Revenue Leakage v2 — Railway + Supabase Deployment Guide

Deploy the feat/kpi-pipeline-feature-flags-synthetic branch from
https://github.com/Techtorch/revenue-leakage-v2

1. Supabase (Database)

Go to supabase.com → New Project
Pick a region close to your Railway region (e.g. US East)
Set a strong database password — you'll need it below
Once created, go to Settings → Database → Connection string → URI
Copy the connection string — it looks like:
```
postgresql://postgres.[project-ref]:[PASSWORD]@aws-0-us-east-1.pooler.supabase.com:6543/postgres
```
Use the Transaction (port 6543) pooler URI for the backend.

2. Railway — Backend Service

Go to railway.app → New Project → Deploy from GitHub repo
Select Techtorch/revenue-leakage-v2, branch feat/kpi-pipeline-feature-flags-synthetic
Settings:
- Root Directory: rev-leak-agents
- Builder: Dockerfile (auto-detected from rev-leak-agents/Dockerfile)
- Start Command: leave blank (Dockerfile CMD handles it)

Environment Variables:

Variable	Value
`RL_DB_DSN`	`postgresql://postgres.[ref]:[PASSWORD]@aws-0-us-east-1.pooler.supabase.com:6543/postgres`
`RL_RUN_MIGRATIONS_ON_STARTUP`	`true`
`RL_OPENAI_API_KEY`	`sk-...` (your OpenAI key for GPT-4o extraction)
`RL_CORS_ORIGINS`	`https://<frontend-domain>.up.railway.app` (set after frontend deploys)
`RL_LOG_LEVEL`	`info`
`PORT`	`8001`

Networking: Generate a public domain (e.g. rev-leak-backend-production.up.railway.app)
Deploy — first deploy runs Alembic migrations automatically

3. Railway — Frontend Service

In the same Railway project → New Service → Deploy from GitHub repo
Select same repo + branch
Settings:
- Root Directory: revenue-leakage-v2/remix-of-revenue-leakage-ui
- Builder: Dockerfile (auto-detected)
Environment Variables:

Variable Value

VITE_API_BASE_URL https://rev-leak-backend-production.up.railway.app

This gets baked in at build time. If you change the backend URL, redeploy the frontend.
Networking: Generate a public domain (e.g. rev-leak-ui-production.up.railway.app)
Deploy

Variable	Value
`VITE_API_BASE_URL`	`https://rev-leak-backend-production.up.railway.app`

4. Post-Deploy Checklist

Update backend RL_CORS_ORIGINS with the actual frontend Railway URL
Hit https://<backend>/health — should return {"status": "ok"}
Open frontend URL — dashboard should load (empty until you run pipeline)
Click "Load CITI Data" on Ingestion page to process CITI documents
Click "Process Synthetic" to run synthetic test documents through KPI pipeline
Verify Dashboard shows KPI signals, leakage categories, and trend chart
Verify Knowledge Graph shows document relationships (not all orphans)

5. Optional: Basic Auth

To protect the API with HTTP Basic Auth, set these on the backend service:

Variable	Value
`RL_BASIC_AUTH_USER`	`your-username`
`RL_BASIC_AUTH_PASS`	`your-password`

The /health endpoint is excluded from auth (for Railway healthchecks).

Architecture

┌─────────────┐     HTTPS      ┌─────────────────┐     SQL      ┌──────────┐
│  React/Vite │ ──────────────→ │  FastAPI Backend │ ───────────→ │ Supabase │
│  (Railway)  │  VITE_API_URL   │    (Railway)     │  RL_DB_DSN   │ Postgres │
└─────────────┘                 └─────────────────┘              └──────────┘
                                        │
                                        │ RL_OPENAI_API_KEY
                                        ▼
                                 ┌──────────────┐
                                 │  OpenAI API  │
                                 │  (GPT-4o)    │
                                 └──────────────┘

Troubleshooting

Migrations fail: Check RL_DB_DSN is correct and Supabase allows connections from Railway IPs
CORS errors: Ensure RL_CORS_ORIGINS matches the exact frontend URL (including https://)
Empty dashboard: Run the pipeline first via Ingestion page buttons
OpenAI errors: Verify RL_OPENAI_API_KEY is set and has GPT-4o access