Service Manual

Operational reference for maintainers and on-call. Public version — sensitive runbooks live in the private ops repo.

1. Architecture

  • Frontend & SSR: TanStack Start (React 19, Vite 7), deployed on Cloudflare Workers.
  • Database, Auth, Storage: Lovable Cloud (Postgres + Row Level Security).
  • Payments: Stripe (Checkout, Subscriptions, Connect).
  • Email: Transactional via Lovable Cloud email infra.
  • Monitoring: Cloudflare logs, Stripe Dashboard, Lovable analytics.

2. Environments

  • Preview: id-preview--*.lovable.app — auto-built from the latest preview.
  • Production: priorityinbox.lovable.app — published deployments only.
  • Stable webhook URLs: project--<id>.lovable.app for Stripe webhooks.

3. Service-level objectives

MetricTarget
Site availability (rolling 30d)99.5%
Paid DM delivery success99.9%
Stripe webhook processing< 5s p95
P1 incident response< 30 min, 24/7
Support reply (general)< 2 business days

4. Incident response

  1. Detect — alert, user report, or scheduled scan.
  2. Triage — assign severity (P1 outage, P2 degraded, P3 minor).
  3. Communicate — post status to status.priorityinbox.app within 15 min of confirming a P1.
  4. Mitigate — roll back the latest deploy, disable the affected feature flag, or block the offending IP range.
  5. Resolve — fix forward, deploy, verify.
  6. Postmortem — within 5 business days for P1/P2.

5. Common runbooks

Stripe webhook failures

  1. Check the Stripe Dashboard → Developers → Webhooks for failed deliveries.
  2. Inspect Worker logs around the failure timestamp.
  3. Replay failed events from Stripe once root cause is fixed.

Paid DM not delivered

  1. Confirm Stripe Checkout Session is complete and paid.
  2. Check the messages table for the corresponding row; if missing, replay the checkout.session.completed webhook.
  3. Notify creator and sender once delivered.

Payout discrepancy

  1. Compare messages.amount totals against Stripe Connect balance.
  2. Confirm platform fee calculation matches the creator's current plan.
  3. Document any variance > $1 in the finance log.

Abuse report (CSAM, threats)

  1. Preserve message and metadata. Do not delete before legal review.
  2. For CSAM: report to NCMEC CyberTipline within 24 hours.
  3. Suspend offending account immediately; freeze payouts.
  4. Notify affected parties as appropriate and required by law.

6. Security operations

  • Quarterly review of RLS policies on every public-schema table.
  • Rotate Stripe webhook signing secrets annually or on suspected exposure.
  • Run the platform security scanner before every major release.
  • Vulnerability reports: security@priorityinbox.app. Acknowledge within 72 hours.

7. Data lifecycle

  • Backups: automated daily database snapshots, 30-day retention.
  • Account deletion: personal data purged or anonymized within 30 days; financial records retained 7 years per US tax law.
  • Export request: fulfill within 30 days via Settings → Account → Export.

8. Change management

  • Schema changes ship as migrations with GRANTs and RLS in the same file.
  • Breaking API changes require a deprecation notice in-app and 30 days minimum.
  • Feature flags default off; enable per cohort, then globally.

9. Contacts