I’ve been running more PHP apps for virtualhosts lately, and one thing I dislike about such bundles is having a config file in the app root. For one, it’s sitting in the web root, and if improperly configured the server could serve it as content, posing a security risk (as they tend to hold database login information, passwords, etc.) The other reason is that I like to maintain a single copy of the app (via the FreeBSD ports tree, or from a single repository checkout.) I don’t want to make copies, because then I need to maintain each copy too, and I can’t just set the primary installation directory as the server document root, or alias a subpath to it, because each deployment would receive the same default config file. Any modifications to the application code, to make it look elsewhere for the config, would likely be lost in the next upgrade. So how can you share a single installation for multiple deployments?

The key is that the config file itself is usually left as-is during upgrades, as it is supposed to be altered by the user. We use this file to include another config file from elsewhere based on webserver variables.

For example, here is my config.inc.php for phpMyAdmin:


<?php
/*
Delegate to another file.

?>


You now just need two lines in a virtualhost config to set up a new installation:

SetEnv PHPMYADMIN_CONFIG_FILE /usr/home/$USER/.phpmyadmin
Alias /phpmyadmin/ "/usr/local/www/phpMyAdmin/"

Of course, you still need to set up each .phpmyadmin file, but that’s easy enough. Of course, if you’re deploying lots of similar database setups, you could also use the virtualhost config to set up the configuration and re-use a common config.inc.php tweaked to use server variables (PHPMYADMIN_HOST)… but I’ll leave that as an exercise for the reader. Avoid passing passwords this way, however, as server configuration variables are another potential data leak.