Provides tools for executing SQL queries, exploring schemas, tables, indexes, and stored procedures in MariaDB databases. Supports read-only mode, row limiting, SSL connections, and SSH tunnels.
Provides tools for executing SQL queries, exploring schemas, tables, indexes, and stored procedures in MySQL databases. Supports read-only mode, row limiting, SSL connections, and SSH tunnels.
Provides tools for executing SQL queries, exploring schemas, tables, indexes, and stored procedures in PostgreSQL databases. Supports read-only mode, row limiting, SSL connections, and SSH tunnels.
Provides tools for executing SQL queries and exploring schemas, tables, and indexes in SQLite databases. Supports read-only mode and row limiting for file-based and in-memory databases.
Brought to you by Bytebase, open-source database DevSecOps platform.
DBHub is a universal database gateway implementing the Model Context Protocol (MCP) server interface. This gateway allows MCP-compatible clients to connect to and explore different databases.
Supported Matrix
Database Resources
Resource Name | URI Format | PostgreSQL | MySQL | MariaDB | SQL Server | SQLite |
schemas |
| ✅ | ✅ | ✅ | ✅ | ✅ |
tables_in_schema |
| ✅ | ✅ | ✅ | ✅ | ✅ |
table_structure_in_schema |
| ✅ | ✅ | ✅ | ✅ | ✅ |
indexes_in_table |
| ✅ | ✅ | ✅ | ✅ | ✅ |
procedures_in_schema |
| ✅ | ✅ | ✅ | ✅ | ❌ |
procedure_details_in_schema |
| ✅ | ✅ | ✅ | ✅ | ❌ |
Database Tools
Tool | Command Name | Description | PostgreSQL | MySQL | MariaDB | SQL Server | SQLite |
Execute SQL |
| Execute single or multiple SQL statements (separated by semicolons) | ✅ | ✅ | ✅ | ✅ | ✅ |
Prompt Capabilities
Prompt | Command Name | PostgreSQL | MySQL | MariaDB | SQL Server | SQLite |
Generate SQL |
| ✅ | ✅ | ✅ | ✅ | ✅ |
Explain DB Elements |
| ✅ | ✅ | ✅ | ✅ | ✅ |
Installation
Docker
Docker Compose Setup:
If you're using Docker Compose for development, add DBHub to your docker-compose.yml:
NPM
Note: The demo mode includes a bundled SQLite sample "employee" database with tables for employees, departments, salaries, and more.
Claude Desktop
Claude Desktop only supports
stdiotransport https://github.com/orgs/modelcontextprotocol/discussions/16
Claude Code
Check https://docs.anthropic.com/en/docs/claude-code/mcp
Cursor
Cursor supports both
stdioandhttp.Follow Cursor MCP guide and make sure to use Agent mode.
VSCode + Copilot
Check https://code.visualstudio.com/docs/copilot/customization/mcp-servers
VSCode with GitHub Copilot can connect to DBHub via both stdio and http transports. This enables AI agents to interact with your development database through a secure interface.
VSCode supports both
stdioandhttptransportsConfigure MCP server in
.vscode/mcp.json:
Stdio Transport:
HTTP Transport:
Copilot Instructions:
You can provide Copilot with context by creating .github/copilot-instructions.md:
Usage
Read-only Mode
You can run DBHub in read-only mode, which restricts SQL query execution to read-only operations:
In read-only mode, only readonly SQL operations are allowed.
This provides an additional layer of security when connecting to production databases.
Suffix Tool Names with ID
You can suffix tool names with a custom ID using the --id flag or ID environment variable. This is useful when running multiple DBHub instances (e.g., in Cursor) to allow the client to route queries to the correct database.
Example configuration for multiple databases in Cursor:
With this configuration:
Production database tools:
execute_sql_prodStaging database tools:
execute_sql_staging
Multi-Database Configuration (TOML)
New in v0.11.6+: DBHub now supports TOML-based configuration files for managing multiple database connections within a single instance. This is the recommended approach for projects that need to query across multiple databases.
Quick Start
Create a
dbhub.tomlfile in your project directory:
Run DBHub:
Configuration Structure
Each database source is defined with [[sources]] and requires a unique id field:
Using DSN (recommended):
Using individual parameters:
With SSH tunnel:
Using Multiple Databases in MCP Tools
When using multi-database configuration, you can specify which database to query using the source_id parameter:
Configuration Priority
DBHub follows this priority order for configuration:
TOML config file (e.g.,
--configor./dbhub.toml) OR CLI arguments (e.g.,--dsn)
(These are mutually exclusive: if--configis provided, TOML is used; otherwise,--dsnis used.)Environment variables (e.g.,
DSN).env files (e.g.,
.envor.env.local)
Note: --config (TOML) and --dsn (CLI) are alternative primary configuration methods, both taking precedence over environment variables and .env files. Users cannot combine --dsn with TOML configuration.
Example: Complete Multi-Database Setup
See dbhub.toml.example in the repository for a comprehensive example with all supported options and detailed comments.
Key Features:
Default database: The first
[[sources]]entry is the defaultPer-source settings: Each source can have its own
readonlyandmax_rowssettingsPath expansion: Paths starting with
~/are expanded to your home directorySecurity: Passwords in DSN strings are automatically redacted in logs
Backward Compatibility
Single-database configurations using CLI arguments, environment variables, or .env files continue to work exactly as before. TOML configuration is optional and only needed for multi-database scenarios.
Row Limiting
You can limit the number of rows returned from SELECT queries using the --max-rows parameter. This helps prevent accidentally retrieving too much data from large tables:
Row limiting is only applied to SELECT statements, not INSERT/UPDATE/DELETE
If your query already has a
LIMITorTOPclause, DBHub uses the smaller value
SSL Connections
You can specify the SSL mode using the sslmode parameter in your DSN string:
Database |
|
| Default SSL Behavior |
PostgreSQL | ✅ | ✅ | Certificate verification |
MySQL | ✅ | ✅ | Certificate verification |
MariaDB | ✅ | ✅ | Certificate verification |
SQL Server | ✅ | ✅ | Certificate verification |
SQLite | ❌ | ❌ | N/A (file-based) |
SSL Mode Options:
sslmode=disable: All SSL/TLS encryption is turned off. Data is transmitted in plaintext.sslmode=require: Connection is encrypted, but the server's certificate is not verified. This provides protection against packet sniffing but not against man-in-the-middle attacks. You may use this for trusted self-signed CA.
Without specifying sslmode, most databases default to certificate verification, which provides the highest level of security.
Example usage:
SSH Tunnel Support
DBHub supports connecting to databases through SSH tunnels, enabling secure access to databases in private networks or behind firewalls.
Using SSH Config File (Recommended)
DBHub can read SSH connection settings from your ~/.ssh/config file. Simply use the host alias from your SSH config:
DBHub will automatically use the settings from your SSH config, including hostname, user, port, and identity file. If no identity file is specified in the config, DBHub will try common default locations (~/.ssh/id_rsa, ~/.ssh/id_ed25519, etc.).
SSH with Password Authentication
SSH with Private Key Authentication
SSH with Private Key and Passphrase
Using Environment Variables
Note: When using SSH tunnels, the database host in your DSN should be the hostname/IP as seen from the SSH server (bastion host), not from your local machine.
Configure your database connection
You can use DBHub in demo mode with a sample employee database for testing:
If your user/password contains special characters, you have two options:
Escape them in the DSN (e.g.
pass#wordshould be escaped aspass%23word)Use the individual database parameters method below (recommended)
For real databases, you can configure the database connection in two ways:
Method 1: Database Source Name (DSN)
Command line argument (highest priority):
npx @bytebase/dbhub --dsn "postgres://user:password@localhost:5432/dbname?sslmode=disable"Environment variable (second priority):
export DSN="postgres://user:password@localhost:5432/dbname?sslmode=disable" npx @bytebase/dbhubEnvironment file (third priority):
For development: Create
.env.localwith your DSNFor production: Create
.envwith your DSN
DSN=postgres://user:password@localhost:5432/dbname?sslmode=disable
Method 2: Individual Database Parameters
If your password contains special characters that would break URL parsing, use individual environment variables instead:
Environment variables:
export DB_TYPE=postgres export DB_HOST=localhost export DB_PORT=5432 export DB_USER=myuser export DB_PASSWORD='my@complex:password/with#special&chars' export DB_NAME=mydatabase npx @bytebase/dbhubEnvironment file:
DB_TYPE=postgres DB_HOST=localhost DB_PORT=5432 DB_USER=myuser DB_PASSWORD=my@complex:password/with#special&chars DB_NAME=mydatabase
Supported DB_TYPE values: postgres, mysql, mariadb, sqlserver, sqlite
Default ports (when DB_PORT is omitted):
PostgreSQL:
5432MySQL/MariaDB:
3306SQL Server:
1433
For SQLite: Only DB_TYPE=sqlite and DB_NAME=/path/to/database.db are required.
Use the individual parameter method when your password contains special characters like@, :, /, #, &, = that would break DSN parsing.
When running in Docker, usehost.docker.internal instead of localhost to connect to databases running on your host machine. For example: mysql://user:password@host.docker.internal:3306/dbname
DBHub supports the following database connection string formats:
Database | DSN Format | Example |
MySQL |
|
|
MariaDB |
|
|
PostgreSQL |
|
|
SQL Server |
|
|
SQLite |
or
|
,
or
|
SQL Server
Extra query parameters:
authentication
authentication=azure-active-directory-access-token. Only applicable when running from Azure. See DefaultAzureCredential.
Transport
stdio (default) - for direct integration with tools like Claude Desktop:
npx @bytebase/dbhub --transport stdio --dsn "postgres://user:password@localhost:5432/dbname?sslmode=disable"http - for browser and network clients:
npx @bytebase/dbhub --transport http --port 5678 --dsn "postgres://user:password@localhost:5432/dbname?sslmode=disable"
Command line options
Option | Environment Variable | Description | Default |
dsn |
| Database connection string | Required if not in demo mode |
N/A |
| Database type:
,
,
,
,
| N/A |
N/A |
| Database server hostname (not needed for SQLite) | N/A |
N/A |
| Database server port (uses default if omitted, not needed for SQLite) | N/A |
N/A |
| Database username (not needed for SQLite) | N/A |
N/A |
| Database password (not needed for SQLite) | N/A |
N/A |
| Database name or SQLite file path | N/A |
transport |
| Transport mode:
or
|
|
port |
| HTTP server port (only applicable when using
) |
|
readonly |
| Restrict SQL execution to read-only operations |
|
max-rows | N/A | Limit the number of rows returned from SELECT queries | No limit |
demo | N/A | Run in demo mode with sample employee database |
|
id |
| Instance identifier to suffix tool names (for multi-instance) | N/A |
ssh-host |
| SSH server hostname for tunnel connection | N/A |
ssh-port |
| SSH server port |
|
ssh-user |
| SSH username | N/A |
ssh-password |
| SSH password (for password authentication) | N/A |
ssh-key |
| Path to SSH private key file | N/A |
ssh-passphrase |
| Passphrase for SSH private key | N/A |
The demo mode uses an in-memory SQLite database loaded with the sample employee database that includes tables for employees, departments, titles, salaries, department employees, and department managers. The sample database includes SQL scripts for table creation, data loading, and testing.
Development
Install dependencies:
pnpm installRun in development mode:
pnpm devBuild for production:
pnpm build pnpm start --transport stdio --dsn "postgres://user:password@localhost:5432/dbname?sslmode=disable"
Testing
The project uses Vitest for comprehensive unit and integration testing:
Run all tests:
pnpm testRun tests in watch mode:
pnpm test:watchRun integration tests:
pnpm test:integration
Integration Tests
DBHub includes comprehensive integration tests for all supported database connectors using Testcontainers. These tests run against real database instances in Docker containers, ensuring full compatibility and feature coverage.
Prerequisites
Docker: Ensure Docker is installed and running on your machine
Docker Resources: Allocate sufficient memory (recommended: 4GB+) for multiple database containers
Network Access: Ability to pull Docker images from registries
Running Integration Tests
Note: This command runs all integration tests in parallel, which may take 5-15 minutes depending on your system resources and network speed.
All integration tests follow these patterns:
Container Lifecycle: Start database container → Connect → Setup test data → Run tests → Cleanup
Shared Test Utilities: Common test patterns implemented in
IntegrationTestBaseclassDatabase-Specific Features: Each database includes tests for unique features and capabilities
Error Handling: Comprehensive testing of connection errors, invalid SQL, and edge cases
Troubleshooting Integration Tests
Container Startup Issues:
SQL Server Timeout Issues:
SQL Server containers require significant startup time (3-5 minutes)
Ensure Docker has sufficient memory allocated (4GB+ recommended)
Consider running SQL Server tests separately if experiencing timeouts
Network/Resource Issues:
Debug with MCP Inspector
stdio
HTTP
Connect to the DBHub server /mcp endpoint
Contributors
This server cannot be installed
hybrid server
The server is able to function both locally and remotely, depending on the configuration or use case.
A universal database gateway MCP server that enables AI assistants to connect to and query multiple databases (PostgreSQL, MySQL, MariaDB, SQL Server, SQLite) with support for schema exploration, SQL execution, and secure connections via SSH tunnels.