diff --git a/.env b/.env index 0b9214f6..9aabff99 100644 --- a/.env +++ b/.env @@ -8,6 +8,10 @@ # --- PROJECT --- PROJECT_NAME=meldestelle +# --- BACKUP --- +BACKUP_DIR=/home/stefan/backups/meldestelle +BACKUP_RETENTION_DAYS=7 + # Docker build versions (optional overrides) DOCKER_VERSION=1.0.0-SNAPSHOT DOCKER_REGISTRY=git.mo-code.at/mocode-software @@ -48,15 +52,21 @@ SPRING_DATA_VALKEY_PASSWORD=valkey-password KEYCLOAK_IMAGE_TAG=26.4 KC_HEAP_MIN=512M KC_HEAP_MAX=1024M +# Lokale Entwicklung: start-dev (kein Pre-Build nötig, kein --optimized) +# Server/Produktion: start --optimized --import-realm (nutzt das pre-built Registry-Image) KC_COMMAND=start-dev --import-realm KC_ADMIN_USERNAME=kc-admin KC_ADMIN_PASSWORD=kc-password KC_DB=postgres KC_DB_SCHEMA=keycloak KC_DB_PASSWORD=meldestelle +# Lokal: localhost | Server: echte IP oder Domain (z.B. 192.168.1.100 oder auth.meldestelle.at) KC_HOSTNAME=localhost +# false = kein Hostname-Strict-Check (empfohlen für Entwicklung und HTTP-only Server) +KC_HOSTNAME_STRICT=false +KC_HOSTNAME_STRICT_HTTPS=false KC_PORT=8180:8080 -KC_DEBUG_PORT=9000:9000 +KC_MANAGEMENT_PORT=9000:9000 # --- KEYCLOAK TOKEN VALIDATION --- # Public Issuer URI (must match the token issuer from browser/postman) diff --git a/.env.example b/.env.example index 37a0e16b..b829c2c2 100644 --- a/.env.example +++ b/.env.example @@ -2,12 +2,21 @@ # Meldestelle – Docker Compose Environment # Single Source of Truth (SSoT) # ========================================== -# WARNING: This file contains secrets (passwords). -# Do NOT commit this file to version control if it contains production secrets. +# ANLEITUNG: +# 1. Diese Datei nach ".env" kopieren: cp .env.example .env +# 2. Alle Werte mit durch echte Werte ersetzen +# 3. Für lokale Entwicklung: KC_COMMAND=start-dev --import-realm +# Für Server/Produktion: KC_COMMAND=start --optimized --import-realm +# WARNING: Die .env-Datei enthält Secrets – NIEMALS in Git committen! # --- PROJECT --- PROJECT_NAME=meldestelle +# --- BACKUP --- +# SERVER: Pfad zum Backup-Verzeichnis (z.B. /home//backups/meldestelle) +BACKUP_DIR=/home//backups/meldestelle +BACKUP_RETENTION_DAYS=7 + # Docker build versions (optional overrides) DOCKER_VERSION=1.0.0-SNAPSHOT DOCKER_BUILD_DATE=2026-02-02T15:00:00Z @@ -37,22 +46,32 @@ VALKEY_MAXMEMORY=256mb # --- KEYCLOAK --- KEYCLOAK_IMAGE_TAG=26.4 -KC_HEAP_MAX=1024m -KC_COMMAND=start-dev --import-realm +KC_HEAP_MIN=512M +KC_HEAP_MAX=1024M +# LOKAL: start-dev --import-realm +# SERVER: start --optimized --import-realm ← pre-built Registry-Image, kein start-dev! +KC_COMMAND=start --optimized --import-realm KC_ADMIN_USERNAME=kc-admin -KC_ADMIN_PASSWORD=kc-password +KC_ADMIN_PASSWORD= KC_DB=postgres KC_DB_SCHEMA=keycloak -KC_DB_PASSWORD=meldestelle -KC_HOSTNAME=localhost +KC_DB_PASSWORD= +# SERVER: Echte IP oder Domain eintragen (z.B. 192.168.1.100 oder auth.meldestelle.at) +# LOKAL: localhost +KC_HOSTNAME= +# false = Zugriff über beliebige Hostnamen erlaubt (nötig ohne TLS / für HTTP-Betrieb) +KC_HOSTNAME_STRICT=false +KC_HOSTNAME_STRICT_HTTPS=false KC_PORT=8180:8080 -KC_DEBUG_PORT=9000:9000 +KC_MANAGEMENT_PORT=9000:9000 # --- KEYCLOAK TOKEN VALIDATION --- -# Public Issuer URI (must match the token issuer from browser/postman) -KC_ISSUER_URI=http://localhost:8180/realms/meldestelle -# Internal JWK Set URI (for service-to-service communication within Docker) -KC_JWK_SET_URI=http://keycloak:8080/realms/meldestelle/protocol/openid-connect/certs +# Public Issuer URI: muss mit dem Hostname übereinstimmen, den Browser/App sieht +# LOKAL: http://localhost:8180/realms/meldestelle +# SERVER: http://:8180/realms/meldestelle +SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_ISSUER_URI=http://:8180/realms/meldestelle +# Internal JWK Set URI: Service-zu-Service innerhalb Docker (immer keycloak:8080) +SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_JWK_SET_URI=http://keycloak:8080/realms/meldestelle/protocol/openid-connect/certs # --- CONSUL --- CONSUL_IMAGE=hashicorp/consul:1.22.1 diff --git a/config/scripts/backup.sh b/config/scripts/backup.sh index 6e5e552b..fec04751 100644 --- a/config/scripts/backup.sh +++ b/config/scripts/backup.sh @@ -4,15 +4,25 @@ # Sichert Datenbanken und Konfigurationen # ========================================== -# Konfiguration -BACKUP_DIR="/home/grandmo/backups/meldestelle" +# .env laden (SSoT für alle Variablen) +SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)" +if [ -f "$PROJECT_ROOT/.env" ]; then + set -a + # shellcheck disable=SC1091 + source "$PROJECT_ROOT/.env" + set +a +fi + +# Konfiguration (Defaults falls .env nicht vorhanden) +BACKUP_DIR="${BACKUP_DIR:-$HOME/backups/meldestelle}" DATE=$(date +%Y-%m-%d_%H-%M-%S) -RETENTION_DAYS=7 -PROJECT_NAME="meldestelle" +RETENTION_DAYS="${BACKUP_RETENTION_DAYS:-7}" +PROJECT_NAME="${PROJECT_NAME:-meldestelle}" # Container Namen (müssen mit docker-compose übereinstimmen) DB_CONTAINER="${PROJECT_NAME}-postgres" -DB_USER="meldestelle" # Oder aus .env lesen +DB_USER="${POSTGRES_USER:-pg-user}" # Verzeichnisse erstellen mkdir -p "$BACKUP_DIR" diff --git a/dc-backend.yaml b/dc-backend.yaml index eff7fbc0..2e3ad562 100644 --- a/dc-backend.yaml +++ b/dc-backend.yaml @@ -118,11 +118,11 @@ services: SPRING_DATASOURCE_USERNAME: "${POSTGRES_USER:-pg-user}" SPRING_DATASOURCE_PASSWORD: "${POSTGRES_PASSWORD:-pg-password}" - # --- REDIS --- - SPRING_DATA_REDIS_HOST: "${REDIS_SERVER_HOSTNAME:-redis}" - SPRING_DATA_REDIS_PORT: "${REDIS_SERVICE_PORT:-6379}" - SPRING_DATA_REDIS_PASSWORD: "${REDIS_PASSWORD:-redis-password}" - SPRING_DATA_REDIS_CONNECT_TIMEOUT: "${REDIS_SERVER_CONNECT_TIMEOUT:-5s}" + # --- VALKEY (formerly Redis) --- + SPRING_DATA_VALKEY_HOST: "${VALKEY_SERVER_HOSTNAME:-valkey}" + SPRING_DATA_VALKEY_PORT: "${VALKEY_SERVER_PORT:-6379}" + SPRING_DATA_VALKEY_PASSWORD: "${VALKEY_PASSWORD:-}" + SPRING_DATA_VALKEY_CONNECT_TIMEOUT: "${VALKEY_SERVER_CONNECT_TIMEOUT:-5s}" # --- ZIPKIN --- MANAGEMENT_ZIPKIN_TRACING_ENDPOINT: "${ZIPKIN_ENDPOINT:-http://zipkin:9411/api/v2/spans}" diff --git a/dc-infra.yaml b/dc-infra.yaml index e5b5f334..4f9f3c01 100644 --- a/dc-infra.yaml +++ b/dc-infra.yaml @@ -77,7 +77,7 @@ services: dockerfile: config/docker/keycloak/Dockerfile args: KEYCLOAK_IMAGE_TAG: "${KEYCLOAK_IMAGE_TAG:-26.4}" - image: "${DOCKER_REGISTRY:-git.mo-code.at/grandmo}/keycloak:${KEYCLOAK_IMAGE_TAG:-26.4}" + image: "${DOCKER_REGISTRY:-git.mo-code.at/mocode-software}/keycloak:${KEYCLOAK_IMAGE_TAG:-26.4}" container_name: "${PROJECT_NAME:-meldestelle}-keycloak" restart: unless-stopped profiles: [ "infra", "all" ] @@ -89,21 +89,36 @@ services: KC_DB_URL: "jdbc:postgresql://postgres:5432/${POSTGRES_DB:-pg-meldestelle-db}" KC_DB_USERNAME: "${POSTGRES_USER:-pg-user}" KC_DB_PASSWORD: "${POSTGRES_PASSWORD:-pg-password}" + # Hostname-Konfiguration: Für lokale Entwicklung "localhost", auf dem Server die echte IP/Domain setzen KC_HOSTNAME: "${KC_HOSTNAME:-localhost}" + # WICHTIG: false erlaubt Zugriff über beliebige Hostnamen (nötig für Server-Betrieb ohne TLS) + KC_HOSTNAME_STRICT: "${KC_HOSTNAME_STRICT:-false}" + # WICHTIG: false erlaubt HTTP (kein HTTPS-Zwang) – für Entwicklung und HTTP-only Server + KC_HOSTNAME_STRICT_HTTPS: "${KC_HOSTNAME_STRICT_HTTPS:-false}" KC_HTTP_ENABLED: "true" + # Admin-Interface explizit auf allen Interfaces binden (0.0.0.0) + KC_HTTP_MANAGEMENT_PORT: "9000" KC_HEALTH_ENABLED: "true" KC_METRICS_ENABLED: "true" # Integration der Power-Flags JAVA_OPTS_APPEND: "-Xms${KC_HEAP_MIN:-512M} -Xmx${KC_HEAP_MAX:-1024M} ${JVM_OPTS_ARM64}" ports: - "${KC_PORT:-8180:8080}" - - "${KC_DEBUG_PORT:-9000:9000}" + - "${KC_MANAGEMENT_PORT:-9000:9000}" depends_on: postgres: condition: "service_healthy" + healthcheck: + test: [ "CMD-SHELL", "curl -sf http://localhost:9000/health/ready || exit 1" ] + interval: "15s" + timeout: "5s" + retries: "10" + start_period: "60s" volumes: - "./config/docker/keycloak:/opt/keycloak/data/import:Z" - command: "${KC_COMMAND:-start-dev --import-realm}" + # start --optimized nutzt das pre-built Image (kc.sh build im Dockerfile) + # start-dev würde den Pre-Build ignorieren und im Dev-Modus starten (Konflikt mit Registry-Images!) + command: "${KC_COMMAND:-start --optimized --import-realm}" networks: meldestelle-network: aliases: diff --git a/docs/01_Architecture/02_Frontend_Architecture.md b/docs/01_Architecture/02_Frontend_Architecture.md index f29152c3..7bb1562f 100644 --- a/docs/01_Architecture/02_Frontend_Architecture.md +++ b/docs/01_Architecture/02_Frontend_Architecture.md @@ -1,3 +1,8 @@ +--- +type: Reference +status: ACTIVE +owner: Lead Architect +--- # Frontend Architecture & Modularization Strategy **Status:** DRAFT diff --git a/docs/01_Architecture/03_Build_System_Platform_Module.md b/docs/01_Architecture/03_Build_System_Platform_Module.md index 2448afa5..9f1b4421 100644 --- a/docs/01_Architecture/03_Build_System_Platform_Module.md +++ b/docs/01_Architecture/03_Build_System_Platform_Module.md @@ -1,3 +1,8 @@ +--- +type: Reference +status: ACTIVE +owner: Lead Architect +--- # Architektur: Das Platform-Modul ## Überblick diff --git a/docs/01_Architecture/ARCHITECTURE.md b/docs/01_Architecture/ARCHITECTURE.md index 817fe8fa..be51afaf 100644 --- a/docs/01_Architecture/ARCHITECTURE.md +++ b/docs/01_Architecture/ARCHITECTURE.md @@ -1,3 +1,8 @@ +--- +type: Reference +status: ACTIVE +owner: Lead Architect +--- # Repository-Architektur (MP-22) **WARNUNG (Januar 2026): Dieses Dokument ist veraltet.** Die hier beschriebene "Soll"-Struktur wurde teilweise umgesetzt, aber wichtige strategische Änderungen sind in den Statusberichten vom Januar 2026 dokumentiert. Dieses Dokument dient nur noch als historischer Referenzpunkt. diff --git a/docs/01_Architecture/Architecture_OpenSource_Checkliste.md b/docs/01_Architecture/Architecture_OpenSource_Checkliste.md index 4181477e..201e6136 100644 --- a/docs/01_Architecture/Architecture_OpenSource_Checkliste.md +++ b/docs/01_Architecture/Architecture_OpenSource_Checkliste.md @@ -1,3 +1,8 @@ +--- +type: Reference +status: ACTIVE +owner: Lead Architect +--- # Open-Source-Konformität & Lizenz-Checkliste Dieses Dokument dient der Überwachung und Sicherstellung der Open-Source-Konformität des Projekts **Meldestelle**. Es wird vom Lead Architect gepflegt. diff --git a/docs/01_Architecture/Gitea/Enable_Gitea_Actions_Cache_to_Accelerate_CI_CD.md b/docs/01_Architecture/Gitea/Enable_Gitea_Actions_Cache_to_Accelerate_CI_CD.md index d17caeab..b7d27dd3 100644 --- a/docs/01_Architecture/Gitea/Enable_Gitea_Actions_Cache_to_Accelerate_CI_CD.md +++ b/docs/01_Architecture/Gitea/Enable_Gitea_Actions_Cache_to_Accelerate_CI_CD.md @@ -1,3 +1,8 @@ +--- +type: Guide +status: ACTIVE +owner: DevOps Engineer +--- # Enable Gitea Actions Cache to Accelerate CI/CD [![](/gitea-text.svg)Gitea](/) diff --git a/docs/01_Architecture/Minisforum-MS-R1/Gitea-SSH-Setup.md b/docs/01_Architecture/Minisforum-MS-R1/Gitea-SSH-Setup.md index 3752ce9b..b9f243bc 100644 --- a/docs/01_Architecture/Minisforum-MS-R1/Gitea-SSH-Setup.md +++ b/docs/01_Architecture/Minisforum-MS-R1/Gitea-SSH-Setup.md @@ -1,3 +1,8 @@ +--- +type: Guide +status: ACTIVE +owner: DevOps Engineer +--- # 💻 Client-Setup: Arbeitsplatz an "Das Biest" anbinden Diese Anleitung beschreibt die Einrichtung eines lokalen Rechners, um via SSH und Cloudflare-Tunnel auf die diff --git a/docs/01_Architecture/Minisforum-MS-R1/MS-R1_Konfiguration&Bedienung.md b/docs/01_Architecture/Minisforum-MS-R1/MS-R1_Konfiguration&Bedienung.md index 7249e54c..11200e58 100644 --- a/docs/01_Architecture/Minisforum-MS-R1/MS-R1_Konfiguration&Bedienung.md +++ b/docs/01_Architecture/Minisforum-MS-R1/MS-R1_Konfiguration&Bedienung.md @@ -1,3 +1,8 @@ +--- +type: Guide +status: ACTIVE +owner: DevOps Engineer +--- # Technisches Referenzhandbuch: MS-R1 "Das Biest" ## 1. System-Übersicht & Architektur diff --git a/docs/01_Architecture/Minisforum-MS-R1/P1WSB-Nutzerhandbuch-Deutsch-V2-0-2025-11-3.md b/docs/01_Architecture/Minisforum-MS-R1/P1WSB-Nutzerhandbuch-Deutsch-V2-0-2025-11-3.md index ec8cdf40..5e686041 100644 --- a/docs/01_Architecture/Minisforum-MS-R1/P1WSB-Nutzerhandbuch-Deutsch-V2-0-2025-11-3.md +++ b/docs/01_Architecture/Minisforum-MS-R1/P1WSB-Nutzerhandbuch-Deutsch-V2-0-2025-11-3.md @@ -1,5 +1,7 @@ --- -Betriebsanleitung Minisforum MS-R1 +type: Reference +status: ARCHIVED +owner: DevOps Engineer --- # MINISFORUM MS-R1 diff --git a/docs/01_Architecture/Minisforum-MS-R1/SSoT_Konfigurations-Masterplan_Zora.md b/docs/01_Architecture/Minisforum-MS-R1/SSoT_Konfigurations-Masterplan_Zora.md index b7a0839b..bed6204e 100644 --- a/docs/01_Architecture/Minisforum-MS-R1/SSoT_Konfigurations-Masterplan_Zora.md +++ b/docs/01_Architecture/Minisforum-MS-R1/SSoT_Konfigurations-Masterplan_Zora.md @@ -1,3 +1,8 @@ +--- +type: Reference +status: ACTIVE +owner: DevOps Engineer +--- # SSoT Konfigurations-Masterplan für Zora (ARM64) ## 1. System-Umgebung (Infrastruktur) diff --git a/docs/01_Architecture/Minisforum-MS-R1/Setup_Guide_Host_OS.md b/docs/01_Architecture/Minisforum-MS-R1/Setup_Guide_Host_OS.md index eaf75f89..a6b94109 100644 --- a/docs/01_Architecture/Minisforum-MS-R1/Setup_Guide_Host_OS.md +++ b/docs/01_Architecture/Minisforum-MS-R1/Setup_Guide_Host_OS.md @@ -1,3 +1,8 @@ +--- +type: Guide +status: ACTIVE +owner: DevOps Engineer +--- # Setup Guide: Host OS (Minisforum MS-R1) **Status:** DEPRECATED / HISTORIC diff --git a/docs/01_Architecture/Minisforum-MS-R1/Setup_Guide_Services.md b/docs/01_Architecture/Minisforum-MS-R1/Setup_Guide_Services.md index 73f66637..c217cfb5 100644 --- a/docs/01_Architecture/Minisforum-MS-R1/Setup_Guide_Services.md +++ b/docs/01_Architecture/Minisforum-MS-R1/Setup_Guide_Services.md @@ -1,3 +1,8 @@ +--- +type: Guide +status: ACTIVE +owner: DevOps Engineer +--- # Setup Guide: Infrastructure Services (Minisforum MS-R1) **Status:** DEPRECATED / HISTORIC diff --git a/docs/01_Architecture/Minisforum-MS-R1/Spezifikation.md b/docs/01_Architecture/Minisforum-MS-R1/Spezifikation.md index 35797254..93428650 100644 --- a/docs/01_Architecture/Minisforum-MS-R1/Spezifikation.md +++ b/docs/01_Architecture/Minisforum-MS-R1/Spezifikation.md @@ -1,3 +1,8 @@ +--- +type: Reference +status: ACTIVE +owner: DevOps Engineer +--- # Spezifikation | CPU | CP8180, 12 Cores/12 Threads, 2.6Ghz | diff --git a/docs/01_Architecture/Minisforum-MS-R1/Zentrales_Mail-Relay-SSoT_Zora.md b/docs/01_Architecture/Minisforum-MS-R1/Zentrales_Mail-Relay-SSoT_Zora.md index 79bbc078..983100b1 100644 --- a/docs/01_Architecture/Minisforum-MS-R1/Zentrales_Mail-Relay-SSoT_Zora.md +++ b/docs/01_Architecture/Minisforum-MS-R1/Zentrales_Mail-Relay-SSoT_Zora.md @@ -1,3 +1,8 @@ +--- +type: Reference +status: ACTIVE +owner: DevOps Engineer +--- # Dokumentation: Zentrales Mail-Relay (SSoT) auf Zora ## 1. Identität & Rollenverteilung diff --git a/docs/01_Architecture/Minisforum-MS-R1/Zora_Roadmap.md b/docs/01_Architecture/Minisforum-MS-R1/Zora_Roadmap.md index 6c62d647..d2b42a0c 100644 --- a/docs/01_Architecture/Minisforum-MS-R1/Zora_Roadmap.md +++ b/docs/01_Architecture/Minisforum-MS-R1/Zora_Roadmap.md @@ -1,3 +1,8 @@ +--- +type: Reference +status: ACTIVE +owner: Lead Architect +--- # Roadmap: Finalisierung Gitea-Infrastruktur (MS-R1) ## Phase 1: Konnektivität & Erreichbarkeit 🌐 diff --git a/docs/01_Architecture/Reference/Tech_Stack/Implementierung_Offline-First_KMP.md b/docs/01_Architecture/Reference/Tech_Stack/Implementierung_Offline-First_KMP.md index 9dbe591a..0c6764d2 100644 --- a/docs/01_Architecture/Reference/Tech_Stack/Implementierung_Offline-First_KMP.md +++ b/docs/01_Architecture/Reference/Tech_Stack/Implementierung_Offline-First_KMP.md @@ -1,3 +1,8 @@ +--- +type: Reference +status: ACTIVE +owner: Lead Architect +--- Hier ist der Quellcode des Berichts im Markdown-Format: # Architektonische Resilienz in verteilten Systemen: Ein umfassender Leitfaden zur Implementierung von Offline-First Kotlin Multiplatform Architekturen mit SQLDelight diff --git a/docs/01_Architecture/USV-Akku/USV-technische-Daten.md b/docs/01_Architecture/USV-Akku/USV-technische-Daten.md index 749f2514..f20092ef 100644 --- a/docs/01_Architecture/USV-Akku/USV-technische-Daten.md +++ b/docs/01_Architecture/USV-Akku/USV-technische-Daten.md @@ -1,5 +1,7 @@ --- -Datenblatt USV +type: Reference +status: ACTIVE +owner: DevOps Engineer --- # Eaton 3S diff --git a/docs/01_Architecture/adr/000-PENDING-backend-infrastructure-decisions.md b/docs/01_Architecture/adr/000-PENDING-backend-infrastructure-decisions.md index 6641027e..9a32e499 100644 --- a/docs/01_Architecture/adr/000-PENDING-backend-infrastructure-decisions.md +++ b/docs/01_Architecture/adr/000-PENDING-backend-infrastructure-decisions.md @@ -1,3 +1,8 @@ +--- +type: ADR +status: DRAFT +owner: Lead Architect +--- # PENDING DECISIONS: Backend Infrastructure & Architecture **Status:** RESOLVED diff --git a/docs/01_Architecture/adr/0000-adr-template-de.md b/docs/01_Architecture/adr/0000-adr-template-de.md index 6b323a11..f9ae5093 100644 --- a/docs/01_Architecture/adr/0000-adr-template-de.md +++ b/docs/01_Architecture/adr/0000-adr-template-de.md @@ -1,3 +1,8 @@ +--- +type: ADR +status: ACTIVE +owner: Lead Architect +--- # ADR-0000: Vorlage für Architekturentscheidungsaufzeichnungen ## Status diff --git a/docs/01_Architecture/adr/0001-modular-architecture-de.md b/docs/01_Architecture/adr/0001-modular-architecture-de.md index fa6f6f99..789b31dd 100644 --- a/docs/01_Architecture/adr/0001-modular-architecture-de.md +++ b/docs/01_Architecture/adr/0001-modular-architecture-de.md @@ -1,3 +1,8 @@ +--- +type: ADR +status: ACTIVE +owner: Lead Architect +--- # ADR-0001: Modulare Architektur ## Status diff --git a/docs/01_Architecture/adr/0002-domain-driven-design-de.md b/docs/01_Architecture/adr/0002-domain-driven-design-de.md index fabd71da..5c3b5caa 100644 --- a/docs/01_Architecture/adr/0002-domain-driven-design-de.md +++ b/docs/01_Architecture/adr/0002-domain-driven-design-de.md @@ -1,3 +1,8 @@ +--- +type: ADR +status: ACTIVE +owner: Lead Architect +--- # ADR-0002: Domain-Driven Design ## Status diff --git a/docs/01_Architecture/adr/0003-microservices-architecture-de.md b/docs/01_Architecture/adr/0003-microservices-architecture-de.md index 2418fcc9..7a947d2a 100644 --- a/docs/01_Architecture/adr/0003-microservices-architecture-de.md +++ b/docs/01_Architecture/adr/0003-microservices-architecture-de.md @@ -1,3 +1,8 @@ +--- +type: ADR +status: ACTIVE +owner: Lead Architect +--- # ADR-0003: Microservices-Architektur ## Status diff --git a/docs/01_Architecture/adr/0004-event-driven-communication-de.md b/docs/01_Architecture/adr/0004-event-driven-communication-de.md index d4abd781..caa94766 100644 --- a/docs/01_Architecture/adr/0004-event-driven-communication-de.md +++ b/docs/01_Architecture/adr/0004-event-driven-communication-de.md @@ -1,3 +1,8 @@ +--- +type: ADR +status: ACTIVE +owner: Lead Architect +--- # ADR-0004: Ereignisgesteuerte Kommunikation ## Status diff --git a/docs/01_Architecture/adr/0005-polyglot-persistence-de.md b/docs/01_Architecture/adr/0005-polyglot-persistence-de.md index 622b7df6..58c66471 100644 --- a/docs/01_Architecture/adr/0005-polyglot-persistence-de.md +++ b/docs/01_Architecture/adr/0005-polyglot-persistence-de.md @@ -1,3 +1,8 @@ +--- +type: ADR +status: ACTIVE +owner: Lead Architect +--- # ADR-0005: Polyglotte Persistenz ## Status diff --git a/docs/01_Architecture/adr/0006-authentication-authorization-keycloak-de.md b/docs/01_Architecture/adr/0006-authentication-authorization-keycloak-de.md index 2975d2f7..98cfd6e1 100644 --- a/docs/01_Architecture/adr/0006-authentication-authorization-keycloak-de.md +++ b/docs/01_Architecture/adr/0006-authentication-authorization-keycloak-de.md @@ -1,3 +1,8 @@ +--- +type: ADR +status: ACTIVE +owner: Lead Architect +--- # ADR-0006: Authentifizierung und Autorisierung mit Keycloak ## Status diff --git a/docs/01_Architecture/adr/0007-api-gateway-pattern-de.md b/docs/01_Architecture/adr/0007-api-gateway-pattern-de.md index f052d361..3144f512 100644 --- a/docs/01_Architecture/adr/0007-api-gateway-pattern-de.md +++ b/docs/01_Architecture/adr/0007-api-gateway-pattern-de.md @@ -1,3 +1,8 @@ +--- +type: ADR +status: ACTIVE +owner: Lead Architect +--- # ADR-0007: API-Gateway-Muster ## Status diff --git a/docs/01_Architecture/adr/0008-multiplatform-client-applications-de.md b/docs/01_Architecture/adr/0008-multiplatform-client-applications-de.md index fc7cb19d..b1c60413 100644 --- a/docs/01_Architecture/adr/0008-multiplatform-client-applications-de.md +++ b/docs/01_Architecture/adr/0008-multiplatform-client-applications-de.md @@ -1,3 +1,8 @@ +--- +type: ADR +status: ACTIVE +owner: Lead Architect +--- # ADR-0008: Multiplatform-Client-Anwendungen ## Status diff --git a/docs/01_Architecture/adr/0009-final-kmp-architecture.md b/docs/01_Architecture/adr/0009-final-kmp-architecture.md index 85325a2f..55106c2c 100644 --- a/docs/01_Architecture/adr/0009-final-kmp-architecture.md +++ b/docs/01_Architecture/adr/0009-final-kmp-architecture.md @@ -1,3 +1,8 @@ +--- +type: ADR +status: ACTIVE +owner: Lead Architect +--- # ADR-0009: Final KMP Architecture Status: Accepted diff --git a/docs/01_Architecture/adr/001-backend-infrastructure-decisions.md b/docs/01_Architecture/adr/001-backend-infrastructure-decisions.md index 52793787..30bbe5aa 100644 --- a/docs/01_Architecture/adr/001-backend-infrastructure-decisions.md +++ b/docs/01_Architecture/adr/001-backend-infrastructure-decisions.md @@ -1,3 +1,8 @@ +--- +type: ADR +status: ACTIVE +owner: Lead Architect +--- # ADR 001: Backend Infrastructure & Architecture Decisions **Status:** ACCEPTED diff --git a/docs/01_Architecture/adr/0010-sqldelight-for-cross-platform-persistence.md b/docs/01_Architecture/adr/0010-sqldelight-for-cross-platform-persistence.md index 6c4b6962..fce9cb91 100644 --- a/docs/01_Architecture/adr/0010-sqldelight-for-cross-platform-persistence.md +++ b/docs/01_Architecture/adr/0010-sqldelight-for-cross-platform-persistence.md @@ -1,3 +1,8 @@ +--- +type: ADR +status: ACTIVE +owner: Lead Architect +--- # ADR-0010: SQLDelight für Cross-Platform-Persistenz ## Status diff --git a/docs/01_Architecture/adr/0011-koin-for-dependency-injection.md b/docs/01_Architecture/adr/0011-koin-for-dependency-injection.md index 4846c2e0..dce9e6fe 100644 --- a/docs/01_Architecture/adr/0011-koin-for-dependency-injection.md +++ b/docs/01_Architecture/adr/0011-koin-for-dependency-injection.md @@ -1,3 +1,8 @@ +--- +type: ADR +status: ACTIVE +owner: Lead Architect +--- # ADR-0011: Koin für Dependency Injection ## Status diff --git a/docs/01_Architecture/adr/0012-domain-documentation-structure.md b/docs/01_Architecture/adr/0012-domain-documentation-structure.md index f033ee3d..9e5ff47c 100644 --- a/docs/01_Architecture/adr/0012-domain-documentation-structure.md +++ b/docs/01_Architecture/adr/0012-domain-documentation-structure.md @@ -1,3 +1,8 @@ +--- +type: ADR +status: ACTIVE +owner: Lead Architect +--- # ADR-0012: Strukturierung der Domänen-Dokumentation * **Status:** Accepted diff --git a/docs/01_Architecture/adr/README.md b/docs/01_Architecture/adr/README.md index 9d51fc60..f6ad6ff6 100644 --- a/docs/01_Architecture/adr/README.md +++ b/docs/01_Architecture/adr/README.md @@ -1,3 +1,8 @@ +--- +type: Reference +status: ACTIVE +owner: Lead Architect +--- Architecture Decision Records (ADRs) Dieses Verzeichnis enthält Architekturentscheidungen in kurzer, überprüfbarer Form. diff --git a/docs/02_Guides/SQLDelight_Integration_Compose_Multiplatform.md b/docs/02_Guides/SQLDelight_Integration_Compose_Multiplatform.md index fc8f6eb3..c6b4660a 100644 --- a/docs/02_Guides/SQLDelight_Integration_Compose_Multiplatform.md +++ b/docs/02_Guides/SQLDelight_Integration_Compose_Multiplatform.md @@ -1,3 +1,8 @@ +--- +type: Guide +status: ACTIVE +owner: Frontend Expert +--- # SQLDelight Integration in Compose Multiplatform This guide shows how to integrate SQLDelight in a Compose Multiplatform project with Koin dependency injection. diff --git a/docs/02_Guides/SQLDelight_Web_Asynchron.md b/docs/02_Guides/SQLDelight_Web_Asynchron.md index 59ee74a0..654d99b8 100644 --- a/docs/02_Guides/SQLDelight_Web_Asynchron.md +++ b/docs/02_Guides/SQLDelight_Web_Asynchron.md @@ -1,3 +1,8 @@ +--- +type: Guide +status: ACTIVE +owner: Frontend Expert +--- # Architekturstrategien für Asynchrone Persistenz in Kotlin Multiplatform: Eine umfassende Analyse zur Integration von SQLDelight in Web-Umgebungen ## 1. Einleitung und Problemstellung diff --git a/docs/03_Domain/00_Glossary.md b/docs/03_Domain/00_Glossary.md index 4f853d28..54dd455c 100644 --- a/docs/03_Domain/00_Glossary.md +++ b/docs/03_Domain/00_Glossary.md @@ -1,3 +1,8 @@ +--- +type: Reference +status: ACTIVE +owner: Lead Architect +--- # Glossar der Domäne "Meldestelle" Dieses Dokument definiert die **Ubiquitous Language** (allgegenwärtige Sprache) des Projekts. Alle Begriffe sind so zu verwenden, wie sie hier definiert sind – sowohl im Code als auch in der Kommunikation. diff --git a/docs/03_Domain/01_Core_Model/Entities/Overview.md b/docs/03_Domain/01_Core_Model/Entities/Overview.md index 52232f1b..dad1930e 100644 --- a/docs/03_Domain/01_Core_Model/Entities/Overview.md +++ b/docs/03_Domain/01_Core_Model/Entities/Overview.md @@ -1,3 +1,8 @@ +--- +type: Reference +status: ACTIVE +owner: Lead Architect +--- # 01 - Core Domain Entities Dieses Dokument definiert die zentralen fachlichen Entitäten (Kern-Entitäten) des "Meldestelle"-Projekts. Diese Entitäten bilden das Fundament des Datenmodells und der gesamten Anwendungslogik. diff --git a/docs/03_Domain/01_Core_Model/Entities/README.md b/docs/03_Domain/01_Core_Model/Entities/README.md index df67967c..a2515d75 100644 --- a/docs/03_Domain/01_Core_Model/Entities/README.md +++ b/docs/03_Domain/01_Core_Model/Entities/README.md @@ -1,3 +1,8 @@ +--- +type: Reference +status: ACTIVE +owner: Lead Architect +--- # Entitäten des Kern-Modells Dieses Verzeichnis enthält detaillierte Beschreibungen der zentralen fachlichen Entitäten des "Meldestelle"-Projekts. diff --git a/docs/03_Domain/01_Core_Model/README.md b/docs/03_Domain/01_Core_Model/README.md index 81488fa7..f66d1a2a 100644 --- a/docs/03_Domain/01_Core_Model/README.md +++ b/docs/03_Domain/01_Core_Model/README.md @@ -1,3 +1,8 @@ +--- +type: Reference +status: ACTIVE +owner: Lead Architect +--- # Das Kern-Modell (Core Model) Dieses Verzeichnis ist die "Single Source of Truth" für das destillierte, fachliche Wissen des Projekts. Nur was hier beschrieben ist, gilt als vereinbarte Wahrheit für die Implementierung. diff --git a/docs/03_Domain/03_Analysis/Legacy_Spec_Analysis_2026-01.md b/docs/03_Domain/03_Analysis/Legacy_Spec_Analysis_2026-01.md index f5063887..3f5bf4e5 100644 --- a/docs/03_Domain/03_Analysis/Legacy_Spec_Analysis_2026-01.md +++ b/docs/03_Domain/03_Analysis/Legacy_Spec_Analysis_2026-01.md @@ -1,3 +1,8 @@ +--- +type: Reference +status: ACTIVE +owner: Lead Architect +--- # Analyse der Legacy-Spezifikation (OEPS Pflichtenheft 2021 V2.4) * **Datum:** 2026-01-14 diff --git a/docs/03_Domain/03_Analysis/Non_Functional_Requirements_Draft.md b/docs/03_Domain/03_Analysis/Non_Functional_Requirements_Draft.md index f7e23e23..a215db79 100644 --- a/docs/03_Domain/03_Analysis/Non_Functional_Requirements_Draft.md +++ b/docs/03_Domain/03_Analysis/Non_Functional_Requirements_Draft.md @@ -1,3 +1,8 @@ +--- +type: ADR +status: DRAFT +owner: Lead Architect +--- # Non-Functional Requirements (NFRs) - Phase 1 * **Status:** Draft diff --git a/docs/03_Domain/03_Analysis/Scenarios/Anekdote_Meldestelle.md b/docs/03_Domain/03_Analysis/Scenarios/Anekdote_Meldestelle.md index a9b05e7e..8f441c13 100644 --- a/docs/03_Domain/03_Analysis/Scenarios/Anekdote_Meldestelle.md +++ b/docs/03_Domain/03_Analysis/Scenarios/Anekdote_Meldestelle.md @@ -1,3 +1,8 @@ +--- +type: Reference +status: ACTIVE +owner: Lead Architect +--- # Anekdote Meldestelle Ich bin diesmal die Meldestelle für ein kleines Turnier, z.B. ein "CDN-C Neu" bzw. "CSN-C Neu" am "Musterhof". diff --git a/docs/03_Domain/03_Analysis/Use_Cases_Draft.md b/docs/03_Domain/03_Analysis/Use_Cases_Draft.md index 01cb003a..87709a14 100644 --- a/docs/03_Domain/03_Analysis/Use_Cases_Draft.md +++ b/docs/03_Domain/03_Analysis/Use_Cases_Draft.md @@ -1,3 +1,8 @@ +--- +type: ADR +status: DRAFT +owner: Lead Architect +--- # Use Cases Draft - Phase 1 (Core Domain) * **Status:** Draft diff --git a/docs/03_Domain/03_Analysis/User_Stories_Draft.md b/docs/03_Domain/03_Analysis/User_Stories_Draft.md index 1aa61e05..767aaac3 100644 --- a/docs/03_Domain/03_Analysis/User_Stories_Draft.md +++ b/docs/03_Domain/03_Analysis/User_Stories_Draft.md @@ -1,3 +1,8 @@ +--- +type: ADR +status: DRAFT +owner: Lead Architect +--- # User Stories Draft - Phase 1 (Core Domain) * **Status:** Draft diff --git a/docs/04_Agents/Playbooks/Architect.md b/docs/04_Agents/Playbooks/Architect.md index 517ab2d4..0c737c1e 100644 --- a/docs/04_Agents/Playbooks/Architect.md +++ b/docs/04_Agents/Playbooks/Architect.md @@ -1,3 +1,8 @@ +--- +type: Reference +status: ACTIVE +owner: Lead Architect +--- # Playbook: Lead Architect (System & Build) ## Beschreibung diff --git a/docs/04_Agents/Playbooks/BackendDeveloper.md b/docs/04_Agents/Playbooks/BackendDeveloper.md index 44b3f734..351cafe0 100644 --- a/docs/04_Agents/Playbooks/BackendDeveloper.md +++ b/docs/04_Agents/Playbooks/BackendDeveloper.md @@ -1,3 +1,8 @@ +--- +type: Reference +status: ACTIVE +owner: Lead Architect +--- # Playbook: Senior Backend Developer (Spring Boot & DDD) ## Beschreibung diff --git a/docs/04_Agents/Playbooks/DevOpsEngineer.md b/docs/04_Agents/Playbooks/DevOpsEngineer.md index 7391734a..78021947 100644 --- a/docs/04_Agents/Playbooks/DevOpsEngineer.md +++ b/docs/04_Agents/Playbooks/DevOpsEngineer.md @@ -1,3 +1,8 @@ +--- +type: Reference +status: ACTIVE +owner: Lead Architect +--- # Playbook: Infrastructure & DevOps Engineer ## Beschreibung diff --git a/docs/04_Agents/Playbooks/DomainExpert.md b/docs/04_Agents/Playbooks/DomainExpert.md index 7a700f6b..fa4329b2 100644 --- a/docs/04_Agents/Playbooks/DomainExpert.md +++ b/docs/04_Agents/Playbooks/DomainExpert.md @@ -1,3 +1,8 @@ +--- +type: Reference +status: ACTIVE +owner: Lead Architect +--- # Playbook: Domain/Product Expert (optional, Diskussion/Sparring) ## Beschreibung diff --git a/docs/04_Agents/Playbooks/FrontendExpert.md b/docs/04_Agents/Playbooks/FrontendExpert.md index 6fd4df38..f980ec7a 100644 --- a/docs/04_Agents/Playbooks/FrontendExpert.md +++ b/docs/04_Agents/Playbooks/FrontendExpert.md @@ -1,3 +1,8 @@ +--- +type: Reference +status: ACTIVE +owner: Lead Architect +--- # Playbook: KMP Frontend Expert ## Beschreibung diff --git a/docs/04_Agents/Playbooks/Gemini.md b/docs/04_Agents/Playbooks/Gemini.md index 8b587af3..9c1802ae 100644 --- a/docs/04_Agents/Playbooks/Gemini.md +++ b/docs/04_Agents/Playbooks/Gemini.md @@ -1,3 +1,8 @@ +--- +type: Reference +status: ACTIVE +owner: Lead Architect +--- # Playbook: Gemini (parallel/extern) ## Zweck diff --git a/docs/04_Agents/Playbooks/Junie.md b/docs/04_Agents/Playbooks/Junie.md index 7c5e6756..525302c3 100644 --- a/docs/04_Agents/Playbooks/Junie.md +++ b/docs/04_Agents/Playbooks/Junie.md @@ -1,3 +1,8 @@ +--- +type: Reference +status: ACTIVE +owner: Lead Architect +--- # Playbook: Junie (IDE) ## Zweck diff --git a/docs/04_Agents/Playbooks/QASpecialist.md b/docs/04_Agents/Playbooks/QASpecialist.md index a298d83c..302badc8 100644 --- a/docs/04_Agents/Playbooks/QASpecialist.md +++ b/docs/04_Agents/Playbooks/QASpecialist.md @@ -1,3 +1,8 @@ +--- +type: Reference +status: ACTIVE +owner: Lead Architect +--- # Playbook: QA & Testing Specialist ## Beschreibung diff --git a/docs/04_Agents/README.md b/docs/04_Agents/README.md index 126f03d0..1d23137a 100644 --- a/docs/04_Agents/README.md +++ b/docs/04_Agents/README.md @@ -1,3 +1,8 @@ +--- +type: Reference +status: ACTIVE +owner: Lead Architect +--- # Agent Operating Model (AOM) Dieses Verzeichnis definiert, **wie** KI-Unterstützung im Projekt eingesetzt wird: diff --git a/docs/05_Backend/README.md b/docs/05_Backend/README.md index 7942ff40..7dc40344 100644 --- a/docs/05_Backend/README.md +++ b/docs/05_Backend/README.md @@ -1,3 +1,8 @@ +--- +type: Reference +status: ACTIVE +owner: Backend Developer +--- # Backend Dokumentation Dieses Verzeichnis enthält die spezifische Dokumentation für alle Backend-Komponenten, einschließlich der Microservices und der Infrastruktur-Module wie dem API-Gateway. diff --git a/docs/06_Frontend/Logs/2026-02-02_Docker_Build_Troubleshooting.md b/docs/06_Frontend/Logs/2026-02-02_Docker_Build_Troubleshooting.md index 8426c84e..05ea56d4 100644 --- a/docs/06_Frontend/Logs/2026-02-02_Docker_Build_Troubleshooting.md +++ b/docs/06_Frontend/Logs/2026-02-02_Docker_Build_Troubleshooting.md @@ -1,3 +1,8 @@ +--- +type: Report +status: ARCHIVED +owner: Frontend Expert +--- # 🧹 Troubleshooting Log: Frontend Docker Build & Runtime Config **Datum:** 02.02.2026 diff --git a/docs/06_Frontend/Logs/2026-02-02_Docker_Build_Troubleshooting_Part2.md b/docs/06_Frontend/Logs/2026-02-02_Docker_Build_Troubleshooting_Part2.md index eaee0488..46d111ad 100644 --- a/docs/06_Frontend/Logs/2026-02-02_Docker_Build_Troubleshooting_Part2.md +++ b/docs/06_Frontend/Logs/2026-02-02_Docker_Build_Troubleshooting_Part2.md @@ -1,3 +1,8 @@ +--- +type: Report +status: ARCHIVED +owner: Frontend Expert +--- # 🧹 Troubleshooting Log: Gradle 9.x & KMP Docker Build (Part 2) **Datum:** 02.02.2026 diff --git a/docs/06_Frontend/offline-first-architecture.md b/docs/06_Frontend/offline-first-architecture.md index 0a1174a6..3c4571c7 100644 --- a/docs/06_Frontend/offline-first-architecture.md +++ b/docs/06_Frontend/offline-first-architecture.md @@ -1,3 +1,8 @@ +--- +type: Reference +status: ACTIVE +owner: Frontend Expert +--- # Offline-First-Architektur Dieses Dokument beschreibt die **Zielarchitektur** für die Offline-First-Strategie im KMP-Frontend. diff --git a/docs/06_Frontend/web-setup.md b/docs/06_Frontend/web-setup.md index bfb3ce0d..a3eeb6fc 100644 --- a/docs/06_Frontend/web-setup.md +++ b/docs/06_Frontend/web-setup.md @@ -1,3 +1,8 @@ +--- +type: Guide +status: ACTIVE +owner: Frontend Expert +--- # Web-Setup (Webpack & Worker) Dieses Dokument beschreibt die spezifische Konfiguration für das Web-Target (JS/Wasm) des KMP-Frontends. diff --git a/docs/07_Infrastructure/Heim-Netzwerk-Plan_02-2026.md b/docs/07_Infrastructure/Heim-Netzwerk-Plan_02-2026.md index 62b172b5..5e0df447 100644 --- a/docs/07_Infrastructure/Heim-Netzwerk-Plan_02-2026.md +++ b/docs/07_Infrastructure/Heim-Netzwerk-Plan_02-2026.md @@ -1,4 +1,8 @@ - +--- +type: Reference +status: ACTIVE +owner: DevOps Engineer +--- # Heimnetzwerk ```mermaid diff --git a/docs/07_Infrastructure/Konfig-Matrix_Dev-ProZora.md b/docs/07_Infrastructure/Konfig-Matrix_Dev-ProZora.md index 083af10d..dea20f0c 100644 --- a/docs/07_Infrastructure/Konfig-Matrix_Dev-ProZora.md +++ b/docs/07_Infrastructure/Konfig-Matrix_Dev-ProZora.md @@ -1,5 +1,7 @@ --- -Konfigurations-Matrix +type: Reference +status: ACTIVE +owner: DevOps Engineer --- # Konfigurations-Matrix @@ -15,15 +17,17 @@ Konfigurations-Matrix | **POSTGRES_DB** | `meldestelle` | `meldestelle` | Name der primären Datenbank-Instanz. | | **POSTGRES_PORT** | `5432:5432` | `5432:5432` | Mapping vom Host zum Container. | | **PROJECT_NAME** | `meldestelle` | `meldestelle` | Präfix für Container-Namen auf dem Host. | -| **KC_HOSTNAME** | `localhost` | `auth.mo-code.at` | Erreichbarkeit von Keycloak (wichtig für Tokens). | +| **KC_HOSTNAME** | `localhost` | `` | Erreichbarkeit von Keycloak (wichtig für Tokens). Auf dem Server nie `localhost`! | | **KC_DB_URL** | `jdbc:postgresql://postgres:5432/pg-meldestelle-db` | `jdbc:postgresql://postgres:5432/meldestelle` | JDBC-String (muss zur POSTGRES_DB passen). | | **VALKEY_MAXMEMORY** | `256mb` | `4gb` bis `8gb` | Zora hat 64 GB RAM; hier können wir großzügig cachen. | | **VALKEY_POLICY** | `allkeys-lru` | `allkeys-lru` | Wirft die am längsten nicht genutzten Schlüssel raus, wenn der Speicher voll ist. | | **VALKEY_PASSWORD** | `leer` oder `dev` | `[STARKES_SECRET]` | SSoT-Geheimnis aus Gitea-Secrets. | | **VALKEY_PORT** | `6379:6379` | `6379:6379` | Standard-Port-Mapping. | | **KC_HEAP_MAX** | `1024m` | `4096m` | Mehr Power für Zoras 64 GB RAM. | -| **KC_COMMAND** | `start-dev --import-realm` | `start --optimized` | Nutzt das im Dockerfile vor-gebaute Image. | -| **KC_HOSTNAME** | `localhost` | `auth.mo-code.at` | Wichtig für gültige Tokens im Web-Frontend. | +| **KC_COMMAND** | `start-dev --import-realm` | `start --optimized --import-realm` | `start-dev` + pre-built Image = Konflikt! Server immer mit `--optimized`. | +| **KC_HOSTNAME_STRICT** | `false` | `false` | `false` = beliebige Hostnamen erlaubt (Pflicht für HTTP-only Betrieb). | +| **KC_HOSTNAME_STRICT_HTTPS** | `false` | `false` | `false` = kein HTTPS-Zwang. Bei TLS-Einrichtung auf `true` setzen. | +| **KC_MANAGEMENT_PORT** | `9000:9000` | `9000:9000` | Health/Metrics-Port (immer auf 0.0.0.0 gebunden, unabhängig von KC_HOSTNAME). | | **KC_DB_PASSWORD** | `meldestelle` | `[GEHEIM]` | SSoT-Passwort aus den Gitea-Secrets. | | **KEYCLOAK_IMAGE_TAG** | `26.4` | `26.4` | Versionierung. | | **ZIPKIN_HEAP** | `256m` | `1024m` | Mehr Puffer für Tracing-Daten auf Zora. | diff --git a/docs/07_Infrastructure/Pangolin-vs-Cloudflare-Tunnel.md b/docs/07_Infrastructure/Pangolin-vs-Cloudflare-Tunnel.md index 89b5e40f..f77e6ffc 100644 --- a/docs/07_Infrastructure/Pangolin-vs-Cloudflare-Tunnel.md +++ b/docs/07_Infrastructure/Pangolin-vs-Cloudflare-Tunnel.md @@ -1,5 +1,7 @@ --- -Pangolin vs. Cloudflare Tunnel +type: Reference +status: ACTIVE +owner: DevOps Engineer --- ## 🛡️ Pangolin vs. Cloudflare Tunnel diff --git a/docs/07_Infrastructure/Reference/ports-and-urls.md b/docs/07_Infrastructure/Reference/ports-and-urls.md index 7232dcb9..661d2163 100644 --- a/docs/07_Infrastructure/Reference/ports-and-urls.md +++ b/docs/07_Infrastructure/Reference/ports-and-urls.md @@ -1,6 +1,7 @@ --- -owner: project-maintainers -status: active +type: Reference +owner: DevOps Engineer +status: ACTIVE review_cycle: 180d last_reviewed: 2025-10-31 summary: "Übersicht der wichtigsten lokalen URLs und Ports. Quelle: docker-compose.yaml + config/env" diff --git a/docs/07_Infrastructure/Reference/zipkin.md b/docs/07_Infrastructure/Reference/zipkin.md index e2623a94..da7abf61 100644 --- a/docs/07_Infrastructure/Reference/zipkin.md +++ b/docs/07_Infrastructure/Reference/zipkin.md @@ -1,3 +1,8 @@ +--- +type: Reference +status: ACTIVE +owner: DevOps Engineer +--- # Zipkin Tracing ## Übersicht diff --git a/docs/07_Infrastructure/Zora_Infrastructure_Deployment_02-2026.md b/docs/07_Infrastructure/Zora_Infrastructure_Deployment_02-2026.md index abb517b0..348aad7e 100644 --- a/docs/07_Infrastructure/Zora_Infrastructure_Deployment_02-2026.md +++ b/docs/07_Infrastructure/Zora_Infrastructure_Deployment_02-2026.md @@ -1,8 +1,7 @@ --- - -Hier ist eine strategische Roadmap für den Ausbau des „Empires“ auf **Zora**. Da du aktuell im „Mo’s Territory“ bist, dient dieser Plan als Vorbereitung für deine nächste Session am Gerät. - -:white_check_mark: +type: Reference +status: ACTIVE +owner: DevOps Engineer --- # Roadmap: Zora Infrastructure & Deployment (Februar 2026) diff --git a/docs/07_Infrastructure/Zora_System_Architektur.md b/docs/07_Infrastructure/Zora_System_Architektur.md index 1ef43261..4c7ec42b 100644 --- a/docs/07_Infrastructure/Zora_System_Architektur.md +++ b/docs/07_Infrastructure/Zora_System_Architektur.md @@ -1,4 +1,8 @@ - +--- +type: Reference +status: ACTIVE +owner: DevOps Engineer +--- ## 🏗️ System-Architektur "Zora" (ARM64) **Stand: 05. März 2026** diff --git a/docs/07_Infrastructure/runbooks/local-development.md b/docs/07_Infrastructure/runbooks/local-development.md index 952a950d..63b50cc1 100644 --- a/docs/07_Infrastructure/runbooks/local-development.md +++ b/docs/07_Infrastructure/runbooks/local-development.md @@ -1,3 +1,8 @@ +--- +type: Guide +status: ACTIVE +owner: DevOps Engineer +--- # Runbook: Lokale Entwicklungsumgebung Dieses Dokument beschreibt, wie die Docker-basierte lokale Entwicklungsumgebung für das Projekt "Meldestelle" verwendet wird. diff --git a/docs/90_Reports/2026-02-01_Frontend_Cleanup_Status.md b/docs/90_Reports/2026-02-01_Frontend_Cleanup_Status.md index 2a4f6a6e..3913f7ed 100644 --- a/docs/90_Reports/2026-02-01_Frontend_Cleanup_Status.md +++ b/docs/90_Reports/2026-02-01_Frontend_Cleanup_Status.md @@ -1,8 +1,10 @@ --- +type: Report +status: ACTIVE +owner: Frontend Expert title: Frontend Cleanup & Architecture Status Report date: 2026-02-01 author: Frontend Expert & Curator -status: Final tags: [frontend, architecture, cleanup, kmp, compose] --- diff --git a/docs/90_Reports/2026-02-01_Sync_Fix_Report.md b/docs/90_Reports/2026-02-01_Sync_Fix_Report.md index fa1d7a0f..ecb451b4 100644 --- a/docs/90_Reports/2026-02-01_Sync_Fix_Report.md +++ b/docs/90_Reports/2026-02-01_Sync_Fix_Report.md @@ -1,8 +1,9 @@ --- type: Report +status: ACTIVE +owner: Curator date: 2026-02-01 author: Curator -status: FINAL --- # Report: Fix Sync Type Mismatch (String vs Long) diff --git a/docs/99_Journal/2026-03-06_Session_Log_Keycloak_Fix.md b/docs/99_Journal/2026-03-06_Session_Log_Keycloak_Fix.md new file mode 100644 index 00000000..8b2dd3b8 --- /dev/null +++ b/docs/99_Journal/2026-03-06_Session_Log_Keycloak_Fix.md @@ -0,0 +1,37 @@ +# Journal - 2026-03-06 + +## 📝 Zusammenfassung +Keycloak funktionierte lokal einwandfrei, aber auf dem Meldestellen-Host war das Admin-Dashboard (`:8180`) nicht erreichbar und der Login schlug fehl — obwohl der Health-Port (`:9000`) grün war. Root Cause: Das pre-built Registry-Image wurde mit `start-dev` gestartet (Konflikt) und `KC_HOSTNAME=localhost` war auf dem Server falsch. + +## 🛠️ Änderungen + +### 1. `dc-infra.yaml` — Keycloak-Service bereinigt +* **Command:** `start-dev --import-realm` → `start --optimized --import-realm` (nutzt das pre-built Image korrekt). +* **Neu:** `KC_HOSTNAME_STRICT=false` und `KC_HOSTNAME_STRICT_HTTPS=false` — erlaubt HTTP-Betrieb ohne TLS-Zwang. +* **Neu:** `KC_HTTP_MANAGEMENT_PORT=9000` — Management-Interface explizit konfiguriert. +* **Fix:** `KC_DEBUG_PORT` → `KC_MANAGEMENT_PORT` umbenannt (war falsch benannt). +* **Fix:** Image-Pfad von `grandmo` → `mocode-software` korrigiert. +* **Neu:** Healthcheck auf `http://localhost:9000/health/ready` ergänzt. + +### 2. `.env` — Keycloak-Block erweitert +* `KC_HOSTNAME_STRICT=false`, `KC_HOSTNAME_STRICT_HTTPS=false`, `KC_MANAGEMENT_PORT=9000:9000` hinzugefügt. +* Erklärende Kommentare: LOKAL vs. SERVER für `KC_COMMAND` und `KC_HOSTNAME`. + +### 3. `.env.example` — Als Server-Vorlage optimiert +* Default `KC_COMMAND=start --optimized --import-realm` (Server-Default). +* ``-Werte für alle Secrets (`KC_ADMIN_PASSWORD`, `KC_DB_PASSWORD`) und `KC_HOSTNAME`. +* `SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_ISSUER_URI` mit ``-Platzhalter. +* Klare LOKAL/SERVER-Kommentare bei allen kritischen Variablen. + +## 📚 Gelerntes +* **`kc.sh build` + `start-dev` = Konflikt:** Ein mit `kc.sh build` optimiertes Image muss mit `start --optimized` gestartet werden. `start-dev` ignoriert den Pre-Build und startet im Dev-Modus — das bricht das Registry-Image auf dem Server. +* **`KC_HOSTNAME` steuert den HTTP-Port, nicht den Management-Port:** Port `9000` (Health) ist immer auf `0.0.0.0` gebunden. Port `8080/8180` (HTTP) wird durch `KC_HOSTNAME` gesteuert — daher war Health grün, aber Admin-Dashboard nicht erreichbar. +* **`KC_HOSTNAME_STRICT=false` ist Pflicht für HTTP-only Server:** Ohne dieses Flag lehnt Keycloak alle Requests ab, deren Host-Header nicht exakt mit `KC_HOSTNAME` übereinstimmt. + +## 🔜 Nächste Schritte +* Auf dem Meldestellen-Host die `.env` anpassen: + * `KC_HOSTNAME=` + * `KC_COMMAND=start --optimized --import-realm` + * `SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_ISSUER_URI=http://:8180/realms/meldestelle` +* Container neu starten und Admin-Dashboard + Login verifizieren. +* Langfristig: TLS/HTTPS einrichten, dann `KC_HOSTNAME_STRICT_HTTPS=true` setzen. diff --git a/docs/ScreenShots/event-log_2026-01-28 12-20-22.png b/docs/ScreenShots/event-log_2026-01-28 12-20-22.png deleted file mode 100644 index 47741561..00000000 Binary files a/docs/ScreenShots/event-log_2026-01-28 12-20-22.png and /dev/null differ diff --git a/gradle.properties b/gradle.properties index cbfc73f0..0246fe9e 100644 --- a/gradle.properties +++ b/gradle.properties @@ -33,7 +33,7 @@ org.gradle.parallel=true org.gradle.caching=true # Security and Reproducibility -org.gradle.dependency.verification=lenient +org.gradle.dependency.verification=strict org.gradle.dependency.locking.enabled=true # Development