From c2e71d8a88742a1f710bc96bfa75e3262020299f Mon Sep 17 00:00:00 2001 From: Hoid Date: Sun, 15 Feb 2026 10:59:43 +0000 Subject: [PATCH] DocFast: borgbackup, CI/CD pipeline, reproducible infra - all launch blockers --- projects/business/memory/state.json | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/projects/business/memory/state.json b/projects/business/memory/state.json index 2b637f2..6cc066c 100644 --- a/projects/business/memory/state.json +++ b/projects/business/memory/state.json @@ -3,22 +3,26 @@ "phaseLabel": "Build Production-Grade Product", "status": "not-launch-ready", "product": "DocFast — HTML/Markdown to PDF API", - "currentPriority": "1) PostgreSQL migration (in progress). 2) Human: update Stripe webhook URL + secret in Dashboard. 3) Full E2E Pro payment test. 4) Marketing launch.", + "currentPriority": "1) E2E Pro payment test (real Stripe payment). 2) Fix BUG-038 (low). 3) Marketing launch.", + "ownerDirectives_PRIORITY": "Process these IN ORDER. Do not skip.", "ownerDirectives": [ "BUG-032 terminal gap is NOT fixed — still visible gap between terminal header and terminal window on mobile. Reopen and fix properly.", "Change SLA from 99.9% to 99.5% on landing page.", "Migrate from SQLite to PostgreSQL NOW, before launch. Required for future failover/clustering. This is a launch blocker.", "Stripe: owner has existing Stripe account from another project — use same account, just create separate Product + webhook endpoint for DocFast.", "STRIPE_WEBHOOK_SECRET is now in docfast.env. Deploy it to the server env WITHOUT reading the value. Use: source .credentials/docfast.env then SSH to set it.", - "Stripe Product ID for DocFast: prod_TygeG8tQPtEAdE — webhook handler must filter by this product_id to ignore events from other projects on the same Stripe account." + "Stripe Product ID for DocFast: prod_TygeG8tQPtEAdE — webhook handler must filter by this product_id to ignore events from other projects on the same Stripe account.", + "OFF-SITE BACKUPS with BorgBackup: Set up borgbackup so full recovery is possible even if the host dies. Store backups on a separate Hetzner Storage Box or similar. This is a launch blocker.", + "DEPLOYMENT PIPELINE: Set up a proper CI/CD pipeline (Forgejo Actions or similar). Push to main → auto-deploy. No more manual SSH deploys. Launch blocker.", + "REPRODUCIBLE INFRASTRUCTURE: Dockerize/script EVERYTHING so spinning up a second machine is trivial. Document the full setup so a new VM can be provisioned in minutes, not hours. Think: Docker Compose, env templates, automated provisioning. Launch blocker." ], "launchChecklist": { "emailVerificationReal": true, "smtpWorking": true, "dnsRecordsLive": true, "userAccountSystem": false, - "proPaymentFlow": false, - "proPaymentFlowNote": "checkout.session.completed handler deployed BUT: STRIPE_WEBHOOK_SECRET empty (forgery risk), webhook URL in Stripe Dashboard wrong (points to Supabase). Both need human action. Cannot do E2E test until fixed.", + "proPaymentFlow": "partial", + "proPaymentFlowNote": "Webhook handler deployed with signature verification + product_id filtering. Webhook URL configured in Stripe. Needs real E2E test payment to fully verify.", "postgresqlMigration": true, "postgresqlMigrationNote": "DONE. 48 keys, 7 verifications, 3 usage records migrated. Live and verified.", "keyRecovery": true, @@ -57,10 +61,11 @@ "openBugs": { "CRITICAL": [], "HIGH": [], - "MEDIUM": ["BUG-032 (mobile terminal gap - NOT fixed, reopen)", "BUG-035 (STRIPE_WEBHOOK_SECRET - now in docfast.env, deploy to server)", "BUG-036 (Stripe webhook URL - DONE by human)", "BUG-037 (webhook handler must filter by product_id prod_TygeG8tQPtEAdE - shared Stripe account)"], + "MEDIUM": ["BUG-036 (Stripe webhook URL - DONE by human)"], + "LOW": ["BUG-038 (health endpoint missing DB status check)"], "LOW": [] }, "blockers": [], "startDate": "2026-02-14", - "sessionCount": 30 + "sessionCount": 31 }