Merge pull request #478 from mrbig00/patch-1

Config phpmyadmin 4.8.4 to autologin

.devilbox/www/htdocs/vendor/phpmyadmin-4.0/config.inc.php

@@ -27,13 +27,21 @@ $i = 0;
  * First server
  */
 $i++;
+
 /* Authentication type */
-$cfg['Servers'][$i]['auth_type'] = 'cookie';
+if (getenv('DEVILBOX_VENDOR_PHPMYADMIN_AUTOLOGIN') == 1) {
+    $cfg['Servers'][$i]['auth_type'] = 'config';
+    $cfg['Servers'][$i]['user'] = 'root';
+    $cfg['Servers'][$i]['password'] = getenv('MYSQL_ROOT_PASSWORD');
+} else {
+    $cfg['Servers'][$i]['auth_type'] = 'cookie';
+}
+
 /* Server parameters */
 $cfg['Servers'][$i]['host'] = 'mysql';
 $cfg['Servers'][$i]['connect_type'] = 'tcp';
 $cfg['Servers'][$i]['compress'] = false;
-$cfg['Servers'][$i]['AllowNoPassword'] = TRUE;
+$cfg['Servers'][$i]['AllowNoPassword'] = true;
 /* Select mysql if your server does not have mysqli */
 $cfg['Servers'][$i]['extension'] = 'mysqli';
 

.devilbox/www/htdocs/vendor/phpmyadmin-4.8.4/config.inc.php

@@ -30,10 +30,16 @@ $i = 0;
  * First server
  */
 $i++;
-/* Authentication type */
-$cfg['Servers'][$i]['auth_type'] = 'cookie';
+if (getenv('DEVILBOX_VENDOR_PHPMYADMIN_AUTOLOGIN') == 1) {
+    /* Authentication type */
+    $cfg['Servers'][$i]['auth_type'] = 'config';
+    $cfg['Servers'][$i]['user'] = 'root';
+    $cfg['Servers'][$i]['password'] = getenv('MYSQL_ROOT_PASSWORD');
+} else {
+    $cfg['Servers'][$i]['auth_type'] = 'cookie';
+}
 /* Server parameters */
-$cfg['Servers'][$i]['host'] = '127.0.0.1';
+$cfg['Servers'][$i]['host'] = 'mysql';
 $cfg['Servers'][$i]['compress'] = false;
 $cfg['Servers'][$i]['AllowNoPassword'] = true;
 

.tests/intra-tests/vendor-phpmyadmin.sh

@@ -80,202 +80,202 @@ else
 fi
 
 
-###
-### Ensure given phpMyAdmin version works
-###
-
-printf "[TEST] Fetch ${URL}"
-# 1st Try
-if ! curl -sS localhost${URL} | tac | tac | grep -Eiq "welcome to.+phpMyAdmin"; then
-	# 2nd Try
-	sleep 1
-	if ! curl -sS localhost${URL} | tac | tac | grep -Eiq "welcome to.+phpMyAdmin"; then
-		# 3rd Try
-		sleep 1
-		if ! curl -sS localhost${URL} | tac | tac | grep -Eiq "welcome to.+phpMyAdmin"; then
-			printf "\r[FAIL] Fetch ${URL}\n"
-			curl -sS localhost/${URL} || true
-			curl -sSI localhost/${URL} || true
-			exit 1
-		else
-			printf "\r[OK]   Fetch ${URL} (3 rounds)\n"
-		fi
-	else
-		printf "\r[OK]   Fetch ${URL} (2 rounds)\n"
-	fi
-else
-	printf "\r[OK]   Fetch ${URL} (1 round)\n"
-fi
-
-
-###
-### Login
-###
-
-TOKEN=
-printf "[TEST] Retrieve phpMyAdmin login page"
-while true; do
-	# Try again until it succeeds
-	if ! CONTENT="$( curl -sS -c cookie.txt localhost${URL} )"; then
-		rm -f cookie.txt
-		printf "e"
-		continue;
-	fi
-	# Extract the token
-	if ! TOKEN="$( echo "${CONTENT}" \
-		| grep -Eo "name=\"token\" value=\".+\"" \
-		| head -1 \
-		| grep -Eo "value=\".+\"" \
-		| sed -e 's/^value="//g' -e 's/"$//g' )"; then
-		rm -f cookie.txt
-		printf "w"
-		continue;
-	fi
-	# Ensure Token does not contain '!'
-	if echo "${TOKEN}" | grep -q "!"; then
-		rm -f cookie.txt
-		printf "!"
-		continue;
-	fi
-	# Ensure Token does not contain '&'
-	if echo "${TOKEN}" | grep -q "&"; then
-		rm -f cookie.txt
-		printf "&"
-		continue;
-	fi
-	# Ensure Token does not contain '?'
-	if echo "${TOKEN}" | grep -q "?"; then
-		rm -f cookie.txt
-		printf "?"
-		continue;
-	fi
-	# Ensure Token does not contain '"'
-	if echo "${TOKEN}" | grep -q "\""; then
-		rm -f cookie.txt
-		printf "\""
-		continue;
-	fi
-	# Ensure Token does not contain '
-	if echo "${TOKEN}" | grep -q "'"; then
-		rm -f cookie.txt
-		printf "'"
-		continue;
-	fi
-	# Ensure Token does not contain '@'
-	if echo "${TOKEN}" | grep -q "@"; then
-		rm -f cookie.txt
-		printf "@"
-		continue;
-	fi
-	# Ensure Token does not contain '\'
-	if echo "${TOKEN}" | grep -q "\\\\"; then
-		rm -f cookie.txt
-		printf "\\"
-		continue;
-	fi
-	# Ensure Token does not contain '='
-	if echo "${TOKEN}" | grep -q "="; then
-		rm -f cookie.txt
-		printf "="
-		continue;
-	fi
-	# Ensure Token does not contain '`'
-	if echo "${TOKEN}" | grep -q "\`"; then
-		rm -f cookie.txt
-		printf "\`"
-		continue;
-	fi
-	# Ensure Token does not contain '+'
-	if echo "${TOKEN}" | grep -q "+"; then
-		rm -f cookie.txt
-		printf "+"
-		continue;
-	fi
-	# Ensure Token does not contain ';'
-	if echo "${TOKEN}" | grep -q ";"; then
-		rm -f cookie.txt
-		printf ";"
-		continue;
-	fi
-	# Ensure Token does not contain '%'
-	if echo "${TOKEN}" | grep -q "%"; then
-		rm -f cookie.txt
-		printf "%%"
-		continue;
-	fi
-	# Ensure Token does not contain ']'
-	if echo "${TOKEN}" | grep -q "\]"; then
-		rm -f cookie.txt
-		printf "\]"
-		continue;
-	fi
-	# Ensure Token does not contain '['
-	if echo "${TOKEN}" | grep -q "\["; then
-		rm -f cookie.txt
-		printf "\["
-		continue;
-	fi
-	# Ensure Token does not contain '$'
-	if echo "${TOKEN}" | grep -q '\$'; then
-		rm -f cookie.txt
-		printf '\$'
-		continue;
-	fi
-
-	# All set
-	break
-done
-printf "\r[OK]   Retrieve phpMyAdmin login page\r\n"
-
-
-printf "[TEST] Exract phpMyAdmin login token"
-if ! TOKEN="$( echo "${CONTENT}" \
-	| grep -Eo "name=\"token\" value=\".+\"" \
-	| head -1 \
-	| grep -Eo "value=\".+\"" \
-	| sed -e 's/^value="//g' -e 's/"$//g' )"; then
-	printf "\r[FAIL] Exract phpMyAdmin login token\n"
-	rm -f cookie.txt || true
-	echo "${CONTENT}"
-	exit 1
-fi
-printf "\r[OK]   Exract phpMyAdmin login token: \"%s\"\n" "${TOKEN}"
-
-printf "[TEST] Extract phpMyAdmin login session"
-if ! SESSION="$( echo "${CONTENT}" \
-	| grep -Eo "name=\"set_session\" value=\"[A-Fa-f0-9]+\"" \
-	| grep -Eo "value=\"[A-Fa-f0-9]+\"" \
-	| sed -e 's/^value="//g' -e 's/"$//g' )"; then
-	printf "\r[OK]   Extract phpMyAdmin login session (not available)\n"
-	SESSION=""
-else
-	printf "\r[OK]   Extract phpMyAdmin login session: \"%s\"\n" "${SESSION}"
-fi
-
-
-printf "[TEST] Submit phpMyAdmin POST login"
-# 1st Try
-if ! curl -sS -c cookie.txt -b cookie.txt -d "pma_username=root&pma_password=&server=1&target=index.php&token=${TOKEN}&set_session=${SESSION}" localhost${URL}; then
-	# 2nd Try
-	sleep 1
-	if ! curl -sS -c cookie.txt -b cookie.txt -d "pma_username=root&pma_password=&server=1&target=index.php&token=${TOKEN}&set_session=${SESSION}" localhost${URL}; then
-		# 3rd Try
-		sleep 1
-		if ! curl -sS -c cookie.txt -b cookie.txt -d "pma_username=root&pma_password=&server=1&target=index.php&token=${TOKEN}&set_session=${SESSION}" localhost${URL}; then
-			printf "\r[FAIL] Submit phpMyAdmin POST login\n"
-			curl -sS -c cookie.txt -b cookie.txt localhost/${URL} || true
-			curl -sSI -c cookie.txt -b cookie.txt localhost/${URL} || true
-			rm -f cookie.txt || true
-			exit 1
-		else
-			printf "\r[OK]   Submit phpMyAdmin POST login (3 rounds)\n"
-		fi
-	else
-		printf "\r[OK]   Submit phpMyAdmin POST login (2 rounds)\n"
-	fi
-else
-	printf "\r[OK]   Submit phpMyAdmin POST login (1 round)\n"
-fi
+####
+#### Ensure given phpMyAdmin version works
+####
+#
+#printf "[TEST] Fetch ${URL}"
+## 1st Try
+#if ! curl -sS localhost${URL} | tac | tac | grep -Eiq "welcome to.+phpMyAdmin"; then
+#	# 2nd Try
+#	sleep 1
+#	if ! curl -sS localhost${URL} | tac | tac | grep -Eiq "welcome to.+phpMyAdmin"; then
+#		# 3rd Try
+#		sleep 1
+#		if ! curl -sS localhost${URL} | tac | tac | grep -Eiq "welcome to.+phpMyAdmin"; then
+#			printf "\r[FAIL] Fetch ${URL}\n"
+#			curl -sS localhost/${URL} || true
+#			curl -sSI localhost/${URL} || true
+#			exit 1
+#		else
+#			printf "\r[OK]   Fetch ${URL} (3 rounds)\n"
+#		fi
+#	else
+#		printf "\r[OK]   Fetch ${URL} (2 rounds)\n"
+#	fi
+#else
+#	printf "\r[OK]   Fetch ${URL} (1 round)\n"
+#fi
+#
+#
+####
+#### Login
+####
+#
+#TOKEN=
+#printf "[TEST] Retrieve phpMyAdmin login page"
+#while true; do
+#	# Try again until it succeeds
+#	if ! CONTENT="$( curl -sS -c cookie.txt localhost${URL} )"; then
+#		rm -f cookie.txt
+#		printf "e"
+#		continue;
+#	fi
+#	# Extract the token
+#	if ! TOKEN="$( echo "${CONTENT}" \
+#		| grep -Eo "name=\"token\" value=\".+\"" \
+#		| head -1 \
+#		| grep -Eo "value=\".+\"" \
+#		| sed -e 's/^value="//g' -e 's/"$//g' )"; then
+#		rm -f cookie.txt
+#		printf "w"
+#		continue;
+#	fi
+#	# Ensure Token does not contain '!'
+#	if echo "${TOKEN}" | grep -q "!"; then
+#		rm -f cookie.txt
+#		printf "!"
+#		continue;
+#	fi
+#	# Ensure Token does not contain '&'
+#	if echo "${TOKEN}" | grep -q "&"; then
+#		rm -f cookie.txt
+#		printf "&"
+#		continue;
+#	fi
+#	# Ensure Token does not contain '?'
+#	if echo "${TOKEN}" | grep -q "?"; then
+#		rm -f cookie.txt
+#		printf "?"
+#		continue;
+#	fi
+#	# Ensure Token does not contain '"'
+#	if echo "${TOKEN}" | grep -q "\""; then
+#		rm -f cookie.txt
+#		printf "\""
+#		continue;
+#	fi
+#	# Ensure Token does not contain '
+#	if echo "${TOKEN}" | grep -q "'"; then
+#		rm -f cookie.txt
+#		printf "'"
+#		continue;
+#	fi
+#	# Ensure Token does not contain '@'
+#	if echo "${TOKEN}" | grep -q "@"; then
+#		rm -f cookie.txt
+#		printf "@"
+#		continue;
+#	fi
+#	# Ensure Token does not contain '\'
+#	if echo "${TOKEN}" | grep -q "\\\\"; then
+#		rm -f cookie.txt
+#		printf "\\"
+#		continue;
+#	fi
+#	# Ensure Token does not contain '='
+#	if echo "${TOKEN}" | grep -q "="; then
+#		rm -f cookie.txt
+#		printf "="
+#		continue;
+#	fi
+#	# Ensure Token does not contain '`'
+#	if echo "${TOKEN}" | grep -q "\`"; then
+#		rm -f cookie.txt
+#		printf "\`"
+#		continue;
+#	fi
+#	# Ensure Token does not contain '+'
+#	if echo "${TOKEN}" | grep -q "+"; then
+#		rm -f cookie.txt
+#		printf "+"
+#		continue;
+#	fi
+#	# Ensure Token does not contain ';'
+#	if echo "${TOKEN}" | grep -q ";"; then
+#		rm -f cookie.txt
+#		printf ";"
+#		continue;
+#	fi
+#	# Ensure Token does not contain '%'
+#	if echo "${TOKEN}" | grep -q "%"; then
+#		rm -f cookie.txt
+#		printf "%%"
+#		continue;
+#	fi
+#	# Ensure Token does not contain ']'
+#	if echo "${TOKEN}" | grep -q "\]"; then
+#		rm -f cookie.txt
+#		printf "\]"
+#		continue;
+#	fi
+#	# Ensure Token does not contain '['
+#	if echo "${TOKEN}" | grep -q "\["; then
+#		rm -f cookie.txt
+#		printf "\["
+#		continue;
+#	fi
+#	# Ensure Token does not contain '$'
+#	if echo "${TOKEN}" | grep -q '\$'; then
+#		rm -f cookie.txt
+#		printf '\$'
+#		continue;
+#	fi
+#
+#	# All set
+#	break
+#done
+#printf "\r[OK]   Retrieve phpMyAdmin login page\r\n"
+#
+#
+#printf "[TEST] Exract phpMyAdmin login token"
+#if ! TOKEN="$( echo "${CONTENT}" \
+#	| grep -Eo "name=\"token\" value=\".+\"" \
+#	| head -1 \
+#	| grep -Eo "value=\".+\"" \
+#	| sed -e 's/^value="//g' -e 's/"$//g' )"; then
+#	printf "\r[FAIL] Exract phpMyAdmin login token\n"
+#	rm -f cookie.txt || true
+#	echo "${CONTENT}"
+#	exit 1
+#fi
+#printf "\r[OK]   Exract phpMyAdmin login token: \"%s\"\n" "${TOKEN}"
+#
+#printf "[TEST] Extract phpMyAdmin login session"
+#if ! SESSION="$( echo "${CONTENT}" \
+#	| grep -Eo "name=\"set_session\" value=\"[A-Fa-f0-9]+\"" \
+#	| grep -Eo "value=\"[A-Fa-f0-9]+\"" \
+#	| sed -e 's/^value="//g' -e 's/"$//g' )"; then
+#	printf "\r[OK]   Extract phpMyAdmin login session (not available)\n"
+#	SESSION=""
+#else
+#	printf "\r[OK]   Extract phpMyAdmin login session: \"%s\"\n" "${SESSION}"
+#fi
+#
+#
+#printf "[TEST] Submit phpMyAdmin POST login"
+## 1st Try
+#if ! curl -sS -c cookie.txt -b cookie.txt -d "pma_username=root&pma_password=&server=1&target=index.php&token=${TOKEN}&set_session=${SESSION}" localhost${URL}; then
+#	# 2nd Try
+#	sleep 1
+#	if ! curl -sS -c cookie.txt -b cookie.txt -d "pma_username=root&pma_password=&server=1&target=index.php&token=${TOKEN}&set_session=${SESSION}" localhost${URL}; then
+#		# 3rd Try
+#		sleep 1
+#		if ! curl -sS -c cookie.txt -b cookie.txt -d "pma_username=root&pma_password=&server=1&target=index.php&token=${TOKEN}&set_session=${SESSION}" localhost${URL}; then
+#			printf "\r[FAIL] Submit phpMyAdmin POST login\n"
+#			curl -sS -c cookie.txt -b cookie.txt localhost/${URL} || true
+#			curl -sSI -c cookie.txt -b cookie.txt localhost/${URL} || true
+#			rm -f cookie.txt || true
+#			exit 1
+#		else
+#			printf "\r[OK]   Submit phpMyAdmin POST login (3 rounds)\n"
+#		fi
+#	else
+#		printf "\r[OK]   Submit phpMyAdmin POST login (2 rounds)\n"
+#	fi
+#else
+#	printf "\r[OK]   Submit phpMyAdmin POST login (1 round)\n"
+#fi
 
 
 printf "[TEST] Evaluate successful phpMyAdmin login"

docs/configuration-files/env-file.rst

@@ -495,7 +495,7 @@ password by which it will be protected.
 .. _env_devilbox_ui_enable:
 
 DEVILBOX_UI_ENABLE
--------------------
+------------------
 
 In case you want to completely disable the Devilbox intranet, such as when running it on production,
 you need to set this variable to ``0``.
@@ -511,6 +511,20 @@ ordering their names alphabetically.
 +-------------------------+----------------+-------------------+
 
 
+DEVILBOX_VENDOR_PHPMYADMIN_AUTOLOGIN
+------------------------------------
+
+By default phpMyAdmin will autologin without having to specify username or password. The phpMyAdmin
+vendor is not protected once you protect the Intranet. If you want users to enter username and
+password here as well, you should set the value to ``0``.
+
++-------------------------------------------+----------------+-------------------+
+| Name                                      | Allowed values | Default value     |
++===========================================+================+===================+
+| ``DEVILBOX_VENDOR_PHPMYADMIN_AUTOLOGIN``  | ``0`` or ``1`` | ``1``             |
++-------------------------------------------+----------------+-------------------+
+
+
 Docker image versions
 =====================
 

env-example

@@ -128,7 +128,6 @@ TIMEZONE=Europe/Berlin
 
 
 
-
 ################################################################################
 ###
 ### INTRANET SETTINGS
@@ -203,6 +202,16 @@ DEVILBOX_UI_PASSWORD=password
 DEVILBOX_UI_ENABLE=1
 
 
+###
+### Automatically be logged in into phpMyAdmin
+###
+### Example:
+###   DEVILBOX_VENDOR_PHPMYADMIN_AUTOLOGIN=1
+###   DEVILBOX_VENDOR_PHPMYADMIN_AUTOLOGIN=0
+###
+DEVILBOX_VENDOR_PHPMYADMIN_AUTOLOGIN=1
+
+
 
 ################################################################################
 ###