A side project · 2025 → 2026

A clinic,
rewritten from
the schema up.

ClinicOS is a multi-tenant clinic management system for small Indian practices — built solo, one migration and one screen at a time. This page is the build log: the constraints, the trade-offs, and what finally shipped.

scroll

  0 2   1  12       22    010 222 20020  0   122020 2 00  0  1  0  1   0
  1  1   1 1 02 1  2   1022 121 11   0  1      1  1  00 00 0   0 21   2 
   1    0  01 10  0 20   0 1       2 0 021    022 01   02     2       01
2  1 21   0   121 0 1    0 1     12        0 20  22120020 21 0   222    
       2 2  1 0 01 002    021   1        2 0  0112 1 1 1 20020   1  1   
 2 2 0     0      2 2 10 10         01    0  11    1 1   1  2 0    1    
22      12       0 01 2  01  1     2   2    2 1 1    2  1 2 11 2 0   0 1
    01  0     2     02 0     04343346543233 102 22      1   100  0  0  0
2022   1 1 1 010 10  000 1233544878869687588000 21        00011  2    01
1     1    210  0   0     24588667668889786099  2 1      00     12    11
2  21  12  1101 1 1  0 2425876643 1220  332 1  20  1    00 1  0  0122   
    2020  11   2  0 0  223778221   2  0  01    01  2  0  1 1 0  1 1 22 1
0  120  11 0 1  2202   448782 2 2  0 0  10    1       12    02 2  1021 0
  1     221 10    2  04348983102   22  2211 22 0222  1      1      11 01
 0  2  001            34677831 1 20 20 2 0 2 20111 0  11 101 0     1212 
   22    2 2 11 2 2 2042698830  2  1 0  0  0  2  1 0 22 1   1      222 0
1 0 0122   11 0  21 0 2456893 2 111 1    0211 1 1  0     10   2 2 0   02
 1 21 2    12 0 11 110 24367833 10 1   00   2201 201  211        11212  
 2  1   0      1  0     334798922 2  0  33 1 2 21  0   101       2 0  1 
 121 12 2       1  21  2  265868779787969771 22  2   1  010       1  2  
 2 01 2 0 1 2  1 1000 00   225337977888983454   0    100  22   121 2 001
  01 2 2  1 12   101222   202 23425633333432  1  0122  21 02  1    2  02
1 00  101  2000 22 1   1 1 1  2 01  0  2    10 2 01  0 2 1  01 10 001211
   1 122210   00  022 02  1212   122   2 1 2 1 2    1  2          1  12 
 1 12   1     2   1 0 212 1  020  10200  2 0 12 22 21    1 0  1  1  02  
0212   010  11 0  2  02200 0   1  02 0 0 1 11 0  2 2 11 200 2  1   01 01
   0 200 0 0  2  0  0   11  001 1  22 0    0 1    02   12  20 01 01 2   
 1  0     2   2     2  10 00011  0011 2  20 211   0  01020  1 1 010  2

pulse-c · 62 bpm

Why this exists

Small Indian clinics run on paper.
Every friction point is a real one.

I grew up watching clinics operate out of notebooks. Not because the staff were careless — because every "clinic software" on offer was priced for 300-bed hospitals, or needed a salesperson to install it, or locked the data inside their cloud. ClinicOS is the answer I wanted for that kind of clinic: small, honest, self-serve, and priced like nothing.

Paper registers, lost histories

A folder per patient, smudged pages, a file cabinet that grows. Past visits get lost when a receptionist rotates out.

Handwritten prescriptions

Pharmacists guess at dosages. Patients forget what was said. No digital record exists to reference next time.

Queues nobody trusts

Hand-written tokens, shouted names, angry relatives. No one in the waiting room knows how many people are ahead.

Day-end cash reconciliation

Carbon-copy receipt books, manual tallying at closing, disputes when a number doesn't match.

How it got built

Twelve sessions.
One module at a time, schema first.

S01

Kick-off

Schema first, then code

· foundation

12 tables, RLS policies, Flyway baseline. No endpoint was written until the data model was provably correct.

S02

Auth

JWT + RLS tenant context

· foundation

Spring Security with a custom TenantContextFilter that extracts clinic_id from the JWT and sets the Postgres session variable before any query.

S03

Patient

Registration + search

· feature

Registration number generator (P-00001 per clinic), full-text search on name/phone, duplicate detection on phone.

S04

Queue

Tokens + live SSE

· feature

One FIFO per doctor. State machine: WAITING → CALLED → IN_CONSULTATION → COMPLETED. Waiting-room TVs subscribe to SSE and update in under a second.

S05

Consultation + prescription

· feature

Auto-save drafts every few seconds. Medicine autocomplete from a master list. Finalize cuts an Rx number from a DB sequence and renders a PDF.

S06

Billing

Receipts + payment flow

· feature

Consultation fee + optional discount. Receipt number R-2026-NNNN issued on payment. Handoff is deliberate: doctor doesn't collect — the receptionist does.

S07

Admin

Dashboard + settings

· feature

Daily cash summary, top-diagnosis chart, clinic-level settings (doctors, services, working hours). Role-gated per RBAC matrix.

S08

Display

Queue TV display

· feature

Fullscreen public view for the waiting room. No auth — just a clinic-scoped token. Large type, quiet animation, server-sent updates.

S09

Deploy

Render + Vercel, $0/month

· ops

Backend Docker on Render. Frontend on Vercel. Supabase for Postgres + storage. Cold start budget accepted as a trade for the price tag.

S10

Rx v2

Prescription Workspace

· feature

Two-pane live workspace: left pane writes, right pane renders the PDF. Vitals inline, templates, doctor-profile letterhead overlay, atomic Rx numbering.

S12

Full UI refactor

· polish

Every screen rebuilt against a tighter mockup set — TopBar, Sidebar, PageTransition, and every role-facing page. One consistent visual language, end-to-end.

S15

Brand

Pulse C + Cosmo

· polish

Pulse-C logo with a live beating dot. Cosmo, a sidebar mascot that blinks on human cadence. Split-pane login with a tenant chip.

The product

What the clinic actually sees.

Frame 01

One front door, three roles

Split-pane login. Tenant chip bottom-left, app version bottom-right. One password for reception, doctor, and admin — RBAC decides the rest.

Frame 02

Mobile-first, not mobile-afterthought

Reception staff log in from ₹8,000 Android tablets. The split pane stacks, the ID badge shrinks, nothing else changes.

Frame 03

The brand lives in every screen

Pulse-C mark with a 62-bpm heartbeat. Cosmo — our Saturday mascot — keeps the sidebar from feeling clinical.

clinicos · frame 03

Reception

Frame 04

Reception, at a glance

Today's tokens, waits, collection, and tomorrow's appointments. Built for someone who just walked in, not someone who has an hour to onboard.

Frame 05

Patient list with guardrails

Search, paginate, register. Phone-number duplicate check runs server-side before a new patient row is ever written.

Frame 06

Register in under 30 seconds

Name, phone, DOB or age, gender. Registration number (P-NNNNN) issued on save. ABHA optional.

Frame 07

History is the point

Three visits over five months. Every past diagnosis, prescription, and receipt reachable in two clicks.

Queue

Frame 08

Issue a token, find the patient

Empty state shows recent patients by default — the most common case. Typing filters against name, phone, or reg number.

Frame 09

Priority and follow-up, one tap each

Patient picked, doctor chosen, walk-in or appointment toggled. Token number assigned atomically when Issue is pressed.

Frame 10

The queue, live

Eight tokens across Waiting, Called, In Consultation, Completed. Reception manages the room; nobody shouts names.

Frame 12

Waiting-room TV, public view

No login. Big numbers, room IDs, called tokens pulsing. Any ₹8,000 Android TV does the job.

Doctor

Frame 11

Doctor's two-pane queue

Left: the line. Right: the selected patient's vitals, last visit, and open consultation button. One keyboard flow.

Frame 13

Prescription Workspace, fresh

Editable vitals up top, empty medicine list, live preview on the right. Zero modal dialogs; everything is inline.

Frame 14

Typing a prescription, watching it render

Medicine search with composition + strength autocomplete. 1-0-1 dosage shorthand. Right pane updates on every keystroke.

Frame 16

A PDF a pharmacist can actually read

OpenPDF output, A5, clinic letterhead margin-aware. Rx number (RX-DEMOCLI-2026-NNNNNN) issued atomically from a DB sequence.

Billing

Frame 17

Billing lives with reception, not the doctor

Pending payments sit here until reception collects. Doctor is never on the money side — that was a deliberate design choice.

Frame 18

Receipt R-2026-NNNN, issued atomically

The receipt number is the same on screen, on print, and in the database. No drift, no disputes.

Admin

Frame 19

Admin sees the clinic, not the line items

Today's collection, pending dues, bill count. Staff performance and revenue trends live behind the same screen.

The vocabulary

A small system,
carefully named.

Colors · click to copy

Type · three families

Hero

clamp(51→100)px

Manrope 600

Rewritten

Display

clamp(38→64)px

Manrope 600

The build

Section

clamp(30→42)px

Manrope 600

Under the hood

Body

16–18px

Inter 400

A clinic, rewritten from the schema up.

Mono

12–14px

JetBrains

RX-DEMOCLI-2026-000003

Brand · live components

Pulse-C · 62 bpm

A single SVG path. Beats once per second with a secondary echo ring. Respects prefers-reduced-motion.

Cosmo · blinks every 4–9s

Hover to wiggle. The waiting-room face of the app — why this was built on a Saturday.

What it runs on

Three boxes,
one migration at a time.

Architecture

Vercel

Edge CDN · React 18 · Vite build

Render

Spring Boot 3.3 · Docker · Asia-south

Supabase

Postgres 16 · RLS · Storage

$0monthly hosting

1 GBprod RAM

21Flyway migrations

< 300msSSE queue update

Stack · real versions

Java 21·Spring Boot 3.3·Hibernate 6·Flyway·MapStruct·OpenPDF 2·PostgreSQL 16·Supabase·React 18·Vite 5·TanStack Query 5·Tailwind 3.4·Framer Motion·Render·Vercel·Java 21·Spring Boot 3.3·Hibernate 6·Flyway·MapStruct·OpenPDF 2·PostgreSQL 16·Supabase·React 18·Vite 5·TanStack Query 5·Tailwind 3.4·Framer Motion·Render·Vercel·

Decisions · five that shaped the build

Multi-tenant with Row-Level Security

ADR

Context: Small clinics in India can't justify a dedicated database each. But data leaks across tenants would be an existential bug.
Decision: Shared PostgreSQL schema, RLS enforced at the row level. Every request sets a tenant context via a Spring Security filter before any query runs.
Consequence: One database, one deploy, zero cross-tenant leak paths. The filter is the single enforcement point — if it runs, isolation holds.

JWT (15min) + Refresh cookie (7d)

ADR

Context: Sessions need to be revocable, survive browser refreshes, and never put credentials in localStorage.
Decision: Short-lived JWT in memory for API calls. Refresh token in an HttpOnly, Secure, SameSite=Strict cookie. Access token rotates every 15 minutes without the user noticing.
Consequence: XSS can't steal the refresh token. A compromised access token expires in 15 minutes. The cost is one interceptor and one silent-refresh endpoint.

Flyway migrations, never manual

ADR

Context: A schema drift between dev and prod in a multi-tenant system means every tenant is at risk.
Decision: No hand-edits on the database — ever. Every change is a versioned V###__description.sql. The CI migration run is the source of truth.
Consequence: 21 migrations shipped, zero drift. Rolling back is a new migration, not a SQL surgery.

SSE for the queue, not WebSockets

ADR

Context: Waiting-room displays and receptionists need token changes live. Bidirectional messaging was overkill.
Decision: Server-Sent Events via Spring SseEmitter. Queue updates flow one-way from server to every connected display.
Consequence: No ws:// infra, no sticky sessions, no socket library on the client. Reconnect is built-in. The receptionist ticks 'Call' — TVs update in ~300ms.

OpenPDF with clinic letterhead overlay

ADR

Context: Indian clinics print prescriptions on pre-printed letterheads. The PDF has to lay ink exactly where the letterhead leaves room.
Decision: OpenPDF renderer with configurable top/bottom margins, optional clinic logo and doctor signature from Supabase Storage. A RX-DEMOCLI-2026-NNNNNN number is issued atomically from a DB sequence.
Consequence: Prescriptions print clean on any letterhead. The Rx number is the same on screen, on print, and in the DB — dispute-proof.

A clinic,rewritten fromthe schema up.

Small Indian clinics run on paper.Every friction point is a real one.

Paper registers, lost histories

Handwritten prescriptions

Queues nobody trusts

Day-end cash reconciliation

Twelve sessions.One module at a time, schema first.

Schema first, then code

JWT + RLS tenant context

Registration + search

Tokens + live SSE

Consultation + prescription

Receipts + payment flow

Dashboard + settings

Queue TV display

Render + Vercel, $0/month

Prescription Workspace

Full UI refactor

Pulse C + Cosmo

What the clinic actually sees.

One front door, three roles

Mobile-first, not mobile-afterthought

The brand lives in every screen

Reception, at a glance

Patient list with guardrails

Register in under 30 seconds

History is the point

Issue a token, find the patient

Priority and follow-up, one tap each

The queue, live

Waiting-room TV, public view

Doctor's two-pane queue

Prescription Workspace, fresh

Typing a prescription, watching it render

A PDF a pharmacist can actually read

Billing lives with reception, not the doctor

Receipt R-2026-NNNN, issued atomically

Admin sees the clinic, not the line items

A small system,carefully named.

Three boxes,one migration at a time.

A clinic,
rewritten from
the schema up.

Small Indian clinics run on paper.
Every friction point is a real one.

Twelve sessions.
One module at a time, schema first.

A small system,
carefully named.

Three boxes,
one migration at a time.