Docker/mariaDB-teleport
Archived
1
0
Fork 0
Code Issues Actions Packages Activity
This repository has been archived on 2026-04-16. You can view files and clone it. You cannot open issues or pull requests or push a commit.
Files
5ddb537765314b6626bd0f5f3935363bc4d90b98
mariaDB-teleport/README.md
T

59 lines
1.5 KiB
Markdown
Raw Blame History

# mariaDB-teleport
MariaDB with Teleport Agent for https://goteleport.com/docs/database-access/guides/mysql-self-hosted/
# How to Use
Data Dir of mysql server /var/lib/mysql
## Use with Teleport
Create a Token for Connection with Teleport Proxy
```bash
tctl tokens add --type=db
```
### Create Config for Teleport
you will get a output with something like this
```bash
teleport db configure create \
--token=YOUR TOKEN \
--ca-pin=YOUR CA PIN \
--proxy=PROXY NODE \
--name=NAME YOUR DB \
--protocol=mysql \
--uri=localhost:3306 \
--output teleport.yaml
```
Copy or Bind teleport.yaml to /etc/teleport.yaml
Bind a Data Folder for Teleport on /var/lib/teleport it will store the
- host_uuid
- proc
- log
### Create Certs for DB Connection over Teleport Proxy
Generate Certs with Teleport Agent or on Teleport Node, Certs will be valid for 3 Monthes if not less or big change --ttl
```bash
tctl auth sign --format=db --host=localhost --out=server --ttl=2190h
```
Copy or Bind a Folder with the Files to /certs/
- server.crt
- server.key
- server.cas
Start Docker Container here
### Create User or Update Existing ones
If you're creating a new user:
```sql
CREATE USER 'alice'@'%' REQUIRE SUBJECT '/CN=alice';
```
If you're updating an existing user:
```sql
ALTER USER 'alice'@'%' REQUIRE SUBJECT '/CN=alice';
```
By default, the created user may not have access to anything and won't be able to connect, so let's grant it some permissions:
```sql
GRANT ALL ON `%`.* TO 'alice'@'%';
```
Reference in New Issue View Git Blame Copy Permalink