Self-Hosted Supabase Studio with Username and Password. How?
Hello,
I want when i try to open self-hosted Supabase Studio to ask me for Username and Password.
I have followed this tutorial and made everythning as described but again when i open it, it does not ask me for credentials.
Tutorial(from 24:35 - 25:05): https://www.youtube.com/watch?v=wyUr_U6Cma4
Its only 30 secconds. And i have check it several times. Also tried in different browsers, privete window etc.
I want to be protected this way, not with authelia.
Thank you in advance
activenode
YouTube
Complete Guide ⚡️ Supabase Self-Hosted ➕ Custom S3 ➕ Authelia
Supabase self hosted including S3 Storage, Customs Domains and Authelia.
🚨 Important Notes:
I got informed on my blog that User Creation via Dashboard wasn't possible and that for some very specific things such as e.g. certain POST requests the Dashboard wasn't 100% working.
There were only small things missing (updated in the Blog Articl...
48 Replies
I remember in this video David mentions to comment out username password config in volumes/api/kong.yml. try uncommenting those, restart stack and i believe dashboard should ask you for username password
Last I remember it was at the end of the file.
I will chek it now
Thank you
Just checked, at the end of the file uncomment basic-auth plugin config
But make sure you use https after this otherwise your username pass can be seen by anyone in the middle
I have also question about fact that some thing all still accesible by serverip:port no matter that i have https domain access but i will open another post for this
about basic-auth plugin config
To uncoment all:
Please wrap code with markdown codeblocks, its hard to read otherwise
i am triong
just to fin it
Triple backticks, or search markdown codeblocks
Done
Are you going with same setup as described in video? Nginx proxy manager in front?
Yes
I will have to test this locally first for usage with basic-auth.
You can also try setting up an instance with my project https://github.com/singh-inder/supabase-automated-self-host. It defaults to basic-auth but authelia can be specified with a flag.
If you can make this test i will really appriciate. Also i will make some test and check your project
Sure, I will test and get back to you soon.
Can you just tell me about this:
Thanks
I just need to confirm how he setup routes in nginx proxy manager.
ok
@Zoran Velinov How have you configured proxy manager service in docker-compose?
just sec
I'll guide you acc. to David's setup
1. There is a item in navbar Access Lists. Click on it and create a rule. name it anything you want. Click on satisy any. Then in authorizations, enter your username and password. after this click on save
I have done this but no helped
Now run this command and check if user password file was created successully
ls -l nginx-data/access
There should be a file in this folder.
I've just tested basic-auth.ok. let me check
just to know i havent touch this. its still commented
Thats ok, acc. to david's setup
it have only 1
cat it
it should be like this
<username>:<hashed_password>
when i open it it have only one line:
admin:and here encripted paasword
i mean when i open nano 1
great.
make sure to save after adding this config
Btw, this has to be done in your studio domain config
Done?
Yes! Just make more test to be sure. Its work like it should. Thank you very much. I own you a drink 🫡
No worries.
Make sure to do thorough testing. And the auth location block, I'm not sure if its required but it was present in his config
My auth.domain.com now got to authelia login form because i have folowed his tutorial. Probably i will need to remove this proxy
is
auth.domain.com supposed to be api route or studio url?auth.domain.com go to Authelia Login Page. After succesfully logint it redirect to supabaseStudio.domain.com
oh ok, so if you don't want it you can remove the config
but you should use it for production instance
Which want to use for productin? auth.domain.com?
yes you should use authelia when deploying a production instance. 2FA is definitely more secure than basic username pass auth
Ok. I have succesfuly implemeted authelia autherization acording his tutorial. I will just need to remove this that you sent me for Advanced tab and put this for authelia i believe
because before authelia has worked like this
For authelia you can rely entirely on his tutorial. Basic auth had an issue and that's fixed with the config above
Yes. I understand
Thank you
I am confused little about someting about basic auth. In .env file have lines like:
DASHBOARD_USERNAME=username
DASHBOARD_PASSWORD=password
They are here but they dont work without you code in Advanced for the proxy in Nginx Proxy Manager.
Than why they exist in .env file?
This is used by kong. supabase by default also comes with basic-auth
but as the supabase studio config is commented out it isn't reachable and nginx is handling it
So just to ignore this in env file or to comment them?
its passed here to kong service https://github.com/supabase/supabase/blob/5108f45292108bafed71f9390339a428c5a1d8e7/docker/docker-compose.yml#L86-L87
I'm not sure if kong will throw any errors if this config is not passed to it. You can try it
When i comment DASHBOARD_USERNAME and DASHBOARD_PASSWORD in .env its give warnings and errors:
With uncomenting it it still have some warnings but not errors, so i hope its ok:
yeah that config is required that's why you get
required field missing. You can keep it as it is. And maybe add a comment in env file that currently these values aren't being used or something like that as a note to yourselfYes, yes. Thanks