Skip to content

(WIP) feat: deploy gotrue using system manager #1787

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
wants to merge 2 commits into
base: feat/postgres-module
Choose a base branch
from
Draft

(WIP) feat: deploy gotrue using system manager #1787

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
2ee7c42
ci: make sure we cache system manager and its test dependencies
jfroche Aug 12, 2025
e0f85ce
(WIP) feat: deploy gotrue using system manager
yvan-sraka Sep 15, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 0 additions & 12 deletions ansible/files/gotrue-optimizations.service.j2
View file
Open in desktop

This file was deleted.

27 changes: 0 additions & 27 deletions ansible/files/gotrue.service.j2
View file
Open in desktop

This file was deleted.

17 changes: 5 additions & 12 deletions ansible/playbook.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
dest: "00-schema.sql",
}
- { source: "stat_extension.sql", dest: "01-extension.sql" }

environment:
PATH: /usr/lib/postgresql/bin:{{ ansible_env.PATH }}

Expand All @@ -40,13 +40,6 @@
import_tasks: tasks/setup-wal-g.yml
when: debpkg_mode or nixpkg_mode or stage2_nix

- name: Install Gotrue
import_tasks: tasks/setup-gotrue.yml
tags:
- install-gotrue
- install-supabase-internal
when: debpkg_mode or nixpkg_mode

- name: Install PostgREST
import_tasks: tasks/setup-postgrest.yml
tags:
Expand Down Expand Up @@ -96,7 +89,7 @@
src: files/apt_periodic
dest: /etc/apt/apt.conf.d/10periodic
when: debpkg_mode or nixpkg_mode

- name: Transfer init SQL files
copy:
src: files/{{ item.source }}
Expand Down Expand Up @@ -131,13 +124,13 @@
tags:
- install-supabase-internal
when: debpkg_mode or stage2_nix

- name: Finalize AMI
import_tasks: tasks/finalize-ami.yml
tags:
- install-supabase-internal
when: debpkg_mode or nixpkg_mode

- name: Enhance fail2ban
import_tasks: tasks/setup-fail2ban.yml
when: debpkg_mode or nixpkg_mode
Expand Down Expand Up @@ -218,7 +211,7 @@
systemctl stop postgresql.service
when: stage2_nix

- name: Remove osquery
- name: Remove osquery
become: yes
shell: |
sudo -u ubuntu bash -c ". /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh && nix profile remove osquery"
Expand Down
66 changes: 0 additions & 66 deletions ansible/tasks/setup-gotrue.yml
View file
Open in desktop

This file was deleted.

3 changes: 0 additions & 3 deletions ansible/vars.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,9 +24,6 @@ postgrest_release: "13.0.5"
postgrest_arm_release_checksum: sha256:7b4eafdaf76bc43b57f603109d460a838f89f949adccd02f452ca339f9a0a0d4
postgrest_x86_release_checksum: sha256:05be2bd48abee6c1691fc7c5d005023466c6989e41a4fc7d1302b8212adb88b5

gotrue_release: 2.179.0
gotrue_release_checksum: sha1:e985fce00b2720b747e6a04420910015c4967121

aws_cli_release: "2.23.11"

salt_minion_version: 3007
Expand Down
59 changes: 59 additions & 0 deletions flake.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

9 changes: 8 additions & 1 deletion flake.nix
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,8 +33,15 @@
inputs.nixpkgs.follows = "nixpkgs";
};
system-manager = {
# FIXME: remove custom branch when this PR is merged:
# https://github.com/numtide/system-manager/pull/266
url = "github:numtide/system-manager/users";
#url = "git+file:///home/jfroche/projects/numtide/system-manager/fix/return-tmpfile-error";
inputs.nixpkgs.follows = "nixpkgs";
};
gotrue = {
# FIXME: remove custom fork when this PR is merged:
# https://github.com/supabase/auth/pull/2166
url = "github:yvan-sraka/auth";
inputs.nixpkgs.follows = "nixpkgs";
};
};
Expand Down
5 changes: 4 additions & 1 deletion nix/checks.nix
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -315,6 +315,9 @@
inherit self;
inherit pkgs;
})
);
)
// pkgs.lib.optionalAttrs (pkgs.stdenv.hostPlatform.isLinux) {
inherit (self'.packages) ansible-test run-testinfra docker-image-ubuntu;
};
};
}
9 changes: 8 additions & 1 deletion nix/systemConfigs.nix
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,12 +1,19 @@
{ self, inputs, ... }:
{
self,
inputs,
...
}:
let
mkModules = system: [
self.systemModules.gotrue
self.systemModules.postgres
inputs.gotrue.nixosModules.auth
(
{ pkgs, ... }:
{
services.nginx.enable = true;
nixpkgs.hostPlatform = system;
supabase.services.gotrue.enable = true;
supabase.services.postgres = {
enable = true;
package = self.packages.${system}."psql_17/bin";
Expand Down
1 change: 1 addition & 0 deletions nix/systemModules/default.nix
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@
flake = {
systemModules = {
postgres = ./postgres;
gotrue = ./gotrue.nix;
};
};
}
6 changes: 6 additions & 0 deletions nix/systemModules/dummy-firewall.nix
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
{ lib, ... }:
{
options.networking.firewall = lib.mkOption {
type = lib.types.attrs;
};
}
Loading
Loading