Database Manager

The Database Manager is a built-in front-end for every relational database your Quazzar node manages. Instead of bolting on phpMyAdmin, pgAdmin, or DBeaver in a separate container, open Infra → Databases in the dock and you get a single pane that talks to PostgreSQL, MySQL / MariaDB, and local SQLite files side-by-side.

What you can do

Manage connections — save host / port / admin credentials for every database server the node should be able to drive. Credentials are sealed at rest with a machine-local AES-GCM key so the sqlite audit file alone does not leak passwords.
Create and drop databases on any connection without an SSH session.
List and create users, grant privileges on a database.
Browse tables with a paginated grid — each page is 50 rows, large text cells are truncated client-side so an oversized TEXT column never freezes the UI.
Dump a database to a file under /var/lib/quazzar/dumps/ and download it from the same page. Postgres dumps run via pg_dump, MySQL via mysqldump, SQLite via VACUUM INTO — all through the standard sysctl whitelist so every call is audited.
Run a query from the in-page console. By default only SELECT / SHOW / EXPLAIN / WITH statements are allowed; flip the Allow non-SELECT toggle to opt into full SQL.

Supported engines

Engine	Driver	Dump tool	Notes
PostgreSQL	`pgx`	`pg_dump` / `pg_restore`	Connects to the `postgres` admin database for management calls.
MySQL / MariaDB	`go-sql-driver/mysql`	`mysqldump` / `mysql < file`	`user@host` privileges are surfaced directly.
SQLite	`mattn/go-sqlite3`	`VACUUM INTO`	One file = one database. Users/grants are read-only.

Safety rails

Database names, identifiers, and privilege keywords are validated against conservative regexes before being interpolated into DDL, so payloads like shop; DROP DATABASE other are rejected at the HTTP handler. Shell-based dump/restore calls go through the same internal/sysctl chokepoint as every other Server Mode actuator — you can see every invocation in the audit log.

Limitations

Raw-SQL execution via the Query tab currently returns a “not implemented” payload; the built-in browser surface is the preferred path for now.
SQLite user / grant operations are intentionally disabled — there is no such concept in SQLite. The Users tab still renders a synthetic owner row so the UI stays consistent across engines.
Remote Postgres / MySQL connections require pg_dump, pg_restore, mysqldump, and mysql to be installed on the Quazzar node (the apt install quazzar-cloud-os recipe pulls them in automatically).