Skip to content

Latest commit

 

History

History
67 lines (43 loc) · 2.93 KB

File metadata and controls

67 lines (43 loc) · 2.93 KB

Getting started

Install

Browser schema workbench — no install required.

macOS:

brew install --cask mhiro2/tap/relune

Linux:

Download the latest relune_*_linux_* archive from the GitHub Releases page and place relune on your PATH.

First commands

Render an SVG (default format):

relune render --sql schema.sql -o erd.svg

Self-contained HTML viewer (pan/zoom, search, filters):

relune render --sql schema.sql --format html -o erd.html

render draws tables, views, and PostgreSQL enum types when they are present in the schema.

Generate Markdown documentation:

relune doc --sql schema.sql -o schema.md

Summarize the schema in the terminal:

relune inspect --sql schema.sql

Live database introspection

Point at a database URL instead of a SQL file (supported where the relune-introspect adapter allows). Prefer the DATABASE_URL environment variable over --db-url so the DSN does not leak into argv (ps) or shell history — when no input flag is given, Relune reads DATABASE_URL:

export DATABASE_URL='postgres://user:pass@localhost:5432/dbname'
relune render -o erd.svg

# Or pass it explicitly (visible to other users via `ps`):
relune render --db-url "$DATABASE_URL" -o erd.svg

Dialects and URL schemes follow CLI help (relune render --help). For PostgreSQL and MySQL/MariaDB, Relune applies a 30 second per-statement deadline by default. Connecting is bounded by a 30 second acquire timeout, and the whole catalog fetch is capped by an overall deadline (default 600 seconds; raise it for very large schemas with RELUNE_DB_INTROSPECTION_TIMEOUT_SECS). This keeps SQLite — and MySQL servers that cannot set a session timeout — bounded too. Remote TCP connections also default to verifying TLS (sslmode=verify-full for PostgreSQL, ssl-mode=verify-identity for MySQL/MariaDB), so the server certificate chain and hostname must match. Pass an explicit sslmode=require / ssl-mode=required in the URL to keep encryption while accepting self-signed clusters. Unix sockets and loopback-only local connections are left untouched.

The connection URL is fully trusted — Relune connects to exactly the host you name with no destination filtering — so never point it at an untrusted DSN. Introspection needs read-only access: PostgreSQL reads its system catalogs (pg_catalog / information_schema); MySQL/MariaDB needs SELECT on information_schema plus the SHOW VIEW privilege to read view definitions (without it, views appear with no definition and a warning is logged); SQLite needs to read the database file.

Next steps