Fixed remote connections with both PHPMyAdmin and MySQL Workbench/other third party tools

2016-05-26 16:05:29 -05:00 · 2016-05-26 16:05:29 -05:00 · 2064c37a16
commit 2064c37a16
parent e6ae0b085a
3 changed files with 167 additions and 4 deletions
--- a/11
+++ b/11
@ -8,15 +8,19 @@ wget curl git

 # Configure apache
 COPY ./config/apache2.conf /etc/apache2/apache2.conf
-RUN chmod 600 /etc/apache2/apache2.conf
+RUN chmod 644 /etc/apache2/apache2.conf
 RUN a2enmod rewrite

 # Configure MySQL
 COPY ./config/my.cnf /etc/mysql/my.cnf
-RUN chmod 600 /etc/mysql/my.cnf
+RUN chmod 644 /etc/mysql/my.cnf
 RUN service mysql start && mysql -u root --execute="GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY '';"
 EXPOSE 3306

+# Configure PHPMyAdmin
+COPY ./config/config.inc.php /etc/phpmyadmin/config.inc.php
+RUN chmod 644 /etc/phpmyadmin/config.inc.php
+
 # Install composer
 RUN php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');" && \
    php -r "if (hash_file('SHA384', 'composer-setup.php') === '92102166af5abdb03f49ce52a40591073a7b859a86e8ff13338cf7db58a19f7844fbc0bb79b2773bf30791e935dbd938') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;" && \
@ -45,4 +49,7 @@ ENV APACHE_PID_FILE=/var/run/apache2/apache2.pid
 ENV APACHE_RUN_USER=www-data
 ENV APACHE_RUN_GROUP=www-data
 ENV APACHE_LOG_DIR=/var/log/apache2
+
+# Fire up the image!
+WORKDIR /var/www/html
 ENTRYPOINT service mysql start; apache2 -DFOREGROUND
--- a/config/config.inc.php
+++ b/config/config.inc.php
@ -0,0 +1,156 @@
+<?php
+/**
+ * Debian local configuration file
+ *
+ * This file overrides the settings made by phpMyAdmin interactive setup
+ * utility.
+ *
+ * For example configuration see
+ *   /usr/share/doc/phpmyadmin/examples/config.sample.inc.php
+ * or
+ *   /usr/share/doc/phpmyadmin/examples/config.manyhosts.inc.php
+ *
+ * NOTE: do not add security sensitive data to this file (like passwords)
+ * unless you really know what you're doing. If you do, any user that can
+ * run PHP or CGI on your webserver will be able to read them. If you still
+ * want to do this, make sure to properly secure the access to this file
+ * (also on the filesystem level).
+ */
+
+if (!function_exists('check_file_access')) {
+    function check_file_access($path)
+    {
+        if (is_readable($path)) {
+            return true;
+        } else {
+            error_log(
+                'phpmyadmin: Failed to load ' . $path
+                . ' Check group www-data has read access and open_basedir restrictions.'
+            );
+            return false;
+        }
+    }
+}
+
+// Load secret generated on postinst
+if (check_file_access('/var/lib/phpmyadmin/blowfish_secret.inc.php')) {
+    require('/var/lib/phpmyadmin/blowfish_secret.inc.php');
+}
+
+// Load autoconf local config
+if (check_file_access('/var/lib/phpmyadmin/config.inc.php')) {
+    require('/var/lib/phpmyadmin/config.inc.php');
+}
+
+/**
+ * Server(s) configuration
+ */
+$i = 0;
+// The $cfg['Servers'] array starts with $cfg['Servers'][1].  Do not use $cfg['Servers'][0].
+// You can disable a server config entry by setting host to ''.
+$i++;
+
+/**
+ * Read configuration from dbconfig-common
+ * You can regenerate it using: dpkg-reconfigure -plow phpmyadmin
+ */
+if (check_file_access('/etc/phpmyadmin/config-db.php')) {
+    require('/etc/phpmyadmin/config-db.php');
+}
+
+/* Configure according to dbconfig-common if enabled */
+if (!empty($dbname)) {
+    /* Authentication type */
+    $cfg['Servers'][$i]['auth_type'] = 'cookie';
+    /* Server parameters */
+    if (empty($dbserver)) $dbserver = 'localhost';
+    $cfg['Servers'][$i]['host'] = $dbserver;
+
+    if (!empty($dbport) || $dbserver != 'localhost') {
+        $cfg['Servers'][$i]['connect_type'] = 'tcp';
+        $cfg['Servers'][$i]['port'] = $dbport;
+    }
+    //$cfg['Servers'][$i]['compress'] = false;
+    /* Select mysqli if your server has it */
+    $cfg['Servers'][$i]['extension'] = 'mysqli';
+    /* Optional: User for advanced features */
+    $cfg['Servers'][$i]['controluser'] = $dbuser;
+    $cfg['Servers'][$i]['controlpass'] = $dbpass;
+    /* Optional: Advanced phpMyAdmin features */
+    $cfg['Servers'][$i]['pmadb'] = $dbname;
+    $cfg['Servers'][$i]['bookmarktable'] = 'pma__bookmark';
+    $cfg['Servers'][$i]['relation'] = 'pma__relation';
+    $cfg['Servers'][$i]['table_info'] = 'pma__table_info';
+    $cfg['Servers'][$i]['table_coords'] = 'pma__table_coords';
+    $cfg['Servers'][$i]['pdf_pages'] = 'pma__pdf_pages';
+    $cfg['Servers'][$i]['column_info'] = 'pma__column_info';
+    $cfg['Servers'][$i]['history'] = 'pma__history';
+    $cfg['Servers'][$i]['table_uiprefs'] = 'pma__table_uiprefs';
+    $cfg['Servers'][$i]['tracking'] = 'pma__tracking';
+    $cfg['Servers'][$i]['designer_coords'] = 'pma__designer_coords';
+    $cfg['Servers'][$i]['userconfig'] = 'pma__userconfig';
+    $cfg['Servers'][$i]['recent'] = 'pma__recent';
+    $cfg['Servers'][$i]['favorite'] = 'pma__favorite';
+    $cfg['Servers'][$i]['users'] = 'pma__users';
+    $cfg['Servers'][$i]['usergroups'] = 'pma__usergroups';
+    $cfg['Servers'][$i]['navigationhiding'] = 'pma__navigationhiding';
+    $cfg['Servers'][$i]['savedsearches'] = 'pma__savedsearches';
+
+    /* Uncomment the following to enable logging in to passwordless accounts,
+     * after taking note of the associated security risks. */
+    $cfg['Servers'][$i]['AllowNoPassword'] = TRUE;
+
+    /* Advance to next server for rest of config */
+    $i++;
+}
+
+/* Authentication type */
+//$cfg['Servers'][$i]['auth_type'] = 'cookie';
+/* Server parameters */
+//$cfg['Servers'][$i]['host'] = 'localhost';
+//$cfg['Servers'][$i]['connect_type'] = 'tcp';
+//$cfg['Servers'][$i]['compress'] = false;
+/* Select mysqli if your server has it */
+//$cfg['Servers'][$i]['extension'] = 'mysql';
+/* Optional: User for advanced features */
+// $cfg['Servers'][$i]['controluser'] = 'pma';
+// $cfg['Servers'][$i]['controlpass'] = 'pmapass';
+
+/* Storage database and tables */
+// $cfg['Servers'][$i]['pmadb'] = 'phpmyadmin';
+// $cfg['Servers'][$i]['bookmarktable'] = 'pma__bookmark';
+// $cfg['Servers'][$i]['relation'] = 'pma__relation';
+// $cfg['Servers'][$i]['table_info'] = 'pma__table_info';
+// $cfg['Servers'][$i]['table_coords'] = 'pma__table_coords';
+// $cfg['Servers'][$i]['pdf_pages'] = 'pma__pdf_pages';
+// $cfg['Servers'][$i]['column_info'] = 'pma__column_info';
+// $cfg['Servers'][$i]['history'] = 'pma__history';
+// $cfg['Servers'][$i]['table_uiprefs'] = 'pma__table_uiprefs';
+// $cfg['Servers'][$i]['tracking'] = 'pma__tracking';
+// $cfg['Servers'][$i]['designer_coords'] = 'pma__designer_coords';
+// $cfg['Servers'][$i]['userconfig'] = 'pma__userconfig';
+// $cfg['Servers'][$i]['recent'] = 'pma__recent';
+// $cfg['Servers'][$i]['favorite'] = 'pma__favorite';
+// $cfg['Servers'][$i]['users'] = 'pma__users';
+// $cfg['Servers'][$i]['usergroups'] = 'pma__usergroups';
+// $cfg['Servers'][$i]['navigationhiding'] = 'pma__navigationhiding';
+// $cfg['Servers'][$i]['savedsearches'] = 'pma__savedsearches';
+/* Uncomment the following to enable logging in to passwordless accounts,
+ * after taking note of the associated security risks. */
+// $cfg['Servers'][$i]['AllowNoPassword'] = TRUE;
+
+/*
+ * End of servers configuration
+ */
+
+/*
+ * Directories for saving/loading files from server
+ */
+$cfg['UploadDir'] = '';
+$cfg['SaveDir'] = '';
+
+/* Support additional configurations */
+foreach (glob('/etc/phpmyadmin/conf.d/*.php') as $filename)
+{
+    include($filename);
+}
--- a/config/my.cnf
+++ b/config/my.cnf
@ -44,7 +44,7 @@ skip-external-locking
 #
 # Instead of skip-networking the default is now to listen only on
 # localhost which is more compatible and is not less secure.
-bind-address		= 127.0.0.1
+#bind-address		= 127.0.0.1
 #
 # * Fine Tuning
 #