Dory Cloud Database Connection Guide

Managed databases require more than a host and password. You often need to account for network access, TLS, IP allowlists, secrets, and team permissions before Dory can connect.

Common Cloud Database Scenarios

• ClickHouse Cloud.
• Neon Serverless PostgreSQL.
• Managed MySQL or PostgreSQL.
• Databases behind VPCs, private networks, or security groups.
• Databases accessed through SSH bastion hosts.
• Self-hosted Dory environments shared by a team.

Preflight Checklist

Desktop vs Docker

The desktop app connects from your current machine. Docker or self-hosted Dory connects from the server or container network. If a connection works locally but fails after deployment, check the deployed network path and cloud allowlist.

SSH Tunnel Requirements

Prepare the SSH host, port, username, password or private key, optional passphrase, and the private database host and port.

Security Advice

• Use a dedicated database user for Dory.
• Prefer read-only privileges for production databases.
• Keep SSL enabled for managed cloud databases.
• Rotate credentials and remove unused access.

FAQ

Why does my connection work locally but fail in production?

The desktop and deployment environments usually have different network egress. Check allowlists, VPC routing, firewalls, and container networking.

Should I enable SSL?

Use SSL whenever the database provider requires or recommends it. ClickHouse Cloud, Neon, and many managed databases commonly require TLS.

How can I reduce production database risk?

Use read-only credentials, restrict network access, test queries with limits, and review AI-generated SQL before execution.

Related Docs

• Connect Your Database
• Self Hosting
• Docker