From 7f64873209de4a2c869e3479358d090b4013192f Mon Sep 17 00:00:00 2001 From: Darren Sisson Date: Mon, 7 Oct 2024 16:54:35 +0100 Subject: [PATCH 1/2] update supabase and add supavisor --- templates/compose/supabase.yaml | 108 +++++++++++++++++++++++++++++--- 1 file changed, 99 insertions(+), 9 deletions(-) diff --git a/templates/compose/supabase.yaml b/templates/compose/supabase.yaml index 5eb707d93..1776c2119 100644 --- a/templates/compose/supabase.yaml +++ b/templates/compose/supabase.yaml @@ -14,7 +14,7 @@ services: supabase-analytics: condition: service_healthy environment: - - SERVICE_FQDN_SUPABASEKONG + - SERVICE_FQDN_SUPABASEKONG_8000 - JWT_SECRET=${SERVICE_PASSWORD_JWT} - KONG_DATABASE=off - KONG_DECLARATIVE_CONFIG=/home/kong/kong.yml @@ -278,7 +278,7 @@ services: config: hide_credentials: true supabase-studio: - image: supabase/studio:20240729-ce42139 + image: supabase/studio:20240923-2e3e90c healthcheck: test: [ @@ -301,7 +301,7 @@ services: - DEFAULT_ORGANIZATION_NAME=${STUDIO_DEFAULT_ORGANIZATION:-Default Organization} - DEFAULT_PROJECT_NAME=${STUDIO_DEFAULT_PROJECT:-Default Project} - - SUPABASE_URL=${SERVICE_FQDN_SUPABASEKONG} + - 'SUPABASE_URL=http://supabase-kong:8000' - SUPABASE_PUBLIC_URL=${SERVICE_FQDN_SUPABASEKONG} - SUPABASE_ANON_KEY=${SERVICE_SUPABASEANON_KEY} - SUPABASE_SERVICE_KEY=${SERVICE_SUPABASESERVICE_KEY} @@ -309,6 +309,7 @@ services: - LOGFLARE_API_KEY=${SERVICE_PASSWORD_LOGFLARE} - LOGFLARE_URL=http://supabase-analytics:4000 + - 'SUPABASE_PUBLIC_API=${SERVICE_FQDN_SUPABASEKONG}' - NEXT_PUBLIC_ENABLE_LOGS=true # Comment to use Big Query backend for analytics - NEXT_ANALYTICS_BACKEND_PROVIDER=postgres @@ -351,6 +352,14 @@ services: create schema if not exists _realtime; alter schema _realtime owner to :pguser; + - type: bind + source: ./volumes/db/supavisor.sql + target: /docker-entrypoint-initdb.d/init-scripts/99-supavisor.sql + content: | + \set pguser `echo "supabase_admin"` + + create schema if not exists _supavisor; + alter schema _supavisor owner to :pguser; - type: bind source: ./volumes/db/webhooks.sql target: /docker-entrypoint-initdb.d/init-scripts/98-webhooks.sql @@ -905,7 +914,7 @@ services: restart: unless-stopped environment: - PGRST_DB_URI=postgres://authenticator:${SERVICE_PASSWORD_POSTGRES}@${POSTGRES_HOSTNAME:-supabase-db}:${POSTGRES_PORT:-5432}/${POSTGRES_DB:-postgres} - - PGRST_DB_SCHEMAS=${PGRST_DB_SCHEMAS:-public} + - 'PGRST_DB_SCHEMAS=${PGRST_DB_SCHEMAS:-public,storage,graphql_public}' - PGRST_DB_ANON_ROLE=anon - PGRST_JWT_SECRET=${SERVICE_PASSWORD_JWT} - PGRST_DB_USE_LEGACY_GUCS=false @@ -914,7 +923,7 @@ services: command: "postgrest" exclude_from_hc: true supabase-auth: - image: supabase/gotrue:v2.151.0 + image: supabase/gotrue:v2.158.1 depends_on: supabase-db: # Disable this if you are using an external Postgres database @@ -992,7 +1001,7 @@ services: # GOTRUE_HOOK_PASSWORD_VERIFICATION_ATTEMPT_ENABLED="true" # GOTRUE_HOOK_PASSWORD_VERIFICATION_ATTEMPT_URI="pg-functions://postgres/public/password_verification_attempt" - + # Uncomment to enable common OAuth Variables #- 'GOTRUE_EXTERNAL_GITHUB_CLIENT_ID=${GOTRUE_EXTERNAL_GITHUB_CLIENT_ID}' #- 'GOTRUE_EXTERNAL_GITHUB_ENABLED=${GOTRUE_EXTERNAL_GITHUB_ENABLED}' @@ -1005,7 +1014,7 @@ services: realtime-dev: # This container name looks inconsistent but is correct because realtime constructs tenant id by parsing the subdomain - image: supabase/realtime:v2.30.23 + image: supabase/realtime:v2.30.34 container_name: realtime-dev.supabase-realtime depends_on: supabase-db: @@ -1085,7 +1094,7 @@ services: exit 0 supabase-storage: - image: supabase/storage-api:v1.0.6 + image: supabase/storage-api:v1.10.1 depends_on: supabase-db: # Disable this if you are using an external Postgres database @@ -1185,7 +1194,7 @@ services: - PG_META_DB_PASSWORD=${SERVICE_PASSWORD_POSTGRES} supabase-edge-functions: - image: supabase/edge-runtime:v1.53.3 + image: supabase/edge-runtime:v1.58.3 depends_on: supabase-analytics: condition: service_healthy @@ -1327,3 +1336,84 @@ services: - start - --main-service - /home/deno/functions/main + + supabase-supavisor: + image: 'supabase/supavisor:1.1.56' + healthcheck: + test: + - CMD + - curl + - "-sSfL" + - "-o" + - /dev/null + - "http://127.0.0.1:4000/api/health" + timeout: 5s + interval: 5s + retries: 10 + restart: unless-stopped + depends_on: + supabase-db: + condition: service_healthy + environment: + - PORT=4000 + - PROXY_PORT_SESSION=5432 + - PROXY_PORT_TRANSACTION=6543 + - 'POSTGRES_PORT=${POSTGRES_PORT:-5432}' + - 'POSTGRES_HOSTNAME=${POSTGRES_HOSTNAME:-supabase-db}' + - 'POSTGRES_DB=${POSTGRES_DB:-postgres}' + - 'POSTGRES_PASSWORD=${SERVICE_PASSWORD_POSTGRES}' + - 'DATABASE_URL=ecto://supabase_admin:${SERVICE_PASSWORD_POSTGRES}@${POSTGRES_HOSTNAME:-supabase-db}:${POSTGRES_PORT:-5432}/${POSTGRES_DB:-postgres}' + - CLUSTER_POSTGRES=true + - 'SECRET_KEY_BASE=${SERVICE_PASSWORD_SUPAVISORSECRET}' + - 'VAULT_ENC_KEY=${SERVICE_PASSWORD_VAULTENC}' + - 'API_JWT_SECRET=${SERVICE_PASSWORD_JWT}' + - 'METRICS_JWT_SECRET=${SERVICE_PASSWORD_JWT}' + - REGION=local + - 'ERL_AFLAGS=-proto_dist inet_tcp' + volumes: + - type: bind + source: ./volumes/supavisor/entrypoint.sh + target: /home/entrypoint.sh + content: | + #!/bin/bash + + /app/bin/supavisor eval ' + {:ok, _} = Application.ensure_all_started(:supavisor) + {:ok, version} = + case Supavisor.Repo.query!("select version()") do + %{rows: [[ver]]} -> Supavisor.Helpers.parse_pg_version(ver) + _ -> nil + end + params = %{ + "external_id" => "dev_tenant", + "db_host" => System.get_env("POSTGRES_HOSTNAME"), + "db_port" => System.get_env("POSTGRES_PORT") |> String.to_integer(), + "db_database" => System.get_env("POSTGRES_DB"), + "require_user" => false, + "auth_query" => "SELECT rolname, rolpassword FROM pg_authid WHERE rolname=$1", + "default_max_clients" => 100, + "default_pool_size" => 20, + "enforce_ssl" => false, + "default_parameter_status" => %{"server_version" => version}, + "users" => [%{ + "db_user" => "postgres", + "db_password" => System.get_env("POSTGRES_PASSWORD"), + "mode_type" => "transaction", + "pool_size" => 20, + "is_manager" => true + }] + } + + tenant = Supavisor.Tenants.get_tenant_by_external_id(params["external_id"]) + + if tenant do + {:ok, _} = Supavisor.Tenants.update_tenant(tenant, params) + else + {:ok, _} = Supavisor.Tenants.create_tenant(params) + end + ' + + command: + - sh + - "-c" + - "chmod +x /home/entrypoint.sh && /app/bin/migrate && /home/entrypoint.sh && /app/bin/server" From 1b0f67a0839f2619ed82f7b0633239c75093d449 Mon Sep 17 00:00:00 2001 From: Darren Sisson Date: Wed, 9 Oct 2024 13:03:47 +0100 Subject: [PATCH 2/2] update supabase template to match current version --- templates/compose/supabase.yaml | 61 ++++++++++++++++++--------------- 1 file changed, 33 insertions(+), 28 deletions(-) diff --git a/templates/compose/supabase.yaml b/templates/compose/supabase.yaml index 1776c2119..8f3d0a667 100644 --- a/templates/compose/supabase.yaml +++ b/templates/compose/supabase.yaml @@ -353,11 +353,18 @@ services: create schema if not exists _realtime; alter schema _realtime owner to :pguser; - type: bind - source: ./volumes/db/supavisor.sql - target: /docker-entrypoint-initdb.d/init-scripts/99-supavisor.sql + source: ./volumes/db/_supabase.sql + target: /docker-entrypoint-initdb.d/migrations/97-_supabase.sql + content: | + \set pguser `echo "$POSTGRES_USER"` + + CREATE DATABASE _supabase WITH OWNER :pguser; + - type: bind + source: ./volumes/db/pooler.sql + target: /docker-entrypoint-initdb.d/migrations/99-pooler.sql content: | \set pguser `echo "supabase_admin"` - + \c _supabase create schema if not exists _supavisor; alter schema _supavisor owner to :pguser; - type: bind @@ -600,7 +607,7 @@ services: target: /docker-entrypoint-initdb.d/migrations/99-logs.sql content: | \set pguser `echo "supabase_admin"` - + \c _supabase create schema if not exists _analytics; alter schema _analytics owner to :pguser; # Use named volume to persist pgsodium decryption key between restarts @@ -625,7 +632,7 @@ services: environment: - LOGFLARE_NODE_HOST=127.0.0.1 - DB_USERNAME=supabase_admin - - DB_DATABASE=${POSTGRES_DB:-postgres} + - DB_DATABASE=_supabase - DB_HOSTNAME=${POSTGRES_HOSTNAME:-supabase-db} - DB_PORT=${POSTGRES_PORT:-5432} - DB_PASSWORD=${SERVICE_PASSWORD_POSTGRES} @@ -637,7 +644,7 @@ services: - LOGFLARE_MIN_CLUSTER_SIZE=1 # Comment variables to use Big Query backend for analytics - - POSTGRES_BACKEND_URL=postgresql://supabase_admin:${SERVICE_PASSWORD_POSTGRES}@${POSTGRES_HOSTNAME:-supabase-db}:${POSTGRES_PORT:-5432}/${POSTGRES_DB:-postgres} + - POSTGRES_BACKEND_URL=postgresql://supabase_admin:${SERVICE_PASSWORD_POSTGRES}@${POSTGRES_HOSTNAME:-supabase-db}:${POSTGRES_PORT:-5432}/_supabase - POSTGRES_BACKEND_SCHEMA=_analytics - LOGFLARE_FEATURE_FLAG_OVERRIDE=multibackend=true @@ -1354,15 +1361,19 @@ services: depends_on: supabase-db: condition: service_healthy + supabase-analytics: + condition: service_healthy environment: + - POOLER_TENANT_ID=dev_tenant + - POOLER_POOL_MODE=transaction + - POOLER_DEFAULT_POOL_SIZE=${POOLER_DEFAULT_POOL_SIZE:-20} + - POOLER_MAX_CLIENT_CONN=${POOLER_MAX_CLIENT_CONN:-100} - PORT=4000 - - PROXY_PORT_SESSION=5432 - - PROXY_PORT_TRANSACTION=6543 - 'POSTGRES_PORT=${POSTGRES_PORT:-5432}' - 'POSTGRES_HOSTNAME=${POSTGRES_HOSTNAME:-supabase-db}' - 'POSTGRES_DB=${POSTGRES_DB:-postgres}' - 'POSTGRES_PASSWORD=${SERVICE_PASSWORD_POSTGRES}' - - 'DATABASE_URL=ecto://supabase_admin:${SERVICE_PASSWORD_POSTGRES}@${POSTGRES_HOSTNAME:-supabase-db}:${POSTGRES_PORT:-5432}/${POSTGRES_DB:-postgres}' + - 'DATABASE_URL=ecto://supabase_admin:${SERVICE_PASSWORD_POSTGRES}@${POSTGRES_HOSTNAME:-supabase-db}:${POSTGRES_PORT:-5432}/_supabase' - CLUSTER_POSTGRES=true - 'SECRET_KEY_BASE=${SERVICE_PASSWORD_SUPAVISORSECRET}' - 'VAULT_ENC_KEY=${SERVICE_PASSWORD_VAULTENC}' @@ -1370,14 +1381,15 @@ services: - 'METRICS_JWT_SECRET=${SERVICE_PASSWORD_JWT}' - REGION=local - 'ERL_AFLAGS=-proto_dist inet_tcp' + command: + - /bin/sh + - "-c" + - '/app/bin/migrate && /app/bin/supavisor eval "$$(cat /etc/pooler/pooler.exs)" && /app/bin/server' volumes: - type: bind - source: ./volumes/supavisor/entrypoint.sh - target: /home/entrypoint.sh + source: ./volumes/pooler/pooler.exs + target: /etc/pooler/pooler.exs content: | - #!/bin/bash - - /app/bin/supavisor eval ' {:ok, _} = Application.ensure_all_started(:supavisor) {:ok, version} = case Supavisor.Repo.query!("select version()") do @@ -1385,21 +1397,20 @@ services: _ -> nil end params = %{ - "external_id" => "dev_tenant", + "external_id" => System.get_env("POOLER_TENANT_ID"), "db_host" => System.get_env("POSTGRES_HOSTNAME"), "db_port" => System.get_env("POSTGRES_PORT") |> String.to_integer(), "db_database" => System.get_env("POSTGRES_DB"), "require_user" => false, - "auth_query" => "SELECT rolname, rolpassword FROM pg_authid WHERE rolname=$1", - "default_max_clients" => 100, - "default_pool_size" => 20, - "enforce_ssl" => false, + "auth_query" => "SELECT * FROM pgbouncer.get_auth($1)", + "default_max_clients" => System.get_env("POOLER_MAX_CLIENT_CONN"), + "default_pool_size" => System.get_env("POOLER_DEFAULT_POOL_SIZE"), "default_parameter_status" => %{"server_version" => version}, "users" => [%{ - "db_user" => "postgres", + "db_user" => "pgbouncer", "db_password" => System.get_env("POSTGRES_PASSWORD"), - "mode_type" => "transaction", - "pool_size" => 20, + "mode_type" => System.get_env("POOLER_POOL_MODE"), + "pool_size" => System.get_env("POOLER_DEFAULT_POOL_SIZE"), "is_manager" => true }] } @@ -1411,9 +1422,3 @@ services: else {:ok, _} = Supavisor.Tenants.create_tenant(params) end - ' - - command: - - sh - - "-c" - - "chmod +x /home/entrypoint.sh && /app/bin/migrate && /home/entrypoint.sh && /app/bin/server"