gh-vukhanhtruong-claude-rock-plugins-architecture-design/skills/assets/ARCHITECTURE-monolith.md

# Architecture Overview - Monolithic Application

This document describes the monolithic architecture, providing clear understanding of the application structure, module organization, and system design.

## 1. Project Structure

```
[Project Root]/
├── src/                       # Source code
│   ├── api/                  # API layer (controllers, routes)
│   ├── services/             # Business logic layer
│   ├── models/               # Data models
│   ├── repositories/         # Data access layer
│   ├── middleware/           # Request processing middleware
│   ├── utils/                # Utility functions
│   └── config/               # Configuration files
├── tests/                    # Test suites
│   ├── unit/
│   ├── integration/
│   └── e2e/
├── migrations/               # Database migrations
├── public/                   # Static assets (if serving frontend)
├── docs/                     # Documentation
└── scripts/                  # Build and deployment scripts
```

## 2. High-Level System Diagram

```
[User/Client]
      |
      v
[Load Balancer] (optional)
      |
      v
[Application Server]
      |
      +-- [API Layer]
      |        |
      |        v
      +-- [Service Layer]
      |        |
      |        v
      +-- [Data Access Layer]
      |        |
      |        v
      +-- [Database]
      |
      +-- [Cache] (optional)
      |
      +-- [External Services]
```

## 3. Core Components

### 3.1. Application Server

**Name:** [e.g., Main Application, Web Server]

**Description:** Single unified application handling all business logic

**Technologies:** [e.g., Node.js/Express, Python/Django, Java/Spring Boot, .NET]

**Deployment:** [e.g., AWS EC2, Heroku, Docker container]

### 3.2. Layered Architecture

#### 3.2.1. API/Controller Layer

**Description:** Handles HTTP requests, routing, and response formatting

**Key Modules:** [List main controllers/route groups]

**Responsibilities:** Request validation, authentication, response serialization

#### 3.2.2. Service/Business Logic Layer

**Description:** Core business logic and workflows

**Key Modules:** [List main service classes/modules]

**Responsibilities:** Business rules, transaction management, orchestration

#### 3.2.3. Data Access Layer

**Description:** Database interactions and data persistence

**Key Modules:** [List repositories/DAO classes]

**Responsibilities:** CRUD operations, query building, ORM management

### 3.3. Frontend (if integrated)

**Name:** [e.g., Web UI, Admin Panel]

**Description:** User interface served by the monolith

**Technologies:** [e.g., Server-side rendered with Jinja/EJS, or SPA with React/Vue]

**Location:** [public/ or templates/ directory]

## 4. Data Stores

### 4.1. Primary Database

**Name:** [e.g., Main Application Database]

**Type:** [PostgreSQL, MySQL, MongoDB, etc.]

**Purpose:** Stores all application data

**Key Schemas/Collections:**
- users
- [entity names]
- [domain tables]

### 4.2. Cache (if used)

**Name:** [e.g., Redis Cache]

**Type:** Redis, Memcached

**Purpose:** Performance optimization, session storage

**Cached Data:** [What gets cached]

## 5. External Integrations / APIs

**Service Name:** [e.g., Payment Processor, Email Service]

**Purpose:** [Functionality]

**Integration Method:** [REST API, SDK, Webhook]

**Integration Location:** [Which service/module handles it]

## 6. Deployment & Infrastructure

**Cloud Provider:** [AWS, GCP, Azure, On-premise]

**Hosting:** [EC2, App Engine, Virtual Machine, Container]

**Database Hosting:** [RDS, Cloud SQL, Managed service]

**CI/CD Pipeline:** [GitHub Actions, Jenkins, GitLab CI]

**Load Balancing:** [ALB, nginx, Cloud Load Balancer]

**Monitoring & Logging:** [CloudWatch, Application Insights, ELK]

**Scaling Strategy:** [Vertical scaling, horizontal with load balancer]

## 7. Security Considerations

**Authentication:** [Session-based, JWT, OAuth2]

**Authorization:** [RBAC implementation, middleware]

**Data Encryption:** [TLS/HTTPS, database encryption]

**Security Practices:**
- Input validation and sanitization
- SQL injection prevention (ORM/parameterized queries)
- CSRF protection
- Rate limiting
- Security headers

**Secrets Management:** [Environment variables, vault, cloud secrets]

## 8. Development & Testing Environment

**Local Setup Instructions:** [Steps to run locally]

**Development Database:** [Docker, local instance]

**Testing Frameworks:** 
- Unit: [e.g., Jest, Pytest, JUnit]
- Integration: [e.g., Supertest, TestContainers]
- E2E: [e.g., Cypress, Selenium]

**Code Quality Tools:** [ESLint, Prettier, SonarQube]

**Development Workflow:** [Git workflow, branch strategy]

## 9. Future Considerations / Roadmap

- [e.g., Consider extracting high-traffic modules into separate services]
- [e.g., Implement caching layer for better performance]
- [e.g., Add background job processing with queue]
- [e.g., Evaluate migration to microservices if scaling demands increase]

## 10. Project Identification

**Project Name:** [Application Name]

**Repository URL:** [Git repository]

**Primary Contact/Team:** [Development team]

**Date of Last Update:** [YYYY-MM-DD]

**Application Version:** [Current version]

## 11. Glossary / Acronyms

**Monolith:** Single-tiered application where all components are tightly coupled

**ORM:** Object-Relational Mapping - translates between database and objects

**Repository Pattern:** Data access abstraction layer

**Service Layer:** Business logic layer between controllers and data access

**[Add application-specific terms]**