What You'll Deploy

• PostgreSQL database with real-time capabilities
• PostgREST API server for automatic REST endpoints
• GoTrue authentication server
• Database: PostgreSQL with extensions
• API: PostgREST for automatic API generation
• Auth: GoTrue for user management
• Storage: S3-compatible file storage
Prerequisites

Before starting, ensure you have the following:

A Linux server (Ubuntu 20.04+ recommended) Docker and Docker Compose installed Git installed Domain name pointing to your server (for SSL) Basic command line knowledge SMTP credentials for email (optional)
⚠️
Important Security Note
Self-hosting requires proper security configuration. Ensure your server is properly secured with firewalls, regular updates, and strong authentication.
System Requirements
Minimum Requirements
Component Minimum Recommended Notes CPU 2 cores More cores for concurrent users RAM 4 GB 8+ GB Database caching benefits from more RAM Storage 20 GB 100+ GB SSD Depends on data and file storage needs Network 100 Mbps 1 Gbps For file uploads and downloads
Check Docker Installation Copy

# Check Docker version (should be 20.10+)
docker --version


# Verify Docker is running
docker ps

Installation

Step 1

Clone Supabase Repository

Get the official Supabase self-hosting setup:

Terminal Copy

# Create directory for Supabase
mkdir ~/supabase-selfhosted
cd ~/supabase-selfhosted

# Clone the repository
git clone --depth 1 https://github.com/supabase/supabase.git
cd supabase/docker

# Copy example environment file
cp .env.example .env

Step 2

Install Docker (if not already installed)

Install Docker and Docker Compose on Ubuntu:

Ubuntu Docker Installation Copy

# Update package index
sudo apt update

# Install required packages
sudo apt install apt-transport-https ca-certificates curl gnupg lsb-release

# Add Docker's official GPG key
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg

# Add Docker repository
echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

# Install Docker
sudo apt update
sudo apt install docker-ce docker-ce-cli containerd.io docker-compose-plugin

# Add user to docker group
sudo usermod -aG docker $USER

# Log out and back in for group changes to take effect

Step 3

Generate Secrets

Generate secure secrets for your installation:

Generate Secrets Copy

# Generate JWT secret (save this!)
openssl rand -base64 32

# Generate anonymous key (save this!)
openssl rand -base64 32

# Generate service role key (save this!)
openssl rand -base64 32

# Generate PostgreSQL password
openssl rand -base64 32

SITE_URL=https://your-domain.com ADDITIONAL_REDIRECT_URLS=https://your-domain.com

version: "3.8"

      

        

          
          Authentication & Email (Gmail SMTP)
        

        
Step 1
        
Adjust Your Configuration
        
Open the .env file in your supabase/docker directory and set the following variables to match your environment. This is the most important step for customizing your self-hosted Supabase instance.

        

          

            .env Example
            Copy
          
          
# Basic Configuration
    volumes:
      # Custom PostgreSQL configuration
      - ./postgresql.conf:/etc/postgresql/postgresql.conf
    command: >
      postgres
      -c config_file=/etc/postgresql/postgresql.conf
      -c log_statement=all
      -c log_destination=stderr
      -c log_min_duration_statement=0

  kong:
    ports:
      # Bind to specific interfaces for security
      - "127.0.0.1:8000:8000"
      - "127.0.0.1:8443:8443"

  studio:
    environment:
      # Additional studio configuration
      - SUPABASE_REST_URL=http://kong:8000/rest/v1/
        
      

      

        

          

          
ℹ️
          

            
Gmail SMTP Setup
            

              
Go to Google Account Security and enable 2-Step Verification if not already enabled.
              
Under "App passwords", generate a new app password for "Mail" (select "Other" if needed).
              
Use this app password as SMTP_PASS in your .env file.
              
Make sure SMTP_USER and SMTP_ADMIN_EMAIL are your Gmail address.
            
          
        

        
Step 2
        
Start Supabase Services
        
Once your configuration is set, launch all Supabase components:

        

          

            Start Services
            Copy
          
          
# Start all services
          
          Database Setup
        

Step 1

Start Supabase Services

Launch all Supabase components:

Step 3

Access Supabase Studio & Test Email Auth

Open your browser and navigate to Supabase Studio:

Studio Access

URL: http://localhost:3000

        

        

        
Go to Authentication → Settings and verify your email settings. Try signing up a new user to test that email confirmation is sent via Gmail SMTP.
      

Start Services Copy

# Start all services
docker-compose up -d

# Check if all services are running
docker-compose ps

# View logs if there are issues
docker-compose logs

Step 2

Initialize Database Schema

Set up the initial database schema for Mindful Assistant:

Connect to Database Copy

# Connect to PostgreSQL container
docker-compose exec db psql -U postgres -d postgres

# Or connect from outside the container
psql -h localhost -p 54322 -U postgres -d postgres

Step 3

Create Application Tables

Run the same SQL from the cloud Supabase tutorial:

mindful_assistant_schema.sql Copy

-- Enable necessary extensions
CREATE EXTENSION IF NOT EXISTS "uuid-ossp";
CREATE EXTENSION IF NOT EXISTS "pgcrypto";

-- Create conversations table
CREATE TABLE IF NOT EXISTS conversations (
    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
    user_id UUID REFERENCES auth.users(id) ON DELETE CASCADE,
    title TEXT,
    created_at TIMESTAMP WITH TIME ZONE DEFAULT NOW(),
    updated_at TIMESTAMP WITH TIME ZONE DEFAULT NOW(),
    is_archived BOOLEAN DEFAULT FALSE
);

-- Create messages table
CREATE TABLE IF NOT EXISTS messages (
    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
    conversation_id UUID REFERENCES conversations(id) ON DELETE CASCADE,
    content TEXT NOT NULL,
    role TEXT NOT NULL CHECK (role IN ('user', 'assistant')),
    created_at TIMESTAMP WITH TIME ZONE DEFAULT NOW(),
    metadata JSONB DEFAULT '{}'::jsonb
);

-- Create pain points table
CREATE TABLE IF NOT EXISTS pain_points (
    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
    user_id UUID REFERENCES auth.users(id) ON DELETE CASCADE,
    conversation_id UUID REFERENCES conversations(id) ON DELETE CASCADE,
    pain_point TEXT NOT NULL,
    category TEXT,
    severity_score FLOAT,
    confidence_score FLOAT,
    first_detected_at TIMESTAMP WITH TIME ZONE DEFAULT NOW(),
    last_mentioned_at TIMESTAMP WITH TIME ZONE DEFAULT NOW(),
    occurrence_count INTEGER DEFAULT 1
);

-- Create user profiles
CREATE TABLE IF NOT EXISTS user_profiles (
    id UUID PRIMARY KEY REFERENCES auth.users(id) ON DELETE CASCADE,
    display_name TEXT,
    preferences JSONB DEFAULT '{}'::jsonb,
    created_at TIMESTAMP WITH TIME ZONE DEFAULT NOW(),
    updated_at TIMESTAMP WITH TIME ZONE DEFAULT NOW()
);

-- Create indexes
CREATE INDEX IF NOT EXISTS idx_conversations_user_id ON conversations(user_id);
CREATE INDEX IF NOT EXISTS idx_conversations_created_at ON conversations(created_at DESC);
CREATE INDEX IF NOT EXISTS idx_messages_conversation_id ON messages(conversation_id);
CREATE INDEX IF NOT EXISTS idx_messages_created_at ON messages(created_at DESC);
CREATE INDEX IF NOT EXISTS idx_pain_points_user_id ON pain_points(user_id);
CREATE INDEX IF NOT EXISTS idx_pain_points_conversation_id ON pain_points(conversation_id);

-- Enable RLS
ALTER TABLE conversations ENABLE ROW LEVEL SECURITY;
ALTER TABLE messages ENABLE ROW LEVEL SECURITY;
ALTER TABLE pain_points ENABLE ROW LEVEL SECURITY;
ALTER TABLE user_profiles ENABLE ROW LEVEL SECURITY;

-- RLS Policies (same as cloud version)
-- Conversations policies
CREATE POLICY "Users can view their own conversations" ON conversations
    FOR SELECT USING (auth.uid() = user_id);

CREATE POLICY "Users can create their own conversations" ON conversations
    FOR INSERT WITH CHECK (auth.uid() = user_id);

CREATE POLICY "Users can update their own conversations" ON conversations
    FOR UPDATE USING (auth.uid() = user_id);

CREATE POLICY "Users can delete their own conversations" ON conversations
    FOR DELETE USING (auth.uid() = user_id);

-- Messages policies
CREATE POLICY "Users can view messages in their conversations" ON messages
    FOR SELECT USING (
        conversation_id IN (
            SELECT id FROM conversations WHERE user_id = auth.uid()
        )
    );

CREATE POLICY "Users can create messages in their conversations" ON messages
    FOR INSERT WITH CHECK (
        conversation_id IN (
            SELECT id FROM conversations WHERE user_id = auth.uid()
        )
    );

-- Pain points policies
CREATE POLICY "Users can view their own pain points" ON pain_points
    FOR SELECT USING (auth.uid() = user_id);

CREATE POLICY "Users can create their own pain points" ON pain_points
    FOR INSERT WITH CHECK (auth.uid() = user_id);

CREATE POLICY "Users can update their own pain points" ON pain_points
    FOR UPDATE USING (auth.uid() = user_id);

-- User profiles policies
CREATE POLICY "Users can view their own profile" ON user_profiles
    FOR SELECT USING (auth.uid() = id);

CREATE POLICY "Users can update their own profile" ON user_profiles
    FOR UPDATE USING (auth.uid() = id);

CREATE POLICY "Users can create their own profile" ON user_profiles
    FOR INSERT WITH CHECK (auth.uid() = id);

Authentication Configuration

Step 1

Access Supabase Studio

Open your browser and navigate to Supabase Studio:

Studio Access

URL: http://localhost:3000
Username: admin (or your DASHBOARD_USERNAME)
Password: your_dashboard_password_here

Step 2

Configure Authentication Settings

In Studio, go to Authentication > Settings:

Setting	Value	Description
Site URL	https://your-domain.com	Your production domain
Redirect URLs	https://your-domain.com/**	Allowed redirect patterns
JWT Expiry	3600	Token expiry in seconds
Enable signup	Enabled	Allow new registrations

Step 3

Test Authentication

Create a test user to verify authentication works:

Create Test User Copy

# Using curl to test signup
curl -X POST 'http://localhost:8000/auth/v1/signup' \
-H "apikey: YOUR_ANON_KEY" \
-H "Content-Type: application/json" \
-d '{
  "email": "test@example.com",
  "password": "testpassword123"
}'

SSL Setup with Let's Encrypt

Step 1

Install Certbot

Install Let's Encrypt certbot for SSL certificates:

Install Certbot Copy

# Install certbot
sudo apt install certbot

# Install nginx plugin
sudo apt install python3-certbot-nginx

Step 2

Configure Nginx Reverse Proxy

Create an nginx configuration for SSL termination:

/etc/nginx/sites-available/supabase Copy

server {
    listen 80;
    server_name your-domain.com;

    location / {
        proxy_pass http://localhost:3000;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }

    location /rest/ {
        proxy_pass http://localhost:8000/rest/;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }

    location /auth/ {
        proxy_pass http://localhost:8000/auth/;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }

    location /storage/ {
        proxy_pass http://localhost:8000/storage/;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

Step 3

Obtain SSL Certificate

Get a free SSL certificate from Let's Encrypt:

SSL Certificate Copy

# Enable the site
sudo ln -s /etc/nginx/sites-available/supabase /etc/nginx/sites-enabled/
sudo nginx -t
sudo systemctl reload nginx

# Obtain SSL certificate
sudo certbot --nginx -d your-domain.com

# Test automatic renewal
sudo certbot renew --dry-run

Monitoring and Maintenance

Step 1

Health Check Script

Create a script to monitor service health:

health-check.sh Copy

#!/bin/bash

# Health check script for Supabase
echo "=== Supabase Health Check ==="
echo "Timestamp: $(date)"

# Check if all containers are running
echo "Checking container status..."
docker-compose ps

# Check database connectivity
echo "Checking database connectivity..."
docker-compose exec -T db pg_isready -U postgres

# Check API endpoints
echo "Checking API endpoints..."
curl -f http://localhost:8000/rest/v1/ > /dev/null 2>&1 && echo "REST API: OK" || echo "REST API: FAILED"
curl -f http://localhost:8000/auth/v1/health > /dev/null 2>&1 && echo "Auth API: OK" || echo "Auth API: FAILED"

# Check disk space
echo "Checking disk space..."
df -h /

# Check memory usage
echo "Checking memory usage..."
free -h

echo "=== Health Check Complete ==="

Step 2

Log Management

Set up log rotation and monitoring:

View and Manage Logs Copy

# View logs for all services
docker-compose logs

# View logs for specific service
docker-compose logs db
docker-compose logs kong
docker-compose logs auth

# Follow logs in real-time
docker-compose logs -f

# Limit log output
docker-compose logs --tail=100

Step 3

Performance Monitoring

Monitor system performance and database stats:

Database Performance Copy

# Connect to database and check stats
docker-compose exec db psql -U postgres -d postgres -c "
SELECT
    schemaname,
    tablename,
    attname,
    n_distinct,
    correlation
FROM pg_stats
WHERE schemaname = 'public';"

# Check active connections
docker-compose exec db psql -U postgres -d postgres -c "
SELECT count(*) as active_connections
FROM pg_stat_activity
WHERE state = 'active';"

# Check database size
docker-compose exec db psql -U postgres -d postgres -c "
SELECT pg_size_pretty(pg_database_size('postgres')) as database_size;"

Backup Strategy

Health Check

To check if Supabase is healthy, just run:

docker-compose ps

If all services show Up, everything is working.

backup-volumes.sh Copy

#!/bin/bash

# Volume backup script
BACKUP_DIR="/backups/volumes"
DATE=$(date +%Y%m%d_%H%M%S)

mkdir -p $BACKUP_DIR

# Stop services temporarily
docker-compose stop

# Backup volumes
docker run --rm -v supabase_db_data:/data -v $BACKUP_DIR:/backup alpine tar czf /backup/db_data_$DATE.tar.gz -C /data .
docker run --rm -v supabase_storage_data:/data -v $BACKUP_DIR:/backup alpine tar czf /backup/storage_data_$DATE.tar.gz -C /data .

# Restart services
docker-compose start

# Remove old volume backups (keep 7 days)
find $BACKUP_DIR -name "*.tar.gz" -mtime +7 -delete

echo "Volume backup completed"

Step 3

Automated Backup Schedule

Set up cron jobs for automated backups:

Crontab Setup Copy

# Edit crontab
crontab -e

# Add these lines for automated backups:
# Daily database backup at 2 AM
0 2 * * * /path/to/backup-database.sh

# Weekly volume backup on Sundays at 3 AM
0 3 * * 0 /path/to/backup-volumes.sh

# Daily health check at 6 AM
0 6 * * * /path/to/health-check.sh >> /var/log/supabase-health.log

Updating Supabase

Step 1

Check for Updates

Regularly check for Supabase updates:

Update Process Copy

# Navigate to Supabase directory
cd ~/supabase-selfhosted/supabase/docker

# Check current version
git log --oneline -1

# Fetch latest changes
git fetch origin

# Check what's new
git log --oneline HEAD..origin/master

# Create backup before updating
./backup-database.sh
./backup-volumes.sh

Step 2

Perform Update

Update to the latest version:

Update Commands Copy

# Stop services
docker-compose down

# Pull latest changes
git pull origin master

# Pull new Docker images
docker-compose pull

# Start with new images
docker-compose up -d

# Check if everything is working
docker-compose ps
./health-check.sh

Step 3

Rollback if Needed

If something goes wrong, rollback to previous version:

Rollback Process Copy

# Stop services
docker-compose down

# Rollback to previous commit
git reset --hard HEAD~1

# Restore from backup if needed
docker-compose exec -T db psql -U postgres -c "DROP DATABASE IF EXISTS postgres;"
docker-compose exec -T db psql -U postgres -c "CREATE DATABASE postgres;"
zcat /backups/supabase/latest_backup.sql.gz | docker-compose exec -T db psql -U postgres postgres

# Start services
docker-compose up -d

Troubleshooting

Services Won't Start

Problem: Docker containers fail to start

Solutions:

• Check Docker daemon is running: sudo systemctl status docker
• Verify port availability: sudo netstat -tulpn | grep :8000
• Check disk space: df -h
• Review logs: docker-compose logs
• Restart Docker: sudo systemctl restart docker

Database Connection Issues

Problem: Cannot connect to PostgreSQL

Solutions:

• Verify database container is running: docker-compose ps db
• Check database logs: docker-compose logs db
• Test connection: docker-compose exec db pg_isready -U postgres
• Verify password in .env file
• Check firewall settings

SSL Certificate Issues

Problem: SSL certificate not working

Solutions:

• Verify domain DNS points to your server
• Check nginx configuration: sudo nginx -t
• Renew certificate: sudo certbot renew
• Check certificate status: sudo certbot certificates
• Verify firewall allows ports 80 and 443

High Memory Usage

Problem: System running out of memory

Solutions:

• Increase server RAM
• Optimize PostgreSQL settings
• Add swap space: sudo fallocate -l 2G /swapfile
• Monitor container usage: docker stats
• Clean up old Docker images: docker system prune

Performance Issues

Problem: Slow response times

Solutions:

• Add database indexes for frequently queried columns
• Increase PostgreSQL shared_buffers
• Use connection pooling
• Monitor slow queries: pg_stat_statements
• Upgrade server hardware

• ✅ Complete data sovereignty and privacy
• ✅ Administrative dashboard
• ✅ SSL encryption and security

Next Steps

Set up monitoring and alerting

Test disaster recovery procedures

Step 1

Health Check Script

To check if Supabase is healthy, just make sure all Docker containers are running:

health-check.sh Copy

#!/bin/bash
          

            
Security Reminder
            
Remember to regularly update your system, monitor logs, and maintain backups. Self-hosting requires ongoing maintenance and security vigilance.
          
        

← Back to Tutorials View Source Code