How I Set Up HAProxy + ProxySQL on a Single OVH VPS for My Solo SaaS

TL;DR: I needed to expose MySQL on the internet without getting scanned into oblivion within 48 hours. I stacked HAProxy in front of ProxySQL in front of MySQL. It works. I also spent six hours fighting a proxy that reads its config file once in its life, then pretends it never met you.

The problem (or: why I didn't just buy an $80/month RDS)

I'm building DockSky, an indie SaaS, solo, on an 8 GB OVH VPS for about €14/month. No ops team. No "managed database" budget. Just me, Docker, and optimism.

Except DockSky isn't just a REST API with Postgres behind it. The product is managed multi-tenant MySQL: each customer gets their own MySQL user, their own credentials, real isolation. Not a tenant_id column and a prayer.

For that to work, I need external MySQL access on port 6033, without leaving MySQL wide open on the internet like a vending machine at 3 a.m.