"
    networks:
      - net-pma

nginx.conf

user                 nginx;
pid                  /var/run/nginx.pid;
worker_processes     auto;
worker_rlimit_nofile 65535;

# Load modules
include              /etc/nginx/modules-enabled/*.conf;

events {
    multi_accept       on;
    worker_connections 65535;
}

http {
    charset                utf-8;
    sendfile               on;
    tcp_nopush             on;
    tcp_nodelay            on;
    server_tokens          off;
    log_not_found          off;
    types_hash_max_size    2048;
    types_hash_bucket_size 64;
    client_max_body_size   16M;

    # MIME
    include                mime.types;
    default_type           application/octet-stream;

    # Logging
    access_log             /var/log/nginx/access.log;
    error_log              /var/log/nginx/error.log warn;

#     # Load configs
#     include                /etc/nginx/conf.d/*.conf;

    # example.com
    server {
        listen                             80;
        listen                             [::]:80;
        server_name                        localhost;
        set                                $base /var/www/html;
        root                               $base;

        # security headers
        add_header X-XSS-Protection        "1; mode=block" always;
        add_header X-Content-Type-Options  "nosniff" always;
        add_header Referrer-Policy         "no-referrer-when-downgrade" always;
        add_header Content-Security-Policy "default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';" always;
        add_header Permissions-Policy      "interest-cohort=()" always;

        # . files
        location ~ /\.(?!well-known) {
            deny all;
        }

        # index.php
        index index.php;

        # index.php fallback
        location / {
            try_files $uri $uri/ /index.php?$query_string;
        }

        # favicon.ico
        location = /favicon.ico {
            log_not_found off;
            access_log    off;
        }

        # robots.txt
        location = /robots.txt {
            log_not_found off;
            access_log    off;
        }

        # assets, media
        location ~* \.(?:css(\.map)?|js(\.map)?|jpe?g|png|gif|ico|cur|heic|webp|tiff?|mp3|m4a|aac|ogg|midi?|wav|mp4|mov|webm|mpe?g|avi|ogv|flv|wmv)$ {
            expires    7d;
            access_log off;
        }

        # svg, fonts
        location ~* \.(?:svgz?|ttf|ttc|otf|eot|woff2?)$ {
            add_header Access-Control-Allow-Origin "*";
            expires    7d;
            access_log off;
        }

        # gzip
        gzip            on;
        gzip_vary       on;
        gzip_proxied    any;
        gzip_comp_level 6;
        gzip_types      text/plain text/css text/xml application/json application/javascript application/rss+xml application/atom+xml image/svg+xml;

        # handle .php
        location ~ \.php$ {
            fastcgi_pass                  phpmyadmin:9000;

            # 404
            try_files                     $fastcgi_script_name =404;

            # default fastcgi_params
            include                       fastcgi_params;

            # fastcgi settings
            fastcgi_index                 index.php;
            fastcgi_buffers               8 16k;
            fastcgi_buffer_size           32k;

            # fastcgi params
            fastcgi_param DOCUMENT_ROOT   $realpath_root;
            fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
            fastcgi_param PHP_ADMIN_VALUE "open_basedir=$base/:/usr/lib/php/:/tmp/";
        }
    }
}

apache result [http://localhost:8088/] image fpm result [http://localhost:9088/] image

williamdes commented 2 years ago

I moved the issue here, it's a bit complicated because you would need to mount a volume between fpm and nginx. But it would not work because it is a known issue that we are trying to fix. That said PMA_HOSTS on the nginx node seems useless

I will keep this issue updated