← Back to Projects
Microservices Backend System Design

Transport Management System

A full-scale microservices platform for managing transport operations — ticketing, payments, fleet tracking, and more. Built to handle real-world complexity at scale.

Type Side Project / Learning
Role System Architect & Backend Developer
Status In Active Development
View Source Code
🌐 API Gateway Nginx
Auth
Tickets
Payments
Fleet
PostgreSQL
Redis
RabbitMQ

Tech Stack

Backend

Python FastAPI SQLAlchemy Alembic Pydantic

Infrastructure

Docker Nginx RabbitMQ Redis PostgreSQL

Client Apps

React React Native .NET / Avalonia Material UI

Security

JWT RBAC PBAC HMAC-SHA256 Zero Trust

System Architecture

The system follows a microservices architecture decomposed into vertical business domains. Each service owns its data, communicates via REST APIs (sync) and RabbitMQ events (async), with Redis handling caching, distributed locking, and geospatial data.

Auth Service

Identity Provider. Issues and verifies JWTs. Manages user credentials and Role-Based Access Control (RBAC) with Permission-Based Access Control (PBAC).

User Credentials JWT Signing RBAC PBAC

Company Service

Domain Core. Manages fleets, routes, stops, schedules, and driver assignments. Defines the physical and planned world.

Companies Buses Routes Schedules

Ticketing Service

Sales & inventory engine. Handles seat locking, booking, QR code generation, and pricing logic.

Tickets Seat Inventory QR Codes Pricing

Payment Service

Financial processor. Integrates with M-Pesa, MTN Mobile Money, and PayPal. Ensures idempotent transactions.

Transactions M-Pesa PayPal Idempotency

Tracking Service

Real-time GPS ingestion and broadcasting via WebSockets. Uses Redis geospatial indexes for live fleet positions.

WebSockets GPS Data Redis Geo Trip History

Notification Service

Event consumer. Sends SMS and emails based on system events like ticket sales and trip cancellations.

SMS Email Templates Delivery Logs

AI Service

LLM integration using Google Gemini for natural language queries. Generates SQL from user questions against DB schemas.

Google Gemini NLP SQL Gen

QR Service

Cryptographic verification of ticket validity. Isolated for security and performance.

HMAC-SHA256 Verification Isolated

Data Flow

Ticket Booking Flow

  1. Client requests seat lock → API Gateway → Ticketing Service
  2. Ticketing Service acquires Redis distributed lock on seat
  3. Client initiates payment → Payment Service
  4. Payment Service confirms → Publishes PaymentSuccess to RabbitMQ
  5. Ticketing Service consumes event → Updates status to CONFIRMED
  6. Notification Service consumes event → Sends SMS to user

Live Fleet Tracking Flow

  1. Driver App captures GPS → POSTs to Tracking Service
  2. Tracking Service updates bus:{id}:geo in Redis
  3. Web Client subscribes via WebSocket to trip:{id}
  4. Tracking Service pushes live updates from Redis to subscribers

Client Ecosystem

Five different clients consuming the same REST APIs — each built for a specific user and use case.

Public Web Portal

SEO-optimized booking engine for customers

React

Super Admin Dashboard

Platform-wide analytics and tenant management

React + MUI

Company Operations

Desktop app for scheduling and fleet management (offline capable)

.NET / Avalonia

Driver App

Trip start/stop and QR ticket scanning

React Native

POS App

High-throughput, offline-first ticket sales for agents

React Native

Key Engineering Decisions

Data Ownership

Each service has sole write authority over its entities. Cross-service data is accessed via APIs or event replication — never direct DB joins.

Distributed Locking

Redis Redlock prevents double-booking of seats. Strong consistency for writes, eventual consistency for reads and analytics.

Offline-First POS

Point-of-sale devices sync via batch endpoints when connectivity is restored. Server is always the source of truth for conflict resolution.

Zero Trust Security

Services don't trust each other implicitly. JWTs are passed and validated at every service boundary. No shared secrets between services.

Event-Driven Consistency

"At least once" delivery via RabbitMQ. All critical mutations (payments, bookings) require idempotency keys to prevent duplicates.

Schema Evolution

Non-breaking, additive changes only. Each service manages its own Alembic migrations. No master DB migration script exists.

DevOps & CI/CD

This project follows GitOps principles with a fully automated CI/CD pipeline powered by GitHub Actions — every push triggers build, test, and deploy.

Push to GitHub

Developer pushes code to the repository. This triggers the CI/CD pipeline automatically.

CI: Build & Test

GitHub Actions runs unit tests, lints the code, and builds Docker images. Merge is blocked if tests fail.

Package & Scan

Docker images are built, scanned for vulnerabilities, and pushed to the container registry.

CD: Deploy

Rolling update on the host machine. New containers pass health checks before traffic is shifted.

Continuous Integration

  • Automated unit tests with pytest
  • Code linting with flake8 and black
  • Merge gating — broken code can't reach main

Continuous Deployment

  • Docker image builds on merge to main
  • Rolling updates with zero downtime
  • Health check validation before traffic shift

Rollback Strategy

  • Instant rollback to previous image tag
  • Database: "roll forward" policy with fix scripts
  • Non-destructive, backwards-compatible migrations

Architecture Diagrams

System architecture diagrams coming soon.

Architecture diagrams will be added here

Interested in this project?

Want to learn more about the architecture or discuss similar systems? Let's talk.

Get In Touch View Other Projects