CertaOS
Core

Architecture

Runtime split, service boundaries, and key architectural decisions

Runtime split

  • src/ runs on Vercel as a Next.js App Router app.
  • worker/ runs on Railway for jobs, scheduling, and integration work.
  • Shared schema and types live in src/db/schema/ and src/types/.

Key boundaries

  • Auth/session: Better Auth
  • Data authz: Supabase Postgres RLS
  • Async workflows: worker jobs
  • Compliance checks: centralized status transition and validation logic

For full detail, refer to root architecture.md.

Engineering Workflow

Branch, PR, and documentation expectations for contributors

Authentication

Better Auth setup, environment variables, invites, and dashboard gating

On this page

Runtime splitKey boundaries