MinusNow Documentation
Architecture | Deployment | Operations

Production guide for deploying and operating MinusNow

This documentation hub covers architecture, design model, deployment patterns, operational analytics, security controls, and troubleshooting. Use it as your single reference from pilot to stable production.

Start Production Checklist Open Installation Runbooks Download Installers

Documentation Map

Entry points by objective

Use this map to open the right runbook for your environment and ownership model.

Cloud Deployment

Full cloud runbook with prerequisites, ingress, storage, and validation.

Open guide

GCP Deployment

Step-by-step Google Cloud Platform deployment — Compute Engine, VPC, Cloud DNS, SSL, Load Balancer, monitoring, backups, and security hardening.

Open guide

Linux On-Premises

Package install, service setup, backup strategy, and hardening controls.

Open guide

Windows On-Premises

IIS, service installation, firewall, and operational baseline validation.

Open guide

SaaS Infrastructure Model

Tenant-aware architecture and scaling decisions.

Open model

Troubleshooting & Recovery

Diagnose crashes, fix service failures, recover from outages, and resolve common production issues.

Open guide

Comprehensive Guides

New reference documentation

In-depth reference guides covering OS compatibility, every platform module, and agent deployment.

OS Compatibility & Prerequisites

Server and agent OS support matrix, hardware requirements, software prerequisites, database setup, firewall ports, user permissions, and satellite server requirements.

Open guide

Comprehensive Module Guide

Step-by-step how-to for all 25+ modules: CMDB, Monitoring, Incidents, Changes, Problems, Service Requests, Auto-Healing, Capacity, Vulnerability & Patch, Alert-to-Incident, Automation, Directory & IAM, Knowledge Base, RCA & Forensics, User Sync, Explainable AI, Global Communications, Auto Ticket Assignment, Server Build & Provisioning, Feature Toggles, Status Page, Ticket Audit, KPI Dashboard, and People Communication.

Open guide

Agent Installation Guide

Complete agent deployment for Linux (Ubuntu, RHEL, SUSE, Amazon), Windows (GUI and silent), and macOS. Includes registration, auto-healing permissions, verification, upgrades, and troubleshooting.

Open guide

Service Accounts & Permissions

Consolidated security guide covering 4 service accounts, 6 application RBAC roles, database grants, OS-level user configuration, credential rotation, and compliance framework mapping for all 25+ modules.

Open guide

Reference Architecture

Service boundaries and dependencies

MinusNow follows layered separation across experience, API orchestration, persistence, and telemetry ingestion. Each layer can scale independently while retaining a single source of truth for incidents, CMDB, and audit records.

  • Experience Layer: Website, authentication, and operator console.
  • Control Layer: API endpoints, policy checks, workflow automation, and RBAC.
  • Data Layer: PostgreSQL for structured state and object/file store for artifacts.
  • Telemetry Layer: Agent ingestion, normalization, and event correlation.
  • Integration Layer: SMTP, identity source, and observability tooling.
Recommended production baseline: separate database and app hosts, backups enabled, and centralized logging configured before go-live.
MinusNow reference architecture diagram
Reference architecture with platform layers and external integrations.

Design Model and Flow

Capture, analyze, act

Capture

Events enter via API actions and endpoint agents, then are normalized and enriched with source metadata.

Analyze

Rules and scoring correlate incidents, assets, vulnerabilities, and patch obligations.

Act

Workflows trigger tickets, notifications, AI-powered ownership assignment, explainable recommendations, and remediation traces with global communications delivery.

Data flow diagram
Data flow from capture to remediation.
Module map
Module map for ITSM, operations, and governance.

Deployment Models

Decision matrix for environment selection
ModelBest ForCore ComponentsTradeoffs
Single Node PilotFast proof-of-value and demosApp + DB + storage on one hostLimited resilience
Standard ProductionSMB and mid-market operations2 app nodes, managed DB, reverse proxyModerate ops overhead
High AvailabilityEnterprise SLA-driven environmentsLoad balancer, multi-node app tier, HA DBHigher design and run cost
Hybrid DeploymentRegulated segmented networksOn-prem control plane + cloud analyticsComplex network integration
Deployment topology diagram
Reference deployment topology.
Network model diagram
Network segmentation and trust boundaries.

Production Checklist

Readiness gates before go-live

Infrastructure

  • Reserve CPU and memory for peak ticket and analytics loads.
  • Allocate persistent storage for logs, attachments, and backups.
  • Configure DNS, NTP, and TLS certificates.
  • Validate RPO and RTO with business owners.

Platform

  • Create admin and support roles with least privilege.
  • Configure SMTP and escalation policy.
  • Register agents and verify heartbeat freshness.
  • Enable audit logging and evidence export policy.

Security

  • Rotate bootstrap credentials and enforce password policy.
  • Restrict management endpoints by network zone.
  • Enable vulnerability scanning for hosts and images.
  • Encrypt database backup artifacts.

Operations

  • Define on-call ownership and severity model.
  • Automate daily backup and weekly restore tests.
  • Create patch windows and exception process.
  • Track MTTR, SLA breach rate, and patch compliance.
Do not move to production if backup restore tests and email alert routing remain unverified.

Installation Runbooks

Command-level Linux and Windows references

Linux installation sequence

# 1) Download installer
curl -fsSL /documentation/downloads/install-linux.sh -o install-linux.sh

# 2) Install under /opt/MinusNow
sudo bash install-linux.sh /opt/MinusNow MinusNow

# 3) Install endpoint agent
curl -fsSL /documentation/downloads/agent-install-linux.sh -o agent-install-linux.sh
bash agent-install-linux.sh

# 4) Validate API health
curl http://localhost:5000/api/telemetry/health

Linux runbook

Windows installation sequence

# 1) Download installer
Invoke-WebRequest -Uri /documentation/downloads/install-windows.ps1 -OutFile install-windows.ps1

# 2) Install service
./install-windows.ps1 -InstallDir "C:\MinusNow" -OpenFirewall -ServiceName "MinusNow"

# 3) Install endpoint agent
Invoke-WebRequest -Uri /documentation/downloads/agent-install-windows.ps1 -OutFile agent-install-windows.ps1
./agent-install-windows.ps1

# 4) Validate service and health
Get-Service MinusNow

Windows runbook

Linux deployment flow
Linux deployment process overview.
Windows IIS deployment flow
Windows IIS deployment process overview.

Operational Analytics Model

KPI structure for reliability and service quality
KPIFormulaTargetAction Trigger
Critical MTTRSum resolution time / incident countUnder 60 minutesEscalate on 2-day average breach
SLA Breach RateBreached tickets / total ticketsUnder 3 percentReview assignment and handoff policy
Patch CompliancePatched assets / eligible assetsAbove 95 percentOpen remediation campaign by unit
Alert Noise RatioNon-actionable alerts / total alertsUnder 30 percentTune thresholds and dedup rules
Agent FreshnessAgents reporting within 15m / total agentsAbove 98 percentInvestigate endpoint connectivity
Build weekly review packs from these KPIs and map each deviation to owner, correction plan, and closure date.

Security and Compliance Controls

Baseline control objectives

Identity and Access

  • Role-based access with separation of duties.
  • Enterprise identity integration where available.
  • Monthly privileged access reviews.

Data Protection

  • Encrypt database and backup artifacts at rest.
  • Enforce TLS for UI, API, and telemetry channels.
  • Apply retention policy for records and evidence.

Operational Control

  • Enable immutable audit logs.
  • Define change approval chain for production.
  • Perform quarterly disaster recovery drills.

Vulnerability Governance

  • Scan hosts and dependencies regularly.
  • Track exceptions with expiry and owner.
  • Link patch and vulnerability records in reports.

Integration and Data Blueprint

System boundaries and sync points

Define a master system per entity (ticket, asset, user, vendor, vulnerability) and version each integration contract. This avoids data drift and conflicting ownership.

Northbound

Email, chat, SIEM, and reporting integrations for visibility and routing.

Southbound

Endpoint agents, infra telemetry, and patch execution channels.

Synchronization

Scheduled and event-based sync with dedup and conflict policy.

Error Handling

Retry queues, dead-letter review, and runbook ownership.

API and integration map
Integration map and data exchange boundaries.

Troubleshooting and Recovery

Operational diagnostics playbook
UI not reachable but service is running

Check reverse proxy routing, certificate bindings, firewall policy, and upstream API health endpoint.

Agents stop reporting telemetry

Validate endpoint service status, outbound connectivity, TLS trust chain, and registration token validity.

Notifications are not sent

Verify SMTP host, port, auth mode, and relay restrictions, then run direct message diagnostics.

Patch campaigns fail at scale

Inspect pre-check output, maintenance windows, reboot policy, and dependency order. Use phased rollout with canary groups.

Database latency rises during peak usage

Review query plans, index coverage, connection pools, and storage latency. Archive stale records if needed.

Visual Asset Library

Diagrams for review and training
Architecture diagram

Reference Architecture

Layer boundaries and control points.

View
Deployment topology diagram

Deployment Topology

Node placement and dependencies.

View
Data flow diagram

Data Flow

Event flow from capture to remediation.

View
Network model diagram

Network Model

Segmentation and trust boundaries.

View
Lifecycle diagram

Ticket Lifecycle

Escalation and closure state model.

View
Deployment steps diagram

Deployment Steps

From prep to validation sequence.

View