CO

/claim #7458

Summary

This PR enables Model Context Protocol (MCP) for self-hosted Supabase on Coolify with production-ready security and multi-instance support.

What’s Implemented

Docker-Compose Patch

  • Added supabase-mcp service to the official Supabase template
  • Proper database connection using Coolify variables
  • Health checks and service dependencies

Multi-Instance Routing

  • Dynamic ${SERVICE_ID} ensures unique Traefik routers per instance
  • Zero configuration conflicts when running multiple Supabase deployments
  • Each project gets its own subdomain (e.g., mcp-blog.domain.com, mcp-shop.domain.com)

Wireguard VPN Integration

  • IP allowlist middleware restricts access to VPN range (10.0.0.0/24)
  • Configurable via MCP_ALLOWED_IPS environment variable
  • MCP never exposed to public internet (secure by default)

IDE Configuration Examples

  • Cursor: Settings UI + manual config file
  • Claude Desktop: Local MCP command setup
  • Windsurf: JSON configuration format

Comprehensive Documentation

  • Quick SSH tunnel method for local development
  • Step-by-step Wireguard VPN setup
  • Multi-instance configuration examples
  • Troubleshooting guide for common issues

Security Approach

  • MCP endpoints protected by Traefik IP allowlist middleware
  • Only accessible via Wireguard VPN or SSH tunnel
  • Clear warnings about OAuth 2.1 limitations
  • Production-ready defaults (10.0.0.0/24 VPN range)

Technical Highlights

  • Coolify-native: Uses websecure entrypoint, coolify network, letsencrypt certresolver
  • Automatic SSL certificate provisioning
  • Unique routing prevents multi-instance collisions
  • Health checks ensure reliability

Files Changed

  • templates/compose/supabase.yaml - Added MCP service with Traefik configuration
  • templates/docs/SUPABASE_MCP_SETUP.md - Complete setup and usage guide

Testing Checklist

  • MCP service starts successfully
  • Traefik routing works with unique SERVICE_ID
  • IP allowlist blocks unauthorized access
  • SSL certificates auto-provision
  • Multiple instances don’t conflict
  • Documentation tested with all three IDEs

https://github.com/user-attachments/assets/03b6b66a-1199-4e0d-afd2-432abf2fd9ce

Ready to merge! This fully addresses issue #7458 with production-ready code and comprehensive documentation.

Claim

Total prize pool $15
Total paid $0
Status Pending
Submitted December 27, 2025
Last updated December 27, 2025

Contributors

BH

Bhavik joshi

@Bhav-ikkk

 100%

Sponsors

HS

HS

@rootacc3ss

$15