pokemon/nuzlocke-tracker
1
1
Fork 0
Code Issues Pull Requests 10 Actions Packages Projects Releases Wiki Activity

feat: add Supabase auth config to production Docker setup #69

Merged
TheFurya merged 2 commits from feature/add-supabase-auth-config-to-production-docker-setup into develop 2026-03-21 12:19:33 +01:00
Conversation 0 Commits 2 Files Changed 3 +22
TheFurya commented 2026-03-21 12:08:10 +01:00
Owner
Copy Link

Summary

  • Pass SUPABASE_JWT_SECRET to backend in docker-compose.prod.yml so it can verify JWTs from Supabase Cloud
  • Add ARG lines to Dockerfile.prod for VITE_API_URL, VITE_SUPABASE_URL, VITE_SUPABASE_ANON_KEY so Vite inlines them at build time
  • Pass build args from Gitea secrets in the deploy workflow
  • Add build section to frontend service in docker-compose.prod.yml for local prod builds

No GoTrue container needed in prod — Supabase Cloud hosts the auth service.

Setup required

Add these secrets to the Gitea repo (Settings → Secrets):

  • SUPABASE_JWT_SECRET — from Supabase dashboard → Settings → API → JWT Secret
  • VITE_API_URL — production API URL (e.g. https://api.nuzlocke.nerdboden.de)
  • VITE_SUPABASE_URL — Supabase project URL (e.g. https://xyz.supabase.co)
  • VITE_SUPABASE_ANON_KEY — Supabase anon/public key

Add to production .env on the deploy target:

  • SUPABASE_JWT_SECRET=<jwt-secret>

Configure in Supabase dashboard → Authentication → URL Configuration:

  • Site URL: production frontend URL
  • Redirect URLs: <frontend-url>/auth/callback

🤖 Generated with Claude Code

## Summary - Pass `SUPABASE_JWT_SECRET` to backend in `docker-compose.prod.yml` so it can verify JWTs from Supabase Cloud - Add `ARG` lines to `Dockerfile.prod` for `VITE_API_URL`, `VITE_SUPABASE_URL`, `VITE_SUPABASE_ANON_KEY` so Vite inlines them at build time - Pass build args from Gitea secrets in the deploy workflow - Add `build` section to frontend service in `docker-compose.prod.yml` for local prod builds No GoTrue container needed in prod — Supabase Cloud hosts the auth service. ## Setup required Add these secrets to the Gitea repo (Settings → Secrets): - `SUPABASE_JWT_SECRET` — from Supabase dashboard → Settings → API → JWT Secret - `VITE_API_URL` — production API URL (e.g. `https://api.nuzlocke.nerdboden.de`) - `VITE_SUPABASE_URL` — Supabase project URL (e.g. `https://xyz.supabase.co`) - `VITE_SUPABASE_ANON_KEY` — Supabase anon/public key Add to production `.env` on the deploy target: - `SUPABASE_JWT_SECRET=<jwt-secret>` Configure in Supabase dashboard → Authentication → URL Configuration: - Site URL: production frontend URL - Redirect URLs: `<frontend-url>/auth/callback` 🤖 Generated with [Claude Code](https://claude.com/claude-code)
TheFurya added 1 commit 2026-03-21 12:08:11 +01:00
feat: add Supabase auth config to production Docker setup
All checks were successful
CI / backend-tests (pull_request) Successful in 26s
Details
CI / frontend-tests (pull_request) Successful in 29s
Details
7cd3372c7e 
- Pass SUPABASE_JWT_SECRET to backend in docker-compose.prod.yml
- Add build args (VITE_API_URL, VITE_SUPABASE_URL, VITE_SUPABASE_ANON_KEY)
  to Dockerfile.prod so Vite inlines them at build time
- Pass build args from secrets in deploy workflow
- Add build section to frontend service in docker-compose.prod.yml

No GoTrue container needed in prod — Supabase Cloud hosts the auth
service. The backend only needs the JWT secret to verify tokens.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
TheFurya added 1 commit 2026-03-21 12:18:07 +01:00
feat: write production .env from Gitea secrets during deploy
All checks were successful
CI / backend-tests (pull_request) Successful in 26s
Details
CI / frontend-tests (pull_request) Successful in 28s
Details
7b0cd16064 
Instead of relying on a pre-existing .env file on the server, the
deploy workflow now writes POSTGRES_PASSWORD and SUPABASE_JWT_SECRET
from Gitea secrets. This keeps all secret management in one place.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
TheFurya merged commit 7276f05dd2 into develop 2026-03-21 12:19:33 +01:00
TheFurya deleted branch feature/add-supabase-auth-config-to-production-docker-setup 2026-03-21 12:19:33 +01:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
TheFurya renovate
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: pokemon/nuzlocke-tracker#69
Delete Branch "feature/add-supabase-auth-config-to-production-docker-setup"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?