feat(content): consume /docs sections from content repo (slice C) (#12)

mastermanas805 · claude · web-flow · commit 5c933b99a389 · 2026-05-11T17:02:10.000+05:30
The 180-line inline SECTIONS array in DocsPage.tsx is gone. Sections now load from .content/docs/<id>.md (one markdown file per section) via Vite import.meta.glob raw imports. Frontmatter 'order' controls section sequence; filename = anchor id. Editing the /docs page now means editing a .md file in the public content repo — no React, no CSS, no build config. Verified: 8 sections in dist/docs/index.html in the same order as before (quickstart → services → deploy → stacks → claim → authentication → limits → machine-readable). All TOC anchors intact. Dark-theme code chip rule preserved. This completes PR-B (3-slice migration to InstaNode-dev/content): slice A: blog posts (PR #10, merged) slice B: use-cases catalogue (PR #11, merged) slice C: /docs page sections (this PR) Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
diff --git a/src/pages/DocsPage.tsx b/src/pages/DocsPage.tsx
@@ -1,12 +1,18 @@
 /* DocsPage — public /docs.
  *
- * Single-page docs with a sidebar TOC and section anchors. Content lives in
- * the SECTIONS array below — adding a new section = one entry. No CMS.
+ * Single-page docs with a sidebar TOC and section anchors. Content lives
+ * in InstaNode-dev/content/docs/<id>.md, cloned into .content/ at build
+ * time. Adding/removing a section = one .md file in the content repo;
+ * no dashboard PR.
  *
- * Security note: every code snippet here is reachable by anyone curling the
- * public domain — they are all anonymous-tier paths. Do not paste production
- * JWTs, internal cluster hostnames (*.svc.cluster.local), team_ids, or
- * AES/JWT secrets into snippets. The docs ship to the public domain. */
+ * Section ordering comes from `order:` frontmatter (numeric).
+ * Section anchor id = filename minus .md.
+ *
+ * Security note: every code snippet here is reachable by anyone curling
+ * the public domain — they are all anonymous-tier paths. Do not paste
+ * production JWTs, internal cluster hostnames (*.svc.cluster.local),
+ * team_ids, or AES/JWT secrets into snippets. The docs ship to the
+ * public domain. */
 
 import { PublicShell } from '../layout/PublicShell'
 
@@ -16,187 +22,42 @@ type Section = {
   body: string // same minimal markdown subset as blog posts
 }
 
-const SECTIONS: Section[] = [
-  {
-    id: 'quickstart',
-    title: 'Quickstart',
-    body: `
-The whole platform fits in one curl. No signup, no API key, no Docker.
-
-\`\`\`
-curl -X POST https://api.instanode.dev/db/new
-\`\`\`
-
-The response includes a \`connection_url\` you can paste into any Postgres
-client. The database is real, dedicated, and yours for 24 hours.
-
-When you're ready to keep it, see the **Claim flow** section below.
-`
-  },
-  {
-    id: 'services',
-    title: 'The six services',
-    body: `
-Every endpoint returns a \`connection_url\` (or \`endpoint\` / \`receive_url\`)
-plus an \`upgrade_jwt\` you can hand to /claim.
-
-- \`POST /db/new\` — Postgres (pgvector pre-installed)
-- \`POST /cache/new\` — Redis (ACL'd, per-token key prefix)
-- \`POST /nosql/new\` — MongoDB
-- \`POST /queue/new\` — NATS JetStream
-- \`POST /storage/new\` — S3-compatible (MinIO)
-- \`POST /webhook/new\` — public URL that receives any HTTP method
-
-Every response has the same shape: \`{ ok, token, connection_url, internal_url,
-tier, limits, note, upgrade_jwt }\`. \`internal_url\` is the address to use
-when the caller itself runs inside our cluster (i.e. via /deploy/new) —
-public hostnames don't hairpin reliably from inside.
-`
-  },
-  {
-    id: 'deploy',
-    title: 'Deploying an app',
-    body: `
-\`POST /deploy/new\` takes a multipart form with a gzipped tar archive
-containing your Dockerfile + source.
-
-\`\`\`
-curl -X POST https://api.instanode.dev/deploy/new \\
-  -H "Authorization: Bearer <JWT>" \\
-  -F "tarball=@app.tar.gz" \\
-  -F "name=my-app" \\
-  -F "port=8080" \\
-  -F 'env_vars={"DATABASE_URL":"postgres://..."}'
-\`\`\`
-
-The build runs in-cluster on kaniko (~30–90s for typical Node/Python apps)
-and the app rolls out behind a public HTTPS URL on
-\`*.deployment.instanode.dev\` with a valid Let's Encrypt cert.
-
-\`env_vars\` is optional — pass a JSON object and every key/value lands in
-the app's environment on the first build. Saves you a follow-up PATCH+redeploy.
-
-For multi-service apps see **Stacks** below.
-`
-  },
-  {
-    id: 'stacks',
-    title: 'Stacks (multi-service deploy)',
-    body: `
-\`POST /stacks/new\` takes an \`instant.yaml\` manifest plus one tarball per
-service. Services can reference each other with \`service://<name>\` env
-values — those resolve to cluster-internal \`http://<name>:<port>\` URLs at
-deploy time.
-
-\`\`\`
-services:
-  api:
-    build: ./api
-    port: 3000
-  web:
-    build: ./web
-    port: 8080
-    expose: true
-    env:
-      API_URL: service://api
-\`\`\`
-
-Only services with \`expose: true\` get a public URL — the rest are
-in-cluster only. The whole stack rolls out together; partial failure is
-reported per-service in \`GET /stacks/{slug}\`.
-`
-  },
-  {
-    id: 'claim',
-    title: 'Claim flow (anonymous → paid)',
-    body: `
-Anonymous resources expire in 24 hours. To keep them, claim them.
-
-\`\`\`
-RESP=$(curl -X POST https://api.instanode.dev/db/new -d '{}')
-JWT=$(echo $RESP | jq -r .upgrade_jwt)
-
-# Optional preview — shows what would attach, no side effects
-curl "https://api.instanode.dev/claim/preview?t=$JWT"
-
-# Trigger the claim — sends a magic link to your email
-curl -X POST https://api.instanode.dev/claim \\
-  -d "{\\"jwt\\":\\"$JWT\\", \\"email\\":\\"you@example.com\\"}"
-\`\`\`
-
-Click the magic link to set a session cookie. Every resource attached to your
-fingerprint transfers to your team atomically; the connection URLs don't
-change so any already-running code keeps working.
-
-Claimed resources move to your team's tier (hobby by default — $9/mo). There
-is no separate trial period on paid tiers — **the 24-hour anonymous slice
-is the trial**.
-`
-  },
-  {
-    id: 'authentication',
-    title: 'Authentication',
-    body: `
-Resource provisioning is anonymous. Everything else (deploy, vault, billing,
-team management) requires a session JWT.
-
-How to get one:
-
-1. Provision any resource anonymously. The response includes a JWT in the
-   \`upgrade_jwt\` field.
-2. POST that JWT to /claim with an email. We send a magic link.
-3. Click the link in the email; the page sets a session cookie.
-
-For unattended use (CI, agents), exchange the session cookie for a long-lived
-API key at \`POST /api/v1/api-keys\`. Pass it as \`Authorization: Bearer
-<key>\` on every request.
-
-To verify a token works at any time, hit \`GET /api/v1/whoami\` — returns
-200 with your team_id + plan_tier on success, 401 on failure.
-`
-  },
-  {
-    id: 'limits',
-    title: 'Tiers and limits',
-    body: `
-| Tier      | Postgres   | Redis     | MongoDB    | TTL  | Price       |
-| --------- | ---------- | --------- | ---------- | ---- | ----------- |
-| Anonymous | 10MB / 2c  | 5MB       | 5MB / 2c   | 24h  | free        |
-| Hobby     | 1GB / 8c   | 50MB      | 1GB / 8c   | none | $9 / mo     |
-| Pro       | 5GB / 20c  | 256MB     | 5GB / 20c  | none | $49 / mo    |
-| Team      | coming soon | — | — | — | $199 / mo |
-
-"c" = simultaneous connections. The full table is at \`/pricing\`.
-
-Limits are enforced at the Postgres user level (\`CONNECTION LIMIT\` on the
-role) and via per-bucket storage quotas. Exceeding a limit returns a 402 with
-an upgrade URL — your app keeps running, the next provision just fails.
-`
-  },
-  {
-    id: 'machine-readable',
-    title: 'Machine-readable API',
-    body: `
-The full API surface is described in OpenAPI 3.1 at:
-
-\`\`\`
-https://api.instanode.dev/openapi.json
-\`\`\`
-
-It is the source of truth for paths, schemas, security schemes, and which
-endpoints accept anonymous traffic. Agents reading this spec alone can
-discover the claim flow (described under \`securitySchemes.bearerAuth\`),
-the \`/api/v1/whoami\` identity probe, and which fields like \`upgrade_jwt\`
-to pass forward.
-
-If you're an AI agent reading this, the recommended bootstrap is:
+const RAW_DOCS = import.meta.glob('../../.content/docs/*.md', {
+  eager: true,
+  query: '?raw',
+  import: 'default',
+}) as Record<string, string>
+
+const SECTIONS: Section[] = buildSections(RAW_DOCS)
+
+function buildSections(raw: Record<string, string>): Section[] {
+  return Object.entries(raw)
+    .map(([path, src]) => {
+      const id = path.split('/').pop()!.replace(/\.md$/, '')
+      const { meta, body } = parseFrontmatter(src)
+      if (!meta.title) return null
+      return { id, title: meta.title, body: body.trim(), order: Number(meta.order) || 0 }
+    })
+    .filter((s): s is Section & { order: number } => s !== null)
+    .sort((a, b) => a.order - b.order)
+    .map(({ order: _, ...section }) => section)
+}
 
-1. \`GET /openapi.json\`
-2. Provision anonymous resources
-3. \`GET /api/v1/whoami\` to confirm token validity once you have one
-`
+function parseFrontmatter(src: string): { meta: Record<string, string>; body: string } {
+  const m = src.match(/^---\r?\n([\s\S]*?)\r?\n---\r?\n?([\s\S]*)$/)
+  if (!m) return { meta: {}, body: src }
+  const meta: Record<string, string> = {}
+  for (const line of m[1].split(/\r?\n/)) {
+    const sep = line.indexOf(':')
+    if (sep < 0) continue
+    const key = line.slice(0, sep).trim()
+    const value = line.slice(sep + 1).trim()
+    if (key) meta[key] = value
   }
-]
+  return { meta, body: m[2] }
+}
+
+// Unused legacy inline content removed — sections now load from .content/docs/.
 
 export function DocsPage() {
   return (
