Files

Marius Mutu f1f6760bef refactor: Remove deprecated INTERNAL_API_PORT (ultrathin monolith cleanup)

Architecture cleanup after migration to ultrathin monolith:

- Remove INTERNAL_API_PORT from .env files (was port 8002)
- Clean up bot_main.py: remove uvicorn, Thread, run_internal_api()
- Update validate.md to check /api/telegram/health instead of port 8002
- Add deprecation notices to old Windows deployment docs
- Update docs/telegram/README.md with architecture note

The Telegram internal API is now served at /api/telegram/internal/*
on the main backend port (8000/8001) instead of separate port 8002.

Also includes: menu updates, ServerLogsView improvements, script fixes

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

2026-01-04 03:56:27 +02:00

config

fix: IIS sub-application deployment for production

2025-12-30 16:38:47 +02:00

docs

refactor: Remove deprecated INTERNAL_API_PORT (ultrathin monolith cleanup)

2026-01-04 03:56:27 +02:00

scripts

feat: Add Linux deployment scripts and server logs view

2026-01-04 00:26:36 +00:00

DEPLOY_PACKAGE.md

Refactor Windows deployment scripts: unify build and management tools

2025-11-11 22:50:03 +02:00

README.md

docs: Add Windows OCR dependencies and fix IIS API error handling

2025-12-18 19:43:33 +02:00

README.md

ROA2WEB - Windows Deployment Package

Complete deployment solution for ROA2WEB on Windows Server with IIS and Oracle Database.

Includes:

Reports App - Read-only Oracle reports (Port 8000)
Telegram Bot - Telegram integration (Port 8002)
Data Entry App - Receipt data entry with approval workflow (Port 8003)

📂 Package Contents

deployment/windows/
├── config/                              # Configuration files
│   ├── web.config                       # IIS config for Reports App
│   ├── web.config.data-entry            # IIS config for Data Entry App
│   └── .env.production.windows          # Environment variables template
│
├── scripts/                             # PowerShell automation scripts
│   ├── Build-ROA2WEB.ps1               # Build all components (interactive menu)
│   ├── ROA2WEB-Console.ps1             # Unified deployment & management console
│   ├── Install-ROA2WEB.ps1             # Initial Reports App installation
│   ├── Install-TelegramBot.ps1         # Telegram Bot installation
│   └── deploy-config.json              # Deployment configuration
│
├── docs/                                # Documentation
│   └── WINDOWS_DEPLOYMENT.md           # Complete deployment guide
│
└── README.md                            # This file

🎯 Quick Start

Prerequisites

Windows Server 2016+ (or Windows 10/11 Pro)
IIS installed
Oracle Database (local or network-accessible)
PowerShell 5.1+
Administrator privileges

Installation Steps

1. Build Frontend (on development machine)

# On WSL/Linux/Mac
cd roa2web/deployment/windows/scripts
./Build-Frontend.ps1

# This creates: ./deploy-package/

2. Transfer to Server

Copy the entire project to Windows Server:

C:\roa2web\deployment\windows\

3. Run Installation

# On Windows Server (PowerShell as Administrator)
cd C:\roa2web\deployment\windows\scripts

# Install everything
.\Install-ROA2WEB.ps1

This will:

✅ Install Python 3.11+
✅ Install NSSM (service manager)
✅ Install IIS URL Rewrite and ARR
✅ Create directory structure
✅ Install Python dependencies
✅ Create Windows Service
✅ Configure IIS website

4. Configure Application

# Copy and edit environment file
Copy-Item C:\inetpub\wwwroot\roa2web\backend\config\.env.production.windows `
          C:\inetpub\wwwroot\roa2web\backend\.env

# Edit with your values
notepad C:\inetpub\wwwroot\roa2web\backend\.env

Required settings:

Configure these variables in .env:

Database credentials (user, password, host, port, SID)
JWT secret key for authentication
Other application-specific settings

Example structure:

ORACLE_USER=CONTAFIN_ORACLE
ORACLE_HOST=localhost
ORACLE_PORT=1521
ORACLE_SID=ROA
# Add password and JWT secret here

5. Deploy Application Files

# Deploy frontend and backend
.\Deploy-ROA2WEB.ps1 -SourcePath "C:\path\to\deploy-package"

6. Verify Installation

# Check service
Get-Service ROA2WEB-Backend

# Test backend
Invoke-WebRequest http://localhost:8000/health

# Open application
Start-Process "http://localhost"

🔄 Update Workflow

For deploying updates to existing installation:

1. Build on development machine:

cd roa2web/deployment/windows/scripts
./Build-Frontend.ps1 -OutputPath "./deploy-$(date +%Y%m%d)"

2. Transfer to server:

Copy-Item .\deploy-20250118 -Destination C:\Temp\roa2web-deploy -Recurse

3. Deploy on server:

cd C:\inetpub\wwwroot\roa2web\deployment\windows\scripts
.\Deploy-ROA2WEB.ps1 -SourcePath "C:\Temp\roa2web-deploy"

🔧 Management Commands

Interactive Console (Recommended)

# Open unified management console
cd C:\inetpub\wwwroot\roa2web\deployment\windows\scripts
.\ROA2WEB-Console.ps1

# Menu options:
#   [1] Deploy Components
#   [2] Manage Services
#   [3] Check Status

Non-Interactive Commands

# Deploy all components
.\ROA2WEB-Console.ps1 -NonInteractive -Action DeployAll

# Deploy specific component
.\ROA2WEB-Console.ps1 -NonInteractive -Action DeployBackend
.\ROA2WEB-Console.ps1 -NonInteractive -Action DeployTelegramBot
.\ROA2WEB-Console.ps1 -NonInteractive -Action DeployDataEntry

# Service management
.\ROA2WEB-Console.ps1 -NonInteractive -Action StartAll
.\ROA2WEB-Console.ps1 -NonInteractive -Action StopAll
.\ROA2WEB-Console.ps1 -NonInteractive -Action RestartAll

# Data Entry service management
.\ROA2WEB-Console.ps1 -NonInteractive -Action StartDataEntry
.\ROA2WEB-Console.ps1 -NonInteractive -Action StopDataEntry
.\ROA2WEB-Console.ps1 -NonInteractive -Action RestartDataEntry

# Check status
.\ROA2WEB-Console.ps1 -NonInteractive -Action Status

Direct Service Commands

# Check all ROA2WEB services
Get-Service ROA2WEB-*

# View logs
Get-Content C:\inetpub\wwwroot\roa2web\logs\backend-stdout.log -Tail 50 -Wait
Get-Content C:\inetpub\wwwroot\roa2web\data-entry-backend\logs\stdout.log -Tail 50 -Wait

# Check IIS
Get-Website | Where-Object { $_.Name -like "*roa2web*" -or $_.Name -like "*data-entry*" }

📊 Architecture

Components

Component	Type	Port	Purpose
Reports Frontend	IIS Static Files	80/443	Vue.js SPA (Reports)
Reports Backend	Windows Service	8000	FastAPI API (Reports)
Telegram Bot	Windows Service	8002	Telegram integration
Data Entry Frontend	IIS Static Files	80/443	Vue.js SPA (Data Entry)
Data Entry Backend	Windows Service	8003	FastAPI API (Data Entry)
Database	Oracle	1521	Reports data (read-only)
SQLite	File	-	Data Entry local storage

Network Flow

Client → IIS (port 80/443)
           │
           ├─ /roa2web/api/* → Reports Backend (localhost:8000) → Oracle DB
           │
           ├─ /roa2web/* → Reports Frontend (Vue.js)
           │
           ├─ /data-entry/api/* → Data Entry Backend (localhost:8003) → SQLite
           │
           └─ /data-entry/* → Data Entry Frontend (Vue.js)

Windows Services

Service Name	Description	Port
ROA2WEB-Backend	Reports API	8000
ROA2WEB-TelegramBot	Telegram Bot	8002
ROA2WEB-DataEntry	Data Entry API	8003

📋 Directory Structure After Installation

C:\inetpub\wwwroot\roa2web\
│
├── backend\                       # Reports Backend (FastAPI)
│   ├── app\
│   ├── requirements.txt
│   ├── venv\
│   └── .env
│
├── frontend\                      # Reports Frontend (Vue.js)
│   ├── index.html
│   ├── assets\
│   └── web.config
│
├── telegram-bot\                  # Telegram Bot
│   ├── app\
│   ├── data\telegram_bot.db
│   ├── requirements.txt
│   ├── venv\
│   └── .env
│
├── data-entry-backend\            # Data Entry Backend (FastAPI)
│   ├── app\
│   ├── migrations\
│   ├── data\receipts.db          # SQLite database
│   ├── data\uploads\             # Uploaded receipts
│   ├── requirements.txt
│   ├── venv\
│   └── .env
│
├── data-entry-frontend\           # Data Entry Frontend (Vue.js)
│   ├── index.html
│   ├── assets\
│   └── web.config
│
├── shared\                        # Shared Python modules
│   ├── auth\
│   ├── database\
│   └── utils\
│
├── logs\                          # Service logs
│   ├── backend-stdout.log
│   └── backend-stderr.log
│
└── backups\                       # Automatic backups
    └── backup-YYYYMMDD-HHMMSS\

🆘 Troubleshooting

Service won't start

# Check logs
Get-Content C:\inetpub\wwwroot\roa2web\logs\backend-stderr.log -Tail 50

# Test manually
cd C:\inetpub\wwwroot\roa2web\backend
python -m uvicorn app.main:app --host 127.0.0.1 --port 8000

Frontend not loading

# Restart IIS
iisreset

# Check website status
Get-Website ROA2WEB
Start-Website ROA2WEB

API calls failing (502/504)

# Check backend service
Get-Service ROA2WEB-Backend
.\Restart-ROA2WEB.ps1

# Test backend directly
Invoke-WebRequest http://localhost:8000/health

Database connection issues

# Test Oracle connection
sqlplus CONTAFIN_ORACLE/password@localhost:1521/ROA

# Check Oracle service
Get-Service Oracle*

# Check .env configuration
Get-Content C:\inetpub\wwwroot\roa2web\backend\.env | Select-String ORACLE

📖 Full Documentation

For complete documentation, see:

WINDOWS_DEPLOYMENT.md - Comprehensive deployment guide
.env.production.windows - Configuration reference

🔑 Key Features

✅ Simple Installation - One PowerShell script installs everything ✅ Minimal Dependencies - Only Python + IIS (already on Windows Server) ✅ Easy Replication - Same scripts work on all servers ✅ Automatic Backups - Every deployment creates a backup ✅ Windows Service - Backend runs as service with auto-start/restart ✅ Production Ready - Optimized for performance and reliability

📊 System Requirements

Resource	Minimum	Recommended
OS	Windows Server 2016	Windows Server 2019+
RAM	4 GB	8 GB (16 GB if using OCR)
CPU	2 cores	4 cores
Disk	10 GB free	20 GB free
Network	100 Mbps	1 Gbps

🔍 OCR Dependencies (Data Entry App)

Data Entry App foloseste OCR pentru extragerea automata a datelor din bonuri fiscale. Pe Windows trebuie instalate manual:

1. Poppler (conversie PDF → imagini)

# Descarca de la: https://github.com/osborn/poppler-windows/releases
# Extrage in: C:\Program Files\poppler\
# Adauga la System PATH: C:\Program Files\poppler\Library\bin

# Verificare instalare:
pdfinfo --version

2. Tesseract OCR (engine OCR backup)

# Descarca installer: https://github.com/UB-Mannheim/tesseract/wiki
# Selecteaza limbile: English + Romanian
# Default path: C:\Program Files\Tesseract-OCR\
# Adauga la System PATH

# Verificare instalare:
tesseract --version

3. Python OCR Packages

cd C:\inetpub\wwwroot\roa2web\data-entry-backend
.\venv\Scripts\activate

pip install paddlepaddle>=2.5.0
pip install paddleocr>=2.7.0
pip install opencv-python>=4.8.0
pip install pytesseract>=0.3.10
pip install pdf2image>=1.16.0

# Restart serviciu
nssm restart ROA2WEB-DataEntry

Note importante

PaddleOCR descarca modele (~200MB) la prima rulare
RAM: PaddleOCR necesita ~2GB RAM disponibil
PATH: Dupa modificari PATH, restart serviciul backend
Test OCR: curl http://localhost:8003/api/ocr/status

🔐 Security Recommendations

Generate Strong JWT Secret:

-join ((65..90) + (97..122) + (48..57) | Get-Random -Count 32 | % {[char]$_})

Secure .env File:

icacls C:\inetpub\wwwroot\roa2web\backend\.env /inheritance:r /grant:r Administrators:F

Enable HTTPS: ⭐ RECOMMENDED
```
# Quick setup with automated script
cd C:\roa2web\deployment\windows\scripts
.\Enable-HTTPS.ps1

# For detailed instructions, see:
# docs/HTTPS_SETUP.md
```
What it does:
- Creates/installs SSL certificate
- Configures HTTPS binding (port 443)
- Enables HTTP to HTTPS redirect
- Activates HSTS (Strict Transport Security)
Access your application securely:
- https://10.0.20.36/roa2web (or your domain)
Regular Updates:
- Keep Windows Server updated
- Update Python packages monthly
- Monitor security advisories
- Renew SSL certificates before expiry

📞 Support

For issues or questions:

Check logs: C:\inetpub\wwwroot\roa2web\logs\
Review WINDOWS_DEPLOYMENT.md
Contact: development-team@your-company.com

📝 Version History

Version	Date	Changes
2.1.0	2025-12-18	Added Data Entry App deployment support
2.0.0	2025-01-18	Initial Windows deployment package

ROA2WEB - Modern ERP Application (Reports + Data Entry) Windows Server Deployment Package v2.1.0