Added pgadmin draft and optimized phpadmin

This commit is contained in:
Kevin Veen-Birkenbach 2025-04-04 07:35:32 +02:00
parent e024542d8e
commit 2c964cfbee
No known key found for this signature in database
GPG Key ID: 44D8F11FD62F878E
13 changed files with 166 additions and 17 deletions

View File

@ -33,6 +33,7 @@ defaults_domains:
peertube: "video.{{primary_domain}}" peertube: "video.{{primary_domain}}"
# ATTENTION: Will be owerwritten by the values in domains. Not merged. # ATTENTION: Will be owerwritten by the values in domains. Not merged.
peertube_alternates: [] peertube_alternates: []
pgadmin: "pgadmin.{{primary_domain}}"
phpmyadmin: "phpmyadmin.{{primary_domain}}" phpmyadmin: "phpmyadmin.{{primary_domain}}"
pixelfed: "picture.{{primary_domain}}" pixelfed: "picture.{{primary_domain}}"
portfolio: "{{primary_domain}}" portfolio: "{{primary_domain}}"

View File

@ -621,6 +621,22 @@ defaults_applications:
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
## PgAdmin
pgadmin:
version: "latest"
default_email: "{{ users.administrator.email }}" # Initial login email address
default_password: "{{ users.administrator.initial_password }}" # Initial login password should be overridden in inventory for security
oauth2_proxy:
enabled: true # Enable OAuth2 proxy for authentication
application: "application"
port: "80"
# cookie_secret: None # Set via: openssl rand -hex 16
database:
central_storage: True # Uses central PostgreSQL database
matomo_tracking_enabled: "{{ matomo_tracking_enabled_default }}" # Enables/Disables Matomo Tracking
css_enabled: "{{ css_enabled_default }}" # Enables/Disables global CSS styling
landingpage_iframe_enabled: "{{ landingpage_iframe_enabled_default }}" # Enables/Disables embedding via iframe
## PHPMyAdmin ## PHPMyAdmin
phpmyadmin: phpmyadmin:
version: "latest" version: "latest"

View File

@ -26,7 +26,7 @@ ports:
roulette-wheel: 8013 roulette-wheel: 8013
joomla: 8014 joomla: 8014
attendize: 8015 attendize: 8015
#matrix: 8016 Not used anymore pgadmin: 8016
baserow: 8017 baserow: 8017
matomo: 8018 matomo: 8018
listmonk: 8019 listmonk: 8019

View File

@ -60,8 +60,8 @@ defaults_networks:
subnet: 192.168.102.112/28 subnet: 192.168.102.112/28
pixelfed: pixelfed:
subnet: 192.168.102.128/28 subnet: 192.168.102.128/28
# Free : pgadmin:
# subnet: 192.168.102.144/28 subnet: 192.168.102.144/28
snipe_it: snipe_it:
subnet: 192.168.102.160/28 subnet: 192.168.102.160/28
taiga: taiga:

View File

@ -0,0 +1,29 @@
# PgAdmin 🐳
## Description
This Ansible role deploys [pgAdmin](https://www.pgadmin.org/) in a secure Docker environment, with optional OAuth2 proxy support. It provides a full-featured web UI to manage PostgreSQL databases, making it ideal for both development and production use.
## Overview
The role provisions a containerized pgAdmin instance using Docker Compose. It allows integration with central PostgreSQL servers, and supports environment-specific settings via Ansible variables.
## Purpose
The purpose of this role is to offer a quick and configurable way to deploy pgAdmin with Docker, while keeping it secure through optional OAuth2 integration. It's built to fit seamlessly into CyMaIS-managed environments.
## Features
- **Docker Compose Integration:** Deploy pgAdmin with a templated Compose file.
- **OAuth2 Proxy Support:** Add authentication via an external OAuth2 provider.
- **Central DB Integration:** Easily connect to central PostgreSQL instances.
- **Customizable Settings:** Adjust container configuration via Ansible variables.
- **Healthchecks & Networking:** Includes built-in Docker healthchecks and Compose networks.
## Credits 📝
Developed and maintained by **Kevin Veen-Birkenbach**.
Learn more at [www.veen.world](https://www.veen.world)
Part of the [CyMaIS Project](https://github.com/kevinveenbirkenbach/cymais)
License: [CyMaIS NonCommercial License (CNCL)](https://s.veen.world/cncl)

View File

@ -0,0 +1,25 @@
---
galaxy_info:
author: "Kevin Veen-Birkenbach"
description: "pgAdmin with optional OAuth2 proxy integration."
license: "CyMaIS NonCommercial License (CNCL)"
license_url: "https://s.veen.world/cncl"
company: |
Kevin Veen-Birkenbach
Consulting & Coaching Solutions
https://www.veen.world
min_ansible_version: "2.9"
platforms:
- name: Archlinux
versions:
- rolling
galaxy_tags:
- pgadmin
- docker
- webui
- oauth2
- postgresql
repository: https://s.veen.world/cymais
issue_tracker_url: https://s.veen.world/cymaisissues
documentation: https://s.veen.world/cymais
dependencies: []

View File

@ -0,0 +1,14 @@
---
- name: "include docker-compose role"
include_role:
name: docker-compose
- name: "include role nginx-domain-setup for {{application_id}}"
include_role:
name: nginx-domain-setup
vars:
domain: "{{ domains[application_id] }}"
http_port: "{{ ports.localhost.http[application_id] }}"
- name: "copy docker-compose.yml and env file"
include_tasks: copy-docker-compose-and-env.yml

View File

@ -0,0 +1,19 @@
services:
{% include 'roles/docker-oauth2-proxy/templates/container.yml.j2' %}
application:
image: dpage/pgadmin4:{{applications.pgadmin.version}}
container_name: pgadmin
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
ports:
- "127.0.0.1:{{ports.localhost.http[application_id]}}:80"
{% include 'templates/docker/container/depends-on-just-database.yml.j2' %}
{% include 'templates/docker/container/networks.yml.j2' %}
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost"]
interval: 30s
timeout: 10s
retries: 3
{% include 'templates/docker/compose/networks.yml.j2' %}

View File

@ -0,0 +1,5 @@
# Configuration @see https://hub.docker.com/r/dpage/pgadmin4
PGADMIN_DEFAULT_EMAIL={{ applications.pgadmin.default_email }}
PGADMIN_DEFAULT_PASSWORD={{ applications.pgadmin.default_password }}
PGADMIN_DISABLE_POSTFIX=True

View File

@ -0,0 +1,3 @@
application_id: "pgadmin"
database_type: "postgresql"
database_host: "{{ 'central-' + database_type if applications[application_id].database.central_storage }}"

View File

@ -1,23 +1,29 @@
# Docker PhpMyAdmin Role # PhpMyAdmin 🐳
Welcome to the **Docker PhpMyAdmin Role**! 🎉 This role simplifies the deployment of PhpMyAdmin in a Docker environment, including optional OAuth2 proxy support for enhanced security. ## Description
## Features ✨ This Ansible role deploys [PhpMyAdmin](https://www.phpmyadmin.net/) in a secure Docker environment, complete with optional OAuth2 proxy support. It enables seamless management of MariaDB/MySQL databases via a web-based interface.
- 🚀 **Automated Deployment:** Effortlessly deploy PhpMyAdmin with Docker Compose. ## Overview
- 🔐 **OAuth2 Proxy Support:** Secure access with OAuth2 authentication.
- 🛠️ **Configurable Settings:** Fully customizable via Ansible variables.
- 🌐 **Support for Central Databases:** Seamlessly integrates with a central MariaDB database.
- 🐳 **Docker Compose Integration:** Generates `docker-compose.yml` tailored to your environment.
## Learn More 📖 The role configures and deploys a containerized PhpMyAdmin instance using Docker Compose. It optionally integrates with a central database and uses dynamic Ansible variables to support flexible deployments in both production and homelab environments.
- Official PhpMyAdmin Website: [https://www.phpmyadmin.net/](https://www.phpmyadmin.net/) ## Purpose
## Contributing 🤝 The purpose of this role is to provide a reliable, configurable, and secure PhpMyAdmin deployment out-of-the-box. It minimizes the need for manual setup, and integrates smoothly with other CyMaIS infrastructure roles.
Contributions are welcome! Feel free to fork this repository, submit issues, or create pull requests to improve this role. ## Features
--- - **Docker Compose Integration:** Deploy PhpMyAdmin via a templated Compose setup.
- **OAuth2 Proxy Support:** Secure your admin interface with modern authentication.
- **Central DB Integration:** Connects to shared MariaDB instances for multi-role environments.
- **Custom Configuration:** Leverage Ansible variables to fine-tune your deployment.
- **Healthchecks & Networking:** Includes Docker healthchecks and network setup logic.
Made with ❤️ by [Kevin Veen-Birkenbach](https://www.veen.world). ## Credits 📝
Developed and maintained by **Kevin Veen-Birkenbach**.
Learn more at [www.veen.world](https://www.veen.world)
Part of the [CyMaIS Project](https://github.com/kevinveenbirkenbach/cymais)
License: [CyMaIS NonCommercial License (CNCL)](https://s.veen.world/cncl)

View File

@ -0,0 +1,26 @@
---
galaxy_info:
author: "Kevin Veen-Birkenbach"
description: "Dockerized PhpMyAdmin deployment with optional OAuth2 proxy integration."
license: "CyMaIS NonCommercial License (CNCL)"
license_url: "https://s.veen.world/cncl"
company: |
Kevin Veen-Birkenbach
Consulting & Coaching Solutions
https://www.veen.world
min_ansible_version: "2.9"
platforms:
- name: Archlinux
versions:
- rolling
galaxy_tags:
- phpmyadmin
- docker
- webui
- oauth2
- mariadb
- postgresql
repository: https://s.veen.world/cymais
issue_tracker_url: https://s.veen.world/cymaisissues
documentation: https://s.veen.world/cymais
dependencies: []

View File

@ -196,6 +196,11 @@
include_role: include_role:
name: docker-sphinx name: docker-sphinx
- name: setup pgadmin
when: ("pgadmin" in group_names)
include_role:
name: docker-pgadmin
# Native Webserver Roles # Native Webserver Roles
- name: setup nginx-serve-htmls - name: setup nginx-serve-htmls
when: ("nginx-serve-htmls" in group_names) when: ("nginx-serve-htmls" in group_names)