Self-host: apply the app schema on first boot (+ docs, leak scrub)#159
Merged
Conversation
The documented `docker compose up -d` flow never applied the app schema. run-self-host-migrations.sh was wired nowhere, so a fresh install booted Postgres roles with no tables and /setup failed. CI never caught it because CI uses `supabase start`, not the compose path. - Add a one-shot supabase-migrate service that runs the idempotent applier after GoTrue (auth.users) and storage-api (storage.buckets) are healthy, which the migrations reference; minutia-web waits for it before serving. Verified end to end: fresh boot applies all 51 migrations (full schema + storage bucket) and the re-run is idempotent. - Add scripts/verify-self-host-migrations.test.mjs and a CI step to guard the wiring. - Forward NEXT_PUBLIC_FEATURE_GATING / NEXT_PUBLIC_MANAGED_CLOUD build args so the documented knobs actually take effect. Docs (self-host correctness + completeness): - README: rewrite the desktop-companion section as marketing copy; add a Docker version prereq, a first-boot/migration note, reverse-proxy guidance, a backup command, and a troubleshooting section. - .env.example: reference the user-facing ENABLE_EMAIL_AUTOCONFIRM. - CONTRIBUTING: pnpm 10+. Leak scrub (public repo hygiene): - Remove a private sibling-repo name from a migration comment and an internal architecture term from a test comment. - verify-oss-boundaries now scans the whole tracked tree for both, so they cannot silently reappear.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
The bug (P0 for self-host launch)
The documented
docker compose up -dflow never applied the app schema.scripts/run-self-host-migrations.shwas invoked nowhere, so a fresh install booted Postgres roles with no tables, and/setupfailed with a database error. CI never caught this because CI usessupabase start, not the Docker Compose path.The fix
A one-shot
supabase-migrateservice runs the existing idempotent applier after GoTrue (auth.users) and storage-api (storage.buckets) are healthy, since the migrations reference both.minutia-webwaits on it viaservice_completed_successfullybefore serving.Verified end to end on a throwaway isolated stack (real volumes untouched):
meeting-audiostorage bucket.web's dependency. New migrations auto-apply on futureup.scripts/verify-self-host-migrations.test.mjs+ a CI step guard the wiring so it can't silently regress.Also forwards
NEXT_PUBLIC_FEATURE_GATING/NEXT_PUBLIC_MANAGED_CLOUDbuild args (were declared in the Dockerfile but not passed by compose).Docs (self-host correctness + completeness audit)
.env.example: reference the user-facingENABLE_EMAIL_AUTOCONFIRM(was an internal var name).CONTRIBUTING: pnpm 10+ (was 9+).Leak scrub (public repo hygiene)
verify-oss-boundariesnow scans the whole tracked tree for both, so they cannot reappear.