Install MySQL 8, phpMyAdmin, Python3, Apache in FreeNas 11.3 Jail (FreeBSD)

FreeBSD Jail in FreeNas 11.3

Step by step guide to install Apache, PhP, phpMyAdmin and Python in FreeNas Jail

By Fahad Usman

Why do we need this?

I wanted to isolate my web-dev work in a jail. My FreeNas machine is a beast, so I just wanted to install MySQL, Python, PhP etc. in a jail instead of installing it on my personal laptop!

There are many tutorials but none worked for me. It took me a while to get it all working so I thought I should write about it so that others can benefit and whip through the installation (unlike me 🙂 )

One of the biggest benefit for me was that I could create python scripts and let them run non stop!

“The nice thing about FeeNas jails is you can experiment with them with no threat to your FreeNas system. When you are done with your jail? Just delete it…”

In this guide, I will take you through step by step how to set it all up. 

Step 1 – Create a Jail:

Create a jail as normal.

Jail => Add 

FreeNAS is an appliance, meaning that its operating system is not intended to be modified, tweaked, expanded, jacked, bummed, experimented with, or anything else. If you want to install some bit of software into FreeNAS, you really “can’t”, because that’s just not how “appliances” work. But what you *CAN* do is create a “jail”, and you can install software INTO THAT JAIL.


Now Start the Jail.

Step 2 – ssh into FreeNas:

Fire up the terminal and login to FreeNas box. 

ssh [email protected]_freenas_ip. 
iocage console sql_jail_name

Make sure you have the Internet:


The first thing you need to do is to update and upgrade packages:

pkg update
pkg upgrade


Step 3 – Install Apache:

Installing apache is a piece of cake:

pkg install apache24

Start and Enable Apache

To start and enable Apache web server to run on system boot, run the commands below;

sysrc apache24_enable=yes

This will add the line apache24_enable="yes" at the end of the /etc/rc.conf configuration file.

Now start apache and test if it works:

service apache24 start

You can check the status of Apache as shown below;

service apache24 status
apache24 is running as pid 1206.

To verify that you can actually access you web server from your favourite web browser, navigate to the IP address of your jail. If everything is working fine, you should be able to see the default FreeBSD Apache web page which says, “It Works!“.

Step 4 – Install MySQL:

This is similar to installing apache, you could install via a single command. The question is which one because if you do a :

pkg search mysql

There are so many:

mysql55-client-5.5.62_3        Multithreaded SQL database (client)                             mysql55-server-5.5.62_3        Multithreaded SQL database (server)                             mysql56-client-5.6.47          Multithreaded SQL database (client)                             mysql56-server-5.6.47          Multithreaded SQL database (server)                             mysql57-client-5.7.29          Multithreaded SQL database (client)                             mysql57-server-5.7.29          Multithreaded SQL database (server)                             mysql80-client-8.0.19          Multithreaded SQL database (client)                             mysql80-server-8.0.19          Multithreaded SQL database (server)    


I installed mysql80 because it’s based on mysql 8. So run this command to install it:

pkg install mysql80-server

This will also install the mysql-client.

Enable MySQL as a service so it can start on system boot.
sysrc mysql_enable=yes

Start MySQL

service mysql-server start

The first thing we have to do is to secure the installation now. Simply run:


This will kickoff the script asking questions. Setting root passwords etc. You would normally say ‘y’ to all the questions it asks and set the root password.

Login to check if everything works by:

mysql -u root -p

and the password you just set and you should be in the sql prompt like below:

 [email protected]:~ # mysql -u root -p

Enter password: 

Welcome to the MySQL monitor.  Commands end with ; or \g.

Your MySQL connection id is 10

Server version: 8.0.19 Source distribution


Copyright (c) 2000, 2020, Oracle and/or its affiliates. All rights reserved.


Oracle is a registered trademark of Oracle Corporation and/or its

affiliates. Other names may be trademarks of their respective



Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the current input statement.


[email protected] [(none)]> 


Step 5 –  Install and Configure php

In order for PHP to connect to MySQL database to retrieve information for serving to the web server, you need to install PHP Apache and MySQL extensions. The following command installs the most common PHP modules.

 pkg install php72-mysqli php72-json php72-mbstring php72-session php72-hash php72 mod_php72 php72-zlib php72-curl php72-gd

Copy the sample PHP configuration file into the default place and regenerate system cached information about installed binaries.

cp /usr/local/etc/php.ini{-production,}

This will copy the php.ini-production file into:



You can check the version of PHP by running:

php -v

All good? This means php is installed. Now get apache to allow php code to run by editing the Apache configuration file httpd.conf. 

you can find where this is by:

find / -name httpd.conf

Mine was at: /usr/local/etc/apache24/httpd.conf. 

Now add the following at the end of this file:

    <FilesMatch "\.php$">
        SetHandler application/x-httpd-php
    <FilesMatch "\.phps$">
        SetHandler application/x-httpd-php-source

Also in the same file find where 

    DirectoryIndex index.html

And add index.php next to index.html. So in the end it will look like this:

    DirectoryIndex index.php index.html


Restart apache by:

service apache24 restart

To test if its working, create a file with some php code at:

vim /usr/local/www/apache24/data/test.php I created the test.php file with the following code:

<?php phpinfo(); ?>

Now Navigate to this file via a web browser: http://your_ip/test.php. You will see the php info page. 

That’s great!

Now remove the test file from your server to avoid exposing the information about server to the public.

rm -rf /usr/local/www/apache24/data/test.php

Step 6 – Install Latest PhpMyAdmin

Goto the website and copy the link to the latest downloadable file. I downloaded the following


Verify that the downloaded file is not corrupted by comparing that SHA256 hash for the two files matches. From the phpMyAdmin download page, the SHA256 has for the is a6ea4f16ced9f2ce3a9b23d47c1cd0fee5a46ead9bd5f9ec76f8edfb7a153edc. To check the SHA256 for the downloaded file, run the command below;



This will show something like this: 
SHA256 ( = a6ea4f16ced9f2ce3a9b23d47c1cd0fee5a46ead9bd5f9ec76f8edfb7a153edc

Great, the hashes match and we are good to proceed.

unzip by:

mv phpMyAdmin-5.0.2-all-languages /usr/local/www/apache24/data/phpmyadmin

Configure phpMyAdmin

phpMyAdmin has been installed and thus can be configured as below:

Navigate to the /usr/local/www/apache24/data/phpmyadmin and rename the PHP configuration file.

cd /usr/local/www/apache24/data/phpmyadmin

Edit the /usr/local/etc/php.ini and add the following lines to load the extensions installed above.

vim /usr/local/etc/php.ini

Save and quit the file.

Create a tmp folder for caching templates and set proper permissions;

mkdir /usr/local/www/apache24/data/phpmyadmin/tmp
chmod 777 /usr/local/www/apache24/data/phpmyadmin/tmp

Create a blowfish secret required for cookie based authentication to encrypt password in cookie. You can generate the secret and paste as follows;

vim /usr/local/www/apache24/data/phpmyadmin/
 * This is needed for cookie based authentication to encrypt password in
 * cookie. Needs to be 32 chars long.
$cfg['blowfish_secret'] = '$2a$07$jCKBmwSU0iyKGpwsHQUAVOuH5Kh37h52cT5.RLZrvN3tiHO67b1J.'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */


Restart Apache for the changes to take effect.

service apache24 restart

To access phpMyAdmin dashboard, navigate to the browser and enter the URL in the format, http://server-IP/phpmyadmin. This will take you to phpMyAdmin login page.

Login with MySQL database root credentials.

If you are running MySQL 8.0 then you might have an issue with logging in to phpMyAdmin dashboard, see the error below. Note that MySQL 8.0 is using caching_sha2_password rather than mysql_native_password as the default authentication plugin which phpMyAdmin may not understand


mysql8 login error

As a work around, login to your MySQL as a root user by running the following command:

mysql -u root -p

and run the command below to change the Authentication Plugin for the root user to mysql_native_password as shown below;

ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY '[email protected]';

go back to the browser and you should be able to login to your phpMyAdmin dashboard.

To change the default login plugin, you need to edit your my.cnf file and add the following under the [mysqld] section:

vim /usr/local/etc/mysql/my.cnf 
default_authentication_plugin = mysql_native_password

You can also set the bind address to here in order to login remotely by using SQLWorkBench from your laptop etc.

Restart MySQL by:

service mysql-server restart

Install Method 2: packaged phpMyAdmin

This was the most painful process. The installation is very easy but you need to tell which version you want to install. I installed:

pkg install phpMyAdmin5-php72-5.0.1

It installs it at /usr/local/www/phpMyAdmin so move it to /usr/local/www/apache24/data/

mv /usr/local/www/phpMyAdmin/ /usr/local/www/apache24/data/

if you gona navigate to it i.e. http://your_jail_ip/phpMyAdmin. It will not work. You now need to edit your httpd.conf config again. 

vi /usr/local/etc/apache24/httpd.conf

Add at the end:

Alias /phpmyadmin/ "/usr/local/www/apache24/data/phpMyAdmin/"
    <Directory "/usr/local/www/apache24/data/phpMyAdmin/">
        Options None
        AllowOverride Limit
Require local
Require host

Restart apache by:  service apache24 restart 

Navigate to it again and you will get a Forbidden error. So reopen the httpd.conf file and add the following in the same directive:

 Alias /phpmyadmin/ “/usr/local/www/apache24/data/phpMyAdmin/”

    <Directory “/usr/local/www/apache24/data/phpMyAdmin/”>

      AddDefaultCharset UTF-8


                # Apache 2.4


                        Require all granted




                # Apache 2.2

                Order Allow,Deny

                Allow from All


        Options None

        AllowOverride Limit

        Require local

        Require host


Restart apache: service apache24 restart , The phpMyAdmin page will appear. Now if you login, you will get an error:

 mysqli::real_connect(): The server requested authentication method unknown to the client [caching_sha2_password]

To fix this, you will have to login mysql via jail terminal.

mysql -u root -p

And execute the command: 

alter user 'root'@'localhost' identified with mysql_native_password by 'put_complext_password_here';

Re-login and you should be in 🙂

Add the following in your my.cnf file: 

vi /usr/local/etc/mysql/my.cnf 
default_authentication_plugin = mysql_native_password

under the [mysqld] section.

Now you can login into myPhpAdmin.

If you see the following error message at the bottom of the page when you first log in to /phpMyAdmin (using a previously setup MySQL username and password) :

ERROR: The configuration file now needs a secret passphrase (blowfish_secret)  

You need to add a blowfish password to the phpMyAdmin’s config file. Edit /usr/local/www/apache24/data/phpMyAdmin/ and insert a random blowfish “password” in the line

$cfg['blowfish_secret'] = ; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */  

It should now look something like this:

$cfg['blowfish_secret'] = 'randomPassword$£@£{8IZr323xYcSN]0s)r$9b_JUnb{~Xz'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */  

This all assumes you’ve already properly created the config file,


Restart mysql-server: service mysql-server restart

Re-login and the error should be gone.

Step 7 –  Install Python

Install it using:

pkg install python3

Confirm if it installed successfully:

which python3
python3 --version

You can create a link to it so that you dont have to type python3 everytime you need to use it. You can simply say python by:

ln -s /usr/local/bin/python3 /usr/local/bin/python.conf 
python --version
Python 3.7.6

So python is installed successfully.

Install pip (Python Package manager)

pkg install py37-pip
pip install --upgrade pip


Step 8 (Optional) –  Enable HTTPS

I like to enable HTTPS by self signed certificates so that the communication is encrypted. The first thing you need to do is to create private key and the ssl certificate. Goto:


And create a certificate by:

openssl req -x509 -nodes -days 3650 -newkey rsa:4096 -keyout mysqlserver.key -out mysqlserver.crt

Now enable ssl options in the httpd.conf file:

vi -s /usr/local/etc/apache24/httpd.conf 
Listen 443
LoadModule ssl_module libexec/apache24/
Include etc/apache24/extra/httpd-vhosts.conf

Once these lines were uncommented (You will need to add Listen 443 yourself). Now edit the httpd-vhosts.conf file

vi /usr/local/etc/apache24/extra/httpd-vhosts.conf

Change the paths in the port 80 directives and add the directive for port 443. 

This is how it looks like at the end:

<VirtualHost *:80>

    DocumentRoot “/usr/local/www/apache24/data/”



    ErrorLog “/var/log/”

    CustomLog “/var/log/” common



 <VirtualHost *:443>

    DocumentRoot “/usr/local/www/apache24/data/”

    SSLEngine on

    SSLCertificateFile “/usr/local/etc/ssl/mysqlserver.crt”

    SSLCertificateKeyFile “/usr/local/etc/ssl/mysqlserver.key”



Save the file and restart apache: 

service apache24 restart


goto https://your_jail_ip/phpMyAdmin


it will load after you add the certificate in the browser!


This Post Has 4 Comments

  1. Hi,

    Thanks a lot. This is exactly what I’m looking for.

    I’m new to Freenas. Can you please tell me how to samba share the web root folder? I’ve tried and I can edit files from Windows but it mess up the apache’s permission so it won’t function as web server anymore.

    – Klang
    – Klang

  2. say thanks to so a lot for your internet site it assists a lot.

  3. I have been searching for a good tutorial for several days and none of them worked out as easy as yours. Many thanks for the easy to understand tutorial!

Leave a Reply

Close Menu