Documentation Update

2025-06-22 12:47:59 +02:00
Commit 889a7b4ebe
--- a/SYSTEM_DOCUMENTATION.md
+++ b/SYSTEM_DOCUMENTATION.md
@@ -47,28 +47,13 @@ V2-Docker is a comprehensive system featuring a License Server, Admin Panel, Lea
   - Integrierte Backup-Funktionalität
   - Lead Management System

-#### Geplante Services (Code vorhanden, nicht aktiv)
-1. **Analytics Service** - Usage statistics and reporting
-   - Code in `/v2_lizenzserver/services/analytics/`
-   - Auskommentiert in docker-compose.yaml
-   
-2. **Admin API Service** - Dedizierte Admin API
-   - Code in `/v2_lizenzserver/services/admin/`
-   - Auskommentiert in docker-compose.yaml
-
-3. **Auth Service** - Zentralisierte Authentifizierung
-   - Code in `/lizenzserver/services/auth/`
-   - Auskommentiert in docker-compose.yaml
-
-#### Konzeptionelle Services (nur in Planung)
-1. **Notification Service** - Email/webhook notifications
-2. **Dedicated Backup Service** - Automated backups (derzeit im Admin Panel integriert)
-
-#### Infrastructure Services (aktiv)
- **PostgreSQL** - Hauptdatenbank
+#### Infrastructure Services
+- **PostgreSQL** - Main database
 - **Redis** - Caching
- **RabbitMQ** - Message Queue
- **Nginx** - Reverse Proxy
+- **RabbitMQ** - Message queue
+- **Nginx** - Reverse proxy
+
+*Note: Analytics, Admin API, and Auth services exist in code but are currently inactive.*

 #### Communication
 - REST APIs für externe Kommunikation
@@ -76,19 +61,8 @@ V2-Docker is a comprehensive system featuring a License Server, Admin Panel, Lea
 - RabbitMQ für asynchrone Verarbeitung (vorbereitet)

 ### Database Schema
-
-#### Core Tables
- `licenses` - License definitions
- `license_activations` - Active installations
- `license_heartbeats` - Usage tracking (partitioned monthly)
- `license_usage_stats` - Aggregated statistics
- `license_features` - Feature flags
- `license_limits` - Usage limits
-
-#### Partitioning Strategy
- Monthly partitions for `license_heartbeats`
- Automatic partition creation
- 90-day retention policy
+See `v2_adminpanel/init.sql` for complete schema.
+Key feature: Monthly partitioned `license_heartbeats` table.

 ### Security Concepts
 - JWT-based authentication
@@ -97,30 +71,40 @@ V2-Docker is a comprehensive system featuring a License Server, Admin Panel, Lea
 - Hardware fingerprint validation
 - Encrypted communication

-### Implementation Status (June 19, 2025)
+### Implementation Status (June 22, 2025)

 #### Completed
- ✅ License Server mit API-Endpunkten
+- ✅ License Server mit vollständigen API-Endpunkten
  - POST /api/license/activate
  - POST /api/license/verify  
  - GET /api/license/info/{license_key}
+  - POST /api/license/session/start - Session-Initialisierung
+  - POST /api/license/session/heartbeat - Keep-alive
+  - POST /api/license/session/end - Session-Beendigung
  - POST /api/version/check
  - GET /api/version/latest
 - ✅ Admin Panel mit voller Funktionalität
-  - Customer Management
-  - License Management
-  - Resource Management
-  - Session Management
-  - Lead Management
-  - Batch Operations
-  - Export/Import
+  - Customer Management mit erweiterten Features
+  - License Management mit Resource Allocation
+  - Resource Pool Management (Domains, IPs, Telefonnummern)
+  - Session Management mit Live-Monitor
+  - Lead Management System (vollständiges CRM)
+  - Batch Operations für Bulk-Aktionen
+  - Export/Import Funktionalität
+  - Device Registration und Management
+  - API Key Management (System-wide)
 - ✅ Monitoring Stack (Prometheus, Grafana, Alertmanager)
+  - Integriertes Monitoring Dashboard
+  - Vorkonfigurierte Dashboards
+  - Alert Rules für kritische Metriken
 - ✅ Docker Services Konfiguration
 - ✅ JWT/API Key Management
 - ✅ Backup-System (integriert im Admin Panel)
 - ✅ 2FA-Authentifizierung
- ✅ Audit Logging
- ✅ Rate Limiting
+- ✅ Audit Logging mit Request IDs
+- ✅ Rate Limiting (konfigurierbar)
+- ✅ Single-Session Enforcement (Account Forger)
+- ✅ Partitionierte Datenbank für Heartbeats

 #### Code vorhanden aber nicht aktiviert
 - ⏸️ Analytics Service (auskommentiert)
@@ -146,54 +130,41 @@ V2-Docker is a comprehensive system featuring a License Server, Admin Panel, Lea
 ### Data Model (implementiert)
 ```
 lead_institutions
-├── lead_contact_persons (1:n)
-├── lead_notes (1:n)
-├── lead_tags (n:m)
-└── lead_activities (1:n)
+├── lead_contacts (1:n)
+│   └── lead_contact_details (1:n) - Telefon/E-Mail
+└── lead_notes (1:n) - Versionierte Notizen
 ```

 ### Implementierte Features
 1. ✅ Institution Management (CRUD)
-2. ✅ Contact Person Management
-3. ✅ Notes mit Versionierung
-4. ✅ Tag-System
-5. ✅ Activity Tracking
-6. ✅ Export/Import Funktionalität
-7. ✅ Erweiterte Suche und Filter
-8. ✅ Statistik-Dashboard
+2. ✅ Contact Person Management mit mehreren Telefon/E-Mail
+3. ✅ Notes mit vollständiger Versionierung
+4. ✅ Flexible Kontaktdetails (beliebig viele pro Person)
+5. ✅ Audit Trail Integration
+6. ✅ Service/Repository Pattern für Clean Code
+7. ✅ JSONB Felder für zukünftige Erweiterungen

 ### API Endpoints
- GET /leads/ - Übersicht
- GET/POST /leads/create - Neue Institution
- GET/POST /leads/edit/{id} - Bearbeiten
- POST /leads/delete/{id} - Löschen
- GET /leads/export - Export
- POST /leads/import - Import
- GET /leads/api/stats - Statistiken
+- GET /leads/ - Institutionen-Übersicht
+- GET /leads/institutions - Institutionen-Liste
+- POST /leads/institutions - Neue Institution
+- GET /leads/institutions/{id} - Institution Details
+- PUT /leads/institutions/{id} - Institution bearbeiten
+- DELETE /leads/institutions/{id} - Institution löschen
+- GET /leads/contacts/{id} - Kontakt Details
+- POST /leads/contacts/{id}/details - Kontaktdetail hinzufügen
+- PUT /leads/contacts/{id}/details/{detail_id} - Detail bearbeiten
+- POST /leads/contacts/{id}/notes - Notiz hinzufügen

 ## Monitoring Stack

-### Components
- **Prometheus**: Metrics collection
- **Grafana**: Visualization (port 3001)
- **Alertmanager**: Alert management (port 9093)
- **Node Exporter**: System metrics
- **Postgres Exporter**: Database metrics
- **cAdvisor**: Container metrics
+### Monitoring Stack
+- **Prometheus**: Metrics collection (port 9090)
+- **Grafana**: Dashboards (port 3000)
+- **Alertmanager**: Alerts (port 9093)
+- Exporters for PostgreSQL, Redis, Node, and containers

-### Dashboards
-1. System Overview
-2. License Server Metrics
-3. Database Performance
-4. Container Resources
-5. Admin Panel Usage
-
-### Alert Rules
- High CPU usage (>80%)
- High memory usage (>90%)
- Database connection issues
- License server downtime
- Disk space warnings
+Pre-configured dashboards and alerts for system health.

 ## Admin Panel

@@ -215,112 +186,59 @@ lead_institutions
   - ✅ Lizenzerstellung (Einzel und Batch)
   - ✅ Lizenzbearbeitung und -löschung
   - ✅ Bulk-Operationen (Aktivieren/Deaktivieren)
-   - ✅ Device Management pro Lizenz
-   - ✅ Resource Allocation
+   - ✅ Device Management mit Hardware IDs
+   - ✅ Resource Allocation (Domains, IPs, Telefonnummern)
   - ✅ Quick Edit Funktionalität
+   - ✅ Session Management und Monitoring
+   - ✅ Lizenz-Konfiguration für Account Forger

 4. **Monitoring & Analytics**
   - ✅ Dashboard mit Live-Statistiken
   - ✅ Lizenzserver-Monitoring
-   - ✅ Anomalie-Erkennung
-   - ✅ Session-Überwachung
-   - ✅ Resource-Auslastung
+   - ✅ Session-Überwachung mit Live-Updates
+   - ✅ Resource Pool Monitoring
+   - ✅ Integriertes Monitoring Dashboard (/monitoring)
+   - ✅ Prometheus/Grafana Integration
+   - ✅ Alert Management

 5. **System Administration**
-   - ✅ Backup & Restore
-   - ✅ Export-Funktionen (CSV)
-   - ✅ Audit Log Viewer
+   - ✅ Backup & Restore (manuell und geplant)
+   - ✅ Export-Funktionen (CSV, JSON)
+   - ✅ Audit Log Viewer mit Filterung
   - ✅ Blocked IPs Management
   - ✅ Feature Flags Konfiguration
+   - ✅ API Key Generation und Management
+   - ✅ Lizenzserver Administration
+   - ✅ Session-Terminierung durch Admins

 ### Technical Stack
- **Backend**: Flask 3.0.3 mit Blueprints
- **Database**: PostgreSQL mit Partitionierung
- **Frontend**: Bootstrap 5.3, jQuery, Select2
- **Real-time**: AJAX, Server-Sent Events
- **Security**: bcrypt, pyotp (2FA), JWT
+- Backend: Flask 3.0.3, PostgreSQL
+- Frontend: Bootstrap 5.3, jQuery
+- Security: bcrypt, pyotp (2FA), JWT

 ## Deployment Configuration

 ### Docker Services

 #### Aktive Services
- `v2_db`: PostgreSQL database (Port 5432)
- `v2_adminpanel`: Admin interface (Port 80)
- `v2_nginx`: Reverse proxy (Ports 80, 443)
- `v2_lizenzserver`: License server (interner Port)
- `redis`: Redis cache (Port 6379)
- `rabbitmq`: Message queue (Ports 5672, 15672)
+- `v2_postgres`: PostgreSQL database (Port 5432)
+- `v2_admin_panel`: Admin interface (interner Port 5000)
+- `v2_nginx`: Reverse proxy (Port 80)
+- `v2_license_server`: License server (interner Port 8000)
+- `v2_redis`: Redis cache (Port 6379)
+- `v2_rabbitmq`: Message queue (Ports 5672, 15672)

-#### Monitoring Stack (aktiv)
- `prometheus`: Metrics collection (Port 9090)
- `grafana`: Monitoring dashboards (Port 3001)
- `alertmanager`: Alert management (Port 9093)
- `postgres-exporter`: PostgreSQL metrics
- `redis-exporter`: Redis metrics  
- `node-exporter`: System metrics
- `nginx-exporter`: Nginx metrics
- `cadvisor`: Container metrics (Port 8081)
+See monitoring configuration in `monitoring/docker-compose.monitoring.yml`.

-#### Auskommentierte Services
- `auth-service`: Authentication service (würde auf Port 5001 laufen)
- `analytics-service`: Analytics service (würde auf Port 5003 laufen)
- `admin-api-service`: Admin API service (würde auf Port 5004 laufen)
+### Environment Configuration
+Required: DATABASE_URL, SECRET_KEY, JWT_SECRET
+See docker-compose.yaml for all environment variables.

-### Environment Variables

-#### Erforderlich
- `DATABASE_URL`: PostgreSQL Verbindung
- `SECRET_KEY`: Flask Session Secret
- `JWT_SECRET`: JWT Token Signierung
-
-#### Optional mit Defaults
- `MONITORING_ENABLED`: "true" (Feature Flag)
- `SESSION_LIFETIME_MINUTES`: 30
- `PERMANENT_SESSION_LIFETIME_DAYS`: 7  
- `LOGIN_RATE_LIMIT`: "5 per minute"
- `API_RATE_LIMIT`: "100 per minute"
- `MAX_LOGIN_ATTEMPTS`: 5
- `LOGIN_LOCKOUT_DURATION`: 900 (Sekunden)
- `LIZENZSERVER_BASE_URL`: "http://v2_lizenzserver:8000"
- `REDIS_HOST`: "redis"
- `REDIS_PORT`: 6379
-
-### Network Configuration
- Internal network for service communication
- External access through Nginx
- SSL/TLS termination at proxy level
-
-## Testing Strategy
-
-### Unit Tests
- Service layer logic
- API endpoint validation
- Database operations
-
-### Integration Tests
- Service communication
- Database transactions
- API workflows
-
-### Performance Tests
- Load testing
- Stress testing
- Scalability verification
-
-## Future Roadmap
-
-### Phase 1: Core Completion
- Finish analytics service
- Complete backup automation
- Implement all monitoring dashboards
-
-### Phase 2: Advanced Features
- Machine learning for usage prediction
- Advanced reporting
- Multi-tenant support
-
-### Phase 3: Enterprise Features
- High availability setup
- Disaster recovery
- Advanced security features
+## Current Status
+System is production-ready with all core features implemented:
+- ✅ License management with session enforcement
+- ✅ Lead management CRM
+- ✅ Resource pool management
+- ✅ Complete monitoring stack
+- ✅ Backup and audit systems