Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Added phpMyAdmin and phpLDAPadmin to base image
John Gasper committed Aug 29, 2018
1 parent 799dbbd commit fae6d4e
Showing 6 changed files with 808 additions and 1 deletion.
9 changes: 9 additions & 0 deletions README.md
View file
@@ -27,10 +27,19 @@ Current tags:
- ex401.1.4
- ex401.1.5
- ex401.1.end
- ex401.2.1
- ex401.2.2
- ex401.2.3
- ex401.2.4

Browse to `https://localhost/grouper` for Grouper. There is also an app that dumps the SP user attributes at `https://localhost/app`.

# Users
- `banderson`/`password`: Grouper Administrator
- `jsmith`/`password`: standard user
- additional users can be found in <https://github.internet2.edu/docker/grouper_training/blob/master/base/container_files/seed-data/users.ldif#L56>

# Help apps

- phpMyAdmin - https://localhost/phpmyadmin/ - username: `root`, password: (blank)
- phpLDAPadmin - https://localhost/phpldapadmin/ - username: `cn=root,dc=internet2,dc=edu`, password: `password`
3 changes: 2 additions & 1 deletion base/Dockerfile
View file
@@ -12,7 +12,7 @@ ENV ENV=training \
USERTOKEN=3.2.0_base

RUN yum install -y epel-release \
&& yum install -y mariadb mariadb-server openldap openldap-clients openldap-servers \
&& yum install -y mariadb mariadb-server openldap openldap-clients openldap-servers phpMyAdmin phpldapadmin \
&& yum clean all

COPY container_files/seed-data/ /seed-data/
@@ -68,6 +68,7 @@ RUN (/usr/sbin/slapd -h "ldap:/// ldaps:/// ldapi:///" -u ldap &) \

COPY --from=idp /opt/shibboleth-idp/ /opt/shibboleth-idp/

COPY container_files/etc/ /etc/
COPY container_files/conf/ /opt/grouper/conf/
COPY container_files/httpd/* /etc/httpd/conf.d/
COPY container_files/shibboleth-idp/ /opt/shibboleth-idp/
117 changes: 117 additions & 0 deletions base/container_files/etc/phpMyAdmin/config.inc.php
View file
@@ -0,0 +1,117 @@
<?php
/**
* phpMyAdmin configuration file, you can use it as base for the manual
* configuration. For easier setup you can use "setup/".
*
* All directives are explained in Documentation.html and on phpMyAdmin
* wiki <http://wiki.phpmyadmin.net>.
*/

/*
* This is needed for cookie based authentication to encrypt password in
* cookie
*/
$cfg['blowfish_secret'] = 'd7Y5iRSDpGaQkvSqxKWPwHfazswioRBO'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */

/**
* Server(s) configuration
*/
$i = 0;

// The $cfg['Servers'] array starts with $cfg['Servers'][1]. Do not use
// $cfg['Servers'][0]. You can disable a server config entry by setting host
// to ''. If you want more than one server, just copy following section
// (including $i incrementation) serveral times. There is no need to define
// full server array, just define values you need to change.
$i++;
$cfg['Servers'][$i]['host'] = 'localhost'; // MySQL hostname or IP address
$cfg['Servers'][$i]['port'] = '3306'; // MySQL port - leave blank for default port
$cfg['Servers'][$i]['socket'] = ''; // Path to the socket - leave blank for default socket
$cfg['Servers'][$i]['connect_type'] = 'tcp'; // How to connect to MySQL server ('tcp' or 'socket')
$cfg['Servers'][$i]['extension'] = 'mysqli'; // The php MySQL extension to use ('mysql' or 'mysqli')
$cfg['Servers'][$i]['compress'] = FALSE; // Use compressed protocol for the MySQL connection
// (requires PHP >= 4.3.0)
$cfg['Servers'][$i]['controluser'] = ''; // MySQL control user settings
// (this user must have read-only
$cfg['Servers'][$i]['controlpass'] = ''; // access to the "mysql/user"
// and "mysql/db" tables).
// The controluser is also
// used for all relational
// features (pmadb)
$cfg['Servers'][$i]['auth_type'] = 'cookie'; // Authentication method (config, http or cookie based)?
$cfg['Servers'][$i]['user'] = ''; // MySQL user
$cfg['Servers'][$i]['password'] = ''; // MySQL password (only needed
// with 'config' auth_type)
$cfg['Servers'][$i]['only_db'] = 'grouper'; // If set to a db-name, only
// this db is displayed in left frame
// It may also be an array of db-names, where sorting order is relevant.
$cfg['Servers'][$i]['hide_db'] = ''; // Database name to be hidden from listings
$cfg['Servers'][$i]['verbose'] = ''; // Verbose name for this host - leave blank to show the hostname

$cfg['Servers'][$i]['pmadb'] = ''; // Database used for Relation, Bookmark and PDF Features
// (see scripts/create_tables.sql)
// - leave blank for no support
// DEFAULT: 'phpmyadmin'
$cfg['Servers'][$i]['bookmarktable'] = ''; // Bookmark table
// - leave blank for no bookmark support
// DEFAULT: 'pma_bookmark'
$cfg['Servers'][$i]['relation'] = ''; // table to describe the relation between links (see doc)
// - leave blank for no relation-links support
// DEFAULT: 'pma_relation'
$cfg['Servers'][$i]['table_info'] = ''; // table to describe the display fields
// - leave blank for no display fields support
// DEFAULT: 'pma_table_info'
$cfg['Servers'][$i]['table_coords'] = ''; // table to describe the tables position for the PDF schema
// - leave blank for no PDF schema support
// DEFAULT: 'pma_table_coords'
$cfg['Servers'][$i]['pdf_pages'] = ''; // table to describe pages of relationpdf
// - leave blank if you don't want to use this
// DEFAULT: 'pma_pdf_pages'
$cfg['Servers'][$i]['column_info'] = ''; // table to store column information
// - leave blank for no column comments/mime types
// DEFAULT: 'pma_column_info'
$cfg['Servers'][$i]['history'] = ''; // table to store SQL history
// - leave blank for no SQL query history
// DEFAULT: 'pma_history'
$cfg['Servers'][$i]['verbose_check'] = TRUE; // set to FALSE if you know that your pma_* tables
// are up to date. This prevents compatibility
// checks and thereby increases performance.
$cfg['Servers'][$i]['AllowRoot'] = TRUE; // whether to allow root login
$cfg['Servers'][$i]['AllowDeny']['order'] // Host authentication order, leave blank to not use
= '';
$cfg['Servers'][$i]['AllowDeny']['rules'] // Host authentication rules, leave blank for defaults
= array();
$cfg['Servers'][$i]['AllowNoPassword'] // Allow logins without a password. Do not change the FALSE
= TRUE; // default unless you're running a passwordless MySQL server
$cfg['Servers'][$i]['designer_coords'] // Leave blank (default) for no Designer support, otherwise
= ''; // set to suggested 'pma_designer_coords' if really needed
$cfg['Servers'][$i]['bs_garbage_threshold'] // Blobstreaming: Recommented default value from upstream
= 50; // DEFAULT: '50'
$cfg['Servers'][$i]['bs_repository_threshold'] // Blobstreaming: Recommented default value from upstream
= '32M'; // DEFAULT: '32M'
$cfg['Servers'][$i]['bs_temp_blob_timeout'] // Blobstreaming: Recommented default value from upstream
= 600; // DEFAULT: '600'
$cfg['Servers'][$i]['bs_temp_log_threshold'] // Blobstreaming: Recommented default value from upstream
= '32M'; // DEFAULT: '32M'
/*
* End of servers configuration
*/

/*
* Directories for saving/loading files from server
*/
$cfg['UploadDir'] = '/var/lib/phpMyAdmin/upload';
$cfg['SaveDir'] = '/var/lib/phpMyAdmin/save';

/*
* Disable the default warning that is displayed on the DB Details Structure
* page if any of the required Tables for the relation features is not found
*/
$cfg['PmaNoRelation_DisableWarning'] = TRUE;

/*
* phpMyAdmin 4.4.x is no longer maintained by upstream, but security fixes
* are still backported by downstream.
*/
$cfg['VersionCheck'] = FALSE;
?>
583 changes: 583 additions & 0 deletions base/container_files/etc/phpldapadmin/config.php
View file

Large diffs are not rendered by default.

77 changes: 77 additions & 0 deletions base/container_files/httpd/phpMyAdmin.conf
View file
@@ -0,0 +1,77 @@
# phpMyAdmin - Web based MySQL browser written in php
#
# Allows only localhost by default
#
# But allowing phpMyAdmin to anyone other than localhost should be considered
# dangerous unless properly secured by SSL

Alias /phpMyAdmin /usr/share/phpMyAdmin
Alias /phpmyadmin /usr/share/phpMyAdmin

<Directory /usr/share/phpMyAdmin/>
AddDefaultCharset UTF-8

<IfModule mod_authz_core.c>
# Apache 2.4
<RequireAny>
Require all granted
Require ip 127.0.0.1
Require ip ::1
</RequireAny>
</IfModule>
<IfModule !mod_authz_core.c>
# Apache 2.2
Order Deny,Allow
Deny from All
Allow from 127.0.0.1
Allow from ::1
</IfModule>
</Directory>

<Directory /usr/share/phpMyAdmin/setup/>
<IfModule mod_authz_core.c>
# Apache 2.4
<RequireAny>
Require all granted
Require ip 127.0.0.1
Require ip ::1
</RequireAny>
</IfModule>
<IfModule !mod_authz_core.c>
# Apache 2.2
Order Deny,Allow
Deny from All
Allow from 127.0.0.1
Allow from ::1
</IfModule>
</Directory>

# These directories do not require access over HTTP - taken from the original
# phpMyAdmin upstream tarball
#
<Directory /usr/share/phpMyAdmin/libraries/>
Order Deny,Allow
Deny from All
Allow from None
</Directory>

<Directory /usr/share/phpMyAdmin/setup/lib/>
Order Deny,Allow
Deny from All
Allow from None
</Directory>

<Directory /usr/share/phpMyAdmin/setup/frames/>
Order Deny,Allow
Deny from All
Allow from None
</Directory>

# This configuration prevents mod_security at phpMyAdmin directories from
# filtering SQL etc. This may break your mod_security implementation.
#
#<IfModule mod_security.c>
# <Directory /usr/share/phpMyAdmin/>
# SecRuleInheritance Off
# </Directory>
#</IfModule>
20 changes: 20 additions & 0 deletions base/container_files/httpd/phpldapadmin.conf
View file
@@ -0,0 +1,20 @@
#
# Web-based tool for managing LDAP servers
#

Alias /phpldapadmin /usr/share/phpldapadmin/htdocs
Alias /ldapadmin /usr/share/phpldapadmin/htdocs

<Directory /usr/share/phpldapadmin/htdocs>
<IfModule mod_authz_core.c>
# Apache 2.4
Require all granted
</IfModule>
<IfModule !mod_authz_core.c>
# Apache 2.2
Order Deny,Allow
Deny from all
Allow from 127.0.0.1
Allow from ::1
</IfModule>
</Directory>

0 comments on commit fae6d4e

Please sign in to comment.