diff --git a/apps/docs/content/guides/self-hosting/enable-mcp.mdx b/apps/docs/content/guides/self-hosting/enable-mcp.mdx
index 8992f68205..e2517d0624 100644
--- a/apps/docs/content/guides/self-hosting/enable-mcp.mdx
+++ b/apps/docs/content/guides/self-hosting/enable-mcp.mdx
@@ -25,6 +25,15 @@ Do not allow connections to the self-hosted MCP server from the Internet. Only a
When connecting via an SSH tunnel to the Studio Docker container, the source IP will be that of the Docker bridge gateway. You need to allow connections from this IP address.
+
+
+
+
Determine the Docker bridge gateway IP on the host running your Supabase containers:
```sh
@@ -32,16 +41,41 @@ docker inspect supabase-kong \
--format '{{range .NetworkSettings.Networks}}{{println .Gateway}}{{end}}'
```
+
+
+
+
+Determine the Docker bridge gateway IP on the host running your Supabase containers:
+
+```sh
+docker inspect supabase-envoy \
+ --format '{{range .NetworkSettings.Networks}}{{println .Gateway}}{{end}}'
+```
+
+
+
+
+
This command will output an IP address, e.g., `172.18.0.1`.
### Step 2: Allow connections from the gateway IP
+
+
+
+
Add the IP address you discovered to the Kong configuration by editing the following section in `./volumes/api/kong.yml`:
1. Comment out the request-termination section
2. Remove the # symbols from the entire section starting with `- name: cors`, including `deny: []`
-3. Add your local IP to the 'allow' list.
-4. Your edited configuration should look like the example below.
+3. Add your local IP to the 'allow' list
+4. **Preserve the existing indentation** - YAML is whitespace-sensitive and the config will fail to load if it changes
+5. Your edited configuration should look like the example below:
```yaml name=volumes/api/kong.yml
## MCP endpoint - local access
@@ -75,14 +109,105 @@ Add the IP address you discovered to the Kong configuration by editing the follo
deny: []
```
+
+
+
+
+Add the IP address you discovered to the Envoy configuration by editing the `/mcp` route in `./volumes/api/envoy/lds.template.yaml`:
+
+1. Find the route with `prefix: /mcp`
+2. Comment out the `rbac` block that denies all traffic and uncomment the allow-list policy below
+3. Keep loopback entries (`127.0.0.1` and `::1`) and add your Docker bridge gateway IP
+4. **Preserve the existing indentation** - YAML is whitespace-sensitive and the config will fail to load if it changes
+5. Your edited configuration should look like the example below:
+
+```yaml name=volumes/api/envoy/lds.template.yaml
+- match:
+ prefix: /mcp
+ route:
+ cluster: studio
+ prefix_rewrite: /api/mcp
+ timeout: 30s
+ request_headers_to_add:
+ - header:
+ key: X-Forwarded-Prefix
+ value: /mcp
+ append_action: ADD_IF_ABSENT
+ typed_per_filter_config:
+ envoy.filters.http.basic_auth:
+ '@type': >-
+ type.googleapis.com/envoy.config.route.v3.FilterConfig
+ disabled: true
+ envoy.filters.http.rbac:
+ '@type': >-
+ type.googleapis.com/envoy.extensions.filters.http.rbac.v3.RBACPerRoute
+ # Block access to /mcp by default
+ #rbac:
+ # rules:
+ # action: DENY
+ # policies:
+ # deny_all:
+ # permissions:
+ # - any: true
+ # principals:
+ # - any: true
+ # Enable local access (danger zone!)
+ # 1. Comment out the 'rbac' block above.
+ # 2. Uncomment and adjust the 'rbac' block below.
+ # 3. Add or adjust your local IPs in 'principals'.
+ rbac:
+ rules:
+ action: ALLOW
+ policies:
+ allow_local:
+ permissions:
+ - any: true
+ principals:
+ - direct_remote_ip:
+ address_prefix: 127.0.0.1
+ prefix_len: 32
+ - direct_remote_ip:
+ address_prefix: ::1
+ prefix_len: 128
+ - direct_remote_ip:
+ # Add your Docker bridge gateway IP below
+ address_prefix: 172.18.0.1
+ prefix_len: 32
+```
+
+
+
+
+
### Step 3: Restart API gateway
-After you've added the local IP address as above, restart the Kong container:
+After you've added the local IP address as above, restart your gateway:
+
+
+
+
```sh
docker compose restart kong
```
+
+
+
+
+```sh
+docker compose -f docker-compose.yml -f docker-compose.envoy.yml restart api-gw
+```
+
+
+
+
+
### Step 4: Create the SSH tunnel
From your local machine, create an SSH tunnel to your Supabase host:
diff --git a/docker/volumes/api/envoy/lds.template.yaml b/docker/volumes/api/envoy/lds.template.yaml
index f9ed9adf0d..4d55f60a0e 100644
--- a/docker/volumes/api/envoy/lds.template.yaml
+++ b/docker/volumes/api/envoy/lds.template.yaml
@@ -476,6 +476,7 @@ resources:
envoy.filters.http.rbac:
'@type': >-
type.googleapis.com/envoy.extensions.filters.http.rbac.v3.RBACPerRoute
+ # Block access to /mcp by default
rbac:
rules:
action: DENY
@@ -486,22 +487,23 @@ resources:
principals:
- any: true
# Enable local access (danger zone!)
- # 1. Replace the `rbac` block above with the one below.
- # 2. Adjust the IP ranges in `principals`.
- # rbac:
- # rules:
- # action: ALLOW
- # policies:
- # allow_local:
- # permissions:
- # - any: true
- # principals:
- # - direct_remote_ip:
- # address_prefix: 127.0.0.1
- # prefix_len: 32
- # - direct_remote_ip:
- # address_prefix: ::1
- # prefix_len: 128
+ # 1. Comment out the 'rbac' block above.
+ # 2. Uncomment and adjust the 'rbac' block below.
+ # 3. Add or adjust your local IPs in 'principals'.
+ #rbac:
+ # rules:
+ # action: ALLOW
+ # policies:
+ # allow_local:
+ # permissions:
+ # - any: true
+ # principals:
+ # - direct_remote_ip:
+ # address_prefix: 127.0.0.1
+ # prefix_len: 32
+ # - direct_remote_ip:
+ # address_prefix: ::1
+ # prefix_len: 128
- match:
prefix: /