Tripsynk Launch Board — target 2026-07-07
Goal (Nabil, 2026-07-06 evening): web + mobile launch-ready by tomorrow. Definition used: web serving current build on a real domain with working prod schema + secrets; mobile submittable to TestFlight + Play internal track. Full audits: web repo + mobile repo, 2026-07-06 ~19:00 UTC.
Headline findings
- tripsynk.com is lost — drop-caught May 2026, parked by HugeDomains (registrar DropCatch). Every subdomain is squatter wildcard. Decision (Nabil): launch on sabrontravels.com (owned to 2029).
- Web prod code is CURRENT (Coolify auto-deploys main; 9323397 live 18:55 UTC) — the "stale prod" worry was outdated. But the prod DB schema has likely never been migrated — the CI migration step has skip-logged on every run in history because zero GitHub Actions secrets exist. Code-vs-schema mismatch is the top technical risk.
- All production vendor secrets are placeholders (Auth0/Stripe/R2/AI keys) — signup, payments, uploads cannot work live until Nabil's launch-secrets session.
- Mobile would ship broken today: EAS production env still holds a previous app generation's dev config —
localhostAPI URL, no Auth0,DEV_MODE=true, plus an exposed OpenAI key (inlined into any built bundle; rotate it). Icon is still the Obytes template (store-rejection risk); brand still cobalt; version 0.1.0. - Stripe Connect 5-PR series is complete (mobile PR #28 merged; web #36/#39/#40/#41). Mobile main is ~5 weeks behind web's product direction — acceptable for v1 internal.
Done tonight (by agent)
- Domain decision executed: DNS cutover — sabrontravels.com apex + app/api/auth/wh/metrics/staging → VPS 31.97.135.102 (TTL 300; old apex IP was dead).
- All four production domains live with valid SSL (verified ~19:35 UTC):
sabrontravels.com→ web (200, title "Tripsynk"),api.→ Hasura (healthz 200),auth.→ auth-service (401 = guarded),wh.→ settlements (/webhooks/striperouted). - Web fix PR #127 (draft): TMC dead controls gated behind
TMC_WRITES_ENABLED=false(6 views), WORKER added to deploy.yml hook loop,/api/version+ version build-args, 39-file domain swap (Auth0 audience/claim namespace deliberately kept — opaque identifiers), AGENT_TRACKER entry. compile/lint/all tests green. - Web-prod env:
NEXT_PUBLIC_APP_URL/AUTH0_BASE_URL/APP_BASE_URL→ https://sabrontravels.com; rebuild queued (buildtime var). - Decisions locked: internal tracks ship on dev-Auth0 + test-Stripe (Nabil, 2026-07-06); secrets session started.
- Fleet-P&L cloud pipeline validated + restored (unrelated but same evening — see Business Info Funnel to Slack).
Corrections for the secrets session (important)
- Stripe webhook URL: the real route is
https://wh.sabrontravels.com/webhooks/stripe— the runbook's/wh/stripepath is wrong (service route is POST/webhooks/stripein settlements-service). - Auth0 prod-tenant callback:
https://sabrontravels.com/auth/callback, logouthttps://sabrontravels.com(web-prod base URLs already point there). - Auth0 audience stays
https://api.tripsynk.com— opaque identifier, must match Hasura JWT config; do NOT "fix" it to the new domain.
In flight / landed (evening 2)
- Web PR #127 (draft, tests green) — awaiting Nabil merge.
- Mobile PR #29 (draft, CI fully green): rebrand incl.
global.csssemantic tokens (the real consumers), gold-T-on-green icons via reproducible script, v1.0.0, notifications plugin, submit scaffolding, EAS cleanup runbook — awaiting Nabil merge. - Web-prod rebuilt with base URLs = sabrontravels.com (Auth0-ready).
- worker-service Coolify app created (
aamhpi06jaxrww2fmasmj0k6, prod env, dockerfile build, healthz check, NODE_ENV set). Nabil: fillDATABASE_URL+REDIS_URL(copy from a sibling service env) +ACTION_SECRET(fresh mint), then Deploy. - EAS production env cleanup DONE (verified 20:10 UTC): 54 deletions, 0 failures; recreated the 6 correct vars (prod Hasura URL, dev-Auth0 tenant, audience unchanged); end state = 6 vars + NPM_TOKEN, exactly per runbook. Note: runbook's
--environmentflag was wrong — real syntax is positional (eas env:delete production --variable-name X). - Nabil to add:
EXPO_PUBLIC_STRIPE_PUBLISHABLE_KEY(pk_test from dashboard) + rotate the leaked OpenAI key.
Evening 3 (post-merge verification)
- Web PR #127 MERGED by Nabil → auto-deploy
8322b6ffinished 20:42 UTC;/api/versionlive on sabrontravels.com (fallback values as expected on Coolify git builds); TMC dead buttons now hidden in prod. - Mobile PR #29 un-drafted (ready for review — one click to merge).
- ✅ PRODUCTION ANDROID BUILD FINISHED (2026-07-07 ~00:00 Lagos): signed AAB, v1.0.0 build 2, from the fix branch (contains all PR #29 content) — submittable to Play internal the moment the Play Console record + service-account JSON exist. Artifact: expo.dev/artifacts/eas/ynxzyjP6…aab. Pipeline proven: NPM_TOKEN install ✓, new icons ✓, prebuild ✓, EAS-managed keystore ✓. (Preview-profile attempt had ERRORED — the preview EAS env is empty, no NPM_TOKEN; production env is the good one.)
- iOS build still needed — requires Apple credentials (App Store Connect API key or interactive auth) + ASC app record; not yet attempted.
Corrections found in Nabil's session (2026-07-07 00:0x)
- GitHub secrets misfire: the values did NOT land on GitHub — every scope reads zero (repo Actions,
productionenv, Dependabot, org, variables). Deploy run 28822982677 skip-no-op'd again (HASURA_ENDPOINT:empty, 11 hooks "no webhook configured"). Likely saved into Coolify instead. Fix: repo Settings → Secrets and variables → Actions →HASURA_ENDPOINT(=https://api.sabrontravels.com),HASURA_ADMIN_SECRET,DATABASE_URL,COOLIFY_API_TOKEN,COOLIFY_HOOK_{HASURA,AUTH,TRIPS,SETTLEMENTS,INVITATIONS,DOCUMENTS,NOTIFICATIONS,AI,EXPENSES,WORKER,WEB}. - PR #29 merge didn't complete — still OPEN (mergedAt null).
- Web remaining gap = prod schema only (migrations fire when GH secrets land; deploy.yml has workflow_dispatch, watcher armed).
Night 2 — the migration run (2026-07-07 01:30–02:00 UTC)
- All 3 migration secrets landed on GitHub (third attempt — first two never reached GitHub).
- Prod DB first-ever backup captured (schedule
c56dnum…, daily 01:45 UTC, 7-day retention; first dump 15.8KB — confirms near-empty stale schema). - DB exposed on public port 5435 (Nabil: Coolify toggle + DB restart to bind proxy) + Hostinger firewall rule 5435 (Nabil-authorized, matches 6 prior Postgres exposures on this box).
- deploy.yml run 28835856635 — FIRST REAL MIGRATION RUN: 7/44 applied (init, itinerary, expenses, settlements, orgs…), then failed at #8
pgvector_document_chunks_and_ai_bot:extension "vector" is not available— prod image ispostgres:17-alpine, no pgvector. - ✅ MIGRATIONS COMPLETE (run 28837850213, 02:49 UTC, exit 0): Nabil swapped the image →
pgvector/pgvector:pg17; re-fired workflow applied ALL remaining migrations + "Metadata applied". Prod schema is current → WEB IS LAUNCH-READY (current build ✓ real domain ✓ working schema ✓ secrets ✓). - Follow-up from metadata apply: Hasura action handler env vars missing on tripsynk-hasura-production (
EXPENSES_HANDLER_URL,INVITATIONS_HANDLER_URL, …) — those actions dormant until set (runbook § Hasura env). Not launch-blocking for read paths. - After success: close the exposure — remove firewall rule 1136193 + untoggle public port (or keep for future CI migration runs — Nabil's call).
🔑 Nabil-gated critical path (nothing above unblocks launch without these)
Web (the launch-secrets session — runbook infra/coolify/launch-secrets.md, now domain-swapped):
- Auth0 prod tenant: Regular Web App + API audience + provisioning Action (callbacks now on sabrontravels.com).
- Stripe live mode: keys, webhook
wh.sabrontravels.com/wh/stripe, Connect Express platform profile. - Cloudflare R2: bucket, scoped token, CORS, avatar WAF rule.
- Anthropic + Voyage keys (or decide: hide AI surfaces at launch).
- Generate 6 shared secrets (
openssl rand -hex 32) per runbook table. - Set the ~14 GitHub Actions secrets → first real migration run fixes the schema drift; verify prod Hasura schema right after.
- Create the worker-service Coolify app (GDPR purge cron — compliance, not a feature).
Mobile: 8. Approve executing the EAS env cleanup (script in PR) + rotate the exposed OpenAI key. 9. Decide: TestFlight/internal on dev-tenant Auth0 + test-mode Stripe (doable tomorrow) vs waiting for prod tenant (not doable tomorrow). 10. App Store Connect app record (com.tripsynk) + Play Console record; screenshots/descriptions; privacy policy URL on sabrontravels.com; Play service-account JSON.
Honest assessment
- Web "launch-ready" tomorrow: achievable if Nabil runs the launch-secrets session (items 1–6, ~2-3 focused hours) — everything agent-side will be PR'd and waiting.
- Mobile "submitted to internal tracks" tomorrow: achievable only on dev-Auth0 + test-Stripe (item 9 = yes) and if store records (item 10) get created; a public store release tomorrow is not realistic (review times alone).
- Watch item: two Coolify apps
tripsynk-web-development/-stagingare exited:unhealthy (not blocking). - Open product P0 beyond launch mechanics: no write path sets
trips.organization_id(B2B dashboards empty in real use); TMC platform writes remain read-only by design for v1.
Morning pass (2026-07-07 ~06:30 UTC) — independent launch-audit + pipeline fix
- Independent
/launch-auditrun confirms: Web READY (endpoints 200, migrations verified in run log, CI green); Mobile: 2 blockers, both store-account-bound (Play record + service JSON; ASC record + ascAppId TODO). - 11 COOLIFY_HOOK_ secrets set* (Nabil-approved; URLs constructed from app UUIDs). Remaining:
COOLIFY_API_TOKEN— Nabil mints in Coolify → Keys & Tokens, then the deploy pipeline is fully armed (tag push = migrations + all-service rollout). - Rescued local-only branch
feat/mobile-expenses-action(3 commits) → pushed to origin. - New findings parked: stale mobile PR #23 (no CI, needs rebase); mobile CI noise (image-compress + stale-bot token perms); Nabil's in-progress
feat/ui-wow-console-landingwork untouched; DB port 5435 still open (Nabil's call). - Definitive remaining for full goal: COOLIFY_API_TOKEN (1 min) · Play Console record + JSON (~10 min) · ASC record + ascAppId + interactive iOS build (~15 min). Runbook: Tripsynk Store Records Runbook.