Operations Manual

Stack

Key URLs

• Production: https://oneminutemanager.ai (and www.)
• Preview: project--18788426-1fa0-4f84-b720-53bc13e91fbe-dev.lovable.app
• Backend admin: Project Settings → View Backend

How a submission travels end-to-end.

• User opens any LeadDialog (nav, hero, pricing, footer CTAs) and submits the form.
• Frontend calls the submitLead server function (src/lib/leads.functions.ts).
• Zod validates inputs; row inserted into public.leads via the service-role admin client.
• An email is enqueued to pgmq.transactional_emails using the lead-notification template.
• The queue processor route picks it up and delivers via the email provider.
• An unsubscribe token is upserted in email_unsubscribe_tokens for the recipient.
• Send is recorded in email_send_log (pending → sent / failed).

Verifying a submission

• Submit a test lead from the preview site.
• Backend → leads: confirm new row.
• Backend → email_send_log: confirm sent status for lead-notification.
• Check the inbox configured by LEAD_NOTIFICATION_EMAIL (currently Leads@oneminutemanager.ai).

Update a secret in Project Settings → Secrets. Server functions read it on the next call via process.env.NAME.

Templates

• Templates live in src/lib/email-templates/ and are registered in registry.ts.
• Each template must expose a Zod schema; the /send route rejects payloads that fail validation.
• Current template: lead-notification (name, email, company, role, message, source, submittedAt).

Queue & delivery

• Mail is enqueued to pgmq.transactional_emails via enqueue_email (SECURITY DEFINER, service-role only).
• The processor route reads batches, sends, and logs the outcome in email_send_log.
• Failures move to a DLQ via move_to_dlq. Inspect failed rows in the backend to retry or debug.
• Sender domain: notify.oneminutemanager.ai. DNS records must remain verified for delivery.

Adding a new template

• Create src/lib/email-templates/<name>.tsx exporting component, subject, and schema.
• Register it in registry.ts.
• Preview at /lovable/email/transactional/preview?template=<name>.
• Send via the /send route with a JSON body matching the schema.

• Apex: oneminutemanager.ai; subdomain: www.oneminutemanager.ai.
• DNS records required at the registrar:

A    @     →  185.158.133.1
A    www   →  185.158.133.1
TXT  _lovable  →  (verification value from Project Settings)

• Manage in Project Settings → Domains. Re-verify if records change.
• Sender domain DNS (SPF / DKIM / DMARC) is separate and managed under the email provider.

• All public tables have RLS enabled with explicit policies; leads is service-role only.
• Email queue wrapper functions are SECURITY DEFINER with EXECUTE restricted to service_role.
• The /send route enforces per-template Zod validation to prevent injection.
• Service-role key is never imported from client code (file: client.server.ts).
• Run a fresh scan in Project Settings → Security. Fix findings before publishing.

Lead alerts not arriving

• Confirm LEAD_NOTIFICATION_EMAIL is set and spelled correctly.
• Check email_send_log for the most recent lead-notification rows.
• If status is failed, inspect error_message and the pgmq DLQ.
• Verify sender DNS (SPF / DKIM / DMARC) for notify.oneminutemanager.ai.
• Check the recipient's spam folder; whitelist the sender address.

Form submits but no row in leads

• Open browser devtools → Network → inspect the submitLead request and response.
• Check Lovable Cloud function logs for submitLead insert error.
• Validate RLS policies on public.leads still allow service-role inserts.

Site won't load on custom domain

• Confirm A and TXT records match the values in Project Settings → Domains.
• Wait for DNS propagation (up to a few hours).
• Re-publish the project after any router or root-route change.

Rotating a secret

• Update the value in Project Settings → Secrets.
• No redeploy needed; the next server-function invocation picks it up.
• For SUPABASE_SERVICE_ROLE_KEY rotation, use the backend admin UI and update the secret in the same window.

• Headlines, modules, pricing tiers, and CTAs all live in src/routes/index.tsx.
• Hero image: src/assets/principal.jpg (replace the file or re-generate to update).
• Global metadata / title / OG tags: src/routes/__root.tsx plus per-route head().
• For quick text, color, and font tweaks, use Visual Edits in the Lovable composer to avoid prompt cost.

Publishing

• Use the Publish action in Lovable to push the latest preview to oneminutemanager.ai.
• After publishing, smoke-test: load home, open a LeadDialog, submit a test lead, confirm the alert email.