CNCraft

Launch checklist

What you need to do next

The app now targets a public prompt-to-CNC workflow. These are the concrete actions to make it reachable, usable, and safe enough to show outside your own browser.

Open the live generator Open the main site

Operating rule

Keep the contract narrow. OpenRouter interprets the request, but deterministic code owns the final files.

Step by step

Next actions in order

Work down this list in order. The goal is to make the deployment public, configure the required secrets, and finish the domain handoff through Vercel and Cloudflare.

01

Disable Vercel Authentication

Make the production deployment public. Right now the Vercel project is protected, which blocks both direct traffic and the custom-domain cutover.

02

Set a SESSION_SECRET

Add a strong random `SESSION_SECRET` in Vercel so the lightweight signed-session cookie is not using the development fallback.

03

Set an OPENROUTER_API_KEY

Add the shared platform key in Vercel so the public demo can run without forcing every visitor to bring their own key.

04

Add cnc.riera.co.uk to the Vercel project

Register the final hostname on the Vercel project first so Vercel can tell you exactly which DNS target it expects.

05

Create the matching DNS record in Cloudflare

Point `cnc.riera.co.uk` at the Vercel target from your Cloudflare zone. This is the main step that still needs your direct DNS access.

06

Try both the shared-key and BYO-key paths

Confirm that the shared platform key path works and that visitors can also paste their own OpenRouter key when they want more usage.

07

Review the runtime logs for captured leads

Lightweight login details and generation events are logged server-side in this bootstrap release, so use the logs to inspect who is testing the workflow.

08

Add managed persistence when you want cross-device history

Browser-scoped history is enough for the first live release. Add a real storage service later if you want durable history and richer follow-up.

Recommended sequence

The sensible order from here

First make the deployment public, then connect the final domain, then decide whether the next investment is persistence, billing, or deeper machine support.

Now

Disable protection, add the secrets, and validate that the live generator works on the production deployment.

Next

Finish the `cnc.riera.co.uk` cutover in Vercel and Cloudflare, then inspect the runtime logs for real usage.

Later

Add managed persistence, stronger auth, and richer controller-specific post-processors once the demo starts attracting real business conversations.