add phpmyadmin

part of #5

CloudronManifest.json

@@ -22,7 +22,7 @@
   "tcpPorts": {
     "SFTP_PORT": {
       "title": "SFTP Port",
-      "description": "SFTP Port over which code can be pushed & pulled",
+      "description": "SFTP Port for syncing code. Disabling SFTP also disables phpMyAdmin",
       "defaultValue": 2222
     }
   },

Dockerfile

@@ -47,7 +47,7 @@ RUN sed -e "s,MaxSpareServers[^:].*,MaxSpareServers 5," -i /etc/apache2/mods-ava
 
 RUN a2disconf other-vhosts-access-log
 RUN echo "Listen 80" > /etc/apache2/ports.conf
-RUN a2enmod rewrite
+RUN a2enmod rewrite authnz_ldap
 
 # configure mod_php
 RUN crudini --set /etc/php/7.0/apache2/php.ini PHP upload_max_filesize 8M && \
@@ -58,7 +58,13 @@ RUN crudini --set /etc/php/7.0/apache2/php.ini PHP upload_max_filesize 8M && \
 RUN mv /etc/php/7.0/apache2/php.ini /etc/php/7.0/apache2/php.ini.orig && ln -sf /app/data/php.ini /etc/php/7.0/apache2/php.ini
 
 # configure site
-COPY apache2-app.conf /etc/apache2/sites-enabled/app.conf
+COPY apache2-app.conf /app/code/apache2-app.conf
+RUN ln -s /run/apache2/app.conf /etc/apache2/sites-enabled/app.conf
+
+# phpMyAdmin
+RUN mkdir -p /app/code/phpmyadmin && \
+    curl -L https://files.phpmyadmin.net/phpMyAdmin/4.7.0/phpMyAdmin-4.7.0-english.tar.gz | tar zxvf - -C /app/code/phpmyadmin --strip-components=1
+COPY phpmyadmin-config.inc.php /app/code/phpmyadmin/config.inc.php
 
 # configure proftpd
 ADD proftpd.conf /app/code/proftpd.conf.template

apache2-app.conf

@@ -10,4 +10,20 @@
         Require all granted
     </Directory>
 
+    ## PMA BEGIN
+
+    Alias /phpmyadmin /app/code/phpmyadmin
+ 
+    <Location /phpmyadmin>
+        AuthType Basic
+        AuthBasicProvider ldap
+        AuthName "Cloudron Authorization"
+        AuthLDAPURL ldap://url/basedn?username??(objectclass=user)
+        AuthLDAPBindDN abouttochange
+        AuthLDAPBindPassword abouttochange
+        Require valid-user
+    </Location>
+
+    ## PMA END
+
 </VirtualHost>

phpmyadmin-config.inc.php

@@ -0,0 +1,18 @@
+<?php
+$i = 0;
+$i++;
+$cfg['Servers'][$i]['auth_type'] = 'config';
+
+/* Server parameters */
+$cfg['Servers'][$i]['host'] = getenv("MYSQL_HOST");
+$cfg['Servers'][$i]['port'] = getenv("MYSQL_PORT");
+$cfg['Servers'][$i]['user'] = getenv("MYSQL_USERNAME");
+$cfg['Servers'][$i]['password'] = getenv("MYSQL_PASSWORD");
+$cfg['Servers'][$i]['only_db'] = array(getenv("MYSQL_DATABASE"));
+
+$cfg['Servers'][$i]['compress'] = false;
+$cfg['Servers'][$i]['AllowNoPassword'] = false;
+
+$cfg['UploadDir'] = '';
+$cfg['SaveDir'] = '';
+

start.sh

@@ -54,6 +54,17 @@ fi
 chmod 0600 /app/data/sftpd/*_key
 chmod 0644 /app/data/sftpd/*.pub
 
+## Generate apache config. PMA is disabled based on SFTP config
+if [[ "${disable_sftp}" == "true" ]]; then
+    echo "PMA disabled"
+    sed '/.*PMA BEGIN/,/.*PMA END/d' /app/code/apache2-app.conf > /run/apache2/app.conf
+else
+    sed -e "s@AuthLDAPURL .*@AuthLDAPURL ${LDAP_URL}/${LDAP_USERS_BASE_DN}?username??(objectclass=user)@" \
+        -e "s@AuthLDAPBindDN .*@AuthLDAPBindDN ${LDAP_BIND_DN}@" \
+        -e "s@AuthLDAPBindPassword .*@AuthLDAPBindPassword ${LDAP_BIND_PASSWORD}@" \
+        /app/code/apache2-app.conf > /run/apache2/app.conf
+fi
+
 ## hook for custom start script in /app/data/run.sh
 if [ -f "/app/data/run.sh" ]; then
     /bin/bash /app/data/run.sh