Infrastructure Status
Infrastructure Status
Cập nhật: 2026-04-03. MySQL retired. PG 16 sole DB. GCP = Secret Manager only. Backup nightly → Google Drive.
VPS
| Thuộc tính | Giá trị |
|---|---|
| Provider | Contabo (EU) |
| IP | 38.242.240.89 |
| Specs | 6 vCPU, 12GB RAM, 96GB NVMe |
| Cost | ~$8/month |
| OS | Ubuntu 24.04.4 LTS + Docker |
| SSH | ssh contabo |
Docker Services
| Service | Container | Port | Host Mapped | Health |
|---|---|---|---|---|
| Directus | incomex-directus | 8055 | Yes | ✅ |
| Nuxt | incomex-nuxt | 3000 | Yes | ✅ |
| Agent Data | incomex-agent-data | 8000 | Yes | ✅ |
| PostgreSQL 16 | postgres | 5432 | Yes | ✅ |
| Qdrant | incomex-qdrant | 6333 | No (Docker internal only) | ✅ |
| Nginx | incomex-nginx | 80/443 | Yes | ✅ |
⚠️ PG container =
postgres. KHÔNG PHẢIworkflow-postgres(tên cũ). ⚠️ MySQL = RETIRED hoàn toàn (S104-S110). Không còn trong Docker. ⚠️ Uptime Kuma = đã gỡ. ⚠️ Qdrant port 6333 KHÔNG map ra host — truy cập qua Docker network IP + API key (QDRANT__SERVICE__API_KEYtrong .env). Cấu hình bảo mật đúng.
Database
PostgreSQL 16 = SOLE DATABASE.
- PG access:
docker exec -i postgres psql -U directus -d directus - 26 triggers (realtime counting, guards)
verify_counts()function cho integrity check- Views:
v_registry_counts(⚠️ hiện là TABLE writable — TD-375 đang fix) - PG dump size: ~34MB compressed (2026-04-03)
Qdrant = Vector DB.
- 1 collection:
production_documents - Snapshot size: ~66MB (2026-04-03)
- RAM usage: ~104MB / 1GB limit
- Access: Docker internal IP + API key header
Public URLs
| URL | Service |
|---|---|
| vps.incomexsaigoncorp.vn | Nuxt frontend + API |
| vps.incomexsaigoncorp.vn/api/ | Agent Data API |
| directus.incomexsaigoncorp.vn | Directus Admin |
| ops.incomexsaigoncorp.vn | OPS Proxy → Directus |
⚠️ Domain
ai.incomexsaigoncorp.vn= REMOVED (PR #452, S107). ⚠️ Firebase Hosting = RETIRED.
GCP Services (Minimal)
| Service | Dùng cho | Cost |
|---|---|---|
| Secret Manager (8 secrets) | Credentials SSOT | ~$2/month |
TẤT CẢ đã retired: Cloud SQL, Cloud Run, Cloud Function, Cloud Scheduler, App Engine, Firestore, GCS buckets, Artifact Registry, Firebase Hosting. GCP cost: ~$2/month total.
CI/CD Pipeline
GitHub push → GitHub Actions (4 required checks) → rsync → VPS auto-deploy
4 required checks: Pass Gate, Quality Gate, check-critical-files, Contract Schema. Non-blocking (KHÔNG đợi): build, E2E Tests, Terraform, docs-guard.
Backup → Google Drive (2026-04-03)
| Thuộc tính | Giá trị |
|---|---|
| Script | /opt/incomex/scripts/backup-to-gdrive.sh |
| Schedule | Hàng đêm 3:00 AM Hanoi (20:00 UTC) |
| Cron | 0 20 * * * |
| Phương thức | rclone v1.73.0 → Google Drive (OAuth token) |
| Drive folder | VPS — ID 1JWbDOPc16EHwDxo9t9zueZr423Q5IDEQ |
| Archive size | ~77MB (PG 34M + Qdrant 66M + configs) |
| Retention | 14 bản trên Drive, 1 bản local |
| Log | /opt/incomex/logs/backup-gdrive.log |
| Nội dung | PG dump, Qdrant snapshot, Docker configs, nginx/SSL, scripts |
⚠️ Qdrant snapshot trong script dùng Docker internal IP + API key (không qua localhost:6333). ⚠️ rclone token tự gia hạn mỗi lần chạy — không hết hạn nếu backup chạy đều. ⚠️ Scripts cũ:
mysql-backup.sh→.retired,qdrant-backup.shcron removed.
Connection Protection
| Script | Path | Schedule |
|---|---|---|
| test-mcp-connectivity.sh | /opt/incomex/scripts/ | */5 min cron |
| check-config-integrity.sh | /opt/incomex/scripts/ | hourly cron |
Integrity Tooling (S167D findings)
| Tool | Path | Status |
|---|---|---|
| Runner (main.js) | scripts/integrity/main.js | ⚠️ KHÔNG chạy trên VPS — TD-377 đang fix |
| Scanner | dot/bin/dot-layer-integrity-audit | ✅ Chạy được (cloud mode + token) |
| verify_counts() | PG function | ✅ |
Cập nhật: 2026-04-03. Trước đó: 2026-03-26 S139.