PhpMyAdmin
From wiki
Prerequisite
To install PhpMyAdmin, you will need to have Nginx, PHP and MariaDB installed.
Install
# apt install phpmyadmin
The installer will ask you several questions. Here are the answers:
- Web server to reconfigure automatically?
- Choose none. Nginx will be configured later.
- Configure database for phpmyadmin with dbconfig-common?
- Yes
- Password of the database's administrative user?
- Enter your MariaDB root user password.
- MySQL application password for phpmyadmin?
- Keep it empty to get a random one. You will never need to enter this password
Configure
PHP
Edit file /etc/php5/mods-available/local-common.ini
and add folder /usr/share/phpmyadmin/
to the open_basedir
setting.
Nginx
Create file /etc/nginx/sites-available/phpmyadmin
server {
include snippets/listen-http.conf;
server_name phpmyadmin.example.com;
access_log /var/log/nginx/phpmyadmin.access.log;
error_log /var/log/nginx/phpmyadmin.error.log info;
include snippets/acme-challenge.conf;
include snippets/https-permanent-redirect.conf;
}
server {
include snippets/listen-https.conf;
server_name phpmyadmin.example.com;
access_log /var/log/nginx/phpmyadmin.access.log;
error_log /var/log/nginx/phpmyadmin.error.log info;
include snippets/acme-challenge.conf;
#include snippets/ssl.conf;
#ssl_certificate /etc/letsencrypt/live/phpmyadmin.example.com/fullchain.pem;
#ssl_certificate_key /etc/letsencrypt/live/phpmyadmin.example.com/privkey.pem;
#include snippets/hsts.conf;
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
#auth_basic "Restricted";
#auth_basic_user_file .htpasswd;
root /usr/share/phpmyadmin/;
index index.php;
location ~ \.php$ {
try_files $uri =404;
include fastcgi.conf;
fastcgi_pass php5;
}
}
Activate the configuration with
# ln -s /etc/nginx/sites-available/phpmyadmin /etc/nginx/sites-enabled/
# service nginx reload
TLS Certificate
Edit file /usr/local/sbin/renew_certificates and add the following to the config list
{
'domains': ['phpmyadmin.example.com'],
'reload': [['service', 'nginx', 'reload']]
}
and get your certificate
# /usr/local/sbin/renew_certificates
Renewing certificate for phpmyadmin.example.com that will expire on 0001-01-01
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at
/etc/letsencrypt/live/phpmyadmin.example.com/fullchain.pem. Your
cert will expire on 2016-10-12. To obtain a new version of the
certificate in the future, simply run Let's Encrypt again.
- If you like Let's Encrypt, please consider supporting our work by:
Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le
Restarting services:
service nginx reload
Now uncomment the ssl related lines in /etc/nginx/sites-available/phpmyadmin
and run
# service nginx reload