Enterprise-grade, multi-tenant Trading Room SaaS with ultra-low latency WebRTC streaming powered by Mediasoup SFU cluster architecture.
┌─────────────────────────────────────────────────────────────────────────────┐
│ TRADING ROOM SAAS PLATFORM │
├─────────────────────────────────────────────────────────────────────────────┤
│ │
│ ┌──────────┐ ┌──────────────┐ ┌─────────────┐ ┌──────────┐ │
│ │ Svelte │────▶│ Signaling │────▶│ Mediasoup │────▶│ TURN │ │
│ │ Frontend │ │ Server │ │ SFU Cluster│ │ Server │ │
│ └──────────┘ └──────────────┘ └─────────────┘ └──────────┘ │
│ │ │ │ │
│ │ │ │ │
│ ▼ ▼ ▼ │
│ ┌──────────────────────────────────────────────────────────────────┐ │
│ │ Neon (Serverless PostgreSQL) │ │
│ └──────────────────────────────────────────────────────────────────┘ │
│ │ │
│ ▼ │
│ ┌──────────────┐ ┌──────────────┐ ┌──────────────┐ │
│ │ Rust API │────▶│ Redis │────▶│ Cloudflare │ │
│ │ SaaS API │ │ Cache │ │ R2 Storage │ │
│ └──────────────┘ └──────────────┘ └──────────────┘ │
│ │
└─────────────────────────────────────────────────────────────────────────────┘
- Rust with Axum + Tokio - Core SaaS API
- sqlx - Postgres access (migrations + typed queries)
- Sanctum-compatible tokens, Argon2id password hashing
- Stripe billing (REST + signed webhooks), Cloudflare R2 (presigned URLs)
- PostgreSQL via Neon (Serverless) · Redis - cache / coordination
- Node.js 24.16.0 with TypeScript
- Mediasoup v3.20 - SFU (Selective Forwarding Unit)
- WebRTC - Real-time media streaming
- Coturn - TURN/STUN server
- Svelte 5 + SvelteKit (adapter-node, SSR) with TypeScript
- Cookie-based BFF auth (token never exposed to client JS)
- Vite 8 - Build tool · TailwindCSS 4 - Styling
- Svelte 5 runes for state · mediasoup-client v3 - WebRTC client
- Hetzner Cloud - Primary hosting
- Cloudflare - CDN, DNS, WAF
- Cloudflare R2 - Object storage
- Docker - Containerization
- GitHub Actions - CI/CD
streaming-cloud/
├── backend-rs/ # Rust SaaS API (Axum + Tokio + sqlx)
│ └── crates/api/
│ ├── src/
│ │ ├── domain/ # Domain models
│ │ ├── db/ # sqlx repositories
│ │ ├── http/ # Axum routers + handlers
│ │ ├── auth/ # password hashing, tokens, extractors
│ │ ├── signaling/ # SFU control-plane + token mint
│ │ ├── stripe.rs # Stripe REST client + webhooks
│ │ └── s3.rs # R2 SigV4 presigner
│ └── migrations/
│
├── frontend-svelte/ # SvelteKit frontend (adapter-node, SSR)
│ └── src/
│ ├── routes/ # File-based routes (+page/+server/+layout)
│ └── lib/ # BFF client, stores, components
│
├── signaling/ # Node.js Signaling Server
│ └── src/
│ ├── config/
│ ├── controllers/
│ ├── services/
│ │ ├── SignalingServer.ts
│ │ ├── RoomManager.ts
│ │ └── AuthService.ts
│ └── types/
│
├── sfu/ # Mediasoup SFU Cluster
│ └── src/
│ ├── workers/
│ │ └── WorkerManager.ts
│ ├── routers/
│ │ └── RouterManager.ts
│ └── transports/
│
├── infrastructure/ # DevOps & Infrastructure
│ ├── docker/
│ │ ├── docker-compose.yml
│ │ └── Dockerfile.*
│ ├── terraform/
│ └── scripts/
│
├── docs/ # Documentation
│ ├── ARCHITECTURE.md
│ └── DATABASE_SCHEMA.md
│
└── .github/
└── workflows/
└── ci-cd.yml
- Organizations (tenants) with isolated data
- Workspaces for team organization
- Row-Level Security (RLS) via PostgreSQL policies
- Role-based access control (Owner, Admin, Host, Co-Host, Moderator, Viewer)
- Ultra-low latency video/audio streaming
- Simulcast for adaptive quality
- Screen sharing support
- Multiple concurrent rooms per organization
- Stripe subscription billing
- Multiple pricing tiers (Starter, Professional, Business, Enterprise)
- Usage-based limits enforcement
- API access for integrations
- Real-time chat (WebSocket)
- Trading alerts and announcements
- File uploads (Cloudflare R2)
- Participant management
- Recording support (Business+ plans)
| Feature | Starter | Professional | Business | Enterprise |
|---|---|---|---|---|
| Price | $49/mo | $149/mo | $449/mo | Custom |
| Workspaces | 1 | 3 | 10 | Unlimited |
| Rooms | 3 | 10 | 50 | Unlimited |
| Hosts | 1 | 3 | 10 | Unlimited |
| Viewers/Room | 50 | 200 | 1,000 | Unlimited |
| Storage | 5GB | 25GB | 100GB | 1TB |
| Recording | - | ✓ | ✓ | ✓ |
| SSO | - | - | ✓ | ✓ |
| API Access | - | ✓ | ✓ | ✓ |
- Docker & Docker Compose
- Node.js 24.16.0
- Rust (stable) + Cargo
- Neon account (https://neon.tech)
- Stripe account
- Cloudflare account (for R2)
- Clone the repository:
git clone https://github.com/your-org/streaming-cloud.git
cd streaming-cloud- Copy environment file:
cp .env.example .env-
Configure environment variables (see
.env.examplefor all options) -
Start services with Docker:
cd infrastructure/docker
docker compose up -dcd backend-rs
cargo run # serves on :8080
# migrations: sqlx migrate run --source crates/api/migrationscd frontend-svelte
npm ci
npm run dev # serves on :5173cd signaling
npm install
npm run devcd sfu
npm install
npm run devcd frontend
npm install
npm run devAll API requests require authentication via JWT token:
Authorization: Bearer <jwt-token>
GET /api/v1/organizations- List user's organizationsPOST /api/v1/organizations- Create organizationGET /api/v1/organizations/{id}- Get organization details
GET /api/v1/organizations/{org}/rooms- List roomsPOST /api/v1/organizations/{org}/rooms- Create roomPOST /api/v1/organizations/{org}/rooms/{room}/start- Start streamPOST /api/v1/organizations/{org}/rooms/{room}/join- Join roomPOST /api/v1/organizations/{org}/rooms/{room}/end- End stream
GET /api/v1/subscriptions/plans- List available plansPOST /api/v1/subscriptions- Create subscriptionPOST /api/v1/subscriptions/portal- Get billing portal URL
-
Provision servers:
- CPX41 (8 vCPU, 16GB) - SFU Server
- CX22 (2 vCPU, 4GB) - Signaling, API, TURN
-
Configure DNS in Cloudflare:
tradingroom.io→ Frontendapi.tradingroom.io→ Rust APIsignaling.tradingroom.io→ Signaling Serversfu-*.tradingroom.io→ SFU Nodesturn.tradingroom.io→ TURN Server
-
Deploy via GitHub Actions (automatic on push to
main)
- Horizontal: Add more SFU nodes for increased capacity
- Load Balancing: AWS ALB or Hetzner Load Balancer
- Redis Cluster: For high-availability caching
- Read Replicas: Neon supports read replicas for scale
GET /health- All services expose health checks- Prometheus metrics available at
/metrics
- Structured JSON logging
- Aggregation via Loki/Grafana
- Error tracking via Sentry
- WebRTC: RTT, packet loss, jitter, bitrate
- Business: Active rooms, concurrent viewers, stream hours
- Infrastructure: CPU, memory, network
- TLS 1.3 for all connections
- DTLS/SRTP for WebRTC media encryption
- JWT authentication with secure token validation
- Row-Level Security for data isolation
- Rate limiting on all endpoints
- Input validation and sanitization
- Fork the repository
- Create feature branch (
git checkout -b feature/amazing-feature) - Commit changes (
git commit -m 'Add amazing feature') - Push to branch (
git push origin feature/amazing-feature) - Open a Pull Request
Proprietary - All rights reserved.
- Documentation:
/docs - Issues: GitHub Issues
- Email: support@tradingroom.io