5eff8861e1
All checks were successful
Build and Deploy / deploy (push) Successful in 1m0s
- Append live QNAP configs to 04-01-docker-compose.md (Appendix A) - MariaDB+PMA, Redis+Elasticsearch, NPM, Gitea, n8n, App stack - Append SSH setup + Secrets management to 04-06-security-operations.md - Appendix A: SSH key setup, config, hardening, port forwarding - Appendix B: .env structure, secret generation, rotation, GPG backup - Append QNAP/Gitea CI/CD docs to 04-04-deployment-guide.md - Appendix A: Container Station deployment steps - Appendix B: Gitea Actions CI/CD pipeline setup - Appendix C: act_runner (ASUSTOR) installation - Move Git_command.md -> 05-Engineering-Guidelines/05-05-git-cheatsheet.md - Move docker-compose-app.yml, lcbp3-monitoring.yml, lcbp3-registry.yml, grafana/ -> 04-Infrastructure-OPS/ - Archive lcbp3-db.md -> 99-archives/ - Remove all legacy 08-infrastructure/* files from git - Remove Google OAuth client_secret JSON from git index (security) - Add .gitignore rules: *client_secret*.json, *service_account*.json, specs/08-infrastructure/ - Update 04-Infrastructure-OPS/README.md with new file index
Infrastructure & Operations (OPS) Guide
Project: LCBP3-DMS Version: 1.8.0 Last Updated: 2026-02-23
📋 Overview
This directory (04-Infrastructure-OPS/) serves as the single source of truth for all infrastructure setups, networking rules, Docker Compose configurations, backups, and site reliability operations for the LCBP3-DMS project.
It consolidates what was previously split across multiple operations and specification folders into a cohesive set of manuals for DevOps, System Administrators, and On-Call Engineers.
📂 Document Index
| File | Purpose | Key Contents |
|---|---|---|
| 04-01-docker-compose.md | Core Environment Setup | .env configs, Blue/Green Docker Compose, MariaDB & Redis optimization, Appendix A: Live QNAP configs (MariaDB, Redis/ES, NPM, Gitea, n8n) |
| 04-02-backup-recovery.md | Disaster Recovery | RTO/RPO strategies, QNAP to ASUSTOR backup scripts, Restic/Mysqldump config |
| 04-03-monitoring.md | Observability | Prometheus metrics, AlertManager rules, Grafana alerts |
| 04-04-deployment-guide.md | Production Rollout | Blue-Green deployment scripts, Appendix A: QNAP Container Station, Appendix B: Gitea Actions CI/CD, Appendix C: act_runner setup |
| 04-05-maintenance-procedures.md | Routine Care | Log rotation, dependency updates, scheduled DB optimizations |
| 04-06-security-operations.md | Hardening & Audit | User access review, SSL renewals, vulnerability scanning, Appendix A: SSH Setup, Appendix B: Secrets Management |
| 04-07-incident-response.md | Escalation | P0-P3 classifications, incident commander roles, Post-Incident Review |
🐳 Live Docker Compose Files (QNAP)
| File | Application | Path on QNAP |
|---|---|---|
| docker-compose-app.yml | lcbp3-app (backend + frontend) |
/share/np-dms/app/ |
| lcbp3-monitoring.yml | lcbp3-monitoring (Prometheus, Grafana, etc.) |
/volume1/np-dms/monitoring/ |
| lcbp3-registry.yml | lcbp3-registry (Docker Registry) |
/volume1/np-dms/registry/ |
| grafana/ | Grafana dashboard JSON configs | Imported via Grafana UI |
🎯 Guiding Principles
- Zero Downtime Deployments: Utilize the Blue/Green architecture outlined in
04-04wherever possible. - Infrastructure as Code: No manual unscripted changes. Modify the
docker-compose.ymlspecs and.env.productiontemplates directly. - Automated Backups: Backups must be validated automatically using the ASUSTOR pulling mechanism in
04-02. - Actionable Alerts: No noisy monitoring. Prometheus alerts in
04-03should route to Slack/PagerDuty only when action is required.