postgres VS auth

At Supabase we also recently switched to Nix for packaging our Postgres+extensions bundle

https://github.com/supabase/postgres/blob/develop/flake.nix

- Now, the connection between our API servers and the database was slow (a few hundred ms per query), so we moved to self-hosting Postgres which was pretty painful. We tried to use https://github.com/supabase/postgres, but the documentation was very lacking and we had to make a bunch of modifications to get it to work. After we got it working, it was pretty smooth though - pretty easy to implement backups, etc.

I think Supabase generally does good work, but I don't think they can be given credit for pgvector, if that's what you're indicating (I might have misread).

As I understand, Andrew Kane is the principal author of pgvector, and has worked on it for almost two years before Supabase added support for it.

See also https://github.com/pgvector/pgvector/issues/54 and https://github.com/supabase/postgres/pull/472.

we merged the pgvector PR about 2 weeks ago (https://github.com/supabase/postgres/pull/472). If you're missing anything for your CLI don't hesitate to reach out and we'll see if we can integrate it into the product (my email is in my profile)

as an aside, Pinecone looks great

One of the things they recommend is separating the PostgreSQL DB from the rest of the stack. And they also provide an ansible playbook to set up a postgres DB: https://github.com/supabase/postgres/blob/625899e687047a9da658f3f8cc6dd91ac9769694/ansible/playbook.yml

> entire solution from docker

We PR'd this into our docker-compose today [0]. We're always a bit slammed during Launch Week, so if you spot any problems let use know and we'll patch it up asap.

The extension is also deployed directly into our PG bundle [1] which is available in docker [2]

> The Gui for adding roles and tying them to postgres access is very slick with hasura. Is this done manually via SQL commands with supabase?

I haven't tried Hasura so I don't know if this is a direct comparison. pg_graphql works with Postgres Row Level Security - we provide a GUI for this in our Dashboard, but they are also just native PG Policies, so you can write them in raw SQL

[0] https://github.com/supabase/supabase/pull/6138/files#diff-41...

[1] https://github.com/supabase/postgres

[2] https://hub.docker.com/r/supabase/postgres

and can also PR if it's something useful for everyone: https://github.com/supabase/postgres

Show HN: Postgres Docker image with common extensions\ (23 comments)

We are starting to add OpenTelemetry support to all our core products and our Telemetry server. OpenTelemetry (OTel) standardizes logs, metrics, and traces in a vendor-agnostic format, so you can ingest data into tools like Datadog, Honeycomb, or any monitoring solution you already use. While you'll still have the freedom to bring your own observability stack, we're preparing to surface this data natively in the Supabase dashboard.

This is great. Competition is definitely needed in the Authentication/Authorization space.

Quick question. How would this compare to supabase/gotrue [0] and permify [1]?

[0]: https://github.com/supabase/auth

Supabase Auth now supports anonymous sign-ins, one of our most-requested features by the community.

People keep writing this, doesn't Supabase rely on spinning up additional services to leave, meaning you can't leave to another managed offering?

Off the top of my mind, PostgREST and go-true? https://github.com/supabase/auth

-

If you use Postgres you're "locked" into Postgres: a technology with a laundry list of providers.

If you leave Supabase, you'll lose the fully managed aspect of 99% of the Postgres providers out there, which confirms the pain the parent comment is describing.

> Microsoft scans to check the website contains malware. IMHO the security blunder is a self-implemented magic link.

It's not self-implemented, you can check it out here: https://github.com/supabase/gotrue

> Not password protected if the password is part of the URL.

It's a token that's valid for a couple of minutes – just like a password reset token. Indeed, in the given implementation, it's the very same as the password reset token. If you consider this implementation as "not password protected", any website with a password reset functionality is "not password protected".

I hate to be this guy, really. I would like to adopt Supabase in company, but I cannot yet.

I commented on a HN post almost a year ago about how hard is to do custom Auth with Supabase. I still haven't find a good solution about it. For example, LDAP Auth is quite crucial in most enterprise settings, yet I have no idea how to do it with Supabase. I can find a workaround for PostgREST by putting a secondary API written in some other language and fiddling with reverse proxies. But how to do with Supabase, such that all other services (realtime,...) works nicely? Is it so hard to provide a function that accept a custom strategy given the HTTP request data?

I created an issue[0] almost a year ago on Supabase, which was transferred to Gotrue. I even provided some code examples from Laravel. Even if it is not specifically for LDAP, make some API available to do so, please.

[0] https://github.com/supabase/gotrue/issues/904

Yes there is, it's just not pretty yet: https://github.com/supabase/gotrue/blob/master/openapi.yaml

The gotrue api: https://github.com/supabase/gotrue