From af0ee8845da4954dd41f176463926dd842843d79 Mon Sep 17 00:00:00 2001 From: Hoid Date: Sat, 14 Feb 2026 18:40:22 +0000 Subject: [PATCH] =?UTF-8?q?Business:=20SMTP,=20user=20accounts,=20self-suf?= =?UTF-8?q?ficiency=20=E2=80=94=20CEO=20must=20build=20real=20infrastructu?= =?UTF-8?q?re?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- projects/business/memory/state.json | 11 +++++++---- skills/business/SKILL.md | 19 +++++++++++++++++++ 2 files changed, 26 insertions(+), 4 deletions(-) diff --git a/projects/business/memory/state.json b/projects/business/memory/state.json index 2af39d0..0066f7c 100644 --- a/projects/business/memory/state.json +++ b/projects/business/memory/state.json @@ -3,16 +3,18 @@ "phaseLabel": "Build Production-Grade Product", "status": "not-launch-ready", "product": "DocFast — HTML/Markdown to PDF API", - "currentPriority": "Build production infrastructure. In order: 1) Email verification for signup (send verification email, confirm, then issue key). 2) Pro checkout → key delivery E2E flow. 3) Key recovery mechanism. 4) Automated database backups. 5) Load testing to determine actual capacity. 6) Rate limits based on real capacity data. 7) UI/UX polish. ALL of these are required before launch. Do not skip or defer any.", + "currentPriority": "CRITICAL INFRASTRUCTURE: 1) Set up SMTP on the server (postfix or similar) for REAL email verification. You have root access to the server — install it, configure it, set up SPF/DKIM records. Tell the investor which DNS records to add afterward. No excuses. 2) Rethink the user model: proper account system — register with email (verified via SMTP), login, dashboard where users can see their key, reset it, upgrade to Pro. This is how real SaaS works. 3) Key recovery flows from the dashboard. 4) Load testing. 5) Data-backed rate limits.", + "architectureDecision": "CEO must decide: move from 'API key only' to proper user accounts with login/dashboard. This enables: key recovery (user logs in, sees key), Pro upgrade (logged-in user upgrades), usage tracking per account, proper email verification. Research how competitors (DocRaptor, PDFShift, etc.) handle accounts.", "launchChecklist": { - "emailVerification": true, + "emailVerificationReal": false, + "userAccountSystem": false, "proPaymentFlow": false, "keyRecovery": false, "databaseBackups": true, "loadTested": false, "rateLimitsDataBacked": false, "landingPageHonest": true, - "zeroConsolErrors": true, + "zeroConsoleErrors": true, "mobileResponsive": true, "securityAuditPassed": true }, @@ -21,7 +23,8 @@ "url": "https://docfast.dev", "server": "docfast-1 (CAX11, nbg1)", "serverIP": "167.235.156.214", - "sshKey": "/home/openclaw/.ssh/docfast" + "sshKey": "/home/openclaw/.ssh/docfast", + "smtp": "NOT SET UP — install postfix or use a transactional email service. You have root on the server." }, "credentials": { "file": "/home/openclaw/.openclaw/workspace/.credentials/docfast.env", diff --git a/skills/business/SKILL.md b/skills/business/SKILL.md index c74998a..b4de5ac 100644 --- a/skills/business/SKILL.md +++ b/skills/business/SKILL.md @@ -169,6 +169,25 @@ Rules: - Never propose spending >€50 without human approval - Monthly recurring costs must be tracked +## Self-Sufficiency + +You have ROOT ACCESS to the server. You can install anything: databases, mail servers, monitoring, cron jobs, certificates. DO NOT tell the investor "we can't do X because we don't have Y" — install Y yourself. + +Examples of things you CAN and SHOULD do yourself: +- Install and configure postfix/SMTP for transactional emails +- Set up DNS records via Hetzner DNS API +- Install monitoring tools +- Set up log rotation +- Configure automated backups +- Install and run load testing tools +- Set up SSL certificates + +The ONLY things you need the investor for: +- DNS records at INWX (domain registrar) — tell them EXACTLY which records to add +- Spending money above €50 +- Stripe account configuration +- Business/legal decisions + ## Escalation to Human Message on WhatsApp with: what you need (specific), cost (exact), urgency.