Huge role refactoring/cleanup. Other commits will propably follow. Because some bugs will exist. Still important for longrun and also for auto docs/help/slideshow generation

roles/web-app-phpmyadmin/README.md

@@ -0,0 +1,29 @@
+# PhpMyAdmin
+
+## Description
+
+This Ansible role deploys [PhpMyAdmin](https://www.phpmyadmin.net/) in a secure Docker environment, complete with optional OAuth2 proxy support. It enables seamless management of MariaDB/MySQL databases via a web-app-based interface.
+
+## Overview
+
+The role configures and deploys a containerized PhpMyAdmin instance using Docker Compose. It optionally integrates with a central database and uses dynamic Ansible variables to support flexible deployments in both production and homelab environments.
+
+## Purpose
+
+The purpose of this role is to provide a reliable, configurable, and secure PhpMyAdmin deployment out-of-the-box. It minimizes the need for manual setup, and integrates smoothly with other CyMaIS infrastructure roles.
+
+## Features
+
+- **Docker Compose Integration:** Deploy PhpMyAdmin via a templated Compose setup.
+- **OAuth2 Proxy Support:** Secure your admin interface with modern authentication.
+- **Central DB Integration:** Connects to shared MariaDB instances for multi-role environments.
+- **Custom Configuration:** Leverage Ansible variables to fine-tune your deployment.
+- **Healthchecks & Networking:** Includes Docker healthchecks and network setup logic.
+
+## Credits 📝
+
+Developed and maintained by **Kevin Veen-Birkenbach**.  
+Learn more at [www.veen.world](https://www.veen.world)
+
+Part of the [CyMaIS Project](https://github.com/kevinveenbirkenbach/cymais)  
+License: [CyMaIS NonCommercial License (CNCL)](https://s.veen.world/cncl)

roles/web-app-phpmyadmin/meta/main.yml

@@ -0,0 +1,31 @@
+---
+galaxy_info:
+  author: "Kevin Veen-Birkenbach"
+  description: "Manage your databases with confidence using PHPMyAdmin, a robust and dynamic tool designed to simplify administration and enhance productivity. Enjoy an intuitive interface, powerful features, and an energetic approach that makes database management a breeze."
+  license: "CyMaIS NonCommercial License (CNCL)"
+  license_url: "https://s.veen.world/cncl"
+  company: |
+    Kevin Veen-Birkenbach
+    Consulting & Coaching Solutions
+    https://www.veen.world
+  min_ansible_version: "2.9"
+  platforms:
+    - name: Archlinux
+      versions:
+        - rolling
+  galaxy_tags:
+    - phpmyadmin
+    - docker
+    - webui
+    - oauth2
+    - mariadb
+    - postgresql
+  repository: https://s.veen.world/cymais
+  issue_tracker_url: https://s.veen.world/cymaisissues
+  documentation: https://s.veen.world/cymais
+  logo:
+    class: "fa-solid fa-database"
+  run_after:
+    - service-rdbms-mariadb
+    - web-app-matomo
+    - web-app-keycloak

roles/web-app-phpmyadmin/meta/schema.yml

@@ -0,0 +1 @@
+credentials:

roles/web-app-phpmyadmin/tasks/main.yml

@@ -0,0 +1,11 @@
+---
+- name: "include docker-compose role"
+  include_role: 
+    name: docker-compose
+
+- name: "include role webserver-proxy-domain for {{application_id}}"
+  include_role:
+    name: webserver-proxy-domain
+  vars:
+    domain:   "{{ domains | get_domain(application_id) }}"
+    http_port:   "{{ ports.localhost.http[application_id] }}"

roles/web-app-phpmyadmin/templates/docker-compose.yml.j2

@@ -0,0 +1,14 @@
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
+
+  application:
+{% set container_port = 80 %}
+    image: phpmyadmin/phpmyadmin:{{applications.phpmyadmin.version}}
+    container_name: phpmyadmin
+{% include 'roles/docker-container/templates/base.yml.j2' %}
+    ports:
+      - "127.0.0.1:{{ports.localhost.http[application_id]}}:{{ container_port }}"
+{% include 'roles/docker-container/templates/depends_on/dmbs_excl.yml.j2' %}
+{% include 'roles/docker-container/templates/networks.yml.j2' %}
+{% include 'roles/docker-container/templates/healthcheck/tcp.yml.j2' %}
+
+{% include 'roles/docker-compose/templates/networks.yml.j2' %}

roles/web-app-phpmyadmin/templates/env.j2

@@ -0,0 +1,7 @@
+# Configuration @see https://hub.docker.com/_/phpmyadmin
+
+PMA_HOST={{applications.mariadb.hostname}}
+{% if applications[application_id].autologin | bool %}
+PMA_USER= root
+PMA_PASSWORD= "{{applications.mariadb.credentials.root_password}}"
+{% endif %}

roles/web-app-phpmyadmin/vars/configuration.yml

@@ -0,0 +1,26 @@
+version:              "latest"      # Use the latest phpmyadmin version
+autologin:            false         # This is a high security risk. Just activate this option if you know what you're doing
+oauth2_proxy:  
+  port:               "80"
+  application:        "application"
+features:
+  matomo:             true
+  css:                false
+  portfolio_iframe:   true
+  central_database:   true
+  oauth2:             true
+hostname:             central-mariadb
+csp:
+  flags:
+    style-src:
+      unsafe-inline: true
+    script-src-elem:
+      unsafe-inline: true
+domains:
+  aliases:
+    - "mysql.{{ primary_domain }}"
+    - "mariadb.{{ primary_domain }}"
+docker:
+  services:
+    database:
+      enabled: true

roles/web-app-phpmyadmin/vars/main.yml

@@ -0,0 +1,3 @@
+application_id:       "phpmyadmin"
+database_type:        "mariadb"
+database_host:        "{{ 'central-' + database_type if applications | is_feature_enabled('central_database',application_id) }}"