Files

Porsche Chen 360533393f feat: HR Portal - Complete Multi-Tenant System with Redis Session Storage

Major Features:
- ✅ Multi-tenant architecture (tenant isolation)
- ✅ Employee CRUD with lifecycle management (onboarding/offboarding)
- ✅ Department tree structure with email domain management
- ✅ Company info management (single-record editing)
- ✅ System functions CRUD (permission management)
- ✅ Email account management (multi-account per employee)
- ✅ Keycloak SSO integration (auth.lab.taipei)
- ✅ Redis session storage (10.1.0.254:6379)
  - Solves Cookie 4KB limitation
  - Cross-system session sharing
  - Sliding expiration (8 hours)
  - Automatic token refresh

Technical Stack:
Backend:
- FastAPI + SQLAlchemy
- PostgreSQL 16 (10.1.0.20:5433)
- Keycloak Admin API integration
- Docker Mailserver integration (SSH)
- Alembic migrations

Frontend:
- Next.js 14 (App Router)
- NextAuth 4 with Keycloak Provider
- Redis session storage (ioredis)
- Tailwind CSS

Infrastructure:
- Redis 7 (10.1.0.254:6379) - Session + Cache
- Keycloak 26.1.0 (auth.lab.taipei)
- Docker Mailserver (10.1.0.254)

Architecture Highlights:
- Session管理由 Keycloak + Redis 統一控制
- 支援多系統 (HR/WebMail/Calendar/Drive/Office) 共享 session
- Token 自動刷新,異質服務整合
- 未來可無縫遷移到雲端

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

2026-02-23 20:12:43 +08:00

4.5 KiB

Raw Permalink Blame History

HR Portal 資料庫設定指南

🎯 目標

在 Ubuntu Server (10.1.0.254) 上建立 HR Portal 資料庫

📋 方案選擇

⭐ 方案 A: 一鍵執行 (推薦)

步驟 1: 登入 Ubuntu Server

ssh ubuntu@10.1.0.254

步驟 2: 下載並執行安裝腳本

# 建立工作目錄
mkdir -p ~/hr-portal-setup && cd ~/hr-portal-setup

# 執行設定腳本 (會自動從 Windows 複製檔案)
bash <(cat <<'SETUP_SCRIPT'
#!/bin/bash
set -e

echo "========================================"
echo "  HR Portal Database Setup"
echo "========================================"
echo ""

# 配置
DB_NAME="hr_portal"
DB_USER="hr_user"
POSTGRES_CONTAINER="postgres"

# 提示輸入密碼
read -sp "Enter password for 'hr_user': " DB_PASSWORD
echo ""

# 檢查 PostgreSQL
echo "[1/5] Checking PostgreSQL container..."
docker ps | grep postgres

# 建立用戶
echo ""
echo "[2/5] Creating database user..."
docker exec -i $POSTGRES_CONTAINER psql -U postgres <<SQL
CREATE USER $DB_USER WITH PASSWORD '$DB_PASSWORD';
ALTER USER $DB_USER WITH SUPERUSER;
SQL

# 建立資料庫
echo ""
echo "[3/5] Creating database..."
docker exec -i $POSTGRES_CONTAINER psql -U postgres <<SQL
CREATE DATABASE $DB_NAME OWNER $DB_USER;
GRANT ALL PRIVILEGES ON DATABASE $DB_NAME TO $DB_USER;
SQL

# 下載 Schema
echo ""
echo "[4/5] Downloading schema..."
wget -q -O init-db.sql "https://raw.githubusercontent.com/.../init-db.sql" 2>/dev/null || \
curl -s -o init-db.sql "https://..." 2>/dev/null || \
echo "Please upload init-db.sql manually"

# 初始化 Schema
echo ""
echo "[5/5] Initializing schema..."
if [ -f init-db.sql ]; then
    docker exec -i $POSTGRES_CONTAINER psql -U $DB_USER -d $DB_NAME < init-db.sql
    echo "✓ Schema initialized"
else
    echo "⚠ Please run: docker exec -i postgres psql -U hr_user -d hr_portal < init-db.sql"
fi

echo ""
echo "========================================"
echo "  Setup Complete!"
echo "========================================"
echo ""
echo "Connection String:"
echo "postgresql://$DB_USER:$DB_PASSWORD@10.1.0.254:5432/$DB_NAME"
echo ""

SETUP_SCRIPT
)

📝 方案 B: 手動逐步執行

登入 Ubuntu Server 後執行:

1. 檢查 PostgreSQL 容器

docker ps -a | grep postgres

2. 建立資料庫用戶

docker exec -i postgres psql -U postgres <<EOF
CREATE USER hr_user WITH PASSWORD 'your_password_here';
ALTER USER hr_user WITH SUPERUSER;
EOF

3. 建立資料庫

docker exec -i postgres psql -U postgres <<EOF
CREATE DATABASE hr_portal OWNER hr_user;
GRANT ALL PRIVILEGES ON DATABASE hr_portal TO hr_user;
EOF

4. 上傳 SQL 檔案到 Ubuntu Server

在 Windows PowerShell 執行:

scp W:\DevOps-Workspace\hr-portal\scripts\init-db.sql ubuntu@10.1.0.254:/tmp/

5. 初始化 Schema

回到 Ubuntu Server 執行:

docker exec -i postgres psql -U hr_user -d hr_portal < /tmp/init-db.sql

6. 驗證設定

docker exec -i postgres psql -U hr_user -d hr_portal -c "\dt"

應該看到 9 個資料表:

audit_logs
business_units
divisions
email_accounts
employees
network_drives
project_members
projects
system_permissions

✅ 完成後

更新後端配置

編輯 W:\DevOps-Workspace\hr-portal\backend\.env:

DATABASE_URL=postgresql://hr_user:your_password@10.1.0.254:5432/hr_portal

插入測試資料 (可選)

# 上傳測試資料
scp W:\DevOps-Workspace\hr-portal\scripts\insert-test-data.sql ubuntu@10.1.0.254:/tmp/

# 執行插入
ssh ubuntu@10.1.0.254 "docker exec -i postgres psql -U hr_user -d hr_portal < /tmp/insert-test-data.sql"

驗證資料

ssh ubuntu@10.1.0.254 "docker exec -i postgres psql -U hr_user -d hr_portal -c 'SELECT * FROM employees;'"

🆘 常見問題

Q: 資料庫已存在怎麼辦?

# 刪除舊資料庫
docker exec postgres psql -U postgres -c "DROP DATABASE hr_portal;"
# 重新建立
docker exec postgres psql -U postgres -c "CREATE DATABASE hr_portal OWNER hr_user;"

Q: 用戶已存在?

# 刪除用戶
docker exec postgres psql -U postgres -c "DROP USER hr_user;"
# 重新建立
docker exec postgres psql -U postgres -c "CREATE USER hr_user WITH PASSWORD 'new_password';"

Q: 無法連接 PostgreSQL?

# 檢查容器狀態
docker ps | grep postgres

# 檢查端口
sudo netstat -tlnp | grep 5432

# 重啟容器
docker restart postgres

📞 需要協助?

如遇到問題,請提供以下資訊:

執行的命令
錯誤訊息
Docker 容器狀態 (docker ps)

4.5 KiB Raw Permalink Blame History