EHQ Brain

Infrastructure

2 min read

Infrastructure

Status: Active Owner: @bilal @deen Last Updated: 2026-02-24

Current State

Live Services

ServiceURLHosting
Marketing Sitehttps://ehq.techCloudflare Pages (Astro + React)
Dashboardhttps://app.ehq.techCloudflare Workers (via @opennextjs/cloudflare)
Knowledge Basehttps://brain.ehq.techCloudflare Pages (Quartz)
DatabaseSupabase CloudManaged PostgreSQL 16 + pgvector
AuthSupabase AuthSSR, JWT
StorageSupabase StorageIssue attachments, documents
AnalyticsPostHog Cloud EUCookieless mode, Frankfurt

Local Development Stack

ServiceURL
Applicationhttp://localhost:3000
Supabase APIhttp://127.0.0.1:54321
Supabase Studiohttp://127.0.0.1:54323
PostgreSQL127.0.0.1:54322
Inbucket (email)http://127.0.0.1:54324

Requires: Docker 24+, Node.js, pnpm, Supabase CLI.

Production Stack

ComponentServiceNotes
Dashboard hostingCloudflare WorkersNext.js via @opennextjs/cloudflare
Connection poolingCloudflare HyperdrivePooled connection to Supabase Postgres
Auth gate (ZTNA)Cloudflare AccessEmail OTP for team members
Knowledge baseCloudflare PagesQuartz static site
DatabaseSupabase CloudManaged PostgreSQL 16 + pgvector
AuthSupabase AuthSSR, JWT
StorageSupabase StorageIssue attachments, documents
DNSCloudflareehq.tech zone
Marketing siteCloudflare PagesAstro static build at ehq.tech
AnalyticsPostHog Cloud EUCookieless mode, Frankfurt
IaCTerraform CloudWorkspaces: dashboard-prod, ehq-brain, marketing-prod
CI/CDGitHub ActionsBuild, deploy, Terraform plan/apply
Domainehq.techSee Domain & Email Setup
Error trackingSentry (planned)
UptimeUptimeRobot (planned)

Deployment Checklist

  • Supabase cloud project created
  • Migrations applied to cloud
  • Cloudflare Workers project configured
  • Hyperdrive connection pool configured
  • Wrangler secrets set (API keys, service role key, etc.)
  • DNS pointing to Workers (app.ehq.tech)
  • Cloudflare Access (ZTNA) configured
  • Environment variables configured
  • Health check endpoint (/api/health)
  • Error monitoring (Sentry)
  • Production secrets rotated

Environments

EnvironmentPurpose
devLocal development
prodProduction (Cloudflare Workers)

No staging initially. Minimal pipeline approach.

Status

Completed

  • ehq.tech — Cloudflare Pages marketing site (Astro + React, Terraform DNS)
  • brain.ehq.tech — Cloudflare Pages + Access (Terraform)
  • app.ehq.tech — Cloudflare Workers + Access (Terraform)
  • Supabase Cloud project provisioned
  • Hyperdrive connection pool configured

In Progress

  • CI/CD hardening (smoke tests, rollback)
  • Sentry error tracking integration
  • UptimeRobot monitoring

Planned

  • Remove ZTNA when going public (delete Access app + policy via Terraform)
  • Staging environment

Monitoring (Planned)

LayerTool
UptimeUptimeRobot
ErrorsSentry
AuditDatabase (built-in)
Cron healthCronitor

Graph View

Backlinks