Built for recovery.
Designed to scale.
A modern, serverless architecture that handles the complexity of recovery management while maintaining the security and reliability your organization requires.
Modern stack, proven technologies
We chose technologies that are battle-tested at scale, well-documented, and backed by strong communities.
PIR Portal
React 19 + TypeScript + Vite
Native iOS/Android via Capacitor
Admin Portal
React 18 + TypeScript + Vite
Responsive web application
Backend
Firebase + Node.js 20
150+ Cloud Functions
Database
Firestore + 76 collections
44 user + 26 org + 6 Nexus
150+
Cloud Functions
Serverless compute for all backend logic
76
Firestore Collections
Organized in multi-tenant hierarchy
63
Novu Workflows
Multi-channel notification pipelines
3,500+
Indexed Meetings
Full-text search via Typesense
Organization-scoped data isolation
Every piece of client data lives under a hierarchical path that includes the organization ID. This architecture ensures complete data isolation between organizations while allowing for future multi-tenancy.
// User data path
/organizations/{orgId}/users/{userId}/checkIns/...
// Organization collection
/organizations/{orgId}/messages/{docId}
Mobile-First Enforcement
The PIR Portal is mobile-only. 29 web routes redirect to app download.
Data Hierarchy
checkIns
goals
activityEvents
...44 collections
messages
conversations
auditLogs
...26 collections
E!A Source-of-Truth Pattern
Write Path
Sync Path
Read Path (Instant)
Real-time without polling
External services like Easy!Appointments are the source of truth for their data. We sync via webhooks and serve reads from Firestore with onSnapshot — giving users instant updates without expensive API calls.
Four hosting targets, one command
Firebase Hosting serves all web properties with automatic SSL, CDN distribution, and atomic deployments.
app
app.glrecoveryservices.com
PIR Portal + Admin Portal
marketing
glrecoveryservices.com
Marketing site
tech
tech.glrecoveryservices.com
Portfolio site
preview
preview-*.web.app
Testing environment
Web Deployment
firebase deploy --only hosting
Deploys all 4 targets atomically
iOS Deployment
npx cap sync ios && xcodebuild...
Wireless deployment via ios-deploy
Control your data, control your costs
Critical services run on our own infrastructure — no per-email fees, no per-notification charges, no surprise bills.
Novu
Real-time notifications
RailwayListmonk
Email marketing
Railwayn8n
Workflow automation
RailwayEasy!Appointments
Booking system
RailwayTypesense
Search engine
Typesense CloudAll self-hosted services include automated health checks and fail-loud error handling.
Integrated services
Purpose-built integrations with best-in-class external services.
Google Places
Address autocomplete with location biasing
Google Calendar
Milestone sync to personal calendars
Twilio
SMS-based two-factor authentication
OpenAI
GPT-4o insights and weekly summaries
Firebase Extensions
delete-user-data
GDPR compliance — auto-delete on account removal
firestore-pdf-generator
Generate PDFs from templates
firestore-typesense-search
Auto-sync meetings to search index
firestore-typesense-search
Auto-sync resources to search index
Real-time notification pipeline
Every user action flows through a unified notification pipeline that handles in-app feeds, push notifications, and emails — all from a single event source.
Why self-hosted Novu? No per-notification fees. The same infrastructure that would cost $500+/month with managed services runs on our own Railway instance for a flat monthly rate.
Notification Flow
Activity Event
User action triggers event in Firestore
Cloud Function
Firestore trigger routes to Novu workflow
Novu Processing
63 workflows determine channels and content
Delivery
FCM/APNs push + in-app feed + email
Entire pipeline executes in under 2 seconds
Capacitor Bridge Architecture
True native capabilities
Capacitor bridges the gap between web and native, giving us access to device features like push notifications, camera, haptics, and more — all from TypeScript code.
17 Native Plugins
5 Notification Action Categories
Users can reply to messages, mark check-ins complete, or log meetings directly from notification banners — without opening the app.
Security by design
Every layer of the stack is designed with security in mind, from database rules to credential management.
Firebase Security Rules
2,000+ lines of hierarchical access control
Custom Claims
Role-based permissions via Auth tokens
Data Isolation
Organization-scoped data paths
Secret Management
Firebase Secrets for all credentials
Automated health checks
Proactive monitoring catches issues before they affect users — not after.
Daily Health Check
Listmonk API tested every 8 AM Pacific
Fail-Loud Pattern
Missing credentials crash fast, not silently
Firebase Logs
Real-time function execution monitoring
Railway Metrics
CPU, memory, and request monitoring
Fail-Loud Credential Pattern
function getCredentials() {
const key = process.env.API_KEY?.trim();
if (!key) {
throw new Error('[FATAL] API_KEY not configured');
}
return key;
} Why fail-loud? Silent failures are worse than crashes. Missing credentials crash fast at deploy time, not silently in production where they go unnoticed.
Questions about our architecture?
Schedule a technical deep-dive with our team. We're happy to discuss security, compliance, and integration requirements.