The Universal Workforce Operating System
Built for Control, Security, and Sovereignty. A production-ready, full-stack platform designed to manage shift-based teams in Any Industry (Restaurants, Retail, Logistics, Healthcare).
We don't rely on black-box clouds. This system is engineered for Total Data Sovereignty using industry-standard open-source infrastructure.
graph TD
subgraph Cloud ["☁️ Global Edge"]
CF[Cloudflare]
style CF fill:#f38020,stroke:#333,stroke-width:2px,color:white
CF_Desc[DNS • WAF • DDoS Protection]
CF --- CF_Desc
end
subgraph OnPrem ["🏢 Private Infrastructure (Proxmox VE / Debian)"]
style OnPrem fill:#e1f5fe,stroke:#01579b,stroke-width:2px
RP[Reverse Proxy / Traefik]
style RP fill:#4caf50,stroke:#333,color:white
subgraph AppLayer ["🚀 Application Layer"]
Next[Next.js 14]
Directus[Directus CMS]
style Next fill:#000,stroke:#fff,color:white
style Directus fill:#607d8b,stroke:#fff,color:white
end
subgraph DataLayer ["💾 Data & AI Layer"]
PG[PostgreSQL 16]
Qdrant[Qdrant Vector DB]
n8n[n8n Automation]
style PG fill:#336791,stroke:#fff,color:white
style Qdrant fill:#d32f2f,stroke:#fff,color:white
style n8n fill:#ff6d5a,stroke:#fff,color:white
end
end
User((User)) -->|HTTPS| CF
CF -->|Secure Tunnel| RP
RP --> Next
RP --> Directus
Next --> Directus
Next --> n8n
n8n --> Qdrant
Directus --> PG
Qdrant --> PG
This project demonstrates a DevSecOps approach to deployment, leveraging:
- Proxmox VE (Debian Core): Running on bare-metal for maximum performance and resource isolation (LXC/KVM).
- Cloudflare: Acts as the global entry point, handling DNS resolution, SSL termination, and protecting the origin server from attacks.
- Docker Containerization: Microservices architecture ensuring consistency from dev to prod.
- Directus RBAC: Granular permission control baked into the core.
- n8n Orchestration: Visual workflow automation acting as the system's "Cortex".
While the demo screenshots show a "Restaurant" configuration (Black & White Burger), specific business logic is abstracted.
- 🏢 Retail: Manage store openings & sales staff.
- 🏭 Logistics: Track warehouse shifts & safety checklists.
- 🏥 Healthcare: Organize patient rounds & nurse schedules.
- 🍔 Hospitality: Handle HACCP & table service.
You define the rules. Staff_OS handles the flow.
(More screenshots available in the screenshots/ folder)
All tables use French ASCII naming (no accents) for cross-platform compatibility.
| Module | Tables | Purpose |
|---|---|---|
| Core | restaurants, collaborateurs, disponibilites |
Tenant isolation, employee data |
| Time Tracking | rh_pointages, rh_pauses, rh_absences |
Clock in/out, breaks, absences |
| HACCP | checklist_modeles, checklist_items, checklist_executions, checklist_reponses |
Inspection templates and responses |
| Maintenance | maintenance_anomalies |
Equipment issues and resolution |
| HR | rh_onboarding, rh_onboarding_etapes, rh_evaluations, rh_evaluation_criteres |
Onboarding, evaluations |
Key constraints:
- Every business table filters by
restaurant_id(multi-tenant ready) - Audit columns on every table:
cree_le,cree_par,modifie_le,modifie_par - Unique:
rh_pointages(collaborateur_id, date_travail, shift) - Unique:
checklist_executions(restaurant_id, date_execution, shift, modele_id)
| Role | Access |
|---|---|
employe |
Badgeuse only - own time entries |
manager |
Admin dashboard - scoped to their restaurant |
admin |
Full access - all restaurants |
| Module | Domain | Status |
|---|---|---|
| IA1 | Time Tracking / Payroll | Done |
| IA2 | Daily Operations / Maintenance | Done |
| IA3 | Hygiene / HACCP Checklists | Done |
| IA4 | HR / Onboarding / Evaluations | Done |
| IA5 | Suppliers / Food Cost | Planned |
| IA6 | Training / Quiz | Planned |
| IA7 | Planning / Scheduling | Planned |
| IA8 | Marketing / Client Animation | Planned |
| IA9 | AI Agent (RAG + Actions) | In Progress |
- Node.js 18+
- PostgreSQL 16
- Directus instance (self-hosted or cloud)
# Clone the repo
git clone https://github.com/tahaex/restaurant-ops-saas.git
cd restaurant-ops-saas
# Install dependencies
cd apps/web
npm install
# Configure environment
cp .env.example .env.local
# Edit .env.local with your Directus URL and credentials
# Run database migrations
# Execute SQL files in db/migrations/ via pgAdmin or psql
# Start development server
npm run devThe app will be available at http://localhost:3000
# Coming soon - Docker Compose setuprestaurant-ops-saas/
apps/
web/ # Next.js 14 application
src/
app/
admin/ # Manager dashboard pages
badgeuse/ # Employee kiosk pages
api/ # API routes (Directus proxy)
components/ # Reusable UI components
lib/ # Shared utilities, Directus client
db/
migrations/ # SQL migration files
seeds/ # Seed data
docs/ # Architecture and config documentation
screenshots/ # App screenshots
- No emojis - Clean, professional UI with Lucide icons only
- All forms in popins - Create/edit via Dialog, Sheet, Drawer, or Popover
- French UI, English code - UI text in French, codebase in English
- French ASCII database - Table/column names in French without accents
- DRY components - Reusable patterns across features
- Zod validation - Single source of truth for all schemas
Contributions are welcome. Please open an issue first to discuss proposed changes.
MIT