Files
jigoong a587be08bd feat: MinIO integration — bucket finance, API service upload, Nginx routing
- 01-infra/nginx-configs: add MinIO /minio/ and /minio-console/ location blocks
  (port 9000 S3 API, port 9001 Console UI, path stripping via rewrite)
- 03-apiservice: integrate MinIO minio-python SDK for file upload
  - requirements.txt: add minio==7.2.11
  - app/core/config.py: add MINIO_ENDPOINT, ACCESS_KEY, SECRET_KEY, BUCKET_FINANCE, USE_SSL
  - app/services/minio_client.py: new — upload_file(), get_presigned_url(), delete_file()
  - app/routes/pages.py: replace local /data/uploads/ write with MinIO upload to finance bucket
  - docker-compose.yml: pass MinIO env vars to container
  - .env.example: document MinIO vars
- 07-minio/.env.example: add MINIO_SVC_ACCESS_KEY/SECRET_KEY section
- 07-minio/README.md: add Python minio SDK and Airflow DAG usage guide
- CLAUDE.md: project context (servers, SSH, paths, service distribution)
- document-obsidiant/: initial Obsidian docs for all services
2026-05-20 17:42:39 +07:00

113 lines
5.8 KiB
Markdown

---
tags:
- project/sriphat
- dataplatform
- infrastructure
created: 2026-05-07
status: active
project: 2026-SRI-PJ-001
---
# Sriphat Data Platform — Project Overview
## ข้อมูลโครงการ
| รายการ | รายละเอียด |
|--------|-----------|
| **โครงการ** | Sriphat AI Transformation Data Platform |
| **รหัสโครงการ** | 2026-SRI-PJ-001 |
| **องค์กร** | โรงพยาบาลศรีพัฒน์ (Sriphat Hospital) |
| **Domain** | `ai.sriphat.com` / `sriphat.local` |
| **Server IP** | `192.168.100.9` |
| **Timezone** | Asia/Bangkok (UTC+7) |
## วัตถุประสงค์
สร้างระบบ **Modern Data Stack** สำหรับโรงพยาบาลศรีพัฒน์ โดยเน้น:
- **Security** — ระบบยืนยันตัวตนกลาง (SSO) ผ่าน Keycloak
- **Versatility** — รองรับข้อมูลหลายรูปแบบ (SQL Server, Oracle, REST API, Excel)
- **Single Sign-On** — ผู้ใช้ล็อกอินครั้งเดียวเข้าได้ทุก service
## Architecture Overview
```
┌──────────────────────────────────────────────────────────┐
│ Nginx Reverse Proxy │
│ (Gateway + SSL + Subpath Routing) │
│ ai.sriphat.com │
└──────────────────────────────────────────────────────────┘
│ │ │
┌──────▼──────┐ ┌──────▼──────┐ ┌────▼────────┐
│ Keycloak │ │ API Service │ │ Superset │
│ (SSO) │ │ (FastAPI) │ │ (BI) │
│ /keycloak │ │ /apiservice │ │ /superset │
└─────────────┘ └─────────────┘ └─────────────┘
│ │ │
└────────────────┼───────────────┘
┌─────────────┼──────────────┐
│ │ │
┌─────▼────┐ ┌─────▼─────┐ ┌────▼─────┐
│PostgreSQL│ │ Supabase │ │ MinIO │
│(Infra DB)│ │(BaaS/API) │ │(S3 Store)│
└──────────┘ └───────────┘ └──────────┘
┌──────▼──────┐
│ Airflow │
│ (Workflow) │
└─────────────┘
```
## Tech Stack (Layer Map)
| Layer | Tool | หน้าที่ |
|-------|------|--------|
| **Gateway** | Nginx | จัดการ Domain, SSL, Subpath routing |
| **Identity (SSO)** | Keycloak 23.0 | ยืนยันตัวตนกลาง (OIDC/OAuth2), รองรับ LDAP/AD |
| **Backend API** | FastAPI (Python) | Custom API endpoints, API Key management |
| **Database (Infra)** | PostgreSQL 15 | ฐานข้อมูลหลักสำหรับ Keycloak, API Service |
| **BaaS** | Supabase | PostgreSQL + Auth + Realtime + Storage + Edge Functions |
| **Workflow** | Apache Airflow 3.1.5 | DAG-based workflow orchestration (CeleryExecutor) |
| **Ingestion** | Airbyte | ETL จาก HIS, Oracle, REST API (ปัจจุบัน commented out) |
| **Analytics** | Apache Superset | Business Intelligence Dashboard |
| **Object Storage** | MinIO | S3-compatible storage, รองรับ ML/AI workflows |
| **Cache/Queue** | Redis 7.2 | Celery broker สำหรับ Airflow |
| **Monitoring** | Dozzle | Docker container log viewer |
## Docker Network
ทุก service ใช้ network ร่วมกันชื่อ `shared_data_network` (external)
```bash
docker network create shared_data_network
```
## Service Ports (Quick Reference)
| Service | Container Port | Host Port | URL |
|---------|---------------|-----------|-----|
| Nginx Proxy | 80 | 8020 | `http://localhost:8020` |
| Keycloak | 8080 | 8085 | `http://localhost:8085/keycloak` |
| PostgreSQL (Infra) | 5432 | 5435 | internal |
| Supabase Studio | 3000 | 3010 | `http://localhost:3010` |
| Supabase Kong API | 8000 | 8100 | `http://localhost:8100` |
| Supabase DB | 5432 | 5434 | internal |
| Supabase Pooler | 6543 | 6544 | internal |
| API Service | 8040 | 8040 | `http://localhost:8040/apiservice` |
| Airflow API Server | 8080 | 8200 | `http://localhost:8200` |
| Superset | 8088 | 8088 | `http://localhost:8088` |
| MinIO API | 9000 | 9000 | `http://localhost:9000` |
| MinIO Console | 9001 | 9001 | `http://localhost:9001` |
| Dozzle | 8080 | 9999 | `http://localhost:9999/dozzle` |
## Related Documents
- [[01-Infrastructure]] — Nginx, Keycloak, PostgreSQL, Redis, Dozzle
- [[02-Supabase]] — BaaS layer (PostgreSQL + Auth + Realtime + Storage)
- [[03-API-Service]] — FastAPI custom endpoints
- [[04-Airflow]] — Workflow orchestration
- [[05-Analytics-Superset]] — BI Dashboard
- [[06-MinIO]] — Object Storage
- [[07-Security-Strategy]] — Security model และ SSO
- [[08-Operations-Runbook]] — Deploy, Backup, Troubleshoot