### Start Supavisor Database and Apply Migrations Source: https://github.com/supabase/supavisor/blob/main/docs/development/setup.md Execute these commands to start the Supavisor database and apply necessary schema migrations. ```bash make db_start && make db_migrate ``` -------------------------------- ### Launch Supavisor Application Source: https://github.com/supabase/supavisor/blob/main/docs/development/setup.md Use this command to start the Supavisor application in development mode. ```bash make dev ``` -------------------------------- ### Start PostgreSQL Database with Docker Compose Source: https://github.com/supabase/supavisor/blob/main/docs/development/installation.md This command pulls the PostgreSQL 14 Docker image and runs it on port 6432. Ensure you have Docker and Docker Compose installed. ```bash docker-compose -f ./docker-compose.db.yml up ``` -------------------------------- ### Get Dependencies and Apply Migrations Source: https://github.com/supabase/supavisor/blob/main/docs/development/installation.md Fetches project dependencies and applies Ecto database migrations. The --prefix _supavisor flag specifies the schema for migrations. ```bash mix deps.get && mix ecto.migrate --prefix _supavisor --log-migrator-sql ``` -------------------------------- ### Verify Supavisor connection count Source: https://github.com/supabase/supavisor/blob/main/docs/migrating/pgbouncer.md After starting Supavisor, use this query to confirm that it is utilizing the connections as configured by `default_pool_size`. It groups results by username and application name for clarity. ```sql SELECT COUNT(*) as count, usename, application_name FROM pg_stat_activity WHERE application_name ILIKE '%Supavisor%' GROUP BY usename, application_name ORDER BY application_name DESC; ``` -------------------------------- ### Set Supavisor Application Secrets Source: https://github.com/supabase/supavisor/blob/main/docs/deployment/fly.md Configures essential secrets for your Supavisor application on Fly.io. Replace the example values with your actual sensitive information. ```bash fly secrets set DATABASE_URL="ecto://postgres:postgres@localhost:6432/postgres" \ VAULT_ENC_KEY="some_vault_secret" \ API_JWT_SECRET="some_api_secret" \ METRICS_JWT_SECRET="some_metrics_secret" \ SECRET_KEY_BASE="some_kb_secret" ``` -------------------------------- ### Add a New Tenant to Supavisor Source: https://github.com/supabase/supavisor/blob/main/docs/development/setup.md This cURL command adds a new tenant named 'dev_tenant' with specified database credentials and configuration to Supavisor. Ensure the database is started and migrated before running this command. ```bash curl -X PUT \ 'http://localhost:4000/api/tenants/dev_tenant' \ --header 'Accept: */*' \ --header 'User-Agent: Thunder Client (https://www.thunderclient.com)' \ --header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJvbGUiOiJhbm9uIiwiaWF0IjoxNjQ1MTkyODI0LCJleHAiOjE5NjA3Njg4MjR9.M9jrxyvPLkUxWgOYSf5dNdJ8v_eRrq810ShFRT8N-6M' \ --header 'Content-Type: application/json' \ --data-raw '{ "tenant": { "db_host": "localhost", "db_port": 6432, "db_database": "postgres", "ip_version": "auto", "enforce_ssl": false, "require_user": false, "auth_query": "SELECT rolname, rolpassword FROM pg_authid WHERE rolname=$1;", "users": [ { "db_user": "postgres", "db_password": "postgres", "pool_size": 20, "mode_type": "transaction", "is_manager": true } ] } }' ``` -------------------------------- ### Serve Documentation Locally Source: https://github.com/supabase/supavisor/blob/main/docs/development/docs.md Build and serve the documentation locally using mkdocs. ```bash mkdocs serve ``` -------------------------------- ### Launch Fly.io App Source: https://github.com/supabase/supavisor/blob/main/docs/deployment/fly.md Initiates the creation of a new application on Fly.io. You will be prompted to name your app and confirm configuration copying. ```bash fly launch ``` -------------------------------- ### Connect to Tenant Database via psql Source: https://github.com/supabase/supavisor/wiki/Installation-and-Usage Connects to the tenant's database using psql through the Supavisor proxy. The tenant ID is part of the username. ```bash psql postgresql://postgres.dev_tenant:postgres@localhost:6432/postgres ``` -------------------------------- ### Run pgbench on Supavisor Source: https://github.com/supabase/supavisor/blob/main/README.md Executes the pgbench benchmark tool against Supavisor with a pool size of 60 and logging disabled. This command is used for performance comparison. ```bash PGPASSWORD=postgres pgbench -M extended --transactions 100 --jobs 10 --client 100 -h localhost -p 7654 -U postgres.localhost postgres pgbench (15.2, server 14.6 (Debian 14.6-1.pgdg110+1)) starting vacuum...end. transaction type: scaling factor: 1 query mode: extended number of clients: 100 number of threads: 10 maximum number of tries: 1 number of transactions per client: 100 number of transactions actually processed: 10000/10000 number of failed transactions: 0 (0.000%) latency average = 528.463 ms initial connection time = 178.591 ms tps = 189.228103 (without initial connection time) ``` -------------------------------- ### Connect using Options Parameters Source: https://github.com/supabase/supavisor/blob/main/docs/connecting/overview.md Include the external ID within the connection string's options parameters, specifically using the 'reference' key. This method allows for flexible configuration of connection parameters. ```sql psql postgresql://postgres:postgres@localhost:6543/postgres&options=reference%3Ddev_tenant ``` -------------------------------- ### Deploy Supavisor App to Fly.io Source: https://github.com/supabase/supavisor/blob/main/docs/deployment/fly.md Deploys your configured Supavisor application to the Fly.io platform. ```bash fly deploy ``` -------------------------------- ### Run pgbench on PgBouncer Source: https://github.com/supabase/supavisor/blob/main/README.md Executes the pgbench benchmark tool against PgBouncer in extended transaction mode with a pool size of 60. This command is used for performance comparison. ```bash PGPASSWORD=postgres pgbench -M extended --transactions 100 --jobs 10 --client 100 -h localhost -p 6452 -U postgres postgres pgbench (15.2, server 14.6 (Debian 14.6-1.pgdg110+1)) starting vacuum...end. transaction type: scaling factor: 1 query mode: extended number of clients: 100 number of threads: 10 maximum number of tries: 1 number of transactions per client: 100 number of transactions actually processed: 10000/10000 number of failed transactions: 0 (0.000%) latency average = 510.310 ms initial connection time = 31.388 ms tps = 195.959361 (without initial connection time) ``` -------------------------------- ### Create Trace Directory and Capture Function Calls Source: https://github.com/supabase/supavisor/blob/main/docs/development/profiling.md This snippet creates a timestamped directory for storing trace data and then captures function calls for a specified function. Use this to organize profiling sessions and capture specific function executions. ```elixir dir = "./tmp/capture-" <> DateTime.utc_now() |> to_string(); File.mkdir_p!(dir); :eflambe.capture({Supavisor.ClientHandler, :handle_event, 4}, 0, [output_directory: dir]) ``` -------------------------------- ### Supavisor Benchmark Results Source: https://github.com/supabase/supavisor/blob/main/native/pgparser/README.md This output shows the results of Supavisor benchmarks, including system information and performance metrics like operations per second (ips), average execution time, and deviation. ```text Operating System: macOS CPU Information: Apple M1 Pro Number of Available Cores: 10 Available memory: 16 GB Elixir 1.14.3 Erlang 24.3.4 Benchmark suite executing with the following configuration: warmup: 2 s time: 5 s memory time: 0 ns reduction time: 0 ns parallel: 1 inputs: none specified Estimated total run time: 7 s Benchmarking statement_types/1 ... Name ips average deviation median 99th % statement_types/1 171.60 K 5.83 μs ±91.30% 5.71 μs 6.29 μs ``` -------------------------------- ### Simple SQL Authentication Query Source: https://github.com/supabase/supavisor/blob/main/docs/connecting/authentication.md Use this SQL query to verify credentials by looking up user roles and passwords from the pg_authid table. This is a basic authentication method. ```sql SELECT rolname, rolpassword FROM pg_authid WHERE rolname=$1 ``` -------------------------------- ### Add or Update Tenant Configuration Source: https://github.com/supabase/supavisor/wiki/Installation-and-Usage Adds or updates a tenant's configuration in Supavisor using a PUT request to the API. This includes database connection details, IP version, SSL settings, and user credentials. ```bash curl -X PUT \ 'http://localhost:4000/api/tenants/dev_tenant' \ --header 'Accept: application/json' \ --header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJvbGUiOiJhbm9uIiwiaWF0IjoxNjQ1MTkyODI0LCJleHAiOjE5NjA3Njg4MjR9.M9jrxyvPLkUxWgOYSf5dNdJ8v_eRrq810ShFRT8N-6M' \ --header 'Content-Type: application/json' \ --data-raw '{ \ "tenant": { \ "db_host": "localhost", \ "db_port": 6432, \ "db_database": "postgres", \ "ip_version": "auto", // "auto" | v4 | v6 \ "require_user": true, // true | false \ "upstream_ssl": true, // true | false, \ "enforce_ssl": false, // true | false, \ "upstream_verify": "peer", // "none" | "peer" \ "upstream_tls_ca": "-----BEGIN CERTIFICATE-----\nblalblalblablalblalblaba\n-----END CERTIFICATE-----\n", // "" \ "users": [ \ { \ "db_user": "postgres", \ "db_password": "postgres", \ "pool_size": 20, \ "mode_type": "transaction", \ "pool_checkout_timeout": 100 \ } \ ] \ } \ }' ``` -------------------------------- ### Sample SQL Query for Load Test Source: https://github.com/supabase/supavisor/blob/main/README.md A simple SQL query used during the load test to simulate data retrieval. This query is part of the overall load test scenario. ```sql SELECT * FROM (VALUES (1, 'one'), (2, 'two'), (3, 'three')) AS t (num, letter); ``` -------------------------------- ### Add/Update Tenant Source: https://github.com/supabase/supavisor/wiki/Installation-and-Usage This endpoint allows you to add a new tenant or update an existing one. It requires tenant-specific database connection details and user credentials. ```APIDOC ## PUT /api/tenants/{tenant_id} ### Description Adds or updates a tenant in the Supavisor system. This operation configures the database connection and user details for a specific tenant. ### Method PUT ### Endpoint `/api/tenants/{tenant_id}` ### Parameters #### Path Parameters - **tenant_id** (string) - Required - The unique identifier for the tenant. #### Request Body - **tenant** (object) - Required - Contains the configuration details for the tenant. - **db_host** (string) - Required - The hostname of the database. - **db_port** (integer) - Required - The port of the database. - **db_database** (string) - Required - The name of the database. - **ip_version** (string) - Optional - The IP version to use ('auto', 'v4', or 'v6'). Defaults to 'auto'. - **require_user** (boolean) - Optional - Whether user authentication is required. Defaults to true. - **upstream_ssl** (boolean) - Optional - Whether to use SSL for upstream connections. Defaults to true. - **enforce_ssl** (boolean) - Optional - Whether to enforce SSL for upstream connections. Defaults to false. - **upstream_verify** (string) - Optional - SSL verification mode ('none' or 'peer'). Defaults to 'peer'. - **upstream_tls_ca** (string) - Optional - The CA certificate for upstream TLS verification. - **users** (array) - Required - A list of user configurations for the tenant. - **db_user** (string) - Required - The database username. - **db_password** (string) - Required - The database password. - **pool_size** (integer) - Required - The maximum number of connections in the pool. - **mode_type** (string) - Required - The connection pool mode ('transaction' or 'session'). - **pool_checkout_timeout** (integer) - Required - The timeout in milliseconds for checking out a connection from the pool. ### Request Example ```json { "tenant": { "db_host": "localhost", "db_port": 6432, "db_database": "postgres", "ip_version": "auto", "require_user": true, "upstream_ssl": true, "enforce_ssl": false, "upstream_verify": "peer", "upstream_tls_ca": "-----BEGIN CERTIFICATE-----\nblalblalblablalblalblaba\n-----END CERTIFICATE-----", "users": [ { "db_user": "postgres", "db_password": "postgres", "pool_size": 20, "mode_type": "transaction", "pool_checkout_timeout": 100 } ] } } ``` ### Response #### Success Response (200) (No specific success response fields are detailed in the source.) #### Response Example (No specific response example is provided in the source.) ``` -------------------------------- ### Connect using Username Source: https://github.com/supabase/supavisor/blob/main/docs/connecting/overview.md Provide the external ID as part of the username, separated by a dot. This method is useful when the external ID is known and can be directly embedded in the username. ```sql psql postgresql://postgres.dev_tenant:postgres@localhost:6543/postgres ``` -------------------------------- ### SQL Query to Use Authentication Function Source: https://github.com/supabase/supavisor/blob/main/docs/connecting/authentication.md This SQL query is used to configure the tenant's auth_query to call the previously defined Supavisor authentication function. It passes the username from the client connection to the function for verification. ```sql SELECT * FROM supavisor.get_auth($1) ``` -------------------------------- ### Update Tenant Configuration in Supavisor Source: https://github.com/supabase/supavisor/blob/main/docs/development/setup.md This cURL command updates the configuration for an existing tenant. It allows modification of various settings including database connection details, SSL enforcement, and user configurations. Ensure the tenant already exists. ```bash curl -X PUT \ 'http://localhost:4000/api/tenants/dev_tenant' \ --header 'Accept: application/json' \ --header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJvbGUiOiJhbm9uIiwiaWF0IjoxNjQ1MTkyODI0LCJleHAiOjE5NjA3Njg4MjR9.M9jrxyvPLkUxWgOYSf5dNdJ8v_eRrq810ShFRT8N-6M' \ --header 'Content-Type: application/json' \ --data-raw '{ "tenant": { "db_host": "localhost", "db_port": 6432, "db_database": "postgres", "ip_version": "auto", // "auto" | "v4" | "v6" "require_user": true, // true | false "upstream_ssl": true, // true | false, "enforce_ssl": false, // true | false, "upstream_verify": "peer", // "none" | "peer" "upstream_tls_ca": "-----BEGIN CERTIFICATE-----\nblalblalblablalblalblaba\n-----END CERTIFICATE-----\\n", // "", "default_max_clients": 200, "default_pool_size": 15, "users": [ { "db_user": "postgres", "db_password": "postgres", "mode_type": "transaction", "pool_checkout_timeout": 100, "pool_size": 10 } ] } }' ``` -------------------------------- ### PostgreSQL Function for Authentication Source: https://github.com/supabase/supavisor/blob/main/docs/connecting/authentication.md Create a PostgreSQL function to handle authentication requests. This function queries the pg_shadow table to retrieve username and password, providing a more dynamic authentication mechanism. Ensure the function is properly secured and granted execute permissions. ```sql CREATE USER supavisor; REVOKE ALL PRIVILEGES ON SCHEMA public FROM supavisor; CREATE SCHEMA supavisor AUTHORIZATION supavisor; CREATE OR REPLACE FUNCTION supavisor.get_auth(p_usename TEXT) RETURNS TABLE(username TEXT, password TEXT) AS $$ BEGIN RAISE WARNING 'Supavisor auth request: %', p_usename; RETURN QUERY SELECT usename::TEXT, passwd::TEXT FROM pg_catalog.pg_shadow WHERE usename = p_usename; END; $$ LANGUAGE plpgsql SECURITY DEFINER; REVOKE ALL ON FUNCTION supavisor.get_auth(p_usename TEXT) FROM PUBLIC; GRANT EXECUTE ON FUNCTION supavisor.get_auth(p_usename TEXT) TO supavisor; ``` -------------------------------- ### Check Postgres max_connections Source: https://github.com/supabase/supavisor/blob/main/docs/migrating/pgbouncer.md Use this SQL query to determine the current maximum number of connections allowed by your PostgreSQL database. ```sql show max_connections; ``` -------------------------------- ### Tenant-Filtered Metrics Endpoint Source: https://github.com/supabase/supavisor/blob/main/docs/monitoring/metrics.md Access metrics filtered for a specific tenant by appending the tenant's external ID to the /metrics endpoint. This allows for granular monitoring of individual tenants. ```bash /metrics/:external_id ``` -------------------------------- ### Check current used connections in Postgres Source: https://github.com/supabase/supavisor/blob/main/docs/migrating/pgbouncer.md This SQL query helps you understand the number of active connections currently established with your PostgreSQL database. ```sql select count(*) from pg_stat_activity; ``` -------------------------------- ### Connect using Server Name Indication (SNI) Source: https://github.com/supabase/supavisor/blob/main/docs/connecting/overview.md The external ID can be specified as the subdomain in the Server Name Indication (SNI) during the TLS handshake. This is a common method for routing connections to the correct tenant. ```text dev_tenant.supabase.co ``` -------------------------------- ### Allocate Static IPv4 Address Source: https://github.com/supabase/supavisor/blob/main/docs/deployment/fly.md Reserves a static IPv4 address for your Fly.io application. This is necessary because Supavisor uses an additional port for the PostgreSQL protocol. ```bash fly ips allocate-v4 ``` -------------------------------- ### Delete a Tenant from Supavisor Source: https://github.com/supabase/supavisor/blob/main/docs/development/setup.md This cURL command deletes a specified tenant from Supavisor. Use this command with caution as it will remove all associated configurations and data for the tenant. ```bash curl -X DELETE \ 'http://localhost:4000/api/tenants/dev_tenant' \ --header 'Accept: application/json' \ --header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJvbGUiOiJhbm9uIiwiaWF0IjoxNjQ1MTkyODI0LCJleHAiOjE5NjA3Njg4MjR9.M9jrxyvPLkUxWgOYSf5dNdJ8v_eRrq810ShFRT8N-6M' ``` -------------------------------- ### Delete Tenant Source: https://github.com/supabase/supavisor/wiki/Installation-and-Usage This endpoint allows you to delete a tenant from the Supavisor system. ```APIDOC ## DELETE /api/tenants/{tenant_id} ### Description Deletes a tenant from the Supavisor system. ### Method DELETE ### Endpoint `/api/tenants/{tenant_id}` ### Parameters #### Path Parameters - **tenant_id** (string) - Required - The unique identifier for the tenant to be deleted. ### Request Example (No specific request example is provided in the source, but a curl command is shown in the documentation.) ### Response #### Success Response (200) (No specific success response fields are detailed in the source.) #### Response Example (No specific response example is provided in the source.) ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.