Хөгжүүлэлтийн орчин

GSign платформын development болон production орчны мэдээлэл.

Architecture

                    Internet
                        │
                        ▼
             ┌─────────────────────┐
             │      HAProxy        │
             │  (SSL Passthrough)  │
             └──────────┬──────────┘
                        │
      ┌─────────────────┴─────────────────┐
      ▼                                   ▼
┌───────────────┐                 ┌───────────────┐
│  Dev Server   │                 │  Prod Server  │
│    (K3s)      │                 │    (K3s)      │
│               │                 │               │
│ dev.*         │                 │ gesign.mn     │
│ api.dev.*     │                 │ api.gesign.mn │
│ admin.dev.*   │                 │ admin.*       │
└───────────────┘                 └───────────────┘

URLs

Production

Subdomain	Service
gesign.mn	Frontend (Next.js)
api.gesign.mn	Backend (Go/Fiber)
admin.gesign.mn	Admin Panel

Development

Subdomain	Service
dev.gesign.mn	Frontend (Next.js)
api.dev.gesign.mn	Backend (Go/Fiber)
admin.dev.gesign.mn	Admin Panel
doc.dev.gesign.mn	Documentation
pgadmin.dev.gesign.mn	PgAdmin

Admin Tools

Service	URL
Grafana	https://grafana.gesign.mn
Prometheus	https://prometheus.gesign.mn
MinIO	https://minio.gesign.mn
Mongo Express	https://mongo.gesign.mn
Redis Commander	https://redis.gesign.mn
GitLab	https://gitlab.gerege.mn

SSL Certificate: Let's Encrypt (cert-manager)

Platform

Component	Technology
Orchestration	Kubernetes (K3s)
Ingress	Traefik
SSL	cert-manager + Let's Encrypt
Load Balancer	HAProxy
Registry	localhost:5000

Runtime Versions

Runtime	Version
Docker	27.x
K3s	v1.31+
Go	1.23+
Node.js	20.x
npm	10.x

Namespace Structure

gsign/
├── backend           # Go/Fiber API
├── frontend          # Next.js App
├── admin             # Admin Panel
├── docs              # Documentation (VitePress)
├── hsm-backend       # HSM Service
├── mongodb           # MongoDB
└── redis             # Redis

shared-services/
├── postgres          # PostgreSQL (shared)
├── minio             # MinIO Object Storage
├── pgadmin           # PgAdmin
└── registry          # Docker Registry

Useful Commands

bash

# Pod status
sudo k3s kubectl get pods -n gsign

# View logs
sudo k3s kubectl logs -n gsign deployment/backend --tail=100

# Restart deployment
sudo k3s kubectl rollout restart deployment/backend -n gsign

# Check certificates
sudo k3s kubectl get certificates -n gsign

# Check IngressRoutes
sudo k3s kubectl get ingressroute -n gsign

CI/CD

Branch	Environment	Deploy
`dev`	Development	Auto
`main`	Production	Manual

yaml

# GitLab CI/CD Structure
deploy-dev:
  tags: [docker]
  rules:
    - if: '$CI_COMMIT_BRANCH == "dev"'

deploy-prod:
  tags: [prod]
  rules:
    - if: '$CI_COMMIT_BRANCH == "main"'
      when: manual

Database Access

Credentials are stored in Kubernetes secrets (gsign-secrets).

bash

# View secrets
sudo k3s kubectl get secret gsign-secrets -n gsign -o yaml

# Connect to PostgreSQL
sudo k3s kubectl exec -it deployment/postgres -n shared-services -- psql -U postgres -d gsign

Хөгжүүлэлтийн орчин ​

Architecture ​

URLs ​

Production ​

Development ​

Admin Tools ​

Platform ​

Runtime Versions ​

Namespace Structure ​

Useful Commands ​

CI/CD ​

Database Access ​

Хөгжүүлэлтийн орчин

Architecture

URLs

Production

Development

Admin Tools

Platform

Runtime Versions

Namespace Structure

Useful Commands

CI/CD

Database Access