21 lines
1.5 KiB
Markdown
21 lines
1.5 KiB
Markdown
# Sankofa HW Infra — Architecture
|
|
|
|
## Component diagram
|
|
|
|
See the plan file for the Mermaid flowchart (Control Plane UI, API, Workflow Engine, PostgreSQL, S3, Integration Layer, IAM, Audit, Logging).
|
|
|
|
## Components
|
|
|
|
- **Control Plane UI**: React SPA; inventory, procurement, sites, approvals, audit.
|
|
- **API Layer**: REST `/api/v1`; CRUD for core entities; JWT + RBAC/ABAC; file upload to S3.
|
|
- **Workflow Engine**: Purchase approvals, inspection checklists (Phase 1+).
|
|
- **PostgreSQL**: Transactions, core entities, audit_events (append-only).
|
|
- **Object Storage (S3)**: Invoices, packing lists, inspection photos, serial dumps.
|
|
- **Integration Layer**: UniFi, Proxmox, Redfish connectors; credentials in Vault.
|
|
- **IAM**: Roles, permissions; ABAC attributes (site_id, project_id).
|
|
- **Audit Log**: Who/when/what, before/after; WORM retention.
|
|
|
|
## Sovereign cloud positioning
|
|
|
|
Sankofa Phoenix operates as a **sovereign cloud services provider**. Multi-tenant isolation is per sovereign (org); UniFi, Proxmox, and hardware inventory form **one source of truth** for determinism and compliance. UniFi telemetry (with product intelligence), rack/power metadata, and Proxmox workloads are synthesized for root-cause analysis, capacity planning, and enforced hardware standards per sovereign profile. See [sovereign-controller-topology.md](sovereign-controller-topology.md), [rbac-sovereign-operations.md](rbac-sovereign-operations.md), and [purchasing-feedback-loop.md](purchasing-feedback-loop.md).
|