igor-ctrl rebuilds Mike as Turbine Legal: new infra, matter model, and three external integrations
beautech-aero's first PR replaces the entire Mike infrastructure stack (R2, Cloudflare Pages, Gemini, Supabase-as-backend) with AWS S3, Vercel, OpenAI/Anthropic, and Azure Postgres, then builds a matter command center for aviation-leasing legal work on top of what's left.
The commit (22f9039d, +17274/-16464 across 110 files) does two things simultaneously, which makes it hard to evaluate cleanly. Half is infrastructure replacement; the other half is product construction for a specific legal team.
On the infrastructure side: Cloudflare R2 becomes AWS S3 with the same key conventions (storageKey, pdfStorageKey, etc.) preserved. Cloudflare Pages/OpenNext becomes Vercel. Gemini is removed wholesale. The backend targets Azure Container Apps, and Postgres moves from Supabase to Azure with a legal_platform schema. A Kysely layer replaces direct Supabase client calls - though only partially: the auth and user routes are migrated, but around 80-120 call sites in the heavy routes still go through lib/supabase.ts.
The product additions are purpose-built for Beautech. A /matters route (912 LOC) layers lifecycle metadata, Salesforce Opportunity links, Dropbox folder/file links, DocuSign envelopes, activity events, and tasks over the existing projects table. Salesforce intake feeds matter creation; Dropbox Business is wired as explicit archive/import/publish scaffolding with S3 kept as the authoritative working store; DocuSign handles envelope linking, status tracking, and webhooks. All three providers connect through an admin integration layer that stores tokens with AES-256-GCM encryption. The LLM side adds OpenAI Chat Completions (correctly using max_completion_tokens, not max_tokens) with a concurrency semaphore capping parallel provider calls at LLM_CONCURRENCY (default 8).
There is no test suite. Build is the gate, plus a 105-line smoke script. The AGENTS.md is explicit about the incomplete Kysely migration and flags focused smoke tests, development-only prompt logging, and model-ID verification as known follow-ups.
A few pieces are worth extracting for your own fork: the JWT token_version revocation pattern (~auth middleware), the AES-256-GCM per-user API key encryption (lib/crypto.ts, ~67 LOC), and the LLM concurrency semaphore (lib/llm/limiter.ts, ~39 LOC). None of them require cherry-picking the whole commit - they're small enough to port by hand.
Spotted something wrong? Or know the PR text has fresher detail than the writeup above?