Introduction
Welcome to ecommus
Section titled “Welcome to ecommus”ecommus is a closed-source multi-niche commerce framework owned by Media Design SRL (MDLABS), built with TypeScript, Fastify 5, Next.js 15 (admin + super-admin), and Astro 5 (storefront).
The model is one-time payment, per-domain, perpetual (per ADR-030) — same way every other framework that sells source + assets works. Customer pays once for a website package; updates are free perpetually within the major version (1.x.y); support is 30 days free + paid plans (3/6/9/12 months) afterwards. SaaS hosting is deferred post-customer-#50 — the catalog is structured to switch the same SKUs to subscription billing when SaaS launches, without rewriting.
Customers never receive custom forks. Every customer runs the shared framework, with a license that selects which niche package their stack pulls — see ADR-015.
Niche packages — the unit of sale
Section titled “Niche packages — the unit of sale”We sell niche packages, not individual themes. Four canonical packages at launch:
services
Booking-first stacks: clinics, salons, fitness, classes. Default theme theme-services; premium plugins niche-booking, efactura-ro, notifications-sms.
real-estate
Listings + lead capture for agencies. Default theme theme-realestate; premium plugins niche-real-estate, efactura-ro, lead-management.
travel
Hotels, packages, deposits. Default theme theme-travel; premium plugins niche-hotel, niche-booking, efactura-ro, payment-deposits.
ecommerce
Catalog + checkout + Romanian fiscal compliance. Default theme theme-fashion; premium plugins niche-ecommerce, efactura-ro, shipping-sameday, marketplace-emag.
What makes ecommus different?
Section titled “What makes ecommus different?”Multi-tenant by design
Every DB query is filtered by tenantId in middleware. One Postgres instance can serve unlimited stores per niche.
Plugin SDK (never patch core)
Hooks, filters, routes, payment drivers, admin UI slots, theme overrides — all through the registry. packages/core stays semver-stable across customer upgrades.
Headless API
Fastify 5 REST API with Zod-validated input on every route. Consume from any HTTP client or via the @ecommus/client SDK.
EU-compliant out of the box
ANAF e-Factura, Romanian VAT (21%), GDPR consent log, retention policies, EAA accessibility, Netopia/EuPlatesc payment drivers.
License tiers
Section titled “License tiers”The customer holds a JWT signed by our license server (Ed25519). The token decides which features, themes, plugins, and niches install. See License for the full matrix and the JWT shape.
| Tier | Domains | Niche packages | Multi-tenant | White-label | Marketplace publisher | Free support |
|---|---|---|---|---|---|---|
starter | 1 | 1 | 30 days | |||
pro | 1 | 1 | ✓ | 90 days | ||
growth | 3 | 2 | ✓ | optional | 6 months | |
enterprise | unlimited | up to 4 | ✓ | ✓ | ✓ | 12 months |
trial | 1 | 1 (30 days) | n/a | |||
dev | all | all (internal) | ✓ | ✓ | ✓ | n/a |
License is one-time per-domain perpetual. Updates are free forever within the same major version. Only support is renewable — paid plans 3/6/9/12 months extend SLA + cloud-tied features (AI, ANAF SPV proxy, hosted email). Premium plugin downloads remain available perpetually because the customer paid for them once. Major version upgrades (v1 → v2) are a separate, paid event at 50% off for v1 customers.
The framework does not phone home and disable. The receiver-side never blocks based on support_until.
Tech stack
Section titled “Tech stack”| Layer | Technology |
|---|---|
| Runtime | Node.js 22 LTS + native TypeScript (--experimental-strip-types) |
| API | Fastify 5 (port 4000) |
| Admin panel | Next.js 15 App Router (port 3001) — tenant operator UI |
| Super-admin | Next.js 15 App Router (port 3002) — platform / tenant provisioning |
| Storefront | Astro 5 (port 3000) |
| Database | Drizzle ORM + pglite (dev) / PostgreSQL 16 (production) |
| Cache / queues | Redis + BullMQ (in-memory fallback in dev) |
| Search | Postgres FTS + pgvector (Meilisearch adapter optional) |
| Validation | Zod |
| Auth | JWT (HS256) access + refresh, argon2id passwords |
| License signing | Ed25519 (license-server, signed JWTs) |
| Distribution | Private npm registry (npm.ecommus.cloud) + license-gated installs |
Quick links
Section titled “Quick links”- Quick Start — up and running in 5 minutes
- License — JWT shape, tier matrix, grace, renewal
- Customer Onboarding — provisioning checklist
- Plugin Development — build your first plugin
- Architecture — how it all fits together