Gaps & Open Questions
What still needs confirmation or expansion. This page keeps the rest of the knowledgebase honest about what's code-verified versus carried over from older documentation.
Recently resolved
Production server inventory — confirmed
Reconciled against the Linode account (June 10, 2026). Production API runs on api-1, api-2, api-4 (PM2 behind a NodeBalancer); api-3 is Coolify-managed and runs the worker; MongoDB is a 3-node replica set (mongo-1/2/3). Full list on Environments & Deployment. The stale ecosystem.config.js deploy host (198.74.62.36) does not match any current server.
Coolify scope — confirmed
Coolify runs on its own host (coolify, Ubuntu 24.04) and manages only the API worker (api-3) — nothing else. Possible future: move the develop API behind Coolify to simplify the workflow (not done yet).
Admin panel host — confirmed (Heroku)
The admin panel is on Heroku, not Linode — branch-based CI/CD (develop/staging/master) plus PR review apps. The old documentation was correct on this; an earlier draft of this knowledgebase incorrectly said it had moved to a container host. Now fixed on the Admin Panel page.
CDN — confirmed
Split by domain type: production town subdomains are defined manually in CloudFlare (proxied); the .dev, .preview, and .www3 domains use AWS CloudFront with wildcards. Documented on Environments & Deployment.
To verify
| Item | Status | Note |
|---|---|---|
| Full DB restore procedure | Unverified | Prior runbook section was flagged by the author as needing a rewrite. |
| Dev refresh workflow | Known gap | No streamlined prod→dev data sync; mongo-dev is refreshed by restoring a backup into a new instance. |
| Staging environments | Aspirational | Admin panel has a staging app but it's not actively used; worth standing up properly. |
Known tech-debt / risks
| Item | Note |
|---|---|
| MongoDB 3.4 | Long past end-of-life; plan upgrade/migration carefully against the pinned Mongoose version. |
| Admin panel toolchain | AngularJS (EOL), Node 8 build, Gulp 3, Bower — fragile to rebuild; modernization is a project. |
| docker-compose.prod.yml drift | References the old macaroni-kid-2.web and maps the API on port 3000 instead of 8080. |
| Matomo decommission | In progress — finish VM deletion + DNS/cert/monitoring cleanup. See Analytics Decommission. |
| Legacy GA tag | web2 still includes the retired Universal Analytics property alongside GA4 — clean up. |
Not yet documented
- Per-endpoint API reference (routes, params, auth requirements) — could be generated like the GIS knowledgebase's reference pages.
- Auth model detail — JWT issuance, roles/permissions, 2FA (
speakeasy) flows. - Newsletter rendering pipeline end-to-end (templates → inlining → send → metrics).
- Secrets management — where production
.envvalues live and how they're rotated.