Sagec - Accounting Management & Optimization
Internal accounting management application and project optimization tool for accounting firms.
Sagec - Accounting Management Solution
π Context
This project was born from a critical need within a French accounting firm: to centralize and optimize the management of clients and projects during the intense tax season (annual financial statements).
The challenge was to break away from expensive and often rigid proprietary solutions to offer a fast, reliable, and perfectly tailored tool for the firm's specific workflows. I was commissioned to design this solution from end to end, prioritizing a modern technical stack and an SRE (Site Reliability Engineering) oriented infrastructure.
The goal was not only to meet an immediate need but to build a sustainable and scalable architecture via a Kubernetes cluster (K3S), allowing for smooth product evolution without a major technical overhaul.
π― Key Objectives
- Centralization: Unified registration and management of companies, clients, and projects.
- Interoperability: Data import from existing business tools.
- Steering: Decision-making dashboard offering an overview of ongoing projects.
- Security: Granular access management via an RBAC (Role-Based Access Control) system.
- High Availability: Auto-heal, auto-update, and auto-deploy infrastructure.
π Technical Stack
- Backend: NestJs (TypeScript) & Prisma ORM
- Database: PostgreSQL with Row Level Security (RLS)
- Frontend: VueJs 3, ShadCnVue & TailwindCSS
- Infrastructure: K3S (Kubernetes), Traefik (Ingress), Let's Encrypt (TLS)
- DevOps & GitOps: GitLab CI, Docker, ArgoCD
π Architecture & Development
Backend & Security
The architecture follows NestJs modularity principles, ensuring maintainable and testable code. Security is at the heart of the system:
- Authentication: Implementation via JWT (JSON Web Tokens).
- Data Isolation: Use of Row Level Security (RLS) policies directly at the PostgreSQL level, ensuring that each user can only access the data they are explicitly authorized to see.
Frontend & User Experience
The frontend relies on VueJs 3 responsiveness coupled with ShadCnVue elegance. Particular attention was paid to route management via middlewares, ensuring smooth and secure navigation.
Infrastructure & GitOps
Deployment is based on a K3S cluster optimized on a VPS (8GB RAM, 4 vCPUs). The GitOps approach with ArgoCD allows real-time synchronization between the manifest repository and the cluster state:
- Ingress Controller: Traefik configured with 3 replicas for high availability.
- Certificates: TLS automation via Let's Encrypt.
- Observability: Supervised infrastructure to guarantee auto-healing.
π Deployment & CI/CD
The workflow is fully automated. Each source code modification triggers a GitLab CI pipeline that builds the Docker image. ArgoCD then detects version changes in the configuration repository and deploys the modifications with zero downtime.
The strict separation between application code and Kubernetes manifests ensures clean and secure environment management.
π Key Takeaways
This project allowed me to validate the power and lightness of K3S for mid-sized production environments. Adopting ArgoCD radically transformed deployment management, bringing total peace of mind regarding the infrastructure state.
I was able to dive deeper into advanced security concepts (RBAC, RLS) and consolidate my skills in modern software architecture, where code and infrastructure become one.