Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: default service-key for single tenant #420

Merged
merged 1 commit into from
Jan 16, 2024
Merged

feat: default service-key for single tenant #420

merged 1 commit into from
Jan 16, 2024

Conversation

fenos
Copy link
Contributor

@fenos fenos commented Jan 15, 2024
edited
Loading

What kind of change does this PR introduce?

Feature

What is the current behavior?

Currently, the TENANT_ID, SERVICE_KEY, REGION and ANON_KEY env variables are required to run storage in single-tenant mode

What is the new behavior?

  • the SERVICE_KEY env is now optional.
    When not provided, the service will generate one at boot time using the AUTH_JWT_SECRET

  • SERVER_REGION is now optional, and only used in metrics. (default not-specified)
    STORAGE_S3_REGION is used as the aws region (default REGION)

  • the TENANT_ID env is now optional defaulting to storage-single-tenant

  • ANON_KEY is now deprecated as the service is not currently using it

Additional context

This PR will simplify even further self-hosting for storage

Example Docker Compose to launch storage in single tenant:

# docker-compose.yml

version: '3'
services:
  storage:
    image: supabase/storage-api:latest
    ports:
      - '5000:5000'
      - '5001:5001'
    depends_on:
      - tenant_db
      - pg_bouncer
      - minio
    environment:
      # Server
      SERVER_PORT: 5000
      # Auth
      AUTH_JWT_SECRET: f023d3db-39dc-4ac9-87b2-b2be72e9162b
      AUTH_JWT_ALGORITHM: HS256
      # Single tenant Mode
      DATABASE_URL: postgres://postgres:postgres@tenant_db:5432/postgres
      DATABASE_POOL_URL: postgresql://postgres:postgres@pg_bouncer:6432/postgres
      # Migrations
      DB_INSTALL_ROLES: true # set to false if you want to manage roles yourself
      # Storage
      STORAGE_BACKEND: s3
      STORAGE_S3_BUCKET: supa-storage-bucket  # name of s3 bucket where you want to store objects
      STORAGE_S3_ENDPOINT: http://minio:9000
      STORAGE_S3_FORCE_PATH_STYLE: "true"
      STORAGE_S3_REGION: us-east-1
      AWS_ACCESS_KEY_ID: supa-storage
      AWS_SECRET_ACCESS_KEY: secret1234
      # Upload
      UPLOAD_FILE_SIZE_LIMIT: 524288000
      UPLOAD_FILE_SIZE_LIMIT_STANDARD: 52428800
      UPLOAD_SIGNED_URL_EXPIRATION_TIME: 120
      TUS_URL_PATH: /upload/resumable
      TUS_URL_EXPIRY_MS: 3600000
      # Image Tranformation
      IMAGE_TRANSFORMATION_ENABLED: "true"
      IMGPROXY_URL: http://imgproxy:8080
      IMGPROXY_REQUEST_TIMEOUT: 15

@fenos fenos force-pushed the feat/deprecate-service-and-anon-keys branch 3 times, most recently from f19c744 to 3b16152 Compare January 15, 2024 15:44
@coveralls
Copy link

coveralls commented Jan 15, 2024
edited
Loading

Pull Request Test Coverage Report for Build 7531817335

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage decreased (-0.07%) to 82.915%
Totals Coverage Status
Change from base Build 7530203780: -0.07%
Covered Lines: 7824
Relevant Lines: 9335
💛 - Coveralls

@fenos fenos force-pushed the feat/deprecate-service-and-anon-keys branch 3 times, most recently from 745b306 to a28ebba Compare January 15, 2024 16:20
@fenos fenos force-pushed the feat/deprecate-service-and-anon-keys branch from a28ebba to 1924a6e Compare January 15, 2024 16:45
inian
inian reviewed Jan 16, 2024
View reviewed changes
@fenos fenos merged commit b287d5f into master Jan 16, 2024
1 check passed
@fenos fenos deleted the feat/deprecate-service-and-anon-keys branch January 16, 2024 10:49
@github-actions GitHub Actions
Copy link

🎉 This PR is included in version 0.45.0 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@inian inian inian approved these changes

Assignees
No one assigned
Labels
released
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@fenos @coveralls @inian