Add root README with architecture diagram, .env.example for all products
This commit is contained in:
37
products/.env.example
Normal file
37
products/.env.example
Normal file
@@ -0,0 +1,37 @@
|
|||||||
|
# dd0c Environment Variables
|
||||||
|
# Copy to .env and fill in your values
|
||||||
|
|
||||||
|
# --- Shared ---
|
||||||
|
DATABASE_URL=postgresql://dd0c:dd0c-dev@localhost:5432/dd0c_alert
|
||||||
|
REDIS_URL=redis://localhost:6379
|
||||||
|
JWT_SECRET=change-me-to-a-real-secret-at-least-32-chars
|
||||||
|
CORS_ORIGIN=*
|
||||||
|
LOG_LEVEL=info
|
||||||
|
PORT=3000
|
||||||
|
|
||||||
|
# --- P1: route ---
|
||||||
|
# OPENAI_API_KEY=sk-...
|
||||||
|
# ANTHROPIC_API_KEY=sk-ant-...
|
||||||
|
|
||||||
|
# --- P3: alert ---
|
||||||
|
# DATADOG_WEBHOOK_SECRET=...
|
||||||
|
# PAGERDUTY_WEBHOOK_SECRET=...
|
||||||
|
# OPSGENIE_WEBHOOK_SECRET=...
|
||||||
|
|
||||||
|
# --- P4: portal ---
|
||||||
|
# MEILI_URL=http://localhost:7700
|
||||||
|
# MEILI_KEY=...
|
||||||
|
# GITHUB_TOKEN=ghp_...
|
||||||
|
|
||||||
|
# --- P5: cost ---
|
||||||
|
# AWS_ACCESS_KEY_ID=...
|
||||||
|
# AWS_SECRET_ACCESS_KEY=...
|
||||||
|
# ANOMALY_THRESHOLD=50
|
||||||
|
|
||||||
|
# --- P6: run ---
|
||||||
|
# SLACK_BOT_TOKEN=xoxb-...
|
||||||
|
# SLACK_SIGNING_SECRET=...
|
||||||
|
|
||||||
|
# --- Notifications (shared) ---
|
||||||
|
# SLACK_WEBHOOK_URL=https://hooks.slack.com/services/...
|
||||||
|
# RESEND_API_KEY=re_...
|
||||||
94
products/README.md
Normal file
94
products/README.md
Normal file
@@ -0,0 +1,94 @@
|
|||||||
|
# dd0c — DevOps Developer Tools
|
||||||
|
|
||||||
|
Six products. One platform. Built for teams that ship.
|
||||||
|
|
||||||
|
## Products
|
||||||
|
|
||||||
|
| Product | Port | Description | Stack |
|
||||||
|
|---------|------|-------------|-------|
|
||||||
|
| [route](products/01-llm-cost-router/) | 3001 | LLM Cost Router & Dashboard | Rust (proxy + API), React |
|
||||||
|
| [drift](products/02-iac-drift-detection/) | 3002 | IaC Drift Detection | Go (agent), TypeScript/Fastify |
|
||||||
|
| [alert](products/03-alert-intelligence/) | 3003 | Alert Intelligence | TypeScript/Fastify |
|
||||||
|
| [portal](products/04-lightweight-idp/) | 3004 | Lightweight Service Catalog | TypeScript/Fastify, Meilisearch |
|
||||||
|
| [cost](products/05-aws-cost-anomaly/) | 3005 | AWS Cost Anomaly Detection | TypeScript/Fastify |
|
||||||
|
| [run](products/06-runbook-automation/) | 3006 | Runbook Automation | Rust (agent), TypeScript/Fastify |
|
||||||
|
|
||||||
|
## Quick Start
|
||||||
|
|
||||||
|
```bash
|
||||||
|
# 1. Start shared infra (Postgres, Redis, Meilisearch)
|
||||||
|
docker compose -f products/docker-compose.yml up -d postgres redis meilisearch
|
||||||
|
|
||||||
|
# 2. Create databases and run migrations
|
||||||
|
./products/init-db.sh
|
||||||
|
|
||||||
|
# 3. Start all services
|
||||||
|
docker compose -f products/docker-compose.yml up -d
|
||||||
|
```
|
||||||
|
|
||||||
|
## Architecture
|
||||||
|
|
||||||
|
```
|
||||||
|
┌─────────────┐ ┌─────────────┐ ┌─────────────┐
|
||||||
|
│ Cloudflare │ │ Fly.io │ │ Fly.io │
|
||||||
|
│ Pages │ │ (proxy) │ │ (APIs) │
|
||||||
|
│ React UIs │ │ P1 route │ │ P3-P6 SaaS │
|
||||||
|
└──────┬───────┘ └──────┬──────┘ └──────┬──────┘
|
||||||
|
│ │ │
|
||||||
|
└────────────┬────┘────────────────┘
|
||||||
|
│
|
||||||
|
┌─────┴─────┐
|
||||||
|
│ Neon PG │ ← RLS per tenant
|
||||||
|
│ + Upstash │ ← Redis cache
|
||||||
|
└────────────┘
|
||||||
|
```
|
||||||
|
|
||||||
|
## Auth
|
||||||
|
|
||||||
|
All products share the same auth pattern:
|
||||||
|
- **JWT** (Bearer token) for browser/API access
|
||||||
|
- **API Key** (`dd0c_` prefix + 32 hex) for agents/CLI
|
||||||
|
- **HMAC** for webhook endpoints (per-provider secrets)
|
||||||
|
- **RBAC**: owner > admin > member > viewer
|
||||||
|
|
||||||
|
## Shared Patterns
|
||||||
|
|
||||||
|
- **RLS tenant isolation**: `withTenant()` wrapper on every DB call
|
||||||
|
- **Zod config validation**: Environment variables validated at startup
|
||||||
|
- **Fastify**: All Node services use Fastify with cors + helmet
|
||||||
|
- **Pino**: Structured JSON logging everywhere
|
||||||
|
- **Gitea Actions CI**: Test + typecheck + lint on every push
|
||||||
|
|
||||||
|
## Local Development
|
||||||
|
|
||||||
|
Each product can run standalone:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
cd products/03-alert-intelligence
|
||||||
|
npm install
|
||||||
|
npm run dev # tsx watch mode
|
||||||
|
```
|
||||||
|
|
||||||
|
Or run the full stack via Docker Compose (see Quick Start).
|
||||||
|
|
||||||
|
## Deployment
|
||||||
|
|
||||||
|
**V1 Target**: Fly.io (~$5/mo total)
|
||||||
|
- Each product has a `fly.toml` with scale-to-zero
|
||||||
|
- Shared Neon Postgres (free tier) + Upstash Redis (free tier)
|
||||||
|
- Cloudflare Pages for React dashboards
|
||||||
|
- Caddy for self-hosted TLS (optional)
|
||||||
|
|
||||||
|
**Scale Target**: AWS (ECS Fargate + RDS + ElastiCache)
|
||||||
|
- Same Docker images, only env vars change
|
||||||
|
- Migration path documented in each product's `INFRASTRUCTURE.md`
|
||||||
|
|
||||||
|
## CI/CD
|
||||||
|
|
||||||
|
All products use Gitea Actions with self-hosted runners:
|
||||||
|
- `.gitea/workflows/ci.yml` — test, typecheck, lint
|
||||||
|
- `.gitea/workflows/deploy.yml` — build + push to Fly.io (where applicable)
|
||||||
|
|
||||||
|
## License
|
||||||
|
|
||||||
|
Proprietary. © dd0c 2026.
|
||||||
Reference in New Issue
Block a user