Configuring phpMyAdmin with CloudSQL, RDS, and Docker

2 min read

I still have a place in my heart for phpMyAdmin, that tool that I was introduced when developing PHP on my shared hosting provider many moons ago. It’s just a great way to inspect your MariaDB/MySQL databases.

These days I don’t install any web applications (or databases) on my local machine, I use Docker for everything, and Docker Compose in particular, to get repeatable environments.

Here’s what I use for phpMyAdmin:

My Dockerfile is really simple:

FROM phpmyadmin/phpmyadmin
ADD config/ /etc/phpmyadmin/

Dockerfile

I’m just adding my own personal config folder to the base image.

In my config file, I have my client certificates, and pre-load a bunch of servers to connect to. Here’s the configuration options I’ve used for 3 environments: GCP, local Docker images, and AWS.

/* GCP Cloud SQL */ 
$i++;
# https://docs.phpmyadmin.net/en/latest/setup.html#ssl
/* Authentication type */
$cfg['Servers'][$i]['auth_type'] = 'cookie';
/* Server parameters */
$cfg['Servers'][$i]['host'] = '<IP ADDRESS>';
$cfg['Servers'][$i]['compress'] = false;
$cfg['Servers'][$i]['AllowNoPassword'] = false;
$cfg['Servers'][$i]['ssl'] = true;
$cfg['Servers'][$i]['ssl_ca'] = '/etc/phpmyadmin/gcp-server-ca.pem';
$cfg['Servers'][$i]['ssl_key'] = '/etc/phpmyadmin/gcp-client-key.pem';
$cfg['Servers'][$i]['ssl_cert'] = '/etc/phpmyadmin/gcp-client-cert.pem';
$cfg['Servers'][$i]['ssl_verify'] = false;

/* Docker */
$i++;
/* Authentication type */
$cfg['Servers'][$i]['auth_type'] = 'cookie';
/* Server parameters */
$cfg['Servers'][$i]['host'] = 'host.docker.internal';
$cfg['Servers'][$i]['compress'] = false;
$cfg['Servers'][$i]['AllowNoPassword'] = false;
$cfg['Servers'][$i]['ssl'] = false;

/* AWS RDS */

$i++;
/* Authentication type */
$cfg['Servers'][$i]['auth_type'] = 'cookie';
/* Server parameters */
$cfg['Servers'][$i]['host'] = '<HOSTNAME>.rds.amazonaws.com';
$cfg['Servers'][$i]['compress'] = false;
$cfg['Servers'][$i]['AllowNoPassword'] = false;
$cfg['Servers'][$i]['ssl'] = true;
$cfg['Servers'][$i]['ssl_ca'] = '/etc/phpmyadmin/amazon-rds-ca-cert.pem';

config/config.user.inc.php

I put this file in /config, along with my SSL certs, and then it’s a simple docker-compose build; docker-compose up to build and run.

The GCP and AWS configuration is hopefully fairly obvious. These two clouds have different ways to connect to SSL, so I thought it might be useful to share how this is configured in phpMyAdmin.

The middle one: host.docker.internal connects to the default MySQL port on my host machine. How this works, is that I define a MySQL service in another Docker Compose file, and forward port 3306 to my machine (allowing me to connect to it directly from my machine, or from a separate compose file, such as phpMyAdmin via the host).

Here’s a snippit from a larger compose file exposing such a database:

  db:
    image: mysql:5.7
    volumes:
      - db_data:/var/lib/mysql
    restart: always
    environment:
      MYSQL_ROOT_PASSWORD: <password>
      MYSQL_DATABASE: db_name
      MYSQL_USER: user_name
      MYSQL_PASSWORD: user_password
    ports:
      - "3306:3306"

As always one of the best parts about Docker is portability and repeatability. Once this is setup, I can build and run phpMyAdmin anywhere I need and connect to my personal list of servers.

You can clone this entire setup from my git repo.

If you found the above content useful, you may be interested in my book Kubernetes Quickly published by Manning, which covers this and many other topics for deploying applications on Kubernetes.