set up stripe to invoice

.github/workflows/deploy-postgres.yml

@@ -0,0 +1,59 @@
+name: Deploy DB Infrastructure
+
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  deploy:
+    runs-on: mealcraft-runners
+
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@v4
+
+      # Install kubectl
+      - name: Install kubectl
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y curl ca-certificates
+          curl -LO "https://dl.k8s.io/release/$(curl -sL https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
+          sudo install -m 0755 kubectl /usr/local/bin/kubectl
+
+      # Configure kubeconfig (ARC in-cluster)
+      - name: Configure kubeconfig
+        run: |
+          KUBE_HOST="https://$KUBERNETES_SERVICE_HOST:$KUBERNETES_SERVICE_PORT"
+          SA_TOKEN=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token)
+          CA_CERT=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+          NAMESPACE=$(cat /var/run/secrets/kubernetes.io/serviceaccount/namespace)
+
+          kubectl config set-cluster microk8s \
+            --server="$KUBE_HOST" \
+            --certificate-authority="$CA_CERT"
+
+          kubectl config set-credentials runner \
+            --token="$SA_TOKEN"
+
+          kubectl config set-context runner-context \
+            --cluster=microk8s \
+            --user=runner \
+            --namespace="$NAMESPACE"
+
+          kubectl config use-context runner-context
+
+      # 1️⃣ Secrets
+      - name: Apply DB secrets
+        run: |
+          kubectl apply -f db/k8s/secrets/
+
+      # 2️⃣ PostgreSQL
+      - name: Deploy Postgres
+        run: |
+          kubectl apply -f db/k8s/postgres/
+
+      # 3️⃣ Backups (CronJob)
+      - name: Deploy Postgres backups
+        run: |
+          kubectl apply -f db/k8s/backups/

db/atlas/atlas.hcl

@@ -0,0 +1,6 @@
+env "k8s" {
+  url = "postgres://$DB_USER:$DB_PASSWORD@postgres:5432/stripe_xero?sslmode=disable"
+  migration {
+    dir = "file://atlas/migrations"
+  }
+}

db/atlas/migrations/0001_init.sql

@@ -0,0 +1,5 @@
+CREATE TABLE users (
+  id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+  email TEXT NOT NULL UNIQUE,
+  created_at TIMESTAMPTZ NOT NULL DEFAULT now()
+);

db/atlas/migrations/0002_auth.sql

@@ -0,0 +1,6 @@
+CREATE TABLE sessions (
+  id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+  user_id UUID NOT NULL REFERENCES users(id) ON DELETE CASCADE,
+  expires_at TIMESTAMPTZ NOT NULL,
+  created_at TIMESTAMPTZ NOT NULL DEFAULT now()
+);

db/atlas/migrations/0003_stripe_xero.sql

@@ -0,0 +1,13 @@
+CREATE TABLE stripe_accounts (
+  id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+  user_id UUID NOT NULL REFERENCES users(id),
+  stripe_account_id TEXT NOT NULL,
+  created_at TIMESTAMPTZ NOT NULL DEFAULT now()
+);
+
+CREATE TABLE xero_connections (
+  id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+  user_id UUID NOT NULL REFERENCES users(id),
+  tenant_id TEXT NOT NULL,
+  created_at TIMESTAMPTZ NOT NULL DEFAULT now()
+);

db/k8s/backups/pg-backup-cronjob.yaml

@@ -0,0 +1,26 @@
+apiVersion: batch/v1
+kind: CronJob
+metadata:
+  name: postgres-backup
+spec:
+  schedule: "30 18 * * 5" # weekly on friday at 18:30
+  jobTemplate:
+    spec:
+      template:
+        spec:
+          restartPolicy: OnFailure
+          containers:
+            - name: backup
+              image: postgres:16
+              command:
+                - /bin/sh
+                - -c
+                - |
+                  pg_dump stripe_xero \
+                  | gzip \
+                  | aws s3 cp - s3://$S3_BUCKET/stripe_xero/$(date +%F).sql.gz
+              envFrom:
+                - secretRef:
+                    name: postgres-secret
+                - secretRef:
+                    name: aws-backup-secret

db/k8s/migrations/atlas-job.yaml

@@ -0,0 +1,20 @@
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: atlas-migrate
+spec:
+  template:
+    spec:
+      restartPolicy: Never
+      containers:
+        - name: atlas
+          image: arigaio/atlas:latest
+          command: ["atlas", "migrate", "apply", "--env", "k8s"]
+          envFrom:
+            - secretRef:
+                name: postgres-secret
+
+
+# You can run this:
+# kubectl apply -f k8s/migrations/atlas-job.yaml
+# Or later from CI.

db/k8s/postgres/deployment.yaml

@@ -0,0 +1,110 @@
+# --------------------------------------------------
+# PostgreSQL Secret
+# --------------------------------------------------
+apiVersion: v1
+kind: Secret
+metadata:
+  name: postgres-secret
+  namespace: default
+type: Opaque
+stringData:
+  POSTGRES_USER: postgres
+  POSTGRES_PASSWORD: postgrespassword
+  POSTGRES_DB: stripe_xero
+
+---
+# --------------------------------------------------
+# PersistentVolume (local disk on mist)
+# --------------------------------------------------
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: postgres-pv
+spec:
+  capacity:
+    storage: 20Gi
+  accessModes:
+    - ReadWriteOnce
+  persistentVolumeReclaimPolicy: Retain
+  storageClassName: local-storage
+  hostPath:
+    path: /home/kimjunte/k8s_storage/postgres/stripe_xero
+
+---
+# --------------------------------------------------
+# PersistentVolumeClaim
+# --------------------------------------------------
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: postgres-pvc
+  namespace: default
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 20Gi
+  storageClassName: local-storage
+
+---
+# --------------------------------------------------
+# PostgreSQL Deployment
+# --------------------------------------------------
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: postgres
+  namespace: default
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: postgres
+  template:
+    metadata:
+      labels:
+        app: postgres
+    spec:
+      containers:
+        - name: postgres
+          image: postgres:16
+          ports:
+            - containerPort: 5432
+          envFrom:
+            - secretRef:
+                name: postgres-secret
+          volumeMounts:
+            - name: postgres-data
+              mountPath: /var/lib/postgresql/data
+          readinessProbe:
+            tcpSocket:
+              port: 5432
+            initialDelaySeconds: 10
+            periodSeconds: 5
+          livenessProbe:
+            tcpSocket:
+              port: 5432
+            initialDelaySeconds: 30
+            periodSeconds: 10
+      volumes:
+        - name: postgres-data
+          persistentVolumeClaim:
+            claimName: postgres-pvc
+
+---
+# --------------------------------------------------
+# PostgreSQL Service (internal only)
+# --------------------------------------------------
+apiVersion: v1
+kind: Service
+metadata:
+  name: postgres
+  namespace: default
+spec:
+  type: ClusterIP
+  selector:
+    app: postgres
+  ports:
+    - port: 5432
+      targetPort: 5432

db/k8s/secrets/aws-backup-secret.yaml

@@ -0,0 +1,10 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: aws-backup-secret
+type: Opaque
+stringData:
+  AWS_ACCESS_KEY_ID: xxx
+  AWS_SECRET_ACCESS_KEY: yyy
+  AWS_REGION: eu-west-2
+  S3_BUCKET: mist-db-backups

db/k8s/secrets/postgres-secret.yaml

@@ -0,0 +1,9 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: postgres-secret
+type: Opaque
+stringData:
+  POSTGRES_USER: postgres
+  POSTGRES_PASSWORD: averysecretpasswordPersonAppleWinter938
+  POSTGRES_DB: stripe_xero

stripe_to_invoice/app/page.tsx

@@ -1,3 +1,57 @@
+// app/page.tsx
+
 export default function Home() {
-    return <h1>Hello World</h1>
-}
+  return (
+    <main className="max-w-3xl mx-auto p-8 space-y-12">
+
+      {/* What this is */}
+      <section>
+        <h1 className="text-2xl font-semibold">
+          Stripe → Xero automation
+        </h1>
+        <p className="mt-2 text-gray-600">
+          Automatically create and mark Xero invoices as paid when a Stripe payment succeeds.
+          
+          Built for people who value time more than pressing buttons.
+        </p>
+      </section>
+
+      {/* Steps */}
+      <section>
+        <h2 className="text-xl font-medium">How it works</h2>
+        <ol className="mt-4 space-y-3 list-decimal list-inside text-gray-700">
+          <li>Log in</li>
+          <li>Connect Stripe</li>
+          <li>Connect Xero</li>
+          <li>Make a payment</li>
+          <li>Invoice appears in Xero as paid</li>
+        </ol>
+      </section>
+
+      {/* Proof */}
+      <section>
+        <h2 className="text-xl font-medium">Proof, not promises</h2>
+        <p className="mt-2 text-gray-600">
+          Your next Stripe payment will automatically reconcile in Xero.
+          No manual matching. No “awaiting payment”.
+        </p>
+      </section>
+
+      {/* Pricing */}
+      <section>
+        <h2 className="text-xl font-medium">Pricing</h2>
+        <p className="mt-2 text-gray-700">
+          £200 / month — unlimited invoices.
+        </p>
+      </section>
+
+      {/* CTA */}
+      <section className="pt-8 border-t">
+        <p className="text-gray-500 text-sm">
+          This page is a placeholder. The product is the automation.
+        </p>
+      </section>
+
+    </main>
+  )
+}

stripe_to_invoice/run_local.sh

@@ -0,0 +1 @@
+npm run dev