add variables to compose

.gitignore

@@ -101,3 +101,6 @@ typings/
 
 .vscode
 .vercel
+
+#include template .env file for docker-compose
+!docker/.env

docker/.env

@@ -0,0 +1,19 @@
+#fill with fresh random passwords
+OPERATOR_TOKEN=
+
+JWT_SECRET=
+
+#string length 100 didnt work as password for me; length 50 did it
+POSTGRES_PASSWORD=
+
+# some smtp server to send your auth-mails with
+SMTP_HOST=
+SMTP_PORT=
+SMTP_USER=
+SMTP_PASS=
+
+#predefined
+POSTGRES_PORT=5432
+AUTH_PORT=9999
+REST_PORT=3000
+REALTIME_PORT=4000

docker/README.md

@@ -3,6 +3,8 @@
 
 You can run Supabase on your local machine using `docker-compose`:
 
+- Add passwords to the .env file
+
 - Starting all services: `docker-compose up -d`
 - Stopping all services: `docker-compose down`
 

docker/docker-compose.yml

@@ -1,81 +1,87 @@
 version: '3.6'
 services:
-    kong:
-      container_name: supabase-kong
-      build:
-          context: ./kong
-      environment:
-          KONG_DECLARATIVE_CONFIG: /var/lib/kong/kong.yml
-          KONG_PLUGINS: request-transformer,cors,key-auth,http-log
-      ports:
+  kong:
+    container_name: supabase-kong
+    build:
+      context: ./kong
+    environment:
+      KONG_DECLARATIVE_CONFIG: /var/lib/kong/kong.yml
+      KONG_PLUGINS: request-transformer,cors,key-auth,http-log
+    ports:
       - 8000:8000/tcp
       - 8443:8443/tcp
-    auth:
-      container_name: supabase-auth
-      image: supabase/gotrue:latest
-      ports:
-        - '9999:9999'
-      environment:
-        GOTRUE_JWT_SECRET: super-secret-jwt-token-with-at-least-32-characters-long
-        GOTRUE_JWT_EXP: 3600
-        GOTRUE_JWT_DEFAULT_GROUP_NAME: authenticated
-        GOTRUE_DB_DRIVER: postgres
-        DB_NAMESPACE: auth
-        API_EXTERNAL_URL: localhost
-        GOTRUE_API_HOST: 0.0.0.0
-        PORT: 9999
-        GOTRUE_DISABLE_SIGNUP: "false"
-        GOTRUE_SITE_URL: localhost
-        GOTRUE_MAILER_AUTOCONFIRM: "true"
-        GOTRUE_LOG_LEVEL: DEBUG
-        GOTRUE_OPERATOR_TOKEN: super-secret-operator-token
-        DATABASE_URL: "postgres://postgres:postgres@db:5432/postgres?sslmode=disable"
+  auth:
+    container_name: supabase-auth
+    image: supabase/gotrue:latest
+    ports:
+      - $AUTH_PORT
+    environment:
+      GOTRUE_JWT_SECRET: $JWT_SECRET
+      GOTRUE_JWT_EXP: 3600
+      GOTRUE_JWT_DEFAULT_GROUP_NAME: authenticated
+      GOTRUE_DB_DRIVER: postgres
+      DB_NAMESPACE: auth
+      API_EXTERNAL_URL: localhost
+      GOTRUE_API_HOST: 0.0.0.0
+      PORT: $AUTH_PORT
+
+      GOTRUE_SMTP_HOST: $SMTP_HOST
+      GOTRUE_SMTP_PORT: $SMTP_PORT
+      GOTRUE_SMTP_USER: $SMTP_USER
+      GOTRUE_SMTP_PASS: $SMTP_PASS
+
+      GOTRUE_DISABLE_SIGNUP: 'false'
+      GOTRUE_SITE_URL: localhost
+      GOTRUE_MAILER_AUTOCONFIRM: 'true'
+      GOTRUE_LOG_LEVEL: DEBUG
+      GOTRUE_OPERATOR_TOKEN: $OPERATOR_TOKEN
+      DATABASE_URL: 'postgres://postgres:$POSTGRES_PASSWORD@db:$POSTGRES_PORT/postgres?sslmode=disable'
       depends_on:
         - db
-    rest:
-      container_name: supabase-rest
-      image: postgrest/postgrest:latest
-      ports:
-        - '3000:3000'
-      depends_on:
+  rest:
+    container_name: supabase-rest
+    image: postgrest/postgrest:latest
+    ports:
+      - $REST_PORT:3000
+    depends_on:
       - db
-      restart: always
-      environment:
-          PGRST_DB_URI: postgres://postgres:postgres@db:5432/postgres
-          PGRST_DB_SCHEMA: public
-          PGRST_DB_ANON_ROLE: postgres
-          PGRST_JWT_SECRET: super-secret-jwt-token-with-at-least-32-characters-long
-    realtime:
-      container_name: supabase-realtime
-      image: supabase/realtime:latest
-      ports:
-        - '4000:4000'
-      depends_on:
+    restart: always
+    environment:
+      PGRST_DB_URI: postgres://postgres:$POSTGRES_PASSWORD@db:$POSTGRES_PORT/postgres
+      PGRST_DB_SCHEMA: public
+      PGRST_DB_ANON_ROLE: postgres
+      PGRST_JWT_SECRET: $JWT_SECRET
+  realtime:
+    container_name: supabase-realtime
+    image: supabase/realtime:latest
+    ports:
+      - $REALTIME_PORT:$REALTIME_PORT
+    depends_on:
       - db
-      restart: on-failure
-      environment:
-          DB_HOST: db
-          DB_NAME: postgres
-          DB_USER: postgres
-          DB_PASSWORD: postgres
-          DB_PORT: 5432
-          PORT: 4000
-          HOSTNAME: localhost
-          # Disable JWT Auth locally. The JWT_SECRET will be ignored.
-          SECURE_CHANNELS: 'false'
-          JWT_SECRET: super-secret-jwt-token-with-at-least-32-characters-long
-    db:
-      container_name: supabase-db
-      build:
-          context: ./postgres
-      ports:
-      - 5432:5432
-      command:
+    restart: on-failure
+    environment:
+      DB_HOST: db
+      DB_NAME: postgres
+      DB_USER: postgres
+      DB_PASSWORD: $POSTGRES_PASSWORD
+      DB_PORT: $POSTGRES_PORT
+      PORT: $REALTIME_PORT
+      HOSTNAME: localhost
+      # Disable JWT Auth locally. The JWT_SECRET will be ignored.
+      SECURE_CHANNELS: 'false'
+      JWT_SECRET: $JWT_SECRET
+  db:
+    container_name: supabase-db
+    build:
+      context: ./postgres
+    ports:
+      - $POSTGRES_PORT:$POSTGRES_PORT
+    command:
       - postgres
       - -c
       - wal_level=logical
-      environment:
-          POSTGRES_DB: postgres
-          POSTGRES_USER: postgres
-          POSTGRES_PASSWORD: postgres
-          POSTGRES_PORT: 5432
+    environment:
+      POSTGRES_DB: postgres
+      POSTGRES_USER: postgres
+      POSTGRES_PASSWORD: $POSTGRES_PASSWORD
+      POSTGRES_PORT: $POSTGRES_PORT