Complete Guide ⚡️ Supabase Self-Hosted ➕ Custom S3 ➕ Authelia

Have you tried self-hosting yet? What are you missing?

activenode

Thank you very much for the explanation.I struggled for more than 4 hours with the minio setup, using the latest minio image reported an error "network error" on console login.After 4+ hours of struggling and debugging, I realized that the problem was in the configuration of the MINIO environment variables.Currently MINIO_SERVER_URL is deprecated and MINIO_DOMAIN is used to replace it.This modification worked, so hopefully it will be helpful to anyone who sees this video later.

MrLyonliang

Omg thanks 🙏 I became subscriber . Anyone giving full guides and not just 5 min versions of YouTube just to get views is not worth my time because I tend to loose to much time afterward not understand 70% of the full content. Thanks you and keep up the great work and give us more full guides . I just found your channel. ❤

acs

After the third thorough installation, I found out following: 1. Right after you set access list in NGINX, you can only manipulate with tables, but not with storage nor users. 2. After FULL installation by the guide, with Authelia, everything works. 3. supabase-vector doesn`t start. 4. supabase-storage & supabase-studio both are in 'unhealthy' state, 5. Error on sending invitation But, main functions works. Great job David ! Thank`s a lot !

MsAlvigo

OMG dude! I literally wanted to try hosting my own supabase on Hetzner this weekend and you upload this! Thanks for saving me from wasting a ton of time 😅

antfact

Watching this for 100th time :), pls don't delete this video. Setting up my 3rd supabase site.

fulltimefrontend

Thanks for the hard work! I just followed your tutorial verbatim over the past couple of days. I realized the hard way that I couldn't host minio/nginx/supabase on the same server, so I tore everything down and rebuilt, excluding minio and opting for remote Wasabi S3. Little bit of wasted time, but no worries

Also, I have stopped at the Basic Auth portion and have yet to configure Authelia.

Current Issues:
1. Auth: user creation not working from the Dashboard, giving me a "nameserver error". Additionally, using only Basic Auth, an endless loop is created when trying to create a new user with the Dashboard prompting me to enter Basic Auth credentials endlessly.

2. Nginx Basic Auth: this is mainly an issue with NPM itself, but when enabling a "Custom Location", it breaks that proxy (at least when dealing with the supabase dashboard proxy). The temp fix is to add the "location /" as custom code in the advanced tab and it will work as intended.|

3. Logging: you seemed to have missed this part of the setup in your tutorial. Considering port 4000 is by default exposed for the logging service, it might pose a security issue. Additionally, logs are not working at all within the Dashboard using your setup and the current supabase build.

4. S3: following your setup, I had linked up to Wasabi S3 storage (uses the same AWS S3 protocol). It only works half-way out of the box, although I am still isolating the issue to see if it's a IAM policy issue. My bucket is set to allow my S3 user to access all bucket resources and folders, except Supabase will only ADD files to Wasabi, but is unable to delete them. Additionally, manually deleting files from within Wasabi will not reflect those changes inside supabase, making it unusable for S3 storage in it's current out-of-the-box state.

Collectively, these issues means the supabase self-hosted solution using your tutorial is not development ready, let alone production ready, so I am continuing to troubleshoot these issues.

It is unfortunate that Supabase self-hosted had the potential to be the best self-hosted BaaS on the market, but falls shortly of actually being a useful product, and would be a key primer to have me sign up for their cloud solution. Although, if a company is so willing to waste this much of my time in hopes I'll sign up for their cloud service, I'll be better satisficed searching their competitors' cloud solutions.

I am new to backend development and as such setting up supabase has been a terrible experience so far (which activenode's tutorial has made me feel better about). Albeit this was a necessary process to help me understand the difference between company's providing good documentation, and those providing bad documentation. I'm confident in saying supabase seems to suffer from the latter. Being a newbie developer myself (their target demographic), I will seek to avoid supabase self-hosted (and cloud) at all costs.

SansMoon

Hehe, I was just reading their selfhosting guide last night, and wanted to do the setup on my contabo server. What a timing, this came just right. Thank you for the tutorial, and saving the time as well💓💓

optimbro

God knows how much it takes to compress those 45h of work and research into a 35 minute guide for your audience. Def, earned this like comment and subscriber =) Keep up the good work, we are very thankfull

dipereira

Some Hint for Studio + Storage:

If you use the Studio Dashboard for File Storage and copy the URL of a Storage File, it might append a "wrong" Port. This is a bug within Supabase and I already opened a Pull Request in GitHub for it.

activenode

Hear that Sigh, wonderful. You are a hero.
On the venture to host it on OCI lets see how it goes.

bantwal

WOW! You bring this up to my head. I'm finding the way to selfhost Supabase with storage. You pull it up. Subscribed.

valirmasha

Hey activenode, thanks you for sharing your hard work, it’s the best tutorial I found.

I strongly believe self hosted supabase is a good approach, mainly for EU-based project and GPDR compliance. Even if Supabase seems to work on this subject (with their DPA, TIA, Supabase Inc. entity…), not all is very clear on that.
Supabase Docker is the first approach for self hosting, K8s infra would be more suitable for scalability and maintainability but community project for k8s seems outdated.
The only way I currently found to self hosting supabase using Docker in a few click is elestio services, which is GDPR compliant too. Another big point is elestio allows you to bring your own VM with their services.
But, the dark side in elestio and in your video, is IMHO, the db should be decoupled from the middleware (studio, Kong and sub apis) for some reasons : easier to update the middleware, backup rules differentiation, security, etc. Same thing for storage layer with S3 compatible storage, as u suggest with minio. And idem for Analytics.
It would be great if we could use a dbaas for the postgresql, unfortunately no EU hosting (Scaleway, AWS, OVH) allows to use the “not-certified” pg extensions that supabase is built on. Only AWS RDS allows pg_tle for custom extensions like pgjwt, but it’s not yet sufficient.
Other point, for production env, I don’t like the idea that postgresql port was open (and don’t know if fail2ban filter for postgres is embedded in docker image). But for migration from supabase CLI (using —db-url), it would be interesting to use something like a bastion and ssh tunneling. Same idea for studio (to be available from another IP/domain).
Sorry for long post, but let me know if I can help you on something about these points to think together and with the community ;)

About your book, when is it due?

damienroch

you are a legend, absolutely brilliant thank you for the indepth step by step tutorial

bmilabs

Hi! This guide is super useful and your style is really sophisticated!
Hence i am new to Self-Hosting and thus embody all the common characteristics of a fully fledged n00b i would like to ask one question about overall security:

The internet out there is basically a very scary and dangerous place, so would it be suitable to disable access to Dashboard/Proxy-Manager/MinIO at all and only expose Auth/Storage/API?

If one would need to access Dashboard/Proxy-Manager one could use key-based SSH access (set on some high 5xxx port)?

Regarding the security of publicly available services i would prefer attacking hummingbirds with cluster bombs rather than shooting sparrows with cannons

KenzoAyyoni

I just subscribed cause of the hard work. I could feel it in your voice

olawaleyahaya

I will soon release basically this, with all infrastructure as code using Terraform and minimal instructions. Thanks so much for this tutorial. Really helpful. I am able to stand on the shoulder of giants!

deankayton

The last part at from 25:00 made this really exciting. This channel is so under-subscribed, its a hidden gem.

fulltimefrontend

Awesome explanation and tutorial thank you! I haven’t tried self-hosting yet but I suspect I’ll be moving there before too long so this will be a wonderful help!!

awlhunt

The Authelia part came really handy for OpenSearch. Thanks for the tutorial :)

PhilippBlum