Security considerations when self hosting
Hi! I'm currently evaluating Supabase for a project at my university. Unfortunately this isn't just an internal app, it's something that students may want to use as well, so its very likely that this app is supposed to be hosted on the public internet.
Unfortunately, as of a recent court decision, (Schrems-II, from EuGH (European Supreme Court), it is no longer allowed to transfer personal data to US cloud platforms under privacy shield. This still allows for private B2C apps to be offered in the EU though
However, due to a very recent german court decision, this is no longer possible for public entities, such as gov agencies, which my uni belongs to under law.
To be clear: I don't think this will be a university app for quite too long, its a student project and for managebilities sake we have explored Supabase Offerings as an avenue to get started quickly, but from what it looks like, it is expected of us to try your self hosted solution and host via our unis data center.
So I was wondering, apart from obviously securing Supabase Studio behind a proxy,
is there anything about the standard docker app configuration you provide with docker that we'd need to harden?
I understand that you're hesitant on giving too much guidance on self hosted, but it'd be very cool if we could use a PaaS service like this for our project.
Unfortunately, as of a recent court decision, (Schrems-II, from EuGH (European Supreme Court), it is no longer allowed to transfer personal data to US cloud platforms under privacy shield. This still allows for private B2C apps to be offered in the EU though
However, due to a very recent german court decision, this is no longer possible for public entities, such as gov agencies, which my uni belongs to under law.
To be clear: I don't think this will be a university app for quite too long, its a student project and for managebilities sake we have explored Supabase Offerings as an avenue to get started quickly, but from what it looks like, it is expected of us to try your self hosted solution and host via our unis data center.
So I was wondering, apart from obviously securing Supabase Studio behind a proxy,
is there anything about the standard docker app configuration you provide with docker that we'd need to harden?
I understand that you're hesitant on giving too much guidance on self hosted, but it'd be very cool if we could use a PaaS service like this for our project.
