phpmyadmin-guide.md

🗄️ phpMyAdmin Installation Guide (phpmyadmin.sh)

Detailed guide for the phpMyAdmin installation script for PUQcloud database management.

🎯 Script Purpose

The phpmyadmin.sh script automatically installs and configures phpMyAdmin for convenient database management:

• Download the latest phpMyAdmin version
• Configure subdomain phpmyadmin.yourdomain.com
• Automatic SSL certificate setup
• Nginx configuration
• Security setup

🚀 Running Methods

Interactive Mode

sudo ./phpmyadmin.sh

The script will prompt for the domain to create a subdomain.

Requirements

• Installed PUQcloud (install.sh must be executed)
• MySQL/MariaDB server
• Configured domain with DNS records

📊 Installation Process Diagram

flowchart TD
    A["Run phpmyadmin.sh"] --> B["Check root privileges"]
    B --> C["Input domain"]
    C --> D{"MySQL installed?"}
    
    D -->|"No"| E["Request MySQL installation"]
    E -->|"Yes"| F["Install MariaDB"]
    E -->|"No"| G["Exit script"]
    D -->|"Yes"| H["Update packages"]
    F --> H
    
    H --> I["Install dependencies"]
    I --> J["Clean old installation"]
    J --> K["Download phpMyAdmin"]
    K --> L["Extract archive"]
    L --> M["Move files"]
    
    M --> N["Create Nginx configuration"]
    N --> O["Activate site"]
    O --> P["Restart Nginx"]
    P --> Q["Obtain SSL certificate"]
    
    Q --> R["Set access permissions"]
    R --> S["Create config.inc.php"]
    S --> T["Generate blowfish_secret"]
    T --> U["Installation complete"]
    
    G --> V["Installation cancelled"]

Loading

🔧 Installed Components

System Packages

nginx php-fpm php-mysql php-mbstring php-zip 
php-gd php-json php-curl certbot python3-certbot-nginx

Additional (if MySQL not installed)

mariadb-server

🌐 Subdomain Configuration

The script creates a subdomain in the format:

phpmyadmin.yourdomain.com

Nginx Configuration

server {
    listen 80;
    server_name phpmyadmin.yourdomain.com;

    root /var/www/phpmyadmin;
    index index.php index.html index.htm;

    location / {
        try_files $uri $uri/ =404;
    }

    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/var/run/php/php-fpm.sock;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }

    location ~ /\.ht {
        deny all;
    }
}

🔒 Security

SSL Certificate

Automatically obtained Let's Encrypt certificate:

certbot --nginx -d phpmyadmin.yourdomain.com \
        --non-interactive --agree-tos \
        --email admin@yourdomain.com

Access Permissions

chown -R www-data:www-data /var/www/phpmyadmin
chmod -R 755 /var/www/phpmyadmin

phpMyAdmin Configuration

<?php
// Automatically generated blowfish_secret
$cfg['blowfish_secret'] = 'base64-encoded-random-string';

// Basic security settings
$cfg['Servers'][$i]['auth_type'] = 'cookie';
$cfg['Servers'][$i]['host'] = 'localhost';
$cfg['Servers'][$i]['compress'] = false;
$cfg['Servers'][$i]['AllowNoPassword'] = false;

📂 File Structure

After installation, the following is created:

/var/www/phpmyadmin/
├── index.php              # Main page
├── config.inc.php         # Configuration
├── libraries/             # phpMyAdmin libraries
├── themes/               # Themes
└── tmp/                  # Temporary files

/etc/nginx/sites-available/
└── phpmyadmin            # Nginx configuration

/etc/nginx/sites-enabled/
└── phpmyadmin -> ../sites-available/phpmyadmin

🌍 DNS Configuration

For proper operation, you need to configure DNS record:

A-record

phpmyadmin.yourdomain.com.  IN  A  YOUR-SERVER-IP

CNAME-record (alternative)

phpmyadmin.yourdomain.com.  IN  CNAME  yourdomain.com.

🔑 System Login

After successful installation:

1. URL: https://phpmyadmin.yourdomain.com
2. User: root (or other MySQL user)
3. Password: MySQL root user password

For PUQcloud DB

• User: from .env file (puqcloud_user_xxxxxxxx)
• Password: from .env file
• Database: puqcloud_db_xxxxxxxx

🛠️ Installation Management

Status Check

# Check Nginx operation
systemctl status nginx

# Check PHP-FPM
systemctl status php-fpm

# Check availability
curl -I https://phpmyadmin.yourdomain.com

# Check SSL certificate
openssl s_client -connect phpmyadmin.yourdomain.com:443 -servername phpmyadmin.yourdomain.com

Updating phpMyAdmin

# Stop web server
systemctl stop nginx

# Backup old version
mv /var/www/phpmyadmin /var/www/phpmyadmin.backup

# Download new version
cd /tmp
wget https://www.phpmyadmin.net/downloads/phpMyAdmin-latest-all-languages.tar.gz
tar xvf phpMyAdmin-latest-all-languages.tar.gz
mkdir -p /var/www/phpmyadmin
mv phpMyAdmin-*-all-languages/* /var/www/phpmyadmin/

# Restore configuration
cp /var/www/phpmyadmin.backup/config.inc.php /var/www/phpmyadmin/

# Set permissions
chown -R www-data:www-data /var/www/phpmyadmin
chmod -R 755 /var/www/phpmyadmin

# Start web server
systemctl start nginx

Removing phpMyAdmin

# Stop and disable site
rm /etc/nginx/sites-enabled/phpmyadmin
rm /etc/nginx/sites-available/phpmyadmin

# Remove files
rm -rf /var/www/phpmyadmin

# Revoke SSL certificate (optional)
certbot delete --cert-name phpmyadmin.yourdomain.com

# Restart Nginx
systemctl reload nginx

🔧 Configuration Setup

Additional config.inc.php Settings

// Increase session time
$cfg['LoginCookieValidity'] = 28800; // 8 hours

// Hide system databases
$cfg['Servers'][$i]['hide_db'] = '^(information_schema|performance_schema|mysql|sys)$';

// Import restrictions
$cfg['UploadDir'] = '/var/www/phpmyadmin/upload/';
$cfg['SaveDir'] = '/var/www/phpmyadmin/save/';

// Theme
$cfg['ThemeDefault'] = 'pmahomme';

// Interface language
$cfg['DefaultLang'] = 'en';

Create upload and save directories

mkdir -p /var/www/phpmyadmin/upload
mkdir -p /var/www/phpmyadmin/save
chown www-data:www-data /var/www/phpmyadmin/upload
chown www-data:www-data /var/www/phpmyadmin/save
chmod 755 /var/www/phpmyadmin/upload
chmod 755 /var/www/phpmyadmin/save

🚨 Problems and Solutions

"blowfish_secret" Error

# Regenerate key
BLOWFISH_SECRET=$(openssl rand -base64 32)
sed -i "s/\$cfg\['blowfish_secret'\] = '.*'/\$cfg\['blowfish_secret'\] = '${BLOWFISH_SECRET}'/" /var/www/phpmyadmin/config.inc.php

MySQL Access Error

# Check connection
mysql -u root -p -e "SELECT VERSION();"

# Create user for phpMyAdmin
mysql -u root -p -e "CREATE USER 'phpmyadmin'@'localhost' IDENTIFIED BY 'strong_password';"
mysql -u root -p -e "GRANT ALL PRIVILEGES ON *.* TO 'phpmyadmin'@'localhost' WITH GRANT OPTION;"
mysql -u root -p -e "FLUSH PRIVILEGES;"

PHP Extensions Error

# Install missing extensions
apt install -y php-mysql php-mbstring php-zip php-gd php-json php-curl

# Restart PHP-FPM
systemctl restart php8.2-fpm

SSL Issues

# Check DNS record
nslookup phpmyadmin.yourdomain.com

# Re-obtain certificate
certbot --nginx -d phpmyadmin.yourdomain.com --force-renewal

📊 Monitoring

Logs to Track

# Nginx logs
tail -f /var/log/nginx/access.log
tail -f /var/log/nginx/error.log

# PHP logs
tail -f /var/log/php8.2-fpm.log

# Certbot logs
tail -f /var/log/letsencrypt/letsencrypt.log

Performance Check

# Server response time
curl -w "@curl-format.txt" -o /dev/null -s https://phpmyadmin.yourdomain.com

# where curl-format.txt contains:
#     time_namelookup:  %{time_namelookup}\n
#        time_connect:  %{time_connect}\n
#     time_appconnect:  %{time_appconnect}\n
#    time_pretransfer:  %{time_pretransfer}\n
#       time_redirect:  %{time_redirect}\n
#  time_starttransfer:  %{time_starttransfer}\n
#                     ----------\n
#          time_total:  %{time_total}\n

🎯 Best Practices

1. Security:

   • Use strong passwords
   • Restrict access by IP (if needed)
   • Regularly update phpMyAdmin

2. Performance:

   • Configure caching in Nginx
   • Optimize PHP-FPM pool

3. Backup:

   • Regularly backup configuration
   • Save custom settings

4. Monitoring:

   • Monitor logs for suspicious activity
   • Set up error notifications