0reo / supabase-on-do Goto Github PK

View Code? Open in Web Editor NEW

This project forked from digitalocean/supabase-on-do

0.0 0.0 0.0 468 KB

License: Apache License 2.0

Shell 4.30% TypeScript 6.10% PLpgSQL 17.20% HCL 72.40%

supabase-on-do's People

Contributors

supabase-on-do's Issues

Add auth support for google, apple, others

provision env vars
#19

This process is untested, but basically, we want to be able to

add a list of oauth services to terraform
provide the needed oauth values for each service added
create an env template for each service
have terraform iterate through each template, add the oauth values accordingly, and generate a larger final .env
have docker-compose.yml read the new values(should automatically ignore them if empty)

This should make getting oauth going slightly more obvious

https://github.com/supabase/auth#external-authentication-providers

make an array in variables.tf with each service

  variable "auth_service_keys" {
    description = "List of auth services"
    type        = list(string)
    default     = ["SERVICE_1", "SERVICE_2", "SERVICE_3"]
  }
  locals {
    auth_map = { for service in var.auth_service_keys: service => {
      ENABLED = false
      CLIENT_ID = ""
      SECRET = ""
      REDIRECT_URI = ""
      X_URL = ""
    }}
  }
  variable "auth_services" {
    description = "Auth services fields"
    type        = map(map)
    default     = local.auth_map
  }

add to terraform.tfvars.example

  auth_service_values = {
    "[SERVICE_1]"= {
      ENABLED = false,
      CLIENT_ID = "",
      SECRET = "",
      REDIRECT_URI = "",
      X_URL = ""
    },
    "[SERVICE_2]"= {
      ENABLED = false
      CLIENT_ID = ""
      SECRET = ""
      REDIRECT_URI = "",
      X_URL = ""
    },
  }

make an .env.[SERVICE].tftpl file for each service, and add the following

  GOTRUE_EXTERNAL_[SERVICE]_ENABLED = TF_ENABLED
  GOTRUE_EXTERNAL_[SERVICE]_CLIENT_ID = TF_CLIENT_ID
  GOTRUE_EXTERNAL_[SERVICE]_SECRET = TF_SECRET
  GOTRUE_EXTERNAL_[SERVICE]_REDIRECT_URI = TF_REDIRECT_URI
  GOTRUE_EXTERNAL_[SERVICE]_X_URL = TF_X_URL

create an env_auth_files local with each service in local.tf

  env_auth_files = [for service, values in var.auth_services: [
    template = templatefile("${path.module}/files/.env.${service}.tftpl",
    {
      TF_ENABLED = values.ENABLED
      TF_CLIENT_ID = values.CLIENT_ID
      TF_SECRET = values.SECRET
      TF_REDIRECT_URI = values.REDIRECT_URI
      TF_X_URL = values.X_URL
    }
  ]]

create an env_final local, which concatenates each env template into one local
```
 env_final = concat(local.env_file, local.env_auth_files)
```

pass local.env_file to content of .env in write_files

  content     = base64encode("${local.env_final}")

Fix incorrect droplet image id

The current droplet image is attempting to use ubuntu-22-10-x64, which does not exist(possibly it was removed?). Use ubuntu-22-04-x64 instead

Make dedicated spaces storage region

DO spaces are not available in all regions, so allow setting regions for spaces independently from droplets/volumes

Switch to GA Supabase/bring docker-compose up to date with self hosted Supabase

mostly done, blocked by supabase/supabase#26309

Fix typo in SUPABASE_DB_URL in meta container

SUPABASE_DB_URL: postgresql://postgres:${POSTGRES_PASSWORD}@${POSTGRES_DB}:${POSTGRES_PORT}/${POSTGRES_DB}
should be
SUPABASE_DB_URL: postgresql://postgres:${POSTGRES_PASSWORD}@${POSTGRES_HOST}:${POSTGRES_PORT}/${POSTGRES_DB}

set up external authentication with Apple locally

https://github.com/supabase/auth?tab=readme-ov-file#apple-oauth

To try out external authentication with Apple locally, you will need to do the following:

Remap localhost to <my_custom_dns > in your /etc/hosts config.

Configure auth to serve HTTPS traffic over localhost by replacing ListenAndServe in api.go with:

   func (a *API) ListenAndServe(hostAndPort string) {
     log := logrus.WithField("component", "api")
     path, err := os.Getwd()
     if err != nil {
       log.Println(err)
     }
     server := &http.Server{
       Addr:    hostAndPort,
       Handler: a.handler,
     }
     done := make(chan struct{})
     defer close(done)
     go func() {
       waitForTermination(log, done)
       ctx, cancel := context.WithTimeout(context.Background(), time.Minute)
       defer cancel()
       server.Shutdown(ctx)
     }()
     if err := server.ListenAndServeTLS("PATH_TO_CRT_FILE", "PATH_TO_KEY_FILE"); err != http.ErrServerClosed {
       log.WithError(err).Fatal("http server listen failed")
     }
 }

Generate the crt and key file. See here for more information.

Generate the GOTRUE_EXTERNAL_APPLE_SECRET by following this post!

Escape paths for sendgrid provisioning on windows

reference digitalocean#31

In Windows, you can modify the command to use the backslash character instead of the forward slash character to separate directory names, and use the .\ notation to refer to the current directory.

command = "copy .\\files\\sender-verification.sh.tmpl .\\files\\sender-verification.sh && chmod +x .\\files\\sender-verification.sh && .\\files\\sender-verification.sh"

0reo / supabase-on-do Goto Github PK

supabase-on-do's People

Contributors

supabase-on-do's Issues

Add auth support for google, apple, others

Fix incorrect droplet image id

Make dedicated spaces storage region

Switch to GA Supabase/bring docker-compose up to date with self hosted Supabase

Fix typo in SUPABASE_DB_URL in meta container

set up external authentication with Apple locally

Escape paths for sendgrid provisioning on windows

add support for custom subdomains

add X-Robots-Tag to server config to prevent web crawling

add support for packer 1.10.x

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent