DCon Platform

Technical Overview · Internal
Prepared2026-07-17Status: live (private)
Executive Summary

What we built

We moved DCon off a third-party SaaS (ThingsBoard Cloud, Professional Edition — per-device billing, ~$100–300/mo) onto a DCon-owned, DCon-branded custom monitoring platform running on our own infrastructure — with a capability no standard tank-monitoring vendor has: live hazard-risk fusion.

38
Devices migrated
~383K
Telemetry datapoints
>90%
Infra cost cut
78K+
Hazard signals fused
Architecture

Stack — everything we own

Compute

DigitalOcean droplet (Ubuntu 24.04) running Docker. Dedicated box, isolated from all other DCon systems.

Database

Neon — managed serverless PostgreSQL 17. Our own project, our own dcon schema. No vendor lock-in.

Application

Node/Express API + zero-framework single-page ops UI, fully DCon-branded. Containerized, one-command deploy.

Data Flows

How the data moves

1 · Migration + hourly sync — live

The entire ThingsBoard tenant was copied read-only into our own Postgres. ThingsBoard is never written to and still runs in parallel. An hourly cron keeps our data current.

Source
ThingsBoard Cloud
read-only · untouched
Hourly cron
Sync (SELECT only)
devices · telemetry · history
DCon-owned
Neon · dcon schema
our data, our DB
Presentation
DCon Platform
branded UI · MFA

2 · Hazard fusion — SignalCommand — live

The platform reads SignalCommand's signal database read-only, scoped to weather / energy / cyber, US-only, all severities — so operators watch threats escalate. Each signal deep-links into SignalCommand's live map.

Intelligence
SignalCommand
78K+ signals · read-only
Filter
Weather · Energy · Cyber
US-only · all severities
Risk view
Escalation feed
scored · newest-first
Deep-link
SignalCommand map
geo-centered per signal
Engineering

The build — all in Git

Everything is version-controlled in a private GitHub repo with infrastructure-as-code, so a fresh operator can reproduce the whole stack from scratch. Nothing lives only on a laptop.

Repository

  • js2733/dcon-rmc (private) — site + platform/
  • Marketing site (13-page, Cloudflare Pages)
  • platform/dcon-app — the custom platform
  • platform/infra — Docker Compose, bootstrap/backup/upgrade
  • platform/scripts — export · import · repoint · telemetry
  • Secrets git-ignored; passed at runtime only

Deliverables shipped

  • Read-only tenant export + assessment (PE-gap, cost, risk)
  • Neon-based infra-as-code + one-command bootstrap
  • Ordered migration (profiles→devices→dashboards→rules)
  • Custom DCon Platform app (9 sections)
  • Hourly live-sync cron + build-status page
  • TOTP MFA + SignalCommand hazard integration
Product

Platform capabilities

Overview & Sites

Fleet KPIs, plus per-site dashboards — radial gauges, alarm tables, mini-maps and trend charts (the native replacement for ThingsBoard's per-site dashboards).

Map & Devices

Colored topographic map with GPS-plotted sites; device grid with type filters, search, live analog/relay/signal readings.

Alarms & Analytics

Real threshold alarms computed from telemetry (e.g. analog-high vs. configured limit), trend analytics across any device and metric.

Risk & Hazards moat

Live weather/energy/cyber hazard feed with escalation view and one-click deep-links into SignalCommand's map.

Device Types

Fleet composition by hardware/profile — CBW controllers, drilling rigs, oil-blending, and more.

Security

Authenticator-app MFA (TOTP), self-hosted, encrypted transport, private by default.

Integration

SignalCommand — both directions

Inbound live now

DCon Platform reads SignalCommand's hazard signals (read-only) and surfaces them against our sites — weather, energy, cyber, US, all severities, escalation-ordered, deep-linked to the SC map.

Outbound designed

DCon telemetry surfaced inside SignalCommand as a licensed "DCon Network" map layer/tab that customers subscribe to — a revenue channel using SignalCommand's existing tiering. Additive; no SC change until approved.

Net effect: DCon becomes the only tank-monitoring platform that pairs live asset telemetry with real-time hazard intelligence — "which of your sites is about to be hit, and by what."

Roadmap

Future state — enterprise-grade

PhaseCapabilityValue
nextPublic exposure behind Cloudflare Access (SSO + MFA) at app.dcon-rmc.comCustomers & field staff log in from the marketing site
nextPer-customer isolation / RBAC — customers see only their sites; staff see the fleetMulti-tenant SaaS you can sell
thenDirect device ingestion (MQTT) → retire ThingsBoard entirelyFull ownership, no interim engine
thenAlerting — Email / SMS / voice on out-of-parameter + hazard proximityMatches the brochure promise; prevents spills
thenGeofenced hazard-to-site matching + auto-dispatch"Hailstorm 40 min from Wagner → page operator"
laterReporting/exports, audit logs, mobile, SLA/HA (multi-node + backups)Enterprise procurement & security checklist
Decisions Needed

Open questions — to reach full live feeds & go-live

Opportunity

What else we can add on

  • Predictive analytics on telemetry (leak / dry-run / overfill prediction)
  • Chemical-dosing optimization (we already ingest feed-rate & dose)
  • Customer self-service portal + subscription billing
  • Per-customer white-labeling
  • Work-order / dispatch integration on alarm
  • Scheduled PDF reports & data exports
  • Public API for OEM/utility partners
  • Benchmarking & historical site comparisons

Bottom line

We turned a rented, per-device SaaS into a DCon-owned platform — same views and management, but ours: cheaper, more secure, and doing something competitors can't. The data is liberated into our own database, the stack is reproducible from Git, and the differentiator (hazard fusion) is already live.

LiveNextFuture