Mantenova
B2B SaaS platform for end-to-end management of regulatory technical inspections and industrial maintenance. Connects facility-owning companies with inspection firms, automates regulatory deadline tracking, centralizes all documentation in a single system, and provides admin-editable content for per-operator customization.
Technologies
Roles
Results and Achievements
-
Modular architecture on dynamic catalogs: 25 facility types and 34 inspection types managed from the database, with 120 facility–inspection combinations. Adding a new type requires no code changes or deployments. Catalogs verified against current regulations (RD 164/2025 RSCIEI, RD 355/2024 lifts, RD 178/2021 RITE, RD 552/2019 refrigeration, RD 487/2022 + RD 614/2024 legionella, RD 390/2021 + RD 659/2025 energy efficiency).
-
Admin-editable content:
SiteConfig(global singleton) andContentBlock(per-page blocks, bilingual ES/EN, withdjango-tinymcefor rich editing) models allow logo, texts, and entire sections to be customized without development. Prepares the platform for white-label mode per operating company. -
Role-based permission system with explicit overrides: five roles (root, owner-side representative, facility manager, inspection-side representative, inspector) with default access defined by role, extensible per resource via
PermissionOverride. Overrides extend, never restrict. Anti-IDOR validation on API writes with dedicated security tests. -
REST API documented with OpenAPI/Swagger (drf-spectacular), ready to power the PWA and future integrations.
-
Automatic alert engine prepared to notify 30, 15, and 7 days before inspection expiry, with in-app notifications and opt-in email.
-
Preparation for qualified digital signatures (eIDAS) from the data layer: nullable metadata fields integrated in Phase 1 to avoid restructuring when the provider is contracted in Phase 8.
-
Multi-environment Docker infrastructure (dev, staging, prod) with
web,postgres,redis,celery worker, andcelery beatservices; standardized Makefile replicable across projects; CI/CD on GitHub Actions (ruff + pytest + pip-audit + Dependabot + coverage floorfail_under=70). -
Quality enforced in CI, not in good intentions: 129 tests passing with 71% coverage, language-independent tests (assertions on stable error codes, not on translatable text), automatic dependency auditing with
pip-auditandDependabot, coverage floor as a CI guard. -
ES/EN internationalization from the start with
django-modeltranslation(catalogs, regulations, editable content). Zero fuzzy strings in the translation catalog. -
Custom visual identity and design system: logo, palette (Graphite/Copper/Amber/Sand), typography (Inter Display + Inter + Noto Sans Mono), and CSS tokens defined before touching the templates layer.
-
Decisions documented as ADRs (Architecture Decision Records) in
docs/adr/, so the "why" behind each decision outlives the "what". -
Project rooted in direct industry experience in the industrial electrical sector: facility types, periodicities, and workflows are modeled on verified real needs, not assumptions.
-
Mantenova addresses a problem observed first-hand in the Spanish industrial sector: managing regulatory technical inspections and the associated documentation still largely relies on spreadsheets, scattered emails, and phone calls — despite involving processes with strict legal deadlines and real economic and safety consequences.
-
The platform provides a unified space where facility-owning companies (transformer stations, photovoltaic plants, industrial warehouses, offices, retail premises, petroleum facilities, refrigeration plants, pressure equipment, cranes, ATEX installations, etc.) manage their assets and coordinate inspections with registered technical inspection firms, which in turn manage their inspectors, work zones, and schedules. An automatic alert engine notifies before each inspection expires, contextual messaging keeps conversations linked to the relevant resource, document management is prepared from the data layer for qualified digital signatures (eIDAS), and the entire visual content of public pages is editable from administration, preparing the platform for per-company customization.
-
Current status: V2 in active professional development. V1, delivered and validated in 2025, served as functional validation of the concept. V2 is a complete rewrite with modular and tested architecture, planned across nine phases (0–8) with objective completion criteria. Four phases closed (infrastructure, models, business logic, and REST API) with 129 tests passing and 71% coverage enforced in CI; Phase 4 (views and frontend) in progress with public pages already complete. The phase-by-phase breakdown, decisions, and verifiable progress are detailed in the roadmap section.
The problem
In the Spanish industrial sector, the management of mandatory technical inspections still largely depends on spreadsheets, emails, and phone calls. Companies that own facilities — industrial warehouses, transformer stations, photovoltaic plants, commercial premises — must comply with dozens of periodic inspections with legal deadlines: OCA every five years, RITE every four years, triennial ground measurement, RSCIEI every five years, lifts every 2, 4, or 6 years depending on building type, RIPCI, legionella…
When these deadlines are managed manually, delays occur, documents get lost, communications are duplicated, and regulations go unmet. The cost isn't just financial: an expired certificate can halt operations or create legal liabilities.
Mantenova was born from direct observation of this problem in the industrial electrical sector.
The solution
Mantenova is a B2B SaaS platform that brings both sides of the process into a single system:
-
Facility-owning companies, which manage their assets, request inspections, and store all associated documentation.
-
Technical inspection firms, which manage their inspectors, define their operating zones, and receive, accept, and complete inspections.
On this foundation, the platform delivers:
-
Dynamic catalog of 25 facility types and 34 inspection types, with 120 combinations reflecting which inspections apply to each facility type and at what legal periodicity.
-
Automatic alert engine that notifies before each inspection expires.
-
Contextual messaging linked to a specific company, facility, or inspection, so conversations always have explicit reference.
-
Document management with versioning and metadata prepared for qualified digital signatures.
-
Admin-editable content (logo, texts, public page sections) that allows the platform to be customized per operating company without additional development.
-
Technical regulations catalog with direct links to official sources.
-
PWA for access from any device, without dependence on app stores.
Architecture and technical decisions
V2 is built on Django 6.0, Python 3.14, PostgreSQL 16, Redis 7, and Celery, all orchestrated with Docker Compose across three environments (dev, staging, prod). The REST API is documented with OpenAPI/Swagger (drf-spectacular). The frontend is built on a custom design system (palette, typography, and CSS tokens) and delivered as a Progressive Web App.
Some architectural decisions worth highlighting:
-
Dynamic catalogs, not hardcoded enums. Facility and inspection types live in the database. Adding a new type requires no code migration or deployment: it is done from the admin panel. Catalogs are verified against current regulations (RD 164/2025 RSCIEI, RD 355/2024 lifts, RD 178/2021 RITE, RD 552/2019 refrigeration, RD 487/2022 + RD 614/2024 legionella, RD 390/2021 + RD 659/2025 energy efficiency).
-
A single inspection model + detail tables only where they add value. Instead of 34 separate models per type, there is one
Inspeccionmodel and only 11 detail models for the types that need extra fields (OCA, earthing, RITE, RSCIEI, pressure, refrigeration, gases, APQ, cranes, legionella, tightness). -
One Empresa model with a
typefield (owner or inspection), not two parallel models: simplifies relationships, reporting, and permissions. -
Roles + explicit overrides. Five roles define default access;
PermissionOverrideallows extending access on specific resources without touching the role model. Overrides extend, never restrict. Anti-IDOR validation on API writes with dedicated security tests. -
Admin-editable content.
SiteConfig(global singleton) andContentBlock(per-page blocks, bilingual ES/EN, withdjango-tinymcefor rich editing) models that allow logo, texts, and entire sections to be customized without touching code. Prepares the platform for white-label mode per operating company. -
Business logic in
services.py. Views and API endpoints orchestrate, they do not hold logic. This makes each business operation testable in isolation. -
Digital signature prepared from Phase 1. Document models carry nullable signature metadata from the start, so the actual integration with a qualified provider (eIDAS) in Phase 8 requires no restructuring.
-
Bilingual from the start.
django-modeltranslationfor catalogs, regulations, and editable content; templates with{% trans %}tags andLocaleMiddleware. Translation catalog with zero fuzzy strings. -
Quality enforced in CI, not in good intentions. 129 tests passing with 71% coverage,
fail_under=70floor enforced in CI, language-independent tests (assertions on stable error codes, not on translatable text), automatic dependency auditing withpip-auditandDependabot. -
Decisions documented as ADRs (Architecture Decision Records) in
docs/adr/, so the "why" behind each architectural decision outlives the "what".
Roadmap and current status
Mantenova V2 is developed across nine phases (0–8) with objective completion criteria for each one. Status as of this listing's publication:
-
Phase 0 — Infrastructure ✅ Complete. Multi-environment Docker Compose, per-environment configuration (base, dev, staging, prod, test), Dockerfile, Nginx, Gunicorn, standardized Makefile replicable across projects, GitHub Actions (ruff + pytest + pip-audit + Dependabot), coverage floor
fail_under=70, Celery + Redis operational, pytest with factories. -
Phase 1 — Core models ✅ Complete. 60 models across 14 Django apps, seeded catalogs (25 facility types, 34 inspection types, 120 combinations) verified against current regulations, type-specific models, base permission system, messaging, notifications (15 types), regulations, documents with digital signature preparation, internationalization with
django-modeltranslation. -
Phase 2 — Business logic ✅ Complete. Per-app
services.pywith all business operations (request inspection, accept, reject, start, complete, cancel, calculate next, deactivate facility or inspector), custom managers, permission mixins for CBVs, state transition validations, audit signals, anti-IDOR validation. -
Phase 3 — REST API ✅ Complete. API documented with OpenAPI/Swagger, authentication, marketplace, endpoints aligned with services, dedicated security tests.
-
Phase 4 — Views and templates 🔶 In progress. Closed: design system implemented in CSS (tokens, base, pages), base templates, authentication views, public pages complete with admin-editable content (
SiteConfig+ContentBlock+django-tinymce), language switcher. Pending: role-based dashboards, CRUD panels per user type, marketplace search, full forms, view tests. -
Phase 5 — Frontend polish and components ⏳ Pending. Specialized UI components, inspector calendar, real-time messaging, micro-interactions.
-
Phase 6 — Asynchronous tasks ⏳ Pending. Periodic loading of industry news, regulations scraping with alerts, automatic expiry notifications, transactional emails, scheduled backups, PDF report generation.
-
Phase 7 — Production deployment ⏳ Pending. Hardened production compose, deployment scripts, SSL, monitoring, security hardening, and GDPR compliance (privacy policy, consent management, right to erasure).
-
Phase 8 — Digital signature and legal validity ⏳ Pending. Provider selection (Viafirma, Signaturit, AutoFirma), TSA integration for time-stamping, eIDAS compliance verification, signature and verification tests. The data architecture has been prepared since Phase 1 so this integration requires no restructuring.
Cumulative quality coverage: 129 tests passing, 71% coverage, fail_under=70 floor enforced in CI, automatic dependency auditing, decisions recorded as ADRs.
The project is kept in a private GitHub repository with active CI/CD on every push. To access the code or request more details, use the Request Info button.
Interested in this project?
If you need more technical information, additional documentation, or want to discuss a collaboration, feel free to contact me.
Request information