A multi-stack platform for a US aesthetics and treatments company — an Odoo 18 ERP, a Next.js website on AWS, Lambdas for UPS shipment tracking and link verification, GCP Cloud Run services for OpenAI verification pipelines. We own the seams: the AWS Terraform estate, the serverless integrations, and the QA load testing.
Procell Therapies is a US aesthetics and cosmetic treatments company. The platform behind the business is a constellation — an Odoo 18 ERP with 110-plus custom modules covering sales, treatment packs, workshops and an academy; a Next.js website that doubles as the e-commerce front; AWS Lambdas for UPS shipment tracking and inbound link verification; Google Cloud Run services for OpenAI-driven contact-attempt and stake-claim verification. Several teams contribute. We own specific pieces of it.
On AWS we own the Terraform estate — ECS / Fargate for the website with blue-green deploys via CodeDeploy, RDS Postgres per environment, ALB with HTTP→HTTPS redirect, CloudFront for static assets, bastion for DB access, EventBridge → Lambda → Slack notifications on every deploy success or failure. On serverless we maintain four GCP Cloud Run services (two OpenAI verification pipelines, a SendGrid webhook batcher, a Zoom webhook proxy) and four AWS Lambdas (UPS tracking, UPS webhook relay, link-checker for backlink verification, and the website's own deploy notifier).
On the Next.js website specifically we hold a narrower seat: Hasina runs the QA and the load-testing battery, exercising the e-commerce paths before the high-traffic moments. Dan is the DevOps engineer behind those deploys — Terraform-managed infrastructure, CodePipeline (Source → CodeBuild → CodeDeployToECS), and the Slack notifications that tell the team when a deploy lands.
Procell's platform was never going to be one stack. The ERP belongs in Odoo because that's where the business shape — treatment packs, workshops, academy enrollment — already lived. The website belongs in Next.js because that's what its team writes well. The OpenAI verification pipelines belong on Cloud Run because they're event-shaped, not request-shaped. Our seat is the seams between them.
Terraform-managed AWS estate: ECS / Fargate for the website (blue/green via CodeDeploy), RDS Postgres per env, ALB, CloudFront, bastion, multi-environment from one module.
2-step OpenAI Responses API pipeline that verifies whether outreach was actually made on a lead.
3-step OpenAI verification pipeline for stake-claim documentation.
SendGrid events buffered to GCS and batched to Odoo every 15 minutes; Zoom events proxied to Odoo via Cloud Tasks.
DynamoDB-backed shipment puller with `CodeIndex` GSI, status push to Odoo, rate-limit aware, runs only 9 AM – 5 PM EST and skips Sundays.
Inbound carrier callbacks routed to Odoo.
Headless-browser backlink verification — Docker-packaged so the browser binary travels with the function.
EventBridge → Lambda → Slack on every CodeDeploy SUCCESS / FAILURE, webhook URL stored as SSM SecureString.
Same `procell_website/` Terraform module instantiated twice — `_production` (branch=main) and `_staging` (branch=staging). All resource names derived from `var.branch`.
Hasina's pre-launch battery on the Next.js e-commerce paths — load suites and regression suites run before traffic moves.
Targeted custom-module contributions inside the 110-module ERP, alongside the client engineering team.
Procell's platform spans Odoo 18, a Next.js website, AWS Lambdas, and GCP Cloud Run services. Several teams contribute. We own the seams: the AWS infrastructure that hosts the website, the GCP services that talk to Odoo over REST, the Lambdas that bridge UPS and Odoo, and the QA pass that says it's safe to deploy.
The website's path to production is declarative. Source → CodeBuild → CodeDeployToECS, blue/green target groups, EventBridge → Lambda → Slack on success or failure. Two environments are the same module instantiated twice — production (branch=main) and staging (branch=staging) — names and databases differ, the shape doesn't.
OpenAI verification pipelines don't fit the request-response shape. The contact-made checker is a two-step pipeline; the stake-claim checker is three steps. Both run on Cloud Run, gated by GCP IAM, with a SendGrid webhook handler that buffers events to GCS and a Zoom webhook handler that proxies through Cloud Tasks. The CI tests every step in isolation with mocked OpenAI so test runs cost zero tokens.
Hasina holds the QA seat on the Next.js side — exercising the e-commerce paths before the launches that move traffic. A load battery, a regression battery, and a list of known-soft places that get extra love before each release. The Slack deploy notifier tells everyone when the green light flips.
Website deploys go through CodePipeline (Source → CodeBuild → CodeDeployToECS) into blue / green target groups on Fargate. EventBridge listens for CodeDeploy SUCCESS and FAILURE events, hits a small Lambda (`procell_website/lambda/slack_notify.py`), and Slack carries the result. Webhook URL lives in SSM SecureString at `/procell-website/${branch}/slack-webhook-url` — branch-scoped, never in code.
`procell_website/` is a reusable module instantiated twice from the root — `procell_website_production` (branch=main) and `procell_website_staging` (branch=staging). The `branch` variable drives every resource name: `procell-website-${var.branch}`. New environments are a one-tf-block addition.
The UPS Lambda pulls active shipments from DynamoDB (queried by `Code` via a `CodeIndex` GSI), calls the UPS tracking API for each, and pushes status changes back to Odoo over HTTP. Run state (`SUCCESS` / `RATE_LIMIT`) lives in a `${TABLE}-result` table under a static id — that's what gates re-runs. The run skips Sundays and only fires between 9 AM and 5 PM EST. UPS rate-limit code 10429 stops the run for four hours.
The contact-made checker is two OpenAI calls in series — first a structured extraction, then a verification — wired together on Cloud Run via the OpenAI Responses API. The stake-claim checker is three steps. Both deploy from `procell_cloud_functions/functions/<name>/`, run from a shared `procell_cloud_env` conda environment, and ship with a Pytest suite that mocks the OpenAI side so test runs cost zero tokens.
Given `{url, imageUrl, backlinkUrl}`, the link-checker Lambda launches a headless browser and verifies that the page at `url` contains an `<a href=backlinkUrl>` wrapping an `<img src=imageUrl>` — returns `{found: true|false}`. Packaged as a Docker image so the browser binary travels with the Lambda. Backed by a Pytest suite with a mock-server fixture.
The whole estate lives under the `procelltherapies` profile — every Terraform command needs `AWS_PROFILE=procelltherapies` or it fails or hits the wrong account. State sits in S3 (`terraform-procell-therapies-bucket`) keyed `procell-therapies/terrafo.tfstate`. A bastion `t3.micro` in front of RDS keeps DB access out of the public internet.