Glozr docs
/

Architecture

Stack & layout

Glozr runs as a unified Laravel application with two frontend surfaces. The backend is Laravel 13 on PHP 8.3+ with Octane; the admin/customer console is Inertia v3 + React 19; the visitor widget is a separate Preact bundle held under 50 KB.

Overview

One codebase, two builds. The admin and the customer-facing dashboard share components, hooks, and routes — they are the same React 19 app, gated by role. The embeddable widget intentionally shares nothing with the admin code: it has its own bundle, its own router, its own state model, and a strict size budget.

Technology stack

Core infrastructure

  • App framework — Laravel 13 on PHP 8.3+
  • Application server — Laravel Octane on FrankenPHP
  • Realtime — Laravel Reverb (WebSockets)
  • Queues — Laravel Horizon on Redis
  • Database — Postgres 16
  • Cache & pub/sub — Redis 7

Frontend systems

  • Admin / customer dashboard — Inertia v3 + React 19 with Tailwind v4. Shipped with the Laravel app.
  • Visitor widget — Preact 10, separate Vite config, strict size constraints. Hosted as a static asset and loaded by a one-line snippet.

AI & data plane

  • Primary LLM — Cloudflare Workers AI (Llama 3.3 70B)
  • Fallback LLM — OpenAI gpt-4o-mini
  • Vector store — Cloudflare Vectorize (primary), Qdrant (fallback / self-host)
  • Web crawler — Cloudflare Browser Rendering (primary), Browserless (fallback), plain HTTP (last resort)

Architecture philosophy

The admin and customer consoles share one codebase because they share 80% of their surface — the same widget config screen, the same conversation viewer, the same billing UI. The widget is the opposite: every kilobyte it ships costs visitors load time on someone else's site. Keeping it isolated prevents admin-only dependencies from leaking into the public bundle.

Note. The widget bundle is size-budgeted in CI. A PR that pushes it over 50 KB fails the build before it can land.

Multi-tenancy & security

Tenant isolation is enforced at the model layer through the BelongsToWorkspace trait and a global scope applied to every query. Crossing a tenant boundary requires explicit opt-out with documented justification — see Multi-tenancy and Security for the full enforcement model.