Self-hosting with Docker

Docker is the easiest way to get started with self-hosted Supabase.

Before you begin#

You need the following installed in your system:

Quick Start#

Get the code#

Checkout the docker directory in the Supabase repo:

1# Get the code
2git clone --depth 1 https://github.com/supabase/supabase
3
4# Go to the docker folder
5cd supabase/docker
6
7# Copy the fake env vars
8cp .env.example .env
9
10# Start
11docker-compose up

Now visit http://localhost:3000 to start using Supabase Studio.

Securing your setup#

While we provided you with some example secrets for getting started, you should NEVER deploy your Supabase setup using the defaults we have provided.

Please follow these steps to secure your Docker setup. We strongly recommend using a secrets manager when deploying to production.

Generate API Keys#

Use your JWT_SECRET to generate a anon and service API keys using the JWT generator.

Replace the values in these files:

  • .env:
    • ANON_KEY - replace with an anon key
    • SERVICE_ROLE_KEY - replace with a service key
  • volumes/api/kong.yml
    • anon - replace with an anon key
    • service_role - replace with a service key

Update Secrets#

Update the .env file with your own secrets. In particular, these are required:

  • POSTGRES_PASSWORD: the password for the postgres role.
  • JWT_SECRET: used by PostgREST and GoTrue, among others.
  • SITE_URL: the base URL of your site.
  • SMTP_*: mail server credentials. You can use any SMTP server.

Securing the Dashboard#

The Docker setup doesn't include a management database for managing users and logins. If you plan to deploy the Studio to the web we suggest you put it behind a web proxy with Basic Auth or hide it behind a VPN.

Configuration#

Each system can be configured to suit your particular use-case.

To keep the setup simple, we made some choices that may not be optimal for production:

  • the database is in the same machine as the servers
  • Storage uses the filesystem backend instead of S3
  • Auth should be configured with a production-ready SMTP server

Using an external database#

We strongly recommend that you decouple your database from docker-compose before deploying. The middleware will run with any PostgreSQL database that has logical replication enabled. The following environment variables should be updated in the .env file to point to your external database:

.env
1POSTGRES_PASSWORD=your-super-secret-and-long-postgres-password
2
3POSTGRES_HOST=db
4POSTGRES_DB=postgres
5POSTGRES_USER=postgres
6POSTGRES_PORT=5432

Once you have done this, you can safely comment out the db section of the docker-compose file, and remove any instances where the services depends_on the db image.

Setting database's log_min_messages#

By default, docker-compose sets the database's log_min_messages configuration to fatal to prevent redundant logs generated by Realtime. However, you might miss important log messages such as database errors. Configure log_min_messages based on your needs.

Deploying#

See the following guides to deploy Docker Compose setup using your preferred tool and platform:

Next steps#