-
Notifications
You must be signed in to change notification settings - Fork 456
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
docker fpm-alpine image with apache reverse proxy #350
Comments
Hi @d3xt3r01 I transferred this issue here. I am not sure about where is the mistake but #253 (comment) may help you |
I've looked at it all day long...nothing there for apache... I still don't understand what I'm missing...
After which I modified httpd's config a bit
|
Further testing resulted in this fix... not sure if it's the right way of doing it...
|
First of all, thank you all of your effort to make these docker images possible. And sorry, if my text disturbs you, but after one day of searching solutions for the alpine-fpm version of phpmyadmin to work, I have to say, it is almost useless. And why I'm upset, is the lack of documentation. If I could read, how it is working exactly (btw. I think only one solution exists), I don't spend my all day to find out, that is not I want. My scenario are a non-dockerized apche2 reverse proxy and a dockerized alpine-fpm-phpmyadmin. Actually it is not working in this scenario. Why? Becasuse the php in the fpm docker is set to work with a few extensions (php(*), htm, etc.), so when you try to browse the pma directory, you are gonna face with the security.limit_extensions config option. In my oppinion, the weakening of the php security with an empty security.limit_extensions line is not an acceptable solution! You can try to share the pma docroot with a non-dockerized apache for serving the non-php files (like js), but it is impossible, because the docker bind mount actually removes every files in the pma docroot in this case, the docker volume is working actually (/var/lib/docker/volumes), but the path is inaccessable for the non-dockerized apache. I know, I can set the directory permission, but from the point of security is just not acceptable. I don't wanna only complain, so for those who wants to use this version of pma (fpm-alpine without webserver), I can tell, the only solution is a dockerized webserver beside the dockerized fpm-pma, and you can share the pma docroot between them with a docker volume (pma_web:/var/www/html). After that you can serve the rest of the non-php-files by this webserver. Unfortunately this scenario is not a soultion for me. I hope this can help for those who are like me, find the working solution, but don't understand why is it not working. Peace. |
For nginx:
|
HI. I think I got it. version: '3.8'
volumes:
phpmyadmin:
services:
www:
image: httpd:alpine
volumes:
- "./www:/usr/local/apache2/htdocs"
- "./conf/httpd/httpd.conf:/usr/local/apache2/conf/httpd.conf"
- "./conf/httpd/vhosts:/usr/local/apache2/conf.d/vhosts"
- phpmyadmin:/var/www/html/phpmyadmin #THIS LINE IS KEY
environment:
TZ: "${TZ}"
networks:
- default
restart: always
phpmyadminfpm:
Image: phpmyadmin:5-fpm-alpine
environment:
PMA_HOST: ${MYSQL_HOST}
TZ: ${TZ}
restart: always
volumes:
- phpmyadmin:/var/www/html #THIS LINE IS KEY phpmyadmin.conf: <VirtualHost *:80>
ServerName phfpm.localhost
RewriteEngine on
RewriteRule ^/?$ "http://%{SERVER_NAME}/index.php" [P,QSA,L]
ProxyPassMatch "^/(.*\.php)$" "fcgi://phpmyadminfpm:9000/var/www/html/" #THIS LINE IS KEY
ProxyPassReverse "^/(.*\.php)$" "fcgi://phpmyadminfpm:9000/var/www/html/" #THIS LINE IS KEY
DocumentRoot "/var/www/html/phpmyadmin" #THIS LINE IS KEY
<Directory "/var/www/html/phpmyadmin">
AllowOverride All
Require all granted
</Directory>
</VirtualHost> There's no need for security.limit_extensions override or nothing Please test it and tell me! |
This custom image might save the problems. |
Describe the bug
The default security.limit_extensions in php-fpm.d/www.conf doesn't allow the php-fpm to serve the other files.
To Reproduce
Use this docker-compose
Expected behavior
The UI to appear
Screenshots
The text "File not found."
Docker Logs
Server configuration
Client configuration
any ... cli/UI
Additional context
The documentation doesn't say anything about the apache reverse proxy so... I think we also need an example for apache. For example the
/var/www/html
is needed to be appended to the proxypass took me a little bit to figure out.Maybe also something to redirect / to index.php? in my solution / still says File not found.
Chrome refuses to show everything probably because of X-Content-Type-Options which if forcely removed will still cause it to render weirdly.
The text was updated successfully, but these errors were encountered: