AutoBlocks runs as four deployable services plus Postgres, orchestrated on Render per render.yaml. You interact with two browser sites; everything else runs server-side.
Technology stack (user-relevant)
| Layer | Technology | Your touchpoint |
|---|---|---|
| Marketing site | Next.js (apps/marketing-web) | autoblocks.pro |
| Product app | Next.js (apps/product-web) | autoblocks.run |
| API | Fastify (apps/api) | Session, CRUD, billing, help chat, AI |
| Worker | Node poll loop (apps/worker) | Schedules + pending run execution |
| Database | PostgreSQL | Tenant data, routines, runs, billing |
| Resend | Failure/completion notifications | |
| Payments | Stripe | Checkout + subscription webhooks |
| Help + docs corpus | @routines/user-docs | Grounds POST /help/chat |
Production services (Render)
| Render name | Type | Domain / role | Monorepo path |
|---|---|---|---|
| autoblocks-mktg | Web | autoblocks.pro | apps/marketing-web |
| autoblocks-web | Web | autoblocks.run | apps/product-web |
| autoblocks-api | Web | api.autoblocks.run | apps/api |
| autoblocks-worker | Worker | Internal | apps/worker |
| autoblocks-postgres | Database | Private network | packages/db |
Public URLs are set in the autoblocks-platform env group: MARKETING_WEB_URL, PRODUCT_WEB_URL, NEXT_PUBLIC_API_URL.
High-level system diagram
flowchart TB
subgraph browser [Your browser]
PRO["autoblocks.pro"]
RUN["autoblocks.run"]
end
subgraph render [Render platform]
MKTG["autoblocks-mktg"]
WEB["autoblocks-web"]
API["autoblocks-api"]
WRK["autoblocks-worker"]
PG[(autoblocks-postgres)]
end
subgraph external [External services]
Stripe["Stripe"]
Resend["Resend"]
OpenAI["OpenAI — AI assist + help"]
end
PRO --> MKTG
RUN --> WEB
MKTG -->|"POST /help/chat"| API
WEB -->|"credentials: include"| API
API --> PG
WRK --> PG
API --> Stripe
Stripe -->|"POST /billing/webhooks/stripe"| API
API --> Resend
API --> OpenAI
The worker does not expose a public URL for routine operations. It polls Postgres for pending runs and schedule ticks (apps/worker/src/index.ts).
Monorepo layout (ASCII)
autoblocks.ai/
├── apps/
│ ├── marketing-web/ # autoblocks.pro
│ ├── product-web/ # autoblocks.run
│ ├── api/ # api.autoblocks.run
│ └── worker/ # background execution
├── packages/
│ ├── user-docs/ # help corpus + chat logic
│ ├── template-catalog/ # template metadata
│ ├── billing/ # plans, Stripe, entitlements
│ ├── workflow-domain/ # trigger/step types
│ └── db/ # schema + migrations
└── render.yaml # deploy blueprint
Authentication flow
Session cookies are issued by the API after sign-up or sign-in. The product app sends credentials on each request.
sequenceDiagram
participant User
participant Product as product-web
participant API as api.autoblocks.run
participant DB as Postgres
User->>Product: Submit signup/login form
Product->>API: POST /auth/sign-up or /auth/sign-in
API->>DB: Create or verify user + tenant
API-->>Product: Set session cookie
Product->>API: GET /auth/session (cookie)
API-->>Product: User + tenantId
Product-->>User: Dashboard / onboarding
Marketing /login redirects to product login (apps/marketing-web/src/app/login/route.ts).
Execution flow
| Trigger kind | Who starts the run | Where it runs |
|---|---|---|
| Manual | You — POST /routines/:id/execute | API enqueues → worker executes |
| Schedule | Worker cron tick | Worker inserts pending run → executes |
| Inbound webhook | External POST POST /hooks/:pathToken | API enqueues → worker executes |
flowchart LR
Manual["Manual button"]
Schedule["Schedule tick"]
Webhook["Inbound webhook"]
API["API creates pending run"]
Worker["Worker polls + executes"]
Activity["/activity history"]
Manual --> API
Schedule --> Worker
Webhook --> API
API --> Worker
Worker --> Activity
Data you own (simplified)
| Store | Contains |
|---|---|
| User + tenant | Account, workspace membership |
| Routines + versions | AutoBlock definitions, triggers, steps |
| Execution runs | Status, logs, trigger metadata |
| Schedules | Cron, timezone, last/next run |
| Webhook endpoints | Path tokens linked to routines |
| Subscriptions | Plan, trial, Stripe IDs |
| Notifications | In-app inbox items |
All tenant-scoped data is isolated per workspace. Help chat on marketing does not read your tenant data.
Security notes (consumer)
| Topic | Behavior |
|---|---|
| CORS | API allows marketing + product origins only |
| Help chat | Public endpoint; no auth; corpus-grounded answers |
| AI assist | Requires auth + tenant membership |
| Webhook endpoints | Unguessable path tokens; optional idempotency key |
| Stripe webhooks | Signature verification in production |
Related reading
Last updated 2026-06-04 — matches current apps/ and packages/ layout in the monorepo.