Difference between revisions of "PhpMyAdmin"
From wiki
(Refactor installation questions) |
(Let’s Encrypt links) |
||
| Line 1: | Line 1: | ||
== Prerequisite == | == Prerequisite == | ||
| − | To install PhpMyAdmin, you will need to have [[Nginx]], [[PHP]] and [[ | + | To install PhpMyAdmin, you will need to have [[Nginx]], [[PHP]], [[MariaDB]] and [[Let’s Encrypt]] installed. |
== Install == | == Install == | ||
| Line 73: | Line 73: | ||
=== TLS Certificate === | === TLS Certificate === | ||
| − | Edit file [[ | + | Edit file <code>[[Let’s Encrypt#Renewal_Script|/usr/local/sbin/renew_certificates]]</code> and add the following to the config list<syntaxhighlight lang="python"> |
{ | { | ||
'domains': ['phpmyadmin.example.com'], | 'domains': ['phpmyadmin.example.com'], | ||
Revision as of 21:38, 20 March 2016
Prerequisite
To install PhpMyAdmin, you will need to have Nginx, PHP, MariaDB and Let’s Encrypt installed.
Install
# apt install phpmyadmin
The installer will ask you several questions. Here are the answers:
- Web server to reconfigure automatically?
- Choose none. Nginx will be configured later.
- Configure database for phpmyadmin with dbconfig-common?
- Yes
- Password of the database's administrative user?
- Enter your MariaDB root user password.
- MySQL application password for phpmyadmin?
- Keep it empty to get a random one. You will never need to enter this password
Configure
PHP
Edit file /etc/php5/mods-available/local-common.ini and add folder /usr/share/phpmyadmin/ to the open_basedir setting.
Nginx
Create file /etc/nginx/sites-available/phpmyadmin
server {
include snippets/listen-http.conf;
server_name phpmyadmin.example.com;
access_log /var/log/nginx/phpmyadmin.access.log;
error_log /var/log/nginx/phpmyadmin.error.log info;
include snippets/acme-challenge.conf;
include snippets/https-permanent-redirect.conf;
}
server {
include snippets/listen-https.conf;
server_name phpmyadmin.example.com;
access_log /var/log/nginx/phpmyadmin.access.log;
error_log /var/log/nginx/phpmyadmin.error.log info;
include snippets/acme-challenge.conf;
#include snippets/ssl.conf;
#ssl_certificate /etc/letsencrypt/live/phpmyadmin.example.com/fullchain.pem;
#ssl_certificate_key /etc/letsencrypt/live/phpmyadmin.example.com/privkey.pem;
#include snippets/hsts.conf;
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
#auth_basic "Restricted";
#auth_basic_user_file .htpasswd;
root /usr/share/phpmyadmin/;
index index.php;
location ~ \.php$ {
try_files $uri =404;
include fastcgi.conf;
fastcgi_pass php5;
}
}
Activate the configuration with
# ln -s /etc/nginx/sites-available/phpmyadmin /etc/nginx/sites-enabled/
# service nginx reload
TLS Certificate
Edit file /usr/local/sbin/renew_certificates and add the following to the config list
{
'domains': ['phpmyadmin.example.com'],
'reload': [['service', 'nginx', 'reload']]
}
and get your certificate
# /usr/local/sbin/renew_certificates
Renewing certificate for phpmyadmin.example.com that will expire on 0001-01-01
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at
/etc/letsencrypt/live/phpmyadmin.example.com/fullchain.pem. Your
cert will expire on 2016-10-12. To obtain a new version of the
certificate in the future, simply run Let's Encrypt again.
- If you like Let's Encrypt, please consider supporting our work by:
Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le
Restarting services:
service nginx reload
Now uncomment the ssl related lines in /etc/nginx/sites-available/phpmyadmin and run
# service nginx reload
