update phpmyadmin

This commit is contained in:
kev 2022-01-04 18:34:56 +08:00
parent e53801970f
commit c700ae8d1a
5 changed files with 337 additions and 62 deletions

View File

@ -1,44 +1,126 @@
#
# Dockerfile for phpmyadmin-arm
#
FROM easypi/alpine-arm
MAINTAINER EasyPi Software Foundation
FROM php:8.0-apache
# Install dependencies
RUN apk add --no-cache php7-session php7-mysqli php7-mbstring php7-xml php7-gd php7-zlib php7-bz2 php7-zip php7-openssl php7-curl php7-opcache php7-json nginx php7-fpm supervisor
RUN set -ex; \
\
savedAptMark="$(apt-mark showmanual)"; \
\
apt-get update; \
apt-get install -y --no-install-recommends \
libbz2-dev \
libfreetype6-dev \
libjpeg-dev \
libpng-dev \
libwebp-dev \
libxpm-dev \
libzip-dev \
; \
\
docker-php-ext-configure gd --with-freetype --with-jpeg --with-webp --with-xpm; \
docker-php-ext-install -j "$(nproc)" \
bz2 \
gd \
mysqli \
opcache \
zip \
; \
\
apt-mark auto '.*' > /dev/null; \
apt-mark manual $savedAptMark; \
ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so \
| awk '/=>/ { print $3 }' \
| sort -u \
| xargs -r dpkg-query -S \
| cut -d: -f1 \
| sort -u \
| xargs -rt apt-mark manual; \
\
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*
# set recommended PHP.ini settings
# see https://secure.php.net/manual/en/opcache.installation.php
ENV MAX_EXECUTION_TIME 600
ENV MEMORY_LIMIT 512M
ENV UPLOAD_LIMIT 2048K
RUN set -ex; \
\
{ \
echo 'opcache.memory_consumption=128'; \
echo 'opcache.interned_strings_buffer=8'; \
echo 'opcache.max_accelerated_files=4000'; \
echo 'opcache.revalidate_freq=2'; \
echo 'opcache.fast_shutdown=1'; \
} > $PHP_INI_DIR/conf.d/opcache-recommended.ini; \
\
{ \
echo 'session.cookie_httponly=1'; \
echo 'session.use_strict_mode=1'; \
} > $PHP_INI_DIR/conf.d/session-strict.ini; \
\
{ \
echo 'allow_url_fopen=Off'; \
echo 'max_execution_time=${MAX_EXECUTION_TIME}'; \
echo 'max_input_vars=10000'; \
echo 'memory_limit=${MEMORY_LIMIT}'; \
echo 'post_max_size=${UPLOAD_LIMIT}'; \
echo 'upload_max_filesize=${UPLOAD_LIMIT}'; \
} > $PHP_INI_DIR/conf.d/phpmyadmin-misc.ini
# Calculate download URL
ENV VERSION 4.7.5
ENV URL https://files.phpmyadmin.net/phpMyAdmin/${VERSION}/phpMyAdmin-${VERSION}-all-languages.tar.gz
LABEL version=$VERSION
ENV VERSION 5.1.1
ENV SHA256 1964d7190223c11e89fa1b7970c618e3a3bae2e859f5f60383f64c3848ef6921
ENV URL https://files.phpmyadmin.net/phpMyAdmin/${VERSION}/phpMyAdmin-${VERSION}-all-languages.tar.xz
LABEL org.opencontainers.image.title="Official phpMyAdmin Docker image" \
org.opencontainers.image.description="Run phpMyAdmin with Alpine, Apache and PHP FPM." \
org.opencontainers.image.authors="The phpMyAdmin Team <developers@phpmyadmin.net>" \
org.opencontainers.image.vendor="phpMyAdmin" \
org.opencontainers.image.documentation="https://github.com/phpmyadmin/docker#readme" \
org.opencontainers.image.licenses="GPL-2.0-only" \
org.opencontainers.image.version="${VERSION}" \
org.opencontainers.image.url="https://github.com/phpmyadmin/docker#readme" \
org.opencontainers.image.source="https://github.com/phpmyadmin/docker.git"
# Download tarball, verify it using gpg and extract
RUN set -x \
&& GNUPGHOME="$(mktemp -d)" \
&& export GNUPGHOME \
&& apk add --no-cache curl gnupg tar \
&& curl -sSL https://github.com/phpmyadmin/docker/archive/${VERSION}-1.tar.gz | \
tar xz --strip 1 -C / docker-${VERSION}-1/etc docker-${VERSION}-1/run.sh docker-${VERSION}-1/phpmyadmin.keyring \
&& curl --output phpMyAdmin.tar.gz --location $URL \
&& curl --output phpMyAdmin.tar.gz.asc --location $URL.asc \
&& gpgv --keyring /phpmyadmin.keyring phpMyAdmin.tar.gz.asc phpMyAdmin.tar.gz \
&& apk del --no-cache curl gnupg tar \
&& rm -rf "$GNUPGHOME" \
&& tar xzf phpMyAdmin.tar.gz \
&& rm -f phpMyAdmin.tar.gz phpMyAdmin.tar.gz.asc \
&& mv phpMyAdmin-$VERSION-all-languages /www \
&& rm -rf /www/setup/ /www/examples/ /www/test/ /www/po/ /www/composer.json /www/RELEASE-DATE-$VERSION \
&& sed -i "s@define('CONFIG_DIR'.*@define('CONFIG_DIR', '/etc/phpmyadmin/');@" /www/libraries/vendor_config.php \
&& chown -R root:nobody /www \
&& find /www -type d -exec chmod 750 {} \; \
&& find /www -type f -exec chmod 640 {} \;
RUN set -ex; \
\
savedAptMark="$(apt-mark showmanual)"; \
\
apt-get update; \
apt-get install -y --no-install-recommends \
gnupg \
dirmngr \
; \
\
export GNUPGHOME="$(mktemp -d)"; \
export GPGKEY="3D06A59ECE730EB71B511C17CE752F178259BD92"; \
curl -fsSL -o phpMyAdmin.tar.xz $URL; \
curl -fsSL -o phpMyAdmin.tar.xz.asc $URL.asc; \
echo "$SHA256 *phpMyAdmin.tar.xz" | sha256sum -c -; \
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$GPGKEY" \
|| gpg --batch --keyserver pgp.mit.edu --recv-keys "$GPGKEY" \
|| gpg --batch --keyserver keyserver.pgp.com --recv-keys "$GPGKEY" \
|| gpg --batch --keyserver keys.openpgp.org --recv-keys "$GPGKEY"; \
gpg --batch --verify phpMyAdmin.tar.xz.asc phpMyAdmin.tar.xz; \
tar -xf phpMyAdmin.tar.xz -C /var/www/html --strip-components=1; \
mkdir -p /var/www/html/tmp; \
chown www-data:www-data /var/www/html/tmp; \
gpgconf --kill all; \
rm -r "$GNUPGHOME" phpMyAdmin.tar.xz phpMyAdmin.tar.xz.asc; \
rm -r -v /var/www/html/setup/ /var/www/html/examples/ /var/www/html/js/src/ /var/www/html/templates/test/ /var/www/html/babel.config.json /var/www/html/doc/html/_sources/ /var/www/html/RELEASE-DATE-$VERSION /var/www/html/CONTRIBUTING.md; \
sed -i "s@define('CONFIG_DIR'.*@define('CONFIG_DIR', '/etc/phpmyadmin/');@" /var/www/html/libraries/vendor_config.php; \
\
apt-mark auto '.*' > /dev/null; \
apt-mark manual $savedAptMark; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*
# Add directory for sessions to allow session persistence
RUN mkdir /sessions
# Copy configuration
COPY config.inc.php /etc/phpmyadmin/config.inc.php
# We expose phpMyAdmin on port 80
EXPOSE 80
# Copy main script
COPY docker-entrypoint.sh /docker-entrypoint.sh
ENTRYPOINT [ "/run.sh" ]
CMD ["phpmyadmin"]
ENTRYPOINT [ "/docker-entrypoint.sh" ]
CMD ["apache2-foreground"]

View File

@ -0,0 +1,152 @@
<?php
require('/etc/phpmyadmin/config.secret.inc.php');
/* Ensure we got the environment */
$vars = array(
'PMA_ARBITRARY',
'PMA_HOST',
'PMA_HOSTS',
'PMA_VERBOSE',
'PMA_VERBOSES',
'PMA_PORT',
'PMA_PORTS',
'PMA_SOCKET',
'PMA_SOCKETS',
'PMA_USER',
'PMA_PASSWORD',
'PMA_ABSOLUTE_URI',
'PMA_CONTROLHOST',
'PMA_CONTROLPORT',
'PMA_PMADB',
'PMA_CONTROLUSER',
'PMA_CONTROLPASS',
'PMA_QUERYHISTORYDB',
'PMA_QUERYHISTORYMAX',
'MAX_EXECUTION_TIME',
'MEMORY_LIMIT'
);
foreach ($vars as $var) {
$env = getenv($var);
if (!isset($_ENV[$var]) && $env !== false) {
$_ENV[$var] = $env;
}
}
if (isset($_ENV['PMA_QUERYHISTORYDB'])) {
$cfg['QueryHistoryDB'] = boolval($_ENV['PMA_QUERYHISTORYDB']);
}
if (isset($_ENV['PMA_QUERYHISTORYMAX'])) {
$cfg['QueryHistoryMax'] = intval($_ENV['PMA_QUERYHISTORYMAX']);
}
/* Arbitrary server connection */
if (isset($_ENV['PMA_ARBITRARY']) && $_ENV['PMA_ARBITRARY'] === '1') {
$cfg['AllowArbitraryServer'] = true;
}
/* Play nice behind reverse proxys */
if (isset($_ENV['PMA_ABSOLUTE_URI'])) {
$cfg['PmaAbsoluteUri'] = trim($_ENV['PMA_ABSOLUTE_URI']);
}
/* Figure out hosts */
/* Fallback to default linked */
$hosts = array('db');
/* Set by environment */
if (!empty($_ENV['PMA_HOST'])) {
$hosts = array($_ENV['PMA_HOST']);
$verbose = array($_ENV['PMA_VERBOSE']);
$ports = array($_ENV['PMA_PORT']);
} elseif (!empty($_ENV['PMA_HOSTS'])) {
$hosts = array_map('trim', explode(',', $_ENV['PMA_HOSTS']));
$verbose = array_map('trim', explode(',', $_ENV['PMA_VERBOSES']));
$ports = array_map('trim', explode(',', $_ENV['PMA_PORTS']));
}
if (!empty($_ENV['PMA_SOCKET'])) {
$sockets = array($_ENV['PMA_SOCKET']);
} elseif (!empty($_ENV['PMA_SOCKETS'])) {
$sockets = explode(',', $_ENV['PMA_SOCKETS']);
}
/* Server settings */
for ($i = 1; isset($hosts[$i - 1]); $i++) {
$cfg['Servers'][$i]['host'] = $hosts[$i - 1];
if (isset($verbose[$i - 1])) {
$cfg['Servers'][$i]['verbose'] = $verbose[$i - 1];
}
if (isset($ports[$i - 1])) {
$cfg['Servers'][$i]['port'] = $ports[$i - 1];
}
if (isset($_ENV['PMA_USER'])) {
$cfg['Servers'][$i]['auth_type'] = 'config';
$cfg['Servers'][$i]['user'] = $_ENV['PMA_USER'];
$cfg['Servers'][$i]['password'] = isset($_ENV['PMA_PASSWORD']) ? $_ENV['PMA_PASSWORD'] : '';
} else {
$cfg['Servers'][$i]['auth_type'] = 'cookie';
}
if (isset($_ENV['PMA_PMADB'])) {
$cfg['Servers'][$i]['pmadb'] = $_ENV['PMA_PMADB'];
$cfg['Servers'][$i]['relation'] = 'pma__relation';
$cfg['Servers'][$i]['table_info'] = 'pma__table_info';
$cfg['Servers'][$i]['table_coords'] = 'pma__table_coords';
$cfg['Servers'][$i]['pdf_pages'] = 'pma__pdf_pages';
$cfg['Servers'][$i]['column_info'] = 'pma__column_info';
$cfg['Servers'][$i]['bookmarktable'] = 'pma__bookmark';
$cfg['Servers'][$i]['history'] = 'pma__history';
$cfg['Servers'][$i]['recent'] = 'pma__recent';
$cfg['Servers'][$i]['favorite'] = 'pma__favorite';
$cfg['Servers'][$i]['table_uiprefs'] = 'pma__table_uiprefs';
$cfg['Servers'][$i]['tracking'] = 'pma__tracking';
$cfg['Servers'][$i]['userconfig'] = 'pma__userconfig';
$cfg['Servers'][$i]['users'] = 'pma__users';
$cfg['Servers'][$i]['usergroups'] = 'pma__usergroups';
$cfg['Servers'][$i]['navigationhiding'] = 'pma__navigationhiding';
$cfg['Servers'][$i]['savedsearches'] = 'pma__savedsearches';
$cfg['Servers'][$i]['central_columns'] = 'pma__central_columns';
$cfg['Servers'][$i]['designer_settings'] = 'pma__designer_settings';
$cfg['Servers'][$i]['export_templates'] = 'pma__export_templates';
}
if (isset($_ENV['PMA_CONTROLHOST'])) {
$cfg['Servers'][$i]['controlhost'] = $_ENV['PMA_CONTROLHOST'];
}
if (isset($_ENV['PMA_CONTROLPORT'])) {
$cfg['Servers'][$i]['controlport'] = $_ENV['PMA_CONTROLPORT'];
}
if (isset($_ENV['PMA_CONTROLUSER'])) {
$cfg['Servers'][$i]['controluser'] = $_ENV['PMA_CONTROLUSER'];
}
if (isset($_ENV['PMA_CONTROLPASS'])) {
$cfg['Servers'][$i]['controlpass'] = $_ENV['PMA_CONTROLPASS'];
}
$cfg['Servers'][$i]['compress'] = false;
$cfg['Servers'][$i]['AllowNoPassword'] = true;
}
for ($i = 1; isset($sockets[$i - 1]); $i++) {
$cfg['Servers'][$i]['socket'] = $sockets[$i - 1];
$cfg['Servers'][$i]['host'] = 'localhost';
}
/*
* Revert back to last configured server to make
* it easier in config.user.inc.php
*/
$i--;
/* Uploads setup */
$cfg['UploadDir'] = '';
$cfg['SaveDir'] = '';
if (isset($_ENV['MAX_EXECUTION_TIME'])) {
$cfg['ExecTimeLimit'] = $_ENV['MAX_EXECUTION_TIME'];
}
if (isset($_ENV['MEMORY_LIMIT'])) {
$cfg['MemoryLimit'] = $_ENV['MEMORY_LIMIT'];
}
/* Include User Defined Settings Hook */
if (file_exists('/etc/phpmyadmin/config.user.inc.php')) {
include('/etc/phpmyadmin/config.user.inc.php');
}

View File

@ -1,19 +1,9 @@
phpmyadmin:
image: easypi/phpmyadmin-arm
ports:
- "8080:80"
environment:
- PMA_HOST=mysql
- PMA_PORT=3306
links:
- mysql
restart: always
mysql:
image: easypi/mariadb-arm
ports:
- "3306:3306"
environment:
- MYSQL_ROOT_PASSWORD=root
- MYSQL_DATABASE=wordpress
restart: always
version: "3.8"
services:
phpmyadmin:
image: easypi/phpmyadmin-arm64
ports:
- "8080:80"
environment:
- PMA_ARBITRARY=1
restart: unless-stopped

View File

@ -0,0 +1,50 @@
#!/bin/bash
if [[ "$1" == apache2* ]] || [ "$1" == php-fpm ]; then
if [ ! -f /etc/phpmyadmin/config.secret.inc.php ]; then
cat > /etc/phpmyadmin/config.secret.inc.php <<EOT
<?php
\$cfg['blowfish_secret'] = '$(tr -dc 'a-zA-Z0-9~!@#$%^&*_()+}{?></";.,[]=-' < /dev/urandom | fold -w 32 | head -n 1)';
EOT
fi
if [ ! -f /etc/phpmyadmin/config.user.inc.php ]; then
touch /etc/phpmyadmin/config.user.inc.php
fi
fi
if [ ! -z "${HIDE_PHP_VERSION}" ]; then
echo "PHP version is now hidden."
echo -e 'expose_php = Off\n' > $PHP_INI_DIR/conf.d/phpmyadmin-hide-php-version.ini
fi
if [ ! -z "${PMA_CONFIG_BASE64}" ]; then
echo "Adding the custom config.inc.php from base64."
echo "${PMA_CONFIG_BASE64}" | base64 -d > /etc/phpmyadmin/config.inc.php
fi
if [ ! -z "${PMA_USER_CONFIG_BASE64}" ]; then
echo "Adding the custom config.user.inc.php from base64."
echo "${PMA_USER_CONFIG_BASE64}" | base64 -d > /etc/phpmyadmin/config.user.inc.php
fi
get_docker_secret() {
local env_var="${1}"
local env_var_file="${env_var}_FILE"
# Check if the variable with name $env_var_file (which is $PMA_PASSWORD_FILE for example)
# is not empty and export $PMA_PASSWORD as the password in the Docker secrets file
if [[ -n "${!env_var_file}" ]]; then
export "${env_var}"="$(cat "${!env_var_file}")"
fi
}
get_docker_secret PMA_PASSWORD
get_docker_secret MYSQL_ROOT_PASSWORD
get_docker_secret MYSQL_PASSWORD
get_docker_secret PMA_HOSTS
get_docker_secret PMA_HOST
get_docker_secret PMA_CONTROLPASS
exec "$@"

View File

@ -1,8 +1,9 @@
phpmyadmin:
image: phpmyadmin/phpmyadmin
ports:
- "8080:80"
environment:
- PMA_HOST=dbhost
- PMA_PORT=3306
restart: always
version: "3.8"
services:
phpmyadmin:
image: phpmyadmin/phpmyadmin
ports:
- "8080:80"
environment:
- PMA_ARBITRARY=1
restart: unless-stopped