Last active
June 4, 2021 01:01
-
-
Save sandikodev/0c37109130881fbbdf87ce85f5978e54 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
==============[ configure user of mysql/mariadb ]============== | |
sudo mysql -u root | |
CREATE DATABASE wordpress CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci; | |
GRANT ALL ON wordpress.* TO 'wp-user'@'localhost' IDENTIFIED BY 'Passw0rd!'; | |
exit | |
==============[ install phpmyadmin by backport repo's ]============== | |
echo "deb http://deb.debian.org/debian buster-backports main" >> /etc/apt/sources.list | |
sudo apt update | |
sudo apt -t buster-backports install phpmyadmin | |
PROMPT > web server as autoinstall > APACHE2 | |
PROMPT > configure with dbconfig-common > YES | |
==============[ configure webserver apache and use nginx as reverse proxy ]============== | |
# jangan lupa apache tetap dibuatkan virtualhost spt biasa untuk root phpmyadmin | |
# agar proxypass internal yang dilakukan nginx tetap dapat terlaksana spt biasa | |
vim /etc/apache2/ports.conf | |
> set Listen to 127.0.0.1:8081 | |
vim /etc/apache2/conf-enabled/phpmyadmin.conf | |
> <VirtualHost *:8081> | |
ServerName dbadmin.domainmu.com #mandatory | |
ServerAdmin admin@domainmu.com #optional | |
# menambahkan $domain kedalam /etc/hosts agar nginx dapat berkomunikasi dengan apache2 scr internal | |
# dengan menggunakan $domain | |
cat << EOF >> /etc/hosts | |
127.0.0.1 dbadmin.domainmu.com | |
# konfigurasi nginx untuk dapat melakukan reverse proxy scr internal dengan apache2 | |
# konfigurasi reverse proxy ini tidak hanya digunakan untuk kasus phpmyadmin ini | |
# apapun yang menggunakan nginx sbg reverse proxy, dapat menggunakan langkah ini | |
cat << EOF >> /etc/nginx/sites-enabled/dbadmin.domainmu.com | |
#==============[ OPTIONAL ]============== | |
# ini untuk virtualhost1 melakukan listen port80 | |
# listen port80nya wajib, | |
# hanya saja return 301 ke https tidak begitu wajib | |
# ada auto force return https akan lebih baik | |
# atau ``return 301 https://$host$request_uri;`` dicomment saja jika juri mau menilik http biasa | |
server { | |
listen 80; | |
server_name dbadmin.domainmu.com; | |
return 301 https://$host$request_uri; # mengalihkan 80 sbg listen request ke https(443) | |
#return 404; # mengalihkan 80 sbg listen request ke 404 notfound | |
#add_header X-Frame-Options "SAMEORIGIN"; # disallowed loading off outside of the resources dbadmin.domainmu.com | |
# or mean to prevent clickjacking | |
} | |
#==============[ MANDATORY / REQUIRED ]============== | |
# ini untuk virtualhost2 melakukan listen port443 | |
# listen port443nya wajib, karena port inilah yang akan digunakan sbg jalan mandatori | |
# untuk menuju layanan index.{html,php,etc} (root) dari aplikasi itu sendiri | |
server { | |
#==============[ MANDATORY / REQUIRED ]============== | |
listen 443 ssl http2; | |
server_name dbadmin.domainmu.com; | |
ssl_certificate /etc/letsencrypt/live/dbadmin.domainmu.com/fullchain.pem; # managed by Certbot | |
ssl_certificate_key /etc/letsencrypt/live/dbadmin.domainmu.com/privkey.pem; # managed by Certbot | |
#==============[ OPTIONAL ]============== | |
#ssl on; # nginx terbaru, konfigurasi ini sudah didireksikan langsung ke #listen 443 ssl --> diatas | |
ssl_session_cache builtin:1000 shared:SSL:10m; | |
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; | |
ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4; | |
ssl_prefer_server_ciphers on; | |
access_log /var/log/nginx/dbadmin.domainmu.access.log; | |
client_max_body_size 100M; | |
add_header X-Frame-Options "SAMEORIGIN"; # disallowed loading off outside of the resources dbadmin.domainmu.com | |
#==============[ MANDATORY / REQUIRED ]============== | |
location / { | |
#==============[ OPTIONAL ]============== | |
proxy_set_header Host $host; | |
proxy_set_header X-Real-IP $remote_addr; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
proxy_set_header X-Forwarded-Proto $scheme; | |
# Fix the “It appears that your reverse proxy set up is broken" error. | |
proxy_pass http://dbadmin.domainmu.com:8081; | |
proxy_read_timeout 90; | |
proxy_redirect http://dbadmin.domainmu.com:8081 https://dbadmin.domainmu.com; | |
} | |
} | |
EOF | |
![alt text here](https://www.pragmaticlinux.com/wp-content/uploads/2020/12/phpmyadmin_install_configure_apache2.png) | |
![alt text here](https://www.pragmaticlinux.com/wp-content/uploads/2020/12/phpmyadmin_install_configure_dbconfig_common.png) | |
![alt text here](https://www.pragmaticlinux.com/wp-content/uploads/2020/12/phpmyadmin_install_enter_password.png) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment