Skip to content

Architecture Overview

System Diagram

Architecture Diagram

High-Level Architecture

Stage 0 Architecture

Components

Application Layer

Component Technology Purpose
Web Framework Next.js 15 App Router, React Server Components
Language TypeScript 5.7 Strict mode enabled
ORM Prisma Database access

Infrastructure Layer

Component Technology Purpose
Compute AWS App Runner Serverless container hosting
Database AWS RDS SQL Server Relational database
Container Registry AWS ECR Docker image storage
DNS Cloudflare DNS and CDN
Security Cloudflare Access Zero Trust authentication

DevOps

Component Technology Purpose
CI/CD GitHub Actions Build, test, deploy
IaC Terraform Infrastructure provisioning
Secrets AWS Secrets Manager Sensitive configuration

Project Structure

luminarium-proof/
├── src/
│   ├── app/                    # Next.js App Router
│   │   ├── api/health/         # Health check endpoint
│   │   ├── layout.tsx          # Root layout
│   │   └── page.tsx            # Home page
│   ├── lib/
│   │   ├── db.ts               # Prisma client
│   │   └── cloudflare-keys.generated.ts
│   └── middleware.ts           # JWT validation
├── prisma/
│   └── schema.prisma           # Database schema
├── infra/
│   └── app/                    # Terraform configs
├── docs/                       # Documentation (this site)
├── .github/workflows/          # CI/CD pipelines
└── .rules/                     # Coding standards

Data Flow

Request Flow (Authenticated)

  1. User navigates to luminarium-proof-dev.luminarium.ai
  2. Cloudflare Access intercepts request
  3. User authenticates with email (OTP or Google)
  4. Cloudflare issues JWT token
  5. Request forwarded to App Runner with JWT
  6. Middleware validates JWT using embedded public keys
  7. Request processed by Next.js application
  8. Database queries via Prisma (if needed)
  9. Response returned through Cloudflare

Health Check Flow (Public)

  1. Request to /api/health (no auth required)
  2. Middleware skips JWT validation for this path
  3. Health endpoint checks database connectivity
  4. Returns JSON status

Future Architecture (Post Stage 0)

Future Architecture

Future stages will add:

  • NextAuth.js - Application-level authentication
  • LangChain - AI agent orchestration
  • AssemblyAI - Voice transcription
  • Logfire - Observability and tracing