DB GUI tools
Browser-based MySQL UIs deployed alongside BOA via the _XTRAS_LIST install.
Two are current (Adminer + sqlbuddy); Chive is retired but its vhost lingers.
CGP (Collectd Graph Panel) is the related stats UI installed by the same
xtra.sh.inc path. These are ad-hoc query / table-inspection tools — for
backup, restore, and migration use the dedicated tooling
(dumps, migration & cloning).
What is installed and where
Each tool is served from its own dedicated subdomain vhost; Adminer alone
also has a second, path-based entry point on the Aegir hostmaster proxy vhost
(below). xtra.sh.inc rewrites the placeholder server_name in the shipped
nginx_sql_*.conf to a subdomain of the instance front FQDN (_THIS_FRONT):
| Tool | Vhost server_name | xtras keyword | Status |
|---|---|---|---|
| Adminer | adminer.<front-fqdn> (+ the host IP) |
ADM (or ALL) |
current |
| sqlbuddy | sqlbuddy.<front-fqdn> |
BDD |
current |
| CGP | cgp.<front-fqdn> |
CGP |
current |
| Chive | chive.<front-fqdn> |
CHV (or a leftover /var/www/chive) |
retired |
The shipped confs in aegir/conf/nginx/ carry literal placeholders
(adminer_name, buddy_name, chive_name, cgp_name) that xtra.sh.inc
sed-replaces with the real subdomain when it deploys the vhost to
vhost.d/<tool>.<front-fqdn>. Reach a tool at https://adminer.<front-fqdn>/,
https://sqlbuddy.<front-fqdn>/, etc. No tool has a /sqlbuddy/ or
/sqlchive/ path form anywhere, and site vhosts serve no /sqladmin — the
one real /sqladmin path route is on the hostmaster domain:
As shipped, each nginx_sql_*.conf binds listen 127.0.0.1:80 and
127.0.0.1:443 — localhost only. The subdomain vhost becomes publicly reachable
only because the xtra.sh.inc deploy step seds those 127.0.0.1 listen
addresses to the _XTRAS_THISHTIP wildcard * (set by _validate_xtras_ip),
so the deployed vhost listens on all interfaces. TLS on the subdomain vhost uses
the wildcard cert set /etc/ssl/private/nginx-wild-ssl.{dhp,crt,key}, not a
per-domain Let's Encrypt cert — distinct from the /sqladmin proxy route below,
which serves the per-domain LE cert from the hostmaster proxy vhost.
Second Adminer entry point — /sqladmin on the hostmaster domain
Each instance's Aegir hostmaster HTTPS proxy vhost
(/var/aegir/config/server_master/nginx/pre.d/z_<hostmaster-domain>_ssl_proxy.conf)
carries location ^~ /sqladmin (with a nested location ~* ^/sqladmin), an
adminer.css location, and a location = /sqladmin/index.php PHP-FPM handler,
all aliasing /var/www/adminer — so Adminer is also reachable at
https://<hostmaster-domain>/sqladmin, in addition to
https://adminer.<front-fqdn>/. The vhost is generated by xoct ssl-gen from
/var/xdrago/conf/ssl_proxy.conf (the shipped
aegir/tools/system/conf/ssl_proxy.conf), and OCTOPUS enforces the location's
presence: _satellite_letsencrypt_vhost_setup (satellite.sh.inc) greps the
deployed vhost for sqladmin and regenerates it via xoct ssl-gen when the
block is missing. Because the locations alias /var/www/adminer, they serve
content only when Adminer is installed (ADM/ALL xtras), and both
content-serving locations — the main /sqladmin block and the index.php
handler — carry the same generated ip_access/sqladmin* allowlist as the
subdomain vhost (see Access control below); the adminer.css location
serves only the stylesheet. Template detail lives on the
config templates page.
Changed in BOA 5.10.3: per-site LE vhosts no longer expose /sqladmin at
all. hosting_le_vhost previously injected an ip_access-gated
location ^~ /sqladmin/ block (crawler 403, alias /var/www/adminer) into
every LE-enabled site vhost; it was removed ("SQL Adminer access moved to
Aegir SSL vhosts (Octopus only)", hosting_le commit 83e5d8d, 2024-09-19). If
you reached Adminer via https://<some-site>/sqladmin, use
https://adminer.<front-fqdn>/ or https://<hostmaster-domain>/sqladmin
instead. Site vhost files rendered before that release may still carry the old
block on disk until the site's vhost is next regenerated (e.g. by a Verify
task).
xtras keywords — ADM vs BDD
The gates differ, and ALL is not a superset of BDD:
- Adminer installs when
_XTRAS_LISTcontainsADMorALL(perbarracuda.sh.cnftheALLwildcard covers exactlyADM/CSF/FTP/IMG). It is also installed by default in LOCAL mode. - sqlbuddy installs only when
_XTRAS_LISTcontainsBDD(_if_install_sqlbuddygates on[[ "${_XTRAS_LIST}" =~ "BDD" ]]inxtra.sh.inc)._XTRAS_LIST="ALL"does not install sqlbuddy, because the literal stringALLdoes not containBDD. (BDDis not even one of the keywords listed in thebarracuda.sh.cnfxtras catalogue — it must simply be added to the list by hand.)
So to add sqlbuddy:
# /root/.barracuda.cnf — add BDD (keep any existing keywords)
_XTRAS_LIST="ALL BDD"
then re-run barracuda up-lts. The xtras catalogue is in
Control files & INI.
Access control
The nginx_sql_*.conf vhosts protect the tools with two mechanisms, and no
Aegir/Drupal SSO:
- IP allowlist. Each vhost includes
/var/aegir/config/includes/ip_access/sqladmin*. That fragment is generated byip_access.sh, which reads the master control file/var/aegir/control/ip/access.txt(the "sqladmin proxy" record list) and emits a per-context<site>.confofallow <ip>;lines plus a finaldeny all;— always also allowing127.0.0.1, the server's own IP, and every currently logged-in SSH IP (anti-lockout). (sqladminhere is the include name, not a URL path.) Thextra.sh.incdeploy step itself only rewrites the vhost's listen address (_validate_xtras_ipsets the_XTRAS_THISHTIP="*"wildcard for thelistenlines); the allow/deny list is theip_access.shfragment. Access from an IP not on the list is refused at the vhost. The same generatedsqladmin*fragment gates every Adminer entry point — theadminer.<front-fqdn>subdomain vhost and both hostmaster-proxy/sqladminlocations — so the/var/aegir/control/ip/access.txtrecord list governs all of them. - Crawler block.
if ($is_crawler) { return 444; }— bots get a connection drop. - App login. Authentication is the tool's own DB-credential login (the per-site DB user/password), not a shared web-auth layer.
There is no auth_basic, no auth_request, and no Aegir/Drupal login on these
vhosts. The legacy /root/.ip.protected.vhost.whitelist.cnf file referenced in
older docs has no live reader in the current tree — the IP allow is the
generated ip_access/sqladmin* include, not that marker.
Adminer
The default DB UI — a single PHP file, minimal footprint.
Good at: browsing schema (databases → tables → columns); ad-hoc
SELECT/UPDATE/INSERT/DELETE; small per-table exports; inspecting
indexes, triggers, stored procedures.
Not good at: large-dataset operations (the UI hangs on big exports — use
mydumper instead); long-running queries (PHP timeout
kills them — use the mysql CLI for anything over ~2 min); restore from backup
(use myloader or the Aegir Restore task).
Login: the per-site DB credentials (visible in the site's settings.php, or
in the Aegir UI under the site node's Database tab).
sqlbuddy
An older lightweight UI with similar capabilities to Adminer and a different UX;
kept for operators who prefer it. Served at https://sqlbuddy.<front-fqdn>/.
CGP — Collectd Graph Panel
Served at https://cgp.<front-fqdn>/. A browser stats UI over Collectd metrics
(CPU, memory, network, disk, MySQL counters). Requires CGP in _XTRAS_LIST
and a cgp.<front-fqdn> DNS record pointing at the host. Useful for
spot-checking trends without a separate monitoring stack; for the BOA monitor
self-heal stack see Monitoring.
Chive — retired
Chive was BOA's earlier DB UI, retired because upstream stopped maintenance and
its Yii-1.x dependency aged out; Adminer fills the same role with less surface.
The nginx_sql_chive.conf vhost still exists in aegir/conf/nginx/ but it is
vestigial — the Chive PHP code is no longer installed, so
https://chive.<front-fqdn>/ returns an error. Direct anyone who remembers it
to Adminer. See Discontinued features.
CLI alternative
For anything beyond a quick lookup, use the mysql CLI as root — passwordless
via /root/.my.cnf:
mysql # connect as root
mysql <dbname> # pick a specific DB
/root/.my.cnf holds the root password so operators never type it (and should
not — BOA may rotate it on a schedule). Treat /root/.my.cnf and
/root/.my.pass.txt as never-edit files.
Related
- Percona install + tuning — the Percona instance these tools talk to.
- Dumps with mydumper — for any operation involving large data.
- nginx internals — the
nginx_sql_*.confadmin vhost set, thessl_proxy.confhostmaster proxy template, and the$is_crawlerruntime variable. - Control files & INI — the
ADM/BDD/CGPxtras keywords. - Discontinued features — Chive history.