This is the internal admin & operations console for Marketing OS, an AI-powered real-estate marketing platform that turns property listings into rendered video tours and marketing assets. The platform runs a multi-stage media pipeline (image generation, video generation, LLM vision/assistant steps, rendering, compositing, review, and delivery) backed by a fleet of specialized workers and a queue of jobs.

This repository is not the customer-facing product. It is the back-office cockpit that the team uses to operate that pipeline: watch system health, inspect and unstick jobs, monitor third-party API integrations and worker fleets, track spend, manage users and subscriptions, and keep an audit trail of every privileged action.

It is deliberately scoped as an internal ops tool for a small team (the founder plus a small number of support/engineering hires) rather than a multi-tenant SaaS. It lives at the /internal/admin route of the broader application and is gated behind an admin role claim.

Three operator roles, enforced by a permission matrix:

Role Purpose Access superadmin Founder / lead operator Full read + write across every surface support Customer support hires Day-to-day user help, credit grants and refunds within capped limits developer Engineers Read-heavy access for debugging the pipeline; PII-sensitive surfaces redacted

Role is driven by a Firebase custom claim (adminLevel) in production; a role switcher exists for local/mock development. Capabilities such as impersonation, credit adjustment, force-render, and user deactivation are checked against the matrix before any action is allowed, and write actions are blocked for read-only roles.

The dashboard is organized into operational areas, each a route under /internal/admin:

Command Center — landing page with green/yellow/red status cards (queue depth, worker health, render pipeline, API integrations, failed jobs, storage) plus a live metrics strip (jobs processing/queued, throughput, render time, queue wait).

API Health — UP / DEGRADED / DOWN grid for every third-party dependency (image/video generation, OpenAI, ElevenLabs, Zillow, Firebase Auth, Stripe, SendGrid, S3) with latency and error charts and a list of jobs stuck waiting on an API.

Workers — per-worker-type heartbeat, queue depth, throughput, and error rate across the nine worker types in the pipeline.

Auto Scaling — scaling configuration and behavior for the worker fleet.

Job Queue — the full operational queue with status/date/customer/template filters, problem-first sorting, and bulk actions (retry, cancel, override priority).

Job Inspector (jobs/[jobId]) — per-job timeline of status transitions, a shot-by-shot breakdown (with per-shot API request/response, latency, and cost), a chronological log viewer, and admin actions to retry, cancel, or force a render.

Cost Tracker — today/week/month/trailing-30-day spend, daily cost trend, breakdown by API service and by customer, all measured against a fixed monthly budget, with a budget-check cron route for alerting. Includes a dedicated API-cost ledger view.

Users — customer and editor account management with a rich detail dialog (profile, billing, payments, credits, listings, media library, activity, jobs). Actions include impersonation, credit adjustment (capped per support limits), resend verification, force sign-out, and deactivation.

Product Analytics — usage analytics surfaced from PostHog.

Early Access — early-access list management.

Feedback — collected user feedback.

Batch Config and User Libraries — media pipeline configuration and per-user asset libraries.

Templates — the marketing/video templates jobs are rendered against.

Editor: Local Tours / Local Tour Jobs — editor-facing tour content and job views.

Alerts — severity-ranked (critical/warning/info) alert feed with acknowledgement.

Error Logs — pipeline error reporting.

Audit Log — append-only record of every privileged admin action.

Settings — operator configuration.

The platform sells tiered subscriptions, reflected in the admin billing surfaces: Starter ($149/mo), Growth ($349/mo), Marketing OS ($499/mo), and Marketing OS Pro ($999/mo), each with a monthly credit allotment and listing limit.

Next.js 16 (App Router) — note: this project pins a newer Next.js whose APIs and conventions differ from older releases; the canonical reference is the bundled docs in node_modules/next/dist/docs/.

Tailwind CSS 4 (via @tailwindcss/postcss)

shadcn/ui component primitives built on @base-ui/react

Lucide icons, Geist + Inter variable fonts, next-themes for dark/light theming, sonner for toasts, cmdk for command palette, tw-animate-css, class-variance-authority, clsx, tailwind-merge

Tremor — charts (cost trends, latency, throughput)

deck.gl (+ Google Maps overlay) — geospatial visualizations

@xyflow/react + dagre — node/graph (DAG) layouts for pipeline visualization

Firebase — authentication (custom adminLevel claims), Firestore for jobs/audit data, with token refresh handled by a custom API client

AWS CloudWatch — infrastructure metrics (SQS/ECS/S3) via an internal infra-status aggregation endpoint

PostHog — product analytics

Nodemailer — email

The pipeline integrates external AI/media APIs (image generation, video generation, OpenAI, ElevenLabs), real-estate data (Zillow), payments (Stripe), email (SendGrid), and storage (S3)

Feature flags (src/lib/feature-flags.ts) gate surfaces that depend on backend infrastructure that may not be deployed yet (cost tracker, API-call instrumentation), and a mock-data mode lets the app run standalone without any backend env vars — enabling UI development and demos before real data sources are wired in.

Role-based access control via a permission matrix and React context.

Audit logging of privileged actions as an append-only record.

Cron route (api/cron/budget-check) for scheduled budget alerting; Vercel is the deployment target.

Deployed on Vercel, wired to real data through NEXT_PUBLIC_FIREBASE_* and related environment variables. Surfaces progressively "go live" as their backing infrastructure ships, controlled by environment-driven feature flags rather than code changes.