{"id":28549151,"url":"https://github.com/jimpresting/supabase-oracle-cloud-docker","last_synced_at":"2026-04-12T10:40:33.202Z","repository":{"id":295834161,"uuid":"991400643","full_name":"JimPresting/supabase-oracle-cloud-docker","owner":"JimPresting","description":"Complete guide to self-host Supabase on Oracle Cloud free tier with Docker, Nginx, SSL, and automatic updates. Includes auto-start after reboots and optimized backup system.","archived":false,"fork":false,"pushed_at":"2025-06-20T14:09:28.000Z","size":15,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-06-20T15:26:20.302Z","etag":null,"topics":["ai","artificial-intelligence","database","docker","docker-compose","free-tier","nginx","open-source","oracle","oracle-cloud","self-host","self-hosted","ssl","supabase","ubuntu","vector","vector-database","vector-database-self-hosting"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/JimPresting.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-05-27T15:07:44.000Z","updated_at":"2025-06-20T14:09:31.000Z","dependencies_parsed_at":"2025-05-27T16:36:06.443Z","dependency_job_id":null,"html_url":"https://github.com/JimPresting/supabase-oracle-cloud-docker","commit_stats":null,"previous_names":["jimpresting/supabase-oracle-cloud-docker"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/JimPresting/supabase-oracle-cloud-docker","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JimPresting%2Fsupabase-oracle-cloud-docker","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JimPresting%2Fsupabase-oracle-cloud-docker/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JimPresting%2Fsupabase-oracle-cloud-docker/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JimPresting%2Fsupabase-oracle-cloud-docker/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/JimPresting","download_url":"https://codeload.github.com/JimPresting/supabase-oracle-cloud-docker/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JimPresting%2Fsupabase-oracle-cloud-docker/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":263733282,"owners_count":23503134,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ai","artificial-intelligence","database","docker","docker-compose","free-tier","nginx","open-source","oracle","oracle-cloud","self-host","self-hosted","ssl","supabase","ubuntu","vector","vector-database","vector-database-self-hosting"],"created_at":"2025-06-10T02:00:46.185Z","updated_at":"2025-12-30T22:40:10.955Z","avatar_url":"https://github.com/JimPresting.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# Self-Hosting Supabase on Oracle Cloud with Docker\n\nA complete guide to set up your own Supabase instance on Oracle Cloud using Docker, Nginx, SSL certificates, and automatic updates.\n\n## šŸ“‹ Prerequisites\n\n- Oracle Cloud account (free tier works)\n- Domain name with DNS management access\n- SSH access to your Oracle Cloud VM\n- Basic command line knowledge\n\n## šŸš€ Step 1: Oracle Cloud VM Setup\n\n### 1.1 Create VM Instance\n1. Login to Oracle Cloud Console\n2. Create a new VM instance:\n - **Shape**: VM.Standard.E2.1.Micro (Always Free)\n - **Image**: Ubuntu 22.04 LTS\n - **SSH Keys**: Generate and download your key pair\n - **Networking**: Allow HTTP (80) and HTTPS (443) traffic\n\n### 1.2 Reserve Static IP\n1. Go to **Networking ā†’ Virtual Cloud Networks ā†’ Public IPs**\n2. Click on your VM's external IP ā†’ **Reserve Static IP**\n3. Note down your static IP address (e.g., `123.456.78.90`)\n\n### 1.3 Configure Security Rules\n1. **Networking ā†’ Virtual Cloud Networks ā†’ Security Lists**\n2. Add ingress rules:\n - **Port 80** (HTTP): Source `0.0.0.0/0`\n - **Port 443** (HTTPS): Source `0.0.0.0/0`\n\n## šŸŒ Step 2: DNS Configuration\n\nSet up your subdomain to point to your Oracle Cloud VM:\n\n| Record Type | Host | Value | TTL |\n|-------------|------|--------|-----|\n| A | `sb` | `123.456.78.90` | 14400 |\n\n**Example**: If your domain is `example.com`, create `sb.example.com` pointing to your VM's IP.\n\n## šŸ–„ļø Step 3: Server Setup\n\n### 3.1 Connect to Your VM\n```bash\nssh -i ~/path/to/your-ssh-key.key ubuntu@123.456.78.90\n```\n\n### 3.2 Update System \u0026 Install Dependencies\n```bash\nsudo apt update\nsudo apt install nginx git -y\n```\n\n### 3.3 Install Docker\n```bash\nsudo apt install docker.io -y\nsudo systemctl start docker\nsudo systemctl enable docker\n```\n\n### 3.4 Install Docker Compose\n```bash\nsudo curl -L \"https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)\" -o /usr/local/bin/docker-compose\nsudo chmod +x /usr/local/bin/docker-compose\ndocker-compose --version\n```\n\n### 3.5 Install Certbot\n```bash\nsudo snap install core; sudo snap refresh core\nsudo snap install --classic certbot\n```\n\n## šŸ“¦ Step 4: Supabase Installation\n\n### 4.1 Clone Supabase Repository\n```bash\ngit clone --depth 1 https://github.com/supabase/supabase.git\ncd supabase/docker\ncp .env.example .env\n```\n\n### 4.2 Configure Environment Variables\n\nEdit the `.env` file:\n```bash\nnano .env\n```\n\n**Required Changes:**\n\n```env\n# Database Password (25+ characters, all characters allowed)\nPOSTGRES_PASSWORD=SecureDatabasePassword123!@#\n\n# JWT Secret (32+ characters, letters and numbers only)\nJWT_SECRET=MyJWTSecretKey1234567890ABCDEFGHIJ\n\n# External URLs (replace with your domain)\nAPI_EXTERNAL_URL=https://sb.example.com\nSUPABASE_PUBLIC_URL=https://sb.example.com\n\n# Dashboard Credentials\nDASHBOARD_USERNAME=admin\nDASHBOARD_PASSWORD=SecureAdminPassword123\n\n# Security Keys\nSECRET_KEY_BASE=SecretKey64CharactersLong123456789012345678901234567890!@#$\nVAULT_ENC_KEY=VaultEncryptionKey32CharsLong123456\n\n# File Upload Limit (0 = no limit, value in bytes)\nFILE_SIZE_LIMIT=0\n\n# Keep existing ANON_KEY and SERVICE_ROLE_KEY as they are\n```\n\n**Password Requirements:**\n- **POSTGRES_PASSWORD**: Minimum 25 characters, any characters allowed\n- **JWT_SECRET**: Minimum 32 characters, **letters and numbers only**\n- **SECRET_KEY_BASE**: Minimum 64 characters, any characters allowed \n- **VAULT_ENC_KEY**: Minimum 32 characters, letters and numbers only\n\n### 4.3 Fix Docker Compose Port Mapping\n\nEdit `docker-compose.yml` to expose Studio port:\n```bash\nnano docker-compose.yml\n```\n\nFind the `studio:` section (around line 12) and add ports:\n\n```yaml\n studio:\n container_name: supabase-studio\n image: supabase/studio:2025.05.19-sha-3487831\n restart: unless-stopped\n ports:\n - \"3000:3000\" # ADD THIS LINE\n healthcheck:\n test:\n [\n \"CMD\",\n \"node\",\n \"-e\",\n \"fetch('http://studio:3000/api/platform/profile').then((r) =\u003e {if (r.status !== 200) throw new Error(r.status)})\"\n ]\n```\n\n**āš ļø Important: Add the ports: section exactly between restart: unless-stopped and healthcheck:.**\nWhy this port mapping is required: By default, Docker containers only expose ports internally within the Docker network. Supabase Studio runs on port 3000 inside the container, but without the \"3000:3000\" mapping, this port is only accessible to other containers. Nginx needs to access Studio on localhost:3000 to proxy web requests. Without this mapping, Nginx cannot reach the Studio interface, resulting in a non-functional web dashboard.\n\n### 4.4 Start Supabase\n```bash\nsudo docker-compose up -d\n```\n\n**This will take 10-15 minutes on the first run.**\n\n### 4.5 Verify Installation\n```bash\nsudo docker ps\n```\n\nAll containers should show \"Up\" status. Some may show \"Restarting\" or \"Unhealthy\" - this is normal for optional services like pooler and realtime.\n\n## šŸ”’ Step 5: SSL Certificate Setup\n\n### 5.1 Get SSL Certificate\n```bash\nsudo certbot certonly --nginx -d sb.example.com\n```\n\nFollow the prompts:\n- Enter your email address\n- Accept terms of service\n- Choose whether to share email with EFF\n\n**Certificate files will be stored at:**\n- Certificate: `/etc/letsencrypt/live/sb.example.com/fullchain.pem`\n- Private Key: `/etc/letsencrypt/live/sb.example.com/privkey.pem`\n\n## šŸŒ Step 6: Nginx Configuration\n\n### 6.1 Create Nginx Configuration\n```bash\nsudo nano /etc/nginx/sites-available/supabase.conf\n```\n\n**Add this configuration** (replace `sb.example.com` with your subdomain):\n\n```nginx\nserver {\n server_name sb.example.com;\n \n gzip on;\n\n # REST API\n location ~ ^/rest/v1/(.*)$ {\n proxy_set_header Host $host;\n proxy_set_header X-Real-IP $remote_addr;\n proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;\n proxy_set_header X-Forwarded-Proto $scheme;\n proxy_pass http://localhost:8000;\n proxy_redirect off;\n }\n\n # Authentication\n location ~ ^/auth/v1/(.*)$ {\n proxy_set_header Host $host;\n proxy_set_header X-Real-IP $remote_addr;\n proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;\n proxy_set_header X-Forwarded-Proto $scheme;\n proxy_pass http://localhost:8000;\n proxy_redirect off;\n }\n\n # Realtime\n location ~ ^/realtime/v1/(.*)$ {\n proxy_redirect off;\n proxy_pass http://localhost:8000;\n proxy_http_version 1.1;\n proxy_set_header Upgrade $http_upgrade;\n proxy_set_header Connection \"upgrade\";\n proxy_set_header Host $host;\n proxy_set_header X-Real-IP $remote_addr;\n proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;\n proxy_set_header X-Forwarded-Proto $scheme;\n }\n\n # Supabase Studio (Dashboard)\n location / {\n proxy_pass http://localhost:3000;\n proxy_http_version 1.1;\n proxy_set_header Upgrade $http_upgrade;\n proxy_set_header Connection \"upgrade\";\n proxy_set_header Host $host;\n proxy_set_header X-Real-IP $remote_addr;\n proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;\n proxy_set_header X-Forwarded-Proto $scheme;\n proxy_read_timeout 86400;\n }\n\n listen 443 ssl;\n ssl_certificate /etc/letsencrypt/live/sb.example.com/fullchain.pem;\n ssl_certificate_key /etc/letsencrypt/live/sb.example.com/privkey.pem;\n include /etc/letsencrypt/options-ssl-nginx.conf;\n ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;\n}\n\nserver {\n if ($host = sb.example.com) {\n return 301 https://$host$request_uri;\n }\n\n listen 80;\n server_name sb.example.com;\n return 404;\n}\n```\n\n### 6.2 Enable Configuration\n```bash\nsudo ln -s /etc/nginx/sites-available/supabase.conf /etc/nginx/sites-enabled/\nsudo nginx -t\nsudo systemctl reload nginx\n```\n\n## āœ… Step 7: Access Your Supabase Instance\n\nOpen your browser and navigate to: `https://sb.example.com`\n\nYou should see the Supabase Studio login page.\n\n**Login with:**\n- Username: `admin` (or whatever you set as DASHBOARD_USERNAME)\n- Password: Your DASHBOARD_PASSWORD\n\n## šŸ”„ Step 8: Automatic Updates \u0026 Auto-Start\n\n### 8.1 Create Auto-Update Script\n\nCreate an optimized update script that only backs up configurations:\n```bash\ncd ~\nnano update_supabase.sh\n```\n\n**Add this content:**\n```bash\n#!/bin/bash\n\nLOG_FILE=\"/var/log/supabase_update.log\"\nBACKUP_DATE=$(date +'%Y-%m-%d_%H-%M-%S')\n\necho \"=== Supabase Update Started: $(date) ===\" \u003e\u003e $LOG_FILE\n\n# Backup only important configs (NOT the database!)\necho \"Creating config backup...\" \u003e\u003e $LOG_FILE\nmkdir -p ~/supabase_config_backup_$BACKUP_DATE\ncp ~/supabase/docker/.env ~/supabase_config_backup_$BACKUP_DATE/\ncp ~/supabase/docker/docker-compose.yml ~/supabase_config_backup_$BACKUP_DATE/\ncp -r ~/supabase/docker/volumes/api ~/supabase_config_backup_$BACKUP_DATE/\n\n# Navigate to supabase directory\ncd ~/supabase/docker\n\n# Stop current services\necho \"Stopping Supabase services...\" \u003e\u003e $LOG_FILE\nsudo docker-compose down \u003e\u003e $LOG_FILE 2\u003e\u00261\n\n# Pull latest changes from repository\necho \"Pulling latest Supabase updates...\" \u003e\u003e $LOG_FILE\ngit pull origin master \u003e\u003e $LOG_FILE 2\u003e\u00261\n\n# Pull latest Docker images\necho \"Pulling latest Docker images...\" \u003e\u003e $LOG_FILE\nsudo docker-compose pull \u003e\u003e $LOG_FILE 2\u003e\u00261\n\n# Start services with updated images\necho \"Starting updated Supabase services...\" \u003e\u003e $LOG_FILE\nsudo docker-compose up -d \u003e\u003e $LOG_FILE 2\u003e\u00261\n\n# Wait for services to start\nsleep 60\n\n# Check if services are running\necho \"Checking service status...\" \u003e\u003e $LOG_FILE\nsudo docker ps \u003e\u003e $LOG_FILE 2\u003e\u00261\n\n# Clean up old Docker images to save space\necho \"Cleaning up old Docker images...\" \u003e\u003e $LOG_FILE\nsudo docker image prune -af \u003e\u003e $LOG_FILE 2\u003e\u00261\n\n# Remove old config backups (keep only last 2)\necho \"Cleaning up old config backups...\" \u003e\u003e $LOG_FILE\nfind ~/supabase_config_backup_* -maxdepth 0 -type d | sort | head -n -2 | xargs rm -rf\n\necho \"=== Supabase Update Completed: $(date) ===\" \u003e\u003e $LOG_FILE\necho \"\" \u003e\u003e $LOG_FILE\n```\n\n### 8.2 Make Script Executable \u0026 Setup Log\n```bash\nchmod +x ~/update_supabase.sh\nsudo touch /var/log/supabase_update.log\nsudo chmod 666 /var/log/supabase_update.log\n```\n\n### 8.3 Set Up Cronjobs\n\nOpen crontab:\n```bash\nsudo crontab -e\n```\n\nAdd these lines:\n```bash\n# Auto-start Supabase after VM reboot\n@reboot sleep 30 \u0026\u0026 cd /home/ubuntu/supabase/docker \u0026\u0026 /usr/local/bin/docker-compose up -d\n\n# Supabase auto-update every Sunday at 3 AM German time\n0 1 * * 0 /bin/bash /home/ubuntu/update_supabase.sh \u003e/dev/null 2\u003e\u00261\n```\n\n**Note**: `0 1 * * 0` = 1 AM UTC = 3 AM German time (CEST)\n\n### 8.4 Verify Cronjobs\n```bash\nsudo crontab -l\n```\n\n## šŸ”§ Port Overview\n\nYour Supabase instance uses these ports:\n\n- **Port 3000**: Supabase Studio (Dashboard)\n- **Port 8000**: Kong API Gateway (REST API, Auth, Realtime)\n- **Port 5432**: PostgreSQL Database (internal)\n- **Port 4000**: Analytics/Logflare (internal)\n\n## šŸ› ļø Managing Your Instance\n\n### Manual Commands\n```bash\n# Stop Supabase\ncd ~/supabase/docker\nsudo docker-compose down\n\n# Start Supabase\ncd ~/supabase/docker\nsudo docker-compose up -d\n\n# View Logs\ncd ~/supabase/docker\nsudo docker-compose logs -f\n\n# Manual Update\nsudo bash ~/update_supabase.sh\n```\n\n### Monitor Updates\n```bash\n# Check update logs\ntail -n 50 /var/log/supabase_update.log\n\n# List config backups\nls -la ~/supabase_config_backup_*\n\n# Check running containers\nsudo docker ps\n```\n\n## šŸ“Š Auto-Update Features\n\n- **Automatic updates** every Sunday at 3 AM German time\n- **Auto-start** after VM reboot (30 second delay)\n- **Config-only backups** (fast, space-efficient)\n- **Keeps only 2 latest backups** (prevents disk filling)\n- **Database data preserved** (never copied, always persists)\n- **Detailed logging** of all operations\n- **Automatic cleanup** of old Docker images\n\n## šŸ” Data Safety\n\n### What Gets Backed Up (Fast \u0026 Small)\n- āœ… `.env` file (passwords, keys, configuration)\n- āœ… `docker-compose.yml` (port mappings, service config)\n- āœ… `volumes/api/kong.yml` (API gateway configuration)\n\n### What Stays Safe (Never Copied)\n- šŸ’¾ **Database data**: `./volumes/db/data/` (persists on disk)\n- šŸ’¾ **File storage**: `./volumes/storage/` (your uploaded files)\n- šŸ’¾ **All user data**: Tables, users, API keys remain intact\n\n## šŸ› ļø Troubleshooting\n\n### 502 Bad Gateway\n1. Check if containers are running: `sudo docker ps`\n2. Verify ports are accessible: `sudo netstat -tlnp | grep :3000` and `sudo netstat -tlnp | grep :8000`\n3. Check Nginx logs: `sudo tail -f /var/log/nginx/error.log`\n\n### Container Restart Issues\nSome containers (pooler, realtime) may show \"Restarting\" or \"Unhealthy\" status. This is normal and doesn't affect core functionality.\n\n### SSL Certificate Renewal\nCertificates auto-renew. To manually renew:\n```bash\nsudo certbot renew\nsudo systemctl reload nginx\n```\n\n### Restore from Config Backup (if needed)\n```bash\ncd ~/supabase/docker\nsudo docker-compose down\ncp ~/supabase_config_backup_YYYY-MM-DD_HH-MM-SS/.env .\ncp ~/supabase_config_backup_YYYY-MM-DD_HH-MM-SS/docker-compose.yml .\ncp -r ~/supabase_config_backup_YYYY-MM-DD_HH-MM-SS/api ./volumes/\nsudo docker-compose up -d\n```\n\n## šŸ” Security Considerations\n\n1. **Change default passwords** in `.env` file\n2. **Use strong, unique passwords** for all services\n3. **Regularly monitor update logs**\n4. **Keep your domain DNS secure**\n5. **Monitor Oracle Cloud billing** (shouldn't exceed free tier)\n\n## šŸ“š API Usage\n\nOnce installed, your Supabase API will be available at:\n\n- **REST API**: `https://sb.example.com/rest/v1/`\n- **Auth API**: `https://sb.example.com/auth/v1/`\n- **Realtime**: `https://sb.example.com/realtime/v1/`\n\nUse your `ANON_KEY` and `SERVICE_ROLE_KEY` from the `.env` file for API authentication.\n\n---\n\n## šŸ”— Integrating with n8n (Self-Hosted)\n\nIf you're running a self-hosted n8n instance and want to connect it to your self-hosted Supabase, you'll need additional configuration due to authentication header conflicts between n8n and Kong (Supabase's API gateway).\n\n### Prerequisites for n8n Integration\n\n1. **Additional Firewall Ports**: Add these to your Oracle Cloud Security Rules:\n - **Port 8000** (Supabase Kong API Gateway): Source `0.0.0.0/0`\n - **Port 5432** (PostgreSQL - optional for direct DB access): Source `0.0.0.0/0`\n\n### Fix Kong Authorization Header Conflict\n\nThe n8n Supabase node sends both `apikey` and `Authorization` headers simultaneously. Kong prioritizes the `Authorization` header and ignores the `apikey` header, causing \"Unauthorized\" errors.\n\n**Solution**: Configure Kong to remove the `Authorization` header before processing the request.\n\n1. **Edit Kong configuration**:\n```bash\nnano ~/supabase/docker/volumes/api/kong.yml\n```\n\n2. **Find the `rest-v1` service** (around line 93) and add the `request-transformer` plugin:\n\n```yaml\n ## Secure REST routes\n - name: rest-v1\n _comment: 'PostgREST: /rest/v1/* -\u003e http://rest:3000/*'\n url: http://rest:3000/\n routes:\n - name: rest-v1-all\n strip_path: true\n paths:\n - /rest/v1/\n plugins:\n - name: cors\n - name: key-auth\n config:\n hide_credentials: true\n - name: request-transformer # ADD THIS PLUGIN\n config:\n remove:\n headers:\n - Authorization # REMOVE Authorization HEADER\n - name: acl\n config:\n hide_groups_header: true\n allow:\n - admin\n - anon\n```\n\n3. **Ensure the `request-transformer` plugin is enabled** in `docker-compose.yml`:\n```yaml\nKONG_PLUGINS: request-transformer,cors,key-auth,acl,basic-auth\n```\n\n4. **Restart Kong**:\n```bash\nsudo docker-compose restart kong\n```\n\n### Configure n8n Supabase Credentials\n\n1. In n8n, create new Supabase credentials with:\n - **Host**: `sb.example.com` (without https:// prefix or /rest/v1/ suffix)\n - **Service Role Secret**: Your `SERVICE_ROLE_KEY` from the `.env` file\n\n2. Test the connection - it should now show \"Connection tested successfully\".\n\n### Understanding the Fix\n\n- **n8n Behavior**: The n8n Supabase node automatically sends both authentication headers\n- **Kong Priority**: Kong processes the `Authorization` header first and ignores the `apikey`\n- **Header Removal**: The `request-transformer` plugin removes the problematic `Authorization` header\n- **Result**: Kong only sees the `apikey` header and authentication succeeds\n\n### API Keys and Security\n\nYour self-hosted Supabase instance provides two types of API keys:\n\n- **Client API Key (anon)**: For frontend applications with limited permissions controlled by Row Level Security (RLS)\n- **Service Role Key**: For backend services like n8n with full administrative access\n\nBoth keys are private to your installation and not publicly accessible. They are generated based on your `JWT_SECRET` in the `.env` file.\n\n### Row Level Security (RLS)\n\nBy default, Supabase tables created through the Table Editor have RLS enabled. This means:\n- The `anon` key can only access data according to your RLS policies\n- The `service_role` key bypasses RLS and has full access (used by n8n)\n\nTo create policies for controlled access with the `anon` key, use the SQL Editor in Supabase Studio.\n\n### Alternative: Direct PostgreSQL Connection\n\nIf you prefer direct database access instead of using the Supabase API, you can connect n8n directly to PostgreSQL:\n\n- **Host**: `sb.example.com`\n- **Port**: `5432`\n- **Database**: `postgres`\n- **User**: `postgres`\n- **Password**: Your `POSTGRES_PASSWORD` from the `.env` file\n- **SSL**: Enable if connecting from external networks\n\nThis bypasses all Supabase API features but provides direct database access for simple CRUD operations.\n\n---\n\n## šŸŽ‰ Success!\n\nYou now have a fully automated, self-hosted Supabase instance that:\n\n- āœ… **Runs 24/7** on Oracle Cloud free tier\n- āœ… **Auto-updates** every Sunday at 3 AM German time\n- āœ… **Auto-starts** after VM reboots\n- āœ… **Keeps your data safe** during updates\n- āœ… **Manages disk space** automatically\n- āœ… **Uses SSL encryption** with automatic renewal\n- āœ… **Accessible via custom domain**\n- āœ… **Integrates with n8n** for workflow automation\n\nšŸ”Œ Connection Methods Summary\nYour self-hosted Supabase supports two integration approaches:\nMethod 1: Supabase API (Recommended)\n\nRequirements: Host (sb.example.com) + SERVICE_ROLE_KEY\nSecurity: Very secure - keys are private, not publicly accessible\nAccess: Only you (keys generated from your JWT_SECRET)\nFeatures: Full Supabase functionality, Row Level Security, real-time subscriptions\n\nMethod 2: Direct PostgreSQL\n\nRequirements: Host + Port 5432 + postgres user + POSTGRES_PASSWORD\nSecurity: Less secure - bypasses all Supabase security features\nAccess: Anyone with IP + port + credentials\nFeatures: Basic CRUD operations only\n\nRecommendation: Use Supabase API method and close port 5432 in firewall for maximum security.\n\n---\n\n**Need help?** Check the [official Supabase documentation](https://supabase.com/docs) or [Docker self-hosting guide](https://supabase.com/docs/guides/self-hosting/docker).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjimpresting%2Fsupabase-oracle-cloud-docker","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjimpresting%2Fsupabase-oracle-cloud-docker","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjimpresting%2Fsupabase-oracle-cloud-docker/lists"}