Infrastructure Architecture — devp24 / Ecotrans
Living document. Update when topology changes.
Last updated: 2026-05-14
1. Top-Level Overview
graph TB CF["☁️ Cloudflare DNS\nzintegrowana.online"] subgraph IONOS["🖥️ IONOS VPS — vps-i1\n217.154.82.162 | AlmaLinux 9.7 | 6vCPU 7.4GB"] Caddy["Caddy\nTLS proxy"] Monitoring["Monitoring stack\nPrometheus + Grafana + Thanos + Loki"] Exporters["Exporters (×6)\nqueue / cost / pg / vercel / backup / blackbox"] OpenClaw["OpenClaw\nWhatsApp gateway\n:18789"] Traccar["Traccar GPS\n:8082 / :5027"] PDF["PDF service\nGotenberg + api\n:8100"] UptimeKuma["Uptime Kuma\n:3001"] end subgraph HSTGR["🖥️ Hostinger VPS — vps-h1\n72.60.32.61 | Ubuntu 24.04 | 2vCPU 7.8GB"] Traefik["Traefik\nTLS proxy"] N8N["n8n\n:5678"] WAHA["WAHA\nWhatsApp gateway DE\n:13000"] AuditEngine["audit-engine\n:8200"] end subgraph VERCEL["▲ Vercel (devp24com team)"] EtOper["et-operational-platform\nprod + staging"] EtLager["et-lager"] EcoTrans["eco-trans-eu"] P24Next["p24-nextjs-v2026"] end Supabase[("🗄️ Supabase\nmwkqmgadqnkkihjdeqsi\nPostgreSQL Pro")] Wasabi[("🪣 Wasabi S3\necotrans-monitoring\neu-central-1")] N8NCloud["☁️ n8n.io Cloud\nn8n-cloud.infra.zintegrowana.online"] CF -->|"*.vps-i1"| IONOS CF -->|"*.vps-h1"| HSTGR Monitoring -->|"2h blocks"| Wasabi Monitoring -->|"grafana_readonly"| Supabase Exporters -->|"service_role"| Supabase N8N -->|"SQL / REST"| Supabase EtOper -->|"API"| Supabase AuditEngine -->|"service_role"| Supabase WAHA -->|"webhook /wa-router"| N8N
2. IONOS VPS — vps-i1 (detail)
graph TB Internet((Internet)) -->|443/80| Caddy subgraph Docker["Docker containers"] Caddy["caddy\nTLS reverse proxy"] subgraph MonStack["Monitoring stack"] Grafana["grafana\n127.0.0.1:3000"] Renderer["renderer\n127.0.0.1:8081\nPNG screenshots"] Prometheus["prometheus\n127.0.0.1:9090\n15d retention"] ThanosS["thanos-sidecar\n2h block upload"] ThanosQ["thanos-query\n127.0.0.1:10904\nunified PromQL"] Alertmanager["alertmanager\n127.0.0.1:9093"] Loki["loki\n127.0.0.1:3100\nlog aggregation"] Promtail["promtail\nDocker log shipper"] end subgraph ExpGroup["Prometheus exporters"] QueueExp["queue-exporter\n:9200 — Supabase queues"] CostExp["cost-exporter\n:9210 — Vercel+Wasabi costs"] PGStats["pg-stats-exporter\n:9201 — Supabase slow queries"] VercelExp["vercel-exporter\n:9202 — deploy status"] BackupExp["backup-exporter\n:9220 — Wasabi backup freshness"] BlackboxExp["blackbox-exporter\n:9115 — synthetic HTTP probes"] end subgraph ServGroup["Services"] UptimeKuma["uptime-kuma\n127.0.0.1:3001"] PDFSvc["pdf-service\n127.0.0.1:8100"] Gotenberg["gotenberg\n(internal) PDF renderer"] OpenClawGW["openclaw-gateway\n:18789 / :18790"] Traccar["traccar\n:8082 web, :5027 GPS/UDP"] TraccarDB["traccar-db\nMySQL 8.0"] end NodeExp["node_exporter\n:9100 (host network)"] end subgraph Native["Native processes"] ClaudeProxy["claude-proxy.py\n:8765 OpenAI→Claude"] Cloudflared["cloudflared\nCF tunnel"] GHRunnerET["GH runner ionos\net-operational-platform"] GHRunnerKDP["GH runner kdp\namazon-kdp-tango"] ClaudeAgent["claude-runner\nnightly /process-issues\ncron 03:00 UTC"] end Caddy --> Grafana Caddy --> Prometheus Caddy --> Alertmanager Caddy --> Loki Caddy --> UptimeKuma Caddy --> PDFSvc Caddy --> Traccar Caddy --> OpenClawGW Prometheus --> ThanosS --> ThanosQ ThanosS -->|"S3 upload"| Wasabi[("Wasabi S3")] Prometheus --> NodeExp Prometheus --> QueueExp Prometheus --> CostExp Prometheus --> PGStats Prometheus --> VercelExp Prometheus --> BackupExp Prometheus --> BlackboxExp Grafana --> Renderer Grafana -->|"grafana_readonly"| SupaDB[("Supabase")] Grafana --> ThanosQ QueueExp -->|"service_role"| SupaDB PGStats -->|"grafana_readonly"| SupaDB Promtail -->|"push logs"| Loki Alertmanager -->|"SMTP"| Mailgun["Mailgun EU"] PDFSvc --> Gotenberg Traccar --- TraccarDB ClaudeProxy -->|"routes to"| ClaudeCLI["/usr/bin/claude"] Cloudflared --> ClaudeProxy
Domains (via Caddy):
| Domain | Target | Auth |
|---|---|---|
infra.zintegrowana.online | Grafana :3000 | Grafana login |
grafana.vps-i1.* | Grafana :3000 | Grafana login |
prometheus.vps-i1.* | Prometheus :9090 | basic_auth |
alertmanager.vps-i1.* | Alertmanager :9093 | basic_auth |
loki.vps-i1.* | Loki :3100 | basic_auth (push) |
status.vps-i1.* | Uptime Kuma :3001 | Kuma login |
pdf.vps-i1.* | pdf-service :8000 | API key |
traccar.vps-i1.* | Traccar :8082 | Traccar login |
openclaw.vps-i1.* | OpenClaw :18789 | none (/healthz) |
3. Hostinger VPS — vps-h1 (detail)
graph TB Internet((Internet)) -->|443/80| Traefik subgraph Docker["Docker containers (docker-compose.yml)"] Traefik["root-traefik-1\nTraefik v3 + Let's Encrypt"] N8N["root-n8n-1\n127.0.0.1:5678\nworkflow automation"] WAHA["waha\n127.0.0.1:13000\nWAHA NOWEB\nDE +49 1578 5573196"] AuditEngine["audit-engine\n127.0.0.1:8200\nFleet audit + PDF + GDrive"] NodeExp["root-node-exporter-1\nnetwork_mode:host :9100"] CAdvisor["root-cadvisor-1\n0.0.0.0:8080\nDocker metrics"] Promtail["promtail\nDocker log shipper → vps-i1 Loki"] end subgraph Native["Native processes"] ClaudeAgent["claude-runner\nnightly /process-issues\ncron 03:30 UTC"] GHRunner["GH runner hstgr\net-operational-platform"] end Traefik --> N8N Traefik --> WAHA WAHA -->|"webhook /wa-router"| N8N N8N -->|"SQL / REST"| Supabase[("Supabase")] AuditEngine -->|"service_role"| Supabase Promtail -->|"push logs"| LokiIONOS["Loki\nvps-i1 :3100"] PromIONOS["Prometheus\nvps-i1"] -->|"scrape :9100"| NodeExp PromIONOS -->|"scrape :8080"| CAdvisor
Domains (via Traefik):
| Domain | → |
|---|---|
n8n.vps-h1.infra.zintegrowana.online | n8n :5678 |
waha2.vps-h1.infra.zintegrowana.online | WAHA :3000 |
4. WhatsApp & Automation Flows
sequenceDiagram participant WA as WhatsApp participant WAHA as WAHA (vps-h1)<br/>DE +49 1578 5573196 participant N8N as n8n (vps-h1) participant SB as Supabase participant AE as audit-engine (vps-h1) participant OC as OpenClaw (vps-i1)<br/>WhatsApp groups participant Claude as Claude Code<br/>(claude-proxy :8765) Note over WAHA,N8N: Main WhatsApp automation flow WA->>WAHA: incoming message WAHA->>N8N: webhook /wa-router N8N->>SB: INSERT whatsapp_messages N8N->>N8N: wa-ai-to-inbox / watchdog Note over N8N,SB: Sentry → GitHub workflow N8N->>SB: Sentry alert → create GitHub issue Note over OC,Claude: Fleet incident flow WA->>OC: group message (fleet incident) OC->>Claude: process via claude-proxy Claude->>SB: INSERT incident Note over AE,SB: Audit engine AE->>SB: poll fleet data AE->>AE: generate PDF workbook AE->>SB: store report
5. CI/CD & Deployment
graph LR Dev["👨💻 Developer\nlocal machine"] -->|push| GH["GitHub\nradieu/*"] GH -->|"Actions\nrunner: ionos"| IONOS_Runner["IONOS VPS\n/opt/actions-runner\net-operational-platform"] GH -->|"Actions\nrunner: hstgr"| HSTGR_Runner["Hostinger VPS\n/opt/actions-runner-hstgr\net-operational-platform"] GH -->|"Actions\nrunner: kdp-ionos"| KDP_Runner["IONOS VPS\n/opt/actions-runner-kdp\namazon-kdp-tango"] GH -->|"deploy trigger"| Vercel["▲ Vercel\net-oper / et-lager / eco-trans-eu"] subgraph Nightly["Nightly autonomous agents (cron)"] IONOS_Agent["claude-runner @ vps-i1\n03:00 UTC → /process-issues rc2"] HSTGR_Agent["claude-runner @ vps-h1\n03:30 UTC → /process-issues main"] Playwright["playwright-nightly\n02:00 UTC → staging E2E"] end GH -->|"schedule"| Nightly Playwright -->|"on fail"| Discord["Discord\n#infra-alerts"] Playwright -->|"on fail"| GH_Issues["GitHub Issues\nradieu/p24-infra"]
6. Vercel Projects
graph LR subgraph Vercel["▲ Vercel — devp24com team"] EtOper["et-operational-platform\nprod → main\nstaging → staging"] EtLager["et-lager\nprod → master"] EcoTrans["eco-trans-eu\nprod → main"] P24Next["p24-nextjs-v2026\ndev"] end EtOper -->|"API calls"| SB[("Supabase\nmwkqmgadqnkkihjdeqsi")] EtLager -->|"API calls"| SB
7. DNS Map
zintegrowana.online (Cloudflare, Zone: 57cb3d8f24c7cc319fb703394edc7b87)
│
├── infra.zintegrowana.online → 217.154.82.162 (Grafana public alias)
│
├── *.vps-i1.infra.zintegrowana.online → 217.154.82.162 (IONOS, wildcard A)
│ ├── grafana.vps-i1.infra.zintegrowana.online
│ ├── prometheus.vps-i1.infra.zintegrowana.online
│ ├── alertmanager.vps-i1.infra.zintegrowana.online
│ ├── loki.vps-i1.infra.zintegrowana.online
│ ├── status.vps-i1.infra.zintegrowana.online
│ ├── pdf.vps-i1.infra.zintegrowana.online
│ ├── traccar.vps-i1.infra.zintegrowana.online
│ └── openclaw.vps-i1.infra.zintegrowana.online
│
├── *.vps-h1.infra.zintegrowana.online → 72.60.32.61 (Hostinger, wildcard A)
│ ├── n8n.vps-h1.infra.zintegrowana.online
│ └── waha2.vps-h1.infra.zintegrowana.online
│
└── n8n-cloud.infra.zintegrowana.online → CNAME p24.app.n8n.cloud
8. Status
| Item | Status | Notes |
|---|---|---|
| Prometheus + Grafana + Thanos | ✅ deployed | vps-i1, Wasabi S3 active |
| Loki + Promtail | ✅ deployed | vps-i1, logs from both VPSes |
| Exporters ×6 (queue/cost/pg/vercel/backup/bb) | ✅ deployed | all on vps-i1 |
| PDF service (Gotenberg + pdf-service) | ✅ deployed | vps-i1, pdf.vps-i1.* |
| Uptime Kuma | ✅ deployed | vps-i1, status.vps-i1.* |
| audit-engine | ✅ deployed | vps-h1, :8200 |
| Wasabi S3 (Thanos) | ✅ active | ecotrans-monitoring, eu-central-1 |
| WAHA incident router | ✅ shadow cutover | docs/waha-shadow-cutover.md |
| OVH VPS Server F | ⏳ not provisioned | prod target (6c/12GB, 7€/mo) |
| OpenClaw CLI container | ⚠️ Exited(1) | needs debug + restart |
| n8n Gmail OAuth2 | ⏳ pending | new GCP Web app OAuth client needed |
| Infra portal | 🔨 scaffolded | Next.js + Supabase Auth, not on Vercel yet |