How to Install and Configure MySQL on Debian 12 Bookworm

MySQL is one of the most widely used open-source relational database management systems (RDBMS) in the world. Whether you’re setting up a new web server, a development environment, or a production database, installing and configuring MySQL properly is a crucial step. Debian 12 “Bookworm” brings the latest improvements and security enhancements, making it a great choice for hosting MySQL.

In this guide, we’ll walk you through the process of installing and configuring MySQL on a Debian 12 system. We’ll also cover basic security steps, initial configuration, and how to manage your MySQL server effectively.

Table of Contents

1. Introduction to MySQL on Debian
2. Step 1: Update the System
3. Step 2: Install MySQL Server
4. Step 3: Start and Enable MySQL Service
5. Step 4: Secure MySQL Installation
6. Step 5: Log Into the MySQL Shell
7. Step 6: Create a Database and User
8. Step 7: Configure Remote Access (Optional)
9. Step 8: Adjusting Firewall Rules (If Applicable)
10. Step 9: Tuning MySQL for Better Performance
11. Step 10: Basic Management Commands
12. Conclusion

1. Introduction to MySQL on Debian

Debian is known for its stability and extensive package repository, making it ideal for running MySQL in both development and production environments. Debian 12 Bookworm ships with MySQL 8.0, which includes a host of new features like improved JSON support, better indexing, and enhanced performance.

2. Step 1: Update the System

Before installing any new packages, it’s important to make sure your system is up-to-date.

sudo apt update
sudo apt upgrade -y

This ensures that all dependencies and system components are current, reducing potential issues during the MySQL installation.

3. Step 2: Install MySQL Server

MySQL is available directly from the Debian package repositories. To install it, use the following command:

sudo apt install mysql-server -y

This command installs the MySQL server along with required dependencies. As of Debian 12, this will typically install MySQL 8.0.

You can verify the installation with:

mysql --version

4. Step 3: Start and Enable MySQL Service

After installation, the MySQL service should start automatically. To ensure it’s running and enabled on boot:

sudo systemctl start mysql
sudo systemctl enable mysql

To check the status:

sudo systemctl status mysql

You should see output indicating that MySQL is active and running.

5. Step 4: Secure MySQL Installation

MySQL provides a built-in script to help you set up security features like password validation and root account protection.

Run the script with:

sudo mysql_secure_installation

You will be prompted to:

• Set a password for the MySQL root user (if using auth with password)
• Remove anonymous users
• Disallow remote root login
• Remove test database
• Reload privilege tables

It’s recommended to answer yes to all except remote root access unless you specifically need it.

6. Step 5: Log Into the MySQL Shell

To access the MySQL shell:

sudo mysql

This logs you in as the root user using the system’s socket-based authentication. You can create a password-based root user if you need remote access later.

Once inside, you can use standard SQL commands.

To exit:

exit;

7. Step 6: Create a Database and User

Let’s create a new database and user with access rights.

sudo mysql

Inside the MySQL shell, run:

CREATE DATABASE mydatabase;
CREATE USER 'myuser'@'localhost' IDENTIFIED BY 'StrongPassword123!';
GRANT ALL PRIVILEGES ON mydatabase.* TO 'myuser'@'localhost';
FLUSH PRIVILEGES;
EXIT;

This creates a secure, application-specific user.

8. Step 7: Configure Remote Access (Optional)

By default, MySQL listens only on localhost for security. If you need to allow access from remote systems (e.g., for a separate application server), you need to change the bind address.

Edit the configuration file:

sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf

Find the line:

bind-address = 127.0.0.1

And change it to:

bind-address = 0.0.0.0

This allows MySQL to listen on all interfaces. Restart MySQL to apply:

sudo systemctl restart mysql

Make sure to grant permissions for remote access:

GRANT ALL PRIVILEGES ON mydatabase.* TO 'myuser'@'%' IDENTIFIED BY 'StrongPassword123!';
FLUSH PRIVILEGES;

Important: Don’t expose MySQL directly to the internet without using a firewall or VPN.

9. Step 8: Adjusting Firewall Rules (If Applicable)

If you’re using ufw (Uncomplicated Firewall), open port 3306 for remote access:

sudo ufw allow 3306
sudo ufw reload

You can also limit it to a specific IP:

sudo ufw allow from 192.168.1.100 to any port 3306

Always use restrictive rules in production environments.

10. Step 9: Tuning MySQL for Better Performance

MySQL offers numerous configuration options for performance tuning. The main configuration file is:

/etc/mysql/mysql.conf.d/mysqld.cnf

Some parameters you might want to adjust:

• innodb_buffer_pool_size – Size of the InnoDB buffer pool (recommended: 70-80% of system memory for dedicated DB servers)
• max_connections – Limits concurrent connections
• query_cache_size – Optional caching for read-heavy workloads
• slow_query_log – Enable logging for slow queries

Example snippet:

innodb_buffer_pool_size = 1G
max_connections = 200
slow_query_log = 1
slow_query_log_file = /var/log/mysql/slow.log
long_query_time = 2

After changes, restart MySQL:

sudo systemctl restart mysql

You can use tools like mysqltuner to get performance recommendations:

sudo apt install mysqltuner
sudo mysqltuner

11. Step 10: Basic Management Commands

Here are some useful commands for managing your MySQL server:

Check Service Status

sudo systemctl status mysql

Restart MySQL Service

sudo systemctl restart mysql

Check MySQL Port

sudo netstat -tuln | grep 3306

Backing Up a Database

mysqldump -u myuser -p mydatabase > mydatabase_backup.sql

Restoring a Database

mysql -u myuser -p mydatabase < mydatabase_backup.sql

Conclusion

Installing and configuring MySQL on Debian 12 Bookworm is straightforward thanks to the mature package management and solid system integration that Debian provides. With just a few commands, you can set up a fully functional and secure MySQL environment suitable for development or production.

By following the additional steps such as securing MySQL, tuning performance, and setting up proper user access controls, you’re ensuring your database server is robust, efficient, and safe.

As with any database system, regular backups, security reviews, and performance monitoring are essential to maintain a healthy environment. Whether you’re managing a small blog or a large-scale enterprise application, MySQL on Debian 12 is a reliable foundation for your data.