Skip to main content

Service Boundaries

Current deployable units:

  • api-service: FastAPI HTTP API, auth, tenant context, ingest/read endpoints, EventBus publishing.
  • worker-service: NATS consumer, rule evaluation, alert/delivery/evidence/audit orchestration.
  • frontend: Next.js operator and auditor console.
  • postgres: RLS-backed control-plane persistence.
  • nats: JetStream event spine.
  • mock-webhook: local/dev sink only.
  • keycloak: optional local/dev OIDC profile with imported oneprotect-dev realm.

Internal Python modules are not automatically microservices. Split a runtime only when ownership, scaling, security, deploy cadence, or failure isolation justifies it.

Guardrail: business logic should stay out of HTTP handlers. HTTP routes should authenticate, validate, call services, and return typed responses.