Kevin Veen-Birkenbach
57d5269b07
- Add CSP3 support for style/script: include -elem and -attr directives - Base (style-src, script-src) now unions elem/attr (CSP2/Safari fallback) - Respect explicit base disables (e.g. style-src.unsafe-inline: false) - Hashes only when 'unsafe-inline' absent in the final base tokens - Nginx: set CSP only for HTML/worker via header_filter_by_lua_block; drop for subresources - Remove per-location header_filter; keep body_filter only - Update app role flags to *-attr where appropriate; extend desktop CSS sources - Add comprehensive unit tests for union/explicit-disable/no-mirror-back Ref: https://chatgpt.com/share/68f87a0a-cebc-800f-bb3e-8c8ab4dee8ee
PhpMyAdmin
Description
This Ansible role deploys PhpMyAdmin in a secure Docker environment, complete with optional OAuth2 proxy support. It enables seamless management of MariaDB/MySQL databases via a web-app-based interface.
Overview
The role configures and deploys a containerized PhpMyAdmin instance using Docker Compose. It optionally integrates with a central database and uses dynamic Ansible variables to support flexible deployments in both production and homelab environments.
Purpose
The purpose of this role is to provide a reliable, configurable, and secure PhpMyAdmin deployment out-of-the-box. It minimizes the need for manual setup, and integrates smoothly with other Infinito.Nexus infrastructure roles.
Features
- Docker Compose Integration: Deploy PhpMyAdmin via a templated Compose setup.
- OAuth2 Proxy Support: Secure your admin interface with modern authentication.
- Central DB Integration: Connects to shared MariaDB instances for multi-role environments.
- Custom Configuration: Leverage Ansible variables to fine-tune your deployment.
- Healthchecks & Networking: Includes Docker healthchecks and network setup logic.
Credits 📝
Developed and maintained by Kevin Veen-Birkenbach.
Learn more at www.veen.world
Part of the Infinito.Nexus Project
License: Infinito.Nexus NonCommercial License