Learn about Centmin Mod LEMP Stack today
Become a Member

phpmyadmin.sh Addon

Discussion in 'Add Ons' started by eva2000, May 25, 2014.

  1. quicksalad

    quicksalad Member

    228
    13
    18
    May 31, 2015
    Ratings:
    +20
    Local Time:
    6:04 AM
    Kindly ignore above, I managed to reinstall phpmyadmin and make it work as normal
    I wonder why hostname.mydomain.com I set during first Centminmod setup disappear after I restore from backup (DO droplet).
    I set that via this
    Code:
    hostnamectl set-hostname hostname.mydomain.com
    Is that normal behavior when you restore droplet backup?
    This is what my SSH command prompt after restore goes like below
    Code:
    [root@hostname ~]#
    and after setting hostnamectl set-hostname, it goes back to this
    Code:
    [root@hostname.mydomain.com ~]#
    Now I'm able to install and access phpmyadmin without this error
    Code:
    400 Bad Request No required SSL certificate was sent


     
  2. eva2000

    eva2000 Administrator Staff Member

    52,726
    12,073
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,599
    Local Time:
    10:34 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    For folks having issues with phpmyadmin.sh, try this test updated version that switches back to using phpmyadmin zip file install instead of git
    Code (Text):
    /root/tools/phpmyadmin_uninstall.sh
    cd /usr/local/src/centminmod/addons
    rm -rf phpmyadmin.sh
    wget https://gist.github.com/centminmod/e4ba66fbae5f7527d278b8aa48233d0f/raw/phpmyadmin.sh -O phpmyadmin.sh
    ./phpmyadmin.sh install
    

    let me know how this test updated version fairs and I'll update official phpmyadmin.sh later.
     
  3. pamamolf

    pamamolf Premium Member Premium Member

    4,067
    427
    83
    May 31, 2014
    Ratings:
    +832
    Local Time:
    3:34 AM
    Nginx-1.25.x
    MariaDB 10.3.x
    I am getting also many times the above issue as @quicksalad has unfortunately.
     
  4. quicksalad

    quicksalad Member

    228
    13
    18
    May 31, 2015
    Ratings:
    +20
    Local Time:
    6:04 AM
    I'm using it right now @eva2000 I'll let you know once I encounter that css error again.
    Also I notice yarntmp folders prior to installing this
     
  5. eva2000

    eva2000 Administrator Staff Member

    52,726
    12,073
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,599
    Local Time:
    10:34 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
  6. quicksalad

    quicksalad Member

    228
    13
    18
    May 31, 2015
    Ratings:
    +20
    Local Time:
    6:04 AM
    @eva2000
    Just saw this notice on phpmyadmin after few weeks of using it, or maybe I didn't notice it right away
    Code:
    The phpMyAdmin configuration storage is not completely configured, some extended features have been deactivated. Find out why.
    Or alternately go to 'Operations' tab of any database to set it up there.
    Code:
    phpMyAdmin configuration storage Documentation
    Configuration of pmadb… not OK Documentation
    General relation features Disabled
     
  7. eva2000

    eva2000 Administrator Staff Member

    52,726
    12,073
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,599
    Local Time:
    10:34 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    AFAIK, you can ignore storage config as it's optional.
     
  8. quicksalad

    quicksalad Member

    228
    13
    18
    May 31, 2015
    Ratings:
    +20
    Local Time:
    6:04 AM
    Thanks for the info.
     
  9. Markku

    Markku New Member

    14
    2
    3
    Jun 1, 2014
    Ratings:
    +5
    Local Time:
    3:34 AM
    I'm using a .dev domain for a project and it has HSTS forced and I can't use self-signed certs.

    How can I use lets encrypt cert for phpmyadmin using this addon script? Thanks kindly.
     
  10. eva2000

    eva2000 Administrator Staff Member

    52,726
    12,073
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,599
    Local Time:
    10:34 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    One solution is you can change HSTS on apex dev domain to not include subdomains and then for each specific subdomain also add HSTS excluding subdomains.

    Are the host.domain.com and HTTPS enabled site also on same top level domain.com ? did you enable HSTS with include subdomain too ? if you did then you're telling browsers to force HTTP to HTTPS redirected connections for domain.com and any *.domain.com subdomain as well

    see Enabling HSTS for SSL for specifics
    As accessing host.domain.com is usually reserved for stats and admin pages the Centmin Mod LEMP stack owner only needs to access, you can just clear your web browser's HSTS record for the domain.com and host.domain.com so the web browser no longer redirects from HTTP to HTTPS. I posted a thread at SSL - How to clear HSTS browser cache | Centmin Mod Community specifically for this :)

    Browser validated/trusted SSL certificates are issued for hostname/domain names, not IP addresses. Generally, you don't want trusted SSL certificates like Letsencrypt for the main hostname/IP anyway as every time you issue an SSL certificate, the certificate can be publicly searched for via Certificate Transparency logs at crt.sh | Certificate Search and Certificate Transparency Monitoring - Facebook for Developers. See https://securitytrails.com/blog/what-are-certificate-transparency-logs for an explanation of CT logs.

    What this means is malicious folks can also search the CT logs for hostnames belonging to an attacker who wants to target your domain and see if you have any exposed hostnames listed in CT logs. Once you issue a browser trusted SSL certificate, you better be prepared to protect it too. Note you can't enable Cloudflare orange cloud DNS on main hostname either as your server's Postfix mail server for sending outbound emails is also sent from server's Postfix mail server using this main hostname. If you enable Cloudflare orange cloud, receiving mail servers will reject your emails as it can't look up main hostname's real IP address hidden behind Cloudflare orange cloud enabled DNS services.

    If you don't plan on having sites other than default Nginx HTML index page served from main hostname/IP, then having a browser trusted SSL certificate/HTTPS isn't essential. You can probably use a self-signed non-browser trusted SSL certificate just as well to encrypt data but not log to CT logs the hostname + then empty the main hostname index page at /usr/local/nginx/html/index.html as a blank page serving nothing. Or just keep it non-https + then empty the main hostname index page at /usr/local/nginx/html/index.html as a blank page serving nothing

    Now if after reading above and still you want phpmyadmin.sh using letsencrypt trusted and CT logged main hostname, read my reply at https://community.centminmod.com/th...tsencrypt-for-main-hostname.19624/#post-83458

    Or if you have another domain not using HSTS just change the main hostname as it isn't used for web site hosting anyway
     
  11. Markku

    Markku New Member

    14
    2
    3
    Jun 1, 2014
    Ratings:
    +5
    Local Time:
    3:34 AM
    Thanks bud, very comprehensive reply.

    In this case the issue is that Google operates the tld .dev and they have made it so that HSTS is forced enabled. I don't even have it enabled via centminmod.

    "The .dev top-level domain is incorporated on the HSTS preload list, requiring HTTPS on all .dev domains without individual HSTS enlistment." (source: Wikipedia)

    So I don't think it is possible to use self-signed cert at all if I want to access Phpmyadmin e.g. via subdomain.domain.dev

    And the hostname of the server is indeed subdomain.domain.dev

    I guess I could just access the phpmyadmin with direct IP address of the server and then self-signed cert would work?
     
  12. eva2000

    eva2000 Administrator Staff Member

    52,726
    12,073
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,599
    Local Time:
    10:34 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Try and see.

    Ah one of those types of domains. You can if you want just change the assigned main hostname on Centmin Mod to be a different domain you have spare that doesn't force HSTS.
     
  13. Markku

    Markku New Member

    14
    2
    3
    Jun 1, 2014
    Ratings:
    +5
    Local Time:
    3:34 AM
    I do have a spare domain, yes. Is it as simple as making the change in the nginx virtual host manually? Or what's the best way to achieve that so that the phpmyadmin.sh uses it, etc?
     
  14. eva2000

    eva2000 Administrator Staff Member

    52,726
    12,073
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,599
    Local Time:
    10:34 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Change main hostname as per Getting Started Guide step 1 https://centminmod.com/getstarted.html
     
  15. dcg

    dcg Member

    67
    24
    8
    Oct 17, 2015
    Florida, USA
    Ratings:
    +49
    Local Time:
    8:34 PM
    1.21.x
    10.3.x
    FYI update- This was on setting up a new Almalinux 8 install
    phpmyadmin install went "fine"
    However it didn't work properly when loading page - blank page but phpmyadmin icon shows in bar

    I realized that the js wasn't complied and it looks like node wasn't installed. I ran nodejs.sh addon to install, but it gave GPG key error. Seems like keys changed at some point.

    GitHub - nodesource/distributions: NodeSource Node.js Binary Distributions
    used:
    Code:
    curl -fsSL https://rpm.nodesource.com/setup_lts.x | bash -
    Then ran nodejs.sh install
    Installed fine

    Then ran tools/phpmyadmin_update.sh
    it updated npm and then recompiled phpmyadmin js files and all is good.
     
    Last edited: Mar 15, 2024
  16. eva2000

    eva2000 Administrator Staff Member

    52,726
    12,073
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,599
    Local Time:
    10:34 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    cheers need to add EL8/EL9 support for initial setup for addons/nodejs.sh :)

    was this the message you received?

     
  17. eva2000

    eva2000 Administrator Staff Member

    52,726
    12,073
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,599
    Local Time:
    10:34 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Centmin Mod 124.00stable and 130.00beta01 have been updated with fixed routines for addons/nodejs.sh now :)
     
  18. dcg

    dcg Member

    67
    24
    8
    Oct 17, 2015
    Florida, USA
    Ratings:
    +49
    Local Time:
    8:34 PM
    1.21.x
    10.3.x
    Yes that was the message
     
  19. eva2000

    eva2000 Administrator Staff Member

    52,726
    12,073
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,599
    Local Time:
    10:34 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Decided to try a new phpmyadmin-tar.sh version which installs the tarball .tar.gz phpmyadmin instead of via Git, folks can try it out using below commands

    Code (Text):
    # uninstall existing phpmyadmin install
    /root/tools/phpmyadmin_uninstall.sh
    
    # download phpmyadmin-tar.sh
    cd /usr/local/src/centminmod/addons
    wget --no-check-certificate https://github.com/centminmod/phpmyadmin/raw/master/phpmyadmin-tar.sh -O phpmyadmin-tar.sh
    
    # permissions
    chmod 0700 /usr/local/src/centminmod/addons/phpmyadmin-tar.sh
    
    # install phpmyadmin lastest stable
    ./phpmyadmin-tar.sh install
     
  20. pamamolf

    pamamolf Premium Member Premium Member

    4,067
    427
    83
    May 31, 2014
    Ratings:
    +832
    Local Time:
    3:34 AM
    Nginx-1.25.x
    MariaDB 10.3.x
    It's working great !!!!!

    Don't know how but i got it under https too that usually i had to do some custom edits to virtual.ssl.conf previously about it...

    Now it's ok by having only the phpmyadmin_ssl.conf..

    Not sure if i have to do anything else now for auto updating it...