Admin Overview
This section is for platform operators responsible for running the Megabyte Island GaaS infrastructure.
Architecture Summary
Browser (SvelteKit)
│
▼
Backend (Node.js Express, :3001)
├── POST /api/auth/* — JWT auth, bcrypt passwords
├── POST /api/checkout — Stripe Checkout session creation
├── POST /webhooks/stripe — invoice.paid → provisionAgent()
├── GET /api/agents — list user's agents (no raw keys)
├── GET /api/agents/:id/credentials — AES-256 decrypt on demand
└── POST /api/agents/:id/chat — SSE proxy to Gradient AI
│
├── PostgreSQL (users, subscriptions, agents)
├── Stripe (billing, webhooks)
└── Gradient AI (agent + key provisioning)
Key design decisions
| Decision | Rationale |
|---|
| No Docker | Simplified ops; PM2/Systemd for process management |
| AES-256-GCM for keys | access keys never stored in plaintext |
| Webhook-driven provisioning | Decouples payment from provisioning; resilient to timeouts |
| JWT in httpOnly cookie | Protects against XSS token theft |
| Backend chat proxy | DO master token never reaches the browser |
Admin sections
| Section | What it covers |
|---|
| Initial Setup | Env vars, DB migration, first run |
| Stripe Configuration | Products, prices, webhook setup |
| AI Platform Setup | Gradient AI token, quota |
| Database | Schema, migrations, backups |
| Deployment | PM2, Systemd, NGINX, TLS |