Apply platform-domain decision (2026-05-18). No services touched; docs/config only. Refs: M1.1
This commit was merged in pull request #5.
This commit is contained in:
+16
-16
@@ -94,7 +94,7 @@ org_roles — [IT_ADMIN, USER, ...] roles within their org
|
||||
realm_roles — [customer] | [BREAKPILOT_ADMIN] | [SUPPORT_ENGINEER] | [SALES_REP]
|
||||
products — [certifai, compliance] entitlements (injected by protocol mapper)
|
||||
plan — starter | professional | enterprise
|
||||
iss — https://auth.yourplatform.com/realms/breakpilot-prod
|
||||
iss — https://auth.breakpilot.com/realms/breakpilot-prod
|
||||
```
|
||||
|
||||
The `products` and `plan` claims are added by a Keycloak **protocol mapper** that reads live entitlements from the Tenant Registry at token issuance. Products do not need to call back to the registry on every request.
|
||||
@@ -108,12 +108,12 @@ Three distinct services. Clear separation of responsibility.
|
||||
### 5a. Customer Portal
|
||||
|
||||
**Technology:** Next.js 15 (new service)
|
||||
**Deployed at:** `*.yourplatform.com` via Orca-Proxy wildcard routing
|
||||
**Deployed at:** `*.breakpilot.com` via Orca-Proxy wildcard routing
|
||||
|
||||
The front door for all customers and for us. Owns no business logic — it is a routing, auth, and UI layer.
|
||||
|
||||
**Subdomain routing:**
|
||||
- DNS wildcard `*.yourplatform.com` → Orca-Proxy
|
||||
- DNS wildcard `*.breakpilot.com` → Orca-Proxy
|
||||
- Orca-Proxy reads `Host` header → routes all traffic to the portal container
|
||||
- Portal reads `Host` → extracts tenant slug → looks up Tenant Registry
|
||||
|
||||
@@ -190,7 +190,7 @@ The front door for all customers and for us. Owns no business logic — it is a
|
||||
### 5b. ERPNext
|
||||
|
||||
**Technology:** Frappe + ERPNext (self-hosted via Orca)
|
||||
**Access:** `erp.yourplatform.com` — us only (IP-restricted at Orca-Proxy)
|
||||
**Access:** `erp.breakpilot.com` — us only (IP-restricted at Orca-Proxy)
|
||||
**Auth:** Keycloak OIDC — we log in with our existing accounts, no separate password
|
||||
|
||||
ERPNext is our **business operations backbone**. We do not build CRM, invoicing, or HR — we configure ERPNext for these.
|
||||
@@ -262,7 +262,7 @@ api_keys portal-owned. tenant_id, product, scopes, name,
|
||||
|
||||
### 5d. Demo Tenant (Shared)
|
||||
|
||||
**Slug:** `demo` — reachable at `demo.yourplatform.com`
|
||||
**Slug:** `demo` — reachable at `demo.breakpilot.com`
|
||||
**Status:** `demo` (never transitions; never billed)
|
||||
**Owner:** us (`BREAKPILOT_ADMIN` curates content; `SALES_REP` reads + logs in)
|
||||
|
||||
@@ -299,7 +299,7 @@ all real-tenant flows work otherwise same flows, same code paths
|
||||
|
||||
**Support flow:**
|
||||
- Customer submits ticket via `/[slug]/support/` (Frappe HD customer portal, embedded or linked)
|
||||
- Agent (us) triages in Frappe HD agent UI at `erp.yourplatform.com`
|
||||
- Agent (us) triages in Frappe HD agent UI at `erp.breakpilot.com`
|
||||
- If technical: agent clicks "Escalate to Engineering" → Frappe server script creates a Gitea issue in the relevant repo via Gitea REST API → issue URL stored on ticket
|
||||
- When Gitea issue is closed → Gitea webhook → Frappe HD → ticket marked "Resolved"
|
||||
|
||||
@@ -341,11 +341,11 @@ GDPR and AI-Act compliance automation platform. After updates, tenant identity c
|
||||
|
||||
```
|
||||
Orca-Proxy routing table:
|
||||
auth.yourplatform.com → Keycloak
|
||||
erp.yourplatform.com → ERPNext + Frappe HD (IP-restricted)
|
||||
git.yourplatform.com → Gitea
|
||||
secrets.yourplatform.com → Infisical (IP-restricted)
|
||||
*.yourplatform.com → customer-portal (wildcard, Host → tenant)
|
||||
auth.breakpilot.com → Keycloak
|
||||
erp.breakpilot.com → ERPNext + Frappe HD (IP-restricted)
|
||||
git.breakpilot.com → Gitea
|
||||
secrets.breakpilot.com → Infisical (IP-restricted)
|
||||
*.breakpilot.com → customer-portal (wildcard, Host → tenant)
|
||||
```
|
||||
|
||||
**Services managed by Orca:**
|
||||
@@ -436,7 +436,7 @@ Data Stores
|
||||
```
|
||||
USER ORCA-PROXY PORTAL KEYCLOAK CUSTOMER IdP
|
||||
│ │ │ │ │
|
||||
│ acme.yourplatform.com │ │ │ │
|
||||
│ acme.breakpilot.com │ │ │ │
|
||||
│───────────────────────►│ │ │ │
|
||||
│ │ Host=acme.* │ │ │
|
||||
│ │───────────────►│ │ │
|
||||
@@ -458,7 +458,7 @@ Data Stores
|
||||
```
|
||||
USER PORTAL KEYCLOAK
|
||||
│ │ │
|
||||
│ acme.yourplatform│ │
|
||||
│ acme.breakpilot │ │
|
||||
│──────────────────►│ │
|
||||
│ │ redirect + PKCE │
|
||||
│ │─────────────────►│
|
||||
@@ -671,7 +671,7 @@ Data Stores
|
||||
│ │ impersonated_by │ │
|
||||
│ │ claim) │ │
|
||||
│ │ │
|
||||
│ new tab: acme.yourplatform.com │ │
|
||||
│ new tab: acme.breakpilot.com │ │
|
||||
│──────────────────────────────────────────────────────────►│
|
||||
│ │ [orange banner] │
|
||||
│ │ Impersonating │
|
||||
@@ -749,7 +749,7 @@ Data Stores
|
||||
│ │ │ │
|
||||
│ open Zoom with prospect, share screen │
|
||||
│ │
|
||||
│ demo.yourplatform.com │
|
||||
│ demo.breakpilot.com │
|
||||
│────────────────────────────────►│ │
|
||||
│ │ │ Host: demo │
|
||||
│ │ │ → slug = demo │
|
||||
@@ -796,7 +796,7 @@ Data Stores
|
||||
```
|
||||
PROSPECT PORTAL TENANT REGISTRY ERPNEXT KEYCLOAK
|
||||
│ │ │ │ │
|
||||
│ yourplatform.com/start │ │ │
|
||||
│ breakpilot.com/start │ │ │
|
||||
│──────────────►│ │ │ │
|
||||
│ form: email, company, password │ │ │
|
||||
│──────────────►│ │ │ │
|
||||
|
||||
Reference in New Issue
Block a user