- 01-infra/nginx-configs: add MinIO /minio/ and /minio-console/ location blocks (port 9000 S3 API, port 9001 Console UI, path stripping via rewrite) - 03-apiservice: integrate MinIO minio-python SDK for file upload - requirements.txt: add minio==7.2.11 - app/core/config.py: add MINIO_ENDPOINT, ACCESS_KEY, SECRET_KEY, BUCKET_FINANCE, USE_SSL - app/services/minio_client.py: new — upload_file(), get_presigned_url(), delete_file() - app/routes/pages.py: replace local /data/uploads/ write with MinIO upload to finance bucket - docker-compose.yml: pass MinIO env vars to container - .env.example: document MinIO vars - 07-minio/.env.example: add MINIO_SVC_ACCESS_KEY/SECRET_KEY section - 07-minio/README.md: add Python minio SDK and Airflow DAG usage guide - CLAUDE.md: project context (servers, SSH, paths, service distribution) - document-obsidiant/: initial Obsidian docs for all services
5.8 KiB
5.8 KiB
tags, created, status, folder
| tags | created | status | folder | ||||
|---|---|---|---|---|---|---|---|
|
2026-05-07 | active | 03-apiservice |
API Service (03-apiservice)
Docker Compose:
03-apiservice/docker-compose.ymlEnv File:03-apiservice/.envLanguage: Python / FastAPI
Overview
Custom FastAPI service สำหรับ:
- รับข้อมูล Checkpoint จาก HIS (Hospital Information System)
- จัดการ API Keys แบบ permission-based
- Admin UI สำหรับบริหาร API Clients
- รองรับ Keycloak SSO สำหรับหน้าเว็บ Admin
Container
| รายการ | ค่า |
|---|---|
| Container | apiservice |
| Image | 03-apiservice-apiservice:latest (build local) |
| Port | 8040:8040 |
| URL | https://ai.sriphat.com/apiservice |
| Health Check | http://localhost:8040/apiservice/docs |
API Endpoints (หลัก)
Data Feed Endpoints
POST /apiservice/api/v1/feed/checkpoint
Payload ตัวอย่าง:
[
{
"id": 1,
"hn": 123,
"vn": 456,
"location": "OPD",
"type": "Scan",
"timestamp_in": "2026-02-16T10:00:00",
"timestamp_out": null,
"waiting_time": null,
"bu": "SRIPHAT"
}
]
Required Permission: feed.checkpoint:write
Admin Endpoints
GET /apiservice/admin/ # Admin dashboard
POST /apiservice/admin/api-keys/generate # สร้าง API Key ใหม่
GET /apiservice/admin/api-clients # รายการ API Clients
Documentation
GET /apiservice/docs # Swagger UI
GET /apiservice/redoc # ReDoc
Database Schema
API Service ใช้ PostgreSQL (Infra) และ Supabase:
Tables (PostgreSQL Infra)
| Table | ใช้สำหรับ |
|---|---|
fastapi.ApiClient |
ข้อมูล API Client (ระบบที่ขอใช้ API) |
fastapi.ApiKey |
API Keys ที่เข้ารหัสแล้ว |
Tables (Supabase)
| Table | Schema | ใช้สำหรับ |
|---|---|---|
RawWaitingTime |
operationbi |
ข้อมูล waiting time ดิบ |
RawOpdCheckpoint |
— | ข้อมูล OPD checkpoint |
Authentication
1. API Key Authentication (สำหรับ System Integration)
# Request header
Authorization: Bearer <api-key>
# หรือ query param
?api_key=<api-key>
API Key สร้างได้จาก Admin UI โดยกำหนด permissions:
feed.checkpoint:write— บันทึกข้อมูล checkpoint- (สามารถเพิ่ม permissions เพิ่มเติมได้)
2. Keycloak SSO (สำหรับ Admin Web UI)
# Environment variables
KEYCLOAK_SERVER_URL=http://keycloak:8080
KEYCLOAK_REALM=master
KEYCLOAK_CLIENT_ID=apiservice
KEYCLOAK_CLIENT_SECRET=<secret>
KEYCLOAK_REDIRECT_URI=http://localhost:8040/apiservice/auth/callback
File Structure
03-apiservice/
├── app/
│ ├── api/v1/
│ │ ├── routes.py # API endpoints
│ │ └── schemas.py # Pydantic schemas
│ ├── core/
│ │ └── config.py # Settings / Config
│ ├── db/
│ │ ├── models.py # SQLAlchemy models
│ │ ├── init_db.py # Database initialization
│ │ └── session.py # DB session
│ ├── middleware/ # Custom middleware
│ ├── models/ # Additional models
│ ├── routes/ # Additional routes
│ ├── security/
│ │ ├── api_key.py # API Key handling
│ │ ├── keycloak_auth.py # Keycloak integration
│ │ ├── permissions.py # Permission system
│ │ └── dependencies.py # FastAPI dependencies
│ ├── services/ # Business logic
│ ├── templates/ # HTML templates (Admin UI)
│ └── utils/
│ └── supabase_client.py
├── data/uploads/ # File uploads
├── docker-compose.yml
├── requirements.txt
└── .env
Environment Variables
# Application
APP_NAME=APIsService
ROOT_PATH=/apiservice
TIMEZONE=Asia/Bangkok
# PostgreSQL (Infra DB)
DB_HOST=postgres
DB_PORT=5432
DB_USER=postgres
DB_PASSWORD=<secret>
DB_NAME=postgres
DB_SSLMODE=prefer
# Supabase DB (สำหรับ RawOpdCheckpoint)
SUPABASE_DB_HOST=sdp-supabase-db
SUPABASE_DB_PORT=5432
SUPABASE_DB_USER=postgres.1
SUPABASE_DB_NAME=postgres
# Supabase API
SUPABASE_API_URL=http://sdp-kong:8000
SUPABASE_API_KEY=<anon-or-service-role-key>
# Admin
ADMIN_SECRET_KEY=<secret>
ADMIN_USERNAME=admin
ADMIN_PASSWORD=<secret>
API_KEY_ENC_SECRET=<encryption-key>
# Keycloak
KEYCLOAK_SERVER_URL=http://keycloak:8080
KEYCLOAK_REALM=master
KEYCLOAK_CLIENT_ID=apiservice
KEYCLOAK_CLIENT_SECRET=<secret>
KEYCLOAK_REDIRECT_URI=<redirect-url>
# Airflow Integration
AIRFLOW_API_URL=http://airflow-webserver:8080
AIRFLOW_API_TOKEN=<token>
AIRFLOW_DAG_ID_FINANCE=process_finance_excel
# Debug
DEBUG_AUTH=false
LOG_LEVEL=debug
Build & Deploy
# Build image
cd 03-apiservice
docker compose --env-file ../.env.global build
# Start service
docker compose --env-file ../.env.global up -d
# View logs
docker logs apiservice -f
# Restart
docker restart apiservice
Airflow Integration
API Service มี integration กับ Apache Airflow:
- ส่ง trigger ไปยัง Airflow DAG
- DAG
process_finance_excelสำหรับประมวลผล Excel files
ดูรายละเอียดที่ 03-apiservice/AIRFLOW_INTEGRATION.md