Max Mayfield
45a0237163
Some checks failed
CI — P1 Route (Rust) / test (push) Failing after 7m3s
Only api/handler.rs (binary-only module) uses dd0c_route:: proxy/handler.rs is included via lib.rs pub mod proxy, so it must use crate::
dd0c — DevOps Developer Tools
Six products. One platform. Built for teams that ship.
Products
| Product | Port | Description | Stack |
|---|---|---|---|
| route | 3001 | LLM Cost Router & Dashboard | Rust (proxy + API), React |
| drift | 3002 | IaC Drift Detection | Go (agent), TypeScript/Fastify |
| alert | 3003 | Alert Intelligence | TypeScript/Fastify |
| portal | 3004 | Lightweight Service Catalog | TypeScript/Fastify, Meilisearch |
| cost | 3005 | AWS Cost Anomaly Detection | TypeScript/Fastify |
| run | 3006 | Runbook Automation | Rust (agent), TypeScript/Fastify |
Quick Start
# 1. Start shared infra (Postgres, Redis, Meilisearch)
docker compose -f products/docker-compose.yml up -d postgres redis meilisearch
# 2. Create databases and run migrations
./products/init-db.sh
# 3. Start all services
docker compose -f products/docker-compose.yml up -d
Architecture
┌─────────────┐ ┌─────────────┐ ┌─────────────┐
│ Cloudflare │ │ Fly.io │ │ Fly.io │
│ Pages │ │ (proxy) │ │ (APIs) │
│ React UIs │ │ P1 route │ │ P3-P6 SaaS │
└──────┬───────┘ └──────┬──────┘ └──────┬──────┘
│ │ │
└────────────┬────┘────────────────┘
│
┌─────┴─────┐
│ Neon PG │ ← RLS per tenant
│ + Upstash │ ← Redis cache
└────────────┘
Auth
All products share the same auth pattern:
- JWT (Bearer token) for browser/API access
- API Key (
dd0c_prefix + 32 hex) for agents/CLI - HMAC for webhook endpoints (per-provider secrets)
- RBAC: owner > admin > member > viewer
Shared Patterns
- RLS tenant isolation:
withTenant()wrapper on every DB call - Zod config validation: Environment variables validated at startup
- Fastify: All Node services use Fastify with cors + helmet
- Pino: Structured JSON logging everywhere
- Gitea Actions CI: Test + typecheck + lint on every push
Local Development
Each product can run standalone:
cd products/03-alert-intelligence
npm install
npm run dev # tsx watch mode
Or run the full stack via Docker Compose (see Quick Start).
Deployment
V1 Target: Fly.io (~$5/mo total)
- Each product has a
fly.tomlwith scale-to-zero - Shared Neon Postgres (free tier) + Upstash Redis (free tier)
- Cloudflare Pages for React dashboards
- Caddy for self-hosted TLS (optional)
Scale Target: AWS (ECS Fargate + RDS + ElastiCache)
- Same Docker images, only env vars change
- Migration path documented in each product's
INFRASTRUCTURE.md
CI/CD
All products use Gitea Actions with self-hosted runners:
.gitea/workflows/ci.yml— test, typecheck, lint.gitea/workflows/deploy.yml— build + push to Fly.io (where applicable)
License
Proprietary. © dd0c 2026.