DocFast: borgbackup, CI/CD pipeline, reproducible infra - all launch blockers

projects/business/memory/state.json

@@ -3,22 +3,26 @@
   "phaseLabel": "Build Production-Grade Product",
   "status": "not-launch-ready",
   "product": "DocFast — HTML/Markdown to PDF API",
-  "currentPriority": "1) PostgreSQL migration (in progress). 2) Human: update Stripe webhook URL + secret in Dashboard. 3) Full E2E Pro payment test. 4) Marketing launch.",
+  "currentPriority": "1) E2E Pro payment test (real Stripe payment). 2) Fix BUG-038 (low). 3) Marketing launch.",
+  "ownerDirectives_PRIORITY": "Process these IN ORDER. Do not skip.",
   "ownerDirectives": [
     "BUG-032 terminal gap is NOT fixed — still visible gap between terminal header and terminal window on mobile. Reopen and fix properly.",
     "Change SLA from 99.9% to 99.5% on landing page.",
     "Migrate from SQLite to PostgreSQL NOW, before launch. Required for future failover/clustering. This is a launch blocker.",
     "Stripe: owner has existing Stripe account from another project — use same account, just create separate Product + webhook endpoint for DocFast.",
     "STRIPE_WEBHOOK_SECRET is now in docfast.env. Deploy it to the server env WITHOUT reading the value. Use: source .credentials/docfast.env then SSH to set it.",
-    "Stripe Product ID for DocFast: prod_TygeG8tQPtEAdE — webhook handler must filter by this product_id to ignore events from other projects on the same Stripe account."
+    "Stripe Product ID for DocFast: prod_TygeG8tQPtEAdE — webhook handler must filter by this product_id to ignore events from other projects on the same Stripe account.",
+    "OFF-SITE BACKUPS with BorgBackup: Set up borgbackup so full recovery is possible even if the host dies. Store backups on a separate Hetzner Storage Box or similar. This is a launch blocker.",
+    "DEPLOYMENT PIPELINE: Set up a proper CI/CD pipeline (Forgejo Actions or similar). Push to main → auto-deploy. No more manual SSH deploys. Launch blocker.",
+    "REPRODUCIBLE INFRASTRUCTURE: Dockerize/script EVERYTHING so spinning up a second machine is trivial. Document the full setup so a new VM can be provisioned in minutes, not hours. Think: Docker Compose, env templates, automated provisioning. Launch blocker."
   ],
   "launchChecklist": {
     "emailVerificationReal": true,
     "smtpWorking": true,
     "dnsRecordsLive": true,
     "userAccountSystem": false,
-    "proPaymentFlow": false,
+    "proPaymentFlow": "partial",
-    "proPaymentFlowNote": "checkout.session.completed handler deployed BUT: STRIPE_WEBHOOK_SECRET empty (forgery risk), webhook URL in Stripe Dashboard wrong (points to Supabase). Both need human action. Cannot do E2E test until fixed.",
+    "proPaymentFlowNote": "Webhook handler deployed with signature verification + product_id filtering. Webhook URL configured in Stripe. Needs real E2E test payment to fully verify.",
     "postgresqlMigration": true,
     "postgresqlMigrationNote": "DONE. 48 keys, 7 verifications, 3 usage records migrated. Live and verified.",
     "keyRecovery": true,
@@ -57,10 +61,11 @@
   "openBugs": {
     "CRITICAL": [],
     "HIGH": [],
-    "MEDIUM": ["BUG-032 (mobile terminal gap - NOT fixed, reopen)", "BUG-035 (STRIPE_WEBHOOK_SECRET - now in docfast.env, deploy to server)", "BUG-036 (Stripe webhook URL - DONE by human)", "BUG-037 (webhook handler must filter by product_id prod_TygeG8tQPtEAdE - shared Stripe account)"],
+    "MEDIUM": ["BUG-036 (Stripe webhook URL - DONE by human)"],
+    "LOW": ["BUG-038 (health endpoint missing DB status check)"],
     "LOW": []
   },
   "blockers": [],
   "startDate": "2026-02-14",
-  "sessionCount": 30
+  "sessionCount": 31
 }