warp-tech/warpgate
1
1
Fork 0
mirror of https://github.com/warp-tech/warpgate.git synced 2024-12-27 01:52:30 +08:00
Code Issues Projects Releases Packages Wiki Activity

Updated Adding a MySQL target (markdown)

Eugene 2022-09-13 21:54:20 +02:00
parent ed23159690
commit 1468a9d675
1 changed files with 8 additions and 37 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

45
Adding-a-MySQL-target.md

@ -1,7 +1,5 @@
This page explains the process of adding a new MySQL target host to Warpgate and allowing users to connect to it.
> This feature is available in v0.4+
# Authentication setup
Currently, Wargate can connect to MySQL and MariaDB servers with a username/password via the `mysql_native_password` auth mode.
@ -10,7 +8,7 @@ As a MySQL protocol server, Warpgate only allows secure (TLS) connections and us
# Enabling MySQL listener
Enable the MySQL protocol in your config file (default: `/etc/warpgate.yaml`):
Enable the MySQL protocol in your config file (default: `/etc/warpgate.yaml`) if you didn't do so during the initial setup:
```diff
+ mysql:
@ -23,48 +21,21 @@ You can reuse the same certificate and key that are used for the HTTP listener.
# Connection setup
Add the target host to the targets list in the Warpgate config file (default: `/etc/warpgate.yaml`), for example:
[Log into the Warpgate admin UI](https://github.com/warp-tech/warpgate/wiki/Accessing-the-admin-UI) and navigate to `Config` > `Targets` > `Add target` and give the new MySQL target a name:
```diff
[...]
targets:
+ - name: db
+ allow_roles:
+ - "warpgate:admin"
+ mysql:
+ host: 192.168.1.10
+ port: 3306 # optional
+ username: dev
+ password: '123'
+ tls:
+ mode: preferred # or "disabled" or "required"
+ verify: false
<img width="500" alt="image" src="https://user-images.githubusercontent.com/161476/189996361-ca2f0433-feae-440b-a8ae-52c6459fb913.png">
- name: web-admin
allow_roles:
- "warpgate:admin"
web_admin: {}
users:
[...]
```
Fill out the configuration:
See [[Target TLS options]] for the description of TLS options.
<img width="500" alt="image" src="https://user-images.githubusercontent.com/161476/189996487-179ed3d1-b5b6-4ed2-b1ff-8d11579fbfaf.png">
Warpgate will automatically pick up any changes to the config file if it's valid, so give it a quick check:
The target should show up on the Warpgate's homepage:
```
$ warpgate check
14:06:56 INFO Using config: "/etc/warpgate.yaml" (users: 1, targets: 2, roles: 1)
14:06:56 INFO No problems found
```
The target should show up on the Warpgate homepage as well as on the _Targets_ admin UI page:
<img width="500" alt="image" src="https://user-images.githubusercontent.com/161476/179946932-e48c7128-c939-41e8-ab5d-9e3ad660ff87.png">
<img width="500" alt="image" src="https://user-images.githubusercontent.com/161476/189996603-aec40b1d-e876-4dee-931b-a5e09c04b2d3.png">
Users will be able to click the entry to obtain connection instructions:
<img width="500" alt="image" src="https://user-images.githubusercontent.com/161476/179947050-620f3ff3-887e-467c-974e-27efe428803d.png">
<img width="500" alt="image" src="https://user-images.githubusercontent.com/161476/189996623-2823f11f-e1f4-4d3d-9edf-312d1c6d15a6.png">
# Client setup