Hello,
I have the MySQL database cluster set up, imported my database, set my droplet as a trusted source. I have also tried to set the password encryption to legacy for my database user. This is my Golang file that connects the DB:
package db
import (
"crypto/tls"
"crypto/x509"
"fmt"
"log"
"os"
sql "github.com/go-sql-driver/mysql"
"gorm.io/driver/mysql"
"gorm.io/gorm"
)
func **ConnectDB**() (*gorm.DB, error) {
rootCertPool := x509.**NewCertPool**()
pem, err := os.**ReadFile**("crt/ca-certificate.crt")
if err != nil {
log.**Fatal**("Error reading CA Certificate for DB", err)
}
if ok := rootCertPool.**AppendCertsFromPEM**(pem); !ok {
**panic**("Failed to append PEM.")
}
err = sql.**RegisterTLSConfig**("custom", &tls.Config{
RootCAs: rootCertPool,
InsecureSkipVerify: true,
})
if err != nil {
log.**Fatal**("Error registering TLS config: ", err)
}
DB_HOST := os.**Getenv**("DB_HOST")
DB_USER := os.**Getenv**("DB_USER")
DB_PASS := os.**Getenv**("DB_PASS")
DB_NAME := os.**Getenv**("DB_NAME")
connStr := fmt.**Sprintf**("%s:%s@tcp(%s)/?charset=utf8mb4&parseTime=True&loc=Local&tls=custom", DB_USER, DB_PASS, DB_HOST)
db, err := gorm.**Open**(mysql.**Open**(connStr), &gorm.Config{})
if err != nil {
return nil, err
}
db.**Exec**(fmt.**Sprintf**("USE %s;", DB_NAME))
return db, nil
}
I have also tried with the following connection string:
connStr := fmt.**Sprintf**("%s:%s@tcp(%s)/?charset=utf8mb4&parseTime=True&loc=Local&ssl-mode=REQUIRED", DB_USER, DB_PASS, DB_HOST)
I have set the following env variables on my droplet:
DB_USER=myusername
DB_PASS=mylegacypassword
DB_HOST=db-mysql-[my_db]-do-user-[id]-0.g.db.ondigitalocean.com:25060
I can connect to the database from my local machine, so the credentials must be correct. Searched through the docs and tried everything, but I couldn’t find a solution. As stated in the title, I get the following error:
2024-09-25 10:33:03] │ [error] failed to initialize database, got error dial tcp [ip]:25060: connect: connection timed out
Does anyone know why this is not working?
Thanks in advance!
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Hey there,
If you’ve already added your Droplet to the trusted sources of the database cluster, it sounds like there might also be a firewall on the Droplet itself blocking the connection.
To check and resolve this, you’ll need to make sure port 25060
for outgoing TCP connections is open via the Droplet’s Firewall.
Follow these steps to open the necessary port:
https://docs.digitalocean.com/products/networking/firewalls/how-to/configure-rules/#create-new-rules
ufw
(Uncomplicated Firewall) on the Droplet:If you have a firewall installed on the Droplet, like ufw
, you can open the outgoing port with this command:
sudo ufw allow out to any port 25060 proto tcp
However, if you don’t have a firewall enabled on your Droplet, this step isn’t necessary since outgoing connections are allowed by default. You can check if ufw
is active with:
sudo ufw status
If it shows inactive
, no further action is needed for outgoing connections.
Let me know how it goes!
- Bobby
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
Full documentation for every DigitalOcean product.
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
Stay up to date by signing up for DigitalOcean’s Infrastructure as a Newsletter.
New accounts only. By submitting your email you agree to our Privacy Policy
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.