Skip to main content
Glama

Database Bridge MCP Server

mcp-db-bridge

English | Português


English

Version

MCP (Model Context Protocol) server for MySQL, PostgreSQL & SQLite with granular permissions, multi-DB support, and cloud-ready SSL/TLS. Built with adapter pattern for extensibility.

Features

  • 🔌 Multi-Database: MySQL, PostgreSQL, SQLite

  • 🏗️ Adapter Pattern: Clean and extensible architecture

  • ☁️ Cloud-Ready: SSL/TLS for AWS RDS, Google Cloud SQL, Azure Database

  • 🔒 Security First: Read-only mode + granular schema permissions

  • 🌐 Multi-DB Mode: Simultaneous access to multiple schemas/databases

  • 🔄 Transactions: Automatic BEGIN/COMMIT/ROLLBACK

  • 🚀 HTTP Mode: Optional remote HTTP server (Express)

Installation

npm install mcp-db-bridge # or pnpm add mcp-db-bridge

Quick Start

MySQL (Local)

# .env DB_TYPE=mysql DB_HOST=127.0.0.1 DB_PORT=3306 DB_USER=root DB_PASS=password DB_NAME=mydb

PostgreSQL (Local)

# .env DB_TYPE=postgresql DB_HOST=127.0.0.1 DB_PORT=5432 DB_USER=postgres DB_PASS=password DB_NAME=mydb

SQLite (In-Memory)

# .env DB_TYPE=sqlite SQLITE_DB=:memory:

Run

pnpm build pnpm start # or node dist/index.js

Configuration

Database Types

DB_TYPE=mysql # MySQL DB_TYPE=postgresql # PostgreSQL DB_TYPE=sqlite # SQLite

Connection Settings

Generic (All Databases)

DB_HOST=127.0.0.1 DB_PORT=3306 # MySQL: 3306, PostgreSQL: 5432 DB_USER=root DB_PASS=password DB_NAME=mydb # Leave empty for multi-DB mode DB_CONNECTION_LIMIT=10

MySQL-Specific (Backward Compatibility)

MYSQL_HOST=127.0.0.1 MYSQL_PORT=3306 MYSQL_USER=root MYSQL_PASS=password MYSQL_DB=mydb MYSQL_SOCKET_PATH=/tmp/mysql.sock # Unix socket (priority over host/port)

PostgreSQL-Specific

POSTGRESQL_HOST=127.0.0.1 POSTGRESQL_PORT=5432 POSTGRESQL_DB=mydb

SQLite-Specific

SQLITE_DB=:memory: # In-memory database SQLITE_DB=/var/lib/app/data.db # File-based database

Security & Permissions

Read-Only Mode

Blocks all write operations at application level:

DB_READ_ONLY_MODE=true

Global Write Permissions

Fine-grained operation control by type (applied globally):

ALLOW_INSERT_OPERATION=true # Allow INSERT ALLOW_UPDATE_OPERATION=true # Allow UPDATE ALLOW_DELETE_OPERATION=false # Block DELETE ALLOW_DDL_OPERATION=false # Block CREATE/ALTER/DROP/TRUNCATE

Schema-Specific Permissions

Override global permissions for specific schemas:

# Format: "schema1:true,schema2:false,schema3:true" SCHEMA_INSERT_PERMISSIONS=prod_db:false,test_db:true,staging_db:true SCHEMA_UPDATE_PERMISSIONS=prod_db:false,test_db:true,staging_db:true SCHEMA_DELETE_PERMISSIONS=prod_db:false,test_db:false,staging_db:false SCHEMA_DDL_PERMISSIONS=prod_db:false,test_db:true,staging_db:false

How it works:

  • If schema has specific permission → use it

  • Otherwise → use global flag

Example:

# Global: INSERT blocked ALLOW_INSERT_OPERATION=false # test_db can insert, prod_db cannot SCHEMA_INSERT_PERMISSIONS=test_db:true,prod_db:false # Result: # - INSERT on test_db: ✅ allowed (schema permission) # - INSERT on prod_db: ❌ blocked (schema permission) # - INSERT on other_db: ❌ blocked (global permission)

Multi-DB Mode

Access multiple databases/schemas through a single connection.

Activation

Leave DB_NAME empty (MySQL/PostgreSQL only):

DB_TYPE=mysql DB_HOST=127.0.0.1 DB_PORT=3306 DB_USER=root DB_PASS=password DB_NAME= # Empty = multi-DB mode

Write Protection

By default, multi-DB mode is read-only for security. To allow writes:

MULTI_DB_WRITE_MODE=true # ⚠️ Use with caution!

Recommendation: Use SCHEMA_*_PERMISSIONS for granular control instead of MULTI_DB_WRITE_MODE=true.

Complete Example

# Multi-DB with granular permissions DB_TYPE=mysql DB_NAME= # Multi-DB mode ALLOW_INSERT_OPERATION=false # Global: blocked SCHEMA_INSERT_PERMISSIONS=test_db:true # Exception: test_db can insert SCHEMA_UPDATE_PERMISSIONS=test_db:true # Exception: test_db can update SCHEMA_DELETE_PERMISSIONS=test_db:false # test_db: DELETE blocked SCHEMA_DDL_PERMISSIONS=test_db:true # test_db: DDL allowed

SSL/TLS for Cloud Databases

AWS RDS (MySQL/PostgreSQL)

DB_TYPE=mysql DB_HOST=myinstance.123456789012.us-east-1.rds.amazonaws.com DB_PORT=3306 DB_SSL=true DB_SSL_REJECT_UNAUTHORIZED=true # Optional: DB_SSL_CA=/path/to/aws-rds-ca-cert.pem

Google Cloud SQL (PostgreSQL)

DB_TYPE=postgresql DB_HOST=34.123.45.67 DB_PORT=5432 DB_SSL=true DB_SSL_CA=/path/to/server-ca.pem DB_SSL_CERT=/path/to/client-cert.pem DB_SSL_KEY=/path/to/client-key.pem

Azure Database for MySQL

DB_TYPE=mysql DB_HOST=myserver.mysql.database.azure.com DB_PORT=3306 DB_SSL=true DB_SSL_REJECT_UNAUTHORIZED=true

Remote MCP (HTTP Server)

Run MCP server via HTTP with authentication:

# .env IS_REMOTE_MCP=true REMOTE_SECRET_KEY=your-secret-key-here PORT=3000

Endpoint: POST http://localhost:3000/mcp

Header: Authorization: Bearer your-secret-key-here

Architecture

src/ ├── db/ │ ├── adapters/ │ │ ├── types.ts # Interfaces and types │ │ ├── factory.ts # Factory pattern │ │ ├── mysql.adapter.ts # MySQL via mysql2 │ │ ├── postgresql.adapter.ts # PostgreSQL via pg │ │ └── sqlite.adapter.ts # SQLite via better-sqlite3 │ ├── index.ts # Core query handlers │ ├── utils.ts # SQL parsing (node-sql-parser) │ └── permissions.ts # Schema permission checks ├── config/ │ └── index.ts # Environment configuration ├── utils/ │ └── index.ts # Logging & utilities └── types/ └── index.ts # Type definitions

Adapter Pattern

Each adapter implements the DatabaseAdapter interface:

export interface DatabaseAdapter { readonly type: DatabaseType; createPool(config: ConnectionConfig): Promise<DatabasePool>; executeQuery<T>(pool: DatabasePool, sql: string, params?: any[]): Promise<T>; setReadOnly(connection: DatabaseConnection): Promise<void>; unsetReadOnly(connection: DatabaseConnection): Promise<void>; normalizeResult(result: any): NormalizedResult; supportsReadOnlyMode(): boolean; }

Transaction Flows

Read Operations:

BEGIN → SET TRANSACTION READ ONLY → QUERY → ROLLBACK → RESET TO READ WRITE

Write Operations:

BEGIN → QUERY → COMMIT (or ROLLBACK on error)

Examples

MySQL with Unix Socket

DB_TYPE=mysql MYSQL_SOCKET_PATH=/tmp/mysql.sock DB_USER=root DB_PASS=password DB_NAME=mydb

PostgreSQL Multi-DB with Permissions

DB_TYPE=postgresql DB_HOST=localhost DB_PORT=5432 DB_USER=postgres DB_PASS=password DB_NAME= # Multi-DB mode SCHEMA_INSERT_PERMISSIONS=app_db:true # app_db can insert SCHEMA_UPDATE_PERMISSIONS=app_db:true # app_db can update SCHEMA_DELETE_PERMISSIONS=app_db:false # app_db: DELETE blocked

SQLite Read-Only

DB_TYPE=sqlite SQLITE_DB=/var/lib/data/production.db DB_READ_ONLY_MODE=true

AWS RDS MySQL with SSL

DB_TYPE=mysql DB_HOST=prod.abc123.us-east-1.rds.amazonaws.com DB_PORT=3306 DB_USER=admin DB_PASS=secure_password DB_NAME=production DB_SSL=true DB_SSL_REJECT_UNAUTHORIZED=true ALLOW_INSERT_OPERATION=false ALLOW_UPDATE_OPERATION=false ALLOW_DELETE_OPERATION=false ALLOW_DDL_OPERATION=false

Development

pnpm dev # Run in dev mode (tsx) pnpm build # Compile TypeScript pnpm watch # Watch mode pnpm exec # Build + run with .env

Testing

pnpm test # Run all tests (setup + vitest run) pnpm test:watch # Watch mode pnpm test:unit # Unit tests only pnpm test:integration # Integration tests (MySQL, socket, permissions) pnpm test:e2e # End-to-end tests pnpm test:coverage # Coverage report

Test Structure:

tests/ ├── unit/ # Isolated functions (query parsing, utils) ├── integration/ # Real database operations └── e2e/ # Complete MCP server workflows

Performance Tuning

Connection Pool

DB_CONNECTION_LIMIT=20 # Default: 10

Disable Read-Only Transactions (MySQL)

⚠️ Not recommended - reduces security:

MYSQL_DISABLE_READ_ONLY_TRANSACTIONS=true

Environment Variables Reference

Core Database Settings

Variable

Description

Default

Example

DB_TYPE

Database type

mysql

mysql

,

postgresql

,

sqlite

DB_HOST

Database host

127.0.0.1

localhost

,

db.example.com

DB_PORT

Database port

3306

3306

(MySQL),

5432

(PostgreSQL)

DB_USER

Database user

root

admin

,

postgres

DB_PASS

Database password

""

secure_password

DB_NAME

Database name

undefined

mydb

,

""

(multi-DB)

DB_CONNECTION_LIMIT

Pool size

10

20

Security Settings

Variable

Description

Default

Values

DB_READ_ONLY_MODE

Global read-only mode

false

true

,

false

ALLOW_INSERT_OPERATION

Global INSERT permission

false

true

,

false

ALLOW_UPDATE_OPERATION

Global UPDATE permission

false

true

,

false

ALLOW_DELETE_OPERATION

Global DELETE permission

false

true

,

false

ALLOW_DDL_OPERATION

Global DDL permission

false

true

,

false

MULTI_DB_WRITE_MODE

Allow writes in multi-DB

false

true

,

false

Schema Permissions

Variable

Format

Example

SCHEMA_INSERT_PERMISSIONS

schema:bool,schema:bool

test_db:true,prod_db:false

SCHEMA_UPDATE_PERMISSIONS

schema:bool,schema:bool

test_db:true,prod_db:false

SCHEMA_DELETE_PERMISSIONS

schema:bool,schema:bool

test_db:false,prod_db:false

SCHEMA_DDL_PERMISSIONS

schema:bool,schema:bool

test_db:true,prod_db:false

SSL/TLS Settings

Variable

Description

Required

Example

DB_SSL

Enable SSL/TLS

Cloud DBs

true

,

false

DB_SSL_REJECT_UNAUTHORIZED

Strict SSL validation

Production

true

,

false

DB_SSL_CA

CA certificate path

Cloud SQL

/path/to/ca.pem

DB_SSL_CERT

Client certificate

Cloud SQL

/path/to/cert.pem

DB_SSL_KEY

Client key

Cloud SQL

/path/to/key.pem

Remote MCP Settings

Variable

Description

Required

Example

IS_REMOTE_MCP

Enable HTTP mode

No

true

,

false

REMOTE_SECRET_KEY

Auth token

If remote

your-secret-key

PORT

HTTP server port

No

3000

Troubleshooting

Connection Errors

MySQL socket not found:

# Check socket path sudo mysql -u root -p -e "SELECT @@socket;" # Set in .env MYSQL_SOCKET_PATH=/var/run/mysqld/mysqld.sock

PostgreSQL connection refused:

# Check if PostgreSQL is running sudo systemctl status postgresql # Check port sudo netstat -tulpn | grep 5432

Permission Errors

"Operation not allowed in read-only mode":

# Check global read-only mode DB_READ_ONLY_MODE=false # Check multi-DB mode MULTI_DB_WRITE_MODE=true # If needed # Or use schema permissions SCHEMA_INSERT_PERMISSIONS=mydb:true

"INSERT not allowed for schema 'mydb'":

# Check global permission ALLOW_INSERT_OPERATION=true # Or add schema exception SCHEMA_INSERT_PERMISSIONS=mydb:true

License

MIT

Credits


Português

Version

Servidor MCP (Model Context Protocol) para MySQL, PostgreSQL e SQLite com permissões granulares, suporte multi-DB e SSL/TLS pronto para nuvem. Construído com adapter pattern para extensibilidade.

Funcionalidades

  • 🔌 Multi-Database: MySQL, PostgreSQL, SQLite

  • 🏗️ Adapter Pattern: Arquitetura limpa e extensível

  • ☁️ Cloud-Ready: SSL/TLS para AWS RDS, Google Cloud SQL, Azure Database

  • 🔒 Security First: Modo read-only + permissões granulares por schema

  • 🌐 Multi-DB Mode: Acesso simultâneo a múltiplos schemas/databases

  • 🔄 Transações: BEGIN/COMMIT/ROLLBACK automático

  • 🚀 Modo HTTP: Servidor HTTP remoto opcional (Express)

Instalação

npm install mcp-db-bridge # ou pnpm add mcp-db-bridge

Início Rápido

MySQL (Local)

# .env DB_TYPE=mysql DB_HOST=127.0.0.1 DB_PORT=3306 DB_USER=root DB_PASS=password DB_NAME=mydb

PostgreSQL (Local)

# .env DB_TYPE=postgresql DB_HOST=127.0.0.1 DB_PORT=5432 DB_USER=postgres DB_PASS=password DB_NAME=mydb

SQLite (In-Memory)

# .env DB_TYPE=sqlite SQLITE_DB=:memory:

Executar

pnpm build pnpm start # ou node dist/index.js

Configuração

Tipos de Banco de Dados

DB_TYPE=mysql # MySQL DB_TYPE=postgresql # PostgreSQL DB_TYPE=sqlite # SQLite

Configurações de Conexão

Genéricas (Todos os Bancos)

DB_HOST=127.0.0.1 DB_PORT=3306 # MySQL: 3306, PostgreSQL: 5432 DB_USER=root DB_PASS=password DB_NAME=mydb # Deixe vazio para modo multi-DB DB_CONNECTION_LIMIT=10

Específicas do MySQL (Compatibilidade)

MYSQL_HOST=127.0.0.1 MYSQL_PORT=3306 MYSQL_USER=root MYSQL_PASS=password MYSQL_DB=mydb MYSQL_SOCKET_PATH=/tmp/mysql.sock # Unix socket (prioridade sobre host/port)

Específicas do PostgreSQL

POSTGRESQL_HOST=127.0.0.1 POSTGRESQL_PORT=5432 POSTGRESQL_DB=mydb

Específicas do SQLite

SQLITE_DB=:memory: # Database em memória SQLITE_DB=/var/lib/app/data.db # Database em arquivo

Segurança & Permissões

Modo Read-Only

Bloqueia todas as operações de escrita em nível de aplicação:

DB_READ_ONLY_MODE=true

Permissões Globais de Escrita

Controle fino de operações por tipo (aplicado globalmente):

ALLOW_INSERT_OPERATION=true # Permite INSERT ALLOW_UPDATE_OPERATION=true # Permite UPDATE ALLOW_DELETE_OPERATION=false # Bloqueia DELETE ALLOW_DDL_OPERATION=false # Bloqueia CREATE/ALTER/DROP/TRUNCATE

Permissões Específicas por Schema

Sobrescreve permissões globais para schemas específicos:

# Formato: "schema1:true,schema2:false,schema3:true" SCHEMA_INSERT_PERMISSIONS=prod_db:false,test_db:true,staging_db:true SCHEMA_UPDATE_PERMISSIONS=prod_db:false,test_db:true,staging_db:true SCHEMA_DELETE_PERMISSIONS=prod_db:false,test_db:false,staging_db:false SCHEMA_DDL_PERMISSIONS=prod_db:false,test_db:true,staging_db:false

Como funciona:

  • Se schema tem permissão específica → usa ela

  • Caso contrário → usa flag global

Exemplo:

# Global: INSERT bloqueado ALLOW_INSERT_OPERATION=false # test_db pode inserir, prod_db não pode SCHEMA_INSERT_PERMISSIONS=test_db:true,prod_db:false # Resultado: # - INSERT em test_db: ✅ permitido (permissão do schema) # - INSERT em prod_db: ❌ bloqueado (permissão do schema) # - INSERT em other_db: ❌ bloqueado (permissão global)

Modo Multi-DB

Acessa múltiplos databases/schemas através de uma única conexão.

Ativação

Deixe DB_NAME vazio (MySQL/PostgreSQL apenas):

DB_TYPE=mysql DB_HOST=127.0.0.1 DB_PORT=3306 DB_USER=root DB_PASS=password DB_NAME= # Vazio = modo multi-DB

Proteção de Escrita

Por padrão, modo multi-DB é read-only por segurança. Para permitir escritas:

MULTI_DB_WRITE_MODE=true # ⚠️ Use com cautela!

Recomendação: Use SCHEMA_*_PERMISSIONS para controle granular ao invés de MULTI_DB_WRITE_MODE=true.

Exemplo Completo

# Multi-DB com permissões granulares DB_TYPE=mysql DB_NAME= # Modo multi-DB ALLOW_INSERT_OPERATION=false # Global: bloqueado SCHEMA_INSERT_PERMISSIONS=test_db:true # Exceção: test_db pode inserir SCHEMA_UPDATE_PERMISSIONS=test_db:true # Exceção: test_db pode atualizar SCHEMA_DELETE_PERMISSIONS=test_db:false # test_db: DELETE bloqueado SCHEMA_DDL_PERMISSIONS=test_db:true # test_db: DDL permitido

SSL/TLS para Bancos na Nuvem

AWS RDS (MySQL/PostgreSQL)

DB_TYPE=mysql DB_HOST=myinstance.123456789012.us-east-1.rds.amazonaws.com DB_PORT=3306 DB_SSL=true DB_SSL_REJECT_UNAUTHORIZED=true # Opcional: DB_SSL_CA=/path/to/aws-rds-ca-cert.pem

Google Cloud SQL (PostgreSQL)

DB_TYPE=postgresql DB_HOST=34.123.45.67 DB_PORT=5432 DB_SSL=true DB_SSL_CA=/path/to/server-ca.pem DB_SSL_CERT=/path/to/client-cert.pem DB_SSL_KEY=/path/to/client-key.pem

Azure Database for MySQL

DB_TYPE=mysql DB_HOST=myserver.mysql.database.azure.com DB_PORT=3306 DB_SSL=true DB_SSL_REJECT_UNAUTHORIZED=true

MCP Remoto (Servidor HTTP)

Execute o servidor MCP via HTTP com autenticação:

# .env IS_REMOTE_MCP=true REMOTE_SECRET_KEY=your-secret-key-here PORT=3000

Endpoint: POST http://localhost:3000/mcp

Header: Authorization: Bearer your-secret-key-here

Arquitetura

src/ ├── db/ │ ├── adapters/ │ │ ├── types.ts # Interfaces e tipos │ │ ├── factory.ts # Factory pattern │ │ ├── mysql.adapter.ts # MySQL via mysql2 │ │ ├── postgresql.adapter.ts # PostgreSQL via pg │ │ └── sqlite.adapter.ts # SQLite via better-sqlite3 │ ├── index.ts # Core query handlers │ ├── utils.ts # SQL parsing (node-sql-parser) │ └── permissions.ts # Schema permission checks ├── config/ │ └── index.ts # Configuração de ambiente ├── utils/ │ └── index.ts # Logging & utilitários └── types/ └── index.ts # Definições de tipos

Adapter Pattern

Cada adapter implementa a interface DatabaseAdapter:

export interface DatabaseAdapter { readonly type: DatabaseType; createPool(config: ConnectionConfig): Promise<DatabasePool>; executeQuery<T>(pool: DatabasePool, sql: string, params?: any[]): Promise<T>; setReadOnly(connection: DatabaseConnection): Promise<void>; unsetReadOnly(connection: DatabaseConnection): Promise<void>; normalizeResult(result: any): NormalizedResult; supportsReadOnlyMode(): boolean; }

Fluxos de Transação

Operações de Leitura:

BEGIN → SET TRANSACTION READ ONLY → QUERY → ROLLBACK → RESET TO READ WRITE

Operações de Escrita:

BEGIN → QUERY → COMMIT (ou ROLLBACK em caso de erro)

Exemplos

MySQL com Unix Socket

DB_TYPE=mysql MYSQL_SOCKET_PATH=/tmp/mysql.sock DB_USER=root DB_PASS=password DB_NAME=mydb

PostgreSQL Multi-DB com Permissões

DB_TYPE=postgresql DB_HOST=localhost DB_PORT=5432 DB_USER=postgres DB_PASS=password DB_NAME= # Modo multi-DB SCHEMA_INSERT_PERMISSIONS=app_db:true # app_db pode inserir SCHEMA_UPDATE_PERMISSIONS=app_db:true # app_db pode atualizar SCHEMA_DELETE_PERMISSIONS=app_db:false # app_db: DELETE bloqueado

SQLite Read-Only

DB_TYPE=sqlite SQLITE_DB=/var/lib/data/production.db DB_READ_ONLY_MODE=true

AWS RDS MySQL com SSL

DB_TYPE=mysql DB_HOST=prod.abc123.us-east-1.rds.amazonaws.com DB_PORT=3306 DB_USER=admin DB_PASS=secure_password DB_NAME=production DB_SSL=true DB_SSL_REJECT_UNAUTHORIZED=true ALLOW_INSERT_OPERATION=false ALLOW_UPDATE_OPERATION=false ALLOW_DELETE_OPERATION=false ALLOW_DDL_OPERATION=false

Desenvolvimento

pnpm dev # Executar em modo dev (tsx) pnpm build # Compilar TypeScript pnpm watch # Modo watch pnpm exec # Build + executar com .env

Testes

pnpm test # Executar todos os testes (setup + vitest run) pnpm test:watch # Modo watch pnpm test:unit # Apenas testes unitários pnpm test:integration # Testes de integração (MySQL, socket, permissões) pnpm test:e2e # Testes end-to-end pnpm test:coverage # Relatório de cobertura

Estrutura de Testes:

tests/ ├── unit/ # Funções isoladas (parsing de queries, utils) ├── integration/ # Operações reais de banco de dados └── e2e/ # Fluxos completos do servidor MCP

Ajustes de Performance

Connection Pool

DB_CONNECTION_LIMIT=20 # Padrão: 10

Desabilitar Transações Read-Only (MySQL)

⚠️ Não recomendado - reduz segurança:

MYSQL_DISABLE_READ_ONLY_TRANSACTIONS=true

Referência de Variáveis de Ambiente

Configurações Principais do Banco

Variável

Descrição

Padrão

Exemplo

DB_TYPE

Tipo de banco

mysql

mysql

,

postgresql

,

sqlite

DB_HOST

Host do banco

127.0.0.1

localhost

,

db.example.com

DB_PORT

Porta do banco

3306

3306

(MySQL),

5432

(PostgreSQL)

DB_USER

Usuário do banco

root

admin

,

postgres

DB_PASS

Senha do banco

""

secure_password

DB_NAME

Nome do banco

undefined

mydb

,

""

(multi-DB)

DB_CONNECTION_LIMIT

Tamanho do pool

10

20

Configurações de Segurança

Variável

Descrição

Padrão

Valores

DB_READ_ONLY_MODE

Modo global read-only

false

true

,

false

ALLOW_INSERT_OPERATION

Permissão global de INSERT

false

true

,

false

ALLOW_UPDATE_OPERATION

Permissão global de UPDATE

false

true

,

false

ALLOW_DELETE_OPERATION

Permissão global de DELETE

false

true

,

false

ALLOW_DDL_OPERATION

Permissão global de DDL

false

true

,

false

MULTI_DB_WRITE_MODE

Permitir escritas em multi-DB

false

true

,

false

Permissões por Schema

Variável

Formato

Exemplo

SCHEMA_INSERT_PERMISSIONS

schema:bool,schema:bool

test_db:true,prod_db:false

SCHEMA_UPDATE_PERMISSIONS

schema:bool,schema:bool

test_db:true,prod_db:false

SCHEMA_DELETE_PERMISSIONS

schema:bool,schema:bool

test_db:false,prod_db:false

SCHEMA_DDL_PERMISSIONS

schema:bool,schema:bool

test_db:true,prod_db:false

Configurações SSL/TLS

Variável

Descrição

Necessária

Exemplo

DB_SSL

Habilitar SSL/TLS

Bancos Cloud

true

,

false

DB_SSL_REJECT_UNAUTHORIZED

Validação SSL estrita

Produção

true

,

false

DB_SSL_CA

Caminho do certificado CA

Cloud SQL

/path/to/ca.pem

DB_SSL_CERT

Certificado do cliente

Cloud SQL

/path/to/cert.pem

DB_SSL_KEY

Chave do cliente

Cloud SQL

/path/to/key.pem

Configurações MCP Remoto

Variável

Descrição

Necessária

Exemplo

IS_REMOTE_MCP

Habilitar modo HTTP

Não

true

,

false

REMOTE_SECRET_KEY

Token de autenticação

Se remoto

your-secret-key

PORT

Porta do servidor HTTP

Não

3000

Solução de Problemas

Erros de Conexão

Socket MySQL não encontrado:

# Verificar caminho do socket sudo mysql -u root -p -e "SELECT @@socket;" # Configurar no .env MYSQL_SOCKET_PATH=/var/run/mysqld/mysqld.sock

Conexão PostgreSQL recusada:

# Verificar se PostgreSQL está rodando sudo systemctl status postgresql # Verificar porta sudo netstat -tulpn | grep 5432

Erros de Permissão

"Operation not allowed in read-only mode":

# Verificar modo global read-only DB_READ_ONLY_MODE=false # Verificar modo multi-DB MULTI_DB_WRITE_MODE=true # Se necessário # Ou usar permissões de schema SCHEMA_INSERT_PERMISSIONS=mydb:true

"INSERT not allowed for schema 'mydb'":

# Verificar permissão global ALLOW_INSERT_OPERATION=true # Ou adicionar exceção de schema SCHEMA_INSERT_PERMISSIONS=mydb:true

Licença

MIT

Créditos

-
security - not tested
A
license - permissive license
-
quality - not tested

hybrid server

The server is able to function both locally and remotely, depending on the configuration or use case.

Enables secure database interactions with MySQL, PostgreSQL, and SQLite through granular permissions, multi-database support, and cloud-ready SSL/TLS connections. Supports read-only modes, schema-specific permissions, and transaction management for safe database operations.

  1. English
    1. Features
    2. Installation
    3. Quick Start
    4. Configuration
    5. Security & Permissions
    6. Multi-DB Mode
    7. SSL/TLS for Cloud Databases
    8. Remote MCP (HTTP Server)
    9. Architecture
    10. Examples
    11. Development
    12. Testing
    13. Performance Tuning
    14. Environment Variables Reference
    15. Troubleshooting
    16. License
    17. Credits
  2. Português
    1. Funcionalidades
    2. Instalação
    3. Início Rápido
    4. Configuração
    5. Segurança & Permissões
    6. Modo Multi-DB
    7. SSL/TLS para Bancos na Nuvem
    8. MCP Remoto (Servidor HTTP)
    9. Arquitetura
    10. Exemplos
    11. Desenvolvimento
    12. Testes
    13. Ajustes de Performance
    14. Referência de Variáveis de Ambiente
    15. Solução de Problemas
    16. Licença
    17. Créditos

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/LucasSiqueiraSurreco/mcp-db-bridge'

If you have feedback or need assistance with the MCP directory API, please join our Discord server