- 01-infra/nginx-configs: add MinIO /minio/ and /minio-console/ location blocks (port 9000 S3 API, port 9001 Console UI, path stripping via rewrite) - 03-apiservice: integrate MinIO minio-python SDK for file upload - requirements.txt: add minio==7.2.11 - app/core/config.py: add MINIO_ENDPOINT, ACCESS_KEY, SECRET_KEY, BUCKET_FINANCE, USE_SSL - app/services/minio_client.py: new — upload_file(), get_presigned_url(), delete_file() - app/routes/pages.py: replace local /data/uploads/ write with MinIO upload to finance bucket - docker-compose.yml: pass MinIO env vars to container - .env.example: document MinIO vars - 07-minio/.env.example: add MINIO_SVC_ACCESS_KEY/SECRET_KEY section - 07-minio/README.md: add Python minio SDK and Airflow DAG usage guide - CLAUDE.md: project context (servers, SSH, paths, service distribution) - document-obsidiant/: initial Obsidian docs for all services
6.1 KiB
tags, created, status, folder
| tags | created | status | folder | ||||
|---|---|---|---|---|---|---|---|
|
2026-05-07 | active | 02-supabase |
Supabase Layer (02-supabase)
Docker Compose:
02-supabase/docker-compose.ymlEnv File:02-supabase/.env
Supabase เป็น Backend-as-a-Service (BaaS) แบบ self-hosted ที่รวม PostgreSQL, Auth, Realtime, Storage และ Edge Functions ไว้ในที่เดียว
Services
| Container | Image | Port | หน้าที่ |
|---|---|---|---|
sdp-supabase-studio |
supabase/studio:2026.02.16 | 3010:3000 |
Web UI สำหรับจัดการ database |
sdp-supabase-kong |
kong:2.8.1 | 8100:8000, 8444:8443 |
API Gateway (routing ทุก request) |
sdp-supabase-auth |
supabase/gotrue:v2.186.0 | internal | Authentication service |
sdp-supabase-rest |
postgrest/postgrest:v12.2.3 | internal | Auto-generated REST API จาก PostgreSQL |
sdp-realtime-dev |
supabase/realtime:v2.76.5 | internal | WebSocket realtime subscriptions |
sdp-supabase-storage |
supabase/storage-api:v1.37.8 | internal | File storage |
sdp-supabase-imgproxy |
darthsim/imgproxy:v3.30.1 | internal | Image transformation |
sdp-supabase-meta |
supabase/postgres-meta:v0.95.2 | internal | PostgreSQL metadata API |
sdp-supabase-edge-functions |
supabase/edge-runtime:v1.70.3 | internal | Deno edge functions |
sdp-supabase-analytics |
supabase/logflare:1.31.2 | internal | Log analytics (Logflare) |
sdp-supabase-db |
supabase/postgres:15.8.1.085 | 5434:5432 |
PostgreSQL database หลัก |
sdp-supabase-vector |
timberio/vector:0.53.0-alpine | internal | Log collector |
sdp-supabase-pooler |
supabase/supavisor:2.7.4 | 6544:6543 |
Connection pooler (PgBouncer-like) |
สถาปัตยกรรม Supabase
Client / API Service
│
▼
sdp-supabase-kong (API Gateway: port 8100)
│
┌────┼────────────────────┐
│ │ │
▼ ▼ ▼
Auth REST API Realtime
GoTrue PostgREST Supabase Realtime
│ │ │
└────┴────────────────────┘
│
▼
sdp-supabase-db (PostgreSQL 15)
│
sdp-supabase-pooler
(Supavisor: port 6544)
PostgreSQL Database (sdp-supabase-db)
Image: supabase/postgres:15.8.1.085
Port: 5434 (host)
Init SQL Files
| File | หน้าที่ |
|---|---|
volumes/db/realtime.sql |
Setup replication สำหรับ Realtime |
volumes/db/webhooks.sql |
Database webhook functions |
volumes/db/roles.sql |
PostgreSQL roles setup |
volumes/db/jwt.sql |
JWT helper functions |
volumes/db/_supabase.sql |
Internal Supabase schema |
volumes/db/logs.sql |
Logging tables |
volumes/db/pooler.sql |
Connection pooler config |
Connection Strings
# Direct Connection
postgresql://postgres:<password>@sdp-supabase-db:5432/postgres
# Via Pooler (Transaction mode)
postgresql://postgres.tenant:<password>@sdp-supabase-pooler:6543/postgres
# External (from host)
postgresql://postgres:<password>@192.168.100.9:5434/postgres
Kong API Gateway
Image: kong:2.8.1
Port: 8100 (HTTP), 8444 (HTTPS)
Kong ทำหน้าที่ route requests ไปยัง services ต่างๆ:
/auth/v1/* → sdp-supabase-auth (GoTrue)
/rest/v1/* → sdp-supabase-rest (PostgREST)
/realtime/v1/ → sdp-realtime (WebSocket)
/storage/v1/* → sdp-supabase-storage
/functions/v1/*→ sdp-supabase-edge-functions
/meta/* → sdp-supabase-meta
Kong Config: volumes/api/kong.yml
Supavisor (Connection Pooler)
Image: supabase/supavisor:2.7.4
Port: 6544 (transaction mode pooler)
# Transaction mode (ใช้สำหรับ serverless/edge functions)
postgresql://postgres.sriphat:<password>@sdp-supabase-pooler:6543/postgres
POOLER_TENANT_ID: sriphat
POOLER_DEFAULT_POOL_SIZE: <from env>
POOLER_MAX_CLIENT_CONN: <from env>
Authentication (GoTrue)
Image: supabase/gotrue:v2.186.0
Features ที่เปิดใช้
| Feature | ค่า |
|---|---|
| Email Signup | ${ENABLE_EMAIL_SIGNUP} |
| Anonymous Users | ${ENABLE_ANONYMOUS_USERS} |
| Email Autoconfirm | ${ENABLE_EMAIL_AUTOCONFIRM} |
| Phone Signup | ${ENABLE_PHONE_SIGNUP} |
JWT Configuration
JWT_SECRET: <จาก env>
JWT_EXPIRY: <จาก env>
JWT_AUD: authenticated
JWT_DEFAULT_GROUP: authenticated
Storage
Image: supabase/storage-api:v1.37.8
Data path: volumes/storage/
FILE_SIZE_LIMIT: 52428800 (50MB)
STORAGE_BACKEND: file
ENABLE_IMAGE_TRANSFORMATION: true
Supabase Studio
URL: http://localhost:3010 หรือ https://ai.sriphat.com/supabase
Image: supabase/studio:2026.02.16-sha-26c615c
Studio เชื่อมต่อผ่าน:
- PostgreSQL Meta API (
sdp-meta:8080) - Kong API (
sdp-kong:8000) - Logflare (
sdp-analytics:4000)
Snippets path: volumes/snippets/
Functions path: volumes/functions/
Environment Variables (สำคัญ)
# PostgreSQL
POSTGRES_HOST=sdp-supabase-db
POSTGRES_PORT=5432
POSTGRES_DB=postgres
POSTGRES_PASSWORD=<secret>
# JWT
JWT_SECRET=<long-random-string>
JWT_EXPIRY=3600
# API Keys
ANON_KEY=<jwt-anon-key>
SERVICE_ROLE_KEY=<jwt-service-role-key>
# Studio
STUDIO_DEFAULT_ORGANIZATION=Sriphat Hospital
STUDIO_DEFAULT_PROJECT=DataPlatform
SUPABASE_PUBLIC_URL=https://ai.sriphat.com/supabase-api
# Logflare
LOGFLARE_PUBLIC_ACCESS_TOKEN=<token>
LOGFLARE_PRIVATE_ACCESS_TOKEN=<token>
การใช้งาน Supabase จาก API Service
# ใน 03-apiservice
SUPABASE_DB_HOST=sdp-supabase-db
SUPABASE_DB_PORT=5432
SUPABASE_DB_USER=postgres.1
SUPABASE_DB_NAME=postgres
SUPABASE_API_URL=http://sdp-kong:8000
SUPABASE_API_KEY=<anon-or-service-role-key>