Architecture
VENI-AI is a Self-Contained System (SCS). Each service owns its UI, API, and data. Shell is the platform container — it provides shared identity, RBAC, and service discovery to all services.
Technology stack
| Layer | Technology | Purpose |
|---|---|---|
| Runtime | Bun 1.x | API server and build tool |
| HTTP framework | Hono via Ignis | Request handling, DI container, decorators |
| ORM | Drizzle ORM | Type-safe PostgreSQL, migrations |
| Identity | Keycloak 23 | OAuth2 + PKCE identity provider |
| RBAC | Casbin | Policy-based access control |
| Cache / State | Redis | PKCE state store, token blacklist, caching |
| Frontend | React 18 + Vite | Shell UI and micro-frontend host |
| Microfrontends | Module Federation | Dynamic remote loading at runtime |
| Inter-service RPC | ignis-grpc (Connect RPC) | gRPC over HTTP |
| Billing | Stripe | Subscriptions, checkout, usage tracking |
| Deploy | Kubernetes + kustomize | Overlays for dev / uat / prod |
Sections
| System Diagram | Full component diagram with data flows |
| Authentication | PKCE S256, dual Keycloak URLs, Redis state, token distribution |
| Authorization | Casbin RBAC, permissions, @authorize() decorator |
| Service Registry | Service model, registration, Module Federation loading |
| Data Schema | All 18 database tables with columns |