08-Infrastructure
คู่มือการตั้งค่า Infrastructure สำหรับ NAP-DMS LCBP3 (Laem Chabang Port Phase 3 - Document Management System)
📍 Platform: QNAP (Container Station) + ASUSTOR (Portainer) 🌐 Domain:
*.np-dms.work(IP: 159.192.126.103) 🔒 Network:lcbp3(Docker External Network) 📄 Version: v2.0.0 (Refactored for Stability)
🏢 Hardware Infrastructure
Server Role Separation
QNAP TS-473A
| (Application & Database Server) | ||
|---|---|---|
| ✔ Application Runtime | ✔ API / Web | ✔ Database (Primary) |
| ✔ High CPU / RAM usage | ✔ Worker / Queue | ✖ No long-term backup |
| Container Station (UI) | 32GB RAM (Capped) | AMD Ryzen V1500B |
ASUSTOR AS5403T
| (Infrastructure & Backup Server) | ||
|---|---|---|
| ✔ File Storage | ✔ Backup Target | ✔ Docker Infra |
| ✔ Monitoring / Registry | ✔ Log Aggregation | ✖ No heavy App logic |
| Portainer (Manage All) | 16GB RAM | Intel Celeron @2GHz |
Servers Specification & Resource Allocation
| Device | Model | CPU | RAM | Resource Policy | Role |
|---|---|---|---|---|---|
| QNAP | TS-473A | AMD Ryzen V1500B | 32GB | Strict Limits | Application, DB, Cache |
| ASUSTOR | AS5403T | Intel Celeron @ 2.00GHz | 16GB | Moderate Limits | Infra, Backup, Monitor |
Service Distribution by Server
QNAP TS-473A (Application Stack)
| Category | Service | Strategy | Resource Limit (Est.) |
|---|---|---|---|
| Web App | Next.js (Frontend) | Single Instance | 2.0 CPU / 2GB RAM |
| Backend API | NestJS | 2 Replicas (Load Balanced) | 2.0 CPU / 1.5GB RAM |
| Database | MariaDB (Primary) | Performance Tuned (Buffer Pool) | 4.0 CPU / 5GB RAM |
| Worker | Redis + BullMQ Worker | Standalone + AOF | 2.0 CPU / 1.5GB RAM |
| Search | Elasticsearch | Heap Locked (2GB) | 2.0 CPU / 4GB RAM |
| API Gateway | NPM (Nginx Proxy Manager) | SSL Termination | 1.0 CPU / 512MB RAM |
| Workflow | n8n | Automation | 1.0 CPU / 1GB RAM |
| Code | Gitea | Git Repository | 1.0 CPU / 1GB RAM |
ASUSTOR AS5403T (Infrastructure Stack)
| Category | Service | Notes |
|---|---|---|
| File Storage | NFS / SMB | Shared volumes for backup |
| Backup | Restic / Borg | Pull-based Backup (More Safe) |
| Docker Infra | Registry, Portainer | Container image registry, mgmt |
| Monitoring | Uptime Kuma | Service availability monitoring |
| Metrics | Prometheus, Grafana | Cross-Server Scraping |
| Log | Loki / Syslog | Centralized logging |
🔄 Data Flow Architecture
┌──────────────┐ │ User │ └──────┬───────┘ │ HTTPS (443) ▼ ┌─────────────────────────────────────────────────────────────┐ │ QNAP TS-473A │ │ ┌─────────────────────────────────────────────────────────┐ │ │ │ Nginx Proxy Manager (NPM) │ │ │ │ SSL Termination + Round Robin LB │ │ │ └───────────────────────┬─────────────────────────────────┘ │ │ │ │ │ ┌───────────────────────▼─────────────────────────────────┐ │ │ │ ┌──────────────┐ ┌──────────────┐ ┌──────────────┐ | │ │ │ │ Next.js │─▶│ NestJS │ │ NestJS │ | │ │ │ │ (Frontend) │ │ (Replica 1) │ │ (Replica 2) │ │ │ │ │ └──────────────┘ └──────┬───────┘ └──────┬───────┘ │ │ │ │ │ │ │ │ │ │ ┌─────────────────────────┼────────────────┼────┐ │ │ │ │ ▼ ▼ ▼ ▼ │ │ │ │ ┌──────────┐ ┌──────────┐ ┌─────────────┐ │ │ │ │ │ MariaDB │ │ Redis │ │Elasticsearch│ │ │ │ │ │ (Primary)│ │(Persist.)│ │ (Search) │ │ │ │ │ └────┬─────┘ └──────────┘ └─────────────┘ │ │ │ └──────┼──────────────────────────────────────────────────┘ │ │ └──────┼────────────────────────────────────────────────────┘ | Local Dump -> Restic Pull (Cross-Server) ▼ ┌──────────────────────────────────────────────────────────────┐ │ ASUSTOR AS5403T │ │ ┌──────────────────────────────────────────────────────────┐ │ │ │ ┌──────────┐ ┌──────────┐ ┌──────────┐ │ │ │ │ │ Backup │ │ Registry │ │ Uptime │ │ │ │ │ │ (Restic) │ │ (Docker) │ │ Kuma │ │ │ │ │ └──────────┘ └──────────┘ └──────────┘ │ │ │ │ │ │ │ │ ┌──────────┐ ┌──────────┐ ┌──────────┐ │ │ │ │ │Prometheus│───▶│ Grafana │ │ Loki │ │ │ │ │ │(Scraper) │ │(Dashboard)│ │ (Logs) │ │ │ │ │ └──────────┘ └──────────┘ └──────────┘ ││ │ └──────────────────────────────────────────────────────────┘│ └──────────────────────────────────────────────────────────────┘