ROOT CAUSE FIX: All server-side Supabase clients (server-client, middleware-client,
server-admin-client) now use SUPABASE_INTERNAL_URL (http://supabase-kong:8000)
when available, with cookieOptions.name set to match the external URL's cookie key
(e.g. sb-myeasycms-auth-token). This gives us:
- Reliable Docker-internal networking (no hairpin NAT through Traefik)
- Correct session cookie matching between browser and server
- No more 500 errors on SSR pages that query Supabase
Reverted per-page try/catch workarounds since root cause is now fixed.
SSR pages crash with 500 when Supabase queries fail (expired session,
network issues). Now catch errors and render with empty data instead
of crashing the entire page.
The REVOKE+GRANT pattern in migrations can fail if a previous migration run
partially succeeded. Adding explicit GRANTs to dev-bootstrap.sh ensures all
tables have correct permissions on every deploy. Fixes 500 error on
Sitzungsprotokolle (meeting_protocol_items permission denied).
- Enable all 3 modules via NEXT_PUBLIC_ENABLE_* build args + runtime env
- Fix empty-string-to-null for date/optional columns in all module APIs:
fischerei (24 fixes), verbandsverwaltung (15 fixes), sitzungsprotokolle (2 fixes)
- CACHE_BUST=12 for full rebuild with new feature flags
Course and event creation Server Actions were failing with 'Something went
wrong' because empty form strings ('') were being inserted into date/uuid
columns which reject empty strings. Now converts '' to null for all
optional fields (dates, descriptions, IDs, contact info).
Browser creates cookies keyed by the external hostname (sb-myeasycms-*),
but server was using SUPABASE_INTERNAL_URL (sb-supabase-kong-*) — different
keys = server can't find the session = infinite 'please wait' after login.
Both client and server now use the same NEXT_PUBLIC_SUPABASE_URL (external
domain). The SSR reaches Supabase via Traefik → Kong which works fine.
The ARG was defined but never used in a RUN/ENV command, so Docker
ignored value changes and kept using cached COPY layers from the
very first build. Adding 'RUN echo' forces cache invalidation.
Wrap getUser() calls in proxy.ts with try/catch so the proxy doesn't
crash when the Supabase client can't connect. Without this, the proxy
fails silently and Next.js returns 404 for all locale-dependent routes
(/auth/sign-in, /join, etc.) because the locale rewrite never happens.
Server-side code (proxy.ts, SSR, API routes) now uses SUPABASE_INTERNAL_URL
(http://supabase-kong:8000) instead of the external domain. This avoids
hairpin NAT / DNS resolution issues where Docker containers can't reach
their own external domain through the reverse proxy.
Browser-side JS still uses the external URL (baked at build time).
The middleware was deleted in the Next.js 16 upgrade but is still required
by next-intl to handle locale detection and URL rewriting. Without it,
/auth/sign-in can't resolve to [locale=de]/auth/sign-in → 404.
Uses createMiddleware from next-intl/middleware with the shared routing config.
- Restore NEXT_PUBLIC_SUPABASE_URL + NEXT_PUBLIC_SUPABASE_PUBLIC_KEY at runtime
(server code reads from process.env — needs these for SSR)
- Use external URL (API_EXTERNAL_URL) for both build and runtime
- Add NEXT_PUBLIC_DEFAULT_LOCALE=de as Dockerfile build arg so next-intl
compiles with the correct default locale (was falling back to 'en')
- CACHE_BUST=3 to force full rebuild
NEXT_PUBLIC_ vars are baked into the Next.js bundle at build time.
Setting them at runtime with Docker-internal URLs (http://supabase-kong:8000)
causes SSR to fail with 500 because RSC uses the runtime value which
is unreachable from the browser. Let the build-time value
(https://myeasycms.frontieralgorithmics.de) be used everywhere.
CACHE_BUST=1→2 forces Docker to re-run 'pnpm install' and 'next build'
so NEXT_PUBLIC_SUPABASE_URL=https://myeasycms.frontieralgorithmics.de
gets baked into the client-side JS bundle.
Dokploy injects 'networks' into all compose services for Traefik routing,
which is mutually exclusive with 'network_mode: service:supabase-kong'.
Changes:
- Remove network_mode from app service
- App server-side Supabase URL: http://supabase-kong:8000 (Docker DNS)
- App browser-side Supabase URL: ${API_EXTERNAL_URL} (external domain)
- Kong catch-all route: app:3000 instead of localhost:3000
- PostgREST: replace wget healthcheck with TCP socket check — PostgREST
v12 is a minimal image without wget/curl
- All services: add start_period to healthchecks to avoid premature
unhealthy marking during initial startup
PostgREST, Auth, Realtime, Storage, and Meta were starting before db-migrate
set role passwords. On existing volumes (where initdb didn't re-run),
these services would fail to authenticate to Postgres. Now all services
wait for db-migrate to complete successfully before starting.
Dokploy deployment fixes:
- Remove all host port bindings (Kong 8000/8443/3000, Studio 54323, Inbucket 54324,
DB 5432) — Traefik handles external routing in Dokploy, host ports conflict
with other services on the shared server
- Add idempotent ALTER ROLE password commands to db-migrate service — ensures
role passwords are set even when DB volume persists across deployments
(docker-entrypoint-initdb.d only runs on empty data dirs)
- Add catch-all app route to Kong config — proxies / to localhost:3000
(Next.js app via network_mode: service:supabase-kong)
- Dockerfile: replace hardcoded NEXT_PUBLIC env vars with ARG+ENV pattern
so the same Dockerfile works for any environment (local dev, Dokploy prod)
- docker-compose.yml: pass SUPABASE_ANON_KEY as build arg to Dockerfile
- docker-compose.yml: remove DB port 5432 exposure (not needed on server,
services communicate via Docker network)
- Updated version to 3.1.1 in package.json.
- Refactored mobile navigation components to enhance structure and usability.
- Adjusted layout components to improve responsiveness and visual consistency.
- Introduced shared mobile navigation components for better code reuse.
* chore: bump version to 3.1.0 and update dependencies in package.json, pnpm-lock.yaml, and pnpm-workspace.yaml; enhance billing services with support for hosted checkout page in Stripe integration
* Enhance error handling in billing services to log error messages instead of objects; update documentation for Stripe integration to clarify publishable key requirements based on UI mode.
* Refactor localization keys to use dot notation for consistency across documentation and components
* chore: bump version to 3.0.1 in package.json
* Remove console log from SidebarLayout and update migration documentation for AlertDialog usage within Dropdowns
* Update dashboard image to improve visual assets
Version 3 of the kit:
- Radix UI replaced with Base UI (using the Shadcn UI patterns)
- next-intl replaces react-i18next
- enhanceAction deprecated; usage moved to next-safe-action
- main layout now wrapped with [locale] path segment
- Teams only mode
- Layout updates
- Zod v4
- Next.js 16.2
- Typescript 6
- All other dependencies updated
- Removed deprecated Edge CSRF
- Dynamic Github Action runner
