- Turborepo + pnpm workspaces with apps/web and packages/types - SvelteKit app: Tailwind, Paraglide i18n (en/es), keycloak-js, Supabase client, auth/collective stores, PWA service worker skeleton, all route placeholders - packages/types: domain types (User, Collective, ShoppingList, etc.) and database.ts placeholder for generated types - Justfile with dev, db-*, kc-*, build, backup, restore, deploy recipes - infra/docker-compose.dev.yml: Postgres 15, GoTrue, PostgREST, Realtime v2.83, Storage, Kong (port 8001), Studio, Keycloak 24 - infra/docker-compose.prod.yml, kong.yml, db-init scripts, backup/deploy scripts - keycloak/realm-export.json with colectivo realm and 5 dev test users - supabase/config.toml and seed.sql with sample collective and items - GitHub Actions: ci.yml (lint+typecheck+build) and deploy.yml (GHCR + SSH) - .env.example documenting all required variables - Fixed docker-compose issues: Studio image tag, Kong port conflict (8001), internal role passwords init script, Realtime METRICS_JWT_SECRET/APP_NAME Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
12 lines
742 B
SQL
12 lines
742 B
SQL
-- Set passwords for Supabase internal roles to match POSTGRES_PASSWORD.
|
|
-- The supabase/postgres image creates these roles with hardcoded default passwords;
|
|
-- this script overrides them so all services can authenticate with POSTGRES_PASSWORD.
|
|
-- Runs once on first container start (docker-entrypoint-initdb.d).
|
|
-- Must run as supabase_admin (superuser) which this image uses for initdb scripts.
|
|
|
|
ALTER ROLE authenticator WITH PASSWORD 'REPLACE_PASSWORD';
|
|
ALTER ROLE supabase_auth_admin WITH PASSWORD 'REPLACE_PASSWORD';
|
|
ALTER ROLE supabase_replication_admin WITH PASSWORD 'REPLACE_PASSWORD';
|
|
ALTER ROLE supabase_storage_admin WITH PASSWORD 'REPLACE_PASSWORD';
|
|
ALTER ROLE pgbouncer WITH PASSWORD 'REPLACE_PASSWORD';
|