Adding Postgres & MySQL docs

clone1018 · clone1018 · commit 9ee9c733a616 · 2025-05-28T05:21:29.000-04:00
diff --git a/content/en/docs/_overview.md b/content/en/docs/_overview.md
@@ -38,7 +38,7 @@ QueryCanary helps you recognize that by letting you:
 
 ## How It Works
 ### 1. Connect your database
-We currently support Postgres + SSH tunneling. Our Quickstart will walk you through setting up a read only user. 
+We currently support [Postgres](/docs/postgresql/) / [MySQL](/docs/mysql/) + [SSH tunneling](/docs/ssh-tunnel/). Our Quickstart will walk you through setting up a read only user. 
 
 More database engines will be introduced as requested, if you need one, please email support@querycanary.com
 
diff --git a/content/en/docs/b1.postgresql.md b/content/en/docs/b1.postgresql.md
@@ -0,0 +1,108 @@
+---
+title: Using PostgreSQL with QueryCanary
+slug: servers/postgresql
+---
+QueryCanary fully supports PostgreSQL for production data monitoring. This guide walks you through connecting your database, writing SQL checks, and troubleshooting common issues.
+
+## Overview
+
+QueryCanary connects directly to your PostgreSQL database — with or without SSH tunneling — and allows you to define SQL checks to monitor important conditions in your data (e.g. low signups, null prices, broken joins). 
+
+You can:
+
+- Run scheduled SQL queries on your prod database
+- Set expectations or anomaly detection on results
+- Receive alerts via email or Slack when something looks off
+
+## Requirements
+
+- PostgreSQL version 10 or higher
+- A read-only database user
+- Access via direct TCP or through an SSH tunnel
+
+We recommend connecting to a replica or using a read-only role for safety.
+
+## Setup
+
+### 1. Create a Read-Only User
+
+In your Postgres server:
+
+```sql
+-- 1. Create a dedicated read-only user
+CREATE USER querycanary_reader WITH PASSWORD 'your_secure_password';
+
+-- 2. Allow it to connect to your database
+GRANT CONNECT ON DATABASE your_database TO querycanary_reader;
+
+-- 3. Grant usage on the schema you want to monitor (typically public)
+GRANT USAGE ON SCHEMA public TO querycanary_reader;
+
+-- 4. Grant read-only access to all existing tables
+GRANT SELECT ON ALL TABLES IN SCHEMA public TO querycanary_reader;
+
+-- 5. Ensure access to future tables too
+ALTER DEFAULT PRIVILEGES IN SCHEMA public
+GRANT SELECT ON TABLES TO querycanary_reader;
+```
+
+## Connecting to Postgres
+
+### Option 1: Direct Connection
+
+Use this if your database is publicly accessible or hosted on a service like RDS, Supabase, or Fly.io.
+
+You’ll need:
+
+- Hostname (e.g. db.example.com)
+- Port (usually 5432)
+- Database name
+- Username & password
+
+### Option 2: SSH Tunnel (Recommended for Private Networks)
+
+Use this if your DB is in a private VPC and only accessible from a bastion host.
+
+You’ll additionally need:
+
+- Bastion host (hostname/IP)
+- SSH username
+- SSH public key (we generate one for you securely)
+
+QueryCanary connects via SSH, opens a secure tunnel, and connects to your internal Postgres instance.
+
+## Writing SQL Checks
+
+You can monitor anything you can query. Example:
+
+**Daily Signups Check**
+
+```sql
+SELECT COUNT(*) FROM users WHERE created_at >= CURRENT_DATE - INTERVAL '1 day';
+```
+
+**Broken Joins Check**
+
+```sql
+SELECT COUNT(*) FROM orders o LEFT JOIN users u ON u.id = o.user_id WHERE u.id IS NULL;
+```
+
+## Troubleshooting
+
+**Can't connect to database**
+
+- Make sure the hostname and port are reachable
+- Check that the user has CONNECT and SELECT permissions
+- Confirm no VPN/firewall blocks our IP (contact support if needed)
+
+**SSH tunnel fails**
+
+- Make sure your bastion host is reachable
+- Add the provided public key to ~/.ssh/authorized_keys on the bastion
+- Check that the bastion user can access the database internally
+
+**Query fails or returns empty**
+
+- Test your query locally with psql or your app first
+- Avoid LIMIT, ORDER BY, or formatting functions — we only need values
+- Use COUNT, SUM, AVG, or conditional expressions to track value changes
diff --git a/content/en/docs/b2.mysql.md b/content/en/docs/b2.mysql.md
@@ -0,0 +1,85 @@
+---
+title: Using MySQL with QueryCanary
+slug: mysql
+---
+QueryCanary fully supports MySQL for production data monitoring. This guide walks you through connecting your database, writing SQL checks, and troubleshooting common issues.
+
+## Overview
+
+QueryCanary connects directly to your MySQL database — with or without SSH tunneling — and allows you to define SQL checks to monitor important conditions in your data (e.g. low signups, null prices, broken joins).
+
+You can:
+
+- Run scheduled SQL queries on your prod database
+- Set expectations or anomaly detection on results
+- Receive alerts via email or Slack when something looks off
+
+## Requirements
+
+- MySQL or MariaDB
+- A read-only database user
+- Access via direct TCP or through an SSH tunnel
+
+We recommend connecting to a replica or using a read-only role for safety.
+
+## Setup
+
+### 1. Create a Read-Only User
+
+In your MySQL server, create a dedicated read-only user, grant it SELECT access to the database you want to monitor, and flush privileges to apply changes.
+
+```sql
+-- 1. Create a dedicated read-only user
+CREATE USER 'querycanary_reader'@'%' IDENTIFIED BY 'your_secure_password';
+
+-- 2. Grant read-only access to the database you want to monitor
+GRANT SELECT ON your_database.* TO 'querycanary_reader'@'%';
+
+-- 3. Flush privileges to apply changes
+FLUSH PRIVILEGES;
+```
+
+## Connecting to MySQL
+
+### Option 1: Direct Connection
+
+Use this if your database is publicly accessible or hosted on a service like RDS, PlanetScale, or DigitalOcean.
+
+You’ll need:
+
+- Hostname (for example, db.example.com)
+- Port (usually 3306)
+- Database name
+- Username and password
+
+### Option 2: SSH Tunnel (Recommended for Private Networks)
+
+Use this if your database is in a private VPC and only accessible from a bastion host.
+
+You’ll additionally need:
+
+- Bastion host (hostname or IP)
+- SSH username
+- SSH public key (we generate one for you securely)
+
+QueryCanary connects via SSH, opens a secure tunnel, and connects to your internal MySQL instance.
+
+## Writing SQL Checks
+
+You can monitor anything you can query. For example, you might check the number of daily signups by counting users created in the last day, or look for broken joins by counting orders without a matching user.
+
+**Daily Signups Check**
+```sql
+SELECT COUNT(*) FROM users WHERE created_at >= CURDATE() - INTERVAL 1 DAY;
+```
+
+**Broken Joins Check**
+```sql
+SELECT COUNT(*) FROM orders o LEFT JOIN users u ON u.id = o.user_id WHERE u.id IS NULL;
+```
+
+## Troubleshooting
+
+If you can't connect to the database, make sure the hostname and port are reachable, the user has SELECT permissions, and no VPN or firewall blocks our IP.  
+If the SSH tunnel fails, ensure your bastion host is reachable, the provided public key is added to authorized keys on the bastion, and the bastion user can access the database internally.  
+If a query fails or returns empty, test your query locally with the MySQL CLI or your app first. Avoid using LIMIT, ORDER BY, or formatting functions — QueryCanary only needs values. Use COUNT, SUM, AVG, or conditional expressions to track value changes.
diff --git a/content/en/docs/b3.ssh-tunnel.md b/content/en/docs/b3.ssh-tunnel.md
diff --git a/data/en/docs/sidebar.yml b/data/en/docs/sidebar.yml
@@ -8,4 +8,6 @@
 
 - title: Servers
   pages:
+    - title: PostgreSQL
+    - title: MySQL
     - title: SSH Tunnel
