⬆️ Update Supabase template to version 1.25.03 #76
Conversation
malko
commented
Apr 13, 2025
malko
commented
- Upgrade to supabase 1.25.03
- Add supavisor which wasn't part of previous template
- Fix mail are now correctly sent (was not the case in previous PR)
- Fix [Template update]: Supabase #73
built with Refined Cloudflare Pages Action⚡ Cloudflare Pages Deployment
|
|
@maelp if you want to iterate on this to add generation script for the jwt and keys it would be super cool :). I think you can even propose it to upstream supabase repository. |
|
I can add a new helper similar to the ones we have https://github.com/Dokploy/templates?tab=readme-ov-file#templatetoml-structure that is specifically to generate the jwt and keys, what I don't know is what implementation is needed to generate those jwts that supabase needs? https://github.com/Dokploy/dokploy/blob/canary/packages/server/src/templates/processors.ts#L68 |
|
@Siumauricio would be nice indeed! Perhaps have a way to configure eg ${jwt:sha-256:RSA} etc It's a standard JWT, I think there are many nodejs libs for that, here are a few from a quick Google search (haven't tested them): |
|
@Siumauricio perhaps allowing the jwt helpers to take some more parameters should do the trick. we need to pass in some json payload, the encode key and the algorythm. what do you think ? |
|
In the meantime I think we can still push this version as I've added link to the supabase documentation https://supabase.com/docs/guides/self-hosting/docker#securing-your-services inside the generated env file so people can easily find the link to generate those token directly while reviewing the file. |
|
the helper could use the iat to be Date.now() and expire_at to be defined as parameter eg ${jwt:secret_key_variable_name:expire_in_delta} like ${jwt:mysecret:1y} to expire in 1y or something |
|
@Siumauricio also if you point me in the right direction i can propose a PR for that if you want probably within a week or two. |
|
Great work @malko - any idea when this would be updated on the main Dokploy blueprints template folder? https://github.com/Dokploy/templates/tree/main/blueprints/supabase |
|
@malko Here's the code where we process the utilities https://github.com/Dokploy/dokploy/blob/canary/packages/server/src/templates/processors.ts#L68 I think you can easily extend the jwt function, also we have a couple test https://github.com/Dokploy/dokploy/blob/canary/apps/dokploy/__test__/templates/config.template.test.ts#L6 |
|
@Siumauricio will have a look at it this week-end |
|
@Siumauricio Will update this PR to match changes to jwt helpers introduces in PR Dokploy/dokploy#1749. I will also add some doc to the dolploy/templates readme to reflect the changes. |
|
latest 2 commits requires PR on dokploy to be merged, so in order for this to reach users here's what needed to be done @aizazzaheer :
This leaves me with some question about releasing a template that will require specific version of dokploy to be used. I don't know how this is handle yet or if it is handled at all.
I think supabase template is particularly awaited by users (maybe i'm wrong), so we should perhaps release it without such strong requirement as latest dokploy version. what do you think @Siumauricio |
|
Hey I have already released version 0.21.8 there should be the jwt changes, thanks for the implementation. I think it would be a good idea to add some field as you mentioned based on the minimum version of dokploy, to prevent people trying to create templates with old versions of dokploy. in this case you can simply create another template with the same name and some prefix with the version name or something like that to differentiate them. |
Something like pre0.21.8-supabase and some addition in the descritpion ? |
|
thinking about that version story, I think if the templates project could use the helpers directly, it would be able to generate version of the template with helpers already applied and so we wouldn't have to depend on dokploy versions. Another way if we don't want to have helpers in this projects would probably to handle a queryString parameter with the target version of dokploy, so we can filter templates on this in the future. |
|
Supabase is working but Storage is not loading. On console, it's saying 500 error. No issues with other apps. Supabase Storage has this issue. |
|
I'm waiting for this PR so much |
|
@useranik12 can you please provide more details, I didn't had any issues on my test env. Do you have some logs ? I personally don't uses storage so perhaps I missed something. @kimtiago you can try this by visiting https://malko-supabase-1-25-03.templates-70k.pages.dev/ and grab the base64 encoded config. Pay attention to the dokploy version you use, there's 2 different version depending your dokploy version. |
|
Where I have to put the base64 to work? |
|
@ArtuArtaza create a new docker-compose service go to the "advanced" tab and paste it in the "import" field |
|
I tested and it works fine, the only thing that is not working is the storage as @useranik12, I attach a video of the error you probably have to manually adjust the volumes of some script, or else manually enable some permissions in the dashboard. |
@Siumauricio For what I understand this is more related to how you configure RLS in supabase that the template working or not, unless i misanderstood something ? |
|
@Siumauricio I think that was a mistake from me but, for the pre0.21.8 version we should keep it randomize with |
|
you are right @malko, can you revert that? |
Done + I also made change the version required for latest template to 0.22.5 instead of 0.21.8 as APP_NAME was introduced in the 0.22.5. |
|
@Siumauricio @malko I have just deployed the newer Supabase version. Generated the ANON and SERVICE key with the JWT. But I am unable to still send API requests. I have added the the -h apikey and Authorization in header. Still not able to fetch data. |
|
Hi, we’re also having issues. We’re using the latest version of Dokploy with the new Supabase template in a clean server. Users and buckets can’t be created; it displays the same error. Thanks for your time and effort! 1 |
|
@franciscoesser please create or generate new anon and service keys from supabase self host docker docks. Under updating credentials. Paste the JWT from template and then use those keys in variables. Redeploy and you are good to ho. Also, Don't use auth in apidog or or postman. Just copy the curl links from supabase table or api documents tabs. And manually add the headers. All should work now. I tested just now and working. But, cloudflare (if using) should block in some cases, then you should also use WAF for that matter so nothing gets blocked. |
|
Hi @useranik12, I'd already generated the new anon and service keys, and it's not working. Even so, I did a fresh install, generated new keys, and nothing... the problem persists, exactly the same. Thank you!
|
|
|
Hey, @malko how can I update to the new version of supabase on dokploy? New version seems better to me. Should I just paste the compose files and vars? Or any better way? |
|
Hi @malko, it's a totally clean installation.
I tried with the default anon and service keys and generating new ones from the Supabase website, but still failing. What do you recommend? Thank you! |
|
@franciscoesser first try to set some policies in supabase. You can also send me your env file without secrets I will have a look. Also check the domain is correctly set in the env file and the domain tab settings. |
|
@useranik12 it depends... if you already have some data you should pay attention to keep your secrets and report them into your new env. Also there is a volume containing encryption key that you should not ovverride. You can either backup and restore in the new install. |
I also have the same problem, but i don't know what i'm doing wrong |
10 participants
