search

phpmyadmin / docker

Docker container for phpMyAdmin
https://hub.docker.com/_/phpmyadmin
GNU General Public License v3.0
655 stars 451 forks source link

Redirect http acces to phpmyadmin in https #414

Closed Cyanat closed 1 year ago

Cyanat commented 1 year ago

Hello! I try to enable https access on the phpmyadmin docker and redirect all http request on https. Here is what I've done

/etc/apache2/ports.conf : I listen ports 80 and 443

# If you just change the port or add more ports here, you will likely also
# have to change the VirtualHost statement in
# /etc/apache2/sites-enabled/000-default.conf

Listen 80
Listen 443

/etc/apache2/sites-enabled/ssl.conf : enable mod_ssl and specifying my cert and key

LoadModule ssl_module /usr/lib/apache2/modules/mod_ssl.so
<VirtualHost *:443>
    DocumentRoot /var/www/html
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
    SSLEngine on
    SSLCertificateFile "certs/MyCert.crt"
    SSLCertificateKeyFile "certs/MyCert.key"
    <FilesMatch "\.(cgi|shtml|phtml|php)$">
                    SSLOptions +StdEnvVars
    </FilesMatch>
    <Directory /usr/lib/cgi-bin>
                    SSLOptions +StdEnvVars
    </Directory>
</VirtualHost>

port mapping of my docker-compose:

ports:
            - 8091:80
            - 8092:443

/etc/apache2/sites-enabled/000-default.conf : I set my redirection

<VirtualHost *:80>

        LoadModule rewrite_module modules/mod_rewrite.so
        RewriteEngine On
        RewriteRule ^/?(.*) https://%{SERVER_NAME}:8092/$1 [R=301,L]

</VirtualHost>

I use the DockerFile to update these files in the container and enabling the rewrite mod:

FROM phpmyadmin:5.2.1

RUN mv /etc/apache2/mods-available/rewrite.load /etc/apache2/mods-enabled/
ADD 000-default.conf /etc/apache2/sites-enabled/000-default.conf
ADD ssl.conf /etc/apache2/sites-enabled/ssl.conf
ADD ports.conf /etc/apache2/ports.conf

Well... It seems to work. But I would appreciate some feedback to confirm that this solution is clean and maintainable enough or if we have better solution to do that.

Thanks!

williamdes commented 1 year ago

Hi

Well, I think the following block is not needed

    <FilesMatch "\.(cgi|shtml|phtml|php)$">
                    SSLOptions +StdEnvVars
    </FilesMatch>
    <Directory /usr/lib/cgi-bin>
                    SSLOptions +StdEnvVars
    </Directory>
Cyanat commented 1 year ago

You're right, thanks. If no other feedback, then I will close this issue and use this solution, will see with time if it respond completely to my needs ;)

williamdes commented 1 year ago

Okay, let us know Maybe we could provide a disabled SSL config or redirector That's not really easy Or at least document it with your examples

williamdes commented 1 year ago

I would also say it's not necessary to do a Dockerfile, you can mount the files directly and it will work That said it would be good to find another way to not use mod rewrite