Prisma Studio Example

Prisma Studio is a great GUI to directly access your database. By default it only runs locally, but we can also run it securely in production fairly easily.

We use Caddy (opens in a new tab) as a reverse proxy in front of Prisma Studio to add HTTP Basic Auth to ensure that no one else can access your database!

1. Add a file named Caddyfile in your project root with the following:

   {
     debug
     admin off
   }
   
   # Note: the urls use `http`, not `https` because `https` is added at a higher layer
   http://admin.yourproductiondomain.com {
     reverse_proxy 0.0.0.0:5555
     log
     basicauth {
       {$PRISMA_STUDIO_USERNAME} {$PRISMA_STUDIO_PASSWORD_HASH}
     }
   }

2. Your password

   • Generate a very long password and save it
   • In your terminal, run npx -p caddy-npm caddy hash-password and provide the password when prompted
   • Save the hashed password result in AWS Parameter Store as PRISMA_STUDIO_PASSWORD_HASH

3. Add the following to the services array in your flightcontrol.json file:

   • Set PRISMA_STUDIO_USERNAME to whatever you want

    
       "id": "prisma-studio",
       "name": "Prisma Studio",
       "type": "fargate",
       "domain": "admin.yourproductiondomain.com",
       "cpu": 0.25,
       "memory": 0.5,
       "buildCommand": "npm i caddy-npm pm2",
       "startCommand": "pm2 start \"npx prisma studio\" && caddy run",
       "port": 80,
       "envVariables": {
         "PRISMA_STUDIO_USERNAME": "<make-up-a-username>",
         "PRISMA_STUDIO_PASSWORD_HASH": {
           "fromParameterStore": "PRISMA_STUDIO_PASSWORD_HASH"
         },
         "DATABASE_URL": {
           "fromParameterStore": "DATABASE_URL"
         }
       }

4. Deploy using git push

5. Once Flightcontrol shows you the DNS changes for your custom domain, make those updates in your DNS settings.

   • A custom domain is currently required, but you can use any domain.

6. Once DNS has been verified, you can access prisma studio at your specified domain!