mirror of
https://github.com/DevVoxel/VectorDNS.git
synced 2026-02-27 05:47:38 +00:00
Add roadmap and update README
This commit is contained in:
Aiden Smith
123
ROADMAP.md
Normal file
123
ROADMAP.md
Normal file
@@ -0,0 +1,123 @@
|
||||
# VectorDNS Roadmap
|
||||
|
||||
## Overview
|
||||
|
||||
VectorDNS is a web-based DNS toolkit. Anyone can look up DNS records, WHOIS data, and domain availability without signing in. Authenticated users get a persistent dashboard to save domains, track DNS changes over time, and receive alerts when something changes.
|
||||
|
||||
---
|
||||
|
||||
## Tech Stack
|
||||
|
||||
| Layer | Choice |
|
||||
|---|---|
|
||||
| Framework | Next.js 16 (App Router) |
|
||||
| Language | TypeScript (strict) |
|
||||
| Styling | Tailwind CSS v4 + shadcn/ui |
|
||||
| Auth & DB | Supabase (`@supabase/ssr`) |
|
||||
| DNS Lookups | Tangerine (DNS-over-HTTPS) |
|
||||
| WHOIS | whoiser (RDAP, free) |
|
||||
| Availability | IANA RDAP API (free) |
|
||||
| Email Alerts | Resend |
|
||||
| Deployment | Vercel |
|
||||
| Package Manager | Bun |
|
||||
|
||||
---
|
||||
|
||||
## Phase 1 — Foundation
|
||||
|
||||
Everything needed before any features can work.
|
||||
|
||||
- [ ] **TypeScript types** — Define shared types for DNS records, WHOIS data, availability results, and database models (`lib/types/`)
|
||||
- [ ] **Supabase schema** — Create migration files for all tables: `profiles`, `saved_domains`, `dns_history`, `availability_history`, `notifications`. Enable Row Level Security on every table.
|
||||
- [ ] **Supabase client setup** — Server client, browser client, and middleware for session refresh (`lib/supabase/`). Use `@supabase/ssr` only (auth-helpers is deprecated).
|
||||
- [ ] **Project config** — `.env.local.example` with all required env vars, `vercel.json` with cron schedule, typed env accessor (`lib/env.ts`)
|
||||
|
||||
## Phase 2 — Core Services
|
||||
|
||||
The backend logic that powers lookups. No UI yet — just service layers and API routes.
|
||||
|
||||
- [ ] **DNS service** — Install `tangerine`. Create `lib/dns/` that queries all 9 record types (A, AAAA, MX, TXT, NS, CNAME, SOA, CAA, SRV) via DNS-over-HTTPS. Returns structured results, never throws on missing records.
|
||||
- [ ] **WHOIS service** — Install `whoiser`. Create `lib/whois/` that extracts registrar, dates, nameservers, status. Graceful error on unsupported TLDs.
|
||||
- [ ] **Availability service** — Fetch `https://rdap.org/domain/{domain}`. 404 = available, 200 = registered. No API key needed. Create `lib/availability/`.
|
||||
- [ ] **DNS lookup API** — `POST /api/dns/lookup` — public, rate-limited (30 req/min per IP)
|
||||
- [ ] **WHOIS lookup API** — `POST /api/whois/lookup` — public, rate-limited (20 req/min per IP)
|
||||
- [ ] **Availability check API** — `POST /api/availability/check` — public
|
||||
- [ ] **Integration tests** for each API route (use `bun test`)
|
||||
|
||||
## Phase 3 — Authentication
|
||||
|
||||
- [ ] **Auth system** — Configure Supabase Auth with all 4 providers: GitHub OAuth, Google OAuth, email+password, magic link
|
||||
- [ ] **Auth actions** — Server actions for sign in/out across all providers (`lib/auth/actions.ts`)
|
||||
- [ ] **OAuth callback** — `app/auth/callback/route.ts` handles code exchange
|
||||
- [ ] **Middleware** — Protect `/dashboard/*` routes, redirect unauthenticated users to login
|
||||
- [ ] **Login/signup pages** — OAuth buttons, email form, magic link option
|
||||
|
||||
## Phase 4 — Public UI
|
||||
|
||||
Pages that work without an account.
|
||||
|
||||
- [ ] **App shell** — Root layout with header (logo, nav, theme toggle, auth button), footer
|
||||
- [ ] **Homepage** — *(done)* Hero, search form, feature cards
|
||||
- [ ] **DNS results page** — `app/lookup/[domain]/page.tsx` — tabbed DNS records, WHOIS card, availability badge. Shareable URL.
|
||||
- [ ] **Save to Dashboard button** — Shown to logged-in users on the results page
|
||||
|
||||
## Phase 5 — Dashboard
|
||||
|
||||
Authenticated features behind `/dashboard`.
|
||||
|
||||
- [ ] **Dashboard layout** — Sidebar navigation, overview stats (saved count, recent changes, unread notifications)
|
||||
- [ ] **Saved domains CRUD** — `GET/POST /api/domains`, `GET/PUT/DELETE /api/domains/[id]`
|
||||
- [ ] **Domains list page** — Table/card grid of saved domains with add/delete/re-check actions
|
||||
- [ ] **Domain detail page** — Tabbed view: current DNS records, DNS history timeline, change diff (old vs new), availability history, WHOIS data
|
||||
- [ ] **Notes & tags** — Inline-editable notes (plain text) and tags (chip input) per domain, auto-saves on blur
|
||||
- [ ] **Manual re-check** — `POST /api/domains/[id]/check` triggers fresh DNS/WHOIS/availability lookups and stores snapshots
|
||||
|
||||
## Phase 6 — Monitoring & Alerts
|
||||
|
||||
Automated change detection and notifications.
|
||||
|
||||
- [ ] **Change detection service** — `lib/monitoring/` — compares DNS snapshots, detects added/removed records, availability flips, expiry changes
|
||||
- [ ] **Daily cron job** — `GET /api/cron/check-domains` (secured with `CRON_SECRET`) — re-checks up to 50 domains per run, stores new snapshots, creates notifications on change
|
||||
- [ ] **In-app notifications** — `notifications` table + API routes + bell icon with unread count in header + notification center page
|
||||
- [ ] **Email alerts** — Install `resend`. Send emails on DNS changes, availability changes, expiry warnings. Respects user preference (`notification_email` toggle in profile).
|
||||
|
||||
## Phase 7 — Settings & Polish
|
||||
|
||||
- [ ] **User settings page** — Profile info, notification email toggle, sign out, delete account
|
||||
- [ ] **Error handling** — Root error boundary (`app/error.tsx`), 404 page, loading skeletons for lookup and dashboard pages
|
||||
- [ ] **Toasts** — Wire up `sonner` globally for success/error feedback
|
||||
- [ ] **SEO** — Page-specific metadata, OG image, `robots.ts` (disallow dashboard/api), `sitemap.ts`
|
||||
|
||||
## Phase 8 — Testing & QA
|
||||
|
||||
- [ ] **Consolidate integration tests** — All API routes, change detection logic, auth flows
|
||||
- [ ] **Build verification** — `bun run build` passes, zero TS errors, zero lint issues
|
||||
- [ ] **Manual QA pass** — Walk through every page, both light and dark mode
|
||||
|
||||
---
|
||||
|
||||
## Out of Scope (Future)
|
||||
|
||||
These are explicitly not part of the current build:
|
||||
|
||||
- Registrar API integration / domain purchasing
|
||||
- Paid DNS API providers (architecture supports swapping, but free-only for now)
|
||||
- Bulk domain scanning
|
||||
- Billing / subscriptions
|
||||
- Browser push notifications
|
||||
- Rich text notes
|
||||
- Domain sharing between users
|
||||
|
||||
---
|
||||
|
||||
## Key Architecture Decisions
|
||||
|
||||
| Decision | Rationale |
|
||||
|---|---|
|
||||
| `@supabase/ssr` not `auth-helpers` | auth-helpers is deprecated as of late 2025 |
|
||||
| Tangerine (DoH) not Node `dns` | Works in serverless (Vercel), no system resolver dependency |
|
||||
| IANA RDAP for availability | Free, no API key, standard protocol. Provider interface allows swapping to paid APIs later. |
|
||||
| Resend not Supabase SMTP | Supabase built-in SMTP has a 3 emails/hour limit |
|
||||
| In-memory rate limiting | Simple Map-based per-IP. No Redis dependency for MVP. |
|
||||
| `TEXT[]` for tags | Postgres array, no separate tags table. Good enough for MVP. |
|
||||
| Daily cron, 50 domains/run | Fits Vercel hobby tier (10s function timeout, 1 cron/day) |
|
||||
Reference in New Issue
Block a user