hello folks
Did some tests to access the database of mysql in mariadb when the database is remote, so not on the same node of webserver. I always stated that the mariadb module and the webserver module should be on the same node, it is not true because we can use the trusted zone with the wireguard VPN.
You could try to use the IP of wg0 interface of the node that is running the database and to use the port number you can find in the setting panel of mariadb
for instance : 10.5.4.1:20001
This allows you to use an encryption with the VPN in the cluster, so the port is not opened in the firewall because you continue to stay in the trusted zone.
Furthermore your IP or FQDN could change more often maybe than the wg0 IP of the VPN, so probably even on the same node, it is probably better to use the wg0 IP.
You could use also a mysql client to test it (install it)
mysql -u root -h 10.5.4.1 -P 20030 -p
mysql -u phpmyadmin -h 10.5.4.1 -P 20030 -p
passwords are in /home/mariadb1/.config/state/secrets/passwords.secret
Else on the host to become root you can use: runagent -m mariadb1 podman exec -ti mariadb-app mysql