feat: improve database pooling

Thread-safe and multi-process safe auth schema initialization

Author: Bulletdev

config/database.yml

@@ -19,7 +19,10 @@ default: &default
   encoding: unicode
   # For details on connection pooling, see Rails configuration guide
   # https://guides.rubyonrails.org/configuring.html#database-pooling
-  pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
+  # DB_POOL lets you set a higher pool for Sidekiq without raising Puma threads.
+  # e.g. in production: DB_POOL=10 for Sidekiq, RAILS_MAX_THREADS=5 for Puma.
+  # Defaults to RAILS_MAX_THREADS (5) when DB_POOL is not set.
+  pool: <%= ENV.fetch("DB_POOL") { ENV.fetch("RAILS_MAX_THREADS") { 5 } } %>
   # Connection timeout settings
   connect_timeout: 5
   checkout_timeout: 5

config/initializers/row_level_security.rb

@@ -29,7 +29,6 @@ def ensure_schema!
               Rails.logger.debug "Auth schema already exists"
               @created = true
             else
-              # Re-raise if it's a different error (permissions, etc)
               Rails.logger.error "Failed to create auth schema: #{e.message}"
               raise
             end
@@ -42,24 +41,32 @@ def ensure_schema!
 
 # Initialize on boot
 Rails.application.config.after_initialize do
-  AuthSchemaInitializer.initialize!
+  # Tthe `auth` schema is created and managed by itself —
+  # running CREATE SCHEMA here generates a wasteful DDL call on every Puma
+  # worker and Sidekiq process boot (228 DDL calls seen in Query Performance).
+  # Only run when connecting to a local/non-Supabase Postgres instance.
+  db_url = ENV.fetch('SUPABASE_DB_URL', ENV.fetch('DATABASE_URL', ''))
+  if db_url.exclude?('supabase')
+    AuthSchemaInitializer.initialize!
 
-  # Run in thread to not block boot, but with retry logic
-  Thread.new do
-    retries = 0
-    max_retries = 3
+    Thread.new do
+      retries = 0
+      max_retries = 3
 
-    begin
-      sleep 0.5 # Small delay to let other processes/threads start
-      AuthSchemaInitializer.ensure_schema!
-    rescue => e
-      retries += 1
-      if retries < max_retries
-        sleep 1 * retries # Exponential backoff
-        retry
-      else
-        Rails.logger.error "Failed to ensure auth schema after #{max_retries} attempts: #{e.message}"
+      begin
+        sleep 0.5 
+        AuthSchemaInitializer.ensure_schema!
+      rescue => e
+        retries += 1
+        if retries < max_retries
+          sleep 1 * retries 
+          retry
+        else
+          Rails.logger.error "Failed to ensure auth schema after #{max_retries} attempts: #{e.message}"
+        end
       end
-    end
-  end.tap { |t| t.abort_on_exception = false }
+    end.tap { |t| t.abort_on_exception = false }
+  else
+    Rails.logger.debug 'AuthSchemaInitializer skipped — Supabase manages the auth schema'
+  end
 end

config/sidekiq.yml

@@ -1,7 +1,12 @@
 ---
 # Sidekiq Configuration File
 
-:concurrency: <%= ENV.fetch('SIDEKIQ_CONCURRENCY', 25).to_i %>
+# Concurrency = number of Sidekiq threads = DB pool slots consumed.
+# Supabase Nano (2 vCPU / 2 GB) + PgBouncer session mode: keep this low.
+# Puma: 2 workers × 5 threads = 10 connections.
+# Sidekiq: DB_POOL should match concurrency (set both in your env together).
+# Recommended production env: SIDEKIQ_CONCURRENCY=10 DB_POOL=10
+:concurrency: <%= ENV.fetch('SIDEKIQ_CONCURRENCY', 10).to_i %>
 :timeout: <%= ENV.fetch('SIDEKIQ_TIMEOUT', 25).to_i %>
 :verbose: <%= ENV.fetch('SIDEKIQ_VERBOSE', 'true') == 'true' %>
 :queues:
@@ -20,9 +25,11 @@
     class: CleanupExpiredTokensJob
     description: 'Clean up expired password reset tokens and blacklisted JWT tokens'
 
-  # Refresh database metadata materialized views every 30 minutes
+  # Refresh database metadata materialized views every 2 hours.
+  # These views cache table privileges, extensions and policies which change
+  # rarely. Running every 30m was consuming ~72% of total DB time (879ms avg).
   refresh_metadata_views:
-    every: '30m'
+    cron: '0 */2 * * *'
     class: RefreshMetadataViewsJob
     description: 'Refresh materialized views for database metadata (table privileges, extensions, policies)'