Skip to content

Instantly share code, notes, and snippets.

@alexellis

alexellis/postgres-inlets-pro-cheatsheet.md

Last active July 20, 2022 11:15
Show Gist options
  • Save alexellis/995b518a653d172dda4b0901dcdaa391 to your computer and use it in GitHub Desktop.
Save alexellis/995b518a653d172dda4b0901dcdaa391 to your computer and use it in GitHub Desktop.
Download ZIP
mariadb-inlets-pro-test.md
Raw
postgres-inlets-pro-cheatsheet.md

Tunnel PostgreSQL with inlets pro

Cheat sheet for inlets-pro, the cloud native TCP tunnel

From workstation

inletsctl create provider digitalocean \
--access-token-file ~/do-access \
--remote-tcp localhost

On private server

  • Run the PostgeSQL instance
head -c 16 /dev/urandom |shasum 
8cb3efe58df984d3ab89bcf4566b31b49b2b79b9

export PASSWORD="8cb3efe58df984d3ab89bcf4566b31b49b2b79b9"

docker run --rm --name postgres -p 5432:5432 -e POSTGRES_PASSWORD=8cb3efe58df984d3ab89bcf4566b31b49b2b79b9 -ti postgres:latest

On private server

Then run your client

export TCP_PORTS="5432"
export LICENSE=$(cat inlets.jwt)
export TOKEN="KXJ5Iq1Z5Cc8GjFXdXJrqNhUzoScXnZXOSRKeh8x3f6tdGq1ijdENWQ2IfzdCg4U"
export EXIT_IP="134.209.21.155"

inlets-pro client --connect "wss://$EXIT_IP:8123/connect" \
--token "$TOKEN" \
--license "$LICENSE" \
--tcp-ports $TCP_PORTS

From workstation, or anywhere

export PASSWORD="8cb3efe58df984d3ab89bcf4566b31b49b2b79b9"
export EXIT_IP="209.97.141.140"

docker run -it -e PGPORT=5432 -e PGPASSWORD=$PASSWORD --rm postgres:latest psql -U postgres -h $EXIT_IP

Treat the database as private - like a VPN

If you would like to keep the database service and port private, you can run the exit-server as a Pod in a Kubernetes cluster, or add an iptables rule to block access from external IPs.

Raw
rdms-inlets-pro-cheatsheet.md

Tunnel Maria DB with inlets-pro

Cheat sheet for inlets-pro, the cloud native TCP tunnel

From workstation

inletsctl create provider digitalocean \
--access-token-file ~/do-access \
--remote-tcp localhost

On private server

  • Run the MariaDB instance
head -c 16 /dev/urandom |shasum 
8cb3efe58df984d3ab89bcf4566b31b49b2b79b9

export PASSWORD="8cb3efe58df984d3ab89bcf4566b31b49b2b79b9"

docker run --name mariadb \
-p 3306:3306 \
-e MYSQL_ROOT_PASSWORD=8cb3efe58df984d3ab89bcf4566b31b49b2b79b9 \
-ti mariadb:latest

On private server

Then run your client

export TCP_PORTS="3306"
export LICENSE=$(cat inlets.jwt)
export TOKEN="KXJ5Iq1Z5Cc8GjFXdXJrqNhUzoScXnZXOSRKeh8x3f6tdGq1ijdENWQ2IfzdCg4U"
export EXIT_IP="134.209.21.155"

inlets-pro client --connect "wss://$EXIT_IP:8123/connect" \
--token "$TOKEN" \
--license "$LICENSE" \
--tcp-ports $TCP_PORTS

From workstation, or anywhere

export PASSWORD="8cb3efe58df984d3ab89bcf4566b31b49b2b79b9"
export EXIT_IP="134.209.21.155"

docker run -it --rm mariadb:latest mysql -h $EXIT_IP -P 3306 -uroot -p$PASSWORD

Treat the database as private - like a VPN

If you would like to keep the database service and port private, you can run the exit-server as a Pod in a Kubernetes cluster, or add an iptables rule to block access from external IPs.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment