How to configure docker with ssl + phpmyadmin + mysql

Docker Desktop
1

Hello,

I started to use Docker for my app development. I’m trying to configure SSL with Docker + MySql + phpmyadmin.
My goal is to create a service (using https) which will have several API’s where the client (mobile application will be able to send/receive data to/from). From what I found online there are no good tutorials which can explain on how to achieve this functionality.

This is what I gathered so far:

# ./docker-compose.yml

version: '3'

services:
  db:
    image: mysql:5.7
    environment:
      MYSQL_ROOT_PASSWORD: my_secret_pw_shh
      MYSQL_DATABASE: test_db
      MYSQL_USER: devuser
      MYSQL_PASSWORD: devpass
    ports:
      - "9906:3306"
  web:
    image: php:7.2.2-apache
    container_name: php_web
    depends_on:
      - db
    volumes:
      - ./php/:/var/www/html/
    ports:
      - "8100:80"
    stdin_open: true
    tty: true

#generate-certificates.sh
#!/bin/bash

mkdir -p ssl

docker run --rm --entrypoint=/bin/sh -v ./ssl:/ssl -w /ssl -u $(id -u):$(id -g) alpine/openssl -c "$(cat <<'EOL'

  echo "Generating root certificate of certification authority .."

  openssl genrsa -out root-ca.key 2048

  openssl req -x509 -new -nodes -key root-ca.key -sha256 -days 365 -out root-ca.cert -subj "\
/C=DE\
/ST=Berlin\
/L=Berlin\
/O=3Maj Company\
/CN=3Maj Local CA\
/emailAddress=3maj@t-online.de\
"

  echo "Generating end-entity certificate for host 'localhost' .."

  openssl genrsa -out ssl-cert-snakeoil.key 2048

  openssl req -new -key ssl-cert-snakeoil.key -out ssl-cert-snakeoil.csr -subj "\
/C=DE\
/ST=Berlin\
/L=Berlin\
/O=3Maj Company\
/CN=localhost\
/emailAddress=3maj@t-online.de\
"

  echo >ssl-cert-snakeoil.ext
  echo >>ssl-cert-snakeoil.ext authorityKeyIdentifier=keyid,issuer
  echo >>ssl-cert-snakeoil.ext basicConstraints=CA:FALSE
  echo >>ssl-cert-snakeoil.ext keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
  echo >>ssl-cert-snakeoil.ext subjectAltName = @alt_names
  echo >>ssl-cert-snakeoil.ext
  echo >>ssl-cert-snakeoil.ext [alt_names]
  echo >>ssl-cert-snakeoil.ext DNS.1 = localhost

  openssl x509 -req -in ssl-cert-snakeoil.csr -CA root-ca.cert -CAkey root-ca.key -CAcreateserial \
      -out ssl-cert-snakeoil.cert -days 365 -sha256 -extfile ssl-cert-snakeoil.ext

  rm ssl-cert-snakeoil.ext

EOL
)"

The script is working and generate the according certs for SSL, although I'm not sure how to combine it with the docker yml file and how to use those certs to configure ssl with phpmyadmin to establish https connection. 

I'm sorry in advance if I post it in the wrong section, it's my first post here :))

I will appreciate it, If someone can explain what should I do next or share a guide on how to achieve this functionality that I'm looking for.
2

Most people delegate tls handling to a reverse proxy like Traefik, Caddy or Nginx Proxy Manager. Especially, if you plan to use a certificate issued by Lets Encrypt, they make life much easier.