Build and Push Docker Image / build (push) Successful in 2m49sDetails
Move GRANT statements for document_folders and user_notification_preferences
to after their respective CREATE TABLE statements. The grants were failing
because they referenced tables that hadn't been created yet.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Build and Push Docker Image / build (push) Successful in 1m55sDetails
- Fix admin settings 502 error by adding INSERT/UPDATE/DELETE grants
- Fix Button component to render <a> when href prop is provided
- Add welcome email for admin created during initial setup
- Add in-app notifications system with NotificationCenter component
- Add notifications table with RLS policies and welcome trigger
- Add API endpoints for fetching and marking notifications as read
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Build and Push Docker Image / build (push) Successful in 1m52sDetails
init.sql changes:
- Add INSERT grant for members table (for /join signup)
- Add INSERT grant for dues_payments (for board recording payments)
- Add full CRUD grants for events, documents, document_folders
- Add UPDATE grant for email_templates (admin management)
- Add anon role grants for public event viewing and RSVP creation
README changes:
- Add "Important Notes" section explaining dynamic env vars
- Add first-time setup and database initialization docs
- Add troubleshooting for 403 errors with grant fix commands
- Add troubleshooting for "account not configured" errors
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Build and Push Docker Image / build (push) Successful in 1m54sDetails
RLS policies define WHAT rows can be accessed, but GRANT statements
control WHETHER a table can be accessed at all. This was causing 403
errors when authenticated users tried to access tables.
Added grants for:
- Core tables: members, membership_statuses, membership_types
- Dues: dues_payments (SELECT)
- Events: events, event_types, event_rsvps (full CRUD), event_rsvps_public
- Documents: documents, document_categories, document_folders
- Settings: app_settings (SELECT for public settings)
- Email: email_logs (SELECT for own logs)
- Preferences: user_notification_preferences (SELECT, INSERT, UPDATE)
- Views: members_with_dues, events_with_counts
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Build and Push Docker Image / build (push) Successful in 1m53sDetails
These fields can be filled in later by the user. The admin setup page
only collects essential fields (name, email, password).
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Build and Push Docker Image / build (push) Successful in 1m51sDetails
The Supabase postgres image's internal migrate.sh requires supabase_admin
to have a password matching POSTGRES_PASSWORD. Added zz-set-passwords.sh
to run after init.sql and set passwords dynamically using the environment
variable.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Build and Push Docker Image / build (push) Successful in 1m48sDetails
The Supabase postgres image sets these passwords based on POSTGRES_PASSWORD.
Hardcoding 'postgres' caused the image's migrate.sh to fail.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Build and Push Docker Image / build (push) Successful in 1m46sDetails
- storage.objects and storage.buckets are created by storage-api service
- Wrapped all storage bucket inserts and policy operations in DO blocks
- Check if table exists before running storage operations
- Prevents errors during initial database setup
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Build and Push Docker Image / build (push) Successful in 1m45sDetails
These functions are normally created by GoTrue but our init.sql
runs first. Needed for RLS policies that use auth.uid().
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Build and Push Docker Image / build (push) Successful in 1m46sDetails
Added GRANT ALL for service_role on:
- membership_statuses, membership_types, members tables
- All tables and sequences in public schema
- Default privileges for future tables
Fixes 'permission denied' errors during admin setup.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Build and Push Docker Image / build (push) Successful in 1m55sDetails
The auth.users table is created by GoTrue, not the database init.
FK constraints to auth.users fail because init.sql runs before auth starts.
Removed FK from members and audit_logs tables.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Build and Push Docker Image / build (push) Successful in 1m46sDetails
- docker-compose.yml: Standalone compose with Traefik, Supabase, portal
- init.sql: Combined database schema + all 16 migrations
- kong.yml.template: Kong config with API key placeholders
- setup.sh: Auto-generates secrets (JWT, passwords, API keys)
- .env.example: Comprehensive environment template
- README.md: Complete deployment guide
No source code cloning required - just copy files and run setup.sh
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Matt