SS_ADMINER_PUBLIC="false" does not work as intended.

[NathanAdhitya]

Issue

On version APR2023K, SS_ADMINER_PUBLIC set to "false" still exposes Adminer to the public web.

[jessuppi]

Related: #73

[jessuppi]

Perhaps this is another feature that could be moved to our new Nginx includes approach, like:

/var/www/sites/includes/adminer.conf

[jessuppi]

If we end up doing something like:

https://wordpress.org/plugins/db-access-adminer/

Where it requires WP Admin authentication, the entire issue might be moot.

[jessuppi]

Some patches:

fd74e7a

865024f

[jessuppi]

These patches (above) are temporary, because they delete the adminer.php file in case SS_ADMINER_PUBLIC is set to false in your ss-config. Later on, we should consider a separate Nginx file for Adminer too.

[jessuppi]

New sub-module in progress:

https://github.com/littlebizzy/slickstack/blob/master/modules/nginx/includes/adminer-conf.txt

[jessuppi]

We could probably also hide the Database tab in the SlickStack WP Admin Dashboard if this is set to false, that's something that a few developers had asked about.

[jessuppi]

Update: this option in ss-config is now called ADMINER_PUBLIC

[jessuppi]

Okay, Adminer is now officially a submodule for Nginx for SlickStack purposes... if ADMINER_PUBLIC="true" in your ss-config then the file adminer.conf will be installed to /var/www/sites/includes going forward, otherwise that file will be deleted if set to false for that option.

New script:
https://github.com/littlebizzy/slickstack/blob/master/bash/ss-install-nginx-adminer.txt

I've also removed the temporary fix in ss-clean-files which deleted /var/www/meta/adminer.php if ADMINER_PUBLIC was set to false... so that is no longer going to happen going forward.

Notes:

We could make this even stronger by adding a 403 denied or something to the Adminer URL, however, now that the URL is a randomized string it's probably not a concern.