storage VS postgrest

[3] https://github.com/supabase/storage/issues/439

The Supabase Storage Engine is fully open source and is one of the few storage solutions that offer 3 interoperable protocols to manage your files:

For instance, consider a supabase setup where you place your photos in storage and your orders in a table. Then, have a function run automatically whenever a new row is added to the orders table. That function would be responsible for identifying what the customer bought and delivering it to them.

In this page, I used Supabase Storage to store the files uploaded by the users

-- Create a table for public profiles CREATE TABLE profiles ( id UUID REFERENCES auth.users ON DELETE CASCADE PRIMARY KEY, updated_at TIMESTAMP WITH TIME ZONE, username TEXT NULL, full_name TEXT, profile_image_url TEXT, bio TEXT, sex SMALLINT DEFAULT 0, CONSTRAINT username_length CHECK (CHAR_LENGTH(username) >= 3) ); -- Create a table for channeles CREATE TABLE channeles ( id SERIAL PRIMARY KEY, userRefId UUID REFERENCES auth.users(id), channel TEXT, updated_at TIMESTAMP WITH TIME ZONE ); -- Create a table for geo location CREATE TABLE user_geo ( id SERIAL PRIMARY KEY, userRefId UUID REFERENCES auth.users(id), location GEOGRAPHY(point) NOT NULL, updated_at TIMESTAMP WITH TIME ZONE ); create index user_geo_index on public.user_geo using GIST (location); -- Set up Row Level Security (RLS) -- See https://supabase.com/docs/guides/auth/row-level-security for more details. ALTER TABLE profiles ENABLE ROW LEVEL SECURITY; CREATE POLICY "Public profiles are viewable by everyone." ON profiles FOR SELECT USING (TRUE); CREATE POLICY "Users can insert their own profile." ON profiles FOR INSERT WITH CHECK (auth.uid() = id); CREATE POLICY "Users can update own profile." ON profiles FOR UPDATE USING (auth.uid() = id); -- Set up Row Level Security (RLS) -- See https://supabase.com/docs/guides/auth/row-level-security for more details. ALTER TABLE channeles ENABLE ROW LEVEL SECURITY; CREATE POLICY "Public channeles are viewable by everyone." ON channeles FOR SELECT USING (TRUE); CREATE POLICY "Users can insert their own channeles." ON channeles FOR INSERT WITH CHECK (auth.uid() = userRefId); CREATE POLICY "Users can update own channeles." ON channeles FOR UPDATE USING (auth.uid() = userRefId); -- Set up Row Level Security (RLS) -- See https://supabase.com/docs/guides/auth/row-level-security for more details. ALTER TABLE user_geo ENABLE ROW LEVEL SECURITY; CREATE POLICY "Public geo_location are viewable by everyone." ON user_geo FOR SELECT USING (TRUE); CREATE POLICY "Users can insert their own geo_location." ON user_geo FOR INSERT WITH CHECK (auth.uid() = userRefId); CREATE POLICY "Users can update own geo_location." ON user_geo FOR UPDATE USING (auth.uid() = userRefId); -- See https://supabase.com/docs/guides/auth/managing-user-data#using-triggers for more details. CREATE OR REPLACE FUNCTION public.handle_new_user() RETURNS TRIGGER AS $$ BEGIN INSERT INTO public.profiles ( id, updated_at, username, full_name, profile_image_url, bio, sex, ) VALUES ( NEW.id, NOW(), NEW.raw_user_meta_data->>'username', NEW.raw_user_meta_data->>'full_name', NEW.raw_user_meta_data->>'profile_image_url', NEW.raw_user_meta_data->>'bio', COALESCE(CAST(NEW.raw_user_meta_data->>'sex' AS SMALLINT), 0), ); INSERT INTO public.channeles (userRefId, channel, updated_at) VALUES (NEW.id, NEW.raw_user_meta_data->>'expoToken', NOW()); INSERT INTO public.user_geo (userRefId, location, updated_at) VALUES ( NEW.id, ST_Point(CAST(NEW.raw_user_meta_data->>'lat' AS FLOAT), CAST(NEW.raw_user_meta_data->>'lng' AS FLOAT)), NOW() ); RETURN NEW; END; $$ LANGUAGE plpgsql SECURITY DEFINER; CREATE TRIGGER on_auth_user_created AFTER INSERT ON auth.users FOR EACH ROW EXECUTE FUNCTION public.handle_new_user(); -- Set up Storage! INSERT INTO storage.buckets (id, name) VALUES ('profile_images', 'profile_images'); -- Set up access controls for storage. -- See https://supabase.com/docs/guides/storage#policy-examples for more details. CREATE POLICY "profile_image images are publicly accessible." ON storage.objects FOR SELECT USING (bucket_id = 'profile_images'); CREATE POLICY "Anyone can upload a profile_image." ON storage.objects FOR INSERT WITH CHECK (bucket_id = 'profile_images');

For example the storage-api. I was on version supabase/storage-api:v0.29.1 for a long time, until I realized, that there is a new version of it (0.40.1). Fast forward, upgraded everything, checked my application and everything storage related stopped working. From now on it's always the same procedure. Debugging the errors, digging through the code on GitHub, checking commits, issues, etc. After a while I found a bug from 2019 which had exactly the same error as I, tested the workaround and it worked again (partially, workaround).

Alternatively, we could use imagemagick (cli tool for image transforms) + supabase storage to do the same for free.

[5] https://supabase.com/docs/guides/storage

Storage

We'll probably need to upload other types of assets in the future, so having a way to set the limit per bucket would be nice... There's an issue for this - I may make a PR to implement it at some point.

hey hn, supabase ceo her

we just announced GA, after ~4 years of beta. for those who don't know: supabase is a postgres hosting company. we also host other open source "backend" tools that make it easy to get started with postgres (tools like PostgREST for auto-generate APIs [0])

we owe a lot to the HN community. you launched us 4 years ago [1], when we were just a few developers. since then HN has been a staple in our journey, one of the best sources of product feedback [2]

the GA badge is mostly to signify organizational readiness. we're at a stage where we can take any profile of customer. we have a support team that works 24/7, and a success team that will help customers improve their postgres usage. we released our Index Advisor [3] yesterday, and we'll be releasing a few more products this week that helps customer with performance and security.

on a personal note: i read HN most days, and love going through the ShowHN's to see what devs are building. thanks for being an awesome community and my favorite place to lurk on the internet. i'll stick around to answer any questions

[0] PostgREST: https://postgrest.org

[1] Launch: https://news.ycombinator.com/item?id=23319901

[2] HN journey: https://hn.algolia.com/?dateRange=all&page=0&prefix=false&qu...

[3] Index Advisor: https://news.ycombinator.com/item?id=40028111

If you use PostgreSQL and are proficient with using its row-level security feature, you can choose from several tools/services built above RLS, including Supabase, PostgREST, and PostGraphile. They all provide a way to expose database CRUD as a web API, assuming you've configured the RLS rules to properly secure the access.

wget 'https://github.com/PostgREST/postgrest/releases/download/v11.2.0/postgrest-v11.2.0-linux-static-x64.tar.xz'

SupaBase is entirely based upon PostgREST. In fact, PostgREST is arguably 49% of their value proposition according to their own website. The other 49% is PostgreSQL. PostgreSQL of course is a super mature database, and some would argue the best RDBMS on the planet, so let's ignore that part for a moment, and consider it a mature thing and move on to PostgREST.

You don't need this PHP snippet:

To get the same functionality without the extra step, simply use PostgREST [1]

[1] https://postgrest.org/

PostgREST is a standalone web server that turns your PostgreSQL database into a RESTful API using the database's structural constraints and permissions to define the API's endpoints and operations. In this tutorial, you will create a simple note-taking app by leveraging PostgREST to construct a RESTful API for the app and using htmx to deliver HTML content.

You might find some info in the docs of PostgREST [1] or in the previous discussions on HN about it [2].

For the versioning, I just have a git repo where I keep every role, schema, table, view, function, trigger, etc. definitions. Every time I change something in the database I first change it in the git repo too to have an history.

[1] https://postgrest.org

[2] https://hn.algolia.com/?q=postgrest

Don't know if you would call this a "program" but PostgREST is written is Haskell too.

https://github.com/PostgREST/postgrest