feat(db): mesh data model — meshes, members, invites, audit log

- pgSchema "mesh" with 4 tables isolating the peer mesh domain
- Enums: visibility, transport, tier, role
- audit_log is metadata-only (E2E encryption enforced at broker/client)
- Cascade on mesh delete, soft-delete via archivedAt/revokedAt

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

packages/email/src/providers/postmark/env.ts

@@ -0,0 +1,21 @@
+import { defineEnv } from "envin";
+import * as z from "zod";
+
+import { envConfig } from "@turbostarter/shared/constants";
+
+import { sharedPreset } from "../../utils/env";
+
+import type { Preset } from "envin/types";
+
+export const preset = {
+  id: "postmark",
+  server: {
+    POSTMARK_API_KEY: z.string(),
+  },
+  extends: [sharedPreset],
+} as const satisfies Preset;
+
+export const env = defineEnv({
+  ...envConfig,
+  ...preset,
+});

packages/email/src/providers/postmark/index.ts

@@ -0,0 +1,31 @@
+import { logger } from "@turbostarter/shared/logger";
+
+import { env } from "./env";
+
+import type { EmailProviderStrategy } from "../types";
+
+const from = env.EMAIL_FROM;
+
+export const { send } = {
+  send: async ({ to, subject, html, text }) => {
+    const response = await fetch("https://api.postmarkapp.com/email", {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json",
+        "X-Postmark-Server-Token": env.POSTMARK_API_KEY,
+      },
+      body: JSON.stringify({
+        From: from,
+        To: to,
+        Subject: subject,
+        HtmlBody: html,
+        TextBody: text,
+      }),
+    });
+
+    if (!response.ok) {
+      logger.error(await response.json());
+      throw new Error("Could not send email!");
+    }
+  },
+} satisfies EmailProviderStrategy;