Files
sriphat-dataplatform/document-obsidiant/2026-SRI-PJ-001 Sriphat AI Transformation/02-Supabase.md
jigoong a587be08bd feat: MinIO integration — bucket finance, API service upload, Nginx routing
- 01-infra/nginx-configs: add MinIO /minio/ and /minio-console/ location blocks
  (port 9000 S3 API, port 9001 Console UI, path stripping via rewrite)
- 03-apiservice: integrate MinIO minio-python SDK for file upload
  - requirements.txt: add minio==7.2.11
  - app/core/config.py: add MINIO_ENDPOINT, ACCESS_KEY, SECRET_KEY, BUCKET_FINANCE, USE_SSL
  - app/services/minio_client.py: new — upload_file(), get_presigned_url(), delete_file()
  - app/routes/pages.py: replace local /data/uploads/ write with MinIO upload to finance bucket
  - docker-compose.yml: pass MinIO env vars to container
  - .env.example: document MinIO vars
- 07-minio/.env.example: add MINIO_SVC_ACCESS_KEY/SECRET_KEY section
- 07-minio/README.md: add Python minio SDK and Airflow DAG usage guide
- CLAUDE.md: project context (servers, SSH, paths, service distribution)
- document-obsidiant/: initial Obsidian docs for all services
2026-05-20 17:42:39 +07:00

6.1 KiB

tags, created, status, folder
tags created status folder
project/sriphat
supabase
postgresql
baas
2026-05-07 active 02-supabase

Supabase Layer (02-supabase)

Docker Compose: 02-supabase/docker-compose.yml Env File: 02-supabase/.env

Supabase เป็น Backend-as-a-Service (BaaS) แบบ self-hosted ที่รวม PostgreSQL, Auth, Realtime, Storage และ Edge Functions ไว้ในที่เดียว

Services

Container Image Port หน้าที่
sdp-supabase-studio supabase/studio:2026.02.16 3010:3000 Web UI สำหรับจัดการ database
sdp-supabase-kong kong:2.8.1 8100:8000, 8444:8443 API Gateway (routing ทุก request)
sdp-supabase-auth supabase/gotrue:v2.186.0 internal Authentication service
sdp-supabase-rest postgrest/postgrest:v12.2.3 internal Auto-generated REST API จาก PostgreSQL
sdp-realtime-dev supabase/realtime:v2.76.5 internal WebSocket realtime subscriptions
sdp-supabase-storage supabase/storage-api:v1.37.8 internal File storage
sdp-supabase-imgproxy darthsim/imgproxy:v3.30.1 internal Image transformation
sdp-supabase-meta supabase/postgres-meta:v0.95.2 internal PostgreSQL metadata API
sdp-supabase-edge-functions supabase/edge-runtime:v1.70.3 internal Deno edge functions
sdp-supabase-analytics supabase/logflare:1.31.2 internal Log analytics (Logflare)
sdp-supabase-db supabase/postgres:15.8.1.085 5434:5432 PostgreSQL database หลัก
sdp-supabase-vector timberio/vector:0.53.0-alpine internal Log collector
sdp-supabase-pooler supabase/supavisor:2.7.4 6544:6543 Connection pooler (PgBouncer-like)

สถาปัตยกรรม Supabase

Client / API Service
        │
        ▼
  sdp-supabase-kong (API Gateway: port 8100)
        │
   ┌────┼────────────────────┐
   │    │                    │
   ▼    ▼                    ▼
Auth  REST API          Realtime
GoTrue PostgREST      Supabase Realtime
   │    │                    │
   └────┴────────────────────┘
                │
                ▼
     sdp-supabase-db (PostgreSQL 15)
                │
         sdp-supabase-pooler
              (Supavisor: port 6544)

PostgreSQL Database (sdp-supabase-db)

Image: supabase/postgres:15.8.1.085 Port: 5434 (host)

Init SQL Files

File หน้าที่
volumes/db/realtime.sql Setup replication สำหรับ Realtime
volumes/db/webhooks.sql Database webhook functions
volumes/db/roles.sql PostgreSQL roles setup
volumes/db/jwt.sql JWT helper functions
volumes/db/_supabase.sql Internal Supabase schema
volumes/db/logs.sql Logging tables
volumes/db/pooler.sql Connection pooler config

Connection Strings

# Direct Connection
postgresql://postgres:<password>@sdp-supabase-db:5432/postgres

# Via Pooler (Transaction mode)
postgresql://postgres.tenant:<password>@sdp-supabase-pooler:6543/postgres

# External (from host)
postgresql://postgres:<password>@192.168.100.9:5434/postgres

Kong API Gateway

Image: kong:2.8.1 Port: 8100 (HTTP), 8444 (HTTPS)

Kong ทำหน้าที่ route requests ไปยัง services ต่างๆ:

/auth/v1/*    → sdp-supabase-auth (GoTrue)
/rest/v1/*    → sdp-supabase-rest (PostgREST)
/realtime/v1/ → sdp-realtime (WebSocket)
/storage/v1/* → sdp-supabase-storage
/functions/v1/*→ sdp-supabase-edge-functions
/meta/*       → sdp-supabase-meta

Kong Config: volumes/api/kong.yml


Supavisor (Connection Pooler)

Image: supabase/supavisor:2.7.4 Port: 6544 (transaction mode pooler)

# Transaction mode (ใช้สำหรับ serverless/edge functions)
postgresql://postgres.sriphat:<password>@sdp-supabase-pooler:6543/postgres

POOLER_TENANT_ID: sriphat
POOLER_DEFAULT_POOL_SIZE: <from env>
POOLER_MAX_CLIENT_CONN: <from env>

Authentication (GoTrue)

Image: supabase/gotrue:v2.186.0

Features ที่เปิดใช้

Feature ค่า
Email Signup ${ENABLE_EMAIL_SIGNUP}
Anonymous Users ${ENABLE_ANONYMOUS_USERS}
Email Autoconfirm ${ENABLE_EMAIL_AUTOCONFIRM}
Phone Signup ${ENABLE_PHONE_SIGNUP}

JWT Configuration

JWT_SECRET: <จาก env>
JWT_EXPIRY: <จาก env>
JWT_AUD: authenticated
JWT_DEFAULT_GROUP: authenticated

Storage

Image: supabase/storage-api:v1.37.8 Data path: volumes/storage/

FILE_SIZE_LIMIT: 52428800 (50MB)
STORAGE_BACKEND: file
ENABLE_IMAGE_TRANSFORMATION: true

Supabase Studio

URL: http://localhost:3010 หรือ https://ai.sriphat.com/supabase Image: supabase/studio:2026.02.16-sha-26c615c

Studio เชื่อมต่อผ่าน:

  • PostgreSQL Meta API (sdp-meta:8080)
  • Kong API (sdp-kong:8000)
  • Logflare (sdp-analytics:4000)

Snippets path: volumes/snippets/ Functions path: volumes/functions/


Environment Variables (สำคัญ)

# PostgreSQL
POSTGRES_HOST=sdp-supabase-db
POSTGRES_PORT=5432
POSTGRES_DB=postgres
POSTGRES_PASSWORD=<secret>

# JWT
JWT_SECRET=<long-random-string>
JWT_EXPIRY=3600

# API Keys
ANON_KEY=<jwt-anon-key>
SERVICE_ROLE_KEY=<jwt-service-role-key>

# Studio
STUDIO_DEFAULT_ORGANIZATION=Sriphat Hospital
STUDIO_DEFAULT_PROJECT=DataPlatform
SUPABASE_PUBLIC_URL=https://ai.sriphat.com/supabase-api

# Logflare
LOGFLARE_PUBLIC_ACCESS_TOKEN=<token>
LOGFLARE_PRIVATE_ACCESS_TOKEN=<token>

การใช้งาน Supabase จาก API Service

# ใน 03-apiservice
SUPABASE_DB_HOST=sdp-supabase-db
SUPABASE_DB_PORT=5432
SUPABASE_DB_USER=postgres.1
SUPABASE_DB_NAME=postgres

SUPABASE_API_URL=http://sdp-kong:8000
SUPABASE_API_KEY=<anon-or-service-role-key>