I built a free, native MongoDB GUI in Rust (Tauri) — why, and what I learned

#mongodb #rust #tauri #opensource

TL;DR — I built MQLens, a free, open-source (Apache-2.0) MongoDB GUI as a small native app (Tauri/Rust + React). It does the workflows people usually pay for — every auth mode, SSH tunnels, aggregation explain plans, GridFS, an embedded mongosh — and keeps your credentials encrypted on your machine with zero telemetry. Source: https://github.com/mqlens/mqlens-mongodb

The gap

Every MongoDB GUI I tried left me wanting.

Compass is free and competent, but it's a heavy Electron app, it has telemetry, and it can't open an SSH tunnel — which is how I reach most production databases. Studio 3T and NoSQLBooster are genuinely powerful, but they're paid. Robo 3T is effectively frozen in time. And mongosh, which I love, is a shell — great for some tasks, painful for browsing schemas or reading an explain plan.

So I built MQLens: a free MongoDB GUI that tries to cover the workflows people usually pay for, in a small native app that keeps your data and credentials on your machine.

Why Tauri over Electron

The obvious reason is size and memory. Tauri uses the OS's native webview instead of bundling Chromium, so the app is a fraction of the size of an equivalent Electron build and idle RAM is dramatically lower.

The less obvious reason mattered more to me: I wanted the parts that touch the network and your secrets to be in Rust, not JavaScript. The MongoDB driver, SSH tunneling, SOCKS5 proxying, and the credential vault all live in the Rust backend. The React frontend never sees a raw credential or a provider API key.

The hard parts

Every auth mechanism

"Connect to MongoDB" sounds simple until you support all of it: SCRAM-SHA-1/256, X.509, MONGODB-AWS (including IAM session tokens), GSSAPI/Kerberos, and LDAP — each with its own $external plumbing and its own failure modes.

Getting honest, staged connection errors (parse → DNS → connect → ping) instead of one opaque "connection failed" took real work, and is one of the things I'm happiest with.

SSH tunnels and proxies

Reaching a database behind a bastion is the common case in production, and it's exactly what the free tools skip. MQLens does SSH tunneling and SOCKS5 proxying in the Rust layer. (I wrote up the workflow here: connect to MongoDB through an SSH tunnel.)

Rendering the explain plan

An aggregation explain output is a deeply nested tree. Turning that into something you can read at a glance — to see where a query is doing a COLLSCAN or missing an index — was a genuine UI problem worth solving. There's a walkthrough here: how to read a MongoDB explain plan visually.

The credential vault

Saved credentials are encrypted with AES-256-GCM, the key derived via Argon2id from a master password. On macOS you can unlock with Touch ID. The threat model is "your laptop, but encrypted at rest behind a password you control" — no cloud, no sync, no account.

Privacy as a constraint, not a feature

There is no telemetry. No analytics SDK, no account, no phone-home. With the optional AI query assistant turned off, the app makes no outbound connections except to your database. When it's on, it's bring-your-own-provider-key, and that key stays in the backend.

This wasn't a marketing afterthought — it shaped the architecture. It's why secrets live in Rust and why there's no analytics in the client at all.

Try it / tell me where it breaks

MQLens is Apache-2.0 and builds for macOS, Windows, and Linux. If you work with MongoDB, I'd love for you to try it against your real setup and tell me where it falls short — especially on auth/network edge cases and the explain/index views.