romfast/roa2web-service-auto
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs: Add Windows OCR dependencies and fix IIS API error handling

Browse Source 
- Add OCR installation instructions for Windows (Poppler, Tesseract, PaddleOCR)
- Add troubleshooting section for common OCR errors on Windows
- Fix web.config.data-entry to use existingResponse="Auto" instead of "Replace"
  This allows FastAPI JSON error responses to pass through IIS unchanged
- Update system requirements to recommend 16GB RAM for OCR workloads

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
Marius Mutu
2025-12-18 19:43:33 +02:00
parent 0851d01917
commit 642ae3a96c
3 changed files with 432 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

215
deployment/windows/README.md
View File

@@ -2,28 +2,33 @@
Complete deployment solution for ROA2WEB on Windows Server with IIS and Oracle Database.
**Includes:**
- **Reports App** - Read-only Oracle reports (Port 8000)
- **Telegram Bot** - Telegram integration (Port 8002)
- **Data Entry App** - Receipt data entry with approval workflow (Port 8003)
---
## 📂 Package Contents
```
deployment/windows/
├── config/ # Configuration files
│ ├── web.config # IIS configuration (URL Rewrite, reverse proxy)
── .env.production.windows # Environment variables template
├── config/ # Configuration files
│ ├── web.config # IIS config for Reports App
── web.config.data-entry # IIS config for Data Entry App
│ └── .env.production.windows # Environment variables template
├── scripts/ # PowerShell automation scripts
│ ├── Install-ROA2WEB.ps1 # Initial installation
│ ├── Deploy-ROA2WEB.ps1 # Deploy updates
│ ├── Build-Frontend.ps1 # Build Vue.js frontend (run locally)
│ ├── Start-ROA2WEB.ps1 # Start backend service
── Stop-ROA2WEB.ps1 # Stop backend service
│ └── Restart-ROA2WEB.ps1 # Restart backend service
├── scripts/ # PowerShell automation scripts
│ ├── Build-ROA2WEB.ps1 # Build all components (interactive menu)
│ ├── ROA2WEB-Console.ps1 # Unified deployment & management console
│ ├── Install-ROA2WEB.ps1 # Initial Reports App installation
│ ├── Install-TelegramBot.ps1 # Telegram Bot installation
── deploy-config.json # Deployment configuration
├── docs/ # Documentation
│ └── WINDOWS_DEPLOYMENT.md # Complete deployment guide
├── docs/ # Documentation
│ └── WINDOWS_DEPLOYMENT.md # Complete deployment guide
└── README.md # This file
└── README.md # This file
```
---
@@ -150,24 +155,56 @@ cd C:\inetpub\wwwroot\roa2web\deployment\windows\scripts
## 🔧 Management Commands
### Interactive Console (Recommended)
```powershell
# Start backend service
.\Start-ROA2WEB.ps1
# Open unified management console
cd C:\inetpub\wwwroot\roa2web\deployment\windows\scripts
.\ROA2WEB-Console.ps1
# Stop backend service
.\Stop-ROA2WEB.ps1
# Menu options:
# [1] Deploy Components
# [2] Manage Services
# [3] Check Status
```
# Restart backend service
.\Restart-ROA2WEB.ps1
### Non-Interactive Commands
```powershell
# Deploy all components
.\ROA2WEB-Console.ps1 -NonInteractive -Action DeployAll
# Deploy specific component
.\ROA2WEB-Console.ps1 -NonInteractive -Action DeployBackend
.\ROA2WEB-Console.ps1 -NonInteractive -Action DeployTelegramBot
.\ROA2WEB-Console.ps1 -NonInteractive -Action DeployDataEntry
# Service management
.\ROA2WEB-Console.ps1 -NonInteractive -Action StartAll
.\ROA2WEB-Console.ps1 -NonInteractive -Action StopAll
.\ROA2WEB-Console.ps1 -NonInteractive -Action RestartAll
# Data Entry service management
.\ROA2WEB-Console.ps1 -NonInteractive -Action StartDataEntry
.\ROA2WEB-Console.ps1 -NonInteractive -Action StopDataEntry
.\ROA2WEB-Console.ps1 -NonInteractive -Action RestartDataEntry
# Check status
.\ROA2WEB-Console.ps1 -NonInteractive -Action Status
```
### Direct Service Commands
```powershell
# Check all ROA2WEB services
Get-Service ROA2WEB-*
# View logs
Get-Content C:\inetpub\wwwroot\roa2web\logs\backend-stdout.log -Tail 50 -Wait
Get-Content C:\inetpub\wwwroot\roa2web\data-entry-backend\logs\stdout.log -Tail 50 -Wait
# Check service status
Get-Service ROA2WEB-Backend
# Check IIS website
Get-Website ROA2WEB
# Check IIS
Get-Website | Where-Object { $_.Name -like "*roa2web*" -or $_.Name -like "*data-entry*" }
```
---
@@ -178,43 +215,85 @@ Get-Website ROA2WEB
| Component | Type | Port | Purpose |
|-----------|------|------|---------|
| **Frontend** | IIS Static Files | 80/443 | Vue.js SPA |
| **Backend** | Windows Service | 8000 | FastAPI API |
| **Database** | Oracle | 1521 | Data storage |
| **Reverse Proxy** | IIS URL Rewrite | - | API routing |
| **Reports Frontend** | IIS Static Files | 80/443 | Vue.js SPA (Reports) |
| **Reports Backend** | Windows Service | 8000 | FastAPI API (Reports) |
| **Telegram Bot** | Windows Service | 8002 | Telegram integration |
| **Data Entry Frontend** | IIS Static Files | 80/443 | Vue.js SPA (Data Entry) |
| **Data Entry Backend** | Windows Service | 8003 | FastAPI API (Data Entry) |
| **Database** | Oracle | 1521 | Reports data (read-only) |
| **SQLite** | File | - | Data Entry local storage |
### Network Flow
```
Client → IIS (port 80) → [web.config URL Rewrite]
├─ /api/* → Backend Service (localhost:8000)
│ ↓
│ Oracle DB (localhost:1521)
└─ /* → Static Files (Vue.js)
Client → IIS (port 80/443)
├─ /roa2web/api/* → Reports Backend (localhost:8000) → Oracle DB
├─ /roa2web/* → Reports Frontend (Vue.js)
├─ /data-entry/api/* → Data Entry Backend (localhost:8003) → SQLite
└─ /data-entry/* → Data Entry Frontend (Vue.js)
```
### Windows Services
| Service Name | Description | Port |
|-------------|-------------|------|
| ROA2WEB-Backend | Reports API | 8000 |
| ROA2WEB-TelegramBot | Telegram Bot | 8002 |
| ROA2WEB-DataEntry | Data Entry API | 8003 |
---
## 📋 Directory Structure After Installation
```
C:\inetpub\wwwroot\roa2web\
├── backend\ # FastAPI application
├── backend\ # Reports Backend (FastAPI)
│ ├── app\
│ ├── requirements.txt
│ ├── .env # Configuration
│ └── logs\
│ ├── venv\
│ └── .env
├── frontend\ # Vue.js static files
├── frontend\ # Reports Frontend (Vue.js)
│ ├── index.html
│ ├── assets\
│ └── web.config
├── logs\ # Service logs
├── telegram-bot\ # Telegram Bot
│ ├── app\
│ ├── data\telegram_bot.db
│ ├── requirements.txt
│ ├── venv\
│ └── .env
├── data-entry-backend\ # Data Entry Backend (FastAPI)
│ ├── app\
│ ├── migrations\
│ ├── data\receipts.db # SQLite database
│ ├── data\uploads\ # Uploaded receipts
│ ├── requirements.txt
│ ├── venv\
│ └── .env
├── data-entry-frontend\ # Data Entry Frontend (Vue.js)
│ ├── index.html
│ ├── assets\
│ └── web.config
├── shared\ # Shared Python modules
│ ├── auth\
│ ├── database\
│ └── utils\
├── logs\ # Service logs
│ ├── backend-stdout.log
│ └── backend-stderr.log
└── backups\ # Automatic backups
└── backups\ # Automatic backups
└── backup-YYYYMMDD-HHMMSS\
```
@@ -294,13 +373,64 @@ For complete documentation, see:
| Resource | Minimum | Recommended |
|----------|---------|-------------|
| **OS** | Windows Server 2016 | Windows Server 2019+ |
| **RAM** | 4 GB | 8 GB |
| **RAM** | 4 GB | 8 GB (16 GB if using OCR) |
| **CPU** | 2 cores | 4 cores |
| **Disk** | 10 GB free | 20 GB free |
| **Network** | 100 Mbps | 1 Gbps |
---
## 🔍 OCR Dependencies (Data Entry App)
Data Entry App foloseste OCR pentru extragerea automata a datelor din bonuri fiscale. Pe Windows trebuie instalate manual:
### 1. Poppler (conversie PDF → imagini)
```powershell
# Descarca de la: https://github.com/osborn/poppler-windows/releases
# Extrage in: C:\Program Files\poppler\
# Adauga la System PATH: C:\Program Files\poppler\Library\bin
# Verificare instalare:
pdfinfo --version
```
### 2. Tesseract OCR (engine OCR backup)
```powershell
# Descarca installer: https://github.com/UB-Mannheim/tesseract/wiki
# Selecteaza limbile: English + Romanian
# Default path: C:\Program Files\Tesseract-OCR\
# Adauga la System PATH
# Verificare instalare:
tesseract --version
```
### 3. Python OCR Packages
```powershell
cd C:\inetpub\wwwroot\roa2web\data-entry-backend
.\venv\Scripts\activate
pip install paddlepaddle>=2.5.0
pip install paddleocr>=2.7.0
pip install opencv-python>=4.8.0
pip install pytesseract>=0.3.10
pip install pdf2image>=1.16.0
# Restart serviciu
nssm restart ROA2WEB-DataEntry
```
### Note importante
- **PaddleOCR** descarca modele (~200MB) la prima rulare
- **RAM**: PaddleOCR necesita ~2GB RAM disponibil
- **PATH**: Dupa modificari PATH, restart serviciul backend
- **Test OCR**: `curl http://localhost:8003/api/ocr/status`
---
## 🔐 Security Recommendations
1. **Generate Strong JWT Secret:**
@@ -353,9 +483,10 @@ For issues or questions:
| Version | Date | Changes |
|---------|------|---------|
| 2.1.0 | 2025-12-18 | Added Data Entry App deployment support |
| 2.0.0 | 2025-01-18 | Initial Windows deployment package |
---
*ROA2WEB - Modern ERP Reports Application*
*Windows Server Deployment Package v2.0.0*
*ROA2WEB - Modern ERP Application (Reports + Data Entry)*
*Windows Server Deployment Package v2.1.0*

161
deployment/windows/config/web.config.data-entry Normal file
View File

@@ -0,0 +1,161 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
ROA2WEB Data Entry App - IIS Web Configuration
This configuration enables:
- SPA routing for Vue.js (all routes fallback to index.html)
- Reverse proxy for /api/* to Data Entry backend FastAPI service (localhost:8003)
- Compression and caching for optimal performance
- Security headers
Prerequisites:
- IIS URL Rewrite Module: https://www.iis.net/downloads/microsoft/url-rewrite
- IIS Application Request Routing (ARR): https://www.iis.net/downloads/microsoft/application-request-routing
This is for the Data Entry sub-application at /data-entry
-->
<configuration>
<system.webServer>
<!-- Static Content Compression -->
<urlCompression doStaticCompression="true" doDynamicCompression="true" />
<!-- Default Document -->
<defaultDocument>
<files>
<clear />
<add value="index.html" />
</files>
</defaultDocument>
<!-- Static Content Settings -->
<staticContent>
<!-- Enable MIME types for modern web assets -->
<!-- Remove first to avoid duplicates, then add -->
<remove fileExtension=".json" />
<mimeMap fileExtension=".json" mimeType="application/json" />
<remove fileExtension=".woff" />
<mimeMap fileExtension=".woff" mimeType="application/font-woff" />
<remove fileExtension=".woff2" />
<mimeMap fileExtension=".woff2" mimeType="application/font-woff2" />
<remove fileExtension=".svg" />
<mimeMap fileExtension=".svg" mimeType="image/svg+xml" />
<remove fileExtension=".webmanifest" />
<mimeMap fileExtension=".webmanifest" mimeType="application/manifest+json" />
<!-- Client-side caching for static assets -->
<clientCache cacheControlMode="UseMaxAge" cacheControlMaxAge="365.00:00:00" />
</staticContent>
<!-- Custom HTTP Headers (Security) -->
<httpProtocol>
<customHeaders>
<!-- Security Headers -->
<add name="X-Frame-Options" value="DENY" />
<add name="X-Content-Type-Options" value="nosniff" />
<add name="X-XSS-Protection" value="1; mode=block" />
<add name="Referrer-Policy" value="strict-origin-when-cross-origin" />
<add name="Permissions-Policy" value="geolocation=(), microphone=(), camera=()" />
<!-- Content Security Policy (adjust as needed) -->
<add name="Content-Security-Policy" value="default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' ws: wss:" />
<!-- Remove Server header for security -->
<remove name="X-Powered-By" />
</customHeaders>
</httpProtocol>
<!-- URL Rewrite Rules -->
<rewrite>
<rules>
<!-- Rule 1: Force HTTPS (redirect HTTP to HTTPS) -->
<rule name="Force HTTPS" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/data-entry/{R:1}" redirectType="Permanent" />
</rule>
<!-- Rule 2: Reverse Proxy for API Requests to Data Entry Backend (port 8003) -->
<rule name="Data Entry API Reverse Proxy" stopProcessing="true">
<match url="^api/(.*)" />
<action type="Rewrite" url="http://localhost:8003/api/{R:1}" />
</rule>
<!-- Rule 3: Health Check Endpoint -->
<rule name="Health Check Proxy" stopProcessing="true">
<match url="^health$" />
<action type="Rewrite" url="http://localhost:8003/health" />
</rule>
<!-- Rule 4: Don't rewrite if file exists (static assets) -->
<rule name="StaticContent" stopProcessing="true">
<match url=".*" />
<conditions>
<add input="{REQUEST_FILENAME}" matchType="IsFile" />
</conditions>
<action type="None" />
</rule>
<!-- Rule 5: Don't rewrite if directory exists -->
<rule name="StaticDirectory" stopProcessing="true">
<match url=".*" />
<conditions>
<add input="{REQUEST_FILENAME}" matchType="IsDirectory" />
</conditions>
<action type="None" />
</rule>
<!-- Rule 6: SPA Routing - Rewrite all other requests to index.html -->
<rule name="SPA Fallback" stopProcessing="true">
<match url=".*" />
<conditions logicalGrouping="MatchAll">
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
<add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true" />
<add input="{REQUEST_URI}" pattern="^/data-entry/api" negate="true" />
</conditions>
<action type="Rewrite" url="index.html" />
</rule>
</rules>
<!-- Outbound Rules (optional - for modifying responses) -->
<outboundRules>
<rule name="Add HSTS Header" preCondition="IsHTTPS">
<match serverVariable="RESPONSE_Strict-Transport-Security" pattern=".*" />
<action type="Rewrite" value="max-age=31536000; includeSubDomains" />
</rule>
<preConditions>
<preCondition name="IsHTTPS">
<add input="{HTTPS}" pattern="on" />
</preCondition>
</preConditions>
</outboundRules>
</rewrite>
<!-- Error Pages -->
<!-- Use Auto to pass through backend API errors unchanged (JSON) while still handling IIS errors -->
<httpErrors errorMode="Custom" existingResponse="Auto">
<!-- 404 - Not Found: Serve index.html for SPA routing -->
<remove statusCode="404" subStatusCode="-1" />
<error statusCode="404" path="index.html" responseMode="ExecuteURL" />
<!-- 500 - Internal Server Error -->
<remove statusCode="500" subStatusCode="-1" />
<error statusCode="500" path="index.html" responseMode="ExecuteURL" />
</httpErrors>
<!-- Disable directory browsing -->
<directoryBrowse enabled="false" />
</system.webServer>
<!-- System.web for ASP.NET settings (if needed) -->
<system.web>
<compilation debug="false" targetFramework="4.8" />
<httpRuntime targetFramework="4.8" maxRequestLength="10240" executionTimeout="300" />
</system.web>
</configuration>