LaneAward Infrastructure Reference

Environment Topology Map

Reference for the current LaneAward development workflow across the local Mac, the AWS staging runtime, and the fully live AWS production environment. Production went live 2026-04-25. Subdomain migration completed 2026-04-13 — all canonical subdomains are live and verified.

Topology verified 2026-04-28 Production live 2026-04-25 AWS staging runtime active Subdomain migration complete

Current Live Workflow

Development starts on the Mac, publishes to the dedicated AWS staging runtime via rsync over SSH, and the separate public landing page serves as the production entry point.
Current state

Local Mac

Primary development workstation — source of truth for all code and local SQLite refreshes
/Users/donaldscott/Project-Code/laneaward/repo
workforce_app/data/workforce.db — local SQLite database
pm_database/ — canonical promoted ProfitMaker DBF snapshots
timeontasks/ · ops_console/ · workforce_app/backend/
Safe to reset, experiment, and iterate freely. Never push local workforce.db to staging.
rsync + SSH deploy

AWS Staging Runtime

Production-like environment — real contributors use it; treat every operation with production-level care
SSH: ssh -i ~/.ssh/lane_webserver.pem ubuntu@3.130.69.109
Contributor app: staging.timeontasks.laneaward.com → /var/www/laneaward-staging
Operations console: staging.console.laneaward.com → /var/www/laneaward-staging-console
Legacy alias: staging.laneaward.com (backward compat, still active)
Shared DB: /var/lib/laneaward-staging/workforce.db
Backend service: laneaward-workforce-api-staging.service · port 9193
TLS: /etc/letsencrypt/live/staging.timeontasks.laneaward.com/
Real users and live sessions — verify before every deploy or database operation.
Public landing

AWS Production

Live production environment — same AWS instance, fully isolated from staging
SSH: ssh -i ~/.ssh/lane_webserver.pem ubuntu@3.130.69.109
Contributor app: timeontasks.laneaward.com → /var/www/laneaward-timeontasks/
Operations console: console.laneaward.com → /var/www/laneaward-console
Shared DB: /var/lib/laneaward/workforce.db
Backend service: laneaward-workforce-api.service · port 9194
App Launchpad: ai.laneaward.com → /var/www/ai-laneaward/
TLS: /etc/letsencrypt/live/timeontasks.laneaward.com/
Live operations — treat every deploy and database operation with maximum care.

Mac to AWS Staging

  • SSH key: ~/.ssh/lane_webserver.pem · server: ubuntu@3.130.69.109
  • Contributor app web root: /var/www/laneaward-staging
  • Console web root: /var/www/laneaward-staging-console
  • Shared database: /var/lib/laneaward-staging/workforce.db
  • Backend service: laneaward-workforce-api-staging.service

AWS Staging URLs — Canonical Subdomains (post-2026-04-13)

  • Contributor app: https://staging.timeontasks.laneaward.com/
  • Operations console: https://staging.console.laneaward.com/
  • API health check: https://staging.timeontasks.laneaward.com/api/health
  • API direct (on host): 127.0.0.1:9193
  • Legacy alias (still active): https://staging.laneaward.com/

AWS Production

  • Public landing: https://ai.laneaward.com/
  • Web root: /var/www/ai-laneaward/
  • Elastic IP: 3.130.69.109
  • Role: public entry point linking to the live app family

AWS Runtime Split

Staging and production share one AWS instance (same Elastic IP) but are isolated by Nginx host header, web root, backend service, and SQLite database. The two staging frontends (contributor app and console) each have their own web root and subdomain.
Current target

Local Mac

Development origin — deploys to staging and production via SSH / rsync
ssh -i ~/.ssh/lane_webserver.pem ubuntu@3.130.69.109
/Users/donaldscott/Project-Code/laneaward/repo — source of truth for all code

Staging — Contributor App

AWS Ubuntu Server · Host: staging.timeontasks.laneaward.com
Nginx server_name: staging.timeontasks.laneaward.com
Web root: /var/www/laneaward-staging
DB: /var/lib/laneaward-staging/workforce.db (shared)
Service: laneaward-workforce-api-staging.service · port 9193
TLS: /etc/letsencrypt/live/staging.timeontasks.laneaward.com/
Serves Time On Tasks — PIN sign-in, task setup, live session timing. Real contributors use this environment.

Staging — Operations Console

AWS Ubuntu Server · Host: staging.console.laneaward.com
Nginx server_name: staging.console.laneaward.com
Web root: /var/www/laneaward-staging-console
DB: /var/lib/laneaward-staging/workforce.db (shared with contributor app)
Service: laneaward-workforce-api-staging.service · port 9193 (shared)
TLS: /etc/letsencrypt/live/staging.console.laneaward.com/
Serves the Operations Console — user management, reports, time corrections, runbook.

Production — Contributor App

AWS Ubuntu Server · Host: timeontasks.laneaward.com
Nginx server_name: timeontasks.laneaward.com
Web root: /var/www/laneaward-timeontasks/
DB: /var/lib/laneaward/workforce.db (shared)
Service: laneaward-workforce-api.service · port 9194
TLS: /etc/letsencrypt/live/timeontasks.laneaward.com/
Serves Time On Tasks — live contributor sign-in, task setup, and session timing.

Production — Operations Console

AWS Ubuntu Server · Host: console.laneaward.com
Nginx server_name: console.laneaward.com
Web root: /var/www/laneaward-console
DB: /var/lib/laneaward/workforce.db (shared with contributor app)
Service: laneaward-workforce-api.service · port 9194 (shared)
TLS: /etc/letsencrypt/live/timeontasks.laneaward.com/ (shared cert)
Serves the Operations Console — user management, reports, time corrections, runbook.

Production — App Launchpad

AWS Ubuntu Server · Host: ai.laneaward.com
Nginx server_name: ai.laneaward.com
Web root: /var/www/ai-laneaward/
TLS: /etc/letsencrypt/live/ai.laneaward.com/
Role: public entry point · links to both production apps and staging tab
All six hosts share Elastic IP 3.130.69.109 — isolated by Nginx host header, web root, and service.
timeontasks.laneaward.com → 3.130.69.109
console.laneaward.com → 3.130.69.109
staging.timeontasks.laneaward.com → 3.130.69.109
staging.console.laneaward.com → 3.130.69.109
ai.laneaward.com → 3.130.69.109
staging.laneaward.com → 3.130.69.109 (legacy alias, still active)

AWS Staging Isolation

  • Separate Nginx vhost for staging.timeontasks.laneaward.com (contributor app)
  • Separate Nginx vhost for staging.console.laneaward.com (operations console)
  • Separate web roots: /var/www/laneaward-staging and /var/www/laneaward-staging-console
  • Shared SQLite DB: /var/lib/laneaward-staging/workforce.db
  • Shared backend service: laneaward-workforce-api-staging.service on port 9193
  • Legacy alias staging.laneaward.com still active for backward compatibility

AWS Production Isolation

  • Separate Nginx vhost for timeontasks.laneaward.com (contributor app)
  • Separate Nginx vhost for console.laneaward.com (operations console)
  • Separate web roots: /var/www/laneaward-timeontasks/ and /var/www/laneaward-console
  • Shared SQLite DB: /var/lib/laneaward/workforce.db
  • Shared backend service: laneaward-workforce-api.service on port 9194
  • App Launchpad: ai.laneaward.com/var/www/ai-laneaward/
  • Staging and production share no runtime data — databases, services, and web roots are fully isolated

Why This Split Helps

  • One authoritative public staging path that is much closer to production behavior
  • Contributor app and console stay on separate subdomains — clean PWA install targets on tablets and laptops
  • Production and staging share no runtime data — safe to reset staging without affecting public landing
  • Removes the need to validate over a weaker home-network path

Current Truth Notes

  • Subdomain migration completed 2026-04-13 — all four DNS entries resolve to the AWS Elastic IP
  • PWA install verified post-migration on Chromebook, iPad, Android, and Mac
  • Both canonical staging subdomains are live with dedicated TLS certificates
  • Legacy staging.laneaward.com host remains active — /workforce/ redirects to root on that host
  • ai.laneaward.com is live from AWS at /var/www/ai-laneaward/

Terminal Connection Matrix

Quick reference for direct terminal entry points and active URLs.

SSH Entry — AWS Server

  • ssh -i ~/.ssh/lane_webserver.pem ubuntu@3.130.69.109
  • Elastic IP: 3.130.69.109
  • Hosts active on this instance: staging.timeontasks.laneaward.com, staging.console.laneaward.com, ai.laneaward.com

Active Production URLs

  • Contributor app: https://timeontasks.laneaward.com/
  • Operations console: https://console.laneaward.com/
  • API health (Nginx): https://timeontasks.laneaward.com/api/health
  • API health (direct): http://127.0.0.1:9194/api/health (on host)
  • App Launchpad: https://ai.laneaward.com/

Active Staging URLs

  • Contributor app: https://staging.timeontasks.laneaward.com/
  • Operations console: https://staging.console.laneaward.com/
  • API health (Nginx): https://staging.timeontasks.laneaward.com/api/health
  • API health (direct): http://127.0.0.1:9193/api/health (on host)
  • Legacy alias: https://staging.laneaward.com/

Key File Paths on VM — Production

  • Contributor web root: /var/www/laneaward-timeontasks/
  • Console web root: /var/www/laneaward-console
  • Shared production DB: /var/lib/laneaward/workforce.db
  • App Launchpad web root: /var/www/ai-laneaward/
  • App source on VM: /opt/laneaward/workforce_app
  • Backup drop: ~/projectbackups/laneaward/production-database/ (Mac)

Key File Paths on VM — Staging

  • Contributor web root: /var/www/laneaward-staging
  • Console web root: /var/www/laneaward-staging-console
  • Shared staging DB: /var/lib/laneaward-staging/workforce.db
  • App source on VM: /opt/laneaward-staging
  • Backup drop: ~/projectbackups/laneaward/staging-database/ (Mac)

Topology verified 2026-04-28. Production went live 2026-04-25 with fully isolated services, databases, and web roots. Staging and production share one AWS Elastic IP (3.130.69.109) — isolated by Nginx host header, web root, service, and database. Source of truth: LANEAWARD_SETUP_LOG.md · runbooks: _documents/staging/runbook.html · _documents/production/runbook.html.