no mTLS support for remote database connections in PhpMyAdmin #449
Description
Hello,
I am working in a K8S cluster and I found out that the current PhpMyAdmin Docker image doesn't support mTLS configuration to remote databases services.
To address this problem, I opened a pull request here.
I've seen in some tickets that I need to open an issue before any review, so I am here :)
You can see bellow the content of my PR, for further informations. I hope that will be ok for you and I apologize if I didn't follow the process ...
Problem:
In the context of mutual TLS (mTLS), it is currently not possible to define a list of files to configure the connection between PhpMyAdmin and one or more database servers or services.
Proposed Solution:
My idea is to introduce the ability to configure specific PhpMyAdmin parameters to allow mTLS connections to secure services.
To achieve this, I built upon existing syntax and implemented an approach that encodes the necessary files (CA, CERT, and KEY) in Base64 format. These files can then be passed to PhpMyAdmin using environment variables.
Potential Question: Why not use a volume instead of environment variables?
In a hyperscaler context such as Kubernetes, creating NFS volumes can pose significant challenges for many users. Managing environment variables is often simpler and more portable than managing volumes. Additionally, adding volumes introduces statefulness to PhpMyAdmin, which can be problematic for certain infrastructures. Using environment variables resolves these issues and keeps PhpMyAdmin stateless.