Putting self-hosted supabase behind basic auth with traefik
Hello all!
Just finished setting up a test of supabase on my VPS, it runs traefik and so I adapted the compose file to the following: https://hastebin.com/jutinogubu.yaml
Now, this works, I can access supabase studio on the supabase subdomain, happy days! And ofc because of my existing setup I get HTTPS and all that good stuff automatically.
However, since this is publicly accessible I followed the advise in the guide and added basic auth to the studio container (using traefiks built in basic auth middleware). This also works! I need to give credentials to access the studio dashboard.
On to the question, should the kong instance also be put behind basic auth? I tried, but this breaks the dashboard ๐ Now, my guess is that it shouldn't need basic auth, as it is how web apps talk to supabase and it handles authentication separately, but I also don't want to make a false assumption and open myself up to a gaping security hole. So am I right or do I need to secure the supabase-api subdomain in some way as well?
Any help is appreciated, if you need to know anything else, let me know!
Hastebin: Send and Save Text or Code Snippets for Free | Toptalยฎ
Hastebin is a free web-based pastebin service for storing and sharing text and code snippets with anyone. Get started now.
1 Reply
Could you re-post your file please? The link given does not contain the
docker-compose.yml contents.