William Denniss

Configuring phpMyAdmin with CloudSQL, RDS, and Docker

Published
Copy as Markdown

I still have a place in my heart for phpMyAdmin, that tool that I was introduced when developing PHP on my shared hosting provider many moons ago. It’s just a great way to inspect your MariaDB/MySQL databases.

These days I don’t install any web applications (or databases) on my local machine, I use Docker for everything, and Docker Compose in particular, to get repeatable environments.

Here’s what I use for phpMyAdmin:

My Dockerfile is really simple:

FROM phpmyadmin/phpmyadmin
ADD config/ /etc/phpmyadmin/

Dockerfile

I’m just adding my own personal config folder to the base image.

In my config file, I have my client certificates, and pre-load a bunch of servers to connect to. Here’s the configuration options I’ve used for 3 environments: GCP, local Docker images, and AWS.

/* GCP Cloud SQL */ 
$i++;
# https://docs.phpmyadmin.net/en/latest/setup.html#ssl
/* Authentication type */
$cfg['Servers'][$i]['auth_type'] = 'cookie';
/* Server parameters */
$cfg['Servers'][$i]['host'] = '<IP ADDRESS>';
$cfg['Servers'][$i]['compress'] = false;
$cfg['Servers'][$i]['AllowNoPassword'] = false;
$cfg['Servers'][$i]['ssl'] = true;
$cfg['Servers'][$i]['ssl_ca'] = '/etc/phpmyadmin/gcp-server-ca.pem';
$cfg['Servers'][$i]['ssl_key'] = '/etc/phpmyadmin/gcp-client-key.pem';
$cfg['Servers'][$i]['ssl_cert'] = '/etc/phpmyadmin/gcp-client-cert.pem';
$cfg['Servers'][$i]['ssl_verify'] = false;

/* Docker */
$i++;
/* Authentication type */
$cfg['Servers'][$i]['auth_type'] = 'cookie';
/* Server parameters */
$cfg['Servers'][$i]['host'] = 'host.docker.internal';
$cfg['Servers'][$i]['compress'] = false;
$cfg['Servers'][$i]['AllowNoPassword'] = false;
$cfg['Servers'][$i]['ssl'] = false;

/* AWS RDS */

$i++;
/* Authentication type */
$cfg['Servers'][$i]['auth_type'] = 'cookie';
/* Server parameters */
$cfg['Servers'][$i]['host'] = '<HOSTNAME>.rds.amazonaws.com';
$cfg['Servers'][$i]['compress'] = false;
$cfg['Servers'][$i]['AllowNoPassword'] = false;
$cfg['Servers'][$i]['ssl'] = true;
$cfg['Servers'][$i]['ssl_ca'] = '/etc/phpmyadmin/amazon-rds-ca-cert.pem';

config/config.user.inc.php

I put this file in /config, along with my SSL certs, and then it’s a simple docker-compose build; docker-compose up to build and run.

The GCP and AWS configuration is hopefully fairly obvious. These two clouds have different ways to connect to SSL, so I thought it might be useful to share how this is configured in phpMyAdmin.

The middle one: host.docker.internal connects to the default MySQL port on my host machine. How this works, is that I define a MySQL service in another Docker Compose file, and forward port 3306 to my machine (allowing me to connect to it directly from my machine, or from a separate compose file, such as phpMyAdmin via the host).

Here’s a snippit from a larger compose file exposing such a database:

  db:
    image: mysql:5.7
    volumes:
      - db_data:/var/lib/mysql
    restart: always
    environment:
      MYSQL_ROOT_PASSWORD: <password>
      MYSQL_DATABASE: db_name
      MYSQL_USER: user_name
      MYSQL_PASSWORD: user_password
    ports:
      - "3306:3306"

As always one of the best parts about Docker is portability and repeatability. Once this is setup, I can build and run phpMyAdmin anywhere I need and connect to my personal list of servers.

You can clone this entire setup from my git repo.