Ski Vesotel
Comprehensive management platform for a ski school. It allows teachers to register their hours (private lessons, courses) and the administration to manage payroll, rates, and users.
System Architecture
The system follows a containerized microservices architecture:
1. Frontend
- Container:
vesotel_frontend_container - Framework: Next.js 14 (App Router)
- Port: 3000 (Expuesto vía Caddy)
- Build: Producción (Optimizado)
2. Backend
- Container:
vesotel_backend_container - Framework: Python FastAPI / SQLAlchemy
- Database: PostgreSQL 16
- Auth: JWT + Soporte OIDC (Authentik)
Data Structure
The core of the system is a PostgreSQL relational database that manages users, companies, and work logs.
Main Tables
- Users: Central table with roles and profiles.
- Companies: Ski schools or legal entities.
- CompanyMember: Pivot table (Many-to-Many) that defines roles per company.
- UserCompanyRate: Specific rates and withholdings per user and company.
- WorkLog: Daily log (hours or days), with automatic calculation of gross and net amounts.
Security and Deployment
Public access follows a Defense in Depth scheme with 3 layers, designed to expose the service safely.
Layer 1: Reverse Proxy
Plesk + Let's Encrypt SSL. Terminates the secure connection and redirects to the tunnel.
Layer 2: SSH Tunnel
Persistent encrypted connection (SystemD) between the public VPS and the local server.
Layer 3: Docker
Isolated private network. Containers with non-privileged users (UID 1000).
Note: This is a real production project. Complete documentation includes sensitive deployment configurations that have been omitted for security.