// 04 — STACK

Tools we trust. Boring on purpose.

We pick technology with multi-year support behind it, hire-ability around it, and a track record of not breaking in production. New shiny things are interesting; we just don't put them on your critical path.

REQUEST · trace 200 OK

▶REQPOST /api/orders0ms ↳MWauth · csrf · cors4ms ↳URLorders.urls5ms ↳VIEWOrderCreateView6ms ↳SQLOrder.objects.create()38ms ↳TASKcelery: send_email42ms ◀RES201 Created48ms

01 / BACKEND

Django + DRF.

The whole backend rests on Django 5 + DRF. Boring, audited, twenty years of production track record. Celery for async, gunicorn + uvicorn for serving, Python 3.13 + typed.

We use the same stack on every project so we move fast: same auth, same admin, same migration patterns, same retry semantics. New shiny frameworks stay off the critical path.

// TOOLS Django 5 DRF Celery Gunicorn Uvicorn Python 3.13 uv ruff

02 / FRONTEND

Next.js + shadcn.

Next.js 14 App Router only. TypeScript strict, no any in shipped code. Tailwind for utility, shadcn for primitives, react-hook-form + Zod for forms.

We bias toward components we own (shadcn / custom) over vendor libraries we can't touch. When you inherit the codebase, every component is in your repo and editable.

// TOOLS Next.js 14 TypeScript React 19 Tailwind shadcn/ui Radix react-hook-form Zod next-intl

Button.tsx · preview HMR

01  <Button
02    variant="primary"
03    size="lg"
04  >
05    Ship →
06  </Button>

// RENDER

default hover focus

QUERY · trace 42ms

POSTGRES orders 12ms

CLICKHOUSE events 8ms

REDIS cache 1ms

// RESULT ✓847 rows · joined ✓0.04 MB · gzip'd ✓cache hit · 24% saved

03 / DATA

Postgres + ClickHouse.

Postgres 16 for transactional. ClickHouse for analytics (billions of rows, sub-second). Redis for cache + broker + streams. MinIO for self-hosted object storage.

We deliberately split OLTP from OLAP — they have different query profiles, different backup needs, different failure modes. Postgres handles the truth, ClickHouse handles the aggregation, Redis is the glue.

// TOOLS Postgres 16 ClickHouse Redis MinIO OpenSearch pgvector

04 / AI / LLMs

OpenAI, Anthropic, Ollama.

Provider abstraction by default. GPT-4o for general reasoning, Claude for long-context and safety-sensitive flows, local Ollama / vLLM for on-prem deployments. Swap them without rewriting features.

Every model call goes through a router with cost budgets, fallback chains, and PII filters. We never lock you into one vendor — the contract layer is yours.

// TOOLS OpenAI Anthropic Ollama vLLM Pinecone pgvector LangGraph n8n

LLM ROUTER · v2 OK

// PROMPT "summarize quarterly report (24k tokens)"

OpenAI GPT-4o $0.15

Anthropic Claude 4.7 ✓ ROUTED

Ollama Llama 3 free

// RULE tokens > 16k → claude (long-ctx)

docker compose ps 6 / 6

nginx_proxy:443healthy12d vizulabs_web:8000healthy12d postgres_db:5432healthy47d redis:6379healthy47d celery_worker—healthy12d minio:9000healthy47d

05 / INFRA & OPS

Docker Compose on a VPS.

Single-VPS deploys with Docker Compose unless the project genuinely needs Kubernetes (which is rarely). Nginx + Let's Encrypt in front. Self-hosted log aggregation (Loki + Grafana). Backups daily, restore drill monthly.

Cheaper than serverless at your scale, faster to debug than Kubernetes at our scale, and you own the box. We deploy by `git pull && docker compose up -d --build`.

// TOOLS Docker Compose Nginx Cloudflare Sentry Loki + Grafana rclone + B2 UFW + fail2ban

06 / PAYMENTS & MONEY

Stripe + Paddle, production-grade.

Stripe for global card acceptance. Paddle / Lemon Squeezy for merchant-of-record invoicing. Webhook-driven reconciliation, refunds, disputes — wired into your admin from day one.

Every money path is idempotent end-to-end, audit-logged, and reconciles to the cent. We never represent money as a float — minor units only, with the currency stored explicitly.

// TOOLS Stripe Paddle Lemon Squeezy PayPal Webhooks Idempotency keys

INV-2026-0142 · v1 PAID

// FROM VIZULABS

// TO Acme Corp

Discovery + scope15,000.00 Design system + build62,000.00 Ship + monitor8,000.00

subtotal85,000.00 tax 8%6,800.00 TOTALUSD 91,800.00

// SUBSTITUTIONS

We'll swap, when it makes sense.

Greenfield is rare. Most of the time you already have infrastructure. Here's what we'll keep — and what each swap actually costs.

01 / 05

Already on RDS, Aurora, or Cloud SQL?

Keep it. Postgres is Postgres. We'll point Django at your managed instance, run migrations through your existing pipeline, and skip standing up our own. You save a service; we keep moving.

// COST · ZERO · TRIVIAL SWAP

02 / 05

Datadog instead of Sentry?

Fine — but Datadog's APM is one service, error tracking is another, log ingest is a third. We'll wire all three. Expect a config day and a recurring bill that's ~6× Sentry's. Worth it if you're already standardized.

// COST · ~1 DAY SETUP · 6× MONTHLY VS SENTRY

03 / 05

Existing PSP (Stripe, Tap, Adyen)?

We use yours. Re-onboarding a merchant account is months of paperwork, especially in the UAE. The cost is mostly that some PSPs lack webhooks for refund-of-refund and dispute lifecycle — we work around that with our own ledger.

// COST · LEDGER LAYER · 3–5 EXTRA DAYS

04 / 05

Your IDP — Okta, Auth0, Entra?

Federate, don't replace. Django + your IDP via OIDC or SAML is one Friday afternoon. The cost is that role mappings have to come from somewhere — we'll design the claim shape with your security team.

// COST · 1 AFTERNOON · CLAIMS DESIGN SEPARATE

05 / 05

On-prem mandate, no cloud?

Yes. Full self-host stack — Postgres, Redis, MinIO, Ollama for AI, all behind your firewall. The cost is no managed backups, no managed TLS rotation, no auto-scaling. We hand you runbooks instead.

// COST · OPS BURDEN ON YOU · RUNBOOKS INCLUDED

Managed DB Datadog Your PSP Your IDP On-prem

// AUTO-CYCLING · 3.5s PER SWAP · LOOPS