diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..029000e --- /dev/null +++ b/.dockerignore @@ -0,0 +1,81 @@ +# Dependencies +node_modules +bun.lockb + +# Build outputs +dist +build +.next + +# Environment files +.env +.env.local +.env.*.local + +# Logs +logs +*.log +npm-debug.log* +yarn-debug.log* +yarn-error.log* +bun-debug.log* + +# Runtime data +pids +*.pid +*.seed +*.pid.lock + +# Coverage directory used by tools like istanbul +coverage +*.lcov + +# IDE files +.vscode +.idea +*.swp +*.swo + +# OS generated files +.DS_Store +.DS_Store? +._* +.Spotlight-V100 +.Trashes +ehthumbs.db +Thumbs.db + +# Git +.git +.gitignore + +# Docker +Dockerfile* +docker-compose* +.dockerignore + +# Documentation and README +README.md +*.md +docs + +# Test files +tests +__tests__ +*.test.ts +*.test.js +*.spec.ts +*.spec.js + +# Development tools +.eslintrc* +.prettierrc* +jest.config* +tsconfig*.json + +# Prisma migrations (if you don't want them in container) +# prisma/migrations + +# Temporary files +tmp +temp \ No newline at end of file diff --git a/DOCKER.md b/DOCKER.md new file mode 100644 index 0000000..4b6106a --- /dev/null +++ b/DOCKER.md @@ -0,0 +1,153 @@ +# Docker Setup for COC API + +This guide explains how to containerize and run the COC API using Docker. + +## Prerequisites + +- Docker and Docker Compose installed +- `.env` file with required environment variables + +## Environment Variables + +Create a `.env` file in the project root with the following variables: + +```env +DATABASE_URL=your_supabase_database_url +DIRECT_URL=your_supabase_direct_url +SUPABASE_URL=your_supabase_project_url +SUPABASE_SERVICE_ROLE_KEY=your_supabase_service_role_key +NODE_ENV=production +PORT=3000 +ALLOWED_ORIGINS=https://yourdomain.com +``` + +## Quick Start + +### Automated Development Setup (Recommended) + +For the easiest development experience, use the automation scripts: + +```bash +# Start Supabase + extract env vars + start Docker dev container +./scripts/start-dev.sh + +# View logs +./scripts/logs.sh + +# Stop everything +./scripts/stop-dev.sh +``` + +See `scripts/README.md` for detailed documentation. + +### Manual Development Setup + +```bash +# Build and run development container +docker compose up -d coc-api-dev +``` + +## Build Targets + +The Dockerfile includes multiple stages: + +- **`base`**: Alpine Node + Bun installation +- **`deps`**: Dependencies and Prisma client generation +- **`development`**: Development setup with source mounting +- **`production`**: Optimized production build + +### Building Specific Targets + +```bash +# Development build +docker build --target development -t coc-api:dev . + +# Production build (default) +docker build --target production -t coc-api:prod . +``` + + +## Health Check + +The container includes a health check endpoint: + +```bash +# Check container health +curl http://localhost:3000/api/v1/health + +# Response +{ + "status": "OK", + "message": "COC API is running", + "timestamp": "2024-01-01T00:00:00.000Z", + "uptime": 3600 +} +``` + +## Docker Compose Commands + +```bash +# Start production services +docker compose up -d + +# Start development services +docker compose --profile dev up -d + +# View logs +docker compose logs -f coc-api + +# Stop services +docker compose down + +# Rebuild services +docker compose up -d --build +``` + +## Optimization Features + +- **Multi-stage builds** for smaller production images +- **Layer caching** for faster rebuilds +- **Non-root user** for security +- **Alpine Linux** for minimal image size +- **Bun** for fast JavaScript runtime +- **Health checks** for container monitoring + +## Troubleshooting + +### Container won't start + +1. Check environment variables are set correctly +2. Verify Supabase connection details +3. Check logs: `docker-compose logs coc-api` + +### Prisma issues + +1. Ensure DATABASE_URL is accessible from container +2. Run `docker-compose exec coc-api bunx prisma generate` +3. Check if migrations need to be applied + +### Port conflicts + +1. Change port mapping in docker-compose.yml +2. Or use different ports: `docker run -p 8080:3000 coc-api` + +## Production Deployment + +For production deployment: + +1. Use production target: `--target production` +2. Set `NODE_ENV=production` +3. Use proper secrets management +4. Configure reverse proxy (nginx/traefik) +5. Set up monitoring and logging +6. Use Docker Swarm or Kubernetes for orchestration + +## File Structure + +``` +. +├── Dockerfile # Multi-stage Dockerfile +├── docker-compose.yml # Compose configuration +├── .dockerignore # Build context exclusions +└── DOCKER.md # This documentation +``` \ No newline at end of file diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..1d3f32a --- /dev/null +++ b/Dockerfile @@ -0,0 +1,115 @@ +# Multi-stage build for production optimization +FROM node:18-alpine AS base + +# Install system dependencies +RUN apk add --no-cache curl bash unzip + +# Install Bun with explicit verification +RUN curl -fsSL https://bun.sh/install | bash && \ + echo "Checking Bun installation..." && \ + ls -la /root/.bun/ || echo "No .bun directory found" && \ + find /root -name "bun" -type f 2>/dev/null || echo "No bun binary found" + +# Set PATH for Bun +ENV PATH="/root/.bun/bin:$PATH" + +# Verify Bun installation and create bunx symlink if needed +RUN if [ -f /root/.bun/bin/bun ]; then \ + /root/.bun/bin/bun --version && \ + if [ ! -f /root/.bun/bin/bunx ]; then \ + ln -s /root/.bun/bin/bun /root/.bun/bin/bunx; \ + fi; \ + else \ + echo "ERROR: Bun not installed properly" && exit 1; \ + fi + +# Set working directory +WORKDIR /app + +# ================================ +# Dependencies stage - for caching +# ================================ +FROM base AS deps + +# Copy package files for dependency installation +COPY package.json bun.lock* ./ +COPY prisma ./prisma + +# Install dependencies with Bun +RUN bun install --frozen-lockfile + +# Generate Prisma client with correct binary targets +RUN bunx prisma generate + +# ================================ +# Development stage +# ================================ +FROM base AS development + +# Copy node_modules from deps stage +COPY --from=deps /app/node_modules ./node_modules +COPY --from=deps /app/src/generated ./src/generated + +# Copy source code +COPY . . + +# Expose port +EXPOSE 3000 + +# Development command (skip migrations for now) +CMD ["bun", "src/server.ts"] + +# ================================ +# Production build stage +# ================================ +FROM base AS builder + +# Copy node_modules and generated files from deps stage +COPY --from=deps /app/node_modules ./node_modules +COPY --from=deps /app/src/generated ./src/generated + +# Copy source code +COPY . . + +# Build the application (if needed - Bun can run TS directly) +# RUN bun build src/server.ts --outdir=dist --target=node + +# ================================ +# Production stage +# ================================ +FROM base AS production + +# Create non-root user for security +RUN addgroup -g 1001 -S nodejs && \ + adduser -S bunjs -u 1001 + +# Copy Bun installation to accessible location +RUN cp -r /root/.bun /usr/local/bun && \ + chown -R bunjs:nodejs /usr/local/bun + +# Copy only production dependencies and generated files +COPY --from=deps --chown=bunjs:nodejs /app/node_modules ./node_modules +COPY --from=deps --chown=bunjs:nodejs /app/src/generated ./src/generated + +# Copy source code and config files +COPY --chown=bunjs:nodejs src ./src +COPY --chown=bunjs:nodejs package.json ./ +COPY --chown=bunjs:nodejs prisma ./prisma + +# Switch to non-root user +USER bunjs + +# Set environment variables for bunjs user +ENV NODE_ENV=production +ENV PORT=3000 +ENV PATH="/usr/local/bun/bin:$PATH" + +# Expose port +EXPOSE 3000 + +# Health check +HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \ + CMD curl -f http://localhost:3000/health || exit 1 + +# Production command with migrations +CMD ["sh", "-c", "bun src/server.ts"] \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..59858fa --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,72 @@ +services: + # API Service + coc-api: + build: + context: . + dockerfile: Dockerfile + target: production # Use 'development' for dev mode + ports: + - "3000:3000" + environment: + - NODE_ENV=production + - PORT=3000 + - DATABASE_URL=${DATABASE_URL} + - DIRECT_URL=${DIRECT_URL} + - SUPABASE_URL=${SUPABASE_URL} + - SUPABASE_SERVICE_ROLE_KEY=${SUPABASE_SERVICE_ROLE_KEY} + - ALLOWED_ORIGINS=${ALLOWED_ORIGINS} + restart: unless-stopped + networks: + - coc-network + + # Development service (optional) + coc-api-dev: + build: + context: . + dockerfile: Dockerfile + target: development + ports: + - "3001:3000" + environment: + - NODE_ENV=development + - PORT=3000 + - DATABASE_URL=${DATABASE_URL} + - DIRECT_URL=${DIRECT_URL} + - SUPABASE_URL=http://127.0.0.1:54321 + - SUPABASE_SERVICE_ROLE_KEY=${SUPABASE_SERVICE_ROLE_KEY} + - ALLOWED_ORIGINS=* + volumes: + - ./src:/app/src:ro # Mount source for live reload + - ./prisma:/app/prisma:ro + restart: unless-stopped + profiles: + - dev + networks: + - coc-network + - supabase_network_COC-API + +networks: + coc-network: + driver: bridge + supabase_network_COC-API: + external: true + +# For local development with database (if needed) +# Uncomment if you want to run a local PostgreSQL instead of Supabase +# +# services: +# postgres: +# image: postgres:15-alpine +# environment: +# POSTGRES_DB: coc_db +# POSTGRES_USER: postgres +# POSTGRES_PASSWORD: password +# ports: +# - "5432:5432" +# volumes: +# - postgres_data:/var/lib/postgresql/data +# networks: +# - coc-network +# +# volumes: +# postgres_data: \ No newline at end of file diff --git a/prisma/schema.prisma b/prisma/schema.prisma index 31e93fa..03d50b7 100644 --- a/prisma/schema.prisma +++ b/prisma/schema.prisma @@ -2,8 +2,9 @@ // learn more about it in the docs: https://pris.ly/d/prisma-schema generator client { - provider = "prisma-client-js" - output = "../src/generated/prisma" + provider = "prisma-client-js" + output = "../src/generated/prisma" + binaryTargets = ["native", "linux-musl-openssl-3.0.x"] } datasource db { diff --git a/scripts/README.md b/scripts/README.md new file mode 100644 index 0000000..6aa9514 --- /dev/null +++ b/scripts/README.md @@ -0,0 +1,148 @@ +# Development Scripts + +This directory contains automation scripts for the COC API development environment. + +## Prerequisites + +Before using these scripts, ensure you have: + +- [Supabase CLI](https://supabase.com/docs/guides/cli/getting-started) installed +- [Docker](https://docs.docker.com/get-docker/) and Docker Compose installed +- Node.js and npm/bun installed + +## Available Scripts + +### 🚀 `start-dev.sh` + +**Main development environment startup script** + +This script automates the complete development environment setup: + +1. Starts Supabase local development instance +2. Extracts environment variables from `supabase status` +3. Creates `.env.local` file with the required variables: + - `DATABASE_URL` (Postgres URL) + - `DIRECT_URL` (Same as DATABASE_URL) + - `SUPABASE_URL` (API URL) + - `SUPABASE_SERVICE_ROLE_KEY` +4. Starts the Docker development container + +```bash +./scripts/start-dev.sh +``` + +### 🛑 `stop-dev.sh` + +**Development environment shutdown script** + +Stops all development services: + +1. Stops Docker containers +2. Stops Supabase local instance + +```bash +./scripts/stop-dev.sh +``` + +### 🔄 `restart-dev.sh` + +**Development environment restart script** + +Restarts the entire development environment by running stop and start scripts in sequence. + +```bash +./scripts/restart-dev.sh +``` + +### 📋 `logs.sh` + +**View development container logs** + +Shows real-time logs from the COC API development container. + +```bash +./scripts/logs.sh +``` + +## Quick Start + +1. **First time setup:** + ```bash + ./scripts/start-dev.sh + ``` + +2. **View your running services:** + - COC API: http://localhost:3000 + - Supabase Studio: http://localhost:54323 (usually) + +3. **View logs:** + ```bash + ./scripts/logs.sh + ``` + +4. **Stop everything:** + ```bash + ./scripts/stop-dev.sh + ``` + +## Environment Variables + +The `start-dev.sh` script automatically creates a `.env.local` file with: + +```env +DATABASE_URL=postgresql://postgres:postgres@localhost:54322/postgres +DIRECT_URL=postgresql://postgres:postgres@localhost:54322/postgres +SUPABASE_URL=http://localhost:54321 +SUPABASE_SERVICE_ROLE_KEY=your_service_role_key + +NODE_ENV=development +PORT=3000 +ALLOWED_ORIGINS=http://localhost:3000,http://localhost:3001 +``` + +## Troubleshooting + +### Supabase CLI not found +```bash +npm install -g supabase +``` + +### Docker not found +Install Docker from: https://docs.docker.com/get-docker/ + +### Port conflicts +If you encounter port conflicts, stop other services or modify the ports in: +- `supabase/config.toml` (for Supabase ports) +- `docker-compose.yml` (for API port) + +### Container won't start +1. Check logs: `./scripts/logs.sh` +2. Verify environment variables in `.env.local` +3. Ensure Supabase is running: `supabase status` + +### Database connection issues +1. Verify DATABASE_URL in `.env.local` +2. Check if Supabase is running: `supabase status` +3. Restart the environment: `./scripts/restart-dev.sh` + +## Manual Commands + +If you prefer to run commands manually: + +```bash +# Start Supabase +supabase start + +# Check status +supabase status + +# Start Docker development container +docker compose up -d coc-api-dev + +# View Docker logs +docker compose logs -f coc-api-dev + +# Stop everything +docker compose down +supabase stop +``` \ No newline at end of file diff --git a/scripts/logs.sh b/scripts/logs.sh new file mode 100755 index 0000000..ad878b3 --- /dev/null +++ b/scripts/logs.sh @@ -0,0 +1,17 @@ +#!/bin/bash + +# COC API Development Logs Script +# This script shows logs from the Docker development container + +echo "📋 Viewing COC API Development Container Logs..." +echo "Press Ctrl+C to exit" +echo "" + +# Check if container is running +if docker compose ps coc-api-dev | grep -q "Up"; then + docker compose logs -f coc-api-dev +else + echo "❌ COC API development container is not running" + echo "Start it with: ./scripts/start-dev.sh" + exit 1 +fi \ No newline at end of file diff --git a/scripts/restart-dev.sh b/scripts/restart-dev.sh new file mode 100755 index 0000000..69751f6 --- /dev/null +++ b/scripts/restart-dev.sh @@ -0,0 +1,27 @@ +#!/bin/bash + +# COC API Development Environment Restart Script +# This script restarts the entire development environment + +set -e # Exit on any error + +echo "🔄 Restarting COC API Development Environment..." + +# Function to print colored output +print_status() { + echo -e "\n\033[1;32m$1\033[0m" +} + +# Get the directory where this script is located +SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" + +# Stop the development environment +print_status "🛑 Stopping development environment..." +bash "$SCRIPT_DIR/stop-dev.sh" + +# Wait a moment before restarting +sleep 2 + +# Start the development environment +print_status "🚀 Starting development environment..." +bash "$SCRIPT_DIR/start-dev.sh" \ No newline at end of file diff --git a/scripts/start-dev.sh b/scripts/start-dev.sh new file mode 100755 index 0000000..1ec60a8 --- /dev/null +++ b/scripts/start-dev.sh @@ -0,0 +1,119 @@ +#!/bin/bash + +# COC API Development Setup Script +# This script starts Supabase, extracts environment variables, and starts the Docker development container + +set -e # Exit on any error + +echo "🚀 Starting COC API Development Environment Setup..." + +# Function to print colored output +print_status() { + echo -e "\n\033[1;32m$1\033[0m" +} + +print_error() { + echo -e "\n\033[1;31m$1\033[0m" +} + +print_warning() { + echo -e "\n\033[1;33m$1\033[0m" +} + +# Check if supabase CLI is installed +if ! command -v supabase &> /dev/null; then + print_error "❌ Supabase CLI is not installed. Please install it first:" + echo "npm install -g supabase" + echo "or visit: https://supabase.com/docs/guides/cli/getting-started" + exit 1 +fi + +# Check if docker compose is available +if ! command -v docker &> /dev/null; then + print_error "❌ Docker is not installed. Please install Docker first." + exit 1 +fi + +# Start Supabase +print_status "🔧 Starting Supabase local development..." +supabase start + +# Wait a moment for services to fully start +sleep 2 + +# Get Supabase status and extract environment variables +print_status "📋 Getting Supabase status and extracting environment variables..." +status_output=$(supabase status) + +echo "Supabase Status Output:" +echo "$status_output" +echo "" + +# Extract URLs and keys from status output +postgres_url=$(echo "$status_output" | grep "DB URL" | awk '{print $3}') +api_url=$(echo "$status_output" | grep "API URL" | awk '{print $3}') +service_role_key=$(echo "$status_output" | grep "service_role key" | awk '{print $3}') + +# Validate extracted values +if [ -z "$postgres_url" ] || [ -z "$api_url" ] || [ -z "$service_role_key" ]; then + print_error "❌ Failed to extract required environment variables from Supabase status." + print_warning "Please check the Supabase status output above and manually create .env.local file." + echo "Expected format:" + echo "DATABASE_URL=your_postgres_url" + echo "DIRECT_URL=your_postgres_url" + echo "SUPABASE_URL=your_api_url" + echo "SUPABASE_SERVICE_ROLE_KEY=your_service_role_key" + exit 1 +fi + +# Create .env.local file +print_status "📝 Creating .env.local file..." +cat > .env.local << EOF +# Supabase Local Development Environment Variables +# Generated automatically by scripts/start-dev.sh + +DATABASE_URL=$postgres_url +DIRECT_URL=$postgres_url +SUPABASE_URL=$api_url +SUPABASE_SERVICE_ROLE_KEY=$service_role_key + +# Additional environment variables +NODE_ENV=development +PORT=3000 +ALLOWED_ORIGINS=http://localhost:3000,http://localhost:3001 +EOF + +print_status "✅ Environment variables written to .env.local:" +echo "DATABASE_URL=$postgres_url" +echo "DIRECT_URL=$postgres_url" +echo "SUPABASE_URL=$api_url" +echo "SUPABASE_SERVICE_ROLE_KEY=$service_role_key" + +# Start Docker development container +print_status "🐳 Building Docker image for coc-api-dev..." +docker compose build coc-api-dev +print_status "🐳 Starting Docker development container..." +docker compose up -d coc-api-dev + +# Wait for container to start +sleep 3 + +# Check if container is running +if docker compose ps coc-api-dev | grep -q "Up"; then + print_status "🎉 Development environment is ready!" + echo "" + echo "📝 Summary:" + echo " • Supabase local instance: $api_url" + echo " • COC API development server: http://localhost:3000" + echo " • Environment variables: .env.local" + echo "" + echo "🔧 Useful commands:" + echo " • View logs: docker compose logs -f coc-api-dev" + echo " • Stop services: docker compose down" + echo " • Stop Supabase: supabase stop" + echo " • Restart script: ./scripts/start-dev.sh" +else + print_error "❌ Failed to start Docker container. Check the logs:" + docker compose logs coc-api-dev + exit 1 +fi \ No newline at end of file diff --git a/scripts/stop-dev.sh b/scripts/stop-dev.sh new file mode 100755 index 0000000..89dcda7 --- /dev/null +++ b/scripts/stop-dev.sh @@ -0,0 +1,39 @@ +#!/bin/bash + +# COC API Development Environment Stop Script +# This script stops the Docker development container and Supabase local instance + +set -e # Exit on any error + +echo "🛑 Stopping COC API Development Environment..." + +# Function to print colored output +print_status() { + echo -e "\n\033[1;32m$1\033[0m" +} + +print_error() { + echo -e "\n\033[1;31m$1\033[0m" +} + +# Stop Docker containers +print_status "🐳 Stopping Docker containers..." +if docker compose ps --services --filter "status=running" | grep -q "^coc-api-dev$"; then + docker compose down + echo "✅ Docker containers stopped" +else + echo "ℹ️ Docker containers were not running" +fi + +# Stop Supabase +print_status "🔧 Stopping Supabase local instance..." +if command -v supabase &> /dev/null; then + supabase stop + echo "✅ Supabase stopped" +else + print_error "❌ Supabase CLI not found" +fi + +print_status "🎉 Development environment stopped successfully!" +echo "" +echo "🔧 To start again, run: ./scripts/start-dev.sh" \ No newline at end of file diff --git a/src/routes/index.ts b/src/routes/index.ts index 1ccf299..79d32c5 100644 --- a/src/routes/index.ts +++ b/src/routes/index.ts @@ -11,6 +11,16 @@ import membersRouter from './members' export default function routes(upload: Multer, supabase: SupabaseClient) { const router = Router(); + + router.get('/health', (req, res) => { + res.status(200).json({ + status: 'OK', + message: 'COC API is running', + timestamp: new Date().toISOString(), + uptime: process.uptime() + }); + }); + router.use('/members', membersRouter(upload, supabase)) router.use('/projects', projectsRouter(upload, supabase)) diff --git a/supabase/.gitignore b/supabase/.gitignore new file mode 100644 index 0000000..ad9264f --- /dev/null +++ b/supabase/.gitignore @@ -0,0 +1,8 @@ +# Supabase +.branches +.temp + +# dotenvx +.env.keys +.env.local +.env.*.local diff --git a/supabase/config.toml b/supabase/config.toml new file mode 100644 index 0000000..dc894b6 --- /dev/null +++ b/supabase/config.toml @@ -0,0 +1,308 @@ +# For detailed configuration reference documentation, visit: +# https://supabase.com/docs/guides/local-development/cli/config +# A string used to distinguish different Supabase projects on the same host. Defaults to the +# working directory name when running `supabase init`. +project_id = "COC-API" + +[api] +enabled = true +# Port to use for the API URL. +port = 54321 +# Schemas to expose in your API. Tables, views and stored procedures in this schema will get API +# endpoints. `public` and `graphql_public` schemas are included by default. +schemas = ["public", "graphql_public"] +# Extra schemas to add to the search_path of every request. +extra_search_path = ["public", "extensions"] +# The maximum number of rows returns from a view, table, or stored procedure. Limits payload size +# for accidental or malicious requests. +max_rows = 1000 + +[api.tls] +# Enable HTTPS endpoints locally using a self-signed certificate. +enabled = false + +[db] +# Port to use for the local database URL. +port = 54322 +# Port used by db diff command to initialize the shadow database. +shadow_port = 54320 +# The database major version to use. This has to be the same as your remote database's. Run `SHOW +# server_version;` on the remote database to check. +major_version = 15 + +[db.pooler] +enabled = false +# Port to use for the local connection pooler. +port = 54329 +# Specifies when a server connection can be reused by other clients. +# Configure one of the supported pooler modes: `transaction`, `session`. +pool_mode = "transaction" +# How many server connections to allow per user/database pair. +default_pool_size = 20 +# Maximum number of client connections allowed. +max_client_conn = 100 + +# [db.vault] +# secret_key = "env(SECRET_VALUE)" + +[db.migrations] +# Specifies an ordered list of schema files that describe your database. +# Supports glob patterns relative to supabase directory: "./schemas/*.sql" +schema_paths = [] + +[db.seed] +# If enabled, seeds the database after migrations during a db reset. +enabled = true +# Specifies an ordered list of seed files to load during db reset. +# Supports glob patterns relative to supabase directory: "./seeds/*.sql" +sql_paths = ["./seed.sql"] + +[realtime] +enabled = false +# Bind realtime via either IPv4 or IPv6. (default: IPv4) +# ip_version = "IPv6" +# The maximum length in bytes of HTTP request headers. (default: 4096) +# max_header_length = 4096 + +[studio] +enabled = false +# Port to use for Supabase Studio. +port = 54323 +# External URL of the API server that frontend connects to. +api_url = "http://127.0.0.1" +# OpenAI API Key to use for Supabase AI in the Supabase Studio. +openai_api_key = "env(OPENAI_API_KEY)" + +# Email testing server. Emails sent with the local dev setup are not actually sent - rather, they +# are monitored, and you can view the emails that would have been sent from the web interface. +[inbucket] +enabled = false +# Port to use for the email testing server web interface. +port = 54324 +# Uncomment to expose additional ports for testing user applications that send emails. +# smtp_port = 54325 +# pop3_port = 54326 +# admin_email = "admin@email.com" +# sender_name = "Admin" + +[storage] +enabled = true +# The maximum file size allowed (e.g. "5MB", "500KB"). +file_size_limit = "50MiB" + +# Image transformation API is available to Supabase Pro plan. +# [storage.image_transformation] +# enabled = true + +# Uncomment to configure local storage buckets +# [storage.buckets.images] +# public = false +# file_size_limit = "50MiB" +# allowed_mime_types = ["image/png", "image/jpeg"] +# objects_path = "./images" + +[auth] +enabled = true +# The base URL of your website. Used as an allow-list for redirects and for constructing URLs used +# in emails. +site_url = "http://127.0.0.1:3000" +# A list of *exact* URLs that auth providers are permitted to redirect to post authentication. +additional_redirect_urls = ["https://127.0.0.1:3000"] +# How long tokens are valid for, in seconds. Defaults to 3600 (1 hour), maximum 604,800 (1 week). +jwt_expiry = 3600 +# If disabled, the refresh token will never expire. +enable_refresh_token_rotation = true +# Allows refresh tokens to be reused after expiry, up to the specified interval in seconds. +# Requires enable_refresh_token_rotation = true. +refresh_token_reuse_interval = 10 +# Allow/disallow new user signups to your project. +enable_signup = true +# Allow/disallow anonymous sign-ins to your project. +enable_anonymous_sign_ins = false +# Allow/disallow testing manual linking of accounts +enable_manual_linking = false +# Passwords shorter than this value will be rejected as weak. Minimum 6, recommended 8 or more. +minimum_password_length = 6 +# Passwords that do not meet the following requirements will be rejected as weak. Supported values +# are: `letters_digits`, `lower_upper_letters_digits`, `lower_upper_letters_digits_symbols` +password_requirements = "" + +[auth.rate_limit] +# Number of emails that can be sent per hour. Requires auth.email.smtp to be enabled. +email_sent = 2 +# Number of SMS messages that can be sent per hour. Requires auth.sms to be enabled. +sms_sent = 30 +# Number of anonymous sign-ins that can be made per hour per IP address. Requires enable_anonymous_sign_ins = true. +anonymous_users = 30 +# Number of sessions that can be refreshed in a 5 minute interval per IP address. +token_refresh = 150 +# Number of sign up and sign-in requests that can be made in a 5 minute interval per IP address (excludes anonymous users). +sign_in_sign_ups = 30 +# Number of OTP / Magic link verifications that can be made in a 5 minute interval per IP address. +token_verifications = 30 + +# Configure one of the supported captcha providers: `hcaptcha`, `turnstile`. +# [auth.captcha] +# enabled = true +# provider = "hcaptcha" +# secret = "" + +[auth.email] +# Allow/disallow new user signups via email to your project. +enable_signup = true +# If enabled, a user will be required to confirm any email change on both the old, and new email +# addresses. If disabled, only the new email is required to confirm. +double_confirm_changes = true +# If enabled, users need to confirm their email address before signing in. +enable_confirmations = false +# If enabled, users will need to reauthenticate or have logged in recently to change their password. +secure_password_change = false +# Controls the minimum amount of time that must pass before sending another signup confirmation or password reset email. +max_frequency = "1s" +# Number of characters used in the email OTP. +otp_length = 6 +# Number of seconds before the email OTP expires (defaults to 1 hour). +otp_expiry = 3600 + +# Use a production-ready SMTP server +# [auth.email.smtp] +# enabled = true +# host = "smtp.sendgrid.net" +# port = 587 +# user = "apikey" +# pass = "env(SENDGRID_API_KEY)" +# admin_email = "admin@email.com" +# sender_name = "Admin" + +# Uncomment to customize email template +# [auth.email.template.invite] +# subject = "You have been invited" +# content_path = "./supabase/templates/invite.html" + +[auth.sms] +# Allow/disallow new user signups via SMS to your project. +enable_signup = false +# If enabled, users need to confirm their phone number before signing in. +enable_confirmations = false +# Template for sending OTP to users +template = "Your code is {{ .Code }}" +# Controls the minimum amount of time that must pass before sending another sms otp. +max_frequency = "5s" + +# Use pre-defined map of phone number to OTP for testing. +# [auth.sms.test_otp] +# 4152127777 = "123456" + +# Configure logged in session timeouts. +# [auth.sessions] +# Force log out after the specified duration. +# timebox = "24h" +# Force log out if the user has been inactive longer than the specified duration. +# inactivity_timeout = "8h" + +# This hook runs before a token is issued and allows you to add additional claims based on the authentication method used. +# [auth.hook.custom_access_token] +# enabled = true +# uri = "pg-functions:////" + +# Configure one of the supported SMS providers: `twilio`, `twilio_verify`, `messagebird`, `textlocal`, `vonage`. +[auth.sms.twilio] +enabled = false +account_sid = "" +message_service_sid = "" +# DO NOT commit your Twilio auth token to git. Use environment variable substitution instead: +auth_token = "env(SUPABASE_AUTH_SMS_TWILIO_AUTH_TOKEN)" + +# Multi-factor-authentication is available to Supabase Pro plan. +[auth.mfa] +# Control how many MFA factors can be enrolled at once per user. +max_enrolled_factors = 10 + +# Control MFA via App Authenticator (TOTP) +[auth.mfa.totp] +enroll_enabled = false +verify_enabled = false + +# Configure MFA via Phone Messaging +[auth.mfa.phone] +enroll_enabled = false +verify_enabled = false +otp_length = 6 +template = "Your code is {{ .Code }}" +max_frequency = "5s" + +# Configure MFA via WebAuthn +# [auth.mfa.web_authn] +# enroll_enabled = true +# verify_enabled = true + +# Use an external OAuth provider. The full list of providers are: `apple`, `azure`, `bitbucket`, +# `discord`, `facebook`, `github`, `gitlab`, `google`, `keycloak`, `linkedin_oidc`, `notion`, `twitch`, +# `twitter`, `slack`, `spotify`, `workos`, `zoom`. +[auth.external.apple] +enabled = false +client_id = "" +# DO NOT commit your OAuth provider secret to git. Use environment variable substitution instead: +secret = "env(SUPABASE_AUTH_EXTERNAL_APPLE_SECRET)" +# Overrides the default auth redirectUrl. +redirect_uri = "" +# Overrides the default auth provider URL. Used to support self-hosted gitlab, single-tenant Azure, +# or any other third-party OIDC providers. +url = "" +# If enabled, the nonce check will be skipped. Required for local sign in with Google auth. +skip_nonce_check = false + +# Use Firebase Auth as a third-party provider alongside Supabase Auth. +[auth.third_party.firebase] +enabled = false +# project_id = "my-firebase-project" + +# Use Auth0 as a third-party provider alongside Supabase Auth. +[auth.third_party.auth0] +enabled = false +# tenant = "my-auth0-tenant" +# tenant_region = "us" + +# Use AWS Cognito (Amplify) as a third-party provider alongside Supabase Auth. +[auth.third_party.aws_cognito] +enabled = false +# user_pool_id = "my-user-pool-id" +# user_pool_region = "us-east-1" + +# Use Clerk as a third-party provider alongside Supabase Auth. +[auth.third_party.clerk] +enabled = false +# Obtain from https://clerk.com/setup/supabase +# domain = "example.clerk.accounts.dev" + +[edge_runtime] +enabled = false +# Configure one of the supported request policies: `oneshot`, `per_worker`. +# Use `oneshot` for hot reload, or `per_worker` for load testing. +policy = "oneshot" +# Port to attach the Chrome inspector for debugging edge functions. +inspector_port = 8083 +# The Deno major version to use. +deno_version = 1 + +# [edge_runtime.secrets] +# secret_key = "env(SECRET_VALUE)" + +[analytics] +enabled = false +port = 54327 +# Configure one of the supported backends: `postgres`, `bigquery`. +backend = "postgres" + +# Experimental features may be deprecated any time +[experimental] +# Configures Postgres storage engine to use OrioleDB (S3) +orioledb_version = "" +# Configures S3 bucket URL, eg. .s3-.amazonaws.com +s3_host = "env(S3_HOST)" +# Configures S3 bucket region, eg. us-east-1 +s3_region = "env(S3_REGION)" +# Configures AWS_ACCESS_KEY_ID for S3 bucket +s3_access_key = "env(S3_ACCESS_KEY)" +# Configures AWS_SECRET_ACCESS_KEY for S3 bucket +s3_secret_key = "env(S3_SECRET_KEY)"