Appearance
System Landscape
This page provides a bird's-eye view of every system, server, and external dependency in the Microtec platform ecosystem.
C4 Level-1: System Context Diagram
The diagram below follows the C4 Model's System Context level, showing how external users and systems interact with the top-level software systems.
ERP Platform (Azure Subscription 1)
Azure Container Apps Architecture
The ERP backend is split across two Container Apps Environments per deployment environment (dev/stage/preprod/uat/prod):
Frontend Static Web Apps
| App Name | Port (local) | Azure SWA |
|---|---|---|
| bussiness-owners | 4301 | mic-erp-fr-{env}-bo-swa |
| erp-home (shell) | 4401 | mic-erp-fr-{env}-home-swa |
| apps-accounting | 4402 | mic-erp-fr-{env}-accounting-swa |
| apps-hr | 4403 | mic-erp-fr-{env}-hr-swa |
| apps-finance | 4404 | mic-erp-fr-{env}-finance-swa |
| apps-sales | 4405 | mic-erp-fr-{env}-sales-swa |
| apps-purchase | 4406 | mic-erp-fr-{env}-purchase-swa |
| apps-inventory | 4407 | mic-erp-fr-{env}-inventory-swa |
| app-distribution | 4408 | mic-erp-fr-{env}-distribution-swa |
| fixed-assets | 4409 | mic-erp-fr-{env}-fixed-assets-swa |
Fooj Project (Azure Subscription 2)
Separate Subscription
Fooj runs in Azure subscription f2340b90-2a00-4551-aabc-6e1776e82077. It shares DevSecOps pipeline templates with the ERP platform but maintains completely separate infrastructure, databases, and deployment pipelines.
Key differences from ERP:
- Simpler single-CAE architecture (no public/private split initially)
- Smaller number of microservices
- Shared NAT Gateway egress IP:
20.26.0.39(consolidated stage + prod into shared VNet as of 2026-04-05) - Own Azure Front Door instance
On-Premises Servers
These servers support development and CI/CD operations. They are not in the customer traffic path.
| Server | IP | Role | Key Services |
|---|---|---|---|
eg-sv-vip | 192.168.120.12 | Reverse proxy / NPM | Nginx Proxy Manager (port 8100 UI), external routing for on-prem services |
eg-sv-ai | 192.168.120.254 | Code quality | SonarQube Community Edition (port 8095), admin: admin/Admin@2024 |
eg-sv-01 | 192.168.120.233 | Container infrastructure | Docker registry v2 (port 5000), Portainer CE (port 9000/9443) |
eg-build-01 | 192.168.120.88 | ADO build agent | Ubuntu 22.04, Azure CLI 2.85.0, Docker, .NET SDK |
eg-build-02 | 192.168.120.122 | ADO build agent | Same as eg-build-01 |
eg-build-05 | 192.168.120.44 | ADO build agent | Same as eg-build-01 |
SSH Access Required
On-prem server access is via SSH using internal network credentials. Do not expose these servers directly to the internet. All external access is mediated through eg-sv-vip / Nginx Proxy Manager.
Azure DevOps Organization
Azure DevOps is the central hub for:
- Source control: All repositories (Git) with branch policies
- CI/CD pipelines: YAML pipelines in
Devops/azure/; templates shared across services viatemplates/subdirectories - NuGet feed: Private feed at
Microtecorganization scope — requires$(System.AccessToken)in pipeline, PAT for local development - Work items: Scrum boards per team (ERP, Fooj, Mobile, Infrastructure)
- Environments: ADO Environments with approval gates for preprod, UAT, and production
Pipeline Repository Structure
Devops/azure/
├── config/
│ └── container-backend/
│ └── services-config.json # Master service registry (13 services × 5 envs)
├── infrastructure/
│ └── main.bicep # Subscription-scoped Bicep entry point
├── pipelines/
│ ├── backend/ # .NET service pipelines
│ ├── frontApps/ # Angular SWA pipelines
│ └── mobile/ # Flutter pipelines
├── scripts/
│ └── infra/
│ └── Build-BicepParams.ps1 # Config → Bicep param mapper
├── templates/
│ ├── containerBackend/ # Reusable Docker/CAE templates
│ ├── devsecops/ # SAST, DAST, SBOM templates
│ └── shared/ # Approval, notify, health-check templates
└── DEPLOYMENT-GUIDE.mdExternal Dependencies
| System | Purpose | Notes |
|---|---|---|
| ZATCA API | Saudi e-invoicing Phase 1 & 2 | Production certs managed separately |
| ETA API | Egyptian e-invoicing | Used by Egyptian tenants only |
| SonarCloud | Hosted SAST reporting UI | Receives results from on-prem SonarQube or direct pipeline scan |
| Azure OpenAI | AI code review in DevSecOps pipeline | GPT-4 for diff analysis |
| Google Play / App Store | Mobile app distribution | Flutter apps published per-release |
Documentation Sites
| Site | Technology | Purpose |
|---|---|---|
| ERP Docs (this site) | VitePress / MkDocs Material | Platform-wide technical documentation |
| BusinessDocs | VitePress | End-user and admin documentation for the ERP and BO portal |