From 75847f5fb1450e5af9aea5069e640d3dc2bdf33b Mon Sep 17 00:00:00 2001 From: Paul Cioanca Date: Thu, 15 Jun 2023 17:15:26 +0300 Subject: [PATCH 1/7] chore: trigger build --- .github/workflows/dockerhub-release-aio.yml | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/.github/workflows/dockerhub-release-aio.yml b/.github/workflows/dockerhub-release-aio.yml index 04c4db499..c43d4c886 100644 --- a/.github/workflows/dockerhub-release-aio.yml +++ b/.github/workflows/dockerhub-release-aio.yml @@ -4,16 +4,6 @@ on: push: branches: - pcnc/trigger-build - paths: - - ".github/workflows/dockerhub-release-aio.yml" - - "docker/all-in-one/*" - - "common.vars*" - workflow_run: - workflows: [Release on Dockerhub] - branches: - - develop - types: - - completed jobs: settings: From 1d50008b292d128f23d7400b15489078c682cbf2 Mon Sep 17 00:00:00 2001 From: Paul Cioanca Date: Thu, 15 Jun 2023 18:03:12 +0300 Subject: [PATCH 2/7] chore: trigger build --- docker/all-in-one/entrypoint.sh | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/docker/all-in-one/entrypoint.sh b/docker/all-in-one/entrypoint.sh index 246c71eec..7d664b994 100755 --- a/docker/all-in-one/entrypoint.sh +++ b/docker/all-in-one/entrypoint.sh @@ -37,6 +37,13 @@ function configure_services { done } +function enable_swap { + fallocate -l 1G /mnt/swapfile + chmod 600 /mnt/swapfile + mkswap /mnt/swapfile + swapon /mnt/swapfile +} + PG_CONF=/etc/postgresql/postgresql.conf SUPERVISOR_CONF=/etc/supervisor/supervisord.conf @@ -224,5 +231,7 @@ if [ "${AUTOSHUTDOWN_ENABLED:-}" ]; then sed -i "s/autostart=.*/autostart=true/" /etc/supervisor/db-only/supa-shutdown.conf fi +enable_swap + touch "$CONFIGURED_FLAG_PATH" start_supervisor From 6b4044af1ba720ec0f99f6d69385ef233ed8e73c Mon Sep 17 00:00:00 2001 From: Paul Cioanca Date: Fri, 16 Jun 2023 16:24:36 +0300 Subject: [PATCH 3/7] fix: pgbouncer config perms --- docker/all-in-one/init/configure-pgbouncer.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/all-in-one/init/configure-pgbouncer.sh b/docker/all-in-one/init/configure-pgbouncer.sh index 6e9efe46b..1673e51c4 100755 --- a/docker/all-in-one/init/configure-pgbouncer.sh +++ b/docker/all-in-one/init/configure-pgbouncer.sh @@ -28,5 +28,5 @@ if [ "${DATA_VOLUME_MOUNTPOINT}" ]; then ln -s "${PGBOUNCER_CUSTOM_DIR}" "/etc/pgbouncer-custom" chown -R pgbouncer:pgbouncer "/etc/pgbouncer-custom" chown -R pgbouncer:pgbouncer "${PGBOUNCER_CUSTOM_DIR}" - chmod g+rx "${PGBOUNCER_CUSTOM_DIR}" + chmod -R g+rx "${PGBOUNCER_CUSTOM_DIR}" fi From dbeeacdb775fb81c024e25c99f2ef3b9d753daf3 Mon Sep 17 00:00:00 2001 From: Paul Cioanca Date: Mon, 19 Jun 2023 20:13:31 +0300 Subject: [PATCH 4/7] chore: fix shutdown script --- docker/all-in-one/shutdown.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/all-in-one/shutdown.sh b/docker/all-in-one/shutdown.sh index aeb37a985..bc4893906 100755 --- a/docker/all-in-one/shutdown.sh +++ b/docker/all-in-one/shutdown.sh @@ -72,7 +72,7 @@ SQL run_sql -c "ALTER SYSTEM SET log_disconnections = 'on';" run_sql -c "SELECT pg_reload_conf();" -sleep $((MAX_IDLE_TIME_MINUTES * 60)) +sleep $((DEFAULT_MAX_IDLE_TIME_MINUTES * 60)) while true; do if [ -f "$CONFIG_FILE_PATH" ]; then source "$CONFIG_FILE_PATH" From 5d9a1b2bd48bab9aaa318a01f92a279dbe190e4a Mon Sep 17 00:00:00 2001 From: Paul Cioanca Date: Thu, 22 Jun 2023 17:15:34 +0300 Subject: [PATCH 5/7] chore: bump adminapi; extra configs --- .github/workflows/dockerhub-release-aio.yml | 10 ++++++++++ ansible/vars.yml | 2 +- common.vars.pkr.hcl | 2 +- docker/all-in-one/Dockerfile | 2 +- docker/all-in-one/entrypoint.sh | 9 +++++---- docker/all-in-one/init/configure-adminapi.sh | 12 ++++++++++++ docker/all-in-one/init/configure-gotrue.sh | 12 ++++++++++++ docker/all-in-one/init/configure-postgrest.sh | 16 ++++++++++++++-- 8 files changed, 56 insertions(+), 9 deletions(-) diff --git a/.github/workflows/dockerhub-release-aio.yml b/.github/workflows/dockerhub-release-aio.yml index c43d4c886..04c4db499 100644 --- a/.github/workflows/dockerhub-release-aio.yml +++ b/.github/workflows/dockerhub-release-aio.yml @@ -4,6 +4,16 @@ on: push: branches: - pcnc/trigger-build + paths: + - ".github/workflows/dockerhub-release-aio.yml" + - "docker/all-in-one/*" + - "common.vars*" + workflow_run: + workflows: [Release on Dockerhub] + branches: + - develop + types: + - completed jobs: settings: diff --git a/ansible/vars.yml b/ansible/vars.yml index ba7572126..d9be87337 100644 --- a/ansible/vars.yml +++ b/ansible/vars.yml @@ -41,7 +41,7 @@ postgres_exporter_release_checksum: arm64: sha256:d869c16791481dc8475487ad84ae4371a63f9b399898ca1c666eead5cccf7182 amd64: sha256:ff541bd3ee19c0ae003d71424a75edfcc8695e828dd20d5b4555ce433c89d60b -adminapi_release: 0.44.3 +adminapi_release: 0.45.1 adminmgr_release: 0.5.0 # Postgres Extensions diff --git a/common.vars.pkr.hcl b/common.vars.pkr.hcl index c865d8af5..98eecf538 100644 --- a/common.vars.pkr.hcl +++ b/common.vars.pkr.hcl @@ -1 +1 @@ -postgres-version = "15.1.0.95" +postgres-version = "15.1.0.97" diff --git a/docker/all-in-one/Dockerfile b/docker/all-in-one/Dockerfile index fc2c352ad..ffe972e74 100644 --- a/docker/all-in-one/Dockerfile +++ b/docker/all-in-one/Dockerfile @@ -4,7 +4,7 @@ ARG pgbouncer_release=1.18.0 ARG postgrest_release=10.1.2 ARG gotrue_release=2.47.0 ARG kong_release=2.8.1 -ARG adminapi_release=0.44.3 +ARG adminapi_release=0.45.1 ARG adminmgr_release=0.5.0 ARG vector_release=0.22.3 ARG postgres_exporter_release=0.9.0 diff --git a/docker/all-in-one/entrypoint.sh b/docker/all-in-one/entrypoint.sh index 19dd34ba0..a840be486 100755 --- a/docker/all-in-one/entrypoint.sh +++ b/docker/all-in-one/entrypoint.sh @@ -118,9 +118,8 @@ function setup_postgres { chmod g+rx "${WALG_CONF_DIR}" fi - # TODO: define instance size and type for running optimizations - # /opt/supabase-admin-api optimize db --destination-config-file-path /etc/postgresql-custom/generated-optimizations.conf - # /opt/supabase-admin-api optimize pgbouncer --destination-config-file-path /etc/pgbouncer-custom/generated-optimizations.ini + /opt/supabase-admin-api optimize db --destination-config-file-path /etc/postgresql-custom/generated-optimizations.conf + /opt/supabase-admin-api optimize pgbouncer --destination-config-file-path /etc/pgbouncer-custom/generated-optimizations.ini } function setup_credentials { @@ -231,7 +230,9 @@ if [ "${AUTOSHUTDOWN_ENABLED:-}" ]; then sed -i "s/autostart=.*/autostart=true/" /etc/supervisor/db-only/supa-shutdown.conf fi -enable_swap +if [ "${PLATFORM_DEPLOYMENT:-}" ]; then + enable_swap +fi touch "$CONFIGURED_FLAG_PATH" start_supervisor diff --git a/docker/all-in-one/init/configure-adminapi.sh b/docker/all-in-one/init/configure-adminapi.sh index 86b625188..393b2af03 100755 --- a/docker/all-in-one/init/configure-adminapi.sh +++ b/docker/all-in-one/init/configure-adminapi.sh @@ -4,6 +4,18 @@ set -eou pipefail ADMIN_API_CONF=/etc/adminapi/adminapi.yaml touch /var/log/services/adminapi.log +ADMINAPI_CUSTOM_DIR="${DATA_VOLUME_MOUNTPOINT}/etc/adminapi" +if [ ! -f "${CONFIGURED_FLAG_PATH}" ]; then + echo "Copying existing custom adminapi config from /etc/adminapi to ${ADMINAPI_CUSTOM_DIR}" + cp -R "/etc/adminapi/." "${ADMINAPI_CUSTOM_DIR}/" +fi + +rm -rf "/etc/adminapi" +ln -s "${ADMINAPI_CUSTOM_DIR}" "/etc/adminapi" +chown -R adminapi:adminapi "/etc/adminapi" +chown -R adminapi:adminapi "${ADMINAPI_CUSTOM_DIR}" +chmod g+rx "${ADMINAPI_CUSTOM_DIR}" + if [ -f "${INIT_PAYLOAD_PATH:-}" ]; then echo "init adminapi payload" tar -xzvf "$INIT_PAYLOAD_PATH" -C / ./etc/adminapi/adminapi.yaml diff --git a/docker/all-in-one/init/configure-gotrue.sh b/docker/all-in-one/init/configure-gotrue.sh index 265ca7e27..ec7fcbbbf 100755 --- a/docker/all-in-one/init/configure-gotrue.sh +++ b/docker/all-in-one/init/configure-gotrue.sh @@ -7,6 +7,18 @@ sed -i "s|gotrue_api_host|${GOTRUE_API_HOST:-0.0.0.0}|g" /etc/gotrue.env sed -i "s|gotrue_site_url|$GOTRUE_SITE_URL|g" /etc/gotrue.env sed -i "s|gotrue_jwt_secret|$JWT_SECRET|g" /etc/gotrue.env +GOTRUE_CUSTOM_DIR="${DATA_VOLUME_MOUNTPOINT}/etc/gotrue" +if [ ! -f "${CONFIGURED_FLAG_PATH}" ]; then + echo "Copying existing custom GoTrue config from /etc/gotrue to ${GOTRUE_CUSTOM_DIR}" + cp -R "/etc/gotrue/." "${GOTRUE_CUSTOM_DIR}/" +fi + +rm -rf "/etc/gotrue" +ln -s "${GOTRUE_CUSTOM_DIR}" "/etc/gotrue" +chown -R adminapi:adminapi "/etc/gotrue" +chown -R adminapi:adminapi "${GOTRUE_CUSTOM_DIR}" +chmod g+rx "${GOTRUE_CUSTOM_DIR}" + if [ -f "${INIT_PAYLOAD_PATH:-}" ]; then echo "init gotrue payload" tar -xzvf "$INIT_PAYLOAD_PATH" -C / ./etc/gotrue.env diff --git a/docker/all-in-one/init/configure-postgrest.sh b/docker/all-in-one/init/configure-postgrest.sh index 062b7eb1a..0bc05ea27 100755 --- a/docker/all-in-one/init/configure-postgrest.sh +++ b/docker/all-in-one/init/configure-postgrest.sh @@ -11,6 +11,18 @@ sed -i "s|pgrst_db_extra_search_path|${PGRST_DB_SCHEMAS:-public,extensions}|g" / sed -i "s|pgrst_db_anon_role|${PGRST_DB_ANON_ROLE:-anon}|g" /etc/postgrest/base.conf sed -i "s|pgrst_jwt_secret|$JWT_SECRET|g" /etc/postgrest/base.conf +POSTGREST_CUSTOM_DIR="${DATA_VOLUME_MOUNTPOINT}/etc/postgrest" +if [ ! -f "${CONFIGURED_FLAG_PATH}" ]; then + echo "Copying existing custom PostgREST config from /etc/postgrest/ to ${POSTGREST_CUSTOM_DIR}" + cp -R "/etc/postgrest/." "${POSTGREST_CUSTOM_DIR}/" +fi + +rm -rf "/etc/postgrest" +ln -s "${POSTGREST_CUSTOM_DIR}" "/etc/postgrest" +chown -R postgrest:postgrest "/etc/postgrest" +chown -R postgrest:postgrest "${POSTGREST_CUSTOM_DIR}" +chmod g+rx "${POSTGREST_CUSTOM_DIR}" + if [ -f "${INIT_PAYLOAD_PATH:-}" ]; then echo "init postgrest payload" tar -xzvf "$INIT_PAYLOAD_PATH" -C / ./etc/postgrest/base.conf @@ -18,6 +30,6 @@ if [ -f "${INIT_PAYLOAD_PATH:-}" ]; then fi PGRST_CONF=/etc/postgrest/generated.conf -# TODO: merge base config with optimisations -# /opt/supabase-admin-api optimize postgrest --destination-config-file-path $PGRST_CONF + +/opt/supabase-admin-api optimize postgrest --destination-config-file-path $PGRST_CONF cat /etc/postgrest/base.conf >> $PGRST_CONF From 15d19d88724bc33e1888d19c7a6a54a8173742cc Mon Sep 17 00:00:00 2001 From: Paul Cioanca Date: Thu, 22 Jun 2023 17:15:34 +0300 Subject: [PATCH 6/7] chore: bump adminapi; extra configs --- ...gmkruikf-manual-request-2023-06-22T164951Z | 43 +++++++++++++++++++ docker/all-in-one/entrypoint.sh | 1 + 2 files changed, 44 insertions(+) create mode 100755 bdifvtxsipaogmkruikf-manual-request-2023-06-22T164951Z diff --git a/bdifvtxsipaogmkruikf-manual-request-2023-06-22T164951Z b/bdifvtxsipaogmkruikf-manual-request-2023-06-22T164951Z new file mode 100755 index 000000000..846c36cfc --- /dev/null +++ b/bdifvtxsipaogmkruikf-manual-request-2023-06-22T164951Z @@ -0,0 +1,43 @@ +{ + "foreign_keys": [ + "vault.secrets.secrets_key_id_fkey", + "storage.objects.objects_owner_fkey", + "storage.objects.objects_bucketId_fkey", + "storage.buckets.buckets_owner_fkey", + "sso_domains.sso_domains_sso_provider_id_fkey", + "sessions.sessions_user_id_fkey", + "saml_relay_states.saml_relay_states_sso_provider_id_fkey", + "saml_providers.saml_providers_sso_provider_id_fkey", + "refresh_tokens.refresh_tokens_session_id_fkey", + "pgsodium.key.key_parent_key_fkey", + "mfa_factors.mfa_factors_user_id_fkey", + "mfa_challenges.mfa_challenges_auth_factor_id_fkey", + "mfa_amr_claims.mfa_amr_claims_session_id_fkey", + "identities.identities_user_id_fkey" + ], + "rls_policies": [], + "relations": [ + "vault.secrets", + "vault.decrypted_secrets", + "storage.objects", + "storage.migrations", + "storage.buckets", + "extensions.pg_stat_statements_info", + "extensions.pg_stat_statements", + "auth.users", + "auth.sso_providers", + "auth.sso_domains", + "auth.sessions", + "auth.schema_migrations", + "auth.saml_relay_states", + "auth.saml_providers", + "auth.refresh_tokens", + "auth.mfa_factors", + "auth.mfa_challenges", + "auth.mfa_amr_claims", + "auth.instances", + "auth.identities", + "auth.flow_state", + "auth.audit_log_entries" + ] +} \ No newline at end of file diff --git a/docker/all-in-one/entrypoint.sh b/docker/all-in-one/entrypoint.sh index a840be486..3c48e3a5d 100755 --- a/docker/all-in-one/entrypoint.sh +++ b/docker/all-in-one/entrypoint.sh @@ -47,6 +47,7 @@ function enable_swap { PG_CONF=/etc/postgresql/postgresql.conf SUPERVISOR_CONF=/etc/supervisor/supervisord.conf +DATA_VOLUME_MOUNTPOINT=${DATA_VOLUME_MOUNTPOINT:-/data} export CONFIGURED_FLAG_PATH=${CONFIGURED_FLAG_PATH:-$DATA_VOLUME_MOUNTPOINT/machine.configured} function setup_postgres { From f14e037d1511d4e6fafce45ff9e55965f5f1736b Mon Sep 17 00:00:00 2001 From: Paul Cioanca Date: Thu, 22 Jun 2023 19:23:14 +0300 Subject: [PATCH 7/7] chore: create directories before linking --- ...gmkruikf-manual-request-2023-06-22T164951Z | 43 ------------------- docker/all-in-one/entrypoint.sh | 5 +-- docker/all-in-one/init/configure-adminapi.sh | 1 + docker/all-in-one/init/configure-gotrue.sh | 1 + docker/all-in-one/init/configure-pgbouncer.sh | 2 + docker/all-in-one/init/configure-postgrest.sh | 1 + 6 files changed, 7 insertions(+), 46 deletions(-) delete mode 100755 bdifvtxsipaogmkruikf-manual-request-2023-06-22T164951Z diff --git a/bdifvtxsipaogmkruikf-manual-request-2023-06-22T164951Z b/bdifvtxsipaogmkruikf-manual-request-2023-06-22T164951Z deleted file mode 100755 index 846c36cfc..000000000 --- a/bdifvtxsipaogmkruikf-manual-request-2023-06-22T164951Z +++ /dev/null @@ -1,43 +0,0 @@ -{ - "foreign_keys": [ - "vault.secrets.secrets_key_id_fkey", - "storage.objects.objects_owner_fkey", - "storage.objects.objects_bucketId_fkey", - "storage.buckets.buckets_owner_fkey", - "sso_domains.sso_domains_sso_provider_id_fkey", - "sessions.sessions_user_id_fkey", - "saml_relay_states.saml_relay_states_sso_provider_id_fkey", - "saml_providers.saml_providers_sso_provider_id_fkey", - "refresh_tokens.refresh_tokens_session_id_fkey", - "pgsodium.key.key_parent_key_fkey", - "mfa_factors.mfa_factors_user_id_fkey", - "mfa_challenges.mfa_challenges_auth_factor_id_fkey", - "mfa_amr_claims.mfa_amr_claims_session_id_fkey", - "identities.identities_user_id_fkey" - ], - "rls_policies": [], - "relations": [ - "vault.secrets", - "vault.decrypted_secrets", - "storage.objects", - "storage.migrations", - "storage.buckets", - "extensions.pg_stat_statements_info", - "extensions.pg_stat_statements", - "auth.users", - "auth.sso_providers", - "auth.sso_domains", - "auth.sessions", - "auth.schema_migrations", - "auth.saml_relay_states", - "auth.saml_providers", - "auth.refresh_tokens", - "auth.mfa_factors", - "auth.mfa_challenges", - "auth.mfa_amr_claims", - "auth.instances", - "auth.identities", - "auth.flow_state", - "auth.audit_log_entries" - ] -} \ No newline at end of file diff --git a/docker/all-in-one/entrypoint.sh b/docker/all-in-one/entrypoint.sh index 3c48e3a5d..a55533a7f 100755 --- a/docker/all-in-one/entrypoint.sh +++ b/docker/all-in-one/entrypoint.sh @@ -86,6 +86,8 @@ function setup_postgres { $PG_CONF if [ "${DATA_VOLUME_MOUNTPOINT}" ]; then + /opt/supabase-admin-api optimize db --destination-config-file-path /etc/postgresql-custom/generated-optimizations.conf + # Preserve postgresql configs across restarts POSTGRESQL_CUSTOM_DIR="${DATA_VOLUME_MOUNTPOINT}/etc/postgresql-custom" @@ -118,9 +120,6 @@ function setup_postgres { chmod g+rx "/etc/wal-g" chmod g+rx "${WALG_CONF_DIR}" fi - - /opt/supabase-admin-api optimize db --destination-config-file-path /etc/postgresql-custom/generated-optimizations.conf - /opt/supabase-admin-api optimize pgbouncer --destination-config-file-path /etc/pgbouncer-custom/generated-optimizations.ini } function setup_credentials { diff --git a/docker/all-in-one/init/configure-adminapi.sh b/docker/all-in-one/init/configure-adminapi.sh index 393b2af03..f6f543a10 100755 --- a/docker/all-in-one/init/configure-adminapi.sh +++ b/docker/all-in-one/init/configure-adminapi.sh @@ -5,6 +5,7 @@ ADMIN_API_CONF=/etc/adminapi/adminapi.yaml touch /var/log/services/adminapi.log ADMINAPI_CUSTOM_DIR="${DATA_VOLUME_MOUNTPOINT}/etc/adminapi" +mkdir -p "${ADMINAPI_CUSTOM_DIR}" if [ ! -f "${CONFIGURED_FLAG_PATH}" ]; then echo "Copying existing custom adminapi config from /etc/adminapi to ${ADMINAPI_CUSTOM_DIR}" cp -R "/etc/adminapi/." "${ADMINAPI_CUSTOM_DIR}/" diff --git a/docker/all-in-one/init/configure-gotrue.sh b/docker/all-in-one/init/configure-gotrue.sh index ec7fcbbbf..6571ea0d7 100755 --- a/docker/all-in-one/init/configure-gotrue.sh +++ b/docker/all-in-one/init/configure-gotrue.sh @@ -8,6 +8,7 @@ sed -i "s|gotrue_site_url|$GOTRUE_SITE_URL|g" /etc/gotrue.env sed -i "s|gotrue_jwt_secret|$JWT_SECRET|g" /etc/gotrue.env GOTRUE_CUSTOM_DIR="${DATA_VOLUME_MOUNTPOINT}/etc/gotrue" +mkdir -p "${GOTRUE_CUSTOM_DIR}" if [ ! -f "${CONFIGURED_FLAG_PATH}" ]; then echo "Copying existing custom GoTrue config from /etc/gotrue to ${GOTRUE_CUSTOM_DIR}" cp -R "/etc/gotrue/." "${GOTRUE_CUSTOM_DIR}/" diff --git a/docker/all-in-one/init/configure-pgbouncer.sh b/docker/all-in-one/init/configure-pgbouncer.sh index 1673e51c4..25f56037e 100755 --- a/docker/all-in-one/init/configure-pgbouncer.sh +++ b/docker/all-in-one/init/configure-pgbouncer.sh @@ -14,6 +14,8 @@ if [ -f "${INIT_PAYLOAD_PATH:-}" ]; then fi if [ "${DATA_VOLUME_MOUNTPOINT}" ]; then + /opt/supabase-admin-api optimize pgbouncer --destination-config-file-path /etc/pgbouncer-custom/generated-optimizations.ini + # Preserve pgbouncer configs across restarts PGBOUNCER_CUSTOM_DIR="${DATA_VOLUME_MOUNTPOINT}/etc/pgbouncer-custom" diff --git a/docker/all-in-one/init/configure-postgrest.sh b/docker/all-in-one/init/configure-postgrest.sh index 0bc05ea27..1f961b89c 100755 --- a/docker/all-in-one/init/configure-postgrest.sh +++ b/docker/all-in-one/init/configure-postgrest.sh @@ -12,6 +12,7 @@ sed -i "s|pgrst_db_anon_role|${PGRST_DB_ANON_ROLE:-anon}|g" /etc/postgrest/base. sed -i "s|pgrst_jwt_secret|$JWT_SECRET|g" /etc/postgrest/base.conf POSTGREST_CUSTOM_DIR="${DATA_VOLUME_MOUNTPOINT}/etc/postgrest" +mkdir -p "${POSTGREST_CUSTOM_DIR}" if [ ! -f "${CONFIGURED_FLAG_PATH}" ]; then echo "Copying existing custom PostgREST config from /etc/postgrest/ to ${POSTGREST_CUSTOM_DIR}" cp -R "/etc/postgrest/." "${POSTGREST_CUSTOM_DIR}/"