Add root README with architecture diagram, .env.example for all products

2026-03-01 03:14:11 +00:00
parent b41cdd1db9
commit 6d66fff1bd
2 changed files with 131 additions and 0 deletions
--- a/products/.env.example
+++ b/products/.env.example
@@ -0,0 +1,37 @@
+# dd0c Environment Variables
+# Copy to .env and fill in your values
+
+# --- Shared ---
+DATABASE_URL=postgresql://dd0c:dd0c-dev@localhost:5432/dd0c_alert
+REDIS_URL=redis://localhost:6379
+JWT_SECRET=change-me-to-a-real-secret-at-least-32-chars
+CORS_ORIGIN=*
+LOG_LEVEL=info
+PORT=3000
+
+# --- P1: route ---
+# OPENAI_API_KEY=sk-...
+# ANTHROPIC_API_KEY=sk-ant-...
+
+# --- P3: alert ---
+# DATADOG_WEBHOOK_SECRET=...
+# PAGERDUTY_WEBHOOK_SECRET=...
+# OPSGENIE_WEBHOOK_SECRET=...
+
+# --- P4: portal ---
+# MEILI_URL=http://localhost:7700
+# MEILI_KEY=...
+# GITHUB_TOKEN=ghp_...
+
+# --- P5: cost ---
+# AWS_ACCESS_KEY_ID=...
+# AWS_SECRET_ACCESS_KEY=...
+# ANOMALY_THRESHOLD=50
+
+# --- P6: run ---
+# SLACK_BOT_TOKEN=xoxb-...
+# SLACK_SIGNING_SECRET=...
+
+# --- Notifications (shared) ---
+# SLACK_WEBHOOK_URL=https://hooks.slack.com/services/...
+# RESEND_API_KEY=re_...
--- a/products/README.md
+++ b/products/README.md
@@ -0,0 +1,94 @@
+# dd0c — DevOps Developer Tools
+
+Six products. One platform. Built for teams that ship.
+
+## Products
+
+| Product | Port | Description | Stack |
+|---------|------|-------------|-------|
+| [route](products/01-llm-cost-router/) | 3001 | LLM Cost Router & Dashboard | Rust (proxy + API), React |
+| [drift](products/02-iac-drift-detection/) | 3002 | IaC Drift Detection | Go (agent), TypeScript/Fastify |
+| [alert](products/03-alert-intelligence/) | 3003 | Alert Intelligence | TypeScript/Fastify |
+| [portal](products/04-lightweight-idp/) | 3004 | Lightweight Service Catalog | TypeScript/Fastify, Meilisearch |
+| [cost](products/05-aws-cost-anomaly/) | 3005 | AWS Cost Anomaly Detection | TypeScript/Fastify |
+| [run](products/06-runbook-automation/) | 3006 | Runbook Automation | Rust (agent), TypeScript/Fastify |
+
+## Quick Start
+
+```bash
+# 1. Start shared infra (Postgres, Redis, Meilisearch)
+docker compose -f products/docker-compose.yml up -d postgres redis meilisearch
+
+# 2. Create databases and run migrations
+./products/init-db.sh
+
+# 3. Start all services
+docker compose -f products/docker-compose.yml up -d
+```
+
+## Architecture
+
+```
+┌─────────────┐  ┌─────────────┐  ┌─────────────┐
+│  Cloudflare  │  │   Fly.io    │  │   Fly.io    │
+│    Pages     │  │   (proxy)   │  │   (APIs)    │
+│  React UIs   │  │  P1 route   │  │  P3-P6 SaaS │
+└──────┬───────┘  └──────┬──────┘  └──────┬──────┘
+       │                 │                │
+       └────────────┬────┘────────────────┘
+                    │
+              ┌─────┴─────┐
+              │   Neon PG  │  ← RLS per tenant
+              │  + Upstash │  ← Redis cache
+              └────────────┘
+```
+
+## Auth
+
+All products share the same auth pattern:
+- **JWT** (Bearer token) for browser/API access
+- **API Key** (`dd0c_` prefix + 32 hex) for agents/CLI
+- **HMAC** for webhook endpoints (per-provider secrets)
+- **RBAC**: owner > admin > member > viewer
+
+## Shared Patterns
+
+- **RLS tenant isolation**: `withTenant()` wrapper on every DB call
+- **Zod config validation**: Environment variables validated at startup
+- **Fastify**: All Node services use Fastify with cors + helmet
+- **Pino**: Structured JSON logging everywhere
+- **Gitea Actions CI**: Test + typecheck + lint on every push
+
+## Local Development
+
+Each product can run standalone:
+
+```bash
+cd products/03-alert-intelligence
+npm install
+npm run dev  # tsx watch mode
+```
+
+Or run the full stack via Docker Compose (see Quick Start).
+
+## Deployment
+
+**V1 Target**: Fly.io (~$5/mo total)
+- Each product has a `fly.toml` with scale-to-zero
+- Shared Neon Postgres (free tier) + Upstash Redis (free tier)
+- Cloudflare Pages for React dashboards
+- Caddy for self-hosted TLS (optional)
+
+**Scale Target**: AWS (ECS Fargate + RDS + ElastiCache)
+- Same Docker images, only env vars change
+- Migration path documented in each product's `INFRASTRUCTURE.md`
+
+## CI/CD
+
+All products use Gitea Actions with self-hosted runners:
+- `.gitea/workflows/ci.yml` — test, typecheck, lint
+- `.gitea/workflows/deploy.yml` — build + push to Fly.io (where applicable)
+
+## License
+
+Proprietary. © dd0c 2026.