Skip to main content

JodGig CloudBeaver

Previously, JodGig was using phpmyadmin to access the database.

Due to lack of features, Shaun Ti requires to run sql commands directly on the database.

While it's not best practice to allow direct writes to the database, we have no choice since we cannot support the lack of features immediately.

Decision was made to use CloudBeaver.

  • better UI than phpmyadmin
  • uses Java, which is the same as Metabase, making it easier to maintain
  • easy deployment with docker (images are updated frequently)

CloudBeaver Community Edition (CE) Installation

Setup

Ensure the following environment variables are set:

  • CB_CONTAINER_NAME
  • CB_HOST_PORT
  • CB_CONTAINER_PORT
  • CB_HOST_VOL

Run the docker container

docker run \
  --name ${CB_CONTAINER_NAME} \
  -p "${CB_HOST_PORT}:${CB_CONTAINER_PORT}" \
  -v "${CB_HOST_VOL}:/opt/cloudbeaver/workspace" \
  -d --restart unless-stopped  \
  dbeaver/cloudbeaver-ee:latest

Create the user in the RDS with minimal privileges.

-- Step 1: Create a new user
CREATE USER 'cloudbeaver_user'@'sub.net.ip.cidr/block' IDENTIFIED BY 'securepassword123';

-- Step 2: Grant minimal permissions for database access and modifications
-- Replace 'your_database' with the actual database name
GRANT SELECT, INSERT, UPDATE, CREATE, INDEX, ALTER
ON `your_database`.*
TO 'cloudbeaver_user'@'sub.net.ip.cidr/block';

-- Step 3: Apply the changes
FLUSH PRIVILEGES;
note

DELETE and DROP is removed to prevent accidental deletion of data.

If you need DELETE access, let ali@jodapp.com know.

Access the app via db.jod.com.sg

mysql> SHOW GRANTS FOR 'cloudbeaver_user'@'10.0.128.0/19';
+--------------------------------------------------------------------------------------------------------+
| Grants for cloudbeaver_user@10.0.128.0/19                                                              |
+--------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO `cloudbeaver_user`@`10.0.128.0/19`                                               |
| GRANT SELECT, INSERT, UPDATE, CREATE, INDEX, ALTER ON `jodgig`.* TO `cloudbeaver_user`@`10.0.128.0/19` |
+--------------------------------------------------------------------------------------------------------+