# V2-Docker Operations Guide

## WICHTIGER HINWEIS

**NICHT VERWENDEN (für <100 Kunden nicht benötigt):**
- ❌ Redis - System verwendet direkte DB-Verbindungen
- ❌ RabbitMQ - System verwendet synchrone Verarbeitung
- ❌ Prometheus/Grafana/Alertmanager - Integrierte Überwachung ist ausreichend
- ❌ Externe Monitoring-Tools - Admin Panel hat alle benötigten Metriken

**NUR DIESE SERVICES VERWENDEN:**
- ✅ PostgreSQL (db)
- ✅ License Server (license-server)
- ✅ Admin Panel (admin-panel)
- ✅ Nginx Proxy (nginx-proxy)

## Deployment

### Prerequisites
- Docker and Docker Compose
- 4GB RAM, 20GB disk

### Initial Setup
```bash
cd v2-Docker
docker-compose up -d
```
Database initializes automatically via init.sql.

### Standard-Zugangsdaten

#### Admin Panel
- URL: https://admin-panel-undso.z5m7q9dk3ah2v1plx6ju.com/
- User 1: `rac00n` / `1248163264`
- User 2: `w@rh@mm3r` / `Warhammer123!`

#### License Server API
- URL: https://api-software-undso.z5m7q9dk3ah2v1plx6ju.com/
- API Key: Wird im Admin Panel unter "Lizenzserver Administration" verwaltet
- Header: `X-API-Key: <api-key>`

### Service Configuration

#### License Server
```yaml
license-server:
  build: ./v2_lizenzserver
  container_name: license-server
  environment:
    - DATABASE_URL=postgresql://adminuser:supergeheimespasswort@db:5432/meinedatenbank
    - JWT_SECRET=your-secret-jwt-key-here-minimum-32-chars
    # NICHT VERWENDEN:
    # - REDIS_HOST=redis  # NICHT BENÖTIGT
    # - RABBITMQ_HOST=rabbitmq  # NICHT BENÖTIGT
  expose:
    - "8443"
  networks:
    - backend
  depends_on:
    - db  # Nur PostgreSQL wird benötigt
```

#### Admin Panel  
```yaml
admin-panel:
  build: ./v2_adminpanel
  container_name: admin-panel
  environment:
    - DATABASE_URL=postgresql://adminuser:supergeheimespasswort@db:5432/meinedatenbank
    - SECRET_KEY=supersecretkey
    - JWT_SECRET=your-secret-jwt-key-here-minimum-32-chars
    # NICHT VERWENDEN:
    # - REDIS_HOST=redis  # NICHT BENÖTIGT
  expose:
    - "5000"
  networks:
    - backend
  depends_on:
    - db  # Nur PostgreSQL wird benötigt
  volumes:
    - ./backups:/app/backups
```

#### Nginx Reverse Proxy
```yaml
nginx:
  build: ./v2_nginx
  container_name: nginx-proxy
  ports:
    - "80:80"
  networks:
    - backend
  depends_on:
    - admin-panel
    - license-server
  volumes:
    - ./v2_nginx/nginx.conf:/etc/nginx/nginx.conf:ro
  # Routing:
  # / → admin-panel:5000 (Admin Panel)
  # /api → license-server:8000 (API Endpoints)
```

## Monitoring

**WICHTIG**: Externe Monitoring-Tools werden NICHT verwendet! Die folgenden Konfigurationen sind VERALTET und sollten IGNORIERT werden.

### Integrierte Überwachung (Admin Panel)

**HINWEIS**: Externe Monitoring-Tools (Grafana, Prometheus, etc.) werden NICHT verwendet!

Das Admin Panel bietet alle benötigten Überwachungsfunktionen:

1. **Dashboard** (Startseite)
   - Aktive Lizenzen
   - Aktive Sessions
   - Heartbeat-Statistiken
   - System-Metriken

2. **Log-Seite**
   - Vollständiges Audit-Log aller Aktionen
   - Filterbar nach Benutzer, Aktion, Entität
   - Export in Excel/CSV

3. **Lizenz-Übersicht**
   - Aktive/Inaktive Lizenzen
   - Session-Status in Echtzeit
   - Letzte Heartbeats

4. **Metriken-Endpoint**
   - `/metrics` im License Server für basic monitoring
   - Zeigt aktuelle Anfragen, Fehler, etc.

## Features Overview

### Lead Management System
- **UPDATE 22.06.2025**: Jetzt direkt über Navbar "Lead Management" erreichbar
- Lead Management Dashboard unter `/leads/management`
- Gemeinsame Kontaktdatenbank zwischen rac00n und w@rh@mm3r
- Features:
  - Dashboard mit Statistiken und Aktivitätsfeed
  - Institution management
  - Contact persons with multiple phones/emails
  - Versioned notes system
  - Full audit trail
  - Benutzer-Attribution (wer hat was hinzugefügt)

### Resource Pool Management
- Domain allocation system
- IPv4 address management
- Phone number allocation
- Features:
  - Resource assignment to licenses
  - Quarantine management
  - Resource history tracking
  - Availability monitoring

### Batch Operations
- Bulk license creation
- Mass updates
- Accessible from Customers & Licenses page

### Monitoring Integration
- Unified monitoring dashboard at `/monitoring`
- Live analytics and metrics
- Alert management interface
- Integrated with Prometheus/Grafana stack

### API Key Management
- Single system-wide API key
- Managed in "Lizenzserver Administration"
- Used for all API authentication

### Session Management
- Single-session enforcement per license
- 30-second heartbeat system
- Automatic session cleanup after 60 seconds
- Session history tracking

## Maintenance

### Database Maintenance

#### Partition Management
```sql
-- Check existing partitions
SELECT tablename FROM pg_tables 
WHERE tablename LIKE 'license_heartbeats_%' 
ORDER BY tablename;

-- Create future partitions manually
CALL create_monthly_partitions('license_heartbeats', 3);

-- Drop old partitions
DROP TABLE IF EXISTS license_heartbeats_2024_01;
```

#### Backup Procedures
```bash
# Backup
docker exec db pg_dump -U adminuser meinedatenbank | gzip > backup_$(date +%Y%m%d).sql.gz

# Restore
gunzip -c backup_20250619.sql.gz | docker exec -i db psql -U adminuser meinedatenbank
```

##### Integriertes Backup-System
Das Admin Panel bietet ein eingebautes Backup-System:
1. Login ins Admin Panel
2. Navigiere zu "Backups"
3. Klicke "Create Backup"
4. Backups werden verschlüsselt im Verzeichnis `/backups` gespeichert
5. Download oder Restore direkt über die UI

### Log Management

#### Log Locations

##### Logs
- Container logs: `docker logs <container_name>`
- Nginx logs: `./v2_nginx/logs/`
- Audit logs: Database table `audit_log`

#### Log Rotation
```bash
# Configure logrotate
/var/log/license-server/*.log {
    daily
    rotate 7
    compress
    delaycompress
    notifempty
    create 0640 www-data www-data
}
```

### Performance Optimization

#### Database Tuning
- Run `ANALYZE` periodically
- `VACUUM ANALYZE` on large tables
- Maintain partitions: `CALL create_monthly_partitions('license_heartbeats', 3)`

#### Resource Limits

Alle Services haben konfigurierte Resource Limits:

```yaml
# License Server
license-server:
  deploy:
    resources:
      limits:
        cpus: '1.0'
        memory: 1G
      reservations:
        cpus: '0.5'
        memory: 512M

# Admin Panel
admin-panel:
  deploy:
    resources:
      limits:
        cpus: '1.0'
        memory: 1G
      reservations:
        cpus: '0.5'
        memory: 512M

# PostgreSQL
db:
  deploy:
    resources:
      limits:
        cpus: '2.0'
        memory: 2G
      reservations:
        cpus: '1.0'
        memory: 1G
```

## Troubleshooting

### Common Issues

#### License Server Not Responding
- Check status: `docker ps | grep license`
- View logs: `docker logs license-server --tail 100`
- Test health: `docker exec nginx-proxy curl http://license-server:8443/health`

#### Database Connection Issues
- Check status: `docker exec db pg_isready`
- Test connection: Use psql from admin panel container
- Check logs: `docker logs db --tail 50`

#### High Memory Usage
1. Check container stats: `docker stats`
2. Review memory limits in docker-compose.yml
3. Analyze database queries for optimization
4. Consider scaling horizontally

### Health Checks

Quick health check script:
```bash
# All services
docker ps --format "table {{.Names}}\t{{.Status}}"

# Key endpoints
curl -s https://api-software-undso.z5m7q9dk3ah2v1plx6ju.com/health
curl -s http://localhost:9090/-/healthy
```

## Security Considerations
- Strong JWT_SECRET (32+ chars)
- Rotate API keys regularly
- Rate limiting enabled
- Use HTTPS in production
- Strong database passwords
- Keep Docker and images updated

## Scaling Strategies

### Horizontal Scaling

#### Scaling License Server
```bash
# Scale license server instances
docker-compose -f v2/docker-compose.yaml up -d --scale license-server=3
```

#### Nginx Load Balancing Configuration
```nginx
# In nginx.conf
upstream license_servers {
    least_conn;
    server license-server_1:8443 max_fails=3 fail_timeout=30s;
    server license-server_2:8443 max_fails=3 fail_timeout=30s;
    server license-server_3:8443 max_fails=3 fail_timeout=30s;
    
    # Health checks
    keepalive 32;
}

server {
    server_name api-software-undso.z5m7q9dk3ah2v1plx6ju.com;
    
    location / {
        proxy_pass http://license_servers;
        proxy_http_version 1.1;
        proxy_set_header Connection "";
    }
}
```

#### Scaling Considerations (für >100 Kunden)
**HINWEIS**: Für <100 Kunden ist keine Skalierung notwendig!
- Direkter DB-Zugriff ist ausreichend (kein Redis benötigt)
- Synchrone Verarbeitung ist schnell genug (kein RabbitMQ benötigt)
- Single Instance ist völlig ausreichend

### Database Scaling
- Read replicas for reporting
- Connection pooling
- Query optimization
- Partitioning for large tables

## Disaster Recovery
- Daily automated backups via Admin Panel
- Test restore procedures regularly
- Consider database replication for HA

## Monitoring Best Practices
- Configure alerts in Alertmanager
- Review Grafana dashboards regularly
- Monitor resource trends for capacity planning