A controlled database gateway for agents, automation platforms, and internal applications
English | 中文 | 日本語 | 한국어 | Français | Deutsch
SQLTunnel lets Codex, Claude Code, Hermes, Dify, and internal applications access MySQL and PostgreSQL with controlled permissions, without exposing database ports directly.
- Supports MySQL and PostgreSQL through direct connections or SSH tunnels.
- Identifies callers with API keys and configures read/write access per client and database.
- Supports SSH Config, Host aliases, and ProxyJump.
- Provides an OpenAPI HTTP API and a Streamable HTTP MCP endpoint.
- Enforces row limits and timeouts; writes require explicit permission.
The desktop app is available for macOS and Windows, bringing SQLTunnel configuration, operation, and monitoring into a graphical interface.
The headless edition uses the same gateway core and is designed for Docker, servers, and background deployments. It manages databases, SSH tunnels, and client permissions through gateway.yaml, and exposes the same MCP/OpenAPI interfaces as the desktop app.
flowchart LR
ExternalApp["Agents, AI platforms, internal applications"]
SQLTunnel["SQLTunnel<br/>Authentication, permissions, connection management"]
Database[("MySQL / PostgreSQL")]
ExternalApp -->|"MCP or OpenAPI"| SQLTunnel
SQLTunnel -->|"SSH tunnel or direct connection"| Database
SQLTunnel identifies callers with Bearer API keys, controls read/write access per client and database, and applies row, query, and connection limits. Database passwords and SSH private keys are never exposed to callers.
