Runner Header
Handle the job decision point
Current step
Where you are in the workflow
No runnable step
—
Primary action
What to do next
Validate Live App
Validate the end-to-end flow on the public host.
Target host
Public validation URL
Workflow
brief: test-app
kind=generate-brief
· created=2026-03-05T10:08:52+00:00
No runnable step
This usually means the job is done, canceled, or the step data is incomplete.
Step progress
Current step
step 1/1
Next action
Most likely next action
Validate live app
Target
Test App
More controls
Workflow Context
Keep goal, spec, and step details together
Target
Test App
test-app
Host
Public URL to verify
Path
Preview path fallback
Infra / Tech stack snapshot
- Reverse proxy: Traefik (file provider)
- Dynamic routes: /traefik-dynamic/breast-builder-apps.yml
- Preview host (recommended): https://test-app.beast-builder.marklo.de/
- Networks: web + breast-builder-apps
- Runtime template: static-nginx (static-nginx = nginx preview; fastapi/nextjs = docker image)
- Codex runner: breast-builder-codex (UI triggers codex exec)
- Workspace: /projects/test-app
Spec brief (plan / risks / stack)
A Dockerized, Traefik-proxied template app on a single VPS is a common baseline for validating providers, demoing deployments, and spinning up new projects quickly with predictable ops.
Why high demand
A Dockerized, Traefik-proxied template app on a single VPS is a common baseline for validating providers, demoing deployments, and spinning up new projects quickly with predictable ops.
Core features
- Public landing page for Test App (demo)
- Health/status endpoints and basic uptime page
- Simple CRUD demo entity (e.g., Notes) with validation
- Admin login + protected admin page
- Deployment-ready Docker Compose stack behind Traefik
MVP scope
- One responsive web UI with a single protected admin route
- REST API with CRUD for one model + pagination
- PostgreSQL persistence with migrations
- Session-based auth for admin user (single role)
- Basic logs and metrics endpoint; simple error reporting
Step-by-step plan
- Define domains/subdomains and DNS records (app, api, traefik/dashboard if needed)
- Create repo structure: /frontend /backend /infra with docker-compose.yml and Traefik dynamic config
- Implement backend service: CRUD, migrations, health endpoints, admin auth
- Implement frontend: landing + admin login + CRUD UI (minimal styling)
- Wire Traefik routes/middlewares: HTTPS via ACME, gzip, security headers, rate limit (basic)
- Add observability: structured logs, basic metrics, error capture; confirm container log rotation
- Add backup job: nightly pg_dump to local + optional offsite (S3-compatible) and restore test
- CI/CD: build and deploy via SSH (or GitHub Actions) pulling repo and running compose up -d
- Load test lightly (wrk/k6) and tune: DB connections, request limits, container resources
- Document runbook: deploy, rollback, backups, restore, renew certs, rotate secrets
Possible risks
- Under-provisioned VPS leading to OOM/restarts during builds or peak traffic
- Misconfigured Traefik routing/TLS causing downtime or redirect loops
- Database backups not tested or not automated
- Secrets leakage via env files, logs, or Git history
- Single-server blast radius: no HA; upgrades can cause outages
Tech stack
| Key | Value |
|---|---|
| frontend | React + Vite (served by Nginx container) or simple server-side templates if preferred |
| backend | Node.js (Express) with TypeScript |
| db | PostgreSQL 16 |
| auth | Cookie-based sessions (express-session) + bcrypt; single admin user in DB |
| storage | Local volume for uploads (optional) with clear size limits; consider S3-compatible later |
| queue | None for MVP; use in-process cron for simple jobs (backups handled outside app) |
| observability | Docker logs (json-file) + Traefik access logs + optional Prometheus node exporter |
Infra notes
- Single VPS with Docker Engine + Docker Compose; pin image versions and use restart: unless-stopped
- Traefik as edge router with ACME TLS; only expose 80/443; keep DB internal network-only
- Use .env for secrets on server only; never commit; rotate admin password and session secret
- Persistent volumes: postgres data, app uploads (if any), Traefik acme.json; set correct permissions
- Backups: schedule via host cron or lightweight backup container; verify restores monthly
- Resource limits: set memory limits per container to prevent host OOM; enable swap only if necessary
- Security: automatic OS updates, firewall (ufw), disable password SSH, fail2ban optional
Questions
- Do you need a custom domain and HTTPS, or is provider IP access sufficient for the demo?
- Should this be a pure API + static frontend, or server-rendered pages to reduce complexity?
- Is persistence required for the demo, or can the CRUD be ephemeral/in-memory?
- Do you need multi-user auth or only a single admin account?
- Any requirement to support file uploads or background jobs in the MVP?
Approval Brief
(No runnable step.)
Activity
Steps, artifacts, and logs (secondary)
Steps
- done — generate_brief — Generate project brief (LLM)
Log
[2026-03-05T10:08:52+00:00] Generate brief job created for project=test-app [2026-03-05T10:08:52+00:00] Step 1/1: generate_brief [2026-03-05T10:08:52+00:00] Web search enabled. Query: Test App alternatives competitors demo cal.com clone pricing competitors [2026-03-05T10:08:53+00:00] Web search returned 0 results (may be blocked). [2026-03-05T10:08:53+00:00] Calling LLM to generate project brief/spec_json... [2026-03-05T10:09:22+00:00] Updated projects.spec_json for slug=test-app [2026-03-05T10:09:22+00:00] Job done