Last active
June 4, 2021 01:01
-
-
Save sandikodev/0c37109130881fbbdf87ce85f5978e54 to your computer and use it in GitHub Desktop.
Revisions
-
sandikodev revised this gist
Jun 4, 2021 . 1 changed file with 12 additions and 3 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -13,13 +13,22 @@ PROMPT > configure with dbconfig-common > YES ==============[ configure webserver apache and use nginx as reverse proxy ]============== # jangan lupa apache tetap dibuatkan virtualhost spt biasa untuk root phpmyadmin # agar proxypass internal yang dilakukan nginx tetap dapat terlaksana spt biasa vim /etc/apache2/ports.conf > set Listen to 127.0.0.1:8081 vim /etc/apache2/conf-enabled/phpmyadmin.conf > <VirtualHost *:8081> ServerName dbadmin.domainmu.com #mandatory ServerAdmin [email protected] #optional # menambahkan $domain kedalam /etc/hosts agar nginx dapat berkomunikasi dengan apache2 scr internal # dengan menggunakan $domain cat << EOF >> /etc/hosts 127.0.0.1 dbadmin.domainmu.com # konfigurasi nginx untuk dapat melakukan reverse proxy scr internal dengan apache2 # konfigurasi reverse proxy ini tidak hanya digunakan untuk kasus phpmyadmin ini # apapun yang menggunakan nginx sbg reverse proxy, dapat menggunakan langkah ini cat << EOF >> /etc/nginx/sites-enabled/dbadmin.domainmu.com #==============[ OPTIONAL ]============== # ini untuk virtualhost1 melakukan listen port80 -
Jun 4, 2021 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,80 @@ ==============[ configure user of mysql/mariadb ]============== sudo mysql -u root CREATE DATABASE wordpress CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci; GRANT ALL ON wordpress.* TO 'wp-user'@'localhost' IDENTIFIED BY 'Passw0rd!'; exit ==============[ install phpmyadmin by backport repo's ]============== echo "deb http://deb.debian.org/debian buster-backports main" >> /etc/apt/sources.list sudo apt update sudo apt -t buster-backports install phpmyadmin PROMPT > web server as autoinstall > APACHE2 PROMPT > configure with dbconfig-common > YES ==============[ configure webserver apache and use nginx as reverse proxy ]============== # jangan lupa apache tetap dibuatkan virtualhost spt biasa untuk root phpmyadmin # agar proxypass internal yang dilakukan nginx tetap dapat terlaksana spt biasa vim /etc/apache2/ > set listen to 127.0.0.1:8081 # menambahkan domain kedalam /etc/hosts agar nginx dapat berkomunikasi dengan apache2 scr internal # dengan menggunakan domain cat << EOF >> /etc/hosts 127.0.0.1 dbadmin.domainmu.com # konfigurasi nginx untuk dapat melakukan reverse proxy scr internal dengan apache2 cat << EOF >> /etc/nginx/sites-enabled/dbadmin.domainmu.com #==============[ OPTIONAL ]============== # ini untuk virtualhost1 melakukan listen port80 # listen port80nya wajib, # hanya saja return 301 ke https tidak begitu wajib # ada auto force return https akan lebih baik # atau ``return 301 https://$host$request_uri;`` dicomment saja jika juri mau menilik http biasa server { listen 80; server_name dbadmin.domainmu.com; return 301 https://$host$request_uri; # mengalihkan 80 sbg listen request ke https(443) #return 404; # mengalihkan 80 sbg listen request ke 404 notfound #add_header X-Frame-Options "SAMEORIGIN"; # disallowed loading off outside of the resources dbadmin.domainmu.com # or mean to prevent clickjacking } #==============[ MANDATORY / REQUIRED ]============== # ini untuk virtualhost2 melakukan listen port443 # listen port443nya wajib, karena port inilah yang akan digunakan sbg jalan mandatori # untuk menuju layanan index.{html,php,etc} (root) dari aplikasi itu sendiri server { #==============[ MANDATORY / REQUIRED ]============== listen 443 ssl http2; server_name dbadmin.domainmu.com; ssl_certificate /etc/letsencrypt/live/dbadmin.domainmu.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/dbadmin.domainmu.com/privkey.pem; # managed by Certbot #==============[ OPTIONAL ]============== #ssl on; # nginx terbaru, konfigurasi ini sudah didireksikan langsung ke #listen 443 ssl --> diatas ssl_session_cache builtin:1000 shared:SSL:10m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4; ssl_prefer_server_ciphers on; access_log /var/log/nginx/dbadmin.domainmu.access.log; client_max_body_size 100M; add_header X-Frame-Options "SAMEORIGIN"; # disallowed loading off outside of the resources dbadmin.domainmu.com #==============[ MANDATORY / REQUIRED ]============== location / { #==============[ OPTIONAL ]============== proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; # Fix the “It appears that your reverse proxy set up is broken" error. proxy_pass http://dbadmin.domainmu.com:8081; proxy_read_timeout 90; proxy_redirect http://dbadmin.domainmu.com:8081 https://dbadmin.domainmu.com; } } EOF   