- Turborepo + pnpm workspaces with apps/web and packages/types - SvelteKit app: Tailwind, Paraglide i18n (en/es), keycloak-js, Supabase client, auth/collective stores, PWA service worker skeleton, all route placeholders - packages/types: domain types (User, Collective, ShoppingList, etc.) and database.ts placeholder for generated types - Justfile with dev, db-*, kc-*, build, backup, restore, deploy recipes - infra/docker-compose.dev.yml: Postgres 15, GoTrue, PostgREST, Realtime v2.83, Storage, Kong (port 8001), Studio, Keycloak 24 - infra/docker-compose.prod.yml, kong.yml, db-init scripts, backup/deploy scripts - keycloak/realm-export.json with colectivo realm and 5 dev test users - supabase/config.toml and seed.sql with sample collective and items - GitHub Actions: ci.yml (lint+typecheck+build) and deploy.yml (GHCR + SSH) - .env.example documenting all required variables - Fixed docker-compose issues: Studio image tag, Kong port conflict (8001), internal role passwords init script, Realtime METRICS_JWT_SECRET/APP_NAME Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
83 lines
1.5 KiB
TOML
83 lines
1.5 KiB
TOML
# Supabase local development configuration.
|
|
# See: https://supabase.com/docs/guides/cli/config
|
|
|
|
[api]
|
|
enabled = true
|
|
port = 54321
|
|
schemas = ["public", "storage", "graphql_public"]
|
|
extra_search_path = ["public", "extensions"]
|
|
max_rows = 1000
|
|
|
|
[api.tls]
|
|
enabled = false
|
|
|
|
[db]
|
|
port = 54322
|
|
shadow_port = 54320
|
|
major_version = 15
|
|
|
|
[db.pooler]
|
|
enabled = false
|
|
port = 54329
|
|
pool_mode = "transaction"
|
|
default_pool_size = 20
|
|
max_client_conn = 100
|
|
|
|
[realtime]
|
|
enabled = true
|
|
ip_version = "IPv4"
|
|
max_header_length = 4096
|
|
|
|
[studio]
|
|
enabled = true
|
|
port = 54323
|
|
api_url = "http://127.0.0.1"
|
|
openai_api_key = ""
|
|
|
|
[inbucket]
|
|
enabled = true
|
|
port = 54324
|
|
|
|
[storage]
|
|
enabled = true
|
|
file_size_limit = "50MiB"
|
|
|
|
[storage.image_transformation]
|
|
enabled = true
|
|
|
|
[auth]
|
|
enabled = true
|
|
site_url = "http://127.0.0.1:5173"
|
|
additional_redirect_urls = ["http://localhost:5173"]
|
|
jwt_expiry = 3600
|
|
enable_refresh_token_rotation = true
|
|
refresh_token_reuse_interval = 10
|
|
enable_signup = false
|
|
enable_anonymous_sign_ins = false
|
|
enable_manual_linking = false
|
|
|
|
[auth.email]
|
|
enable_signup = false
|
|
double_confirm_changes = true
|
|
enable_confirmations = false
|
|
|
|
[auth.sms]
|
|
enable_signup = false
|
|
enable_confirmations = false
|
|
|
|
# Keycloak as OIDC provider
|
|
# The JWT_SECRET must be set to the Keycloak RS256 public key
|
|
[auth.third_party.keycloak]
|
|
enabled = false # We bypass GoTrue — Keycloak JWT validated directly by PostgREST
|
|
|
|
[edge_runtime]
|
|
enabled = true
|
|
policy = "oneshot"
|
|
inspector_port = 8083
|
|
|
|
[analytics]
|
|
enabled = false
|
|
port = 54327
|
|
vector_port = 54328
|
|
backend = "postgres"
|