PostgreSQL MCP Server

PostgreSQL MCP Server

Provides comprehensive PostgreSQL database access with 36 tools for querying, managing schemas, JSONB operations, and database administration. Includes security features like query validation, rate limiting, SSL/TLS support, and optional write operations.

Category
访问服务器

README

PostgreSQL MCP Server

A comprehensive Model Context Protocol (MCP) server for PostgreSQL database access. Provides 36 tools for querying, managing, and interacting with PostgreSQL databases through the MCP interface.

Features

  • 36 Database Tools: Complete set of read-only and write operations
  • PostgreSQL-Specific Features: Schema support, JSONB operations, extensions, functions, triggers, views, sequences
  • Full SSL/TLS Support: CA certificates, client certificates, configurable TLS versions
  • Security First: Query validation, rate limiting, blocked dangerous operations
  • Connection Pooling: Efficient connection management with configurable limits
  • Audit Logging: Track all database operations

Installation

# Clone or copy to your tools directory
cd /path/to/tools/mav-postgresql-mcp-server

# Install dependencies
npm install

# Build the server
npm run build

Configuration

Copy .env.example to .env and configure your PostgreSQL connection:

cp .env.example .env

Required Settings

Variable Description Default
PG_HOST PostgreSQL server hostname localhost
PG_PORT PostgreSQL server port 5432
PG_USER Database username postgres
PG_PASSWORD Database password -
PG_DATABASE Target database name -
PG_SCHEMA Default schema public

SSL Configuration

Variable Description Options
PG_SSL_MODE SSL connection mode disable, require, verify-ca, verify-full
PG_SSL_REJECT_UNAUTHORIZED Reject self-signed certs true, false
PG_SSL_CA_PATH Path to CA certificate -
PG_SSL_CERT_PATH Path to client certificate -
PG_SSL_KEY_PATH Path to client key -
PG_SSL_MIN_VERSION Minimum TLS version TLSv1.2, TLSv1.3

Security Settings

Variable Description Default
ALLOW_WRITE_OPERATIONS Enable INSERT/UPDATE/DELETE false
CONNECTION_LIMIT Max pool connections 10
QUERY_TIMEOUT Query timeout (ms) 30000
MAX_RESULTS Maximum rows returned 1000

Rate Limiting

Variable Description Default
RATE_LIMIT_PER_MINUTE Queries per minute 60
RATE_LIMIT_PER_HOUR Queries per hour 1000
RATE_LIMIT_CONCURRENT Concurrent queries 10

Usage

With Claude Desktop

Add to your Claude Desktop configuration (~/Library/Application Support/Claude/claude_desktop_config.json on macOS):

{
  "mcpServers": {
    "postgresql": {
      "command": "node",
      "args": ["/path/to/mav-postgresql-mcp-server/build/index.js"],
      "env": {
        "PG_HOST": "localhost",
        "PG_PORT": "5432",
        "PG_USER": "your_user",
        "PG_PASSWORD": "your_password",
        "PG_DATABASE": "your_database",
        "PG_SCHEMA": "public",
        "ALLOW_WRITE_OPERATIONS": "false"
      }
    }
  }
}

With MCP Inspector

npx @anthropic/mcp-inspector node build/index.js

Available Tools

Core Read-Only Tools (7)

Tool Description
query Execute SELECT queries
list_tables List all tables in schema
describe_table Get table structure and columns
database_info Get database version and settings
show_indexes List indexes on a table
explain_query Get query execution plan
show_constraints List table constraints

PostgreSQL-Specific Read-Only Tools (14)

Tool Description
list_schemas List all schemas in database
get_current_schema Get current search path
list_extensions List installed extensions
extension_info Get detailed extension information
list_functions List user-defined functions
list_triggers List triggers on a table
list_views List views in schema
list_sequences List sequences in schema
table_stats Get table statistics
connection_info Get current connection details
database_size Get database/table sizes
jsonb_query Query JSONB columns
jsonb_path_query Execute JSON path queries

Write Operation Tools (15)

Requires ALLOW_WRITE_OPERATIONS=true

Tool Description
insert Insert a single row
update Update rows with conditions
delete Delete rows with conditions
create_table Create a new table
alter_table Modify table structure
drop_table Drop a table
bulk_insert Insert multiple rows
execute_procedure Call stored procedures
add_index Create an index
drop_index Remove an index
rename_table Rename a table
set_search_path Change schema search path
create_schema Create a new schema
drop_schema Drop a schema
jsonb_update Update JSONB fields
vacuum_analyze Optimize table statistics

MCP Resources

The server exposes database schema as MCP resources:

  • pg://database/schema - List all tables and columns
  • pg://database/info - Database information
  • pg://table/{schema}.{table} - Individual table schema

Security Features

Blocked Operations

The server blocks dangerous operations by default:

  • File system operations (COPY FROM/TO, pg_read_file, etc.)
  • Permission modifications (GRANT, REVOKE, ALTER ROLE)
  • Administrative commands (CREATE ROLE, DROP DATABASE, etc.)
  • System catalog modifications

Protected Tables

Access to sensitive system tables is blocked:

  • pg_catalog.pg_authid
  • pg_catalog.pg_shadow
  • pg_catalog.pg_auth_members

Query Validation

  • All identifiers are validated (max 63 characters, safe characters only)
  • Query timeouts prevent long-running operations
  • Rate limiting prevents abuse

Setting Up a Read-Only User

For production use, create a dedicated read-only PostgreSQL user:

# Run as PostgreSQL superuser
psql -U postgres -f setup-readonly-user.sql

Or manually:

-- Create user
CREATE USER mcp_readonly WITH PASSWORD 'secure_password';

-- Grant connect
GRANT CONNECT ON DATABASE your_database TO mcp_readonly;

-- Grant schema usage
GRANT USAGE ON SCHEMA public TO mcp_readonly;

-- Grant read access to all tables
GRANT SELECT ON ALL TABLES IN SCHEMA public TO mcp_readonly;

-- Set default privileges for future tables
ALTER DEFAULT PRIVILEGES IN SCHEMA public
    GRANT SELECT ON TABLES TO mcp_readonly;

Development

# Run in development mode
npm run dev

# Build for production
npm run build

# Type checking
npm run typecheck

Troubleshooting

Connection Issues

  1. Verify PostgreSQL is running: pg_isready -h localhost -p 5432
  2. Check credentials: psql -h localhost -U your_user -d your_database
  3. Enable debug mode: MCP_DEBUG=true

SSL Issues

  1. Verify certificate paths are correct
  2. Check certificate permissions (readable by the user running the server)
  3. Try PG_SSL_MODE=require first, then upgrade to verify-ca or verify-full

Rate Limiting

If you're hitting rate limits:

  1. Increase RATE_LIMIT_PER_MINUTE and RATE_LIMIT_PER_HOUR
  2. Batch operations where possible
  3. Use more specific queries to reduce call volume

License

MIT

推荐服务器

Baidu Map

Baidu Map

百度地图核心API现已全面兼容MCP协议,是国内首家兼容MCP协议的地图服务商。

官方
精选
JavaScript
Playwright MCP Server

Playwright MCP Server

一个模型上下文协议服务器,它使大型语言模型能够通过结构化的可访问性快照与网页进行交互,而无需视觉模型或屏幕截图。

官方
精选
TypeScript
Magic Component Platform (MCP)

Magic Component Platform (MCP)

一个由人工智能驱动的工具,可以从自然语言描述生成现代化的用户界面组件,并与流行的集成开发环境(IDE)集成,从而简化用户界面开发流程。

官方
精选
本地
TypeScript
Audiense Insights MCP Server

Audiense Insights MCP Server

通过模型上下文协议启用与 Audiense Insights 账户的交互,从而促进营销洞察和受众数据的提取和分析,包括人口统计信息、行为和影响者互动。

官方
精选
本地
TypeScript
VeyraX

VeyraX

一个单一的 MCP 工具,连接你所有喜爱的工具:Gmail、日历以及其他 40 多个工具。

官方
精选
本地
graphlit-mcp-server

graphlit-mcp-server

模型上下文协议 (MCP) 服务器实现了 MCP 客户端与 Graphlit 服务之间的集成。 除了网络爬取之外,还可以将任何内容(从 Slack 到 Gmail 再到播客订阅源)导入到 Graphlit 项目中,然后从 MCP 客户端检索相关内容。

官方
精选
TypeScript
Kagi MCP Server

Kagi MCP Server

一个 MCP 服务器,集成了 Kagi 搜索功能和 Claude AI,使 Claude 能够在回答需要最新信息的问题时执行实时网络搜索。

官方
精选
Python
e2b-mcp-server

e2b-mcp-server

使用 MCP 通过 e2b 运行代码。

官方
精选
Neon MCP Server

Neon MCP Server

用于与 Neon 管理 API 和数据库交互的 MCP 服务器

官方
精选
Exa MCP Server

Exa MCP Server

模型上下文协议(MCP)服务器允许像 Claude 这样的 AI 助手使用 Exa AI 搜索 API 进行网络搜索。这种设置允许 AI 模型以安全和受控的方式获取实时的网络信息。

官方
精选