History

Juan José Martos debbf7dffa [bitnami/] Modify containers' READMEs title (#87908 ) [bitnami/][TNZ-62332] Modify containers' READMEs title Signed-off-by: Jota Martos <jota.martos@broadcom.com>		2025-10-27 11:32:47 +01:00
..
5/debian-12	…
README.md	[bitnami/*] Modify containers' READMEs title (#87908 )	2025-10-27 11:32:47 +01:00
docker-compose.yml	…

README.md

Bitnami Secure Image for phpMyAdmin

What is phpMyAdmin?

phpMyAdmin is a free software tool written in PHP, intended to handle the administration of MySQL over the Web. phpMyAdmin supports a wide range of operations on MySQL and MariaDB.

Overview of phpMyAdmin Trademarks: This software listing is packaged by Bitnami. The respective trademarks mentioned in the offering are owned by the respective companies, and use of them does not imply any affiliation or endorsement.

TL;DR

Docker Compose

docker run --name phpmyadmin bitnami/phpmyadmin:latest

You can find the default credentials and available configuration options in the Environment Variables section.

⚠️ Important Notice: Upcoming changes to the Bitnami Catalog

Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new Bitnami Secure Images initiative. As part of this transition:

Granting community users access for the first time to security-optimized versions of popular container images.
Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes
Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates.
For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support.

These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the Bitnami Secure Images announcement.

Why use Bitnami Secure Images?

Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready.
Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores.
Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format.
Stay more secure and compliant with continuously built images updated within hours of upstream patches.
Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs.
Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory.

Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the commercial edition of Bitnami Secure Images today.

How to deploy phpMyAdmin in Kubernetes?

Deploying Bitnami applications as Helm Charts is the easiest way to get started with our applications on Kubernetes. Read more about the installation in the Bitnami phpMyAdmin Chart GitHub repository.

Supported tags and respective `Dockerfile` links

Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags in our documentation page.

You can see the equivalence between the different tags by taking a look at the tags-info.yaml file present in the branch folder, i.e bitnami/ASSET/BRANCH/DISTRO/tags-info.yaml.

Subscribe to project updates by watching the bitnami/containers GitHub repo.

Prerequisites

To run this application you need Docker Engine >= 1.10.0. Docker Compose is recommended with a version 1.6.0 or later.

How to use this image

phpMyAdmin requires access to a MySQL database or MariaDB database to work. We'll use our very own MariaDB image.

Using the Docker Command Line

Create a network
```
docker network create phpmyadmin-tier
```

Create a volume for MariaDB persistence and create a MariaDB container

docker volume create --name mariadb_data
docker run -d --name mariadb -e ALLOW_EMPTY_PASSWORD=yes \
  --net phpmyadmin-tier \
  --volume mariadb_data:/bitnami/mariadb \
  bitnami/mariadb:latest

Launch the phpMyAdmin container

docker run -d --name phpmyadmin -p 80:8080 -p 443:8443 \
  --net phpmyadmin-tier \
  bitnami/phpmyadmin:latest

Access your application at http://your-ip/

Using Docker Compose

curl -sSL https://raw.githubusercontent.com/bitnami/containers/main/bitnami/phpmyadmin/docker-compose.yml > docker-compose.yml
docker-compose up -d

Please be aware this file has not undergone internal testing. Consequently, we advise its use exclusively for development or testing purposes. For production-ready deployments, we highly recommend utilizing its associated Bitnami Helm chart.

If you detect any issue in the docker-compose.yaml file, feel free to report it or contribute with a fix by following our Contributing Guidelines.

Persisting your application

If you remove the container all your data and configurations will be lost, and the next time you run the image the database will be reinitialized. To avoid this loss of data, you should mount a volume that will persist even after the container is removed.

For persistence you should mount a volume at the /bitnami path. Additionally you should mount a volume for persistence of the MariaDB data.

The above examples define a Docker volume named mariadb_data. The application state will persist as long as this volume is not removed.

To avoid inadvertent removal of these volumes you can mount host directories as data volumes. Alternatively you can make use of volume plugins to host the volume data.

Mount host directories as data volumes with Docker Compose

This requires a minor change to the docker-compose.yml file present in this repository:

services:
  mariadb:
  ...
    volumes:
      - /path/to/mariadb-persistence:/bitnami/mariadb
  ...

Mount host directories as data volumes using the Docker command line

Create a network (if it does not exist)
```
docker network create phpmyadmin-tier
```

Create a MariaDB container with host volume

docker run -d --name mariadb -e ALLOW_EMPTY_PASSWORD=yes \
  --net phpmyadmin-tier \
  --volume /path/to/mariadb-persistence:/bitnami/mariadb \
  bitnami/mariadb:latest

Launch the phpMyAdmin container

docker run -d --name phpmyadmin -p 80:8080 -p 443:8443 \
  --net phpmyadmin-tier \
  bitnami/phpmyadmin:latest

Upgrading phpMyAdmin

Bitnami provides up-to-date versions of MariaDB and phpMyAdmin, including security patches, soon after they are made upstream. We recommend that you follow these steps to upgrade your container. We will cover here the upgrade of the phpMyAdmin container. For the MariaDB upgrade see https://github.com/bitnami/containers/tree/main/bitnami/mariadb#upgrade-this-image

The bitnami/phpmyadmin:latest tag always points to the most recent release. To get the most recent release you can simple repull the latest tag from the Docker Hub with docker pull bitnami/phpmyadmin:latest. However it is recommended to use tagged versions.

Get the updated images:
```
docker pull bitnami/phpmyadmin:latest
```
Stop your container
- For docker-compose: $ docker-compose stop phpmyadmin
- For manual execution: $ docker stop phpmyadmin
Remove the currently running container
- For docker-compose: $ docker-compose rm -v phpmyadmin
- For manual execution: $ docker rm -v phpmyadmin
Run the new image
- For docker-compose: $ docker-compose up phpmyadmin
- For manual execution: docker run --name phpmyadmin bitnami/phpmyadmin:latest

Configuration

Environment variables

Customizable environment variables

Name	Description	Default Value
`PHPMYADMIN_ALLOW_ARBITRARY_SERVER`	Whether to enable database server hostname.	`nil`
`PHPMYADMIN_ALLOW_REMOTE_CONNECTIONS`	Whether to allow remote connections for phpMyAdmin, or force local connections by default.	`$PHPMYADMIN_DEFAULT_ALLOW_REMOTE_CONNECTIONS`
`PHPMYADMIN_ABSOLUTE_URI`	If specified, absolute URL to phpMyAdmin when generating links.	`nil`
`PHPMYADMIN_EXEC_TIME_LIMIT`	If specified, number of seconds a script is allowed to run	`nil`
`PHPMYADMIN_MEMORY_LIMIT`	If specified, number of bytes a script is allowed to allocate.	`nil`
`DATABASE_HOST`	Database server host.	`nil`
`DATABASE_USER`	Database server user.	`nil`
`DATABASE_PASSWORD`	Database server password.	`nil`
`DATABASE_PORT_NUMBER`	Database server port.	`nil`
`DATABASE_ALLOW_NO_PASSWORD`	Whether to allow logins without a password.	`nil`
`DATABASE_ENABLE_SSL`	Whether to enable SSL for the connection between phpMyAdmin and the MySQL server to secure the connection.	`nil`
`DATABASE_SSL_KEY`	Path to the client key file when using SSL.	`${DATABASE_CERTS_DIR}/server_key.pem`
`DATABASE_SSL_CERT`	Path to the client certificate file when using SSL.	`${DATABASE_CERTS_DIR}/server_certificate.pem`
`DATABASE_SSL_CA`	Path to the CA file when using SSL.	`${DATABASE_CERTS_DIR}/ca_certificate.pem`
`DATABASE_SSL_CA_PATH`	Directory containing trusted SSL CA certificates in PEM format.	`nil`
`DATABASE_SSL_CIPHERS`	List of allowable ciphers for connections when using SSL.	`nil`
`DATABASE_SSL_VERIFY`	Enable SSL certificate validation.	`yes`
`CONFIGURATION_STORAGE_ENABLE`	Enable phpMyAdmin configuration storage.	`no`
`CONFIGURATION_STORAGE_DB_HOST`	phpMyAdmin configuration storage database server hostname.	`mariadb`
`CONFIGURATION_STORAGE_DB_PORT_NUMBER`	phpMyAdmin configuration storage database server port.	`3306`
`CONFIGURATION_STORAGE_DB_USER`	phpMyAdmin configuration storage database user.	`pma`
`CONFIGURATION_STORAGE_DB_PASSWORD`	phpMyAdmin configuration storage database password.	`nil`
`CONFIGURATION_STORAGE_DB_NAME`	phpMyAdmin configuration storage database name.	`phpmyadmin`
`CONFIGURATION_ALLOWDENY_ORDER`	Set the AllowDeny order. If your rule order is empty, then IP authorization is disabled. Available values are: `deny,allow`, `allow,deny`, `explicit`.	`nil`
`CONFIGURATION_ALLOWDENY_RULES`	Array of strings to allow or deny hosts/user to connect to the database. The value must be literal, following the format `allow \| deny <username> [from] <ipmask>`.	`nil`

Read-only environment variables

Name	Description	Value
`PHPMYADMIN_BASE_DIR`	phpMyAdmin installation directory.	`${BITNAMI_ROOT_DIR}/phpmyadmin`
`PHPMYADMIN_VOLUME_DIR`	phpMyAdmin directory for mounted configuration files.	`${BITNAMI_VOLUME_DIR}/phpmyadmin`
`PHPMYADMIN_TMP_DIR`	phpMyAdmin directory for temporary files.	`${PHPMYADMIN_BASE_DIR}/tmp`
`PHPMYADMIN_CONF_FILE`	Configuration file for phpMyAdmin.	`${PHPMYADMIN_BASE_DIR}/config.inc.php`
`PHPMYADMIN_MOUNTED_CONF_FILE`	Mounted configuration file for phpMyAdmin. It will be copied to the phpMyAdmin installation directory during the initialization process.	`${PHPMYADMIN_VOLUME_DIR}/config.inc.php`
`PHPMYADMIN_DEFAULT_ALLOW_ARBITRARY_SERVER`	Whether to enable database server hostname by default.	`no`
`PHPMYADMIN_DEFAULT_ALLOW_REMOTE_CONNECTIONS`	Whether to allow remote connections for phpMyAdmin, or force local connections.	`yes`
`DATABASE_DEFAULT_HOST`	Default database server host.	`mariadb`
`DATABASE_DEFAULT_PORT_NUMBER`	Default database server port.	`3306`
`DATABASE_DEFAULT_ALLOW_NO_PASSWORD`	Whether to allow logins without a password.	`yes`
`DATABASE_CERTS_DIR`	phpMyAdmin directory for certificates.	`${PHPMYADMIN_BASE_DIR}/db_certs`
`PHP_DEFAULT_UPLOAD_MAX_FILESIZE`	Default max PHP upload file size.	`80M`
`PHP_DEFAULT_POST_MAX_SIZE`	Default max PHP POST size.	`80M`
`PHP_DEFAULT_MEMORY_LIMIT`	Default PHP memory limit.	`256M`

Specifying Environment variables using Docker Compose

This requires a change to the docker-compose.yml file present in this repository:

services:
  mariadb:
  ...
    environment:
      - ALLOW_EMPTY_PASSWORD=yes
  ...
  phpmyadmin:
  ...
    environment:
      - DATABASE_ALLOW_NO_PASSWORD=false
      - PHPMYADMIN_ALLOW_ARBITRARY_SERVER=yes
  ...

Specifying Environment variables on the Docker command line

docker run -d --name phpmyadmin -p 80:8080 -p 443:8443 \
  --net phpmyadmin-tier \
  --env PHPMYADMIN_PASSWORD=my_password \
  bitnami/phpmyadmin:latest

FIPS configuration in Bitnami Secure Images

The Bitnami phpMyAdmin Docker image from the Bitnami Secure Images catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables:

OPENSSL_FIPS: whether OpenSSL runs in FIPS mode or not. yes (default), no.

Customize this image

The Bitnami phpMyAdmin Docker image is designed to be extended so it can be used as the base image for your custom web applications.

Extend this image

Before extending this image, please note there are certain configuration settings you can modify using the original image:

Settings that can be adapted using environment variables. For instance, you can change the ports used by Apache for HTTP and HTTPS, by setting the environment variables APACHE_HTTP_PORT_NUMBER and APACHE_HTTPS_PORT_NUMBER respectively.
Adding custom virtual hosts.
Replacing the 'httpd.conf' file.
Using custom SSL certificates.

If your desired customizations cannot be covered using the methods mentioned above, extend the image. To do so, create your own image using a Dockerfile with the format below:

FROM bitnami/phpmyadmin
### Put your customizations below
...

Here is an example of extending the image with the following modifications:

Install the vim editor
Modify the Apache configuration file
Modify the ports used by Apache
Modify the default container user

FROM bitnami/phpmyadmin

### Change user to perform privileged actions
USER 0
### Install 'vim'
RUN install_packages vim
### Revert to the original non-root user
USER 1001

### Enable mod_ratelimit module
RUN sed -i -r 's/#LoadModule ratelimit_module/LoadModule ratelimit_module/' /opt/bitnami/apache/conf/httpd.conf

### Modify the ports used by Apache by default
## It is also possible to change these environment variables at runtime
ENV APACHE_HTTP_PORT_NUMBER=8181
ENV APACHE_HTTPS_PORT_NUMBER=8143
EXPOSE 8181 8143

### Modify the default container user
USER 1002

Based on the extended image, you can use a Docker Compose file like the one below to add other features:

version: '2'
services:
  mariadb:
    image: bitnami/mariadb:latest
    environment:
      - MARIADB_ROOT_PASSWORD=bitnami
    volumes:
      - mariadb_data:/bitnami/mariadb
  phpmyadmin:
    build: .
    ports:
      - 80:8181
      - 443:8143
    depends_on:
      - mariadb
    volumes:
      - phpmyadmin_data:/bitnami/mariadb
volumes:
  mariadb_data:
    driver: local
  phpmyadmin_data:
    driver: local

Notable Changes

5.0.2-debian-10-r73

Decrease the size of the container. The configuration logic is now based on Bash scripts in the rootfs/ folder.
The PHPMYADMIN_ALLOW_NO_PASSWORD environment variable has been deprecated in favor of DATABASE_ALLOW_NO_PASSWORD.
New environment variables have been added to support configuring extra PHP options: PHP_UPLOAD_MAX_FILESIZE for upload_max_filesize, and PHP_POST_MAX_SIZE for post_max_size.

4.8.5-debian-9-r96 and 4.8.5-ol-7-r111

This image has been adapted so it's easier to customize. See the Customize this image section for more information.
The Apache configuration volume (/bitnami/apache) has been deprecated, and support for this feature will be dropped in the near future. Until then, the container will enable the Apache configuration from that volume if it exists. By default, and if the configuration volume does not exist, the configuration files will be regenerated each time the container is created. Users wanting to apply custom Apache configuration files are advised to mount a volume for the configuration at /opt/bitnami/apache/conf, or mount specific configuration files individually.
The PHP configuration volume (/bitnami/php) has been deprecated, and support for this feature will be dropped in the near future. Until then, the container will enable the PHP configuration from that volume if it exists. By default, and if the configuration volume does not exist, the configuration files will be regenerated each time the container is created. Users wanting to apply custom PHP configuration files are advised to mount a volume for the configuration at /opt/bitnami/php/conf, or mount specific configuration files individually.
Enabling custom Apache certificates by placing them at /opt/bitnami/apache/certs has been deprecated, and support for this functionality will be dropped in the near future. Users wanting to enable custom certificates are advised to mount their certificate files on top of the preconfigured ones at /certs.

Contributing

We'd love for you to contribute to this container. You can request new features by creating an issue or submitting a pull request with your contribution.

Issues

If you encountered a problem running this container, you can file an issue. For us to provide better support, be sure to fill the issue template.

License

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.