docs: switch infrastructure to local PostgreSQL + home Docker server (no Vercel/Neon)

.planning/ROADMAP.md

@@ -12,10 +12,10 @@ A dual-product build: a public real estate marketing site for a solo Utah agent
 
 Decimal phases appear between their surrounding integers in numeric order.
 
-- [ ] **Phase 1: Foundation** - Next.js project, database schema, Vercel Blob storage, and three-layer agent authentication
+- [ ] **Phase 1: Foundation** - Next.js project, local PostgreSQL database schema, and single-agent authentication (local dev; eventual home Docker server)
 - [ ] **Phase 2: Marketing Site** - Public-facing hero, bio, contact form, testimonials, and listings placeholder
 - [ ] **Phase 3: Agent Portal Shell** - Client management (create/view/profile) and dashboard skeleton with document status
-- [ ] **Phase 4: PDF Ingest** - Agent PDF upload, Vercel Blob storage pipeline, browser rendering, and document record creation
+- [ ] **Phase 4: PDF Ingest** - Agent PDF upload, local file storage pipeline, browser rendering, and document record creation
 - [ ] **Phase 5: PDF Fill and Field Mapping** - Drag-and-drop signature field placement, coordinate conversion, and agent text fill
 - [ ] **Phase 6: Signing Flow** - Complete end-to-end signing ceremony with legal compliance: email delivery, signing page, canvas capture, audit trail
 - [ ] **Phase 7: Audit Trail and Download** - Secure signed PDF download, document status tracking, and client-facing confirmation screen
@@ -31,13 +31,13 @@ Decimal phases appear between their surrounding integers in numeric order.
   2. Agent session persists after browser refresh and tab close — agent does not have to log in again
   3. Visiting any `/agent/*` route while unauthenticated redirects to the login page (not a 404 or blank screen)
   4. Agent can log out from the portal and is returned to the login page
-  5. Database schema is deployed to Neon, Vercel Blob bucket is created, and the project is deployed to Vercel with environment variables wired
+  5. Local PostgreSQL database is running and schema is applied (`db:migrate`), seed account created, and `npm run dev` serves the app at localhost:3000
 **Plans**: 3 plans
 
 Plans:
 - [ ] 01-01-PLAN.md — Next.js scaffold, Drizzle schema, Auth.js v5 config, route-protection middleware, seed script
 - [ ] 01-02-PLAN.md — Branded login page, agent portal layout, dashboard stub, logout mechanism
-- [ ] 01-03-PLAN.md — Git push, Vercel deployment, production auth flow verification (checkpoint)
+- [ ] 01-03-PLAN.md — Local environment setup (.env.local, db:migrate, db:seed) and local auth flow verification (checkpoint)
 
 ### Phase 2: Marketing Site
 **Goal**: Visitors can find Teressa online, see her brand, view the listings placeholder, and submit a contact inquiry
@@ -66,14 +66,14 @@ Plans: none yet
 Plans: none yet
 
 ### Phase 4: PDF Ingest
-**Goal**: Agent can upload a PDF form, see it rendered in the browser, and it is stored safely in Vercel Blob
+**Goal**: Agent can upload a PDF form, see it rendered in the browser, and it is stored safely on the local filesystem / Docker volume
 **Depends on**: Phase 3
 **Requirements**: DOC-01, DOC-02, DOC-03
 **Success Criteria** (what must be TRUE):
   1. Agent can upload a PDF form (manual upload — no utahrealestate.com scraping) and the document appears in the portal
   2. Agent can view the uploaded PDF rendered in the browser on the document detail page
   3. The forms library reflects updated forms on at least a monthly basis (automated sync or manual re-upload path defined and working)
-  4. Uploaded PDFs are stored in Vercel Blob (not local filesystem) and survive server restarts
+  4. Uploaded PDFs are stored in the local uploads directory (Docker volume on home server) and survive server restarts
 **Plans**: TBD
 
 Plans: none yet
@@ -114,7 +114,7 @@ Plans: none yet
 **Requirements**: SIGN-07, LEGAL-03
 **Success Criteria** (what must be TRUE):
   1. Agent can download the signed PDF from the dashboard via an authenticated presigned URL (5-minute TTL)
-  2. Signed PDFs are stored in private Vercel Blob storage — a direct or guessable URL returns an access error, not the file
+  2. Signed PDFs are stored in a private local directory (not publicly accessible) — a direct or guessable URL returns an access error, not the file
   3. Document status in the dashboard updates correctly to "Signed" after a signing ceremony completes
 **Plans**: TBD
 

.planning/STATE.md

@@ -59,6 +59,7 @@ Recent decisions affecting current work:
 - Next.js full-stack: single repo for marketing + web app via API routes
 - Email-link signing (no client account): lowest friction for clients; standard in real estate
 - utahrealestate.com forms scraping: AVOID — violates ToS; use manual PDF upload instead
+- Infrastructure: local PostgreSQL (Docker) + local `npm run dev`; no Vercel, no Neon, no cloud storage — home Docker server is eventual target
 - [Phase 01-foundation]: Lazy Proxy singleton for db/index.ts prevents neon() crash during Next.js build when DATABASE_URL absent
 - [Phase 01-foundation]: next-auth pinned to exact version 5.0.0-beta.30; middleware.ts at project root not src/; force-dynamic on auth route
 - [Phase 01-foundation 01-02]: PasswordField extracted as co-located client sub-component — keeps login page.tsx as pure server component
@@ -75,7 +76,7 @@ None yet.
 - Phase 6 (Signing Flow) warrants a /gsd:research-phase before planning — JWT one-time enforcement + ESIGN/UETA audit + mobile touch has edge cases
 - DNS (SPF/DKIM/DMARC) for teressacopelandhomes.com must be configured before any signing link reaches a real client (Phase 6 acceptance criterion)
 - Exact WFRMLS required IDX disclaimer text must be obtained directly from WFRMLS before listings feature ships (Phase 2)
-- Neon + Vercel provisioning required before runtime auth flow can be tested end-to-end
+- WFRMLS vendor enrollment takes 2-4 weeks — start process immediately, build Phase 2 listings with mock data while waiting (moved from Blockers)
 
 ## Session Continuity
 

.planning/phases/01-foundation/01-CONTEXT.md

@@ -6,7 +6,7 @@
 <domain>
 ## Phase Boundary
 
-Next.js project scaffold, Neon database with auth schema, Vercel Blob storage bucket, and single-agent authentication — the infrastructure every subsequent phase depends on. Scope ends at: agent can log in, session persists, protected routes redirect, and all infrastructure is live on Vercel.
+Next.js project scaffold, local PostgreSQL database with auth schema, and single-agent authentication — the infrastructure every subsequent phase depends on. Scope ends at: agent can log in, session persists, protected routes redirect, and the app runs locally. Eventual target is a home Docker server.
 
 </domain>
 
@@ -37,10 +37,12 @@ Next.js project scaffold, Neon database with auth schema, Vercel Blob storage bu
 - Single-agent design — standard users table rows, no multi-tenant role/status columns
 
 ### Deployment
-- Production only — deploy to Vercel at teressacopelandhomes.com
+- Local development: `npm run dev` at `localhost:3000`
-- Secrets and environment variables managed exclusively via Vercel dashboard (never committed to repo)
+- Database: local PostgreSQL (Docker recommended: `postgres:16` container)
-- Vercel Blob storage: single store, organized by path (e.g. `/documents/signed/`, `/documents/templates/`)
+- Secrets managed via `.env.local` (never committed to repo)
-- Deployment trigger: Vercel native Git integration (push to main → auto-deploy, no GitHub Actions)
+- No external cloud services — no Vercel, no Neon, no Blob storage in this phase
+- Eventual target: home server running Docker Compose (Next.js container + PostgreSQL container)
+- File storage (Phase 4+): local filesystem / Docker volume — no Vercel Blob
 
 ### Claude's Discretion
 - Exact brand color palette and visual design details (Teressa's brand assets to be used but layout specifics are open)