Apptork Logo APPTORK LABS
[ /telemetry_logs ]

serverless d1 fulfillment engine

2026-06-04module: backend

distributing proprietary source code via private github repositories post-purchase often introduces severe manual administrative overhead. to eliminate this friction and ensure instantaneous fulfillment, we engineered an automated, edge-deployed fulfillment engine utilizing nuxt 3 and cloudflare d1.

architecture

source repository: proprietary internal deployment (apptork labs).

system specifications

  • core protocol: an edge-compatible api route developed in nuxt/nitro, architected to execute within cloudflare's v8 isolate environment.
  • data store: employs cloudflare d1 for ultra-low latency, serverless sqlite database interactions, replacing traditional node-bound sqlite dependencies.
  • anti-fraud mechanics: implements strict cryptographic binding between the generated license_key and the user's github_username, automatically mitigating license reuse attacks via d1 persistence.
  • external integrations: synchronizes directly with the lemon squeezy rest api for cryptographic license validation and the github rest api for automated collaborator invitations.

core capabilities

the engine executes a secure validation pipeline upon receipt of client telemetry:

  • edge database integration: asynchronous queries via env.DB to verify historical license activations. if a license is detected but bound to an alternate github identity, the transaction is immediately terminated with a 400 anomaly payload.
  • intelligent bypass logic: identifies exact matches between previously verified licenses and github identities, intentionally bypassing secondary lemon squeezy api calls to reduce latency and directly re-triggering repository invitations.
  • dynamic repository mapping: parses lemon squeezy product_id vectors to resolve exact github repository payloads, intelligently handling multi-repository bundles and user-selected client preferences.

execution protocol

deployment requires strict environment configuration to ensure secure api interactions within the cloudflare ecosystem.

  1. database initialization: provision the cloudflare d1 instance and execute the schema deployment. 
    npx wrangler d1 execute apptork-boilerplate-licenses --command "CREATE TABLE IF NOT EXISTS license_activations (license_key TEXT PRIMARY KEY, github_username TEXT NOT NULL, repos TEXT NOT NULL, activated_at TEXT DEFAULT CURRENT_TIMESTAMP);" --remote
  2. environment binding: while wrangler.toml handles local execution, cloudflare pages deployments (via github integration) require explicit ui bindings. navigate to pages > settings > functions > d1 database bindings and map the apptork-boilerplate-licenses database to the DB variable.
  3. secret injection: provision the GITHUB_TOKEN (requiring read/write repo scopes) and LEMON_SQUEEZY_API_KEY into the edge environment securely.
  4. endpoint access: client portals initiate a POST /api/activate request containing the license_key and github_username. the engine handles the complete automated fulfillment lifecycle asynchronously.

infrastructure notes this exact fulfillment engine is deployed in production to distribute apptork labs boilerplates. we build our internal tooling with the same ruthless efficiency and security standards as the source code we sell.

/ view boilerplates