CodexMCP Automation: MariaDB
MariaDB is as critical to CodexMCP as OpenSearch because at its core, this is a hybrid database system. MariaDB is responsible for structured relational data, while OpenSearch handles high-performance indexing and search. These two databases work together across every part of the system through a tuned API that allows seamless data exchange and correlation.
Unlike OpenSearch, which is optimized for full-text search and large-scale analytics, MariaDB is used for relational data such as user accounts, authentication records, service configurations, and system metadata. Because of this, a fully automated and secured MariaDB setup was required from the start.
Installing MariaDB
- "sudo apt-get update && sudo apt-get install -y mariadb-server mariadb-client"
This updates the package list and installs both the MariaDB server and client.
mariadb-serverprovides the database engine.mariadb-clientallows interaction with the database from the command line and scripts.
Securing the Installation
MariaDB ships with default settings that are not production-ready. This section removes unnecessary accounts and test databases to improve security.
- "sudo mysql -e \"DELETE FROM mysql.user WHERE User='';\""
This deletes anonymous users from the database. By default, MariaDB allows connections from users with no password, which is a security risk.
- "sudo mysql -e \"DROP DATABASE IF EXISTS test;\""
- "sudo mysql -e \"DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%';\""
These commands remove the test database, which is included by default but serves no purpose in a production system.
- "sudo mysql -e \"FLUSH PRIVILEGES;\""
This forces MariaDB to apply the privilege changes immediately, ensuring that deleted users and databases are no longer accessible.
Creating the CodexMCP Database and User
CodexMCP requires its own dedicated database and user account.
- "sudo mysql -e \"CREATE DATABASE codexmcp;\""
This creates a database named codexmcp, which will store structured relational data used across the system.
- "sudo mysql -e \"CREATE USER 'codexmcp'@'%' IDENTIFIED BY 'securepassword';\""
This creates a database user named codexmcp with full remote access ('%' allows connections from any host).
- The password is set to
"securepassword"but would be replaced with a secure value in production.
- "sudo mysql -e \"GRANT ALL PRIVILEGES ON codexmcp.* TO 'codexmcp'@'%';\""
This grants the codexmcp user full access to the codexmcp database. This allows the API layer to manage and retrieve data without restriction.
- "sudo mysql -e \"FLUSH PRIVILEGES;\""
Again, this applies the changes immediately, ensuring that the new user and permissions take effect.
Configuring MariaDB for Remote Access
By default, MariaDB only listens on 127.0.0.1, meaning it cannot accept external connections. This needs to be changed so that other services within CodexMCP can access the database remotely.
- "sudo sed -i 's/bind-address\\s*=\\s*127.0.0.1/bind-address = 0.0.0.0/' /etc/mysql/mariadb.conf.d/50-server.cnf"
This replaces the bind-address setting in the configuration file, allowing MariaDB to listen on all network interfaces (0.0.0.0).
Restarting the Service
- "sudo systemctl restart mariadb"
Restarting MariaDB is necessary to apply all configuration changes, including:
- Updated security settings
- New database and user creation
- Remote access permissions
Summary
MariaDB is a foundational component of CodexMCP, working alongside OpenSearch to provide a hybrid database system. Unlike OpenSearch, which is optimized for search and analytics, MariaDB is used for relational data storage and structured queries.
Key challenges in automating MariaDB included:
- Ensuring a secure setup by removing default test databases and anonymous users.
- Enabling remote access for seamless API integration.
- Creating a dedicated CodexMCP database and user with the correct privileges.
Now that MariaDB is fully automated, it can be deployed instantly and interact with OpenSearch in a unified database system. The next steps involve integrating these databases into CodexMCP’s API layer, allowing seamless data queries across both platforms.