mirror of
https://github.com/Dokploy/templates
synced 2025-06-26 18:16:07 +00:00
feat: migrate templates
This commit is contained in:
181
blueprints/supabase/template.yml
Normal file
181
blueprints/supabase/template.yml
Normal file
@@ -0,0 +1,181 @@
|
||||
variables:
|
||||
main_domain: ${randomDomain}
|
||||
postgres_password: ${generatePassword(32)}
|
||||
jwt_secret: ${generateBase64(32)}
|
||||
dashboard_password: ${generatePassword(32)}
|
||||
logflare_api_key: ${generatePassword(32)}
|
||||
|
||||
config:
|
||||
domains:
|
||||
- serviceName: kong
|
||||
port: 8000
|
||||
host: ${main_domain}
|
||||
|
||||
env:
|
||||
SUPABASE_HOST: ${main_domain}
|
||||
POSTGRES_PASSWORD: ${postgres_password}
|
||||
JWT_SECRET: ${jwt_secret}
|
||||
ANON_KEY: ${generateJWT({ role: "anon", iss: "supabase", iat: Math.floor(Date.now() / 1000), exp: Math.floor(Date.now() / 1000) + 100 * 365 * 24 * 60 * 60 }, jwt_secret)}
|
||||
SERVICE_ROLE_KEY: ${generateJWT({ role: "service_role", iss: "supabase", iat: Math.floor(Date.now() / 1000), exp: Math.floor(Date.now() / 1000) + 100 * 365 * 24 * 60 * 60 }, jwt_secret)}
|
||||
DASHBOARD_USERNAME: "supabase"
|
||||
DASHBOARD_PASSWORD: ${dashboard_password}
|
||||
POSTGRES_HOSTNAME: "db"
|
||||
POSTGRES_DB: "postgres"
|
||||
POSTGRES_PORT: "5432"
|
||||
KONG_HTTP_PORT: "8000"
|
||||
KONG_HTTPS_PORT: "8443"
|
||||
PGRST_DB_SCHEMAS: "public,storage,graphql_public"
|
||||
ADDITIONAL_REDIRECT_URLS: ""
|
||||
JWT_EXPIRY: "3600"
|
||||
DISABLE_SIGNUP: "false"
|
||||
MAILER_URLPATHS_CONFIRMATION: "\"/auth/v1/verify\""
|
||||
MAILER_URLPATHS_INVITE: "\"/auth/v1/verify\""
|
||||
MAILER_URLPATHS_RECOVERY: "\"/auth/v1/verify\""
|
||||
MAILER_URLPATHS_EMAIL_CHANGE: "\"/auth/v1/verify\""
|
||||
ENABLE_EMAIL_SIGNUP: "true"
|
||||
ENABLE_EMAIL_AUTOCONFIRM: "false"
|
||||
SMTP_ADMIN_EMAIL: "admin@example.com"
|
||||
SMTP_HOSTNAME: "supabase-mail"
|
||||
SMTP_PORT: "2500"
|
||||
SMTP_USER: "fake_mail_user"
|
||||
SMTP_PASS: "fake_mail_password"
|
||||
SMTP_SENDER_NAME: "fake_sender"
|
||||
ENABLE_ANONYMOUS_USERS: "false"
|
||||
ENABLE_PHONE_SIGNUP: "true"
|
||||
ENABLE_PHONE_AUTOCONFIRM: "true"
|
||||
STUDIO_DEFAULT_ORGANIZATION: "Default Organization"
|
||||
STUDIO_DEFAULT_PROJECT: "Default Project"
|
||||
STUDIO_PORT: "3000"
|
||||
IMGPROXY_ENABLE_WEBP_DETECTION: "true"
|
||||
FUNCTIONS_VERIFY_JWT: "false"
|
||||
LOGFLARE_LOGGER_BACKEND_API_KEY: ${logflare_api_key}
|
||||
LOGFLARE_API_KEY: ${logflare_api_key}
|
||||
DOCKER_SOCKET_LOCATION: "/var/run/docker.sock"
|
||||
GOOGLE_PROJECT_ID: "GOOGLE_PROJECT_ID"
|
||||
GOOGLE_PROJECT_NUMBER: "GOOGLE_PROJECT_NUMBER"
|
||||
|
||||
mounts:
|
||||
- filePath: /volumes/api/kong.yml
|
||||
content: |
|
||||
_format_version: '2.1'
|
||||
_transform: true
|
||||
|
||||
###
|
||||
### Consumers / Users
|
||||
###
|
||||
consumers:
|
||||
- username: DASHBOARD
|
||||
- username: anon
|
||||
keyauth_credentials:
|
||||
- key: $SUPABASE_ANON_KEY
|
||||
- username: service_role
|
||||
keyauth_credentials:
|
||||
- key: $SUPABASE_SERVICE_KEY
|
||||
|
||||
###
|
||||
### Access Control List
|
||||
###
|
||||
acls:
|
||||
- consumer: anon
|
||||
group: anon
|
||||
- consumer: service_role
|
||||
group: admin
|
||||
|
||||
###
|
||||
### Dashboard credentials
|
||||
###
|
||||
basicauth_credentials:
|
||||
- consumer: DASHBOARD
|
||||
username: $DASHBOARD_USERNAME
|
||||
password: $DASHBOARD_PASSWORD
|
||||
|
||||
###
|
||||
### API Routes
|
||||
###
|
||||
services:
|
||||
## Open Auth routes
|
||||
- name: auth-v1-open
|
||||
url: http://auth:9999/verify
|
||||
routes:
|
||||
- name: auth-v1-open
|
||||
strip_path: true
|
||||
paths:
|
||||
- /auth/v1/verify
|
||||
plugins:
|
||||
- name: cors
|
||||
- name: auth-v1-open-callback
|
||||
url: http://auth:9999/callback
|
||||
routes:
|
||||
- name: auth-v1-open-callback
|
||||
strip_path: true
|
||||
paths:
|
||||
- /auth/v1/callback
|
||||
plugins:
|
||||
- name: cors
|
||||
- name: auth-v1-open-authorize
|
||||
url: http://auth:9999/authorize
|
||||
routes:
|
||||
- name: auth-v1-open-authorize
|
||||
strip_path: true
|
||||
paths:
|
||||
- /auth/v1/authorize
|
||||
plugins:
|
||||
- name: cors
|
||||
|
||||
## Secure Auth routes
|
||||
- name: auth-v1
|
||||
_comment: 'GoTrue: /auth/v1/* -> http://auth:9999/*'
|
||||
url: http://auth:9999/
|
||||
routes:
|
||||
- name: auth-v1-all
|
||||
strip_path: true
|
||||
paths:
|
||||
- /auth/v1/
|
||||
plugins:
|
||||
- name: cors
|
||||
- name: key-auth
|
||||
config:
|
||||
hide_credentials: false
|
||||
- name: acl
|
||||
config:
|
||||
hide_groups_header: true
|
||||
allow:
|
||||
- admin
|
||||
- anon
|
||||
|
||||
## Secure REST routes
|
||||
- name: rest-v1
|
||||
_comment: 'PostgREST: /rest/v1/* -> http://rest:3000/*'
|
||||
url: http://rest:3000/
|
||||
routes:
|
||||
- name: rest-v1-all
|
||||
strip_path: true
|
||||
paths:
|
||||
- /rest/v1/
|
||||
plugins:
|
||||
- name: cors
|
||||
- name: key-auth
|
||||
config:
|
||||
hide_credentials: true
|
||||
- name: acl
|
||||
config:
|
||||
hide_groups_header: true
|
||||
allow:
|
||||
- admin
|
||||
- anon
|
||||
|
||||
## Secure GraphQL routes
|
||||
- name: graphql-v1
|
||||
_comment: 'PostgREST: /graphql/v1/* -> http://rest:3000/rpc/graphql'
|
||||
url: http://rest:3000/rpc/graphql
|
||||
routes:
|
||||
- name: graphql-v1-all
|
||||
strip_path: true
|
||||
paths:
|
||||
- /graphql/v1
|
||||
plugins:
|
||||
- name: cors
|
||||
- name: key-auth
|
||||
config:
|
||||
hide_credentials: true
|
||||
- name: request-transformer
|
||||
Reference in New Issue
Block a user