Max Mayfield
c3bafa238a
P1 route: 16 pts (template, full docker-compose + install script) P2 drift: 17 pts (pgmq, local CA for mTLS) P3 alert: 19 pts (Lambda→Fastify, DynamoDB→PG JSONB) P4 portal: 18 pts (Step Functions→cron, Aurora→PG+pgvector) P5 cost: 19 pts (EventBridge→agent/polling, DynamoDB→PG JSONB) P6 run: 15 pts (easiest — already PG-native, no AWS deps in core) Total self-hosted effort: ~104 story points across all 6 products
2.4 KiB
2.4 KiB
dd0c/run — Dual-Mode Deployment Addendum
Template: Based on dd0c/route dual-mode pattern
Cloud → Self-Hosted Service Mapping
| Cloud Service | Self-Hosted Replacement | Notes |
|---|---|---|
| RDS PostgreSQL | PostgreSQL container | Same schema, same RLS, same audit trail |
| Cognito | Local JWT (HS256) | AuthProvider pattern |
| S3 (compliance exports) | Local FS or MinIO | ObjectStore trait |
| SES | SMTP relay | Notifications |
| CloudWatch | Prometheus + Grafana | Bundled |
| KMS (audit encryption) | Local AES-256-GCM | Key file mounted as volume |
Self-Hosted Compose Services
services:
engine: # Parser + Classifier + Execution Engine (Rust)
image: ghcr.io/dd0c/run-engine:latest
api: # Dashboard API
image: ghcr.io/dd0c/run-api:latest
dashboard: # React SPA (parse preview, execution timeline)
image: ghcr.io/dd0c/run-dashboard:latest
postgres: # Config + audit trail (RLS, hash chain)
image: postgres:16-alpine
redis: # Panic mode, execution locks
image: redis:7-alpine
caddy:
image: caddy:2-alpine
Key Advantage: dd0c/run is Already Self-Host Friendly
dd0c/run has the simplest self-hosted story of all 6 products:
- The Go agent already runs in customer VPCs
- The SaaS is already PostgreSQL-native (no DynamoDB)
- gRPC between agent and SaaS works the same locally
- No EventBridge/SQS/Step Functions dependencies
The main change is auth and the install script.
Agent Connection
- Cloud:
grpcs://engine.run.dd0c.dev - Self-hosted:
grpc://localhost:50051(or Caddy TLS)
Agent binary is the same — just different --server flag.
Epic Impact
| Epic | Change | Effort |
|---|---|---|
| 1 (Parser) | No change — pure Rust | 0 |
| 2 (Classifier) | No change — pure Rust | 0 |
| 3 (Execution Engine) | No change — pure Rust | 0 |
| 4 (Agent) | Configurable gRPC endpoint | 1 pt |
| 5 (Audit Trail) | KMS → local AES-256-GCM | 2 pts |
| 6 (Dashboard API) | LocalAuthProvider | 2 pts |
| 7 (Dashboard UI) | Local login form | 2 pts |
| 8 (Infrastructure) | docker-compose.yml + install.sh | 5 pts |
| 9 (Onboarding) | Local signup, remove Stripe req | 3 pts |
| 10 (TF Tenets) | No change | 0 |
| Total | 15 pts |
dd0c/run is the easiest product to self-host. Recommend it as the second self-hosted release after dd0c/route.