The BENED Ecosystem

Everything built on the same foundation. Here's the map — what lives where, and how it all talks to each other.

The Live Network

Site	What It Does	Built With
bened.works	Main site — founding members, donations, the front door	PHP, PostgreSQL, Stripe
tradecraft.bened.works	Algorithmic trading platform — backtesting, simulation, live execution	PHP, TimescaleDB, Alpaca API
trailers.bened.works	Equipment rental marketplace — booking, payments, operator tools	Next.js, TypeScript, Stripe Connect
research.bened.works	Document research archive — 1.3M pages, full-text + AI search, community discussion	PHP, TimescaleDB, Meilisearch, Qdrant
support.bened.works	Customer support — ticket system, file uploads, email notifications	PHP, PostgreSQL, SMTP
praxis.bened.works	You're here — the architecture tour	PHP, PostgreSQL
auth.bened.works	Single sign-on — one account for everything	Keycloak, OIDC

How Requests Flow

When you visit any BENED site, here's what actually happens — same pattern, every time:

Pattern 1: Server-Rendered Pages (TradeCraft, Research, Support, Praxis)

You type tradecraft.bened.works/strategies
        │
        ▼
   Cloudflare (DNS + SSL)
        │
        ▼
   Nginx (figures out which app you want)
        │
        ▼
   PHP processes the request
        │
        ├── Checks: Are you logged in? (asks Keycloak)
        ├── Queries: What strategies exist? (asks the database)
        ├── Renders: Builds the full HTML page
        │
        ▼
   Complete page sent back to your browser

Why this pattern: Simple, fast, no build step. 
Edit a file, it's live. Perfect for content-heavy apps.

Pattern 2: Hybrid App (BENED Trailers)

You type trailers.bened.works/listings
        │
        ▼
   Cloudflare → Nginx → Docker Container
                              │
                      ┌───────┴────────┐
                      │    Next.js     │
                      │    Server      │
                      └───────┬────────┘
                              │
               ┌──────────────┼──────────────┐
               │              │              │
               ▼              ▼              ▼
         ┌──────────┐  ┌──────────┐  ┌──────────┐
         │ Database │  │  Stripe  │  │  Cloud   │
         │          │  │ Payments │  │ Storage  │
         └──────────┘  └──────────┘  └──────────┘

Server renders initial HTML, then React takes over 
for interactive features (search filters, booking 
calendar, real-time availability).

Why this pattern: Complex UI needs client-side 
interactivity. Stripe's React components are excellent.

Pattern 3: Heavy Data (TradeCraft Backtesting)

You click "Run Backtest" on a 2-year strategy
        │
        ▼
   PHP receives the request
        │
        ▼
   ┌─────────────────────────────────────────┐
   │          TimescaleDB                     │
   │                                          │
   │  100M+ rows of market data              │
   │  Hypertables (auto-partitioned by time) │
   │  90%+ compression on historical data    │
   │                                          │
   │  Query: Give me 2 years of AAPL candles │
   │  Result: Sub-second. Seriously.          │
   └─────────────────────────────────────────┘
        │
        ▼
   PHP simulates every trade, day by day
        │
        ▼
   Returns: equity curve, win rate, drawdown, 
   trade log — rendered as charts and tables

Why TimescaleDB: Stock data is time-series by nature.
Regular databases choke on 100M rows with time-range 
queries. TimescaleDB was built for exactly this.

The Shared Foundation

Every BENED app is independent, but they share key infrastructure. Here's what holds it all together:

Authentication

Keycloak SSO

You log in once at auth.bened.works. That login works everywhere — TradeCraft, Trailers, Research, Support, all of it. No more "create an account" on every site.

Identity

Cross-App Verification

When you verify your identity on one app (say, for Stripe payments on the rental platform), every other app knows about it. Verify once, trusted everywhere.

Databases

PostgreSQL + TimescaleDB

PostgreSQL for structured data (users, bookings, tickets). TimescaleDB for time-series (market candles, trading simulations). Same SQL dialect, specialized for different jobs.

Routing

Nginx Reverse Proxy

One server, many apps. Nginx looks at the domain you requested and routes you to the right application. All SSL is handled here too.

Payments

Stripe

Subscriptions for TradeCraft. Marketplace payments (Stripe Connect) for trailer rentals. Founding member donations on the main site. One payment provider, multiple models.

Storage

Backblaze B2 + CDN

User uploads, document archives, images — all stored in cloud storage at a fraction of AWS S3 pricing. Served through a CDN for fast delivery worldwide.

Key Architecture Choices

PHP for content, Next.js for SaaS

PHP apps (TradeCraft, Research, Support, this site) are content-focused with forms and server rendering. The rental marketplace needs complex interactive UI — search filters, booking calendars, real-time availability — so it runs on Next.js. Right tool for the job.

Keycloak instead of rolling our own auth

We tried building separate login systems for each app. It lasted about two weeks. Keycloak gives us battle-tested security, one login across everything, and we didn't have to write a single line of password hashing code.

TimescaleDB for trading data

100+ stock symbols × years of 5-minute candles = hundreds of millions of rows. Regular databases can handle it, but they'll be slow about it. TimescaleDB was designed from the ground up for exactly this kind of time-series data.

Everything talks through standard protocols

OIDC for authentication. REST for APIs. SQL for databases. SMTP for email. Nothing proprietary, nothing custom. If you know the standards, you understand how BENED works.

See all architectural decisions →