Build and Push Docker Image / build (push) Successful in 1m48sDetails
The Supabase postgres image sets these passwords based on POSTGRES_PASSWORD.
Hardcoding 'postgres' caused the image's migrate.sh to fail.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Build and Push Docker Image / build (push) Successful in 1m46sDetails
- storage.objects and storage.buckets are created by storage-api service
- Wrapped all storage bucket inserts and policy operations in DO blocks
- Check if table exists before running storage operations
- Prevents errors during initial database setup
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Build and Push Docker Image / build (push) Successful in 1m45sDetails
These functions are normally created by GoTrue but our init.sql
runs first. Needed for RLS policies that use auth.uid().
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Build and Push Docker Image / build (push) Successful in 1m46sDetails
Added GRANT ALL for service_role on:
- membership_statuses, membership_types, members tables
- All tables and sequences in public schema
- Default privileges for future tables
Fixes 'permission denied' errors during admin setup.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Build and Push Docker Image / build (push) Successful in 1m55sDetails
The auth.users table is created by GoTrue, not the database init.
FK constraints to auth.users fail because init.sql runs before auth starts.
Removed FK from members and audit_logs tables.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Build and Push Docker Image / build (push) Successful in 1m47sDetails
- PostgREST and postgres-meta images don't have /bin/sh
- Removed CMD-SHELL healthchecks that were causing unhealthy status
- Changed dependent services from service_healthy to service_started
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Build and Push Docker Image / build (push) Successful in 1m59sDetails
- Changed from single DOMAIN variable to PORTAL_DOMAIN and API_DOMAIN
- Matches nginx config: portal.monacousa.org, api.monacousa.org, studio.monacousa.org
- Updated docker-compose.yml to use correct domain variables with defaults
- Updated setup.sh to validate both domain variables
- Updated .env.example with separate domain configuration
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Build and Push Docker Image / build (push) Successful in 1m53sDetails
- Use openssl rand -hex for secrets (no special chars)
- Use awk instead of sed for .env updates (handles any chars)
- Use awk for kong.yml generation (handles JWT tokens)
- Suppress source errors for malformed .env
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Build and Push Docker Image / build (push) Successful in 1m52sDetails
- Remove Traefik service and related labels
- Expose ports to localhost only (3000, 8000, 3001)
- Update README with nginx proxy configuration examples
- Remove ACME_EMAIL and Traefik auth from .env.example
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Build and Push Docker Image / build (push) Successful in 1m46sDetails
- docker-compose.yml: Standalone compose with Traefik, Supabase, portal
- init.sql: Combined database schema + all 16 migrations
- kong.yml.template: Kong config with API key placeholders
- setup.sh: Auto-generates secrets (JWT, passwords, API keys)
- .env.example: Comprehensive environment template
- README.md: Complete deployment guide
No source code cloning required - just copy files and run setup.sh
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Matt