2ac42b99a7
Sun-Tzu (silent backend) — builds the strongest pro-anomaly brief the
corpus supports for any topic. Bilingual JSON: thesis + 2-4 pillars
(each with claim + citation-backed support) + honest residual
unexplained clause. NEVER surfaced reader-facing.
Migration 0009 (apply as supabase_admin):
public.pro_anomaly_briefs brief_pk BIGSERIAL PK
brief_id B-NNNN unique
topic + topic_pt_br
thesis + thesis_pt_br
pillars JSONB
unexplained + unexplained_pt_br
doc_id, job_id, created_by, created_at
+ brief_id_seq sequence
+ GIN trigram indexes on topic + topic_pt_br
+ RLS policies (investigator INSERT, public SELECT)
+ GRANTs on seq + table to investigator
prompts/sun-tzu.md
"Adversarial strategist who plays the pro-disclosure side with the
same rigour a red-team plays skeptic" — single thesis, 2-4 pillars,
honest residual. Every claim cites a chunk. No fabrication from
training-time knowledge. Output INTERNAL — case-writer pulls it.
Bilingual mandatory. NO_STRONG_CASE sentinel when corpus is thin.
detectives/sun_tzu.ts
Grounds with hybridSearch top 18 chunks, calls Sonnet, parses
JSON strict, calls writeProAnomalyBrief.
tools/write_pro_anomaly_brief.ts
Validates 2-4 pillars with bilingual claim+support, requires at
least one [[wiki-link]] citation per pillar, INSERTs.
orchestrator: new kind "anomaly_brief" dispatches Sun-Tzu.
Case-writer integration (detectives/case_writer.ts):
- Pulls most recent matching brief via ILIKE on topic or doc_id.
- Renders brief as a separate prompt section labelled
"Strategic brief (internal — do NOT cite or attribute)".
- Instructs the narrator to weave the thesis as a quiet through-
line, use pillar facts in scenes, let the unexplained clause
inform the closing paragraph. Forbidden to name "the analyst",
say "a brief argues", or use the words "thesis"/"pillar"
explicitly. Translate it into prose.
Entity hero illustrations:
- 3 painterly editorial illustrations generated via Nano Banana
Pro at 2K, stored under /data/disclosure/processing/case-art/:
* EV-1947-06-24-kenneth-arnold-sighting.png — cockpit POV of
Arnold in a CallAir A-2 over Mount Rainier, 9 chevron disc
objects in formation, 1947 Life-magazine register.
* EV-1947-07-08-roswell-incident.png — debris field in NM
desert, USAAF officer in 1947 uniform examining foil
fragments, period staff car.
* EV-1947-06-21-maury-island-incident.png — wooden patrol
boat on Puget Sound, 6 doughnut craft hovering, one
shedding glowing slag, Harold Dahl + son + dog watching.
- app/e/[cls]/[id]/page.tsx: full-bleed editorial hero replaces
the old gradient header card when an illustration exists for
that entity_id. Title sits over the painting with gradient
overlay. "Ilustração editorial" chip in the top-right.
Quota note: Claude OAuth still rate-limited as of this commit, so
Sun-Tzu hasn't been smoke-tested in production. Code is shipped and
ready; first brief will land when the weekly quota refreshes.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
|
||
|---|---|---|
| .. | ||
| coolify | ||
| disclosure-stack | ||
| embed-service | ||
| supabase | ||
| DEPLOY-CHECKLIST.md | ||
| README.md | ||
| RETRIEVAL.md | ||
Infrastructure — Disclosure Bureau
Self-hosted stack on a single VPS (16 GB / 4 CPU / 200 GB NVMe) managed via Coolify.
Internet (443/80)
│
┌─────────▼─────────┐
│ Caddy (Coolify) │ ← auto-TLS Let's Encrypt
└────┬──────────────┘
│
┌─────────────┼──────────────────────┬──────────────────┐
▼ ▼ ▼ ▼
┌─────────┐ ┌──────────┐ ┌──────────┐ ┌──────────┐
│ Next.js │ │ Supabase │ │ Supabase │ │ shared │
│ web │ │ disclosure│ │ project-B │ │ services │
│ :3000 │ │ stack │ │ stack │ │ Meili··· │
└─────────┘ │ ┌─────┐ │ │ ┌─────┐ │ │ Imgproxy │
│ │PG/GT│ │ │ │PG/GT│ │ │ Dragonfly│
│ └─────┘ │ │ └─────┘ │ └──────────┘
└──────────┘ └──────────┘
disclosure.top projeto-b.com
Components
| Layer | Service | Notes |
|---|---|---|
| Orchestration | Coolify v4 | Self-hosted PaaS — manages all containers, TLS, backups |
| Database + Auth + Storage | Supabase self-hosted (one per project) | Each project gets own Postgres + GoTrue + Storage |
| Frontend | Next.js 15 (this repo's /web) |
Deployed via Coolify Git integration |
| Search | Meilisearch (shared) | Full-text search across pages + entities |
| Cache + Queue | Dragonfly (shared) | Redis-compatible, multi-threaded |
| Images | Imgproxy (shared) | On-the-fly resize / WebP conversion |
| Backups | restic + Backblaze B2 | Nightly Postgres + Storage dumps |
Quick path
coolify/INSTALL.md— install Coolify on the fresh VPS (~10 min)coolify/SUPABASE.md— create thedisclosureSupabase project (~5 min)- Run
supabase/migrations/0001_chat_schema.sqlvia Supabase Studio SQL editor coolify/NEXTJS.md— deploy the/webapp pointing at the Supabase URLcoolify/SHARED.md— bring up Meilisearch, Dragonfly, Imgproxy
Adding more projects later
For each new project, repeat step 2 (new Supabase project in Coolify UI) and step 4 (new Next.js app). They get their own subdomain, own auth, own data. Total isolation.
Local development
For dev on macOS/Linux without the VPS, see ../web/README.md — uses the Supabase CLI to spin up a local stack on localhost:54321.