fix: add minio password generator and amend docs

[aantti]

I have read the CONTRIBUTING.md file.

YES/NO

What kind of change does this PR introduce?

A follow up to PR #37185:

• Add MinIO password generator to utils/generate-keys.sh
• Amend docs with S3 client configuration and MinIO variables

Summary by CodeRabbit

• Documentation

  • Added guidance for three new environment variables for S3-compatible storage and MinIO authentication, including descriptions and generation instructions.

• Chores

  • Updated automation to generate a MinIO root password, display it in status output, and automatically populate the environment configuration.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
studio-self-hosted	Ready	Preview, Comment	Feb 16, 2026 2:11pm
studio-staging	Ready	Preview, Comment	Feb 16, 2026 2:11pm

7 Skipped Deployments

Project	Deployment	Actions	Updated (UTC)
cms	Ignored		Feb 16, 2026 2:11pm
studio	Ignored		Feb 16, 2026 2:11pm
design-system	Skipped		Feb 16, 2026 2:11pm
docs	Skipped		Feb 16, 2026 2:11pm
learn	Skipped		Feb 16, 2026 2:11pm
ui-library	Skipped		Feb 16, 2026 2:11pm
zone-www-dot-com	Skipped		Feb 16, 2026 2:11pm

[supabase]

This pull request has been ignored for the connected project xguihxuzqibwxjnimxev because there are no changes detected in supabase directory. You can change this behaviour in Project Integrations Settings ↗︎.

---

Preview Branches by Supabase.
Learn more about Supabase Branching ↗︎.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

---

Walkthrough

Adds three new environment variables for S3/MinIO to the self-hosting Docker docs and updates the Docker key-generation script to generate and persist MINIO_ROOT_PASSWORD (16-byte hex), emitting it in the script status and updating the .env via sed.

Changes

Cohort / File(s)	Summary
Documentation apps/docs/content/guides/self-hosting/docker.mdx	Adds S3_PROTOCOL_ACCESS_KEY_ID, S3_PROTOCOL_ACCESS_KEY_SECRET, and MINIO_ROOT_PASSWORD entries to the configuration section (each with descriptions and generation instructions). New entries are prefixed with lint-disable comments.
Key generation script docker/utils/generate-keys.sh	Generates MINIO_ROOT_PASSWORD using gen_hex(16), prints it in the status/info output, and updates the environment file by replacing the MINIO_ROOT_PASSWORD entry via sed.

Sequence Diagram(s)

(omitted — changes are limited to docs and a single script; no new multi-component control flow introduced)

Possibly related PRs

• feat: add generate-keys.sh script to add keys and passwords #41363: Related changes to docker/utils/generate-keys.sh that add S3/MinIO credential generation and .env updates.

Suggested reviewers

• sweatybridge
• saltcod
• ChrisChinchilla

🚥 Pre-merge checks | ✅ 2 | ❌ 2

❌ Failed checks (2 warnings)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The description is incomplete. It mentions the change type but leaves the CONTRIBUTING.md acknowledgment blank (YES/NO) and lacks current/new behavior details.	Complete the description by confirming CONTRIBUTING.md was read, explaining the current behavior/issue, and detailing the new behavior with context on PR #37185.
Merge Conflict Detection	⚠️ Warning	⚠️ Unable to check for merge conflicts: Failed to fetch base branch: From https://github.com/supabase/supabase ! [rejected] master -> master (non-fast-forward) + 591d46e...4651480 master -> origin/master (forced update)

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately summarizes the main changes: adding a MinIO password generator and amending documentation with S3/MinIO variables.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch self-hosted/add-minio-passw

⚔️ Resolve merge conflicts (beta)

• Auto-commit resolved conflicts to branch self-hosted/add-minio-passw
• Create stacked PR with resolved conflicts
• Post resolved changes as copyable diffs in a comment

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🤖 Fix all issues with AI agents

In `@apps/docs/content/guides/self-hosting/docker.mdx`:
- Line 187: Add the same spell-check lint-disable/enable comments used elsewhere
in this file around the MinIO environment variable line: insert the file's
existing lint-disable comment immediately before the line containing
`MINIO_ROOT_PASSWORD` and place the corresponding lint-enable comment right
after that line (matching the pattern used around other MinIO mentions in this
file) so the pipeline no longer flags "MinIO".
- Line 186: Typo in the docs: replace the misspelled command `opensssl rand -hex
32` with the correct `openssl rand -hex 32` in the description for
S3_PROTOCOL_ACCESS_KEY_SECRET so users can successfully generate the secret;
update the text near the S3_PROTOCOL_ACCESS_KEY_SECRET environment variable
entry and ensure the inline code block uses the corrected `openssl` command.

[github-actions]

Braintrust eval report

Assistant (master-1771251231)

Score	Average	Improvements	Regressions
Completeness	100% (+8pp)	3 🟢	-
Conciseness	0% (-3pp)	-	2 🔴
Goal Completion	97.2% (+4pp)	3 🟢	-
SQL Identifier Quoting	100% (+0pp)	-	-
SQL Validity	100% (+0pp)	-	-
Tool Usage	100% (+3pp)	1 🟢	-
Correctness	95.8% (-4pp)	-	1 🔴
Docs Faithfulness	63.9% (+6pp)	2 🟢	2 🔴
URL Validity	100% (+0pp)	-	-
Time_to_first_token	0.2tok (-0.05tok)	11 🟢	1 🔴
Llm_calls	8.14 (-0.31)	1 🟢	5 🔴
Tool_calls	2.89 (-0.28)	2 🟢	6 🔴
Errors	0 (+0)	-	-
Llm_errors	0 (+0)	-	-
Tool_errors	0 (+0)	-	-
Prompt_tokens	97225.94tok (-11682.33tok)	9 🟢	3 🔴
Prompt_cached_tokens	47040tok (-8967.11tok)	4 🟢	6 🔴
Prompt_cache_creation_tokens	0tok (+0tok)	-	-
Completion_tokens	5619.33tok (+152.67tok)	7 🟢	5 🔴
Completion_reasoning_tokens	4131.56tok (+42.67tok)	7 🟢	5 🔴
Completion_accepted_prediction_tokens	0tok (+0tok)	-	-
Completion_rejected_prediction_tokens	0tok (+0tok)	-	-
Completion_audio_tokens	0tok (+0tok)	-	-
Total_tokens	102845.28tok (-11529.67tok)	9 🟢	3 🔴
Estimated_cost	0.02$ (0$)	11 🟢	1 🔴
Duration	29.56s (-0.82s)	8 🟢	4 🔴
Llm_duration	57.55s (-1.65s)	8 🟢	4 🔴