7Mind Brain

elixir-backend

5 min read

Summary: The primary 7Mind backend — a Phoenix modulith serving business logic, APIs, and data for all clients (7Mind and 7Sleep apps). Sources: direct code inspection (mix.exs, .github/workflows/, config/runtime/, lib/backend/, k8s/base/, Justfile) Last updated: 2026-05-15

Purpose

The Elixir/Phoenix backend is the single source of truth for 7Mind’s business logic. It serves the 7mind-mobile-apps-monorepo, the nuxt-website, and B2B2C partner integrations via Aury. It owns user accounts, subscriptions, content delivery, practice tracking, insurance certificates, and all persistent state. The codebase supports both the 7Mind and 7Sleep apps from a single backend with app-specific routing.

Stack

  • Elixir ~> 1.18 / OTP 27
  • Phoenix 1.8.0 (three separate Endpoints for internal/public/admin traffic)
  • Ecto 3.12 + PostgreSQL (multi-repo pattern: one Ecto repo per domain)
  • Oban 2.19 (background job processing and cron scheduling)
  • Broadway 1.1 + Broadway Cloud Pub/Sub 0.9 (Google Pub/Sub event consumption)
  • Goth 1.0 (GCP service account authentication)
  • Tesla 1.3 / Finch 0.13 (HTTP clients for external calls)
  • Cachex 3.6 / Nebulex 2.6 (in-process and distributed caching)
  • Joken 2.6 + Joken JWKS 1.7 (JWT validation)
  • Phoenix LiveView 1.0 (admin panel)
  • OpenTelemetry (distributed tracing, exported to Datadog)
  • Prometheus Ex (metrics endpoint)

Key Files / Entry Points

  • mix.exs — project definition, all deps, aliases, release config
  • lib/backend/web/public_api/endpoint.ex — Phoenix Endpoint for port 4100 (mobile clients)
  • lib/backend/web/internal_api/endpoint.ex — Phoenix Endpoint for port 4000 (service-to-service)
  • lib/backend/web/admin_panel/endpoint.ex — Phoenix Endpoint for port 4200 (LiveView admin)
  • lib/backend/web/public_api/router.ex — app-specific routing via x-app header (7mind vs 7sleep)
  • config/compiletime.exs — compile-time config entry point
  • config/runtime/prod.ex — all production env var declarations
  • Justfile — task runner for dev, test, deploy, and secrets commands
  • k8s/base/ — Helm chart templates for GKE deployment
  • .github/workflows/ — CI/CD pipeline definitions
  • guides/ — architecture and developer guides

Deployment

Target: GKE (Google Kubernetes Engine) in europe-west3 region via Helm/Terraform.

Production:

  • Trigger: GitHub Release published
  • Registry: europe-west3-docker.pkg.dev/sevenmind-infrastructure/application-cluster-repo
  • URL: https://backend.7mind.de
  • Workflow: .github/workflows/deploy-to-production.yml

Staging:

  • Trigger: push to main branch (or manual dispatch)
  • URL: https://backend.6mind.de
  • Workflow: .github/workflows/deploy-to-staging.yml

Deploy flow: build Docker image → push to GCP Artifact Registry → Terraform applies Helm chart to GKE → init container runs Ecto migrations → Datadog deployment event notified.

Admin panel: https://panel.backend.7mind.de (port 4200, LiveView, work-in-progress)

K8s services (all ClusterIP):

  • backend-internal-api → port 4000
  • backend-public-api → port 4100
  • backend-admin-panel → port 4200
  • Headless service for distributed Erlang clustering

Dependencies

External services:

  • Chargebee — subscription billing for both 7Mind and 7Sleep (separate namespaces/API keys)
  • Braze — marketing automation and push notifications
  • SuperTokens — authentication (JWT issuer + JWKS endpoint)
  • Cloudflared — tunnel-based auth for admin access (JWT audience validation)
  • Algolia — content search indexing (separate indices per app)
  • Rudderstack — analytics event forwarding (separate write keys per app)
  • Aury — B2B2C partner integration (base URL + API key + partner ID)
  • Datadog — APM, metrics, and deployment tracking
  • Google Pub/Sub — async event bus (consumed via Broadway)
  • Google Cloud Storage — ZPP insurance certificate storage (Prevention domain)
  • Fastspring — legacy billing (admin panel access only)
  • Contentful — CMS for meditation content (via internal content service)

Internal:

  • api-contracts — shared API type definitions consumed by this repo
  • Internal CONTENT_SVC_URL and PAYMENTS_SVC_URL — separate microservices called over HTTP

Integration Points

  • 7mind-mobile-apps-monorepo — primary consumer of the Public API (port 4100) for both 7Mind and 7Sleep mobile apps
  • nuxt-website — consumes Public API for SSR data fetching and web app features
  • B2B2C partners — provisioning and content access via Aury integration
  • Google Pub/Sub — publishes domain events consumed by downstream services; also consumes events via Broadway

Conventions

Modulith pattern: all domains live in lib/backend/ as top-level folders. Domains must not call each other directly; they communicate via the event bus or explicit public interfaces.

Domain modules (each owns its own Ecto repo, supervisor, and public API surface):

  • access — authorization and access control
  • activation — user onboarding workflows
  • analytics — event tracking (Rudderstack)
  • content — CMS content delivery, Algolia search, Provider pattern for 7Mind vs 7Sleep
  • external — thin wrappers around third-party clients (Braze, Aury, Payments, Rudderstack)
  • monetization — subscriptions and billing (Chargebee, Fastspring, Barmer, Mondia)
  • practice — meditation session tracking, progress, streaks, history
  • prevention — ZPP insurance certificates (PDF generation, Cloud Storage, Braze email)
  • shared — event bus, observability, config helpers, OTP utilities, HTTP client pools
  • user_identity — authentication, sessions, SSO (Apple, Google, Facebook), SuperTokens
  • web — Phoenix endpoints and router definitions only; no business logic

Multi-database: each domain has its own DATABASE_URL env var and Ecto repo. Migrations are domain-scoped.

App routing: the Public API uses the x-app header (or hostname) to route between SevenMindRouter and SevenSleepRouter. Both apps share the same Phoenix process.

Documentation required: all modules and public functions must have @moduledoc and @doc. Enforced by mix doctor in CI.

Code quality gate: mix check runs credo, dialyzer, doctor, sobelow, mix_audit, and styler. All must pass before merge.

Secrets management: Kubernetes secrets managed via just secrets_* commands wrapping kubectl. Never committed to the repo.

Local dev: requires Docker Compose for Postgres and Pub/Sub emulator. just server handles full startup including DB init and asset building.

Agent Change Log

2026-05-15 — stub created, awaiting content seeding from code inspection 2026-05-15 — initial knowledge extraction from codebase

Graph View

Backlinks