update supabase and add supavisor

templates/compose/supabase.yaml

@@ -14,7 +14,7 @@ services:
       supabase-analytics:
         condition: service_healthy
     environment:
-      - SERVICE_FQDN_SUPABASEKONG
+      - SERVICE_FQDN_SUPABASEKONG_8000
       - JWT_SECRET=${SERVICE_PASSWORD_JWT}
       - KONG_DATABASE=off
       - KONG_DECLARATIVE_CONFIG=/home/kong/kong.yml
@@ -278,7 +278,7 @@ services:
                   config:
                     hide_credentials: true
   supabase-studio:
-    image: supabase/studio:20240729-ce42139
+    image: supabase/studio:20240923-2e3e90c
     healthcheck:
       test:
         [
@@ -301,7 +301,7 @@ services:
       - DEFAULT_ORGANIZATION_NAME=${STUDIO_DEFAULT_ORGANIZATION:-Default Organization}
       - DEFAULT_PROJECT_NAME=${STUDIO_DEFAULT_PROJECT:-Default Project}
 
-      - SUPABASE_URL=${SERVICE_FQDN_SUPABASEKONG}
+      - 'SUPABASE_URL=http://supabase-kong:8000'
       - SUPABASE_PUBLIC_URL=${SERVICE_FQDN_SUPABASEKONG}
       - SUPABASE_ANON_KEY=${SERVICE_SUPABASEANON_KEY}
       - SUPABASE_SERVICE_KEY=${SERVICE_SUPABASESERVICE_KEY}
@@ -309,6 +309,7 @@ services:
 
       - LOGFLARE_API_KEY=${SERVICE_PASSWORD_LOGFLARE}
       - LOGFLARE_URL=http://supabase-analytics:4000
+      - 'SUPABASE_PUBLIC_API=${SERVICE_FQDN_SUPABASEKONG}'
       - NEXT_PUBLIC_ENABLE_LOGS=true
       # Comment to use Big Query backend for analytics
       - NEXT_ANALYTICS_BACKEND_PROVIDER=postgres
@@ -351,6 +352,14 @@ services:
 
           create schema if not exists _realtime;
           alter schema _realtime owner to :pguser;
+      - type: bind
+        source: ./volumes/db/supavisor.sql
+        target: /docker-entrypoint-initdb.d/init-scripts/99-supavisor.sql
+        content: |
+          \set pguser `echo "supabase_admin"`
+
+          create schema if not exists _supavisor;
+          alter schema _supavisor owner to :pguser;
       - type: bind
         source: ./volumes/db/webhooks.sql
         target: /docker-entrypoint-initdb.d/init-scripts/98-webhooks.sql
@@ -905,7 +914,7 @@ services:
     restart: unless-stopped
     environment:
       - PGRST_DB_URI=postgres://authenticator:${SERVICE_PASSWORD_POSTGRES}@${POSTGRES_HOSTNAME:-supabase-db}:${POSTGRES_PORT:-5432}/${POSTGRES_DB:-postgres}
-      - PGRST_DB_SCHEMAS=${PGRST_DB_SCHEMAS:-public}
+      - 'PGRST_DB_SCHEMAS=${PGRST_DB_SCHEMAS:-public,storage,graphql_public}'
       - PGRST_DB_ANON_ROLE=anon
       - PGRST_JWT_SECRET=${SERVICE_PASSWORD_JWT}
       - PGRST_DB_USE_LEGACY_GUCS=false
@@ -914,7 +923,7 @@ services:
     command: "postgrest"
     exclude_from_hc: true
   supabase-auth:
-    image: supabase/gotrue:v2.151.0
+    image: supabase/gotrue:v2.158.1
     depends_on:
       supabase-db:
         # Disable this if you are using an external Postgres database
@@ -992,7 +1001,7 @@ services:
 
       # GOTRUE_HOOK_PASSWORD_VERIFICATION_ATTEMPT_ENABLED="true"
       # GOTRUE_HOOK_PASSWORD_VERIFICATION_ATTEMPT_URI="pg-functions://postgres/public/password_verification_attempt"
-      
+
       # Uncomment to enable common OAuth Variables
       #- 'GOTRUE_EXTERNAL_GITHUB_CLIENT_ID=${GOTRUE_EXTERNAL_GITHUB_CLIENT_ID}'
       #- 'GOTRUE_EXTERNAL_GITHUB_ENABLED=${GOTRUE_EXTERNAL_GITHUB_ENABLED}'
@@ -1005,7 +1014,7 @@ services:
 
   realtime-dev:
     # This container name looks inconsistent but is correct because realtime constructs tenant id by parsing the subdomain
-    image: supabase/realtime:v2.30.23
+    image: supabase/realtime:v2.30.34
     container_name: realtime-dev.supabase-realtime
     depends_on:
       supabase-db:
@@ -1085,7 +1094,7 @@ services:
           exit 0
 
   supabase-storage:
-    image: supabase/storage-api:v1.0.6
+    image: supabase/storage-api:v1.10.1
     depends_on:
       supabase-db:
         # Disable this if you are using an external Postgres database
@@ -1185,7 +1194,7 @@ services:
       - PG_META_DB_PASSWORD=${SERVICE_PASSWORD_POSTGRES}
 
   supabase-edge-functions:
-    image: supabase/edge-runtime:v1.53.3
+    image: supabase/edge-runtime:v1.58.3
     depends_on:
       supabase-analytics:
         condition: service_healthy
@@ -1327,3 +1336,84 @@ services:
       - start
       - --main-service
       - /home/deno/functions/main
+
+  supabase-supavisor:
+    image: 'supabase/supavisor:1.1.56'
+    healthcheck:
+      test:
+        - CMD
+        - curl
+        - "-sSfL"
+        - "-o"
+        - /dev/null
+        - "http://127.0.0.1:4000/api/health"
+      timeout: 5s
+      interval: 5s
+      retries: 10
+    restart: unless-stopped
+    depends_on:
+      supabase-db:
+        condition: service_healthy
+    environment:
+      - PORT=4000
+      - PROXY_PORT_SESSION=5432
+      - PROXY_PORT_TRANSACTION=6543
+      - 'POSTGRES_PORT=${POSTGRES_PORT:-5432}'
+      - 'POSTGRES_HOSTNAME=${POSTGRES_HOSTNAME:-supabase-db}'
+      - 'POSTGRES_DB=${POSTGRES_DB:-postgres}'
+      - 'POSTGRES_PASSWORD=${SERVICE_PASSWORD_POSTGRES}'
+      - 'DATABASE_URL=ecto://supabase_admin:${SERVICE_PASSWORD_POSTGRES}@${POSTGRES_HOSTNAME:-supabase-db}:${POSTGRES_PORT:-5432}/${POSTGRES_DB:-postgres}'
+      - CLUSTER_POSTGRES=true
+      - 'SECRET_KEY_BASE=${SERVICE_PASSWORD_SUPAVISORSECRET}'
+      - 'VAULT_ENC_KEY=${SERVICE_PASSWORD_VAULTENC}'
+      - 'API_JWT_SECRET=${SERVICE_PASSWORD_JWT}'
+      - 'METRICS_JWT_SECRET=${SERVICE_PASSWORD_JWT}'
+      - REGION=local
+      - 'ERL_AFLAGS=-proto_dist inet_tcp'
+    volumes:
+      - type: bind
+        source: ./volumes/supavisor/entrypoint.sh
+        target: /home/entrypoint.sh
+        content: |
+          #!/bin/bash
+
+          /app/bin/supavisor eval '
+          {:ok, _} = Application.ensure_all_started(:supavisor)
+          {:ok, version} =
+              case Supavisor.Repo.query!("select version()") do
+              %{rows: [[ver]]} -> Supavisor.Helpers.parse_pg_version(ver)
+              _ -> nil
+              end
+          params = %{
+              "external_id" => "dev_tenant",
+              "db_host" => System.get_env("POSTGRES_HOSTNAME"),
+              "db_port" => System.get_env("POSTGRES_PORT") |> String.to_integer(),
+              "db_database" => System.get_env("POSTGRES_DB"),
+              "require_user" => false,
+              "auth_query" => "SELECT rolname, rolpassword FROM pg_authid WHERE rolname=$1",
+              "default_max_clients" => 100,
+              "default_pool_size" => 20,
+              "enforce_ssl" => false,
+              "default_parameter_status" => %{"server_version" => version},
+              "users" => [%{
+              "db_user" => "postgres",
+              "db_password" => System.get_env("POSTGRES_PASSWORD"),
+              "mode_type" => "transaction",
+              "pool_size" => 20,
+              "is_manager" => true
+              }]
+          }
+
+          tenant = Supavisor.Tenants.get_tenant_by_external_id(params["external_id"])
+
+          if tenant do
+            {:ok, _} = Supavisor.Tenants.update_tenant(tenant, params)
+          else
+            {:ok, _} = Supavisor.Tenants.create_tenant(params)
+          end
+          '
+
+        command:
+          - sh
+          - "-c"
+          - "chmod +x /home/entrypoint.sh && /app/bin/migrate && /home/entrypoint.sh && /app/bin/server"