Documentation Update

2025-06-22 12:47:59 +02:00
Commit 889a7b4ebe
--- a/OPERATIONS_GUIDE.md
+++ b/OPERATIONS_GUIDE.md
@@ -4,87 +4,89 @@

 ### Prerequisites
 - Docker and Docker Compose
- PostgreSQL 13+
- Python 3.8+
- Minimum 4GB RAM
- 20GB disk space
+- 4GB RAM, 20GB disk

 ### Initial Setup
-
 ```bash
-# Clone repository
-git clone <repository-url>
 cd v2-Docker
-
-# Environment Variables sind bereits in docker-compose.yaml definiert
-# Für Produktion: Erstelle .env Datei mit sensiblen Daten
-
-# Start services
 docker-compose up -d
-
-# Datenbank wird automatisch initialisiert via init.sql
-# Keine manuellen Migrationen erforderlich
 ```
+Database initializes automatically via init.sql.

 ### Standard-Zugangsdaten

 #### Admin Panel
- URL: https://admin-panel-undso.z5m7q9dk3ah2v1plx6ju.com
+- URL: http://localhost:80 (oder konfigurierte Domain)
 - User 1: `rac00n` / `1248163264`
 - User 2: `w@rh@mm3r` / `Warhammer123!`

 #### License Server API
- URL: https://api-software-undso.z5m7q9dk3ah2v1plx6ju.com
- API Key: Muss in Requests mitgesendet werden
+- URL: http://localhost:80/api (über Nginx Proxy)
+- API Key: Wird im Admin Panel unter "Lizenzserver Administration" verwaltet
+- Header: `X-API-Key: <api-key>`

 ### Service Configuration

 #### License Server
 ```yaml
 license-server:
-  image: v2_lizenzserver:latest
+  build: ./v2_lizenzserver
+  container_name: v2_license_server
  environment:
-    - DATABASE_URL=postgresql://adminuser:supergeheimespasswort@db:5432/meinedatenbank
+    - DATABASE_URL=postgresql://adminuser:supergeheimespasswort@postgres:5432/meinedatenbank
    - JWT_SECRET=your-secret-jwt-key-here-minimum-32-chars
-    - API_KEY=your-api-key-here
-    - REDIS_HOST=redis-cache
+    - REDIS_HOST=redis
    - RABBITMQ_HOST=rabbitmq
-  # Kein externer Port - nur über Nginx erreichbar
  expose:
-    - "8443"
+    - "8000"
  networks:
-    - internal_net
+    - backend
+    - monitoring
+  depends_on:
+    - postgres
+    - redis
+    - rabbitmq
 ```

 #### Admin Panel  
 ```yaml
 admin-panel:
-  image: v2_adminpanel:latest
+  build: ./v2_adminpanel
+  container_name: v2_admin_panel
  environment:
-    - DATABASE_URL=postgresql://adminuser:supergeheimespasswort@db:5432/meinedatenbank
+    - DATABASE_URL=postgresql://adminuser:supergeheimespasswort@postgres:5432/meinedatenbank
    - SECRET_KEY=supersecretkey
    - JWT_SECRET=your-secret-jwt-key-here-minimum-32-chars
-    - LIZENZSERVER_BASE_URL=http://license-server:8443
-    - REDIS_HOST=redis-cache
-  # Kein externer Port - nur über Nginx erreichbar
+    - REDIS_HOST=redis
  expose:
    - "5000"
  networks:
-    - internal_net
+    - backend
+    - monitoring
+  depends_on:
+    - postgres
+    - redis
+  volumes:
+    - ./backups:/app/backups
 ```

 #### Nginx Reverse Proxy
 ```yaml
-nginx-proxy:
-  image: v2_nginx:latest
+nginx:
+  build: ./v2_nginx
+  container_name: v2_nginx
  ports:
-    - "80:80"    # HTTP (wird auf HTTPS umgeleitet)
-    - "443:443"  # HTTPS
+    - "80:80"
  networks:
-    - internal_net
-  # Routet Requests an interne Services:
-  # admin-panel-undso.z5m7q9dk3ah2v1plx6ju.com → admin-panel:5000
-  # api-software-undso.z5m7q9dk3ah2v1plx6ju.com → license-server:8443
+    - backend
+  depends_on:
+    - admin-panel
+    - license-server
+  volumes:
+    - ./v2_nginx/nginx.conf:/etc/nginx/nginx.conf:ro
+  # Routing:
+  # / → admin-panel:5000 (Admin Panel)
+  # /api → license-server:8000 (API Endpoints)
 ```

 ## Monitoring
@@ -96,7 +98,12 @@ nginx-proxy:
 scrape_configs:
  - job_name: 'license-server'
    static_configs:
-      - targets: ['license-server:8443']
+      - targets: ['license-server:8000']
+    metrics_path: /metrics
+  
+  - job_name: 'admin-panel'
+    static_configs:
+      - targets: ['admin-panel:5000']
    metrics_path: /metrics
  
  - job_name: 'postgres'
@@ -107,17 +114,13 @@ scrape_configs:
    static_configs:
      - targets: ['redis-exporter:9121']
      
-  - job_name: 'nginx'
-    static_configs:
-      - targets: ['nginx-exporter:9113']
-      
  - job_name: 'node'
    static_configs:
      - targets: ['node-exporter:9100']
      
  - job_name: 'cadvisor'
    static_configs:
-      - targets: ['cadvisor:8081']
+      - targets: ['cadvisor:8080']
 ```

 #### Alert Rules
@@ -157,11 +160,56 @@ scrape_configs:
 - Alertmanager: http://localhost:9093

 ### Monitoring Stack Services
- PostgreSQL Exporter: Sammelt DB-Metriken
- Redis Exporter: Sammelt Cache-Metriken
- Node Exporter: System-Level Metriken
- Nginx Exporter: Webserver-Metriken
- cAdvisor: Container-Metriken (Port 8081)
+- PostgreSQL Exporter: Sammelt DB-Metriken (Port 9187)
+- Redis Exporter: Sammelt Cache-Metriken (Port 9121)
+- Node Exporter: System-Level Metriken (Port 9100)
+- cAdvisor: Container-Metriken (Port 8080)
+- Prometheus: Metrics Collection (Port 9090)
+- Grafana: Visualization (Port 3000)
+- Alertmanager: Alert Management (Port 9093)
+
+## Features Overview
+
+### Lead Management System
+- Accessible via "Leads" button on Customers & Licenses page
+- Manage potential customers and contacts
+- Features:
+  - Institution management
+  - Contact persons with multiple phones/emails
+  - Versioned notes system
+  - Full audit trail
+
+### Resource Pool Management
+- Domain allocation system
+- IPv4 address management
+- Phone number allocation
+- Features:
+  - Resource assignment to licenses
+  - Quarantine management
+  - Resource history tracking
+  - Availability monitoring
+
+### Batch Operations
+- Bulk license creation
+- Mass updates
+- Accessible from Customers & Licenses page
+
+### Monitoring Integration
+- Unified monitoring dashboard at `/monitoring`
+- Live analytics and metrics
+- Alert management interface
+- Integrated with Prometheus/Grafana stack
+
+### API Key Management
+- Single system-wide API key
+- Managed in "Lizenzserver Administration"
+- Used for all API authentication
+
+### Session Management
+- Single-session enforcement per license
+- 30-second heartbeat system
+- Automatic session cleanup after 60 seconds
+- Session history tracking

 ## Maintenance

@@ -182,20 +230,12 @@ DROP TABLE IF EXISTS license_heartbeats_2024_01;
 ```

 #### Backup Procedures
-
-##### Manuelles Backup
 ```bash
-# Full database backup
-docker exec db pg_dump -U adminuser meinedatenbank > backup_$(date +%Y%m%d).sql
+# Backup
+docker exec v2_postgres pg_dump -U adminuser meinedatenbank | gzip > backup_$(date +%Y%m%d).sql.gz

-# Backup specific tables
-docker exec db pg_dump -U adminuser -t licenses -t license_activations meinedatenbank > licenses_backup.sql
-
-# Komprimiertes Backup
-docker exec db pg_dump -U adminuser meinedatenbank | gzip > backup_$(date +%Y%m%d).sql.gz
-
-# Restore from backup
-docker exec -i db psql -U adminuser meinedatenbank < backup_20250619.sql
+# Restore
+gunzip -c backup_20250619.sql.gz | docker exec -i v2_postgres psql -U adminuser meinedatenbank
 ```

 ##### Integriertes Backup-System
@@ -210,25 +250,10 @@ Das Admin Panel bietet ein eingebautes Backup-System:

 #### Log Locations

-##### Container Logs
-```bash
-# License Server Logs
-docker logs license-server
-
-# Admin Panel Logs  
-docker logs admin-panel
-
-# Nginx Logs
-docker logs nginx-proxy
-
-# Database Logs
-docker logs db
-```
-
-##### Persistent Log Volumes
- Nginx Access/Error Logs: Mapped to local `./v2_nginx/logs/`
- Application Logs: Verfügbar über Docker logging driver
- Audit Logs: In der Datenbank (Tabelle `audit_log`)
+##### Logs
+- Container logs: `docker logs <container_name>`
+- Nginx logs: `./v2_nginx/logs/`
+- Audit logs: Database table `audit_log`

 #### Log Rotation
 ```bash
@@ -246,17 +271,9 @@ docker logs db
 ### Performance Optimization

 #### Database Tuning
-```sql
-- Update statistics
-ANALYZE;
-
-- Reindex tables
-REINDEX TABLE licenses;
-REINDEX TABLE license_activations;
-
-- Vacuum tables
-VACUUM ANALYZE licenses;
-```
+- Run `ANALYZE` periodically
+- `VACUUM ANALYZE` on large tables
+- Maintain partitions: `CALL create_monthly_partitions('license_heartbeats', 3)`

 #### Resource Limits

@@ -302,38 +319,14 @@ db:
 ### Common Issues

 #### License Server Not Responding
-1. Check container status: `docker ps | grep license-server`
-2. View logs: `docker logs license-server --tail 100`
-3. Test internal connectivity: 
-   ```bash
-   docker exec nginx-proxy curl -k https://license-server:8443/health
-   ```
-4. Verify environment variables:
-   ```bash
-   docker exec license-server env | grep -E "JWT_SECRET|API_KEY|DATABASE_URL"
-   ```
-5. Check Nginx routing:
-   ```bash
-   docker exec nginx-proxy nginx -T | grep api-software
-   ```
+- Check status: `docker ps | grep license`
+- View logs: `docker logs v2_license_server --tail 100`
+- Test health: `docker exec v2_nginx curl http://license-server:8000/health`

 #### Database Connection Issues
-1. Check PostgreSQL status: 
-   ```bash
-   docker exec db pg_isready -U adminuser -d meinedatenbank
-   ```
-2. Test connection from service:
-   ```bash
-   docker exec admin-panel psql postgresql://adminuser:supergeheimespasswort@db:5432/meinedatenbank -c "SELECT 1"
-   ```
-3. Check network connectivity:
-   ```bash
-   docker network inspect v2-docker_internal_net
-   ```
-4. Review PostgreSQL logs: 
-   ```bash
-   docker logs db --tail 50
-   ```
+- Check status: `docker exec v2_postgres pg_isready`
+- Test connection: Use psql from admin panel container
+- Check logs: `docker logs v2_postgres --tail 50`

 #### High Memory Usage
 1. Check container stats: `docker stats`
@@ -343,50 +336,23 @@ db:

 ### Health Checks

+Quick health check script:
 ```bash
-# License server health (über Nginx)
-curl -k https://api-software-undso.z5m7q9dk3ah2v1plx6ju.com/health
+# All services
+docker ps --format "table {{.Names}}\t{{.Status}}"

-# Admin panel health (über Nginx)
-curl -k https://admin-panel-undso.z5m7q9dk3ah2v1plx6ju.com/
-
-# Database health
-docker exec db pg_isready -U adminuser -d meinedatenbank
-
-# Redis health
-docker exec redis-cache redis-cli ping
-
-# RabbitMQ health
-docker exec rabbitmq rabbitmqctl status
-
-# Monitoring stack
-curl http://localhost:9090/-/healthy  # Prometheus
-curl http://localhost:3001/api/health  # Grafana
-curl http://localhost:9093/-/healthy  # Alertmanager
-
-# Container health overview
-docker ps --format "table {{.Names}}\t{{.Status}}\t{{.Ports}}"
+# Key endpoints
+curl -s http://localhost/api/health
+curl -s http://localhost:9090/-/healthy
 ```

 ## Security Considerations
-
-### API Security
- Use strong JWT_SECRET (minimum 32 characters)
+- Strong JWT_SECRET (32+ chars)
 - Rotate API keys regularly
- Implement rate limiting
+- Rate limiting enabled
 - Use HTTPS in production
-
-### Database Security
- Use strong passwords
- Limit database access
- Enable SSL for connections
- Regular security updates
-
-### Container Security
- Use official base images
- Scan images for vulnerabilities
- Don't run containers as root
- Keep Docker updated
+- Strong database passwords
+- Keep Docker and images updated

 ## Scaling Strategies

@@ -395,7 +361,7 @@ docker ps --format "table {{.Names}}\t{{.Status}}\t{{.Ports}}"
 #### Scaling License Server
 ```bash
 # Scale license server instances
-docker-compose up -d --scale license-server=3
+docker-compose -f v2/docker-compose.yaml up -d --scale license-server=3
 ```

 #### Nginx Load Balancing Configuration
@@ -434,23 +400,11 @@ server {
 - Partitioning for large tables

 ## Disaster Recovery
-
-### Backup Strategy
- Daily automated backups
- Off-site backup storage
- Test restore procedures
- Document recovery steps
-
-### High Availability
- Database replication
- Service redundancy
- Load balancing
- Automated failover
+- Daily automated backups via Admin Panel
+- Test restore procedures regularly
+- Consider database replication for HA

 ## Monitoring Best Practices
-
-1. **Set up alerts for critical metrics**
-2. **Create runbooks for common issues**
-3. **Regular review of dashboards**
-4. **Capacity planning based on trends**
-5. **Document all custom configurations**
+- Configure alerts in Alertmanager
+- Review Grafana dashboards regularly
+- Monitor resource trends for capacity planning