clear references

tasks/kordant-unified-restructure/42-deployment-config.md

@@ -19,10 +19,10 @@ deliverables:
   - Non-root user for security
 - `docker-compose.yml` — Local development orchestration:
   - `web` service: builds from `web/Dockerfile`, ports `3000:3000`
-  - `postgres` service: PostgreSQL 16 with volume for data persistence
   - `redis` service: Redis 7 for job queues and caching
   - `nginx` service: reverse proxy with SSL termination (optional)
   - Environment variables from `.env` file
+  - Database is external (Turso) — no container needed
 - `docker-compose.prod.yml` — Production orchestration:
   - Similar to dev but with production-optimized settings
   - Volume mounts for uploads/logs
@@ -55,7 +55,7 @@ deliverables:
   - Health check verification
   - Rollback on failure
 - `scripts/backup.sh` — Database backup script:
-  - `pg_dump` to timestamped file
+  - `turso db shell` or `sqlite3` dump to timestamped file
   - Upload to S3 or similar storage
 
 steps:
@@ -87,14 +87,14 @@ steps:
    ```
 2. Create `docker-compose.yml`:
    - Define services with appropriate environment variables
-   - PostgreSQL with `volumes: postgres_data:/var/lib/postgresql/data`
    - Redis with `volumes: redis_data:/data`
    - Network configuration
+   - Database is external (Turso), configured via `DATABASE_URL` and `DATABASE_AUTH_TOKEN`
 3. Create `docker-compose.prod.yml`:
    - Add restart policies: `unless-stopped`
    - Add resource limits: `mem_limit`, `cpus`
    - Add logging driver configuration
-   - Remove port bindings for internal services (postgres, redis)
+   - Remove port bindings for internal services (redis)
 4. Create `.github/workflows/ci.yml`:
    - Trigger: push to any branch, pull requests
    - Jobs:
@@ -118,13 +118,13 @@ steps:
    - Group by category (Database, Auth, Payments, APIs, etc.)
 7. Create `scripts/deploy.sh`:
    - `#!/bin/bash` with error handling (`set -euo pipefail`)
-   - Backup database: `docker exec postgres pg_dump ...`
+   - Backup database: `turso db shell <database> ".dump" > backup.sql`
    - Run migrations: `docker compose exec web pnpm db:migrate`
    - Deploy: `docker compose -f docker-compose.prod.yml up -d`
    - Health check: `curl -f http://localhost:3000/health`
    - Rollback on failure: `docker compose rollback` or restore backup
 8. Create `scripts/backup.sh`:
-   - Generate timestamped dump
+   - Generate timestamped dump via Turso CLI or SQLite dump
    - Compress with gzip
    - Upload to S3 using AWS CLI or rclone
    - Retain last 30 backups
@@ -145,7 +145,7 @@ steps:
 
 acceptance_criteria:
 - [ ] `web/Dockerfile` builds a production-ready container
-- [ ] `docker-compose.yml` orchestrates web, postgres, and redis for local dev
+- [ ] `docker-compose.yml` orchestrates web and redis for local dev (database is external Turso)
 - [ ] `docker-compose.prod.yml` is optimized for production with restart policies and resource limits
 - [ ] CI pipeline runs lint, type check, tests, build, and audit on every PR
 - [ ] CD pipeline builds and deploys on release tags
@@ -168,7 +168,7 @@ validation:
 notes:
 - The unified monolith simplifies deployment significantly: one container instead of 5+ microservices.
 - For high availability, run multiple web container instances behind a load balancer (nginx, AWS ALB, etc.).
-- Consider using a managed database (RDS, Supabase, Neon) instead of self-hosted PostgreSQL for production.
+- Database is Turso (edge-distributed SQLite) — no container needed, accessed via `DATABASE_URL`.
 - For Redis, consider Upstash or ElastiCache for managed service.
 - The web app uses SolidStart with Nitro, which can run as a standalone server. Ensure the `.output/server/index.mjs` entry point is correct.
 - For SSL, use Let's Encrypt with nginx or a managed load balancer. Document certificate renewal.