gammanexus/docs/implementation-plan.md

# GammaDesk Implementation Plan

## Phase 1: Database & Infrastructure Foundation (PRIORITY)

### 1.1 PostgreSQL Migration
- [ ] Provision PostgreSQL droplet on DigitalOcean (2vCPU/2GB)
- [ ] Create managed PostgreSQL schema from current SQLite schema
- [ ] Update drizzle-orm from better-sqlite3 to postgres adapter
- [ ] Migrate existing data.db to PostgreSQL
- [ ] Update connection strings and environment variables
- [ ] Test all auth + market data endpoints

### 1.2 Dockerize Application
- [ ] Create Dockerfile for Node.js app
- [ ] Create docker-compose.yml (app + postgres + nginx)
- [ ] Test local docker-compose workflow
- [ ] Deploy to production droplet

### 1.3 Production Environment Setup
- [ ] Setup .env.production with secure secrets
- [ ] Configure nginx SSL properly (certbot renew cron)
- [ ] Setup health checks and monitoring

## Phase 2: Authentication Enhancement

### 2.1 OAuth Integration
- [ ] Setup Google OAuth credentials (Google Cloud Console)
- [ ] Setup Apple OAuth credentials (Apple Developer)
- [ ] Setup X.com (Twitter) OAuth credentials
- [ ] Implement Passport.js strategies for each provider
- [ ] Add OAuth callback routes
- [ ] Update login page with OAuth buttons
- [ ] Link existing email accounts to OAuth providers

### 2.2 Email Service (Brevo)
- [ ] Wait for Eli to setup Brevo account ($15/mo)
- [ ] Configure SMTP credentials in .env
- [ ] Implement password reset flow
- [ ] Implement email verification on signup
- [ ] Setup Brevo templates (welcome, reset, verification)

## Phase 3: Feature Development

### 3.1 GEX ETF-to-Futures Toggle
- [ ] Research SPY→ES, QQQ→NQ conversion factors
- [ ] Implement conversion logic in server/marketData.ts
- [ ] Create toggle component in UI
- [ ] Update charts to reflect converted levels
- [ ] Test with real ORATS data (when available)

### 3.2 Vertical GEX Visualization
- [ ] Redesign GEX chart to show vertical levels on price chart
- [ ] Implement Tanuki-style overlay
- [ ] Add call wall / put wall markers
- [ ] Add HVL (High Volume Level) markers

### 3.3 ORATS API Integration
- [ ] Wait for Eli to provide API credentials
- [ ] Update server/oratsClient.ts with live endpoint
- [ ] Implement rate limiting and caching
- [ ] Add real-time WebSocket feeds (if available)
- [ ] Update all mock data endpoints

## Phase 4: Scaling & DevOps

### 4.1 Infrastructure Scaling
- [ ] Provision additional VPS instances on DigitalOcean
- [ ] Setup load balancer (HAProxy or DO Load Balancer)
- [ ] Configure database replication (N+1 pattern)
- [ ] Implement round-robin DNS or load balancer routing

### 4.2 Kubernetes & Terraform
- [ ] Setup Terraform project for DO infrastructure
- [ ] Define resources: droplets, databases, load balancers, DNS
- [ ] Create Kubernetes manifests
- [ ] Implement auto-scaling policies
- [ ] Setup GitLab CI/CD pipeline
- [ ] Configure deployment strategies (blue-green, canary)

## Phase 5: Polish & Launch

### 5.1 Security Audit
- [ ] Review all API endpoints for security
- [ ] Implement rate limiting
- [ ] Setup HTTPS everywhere
- [ ] Implement CSRF protection
- [ ] Audit CORS policies

### 5.2 Performance
- [ ] Implement CDN for static assets
- [ ] Setup database connection pooling
- [ ] Implement response caching
- [ ] Optimize bundle sizes
- [ ] Lighthouse audit

### 5.3 Monitoring
- [ ] Setup error tracking (Sentry)
- [ ] Implement uptime monitoring
- [ ] Configure log aggregation
- [ ] Setup alerting (Discord webhook)

## Current Blockers

| Blocker | Owner | Status |
|---------|-------|--------|
| ORATS API purchase (3D Secure bank error) | Eli | 🔴 Blocked |
| Tanuki Trades credentials | Eli → Vaval | 🔴 Blocked |
| Brevo account signup | Eli | 🔴 Blocked |
| Design files from cyberpunk render | Eli | 🔴 Blocked |

## Dependencies
- Phase 2.2 depends on Eli setting up Brevo
- Phase 3.3 depends on Eli providing ORATS API credentials
- Phase 3.1/3.2 can proceed independently with mock data
- Phase 4 can begin in parallel with Phase 2