# b0esche.cloud A self-hosted, SaaS-style cloud storage and document platform with a Go backend and Flutter web frontend. 🌐 **Live:** [b0esche.cloud](https://b0esche.cloud) ## Architecture ``` β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚ Flutter Web │────▢│ Go Backend │────▢│ PostgreSQL β”‚ β”‚ (b0esche_cloud)β”‚ β”‚ (go_cloud) β”‚ β”‚ β”‚ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β””β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β”‚ β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”Όβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β–Ό β–Ό β–Ό β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚Nextcloud β”‚ β”‚Collabora β”‚ β”‚ Traefik β”‚ β”‚(Storage) β”‚ β”‚ (Office) β”‚ β”‚ (Proxy) β”‚ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ ``` ## Project Structure ``` b0esche_cloud/ β”œβ”€β”€ b0esche_cloud/ # Flutter web frontend β”‚ β”œβ”€β”€ lib/ β”‚ β”‚ β”œβ”€β”€ blocs/ # BLoC state management β”‚ β”‚ β”œβ”€β”€ models/ # Data models β”‚ β”‚ β”œβ”€β”€ pages/ # UI pages β”‚ β”‚ β”œβ”€β”€ repositories/ # Data repositories β”‚ β”‚ β”œβ”€β”€ services/ # API services β”‚ β”‚ β”œβ”€β”€ theme/ # App theming β”‚ β”‚ └── widgets/ # Reusable widgets β”‚ └── web/ # Web assets β”œβ”€β”€ go_cloud/ # Go backend β”‚ β”œβ”€β”€ cmd/api/ # Main entry point β”‚ β”œβ”€β”€ internal/ β”‚ β”‚ β”œβ”€β”€ auth/ # Authentication (OIDC, Passkeys) β”‚ β”‚ β”œβ”€β”€ files/ # File management β”‚ β”‚ β”œβ”€β”€ org/ # Organization management β”‚ β”‚ β”œβ”€β”€ storage/ # Nextcloud/WebDAV integration β”‚ β”‚ β”œβ”€β”€ http/ # HTTP handlers & WOPI β”‚ β”‚ └── ... β”‚ β”œβ”€β”€ migrations/ # Database migrations β”‚ └── pkg/jwt/ # JWT utilities β”œβ”€β”€ scripts/ # Deployment & operations scripts └── docs/ # Documentation └── AUTH.md # Authentication system docs ``` ## Features - πŸ” **Authentication**: OIDC via Nextcloud + WebAuthn Passkeys - πŸ“ **File Management**: Upload, download, organize files - πŸ‘₯ **Organizations**: Multi-tenant with roles (Owner, Admin, Member) - πŸ“ **Document Viewing**: PDF viewer, Office document preview - πŸ”„ **Real-time Sync**: Nextcloud/WebDAV backend storage - πŸš€ **Auto-deployment**: Daily 3AM deployments via GitLab webhooks ## Prerequisites - Go 1.21+ - Flutter 3.10+ - Docker & Docker Compose - PostgreSQL 15+ ## Local Development ### Quick Start ```bash # Start everything ./scripts/dev-all.sh ``` ### Manual Setup **Backend:** ```bash cd go_cloud cp .env.example .env # Edit .env with your configuration go run ./cmd/api ``` **Frontend:** ```bash cd b0esche_cloud flutter pub get flutter run -d chrome ``` ## Configuration ### Backend Environment Variables | Variable | Description | |----------|-------------| | `SERVER_ADDR` | Server address (default: `:8080`) | | `DATABASE_URL` | PostgreSQL connection string | | `JWT_SECRET` | Secret for JWT signing | | `OIDC_ISSUER_URL` | OIDC provider URL | | `OIDC_CLIENT_ID` | OIDC client ID | | `OIDC_CLIENT_SECRET` | OIDC client secret | | `NEXTCLOUD_URL` | Nextcloud instance URL | | `NEXTCLOUD_USERNAME` | Nextcloud admin username | | `NEXTCLOUD_PASSWORD` | Nextcloud admin password | | `COLLABORA_URL` | Collabora Online URL | ## Production Deployment The project runs on a VPS with Docker containers behind Traefik reverse proxy. ### Services & Domains | Domain | Service | |--------|---------| | `www.b0esche.cloud` | Flutter Web (Nginx) | | `go.b0esche.cloud` | Go API Backend | | `storage.b0esche.cloud` | Nextcloud (Storage + OIDC) | | `of.b0esche.cloud` | Collabora Online (Office) | ### Server Directory Structure ``` /opt/ β”œβ”€β”€ traefik/ # Reverse proxy + SSL β”œβ”€β”€ go/ # Go backend + PostgreSQL β”œβ”€β”€ flutter/ # Flutter web build + Nginx β”œβ”€β”€ scripts/ # Operations scripts └── auto-deploy/ # Auto-deployment workspace ``` ### Server Scripts | Script | Description | |--------|-------------| | `auto-deploy.sh` | Daily automated deployment (runs at 3AM) | | `deploy-now.sh` | Trigger immediate deployment | | `backup.sh` | Full backup (DB, configs, volumes) | | `monitor.sh` | Health monitoring & alerts | | `webhook-server.py` | GitLab webhook receiver | ## Tech Stack | Component | Technology | |-----------|------------| | Frontend | Flutter Web, BLoC | | Backend | Go, Chi Router | | Database | PostgreSQL | | Storage | Nextcloud (WebDAV) | | Office | Collabora Online | | Auth | OIDC, WebAuthn | | Proxy | Traefik | | CI/CD | GitLab + Webhooks | ## Documentation | Document | Description | |----------|-------------| | [ARCHITECTURE.md](docs/ARCHITECTURE.md) | System architecture, components, data flows | | [API.md](docs/API.md) | Complete API endpoint reference | | [AUTH.md](docs/AUTH.md) | Authentication system (Passkeys, OIDC, roles) | | [SECURITY.md](docs/SECURITY.md) | Security architecture, hardening, best practices | | [DEVELOPMENT.md](docs/DEVELOPMENT.md) | Local setup, coding conventions, testing | | [DEPLOYMENT.md](docs/DEPLOYMENT.md) | Production deployment, operations, troubleshooting | ## License Private project - All rights reserved