Purchase Requisition System
A full-stack procurement application running on bare-metal Kubernetes, exposed securely through Cloudflare Tunnels. Built to replace a manual, paper-based purchasing workflow at an industrial facility.
The Problem
Purchase requisitions were handled via email chains, paper forms, and spreadsheets. Approvals were lost, duplicates were created, and there was no audit trail. The existing enterprise ERP was too rigid and expensive to customize.
The Solution
A custom Flask web application with:
- Multi-step approval workflow with role-based access control
- Real-time status tracking for all requisitions
- PostgreSQL backend with CloudNativePG for high availability
- 3 Flask replicas behind K3s ingress for zero-downtime deployments
- Cloudflare Tunnel for secure external access without exposing ports
Architecture
The application runs entirely on the GeekLab K3s cluster:
- Frontend: Server-rendered Flask templates with responsive CSS
- Backend: Flask with SQLAlchemy ORM
- Database: CloudNativePG 3-node PostgreSQL cluster
- Ingress: Traefik (K3s built-in) with TLS termination
- Access: Cloudflare Tunnel — no public IP needed
Key Features
- Role-based approval chains (requester → supervisor → purchasing)
- Email notifications at each approval stage
- PDF generation for approved purchase orders
- Dashboard with requisition analytics and spending trends
- Mobile-responsive for use on shop floor tablets
Impact
Reduced average requisition processing time from days to hours. Created a complete audit trail and eliminated duplicate purchases.