AI RAG platform for Federfarma Lombardia — built entirely on Nexus MDS Core

The challenge

Federfarma Lombardia represents over 1,000 pharmacies across the Lombardy region. Their operational reality involved thousands of pharmaceutical documents — regulatory updates, clinical guidelines, product information sheets, compliance notices — spread across disconnected systems with no unified search or retrieval capability. Pharmacists had no efficient way to query this knowledge base, particularly from mobile devices during daily operations.

The regulatory context added hard constraints: all data had to remain on Italian infrastructure, authentication had to meet healthcare-grade security standards, and the platform could not depend on external cloud AI services. A sovereign, on-premise solution was the only viable path.

What we built

The entire platform runs on Nexus MDS Core — our self-hosted AI infrastructure stack composed of orchestrated Docker services, deployed on-premise with zero cloud dependency.

Document ingestion and RAG pipeline: Over 10,000 pharmaceutical documents are ingested through Apache Tika for OCR and text extraction, then vectorised and stored in Weaviate for semantic search. A local LLM running on llama.cpp provides the inference layer, meaning no data ever leaves the organisation's perimeter. n8n orchestrates the entire ingestion and processing pipeline with agentic workflows.

AI-driven document obsolescence engine: A critical differentiator of this platform is the automated obsolescence detection system. When a new document is ingested, the AI analyses its content against the existing corpus and identifies which previous documents it supersedes — regulatory updates that replace older guidelines, revised product sheets that obsolete prior versions, new compliance notices that invalidate previous ones. Superseded documents are automatically marked as obsolete, generating a complete obsolescence graph that traces the lineage of every document. By default, all RAG queries return results exclusively from current, non-obsolete documents — ensuring pharmacists always work with up-to-date information. Specific queries against historical or obsolete documents remain available when needed. The entire process is fully automated, powered by the Nexus AI pipeline.

Application layer: The user-facing application is built on Budibase — a low-code platform running inside the Nexus stack. Pharmacists access the platform through a Progressive Web App (PWA) that works on any device, with responsive design optimised for mobile use during daily operations. Directus serves as the headless CMS for managing structured content alongside the RAG-powered document search.

Zero-Trust authentication: Keycloak provides OIDC/PKCE authentication with SSO across all platform services — Budibase, Directus, n8n, and the AI interface. APISIX acts as the API gateway with route-level authentication enforcement. Every request is authenticated and authorised before reaching any backend service.

Data infrastructure: PostgreSQL with pgvector handles relational data and vector embeddings. MinIO provides S3-compatible object storage for documents and assets. Redis manages session caching and queue processing for n8n workers. Dremio serves as the analytical query engine for reporting and data exploration. RabbitMQ handles asynchronous message processing across services.

Results

The platform is in production, serving over 1,000 pharmacies across Lombardy. More than 10,000 pharmaceutical documents have been vectorised and are searchable through natural language queries powered by the on-premise RAG pipeline. Pharmacists can access the system from any device through the Budibase PWA with Zero-Trust authentication.

The entire deployment runs on a single on-premise server with no cloud dependency. All data — documents, vectors, user sessions, audit logs — stays within the organisation's infrastructure. The platform is fully GDPR-compliant by architecture, not by contract.

Technologies used