Prisma Studio Example

Prisma Studio is a great GUI to directly access your database. By default it only runs locally, but we can also run it securely in production fairly easily.

We use Caddy as a reverse proxy in front of Prisma Studio to add HTTP Basic Auth to ensure that no one else can access your database!

1. Add a file named Caddyfile in your project root with the following:

   {
     debug
     admin off
   }
   
   # Note: the urls use `http`, not `https` because `https` is added at a higher layer
   http://admin.yourproductiondomain.com {
     reverse_proxy 0.0.0.0:5555
     log
     basicauth {
       {$PRISMA_STUDIO_USERNAME} {$PRISMA_STUDIO_PASSWORD_HASH}
     }
   }

2. Your password

   • Generate a very long password and save it
   • In your terminal, run caddy hash-password and provide the password when prompted

     💡 Tip: Running caddy command will require caddy to be installed locally or running in docker. Check the caddy install page for more information on how to install it for your operating system.

   • Save the hashed password result in AWS Parameter Store as PRISMA_STUDIO_PASSWORD_HASH

3. Database Connection String

   • Make sure your database connection string is added as environment variable (check this section for details on how to add secrets), by default prisma looks for environment variable called DATABASE_URL.

4. Add the following to the services array in your flightcontrol.json file:

   • Set PRISMA_STUDIO_USERNAME to whatever you want

    
       "id": "prisma-studio",
       "name": "Prisma Studio",
       "type": "web",
       "target": {"type": "fargate"},
       "domain": "admin.yourproductiondomain.com",
       "cpu": 0.25,
       "memory": 0.5,
       "buildCommand": "npm i pm2",
       "startCommand": "pm2 start \"npx prisma studio\" && caddy run",
       "port": 80,
       "buildType": "nixpacks",
       "envVariables": {
         "NIXPACKS_PKGS": "caddy",
         "PRISMA_STUDIO_USERNAME": "<make-up-a-username>",
         "PRISMA_STUDIO_PASSWORD_HASH": {
           "fromParameterStore": "PRISMA_STUDIO_PASSWORD_HASH"
         },
         "DATABASE_URL": {
           "fromParameterStore": "DATABASE_URL"
         }
       }

5. Deploy using git push

6. Once Flightcontrol shows you the DNS changes for your custom domain, make those updates in your DNS settings.

   • A custom domain is currently required, but you can use any domain.

7. Once DNS has been verified, you can access prisma studio at your specified domain!