Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

no mTLS support for remote database connections in PhpMyAdmin #449

Open
LordRobinCbz opened this issue Dec 11, 2024 · 0 comments
Open

no mTLS support for remote database connections in PhpMyAdmin #449

LordRobinCbz opened this issue Dec 11, 2024 · 0 comments

Comments

@LordRobinCbz
Copy link
Contributor

Hello,

I am working in a K8S cluster and I found out that the current PhpMyAdmin Docker image doesn't support mTLS configuration to remote databases services.

To address this problem, I opened a pull request here.

I've seen in some tickets that I need to open an issue before any review, so I am here :)

You can see bellow the content of my PR, for further informations. I hope that will be ok for you and I apologize if I didn't follow the process ...

Problem:
In the context of mutual TLS (mTLS), it is currently not possible to define a list of files to configure the connection between PhpMyAdmin and one or more database servers or services.

Proposed Solution:
My idea is to introduce the ability to configure specific PhpMyAdmin parameters to allow mTLS connections to secure services.

To achieve this, I built upon existing syntax and implemented an approach that encodes the necessary files (CA, CERT, and KEY) in Base64 format. These files can then be passed to PhpMyAdmin using environment variables.

Potential Question: Why not use a volume instead of environment variables?
In a hyperscaler context such as Kubernetes, creating NFS volumes can pose significant challenges for many users. Managing environment variables is often simpler and more portable than managing volumes. Additionally, adding volumes introduces statefulness to PhpMyAdmin, which can be problematic for certain infrastructures. Using environment variables resolves these issues and keeps PhpMyAdmin stateless.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants