From 0171ebc2970c505586c6f4bdf686f6988d423c4f Mon Sep 17 00:00:00 2001
From: Felix Ableitner <me@nutomic.com>
Date: Fri, 5 Apr 2019 11:56:35 +0200
Subject: [PATCH] Remove phpmyadmin

---
 README.md                                     |  1 -
 config-dynamic/nginx/passwds/.keep            |  0
 scripts/init-repo.sh                          | 15 +++------
 scripts/show-info.sh                          |  1 -
 .../docker-compose/docker-compose-base.yml    | 11 -------
 .../docker-compose-networks.yml               |  1 -
 templates/nginx/sites-enabled/dba.conf        | 32 -------------------
 7 files changed, 5 insertions(+), 56 deletions(-)
 delete mode 100644 config-dynamic/nginx/passwds/.keep
 delete mode 100644 templates/nginx/sites-enabled/dba.conf

diff --git a/README.md b/README.md
index 63bfc1a..47f1416 100644
--- a/README.md
+++ b/README.md
@@ -55,6 +55,5 @@ You can find login information for these services by running `showInfo.sh`.
 # Administration
 
 - spam.$DOMAIN: Email spam filter ([rspamd.com](https://www.rspamd.com/))
-- dba.$DOMAIN: Database administration ([phpmyadmin.net](https://www.phpmyadmin.net/))
 - mail.$DOMAIN: Administrate email and create accounts ([postfixadmin.sourceforge.net](http://postfixadmin.sourceforge.net/))
 
diff --git a/config-dynamic/nginx/passwds/.keep b/config-dynamic/nginx/passwds/.keep
deleted file mode 100644
index e69de29..0000000
diff --git a/scripts/init-repo.sh b/scripts/init-repo.sh
index ea489b1..0ebcc44 100755
--- a/scripts/init-repo.sh
+++ b/scripts/init-repo.sh
@@ -24,11 +24,11 @@ case $INSTALL_ONLYOFFICE in
     cat "templates/nginx/sites-enabled/onlyoffice.conf" | sed "s/@@@DOMAIN@@@/$DOMAIN/g" > "config-dynamic/nginx/sites-enabled/onlyoffice.conf"
     OFFICE_DOMAIN=",office.$DOMAIN"
     OFFICE_LETSENCRYPT_KEY="config-dynamic/letsencrypt/certstore/live/office.$DOMAIN/privkey.pem"
-    NUM_CERTIFICATES="7"
+    NUM_CERTIFICATES="6"
     ;;
     [Nn]* )
     cat "${DC_DIR}docker-compose-base.yml" "${DC_DIR}docker-compose-networks.yml" > docker-compose.yml
-    NUM_CERTIFICATES="6"
+    NUM_CERTIFICATES="5"
     ;;
 esac
 
@@ -42,10 +42,6 @@ echo "VHOSTS_ACCOUNTS=welcome.$DOMAIN" >> "$ENVFILE"
 echo "SMTP_FROM=welcome@$DOMAIN" >> "$ENVFILE"
 echo "SMTP_HOST=mail.$DOMAIN" >> "$ENVFILE"
 
-# generate basic auth for phpmyadmin
-htpasswd -c  -b /mnt/repo-base/config-dynamic/nginx/passwds/pma.htpasswd $DBA_USER "$DBA_PASSWORD"
-chown 100:101 config-dynamic/nginx/passwds/ -R
-
 VIRTUAL_HOST=$(echo "$ADD_DOMAINS" | tr "," "\n" | while read line; do echo "autoconfig.$line,autodiscover.$line"; done | tr "\n" "," | sed 's/.$//g')
 
 echo "VIRTUAL_HOST=$VIRTUAL_HOST" >> "$ENVFILE"
@@ -53,7 +49,7 @@ echo "VIRTUAL_HOST=$VIRTUAL_HOST" >> "$ENVFILE"
 # finished .env file generation
 
 # fille autorenew config
-echo "$DOMAIN,$VIRTUAL_HOST,dba.$DOMAIN,drive.$DOMAIN,mail.$DOMAIN,spam.$DOMAIN,webmail.$DOMAIN,welcome.$DOMAIN$OFFICE_DOMAIN" | tr "," "\n" | while read CURDOMAIN; do
+echo "$DOMAIN,$VIRTUAL_HOST,drive.$DOMAIN,mail.$DOMAIN,spam.$DOMAIN,webmail.$DOMAIN,welcome.$DOMAIN$OFFICE_DOMAIN" | tr "," "\n" | while read CURDOMAIN; do
     echo "$CURDOMAIN" >> config-dynamic/letsencrypt/autorenew/ssl-domains.dat
 :; done
 
@@ -70,7 +66,6 @@ echo "$DOMAIN,$ADD_DOMAINS" | tr "," "\n" | while read CURDOMAIN; do
 :; done
 
 # other hosts
-cat "templates/nginx/sites-enabled/dba.conf" | sed "s/@@@DOMAIN@@@/$DOMAIN/g" > "config-dynamic/nginx/sites-enabled/dba.conf"
 cat "templates/nginx/sites-enabled/nextcloud.conf" | sed "s/@@@DOMAIN@@@/$DOMAIN/g" > "config-dynamic/nginx/sites-enabled/nextcloud.conf"
 cat "templates/nginx/sites-enabled/postfixadmin.conf" | sed "s/@@@DOMAIN@@@/$DOMAIN/g" > "config-dynamic/nginx/sites-enabled/postfixadmin.conf"
 cat "templates/nginx/sites-enabled/rspamd.conf" | sed "s/@@@DOMAIN@@@/$DOMAIN/g" > "config-dynamic/nginx/sites-enabled/rspamd.conf"
@@ -92,7 +87,7 @@ echo "   For each domain in $ADD_DOMAINS add an A record (@) to your public IP"
 echo "   For each domain in $ADD_DOMAINS add an MX record (@, priority 10) towards mail.$DOMAIN.com."
 echo "   PTR record for your public IP towards mail.$DOMAIN.com (reverse DNS to match A record above)"
 echo ""
-echo "$VIRTUAL_HOST,dba.$DOMAIN,drive.$DOMAIN,spam.$DOMAIN,webmail.$DOMAIN,welcome.$DOMAIN$OFFICE_DOMAIN" | tr "," "\n" | while read CURDOMAIN; do
+echo "$VIRTUAL_HOST,drive.$DOMAIN,spam.$DOMAIN,webmail.$DOMAIN,welcome.$DOMAIN$OFFICE_DOMAIN" | tr "," "\n" | while read CURDOMAIN; do
     echo "   CNAME record $CURDOMAIN towards mail.$DOMAIN."
 :; done
 echo "================================================================================================================================="
@@ -126,7 +121,7 @@ fi
 bash scripts/ssl-renew.sh
 
 # verify LE status
-CTR_LE=$(find config-dynamic/letsencrypt/certstore/live/dba.$DOMAIN/privkey.pem config-dynamic/letsencrypt/certstore/live/drive.$DOMAIN/privkey.pem config-dynamic/letsencrypt/certstore/live/mail.$DOMAIN/privkey.pem config-dynamic/letsencrypt/certstore/live/spam.$DOMAIN/privkey.pem config-dynamic/letsencrypt/certstore/live/webmail.$DOMAIN/privkey.pem config-dynamic/letsencrypt/certstore/live/welcome.$DOMAIN/privkey.pem $OFFICE_LETSENCRYPT_KEY 2>/dev/null| wc -l)
+CTR_LE=$(find config-dynamic/letsencrypt/certstore/live/drive.$DOMAIN/privkey.pem config-dynamic/letsencrypt/certstore/live/mail.$DOMAIN/privkey.pem config-dynamic/letsencrypt/certstore/live/spam.$DOMAIN/privkey.pem config-dynamic/letsencrypt/certstore/live/webmail.$DOMAIN/privkey.pem config-dynamic/letsencrypt/certstore/live/welcome.$DOMAIN/privkey.pem $OFFICE_LETSENCRYPT_KEY 2>/dev/null| wc -l)
 CTR_AC_LE=$(echo "$VIRTUAL_HOST" | tr "," "\n" | while read CURDOMAIN; do find config-dynamic/letsencrypt/certstore/live/$CURDOMAIN/privkey.pem 2>/dev/null | grep $CURDOMAIN && echo found || echo missing; done  | grep missing | wc  -l)
 
 if [ "$CTR_LE$CTR_AC_LE" = "${NUM_CERTIFICATES}0" ]
diff --git a/scripts/show-info.sh b/scripts/show-info.sh
index d427a4d..63de66b 100755
--- a/scripts/show-info.sh
+++ b/scripts/show-info.sh
@@ -21,6 +21,5 @@ POSTFIX_PASSWORD=$(grep PFA_SUPERADMIN_PASSWORD= "$ENVFILE"  | awk -F= '{ print
 
 echo "Your password for the SPAM filter mgmt UI (https://$SPAM_UI) is: $RSPAMD_PASSWORD"
 echo "Your admin credentials for nextcloud are (https://$NEXTCLOUD_UI) is: $NEXTCLOUD_ADMIN_USER / $NEXTCLOUD_ADMIN_PASSWORD"
-echo "Your credentials for phpmyadmin (https://$DBA_UI) are: $DBA_USER / $DBA_PASSWORD"
 echo "Your credentials for postfix admin (https://$POSTFIX_UI) are: $POSTFIX_USER / $POSTFIX_PASSWORD"
 
diff --git a/templates/docker-compose/docker-compose-base.yml b/templates/docker-compose/docker-compose-base.yml
index 27a53c9..27ccf8f 100644
--- a/templates/docker-compose/docker-compose-base.yml
+++ b/templates/docker-compose/docker-compose-base.yml
@@ -76,17 +76,6 @@ services:
     volumes:
       - /mnt/repo-base/volumes/redis/db:/data
 
-  pma:
-    image: phpmyadmin/phpmyadmin:4.8
-    container_name: pma
-    restart: always
-    networks:
-      - serverbase
-    environment:
-      - PMA_HOST=mariadb
-    depends_on:
-      - mariadb
-
   accounts:
         image: registry.gitlab.e.foundation:5000/e/infra/docker-welcome:0.2.0
         container_name: accounts
diff --git a/templates/docker-compose/docker-compose-networks.yml b/templates/docker-compose/docker-compose-networks.yml
index 01257f1..02e7b59 100644
--- a/templates/docker-compose/docker-compose-networks.yml
+++ b/templates/docker-compose/docker-compose-networks.yml
@@ -18,7 +18,6 @@
       - nextcloud
       - create-account
       - automx
-      - pma
       - postfixadmin
       - accounts
       - eelomailserver
diff --git a/templates/nginx/sites-enabled/dba.conf b/templates/nginx/sites-enabled/dba.conf
deleted file mode 100644
index a184aa7..0000000
--- a/templates/nginx/sites-enabled/dba.conf
+++ /dev/null
@@ -1,32 +0,0 @@
-server {
-  listen 8000;
-  server_name dba.@@@DOMAIN@@@;
-  return 301 https://$host$request_uri;
-}
-
-server {
-  listen 4430 ssl http2;
-  server_name dba.@@@DOMAIN@@@;
-
-  ssl_certificate /certs/live/dba.@@@DOMAIN@@@/fullchain.pem;
-  ssl_certificate_key /certs/live/dba.@@@DOMAIN@@@/privkey.pem;
-
-  include /etc/nginx/params/ssl_params;
-  include /etc/nginx/params/headers_params;
-
-  #add_header Strict-Transport-Security "max-age=<HSTS_MAX_AGE>;<HSTS_SUBDOMAINS><HSTS_PRELOAD>";
-  #client_max_body_size <MAX_BODY_SIZE>M;
-
-  auth_basic "Who's this?";
-  auth_basic_user_file /passwds/pma.htpasswd;
-
-  location / {
-    proxy_pass http://pma:80;
-    include /etc/nginx/params/proxy_params;
-  }
-
-  location /.well-known/acme-challenge/ {
-    auth_basic off;
-    alias /etc/letsencrypt/acme-challenge/.well-known/acme-challenge/;
-  }
-}
-- 
GitLab