Skip to content
PlotPress

plotpress/dashboards/{dashboard}/connections.yaml

connections.yaml lives inside each dashboard folder. It defines the data sources that dashboard can read and which roles (declared in the same folder’s users.yaml) are allowed to read each.

Schema

Section titled “Schema”
<connection_name>:
  driver: postgres | mysql | mariadb | clickhouse | sqlite | duckdb | mongodb | s3
  dsn: string                # may contain ${ENV_VAR} references
  allowed_users: [string]    # role names from users.yaml
  pool:
    max_open: int            # default 10
    max_idle: int            # default 5
    max_lifetime: duration   # default 1h
  timeout: duration          # per-query timeout, default 30s
  read_only: bool            # default true; rejects non-SELECT at parser level

Field reference

Section titled “Field reference”

driver

Section titled “driver”

Required. See the Connections section for one page per supported driver:

dsn

Section titled “dsn”

Connection string in the driver’s native format. ${VAR} references expand from the backend’s environment at boot — never written to disk, never logged.

warehouse:
  driver: postgres
  dsn: postgres://reader:${WAREHOUSE_PASSWORD}@warehouse:5432/analytics?sslmode=require

allowed_users

Section titled “allowed_users”

Required. Role names defined in this dashboard’s users.yaml. Empty list means nobody. There is no implicit “everyone.”

pool, timeout, read_only

Section titled “pool, timeout, read_only”

Connection pool tuning, per-query wall-clock timeout, and the SELECT-only enforcement. Defaults are conservative; see each driver page for what to tune.

Example

Section titled “Example”
warehouse:
  driver: postgres
  dsn: postgres://reader:${WAREHOUSE_PASSWORD}@warehouse:5432/analytics?sslmode=require
  allowed_users: [analysts, exec]
  timeout: 30s


events:
  driver: clickhouse
  dsn: clickhouse://reader:${CLICKHOUSE_PASSWORD}@clickhouse:9440/events?secure=true
  allowed_users: [analysts]
  timeout: 15s

In this dashboard, exec viewers can only see things that go through warehouse — they can never reach the ClickHouse cluster, even if a Plot block tries to point at it.

Per-dashboard, not workspace-wide

Section titled “Per-dashboard, not workspace-wide”

A different dashboard’s connections.yaml can declare a connection named warehouse with a different DSN, different allowed_users, or both. Each dashboard’s data-access surface is exactly what its own folder declares.