On Tuesday, 6 March 2018 at 07:39:00 UTC, aberba wrote:
On Tuesday, 6 March 2018 at 04:31:42 UTC, Nick Sabalausky
Having sockets would be better, but you may configure your mysql
to allow only
I'm not opposed to it being added, but I'm not aware of what
benefit it would provide that would big enough to make it a
priority. Also, AFAIK, vibe doesn't offer socket support like
it does TCP, so vibe users would loose out on the automatic
yield-on-io that's a cornerstone of vibe's concurrency design.
UNIX sockets provide a way to securely connect in an
enclosed/isolated environment without exposing connection
externally. This is used in my company in our microservice
infrastructure on Google Cloud: we connect to our db instance
using a proxy and its the recommended approach in microservices.
Its a very common security practice. The default approach on
Google Cloud. I would do the same for any db I want to prevent
external access to. If vibe.d doesn't support it then its
missing a big piece of a puzzle.
local connects. So external requests are blocked.
Look at the first answer to set the right privileges for your
Additionally blocking the mysql port 3306 (beside many others)
from outside the network would make sense.