96 lines
2.7 KiB
Bash
96 lines
2.7 KiB
Bash
set -euo pipefail
|
|
umask 077
|
|
mkdir -p /run/supabase
|
|
|
|
set -a
|
|
source "$1"
|
|
set +a
|
|
|
|
# URL-encode password for use in connection strings
|
|
PG_PASS_ENCODED=$(printf '%s' "$POSTGRES_PASSWORD" | jq -sRr @uri)
|
|
|
|
cat > /run/supabase/db.env <<EOF
|
|
POSTGRES_PASSWORD=$POSTGRES_PASSWORD
|
|
PGPASSWORD=$POSTGRES_PASSWORD
|
|
JWT_SECRET=$JWT_SECRET
|
|
EOF
|
|
|
|
cat > /run/supabase/analytics.env <<EOF
|
|
DB_PASSWORD=$POSTGRES_PASSWORD
|
|
LOGFLARE_PUBLIC_ACCESS_TOKEN=$LOGFLARE_PUBLIC_ACCESS_TOKEN
|
|
LOGFLARE_PRIVATE_ACCESS_TOKEN=$LOGFLARE_PRIVATE_ACCESS_TOKEN
|
|
POSTGRES_BACKEND_URL=postgresql://supabase_admin:$PG_PASS_ENCODED@db:5432/_supabase
|
|
EOF
|
|
|
|
cat > /run/supabase/auth.env <<EOF
|
|
GOTRUE_JWT_SECRET=$JWT_SECRET
|
|
GOTRUE_DB_DATABASE_URL=postgres://supabase_auth_admin:$PG_PASS_ENCODED@db:5432/postgres
|
|
GOTRUE_SMTP_USER=${SMTP_USER:-}
|
|
GOTRUE_SMTP_PASS=${SMTP_PASS:-}
|
|
GOTRUE_EXTERNAL_GOOGLE_CLIENT_ID=${GOOGLE_CLIENT_ID:-}
|
|
GOTRUE_EXTERNAL_GOOGLE_SECRET=${GOOGLE_SECRET:-}
|
|
EOF
|
|
|
|
cat > /run/supabase/rest.env <<EOF
|
|
PGRST_JWT_SECRET=$JWT_SECRET
|
|
PGRST_APP_SETTINGS_JWT_SECRET=$JWT_SECRET
|
|
PGRST_DB_URI=postgres://authenticator:$PG_PASS_ENCODED@db:5432/postgres
|
|
EOF
|
|
|
|
cat > /run/supabase/realtime.env <<EOF
|
|
DB_PASSWORD=$POSTGRES_PASSWORD
|
|
API_JWT_SECRET=$JWT_SECRET
|
|
SECRET_KEY_BASE=$SECRET_KEY_BASE
|
|
METRICS_JWT_SECRET=$JWT_SECRET
|
|
EOF
|
|
|
|
cat > /run/supabase/storage.env <<EOF
|
|
ANON_KEY=$ANON_KEY
|
|
SERVICE_KEY=$SERVICE_ROLE_KEY
|
|
AUTH_JWT_SECRET=$JWT_SECRET
|
|
DATABASE_URL=postgres://supabase_storage_admin:$PG_PASS_ENCODED@db:5432/postgres
|
|
S3_PROTOCOL_ACCESS_KEY_ID=$S3_PROTOCOL_ACCESS_KEY_ID
|
|
S3_PROTOCOL_ACCESS_KEY_SECRET=$S3_PROTOCOL_ACCESS_KEY_SECRET
|
|
EOF
|
|
|
|
cat > /run/supabase/meta.env <<EOF
|
|
PG_META_DB_PASSWORD=$POSTGRES_PASSWORD
|
|
CRYPTO_KEY=$PG_META_CRYPTO_KEY
|
|
EOF
|
|
|
|
cat > /run/supabase/studio.env <<EOF
|
|
POSTGRES_PASSWORD=$PG_PASS_ENCODED
|
|
PG_META_CRYPTO_KEY=$PG_META_CRYPTO_KEY
|
|
SUPABASE_ANON_KEY=$ANON_KEY
|
|
SUPABASE_SERVICE_KEY=$SERVICE_ROLE_KEY
|
|
AUTH_JWT_SECRET=$JWT_SECRET
|
|
LOGFLARE_API_KEY=$LOGFLARE_PUBLIC_ACCESS_TOKEN
|
|
LOGFLARE_PUBLIC_ACCESS_TOKEN=$LOGFLARE_PUBLIC_ACCESS_TOKEN
|
|
LOGFLARE_PRIVATE_ACCESS_TOKEN=$LOGFLARE_PRIVATE_ACCESS_TOKEN
|
|
EOF
|
|
|
|
cat > /run/supabase/kong.env <<EOF
|
|
SUPABASE_ANON_KEY=$ANON_KEY
|
|
SUPABASE_SERVICE_KEY=$SERVICE_ROLE_KEY
|
|
DASHBOARD_USERNAME=supabase
|
|
DASHBOARD_PASSWORD=$DASHBOARD_PASSWORD
|
|
EOF
|
|
|
|
cat > /run/supabase/vector.env <<EOF
|
|
LOGFLARE_PUBLIC_ACCESS_TOKEN=$LOGFLARE_PUBLIC_ACCESS_TOKEN
|
|
EOF
|
|
|
|
cat > /run/supabase/pooler.env <<EOF
|
|
POSTGRES_PASSWORD=$POSTGRES_PASSWORD
|
|
DATABASE_URL=ecto://supabase_admin:$PG_PASS_ENCODED@db:5432/_supabase
|
|
SECRET_KEY_BASE=$SECRET_KEY_BASE
|
|
VAULT_ENC_KEY=$VAULT_ENC_KEY
|
|
API_JWT_SECRET=$JWT_SECRET
|
|
METRICS_JWT_SECRET=$JWT_SECRET
|
|
EOF
|
|
|
|
cat > /run/supabase/functions.env <<EOF
|
|
JWT_SECRET=$JWT_SECRET
|
|
SUPABASE_ANON_KEY=$ANON_KEY
|
|
SUPABASE_SERVICE_ROLE_KEY=$SERVICE_ROLE_KEY
|
|
EOF
|