SupaNet
Building on SupaNet

Deploy

Run SupaNet locally and ship it.

SupaNet is a standard Vite + React app with Supabase Edge Functions. If you have deployed a Supabase project before, none of this will surprise you.

Local development

npm install        # install deps
npm run dev        # Vite dev server on http://localhost:5173
npm run build      # typecheck (tsc -b) + vite build
npm run lint       # eslint
npm run typecheck  # tsc -b --noEmit
npm run gen:types  # regenerate database types from the linked project

Always run npm run build before committing UI or logic changes - it typechecks the whole app.

Environment and secrets

Two kinds of configuration matter, and keeping them separate is the whole game.

Front end (build-time, public):

VariableNotes
VITE_SUPABASE_URLInlined into the bundle
VITE_SUPABASE_ANON_KEYPublic by design - RLS protects the data

These are read at build time, so they must exist before npm run build.

Edge function secrets (server-side only):

VariableNotes
OPENROUTER_API_KEYRequired. Set with supabase secrets set ..., never commit it
OPENROUTER_MODEL / OPENROUTER_EFFORTOptional overrides
OPENROUTER_SITE_URL / OPENROUTER_APP_NAMEOptional ranking headers

Never put a secret in the front end. Only the anon key belongs there. The OpenRouter key is an edge-function secret and must stay server-side.

Database

The schema lives in supabase/migrations (base migration plus later ones). If you change the schema: update the migration, apply it, regenerate the types with npm run gen:types, and re-check the Supabase security advisors.

On a brand-new project the storage schema can lag a few seconds. If applying the full migration fails on storage.buckets, apply the core tables first, then the storage section.

Auth redirects

Confirmation and magic-link emails use the Supabase project's Site URL plus the Redirect URLs allowlist. Set these to your deployed origin, or links will point at localhost.

Hosting

The repo ships with config for hosting that auto-deploys from main (a railway.json and a DEPLOY.md). The workflow is trunk-based: run npm run build, commit, and push to main; hosting picks it up.

Production serve

npm run start  # serve dist/ with SPA fallback

Architecture

The layers, the data flow, and how a chat turn actually works.

Agents

Deployable units of prompt plus tools, runnable from chat, webhooks, or a schedule.

On this page

Local developmentEnvironment and secretsDatabaseAuth redirectsHostingProduction serve