Tastebook is a full-stack social web application for restaurant reviews.
Mainstream location and discovery platforms (like Google Maps or Yelp) are increasingly plagued by review manipulation, corporate bias, and automated bot accounts that inflate or destroy a venue's reputation for profit. Tastebook rejects this noise.
Rather than serving as a generic, easily gamed directory, Tastebook focuses strictly on a trusted, closed-loop network. It answers the fundamental question: "Where and what should I eat based exclusively on my friends' real, unmanipulated experiences?" By filtering out public algorithmic feeds, every rating, photo, and review you see comes solely from your personal circle—ensuring absolute authenticity and zero bot interference.
Live Demo: https://tastebook-web.vercel.app
Tastebook operates on a hybrid cloud infrastructure optimized for performance, security, and low operational overhead:
- Frontend (Edge Hosting): The Next.js application is deployed to Vercel, delivering fast page loads, responsive styling, and global routing.
- Backend & Storage (Self-Hosted): The Fastify API server, PostgreSQL database, Redis instance, and MinIO object storage run within Docker container stacks managed by Portainer on a self-hosted Ubuntu Server.
- Secure Networking: A persistent, secure ngrok tunnel connects the edge frontend to the self-hosted Fastify API. CORS configurations and custom headers are implemented to handle preflight requests and bypass interstitial warning pages seamlessly.
- Resilience: The self-hosted server is optimized for continuous availability, including system configurations to handle power management efficiently (lid-state override, power governor rules).
tastebook/
├── apps/
│ ├── api/ # Fastify REST API (Backend)
│ └── web/ # Next.js Web Application (Frontend)
├── packages/
│ ├── db/ # Drizzle ORM Database Schema & Migrations
│ └── shared/ # Shared validation schemas & API TypeScript definitions
├── docker-compose.yml # Development services (PostgreSQL, Redis, MinIO)
└── package.json # Monorepo workspaces configuration
Using Turborepo and pnpm Workspaces, the project compiles and builds efficiently. Shared code is modularized into dedicated workspace packages (@tastebook/db and @tastebook/shared), enabling clean separation of concerns and caching for faster pipelines.
API request payloads, query parameters, and form schemas are validated using Zod. These schemas are housed within @tastebook/shared and imported by both the backend (Fastify schema validation) and frontend (React Hook Form), eliminating validation drift and code duplication.
A dedicated, containerized backup service (postgres-backup-local) executes daily database dumps of the PostgreSQL instance. Backups are stored directly to NVMe storage with a rolling 7-day retention policy, ensuring quick recovery points without manual intervention.
Images uploaded to the platform are stored in a self-hosted MinIO object storage bucket. The upload pipeline includes:
- Magic Byte Verification: Inspecting image buffers for signatures to prevent file extension spoofing.
- On-the-Fly Optimization: Using
sharpto compress and convert images into high-performance WebP formats, generating both standard previews and thumbnails dynamically.
- Fan-Out-on-Read Feed: A high-performance activity feed query matches social connections and filters visible posts (Public, Friends-only, or Private).
- Feeds Cache: Powered by Redis with a
feed_versioninvalidation mechanism that automatically refreshes cache layers upon new entry submissions or relationship updates.
- Auth Flow: Uses
Argon2idfor password hashing, and implements JWT Access Tokens alongside rotated Refresh Tokens stored in secure, HTTP-only cookies. - Privacy Masking: Implements strict validation on user entries; unauthorized attempts to access private resources return a
404 Not Foundrather than a403 Forbiddento mask the existence of private data.