icon

Supabase

An open source Firebase alternative. We're building the features of Firebase using enterprise-grade open source tools.

template cover
Deployed881 times
Publisheryuaanlin
Created2024-04-03
Services
service icon
service icon
service icon
service icon
service icon
service icon
service icon
service icon
service icon
service icon
Tags
CMSDatabaseToolAPI

Supabase is an open source Firebase alternative. We're building the features of Firebase using enterprise-grade open source tools.

For full documentation, visit supabase.com/docs.

Usage

You should bind the domain to the service kong if Zeabur does not instruct you to bind one.

You can find the username and password in the service kong.

Services

This Supabase instance includes Kong (API Gateway), Studio (Supabase Studio), Database (PostgreSQL), Meta (Postgres Meta), Rest (PostgREST), Auth (GoTrue), Supavisor (Database Pooler), MinIO (Object Storage), Storage (Storage API), ImgProxy (Image Processing), and Realtime.

If you need additional Supabase services, feel free to implement them according to the upstream docker-compose.yaml file and submit your changes to our Discord server. This applies to our Contribution Reward Program.

Configuration

Security Configuration

See Securing your services to update the secrets in your services. Note that you should restart all services in Project Settings in order to apply the configurations.

  • JWT secrets: update it in the service, postgresql
  • Anon and Service role keys: update it in the service, kong
  • Dashboard username and password: update SUPABASE_USERNAME and PASSWORD in the service, kong

Add Google OAuth support

Add the following environment variables to the auth service:

  • GOTRUE_EXTERNAL_GOOGLE_ENABLED=true
  • GOTRUE_EXTERNAL_GOOGLE_CLIENT_ID=xxxxxxxx
  • GOTRUE_EXTERNAL_GOOGLE_SECRET=yyyyyyyy
  • GOTRUE_EXTERNAL_GOOGLE_REDIRECT_URI=https://supabase.zeabur.app/auth/v1/callback

Update supabase.zeabur.app to your public domain, for example: supabase.example.com.

You can find the client ID and secret in the Google Cloud Console.

Then, restart your auth service.

Add Apple OAuth support

Add the following environment variables to the auth service:

  • GOTRUE_EXTERNAL_APPLE_ENABLED=true
  • GOTRUE_EXTERNAL_APPLE_CLIENT_ID=xxxxxxxx
  • GOTRUE_EXTERNAL_APPLE_SECRET=yyyyyyyy
  • GOTRUE_EXTERNAL_APPLE_REDIRECT_URI=https://supabase.zeabur.app/auth/v1/callback

Update supabase.zeabur.app to your public domain, for example: supabase.example.com.

You can find the client ID and secret in the Apple Developer Console.

Then, restart your auth service.

Advanced Auth Configuration (Optional)

Add these environment variables to the auth service for advanced features:

Custom Access Token Hook:

  • GOTRUE_HOOK_CUSTOM_ACCESS_TOKEN_ENABLED=true
  • GOTRUE_HOOK_CUSTOM_ACCESS_TOKEN_URI=pg-functions://postgres/public/custom_access_token_hook
  • GOTRUE_HOOK_CUSTOM_ACCESS_TOKEN_SECRETS=<your-base64-secret>

MFA Verification Hook:

  • GOTRUE_HOOK_MFA_VERIFICATION_ATTEMPT_ENABLED=true
  • GOTRUE_HOOK_MFA_VERIFICATION_ATTEMPT_URI=pg-functions://postgres/public/mfa_verification_attempt

Password Verification Hook:

  • GOTRUE_HOOK_PASSWORD_VERIFICATION_ATTEMPT_ENABLED=true
  • GOTRUE_HOOK_PASSWORD_VERIFICATION_ATTEMPT_URI=pg-functions://postgres/public/password_verification_attempt

Custom SMS Hook:

  • GOTRUE_HOOK_SEND_SMS_ENABLED=true
  • GOTRUE_HOOK_SEND_SMS_URI=pg-functions://postgres/public/custom_sms_hook
  • GOTRUE_HOOK_SEND_SMS_SECRETS=v1,whsec_<your-secret>

Custom Email Hook:

  • GOTRUE_HOOK_SEND_EMAIL_ENABLED=true
  • GOTRUE_HOOK_SEND_EMAIL_URI=http://host.docker.internal:54321/functions/v1/email_sender
  • GOTRUE_HOOK_SEND_EMAIL_SECRETS=v1,whsec_<your-secret>

Other Options:

  • GOTRUE_EXTERNAL_SKIP_NONCE_CHECK=true (for mobile Google Sign In)
  • GOTRUE_MAILER_SECURE_EMAIL_CHANGE_ENABLED=true
  • GOTRUE_SMTP_MAX_FREQUENCY=1s

Studio SQL Assistant: Add to studio service:

  • OPENAI_API_KEY=your-openai-api-key