set up stripe to invoice

2025-12-13 15:46:00 +00:00 · 2025-12-13 15:46:00 +00:00 · 5145d97712
commit 5145d97712
parent 327d3bafaf
16 changed files with 321 additions and 2 deletions
--- a/.github/workflows/deploy-postgres.yml
+++ b/.github/workflows/deploy-postgres.yml
@ -0,0 +1,59 @@
 name: Deploy DB Infrastructure
 on:
  push:
    branches:
      - main
 jobs:
  deploy:
    runs-on: mealcraft-runners
    steps:
      - name: Checkout repo
        uses: actions/checkout@v4
      # Install kubectl
      - name: Install kubectl
        run: |
          sudo apt-get update
          sudo apt-get install -y curl ca-certificates
          curl -LO "https://dl.k8s.io/release/$(curl -sL https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
          sudo install -m 0755 kubectl /usr/local/bin/kubectl
      # Configure kubeconfig (ARC in-cluster)
      - name: Configure kubeconfig
        run: |
          KUBE_HOST="https://$KUBERNETES_SERVICE_HOST:$KUBERNETES_SERVICE_PORT"
          SA_TOKEN=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token)
          CA_CERT=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt
          NAMESPACE=$(cat /var/run/secrets/kubernetes.io/serviceaccount/namespace)
          kubectl config set-cluster microk8s \
            --server="$KUBE_HOST" \
            --certificate-authority="$CA_CERT"
          kubectl config set-credentials runner \
            --token="$SA_TOKEN"
          kubectl config set-context runner-context \
            --cluster=microk8s \
            --user=runner \
            --namespace="$NAMESPACE"
          kubectl config use-context runner-context
      # 1️⃣ Secrets
      - name: Apply DB secrets
        run: |
          kubectl apply -f db/k8s/secrets/
      # 2️⃣ PostgreSQL
      - name: Deploy Postgres
        run: |
          kubectl apply -f db/k8s/postgres/
      # 3️⃣ Backups (CronJob)
      - name: Deploy Postgres backups
        run: |
          kubectl apply -f db/k8s/backups/
--- a/db/README.md
+++ b/db/README.md
--- a/db/atlas/atlas.hcl
+++ b/db/atlas/atlas.hcl
@ -0,0 +1,6 @@
 env "k8s" {
  url = "postgres://$DB_USER:$DB_PASSWORD@postgres:5432/stripe_xero?sslmode=disable"
  migration {
    dir = "file://atlas/migrations"
  }
 }
--- a/db/atlas/migrations/0001_init.sql
+++ b/db/atlas/migrations/0001_init.sql
@ -0,0 +1,5 @@
 CREATE TABLE users (
  id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
  email TEXT NOT NULL UNIQUE,
  created_at TIMESTAMPTZ NOT NULL DEFAULT now()
 );
--- a/db/atlas/migrations/0002_auth.sql
+++ b/db/atlas/migrations/0002_auth.sql
@ -0,0 +1,6 @@
 CREATE TABLE sessions (
  id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
  user_id UUID NOT NULL REFERENCES users(id) ON DELETE CASCADE,
  expires_at TIMESTAMPTZ NOT NULL,
  created_at TIMESTAMPTZ NOT NULL DEFAULT now()
 );
--- a/db/atlas/migrations/0003_stripe_xero.sql
+++ b/db/atlas/migrations/0003_stripe_xero.sql
@ -0,0 +1,13 @@
 CREATE TABLE stripe_accounts (
  id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
  user_id UUID NOT NULL REFERENCES users(id),
  stripe_account_id TEXT NOT NULL,
  created_at TIMESTAMPTZ NOT NULL DEFAULT now()
 );
 CREATE TABLE xero_connections (
  id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
  user_id UUID NOT NULL REFERENCES users(id),
  tenant_id TEXT NOT NULL,
  created_at TIMESTAMPTZ NOT NULL DEFAULT now()
 );
--- a/db/k8s/backups/pg-backup-cronjob.yaml
+++ b/db/k8s/backups/pg-backup-cronjob.yaml
@ -0,0 +1,26 @@
 apiVersion: batch/v1
 kind: CronJob
 metadata:
  name: postgres-backup
 spec:
  schedule: "30 18 * * 5" # weekly on friday at 18:30
  jobTemplate:
    spec:
      template:
        spec:
          restartPolicy: OnFailure
          containers:
            - name: backup
              image: postgres:16
              command:
                - /bin/sh
                - -c
                - |
                  pg_dump stripe_xero \
                  | gzip \
                  | aws s3 cp - s3://$S3_BUCKET/stripe_xero/$(date +%F).sql.gz
              envFrom:
                - secretRef:
                    name: postgres-secret
                - secretRef:
                    name: aws-backup-secret
--- a/db/k8s/migrations/atlas-job.yaml
+++ b/db/k8s/migrations/atlas-job.yaml
@ -0,0 +1,20 @@
 apiVersion: batch/v1
 kind: Job
 metadata:
  name: atlas-migrate
 spec:
  template:
    spec:
      restartPolicy: Never
      containers:
        - name: atlas
          image: arigaio/atlas:latest
          command: ["atlas", "migrate", "apply", "--env", "k8s"]
          envFrom:
            - secretRef:
                name: postgres-secret
 # You can run this:
 # kubectl apply -f k8s/migrations/atlas-job.yaml
 # Or later from CI.
--- a/db/k8s/postgres/deployment.yaml
+++ b/db/k8s/postgres/deployment.yaml
@ -0,0 +1,110 @@
 # --------------------------------------------------
 # PostgreSQL Secret
 # --------------------------------------------------
 apiVersion: v1
 kind: Secret
 metadata:
  name: postgres-secret
  namespace: default
 type: Opaque
 stringData:
  POSTGRES_USER: postgres
  POSTGRES_PASSWORD: postgrespassword
  POSTGRES_DB: stripe_xero
 ---
 # --------------------------------------------------
 # PersistentVolume (local disk on mist)
 # --------------------------------------------------
 apiVersion: v1
 kind: PersistentVolume
 metadata:
  name: postgres-pv
 spec:
  capacity:
    storage: 20Gi
  accessModes:
    - ReadWriteOnce
  persistentVolumeReclaimPolicy: Retain
  storageClassName: local-storage
  hostPath:
    path: /home/kimjunte/k8s_storage/postgres/stripe_xero
 ---
 # --------------------------------------------------
 # PersistentVolumeClaim
 # --------------------------------------------------
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
  name: postgres-pvc
  namespace: default
 spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 20Gi
  storageClassName: local-storage
 ---
 # --------------------------------------------------
 # PostgreSQL Deployment
 # --------------------------------------------------
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: postgres
  namespace: default
 spec:
  replicas: 1
  selector:
    matchLabels:
      app: postgres
  template:
    metadata:
      labels:
        app: postgres
    spec:
      containers:
        - name: postgres
          image: postgres:16
          ports:
            - containerPort: 5432
          envFrom:
            - secretRef:
                name: postgres-secret
          volumeMounts:
            - name: postgres-data
              mountPath: /var/lib/postgresql/data
          readinessProbe:
            tcpSocket:
              port: 5432
            initialDelaySeconds: 10
            periodSeconds: 5
          livenessProbe:
            tcpSocket:
              port: 5432
            initialDelaySeconds: 30
            periodSeconds: 10
      volumes:
        - name: postgres-data
          persistentVolumeClaim:
            claimName: postgres-pvc
 ---
 # --------------------------------------------------
 # PostgreSQL Service (internal only)
 # --------------------------------------------------
 apiVersion: v1
 kind: Service
 metadata:
  name: postgres
  namespace: default
 spec:
  type: ClusterIP
  selector:
    app: postgres
  ports:
    - port: 5432
      targetPort: 5432
--- a/db/k8s/secrets/aws-backup-secret.yaml
+++ b/db/k8s/secrets/aws-backup-secret.yaml
@ -0,0 +1,10 @@
 apiVersion: v1
 kind: Secret
 metadata:
  name: aws-backup-secret
 type: Opaque
 stringData:
  AWS_ACCESS_KEY_ID: xxx
  AWS_SECRET_ACCESS_KEY: yyy
  AWS_REGION: eu-west-2
  S3_BUCKET: mist-db-backups
--- a/db/k8s/secrets/postgres-secret.yaml
+++ b/db/k8s/secrets/postgres-secret.yaml
@ -0,0 +1,9 @@
 apiVersion: v1
 kind: Secret
 metadata:
  name: postgres-secret
 type: Opaque
 stringData:
  POSTGRES_USER: postgres
  POSTGRES_PASSWORD: averysecretpasswordPersonAppleWinter938
  POSTGRES_DB: stripe_xero
--- a/db/scripts/backup.sh
+++ b/db/scripts/backup.sh
--- a/db/scripts/migrate.sh
+++ b/db/scripts/migrate.sh
--- a/stripe_to_invoice/app/globals.css
+++ b/stripe_to_invoice/app/globals.css
--- a/stripe_to_invoice/app/page.tsx
+++ b/stripe_to_invoice/app/page.tsx
@ -1,3 +1,57 @@
 // app/page.tsx
 export default function Home() {
-    return <h1>Hello World</h1>
+  return (
-}
+    <main className="max-w-3xl mx-auto p-8 space-y-12">
      {/* What this is */}
      <section>
        <h1 className="text-2xl font-semibold">
          Stripe → Xero automation
        </h1>
        <p className="mt-2 text-gray-600">
          Automatically create and mark Xero invoices as paid when a Stripe payment succeeds.
          Built for people who value time more than pressing buttons.
        </p>
      </section>
      {/* Steps */}
      <section>
        <h2 className="text-xl font-medium">How it works</h2>
        <ol className="mt-4 space-y-3 list-decimal list-inside text-gray-700">
          <li>Log in</li>
          <li>Connect Stripe</li>
          <li>Connect Xero</li>
          <li>Make a payment</li>
          <li>Invoice appears in Xero as paid</li>
        </ol>
      </section>
      {/* Proof */}
      <section>
        <h2 className="text-xl font-medium">Proof, not promises</h2>
        <p className="mt-2 text-gray-600">
          Your next Stripe payment will automatically reconcile in Xero.
          No manual matching. No “awaiting payment”.
        </p>
      </section>
      {/* Pricing */}
      <section>
        <h2 className="text-xl font-medium">Pricing</h2>
        <p className="mt-2 text-gray-700">
          £200 / month — unlimited invoices.
        </p>
      </section>
      {/* CTA */}
      <section className="pt-8 border-t">
        <p className="text-gray-500 text-sm">
          This page is a placeholder. The product is the automation.
        </p>
      </section>
    </main>
  )
 }
--- a/stripe_to_invoice/run_local.sh
+++ b/stripe_to_invoice/run_local.sh
@ -0,0 +1 @@
 npm run dev