#!/bin/bash # T&M Hansson IT AB © - 2022, https://www.hanssonit.se/ true SCRIPT_NAME="Adminer" SCRIPT_EXPLAINER="Adminer is a full-featured database management tool written in PHP." # shellcheck source=lib.sh source /var/scripts/fetch_lib.sh || source <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh) # Check for errors + debug code and abort if something isn't right # 1 = ON # 0 = OFF DEBUG=0 debug_mode # Check if root root_check # Check if adminer is already installed if ! is_this_installed adminer then # Ask for installing install_popup "$SCRIPT_NAME" else # Ask for removal or reinstallation reinstall_remove_menu "$SCRIPT_NAME" # Removal check_external_ip # Check that the script can see the external IP (apache fails otherwise) a2disconf adminer.conf rm -f $ADMINER_CONF rm -rf $ADMINERDIR check_command apt-get purge adminer -y restart_webserver # Show successful uninstall if applicable removal_popup "$SCRIPT_NAME" fi # Check that the script can see the external IP (apache fails otherwise) check_external_ip # Check distribution and version check_distro_version # Install Apache2 install_if_not apache2 a2enmod headers a2enmod rewrite a2enmod ssl # Install Adminer apt-get update -q4 & spinner_loading install_if_not adminer curl_to_dir "http://www.adminer.org" "latest.php" "$ADMINERDIR" curl_to_dir "https://raw.githubusercontent.com/Niyko/Hydra-Dark-Theme-for-Adminer/master" "adminer.css" "$ADMINERDIR" ln -s "$ADMINERDIR"/latest.php "$ADMINERDIR"/adminer.php # Only add TLS 1.3 on Ubuntu later than 20.04 if version 20.04 "$DISTRO" 22.04.10 then TLS13="+TLSv1.3" fi # Get PHP version for the conf file check_php cat << ADMINER_CREATE > "$ADMINER_CONF" RewriteEngine On RewriteRule ^(.*)$ https://%{HTTP_HOST}$1:9443 [R=301,L] Listen 9443 Header add Strict-Transport-Security: "max-age=15768000;includeSubdomains" # Intermediate configuration SSLEngine on SSLCompression off SSLProtocol -all +TLSv1.2 $TLS13 SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384 SSLHonorCipherOrder off SSLSessionTickets off ServerSignature off # Logs LogLevel warn CustomLog \${APACHE_LOG_DIR}/access.log combined ErrorLog \${APACHE_LOG_DIR}/error.log # This is needed to redirect access on http://$ADDRESS:9443/ to https://$ADDRESS:9443/ ErrorDocument 400 https://$ADDRESS:9443/ ### YOUR SERVER ADDRESS ### # ServerAdmin admin@example.com # ServerName adminer.example.com ### SETTINGS ### SetHandler "proxy:unix:/run/php/php$PHPVER-fpm.nextcloud.sock|fcgi://localhost" DocumentRoot $ADMINERDIR DirectoryIndex adminer.php AllowOverride None # Only allow connections from localhost: Require ip $GATEWAY/24 ### LOCATION OF CERT FILES ### SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key ADMINER_CREATE # Enable config check_command a2ensite adminer.conf if ! restart_webserver then msg_box "Apache2 could not restart... The script will exit." exit 1 else msg_box "Adminer was successfully installed and can be reached here: https://$ADDRESS:9443 You can download more plugins and get more information here: https://www.adminer.org Your PostgreSQL connection information can be found in $NCPATH/config/config.php. These are the current values: $(grep dbhost $NCPATH/config/config.php) $(grep dbuser $NCPATH/config/config.php) $(grep dbpassword $NCPATH/config/config.php) $(grep dbname $NCPATH/config/config.php) In case you try to access Adminer and get 'Forbidden' you need to change the IP in: $ADMINER_CONF" fi exit