d-bis/Sankofa
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Apply Composer changes: comprehensive API updates, migrations, middleware, and infrastructure improvements

Browse Source 
- Add comprehensive database migrations (001-024) for schema evolution
- Enhance API schema with expanded type definitions and resolvers
- Add new middleware: audit logging, rate limiting, MFA enforcement, security, tenant auth
- Implement new services: AI optimization, billing, blockchain, compliance, marketplace
- Add adapter layer for cloud integrations (Cloudflare, Kubernetes, Proxmox, storage)
- Update Crossplane provider with enhanced VM management capabilities
- Add comprehensive test suite for API endpoints and services
- Update frontend components with improved GraphQL subscriptions and real-time updates
- Enhance security configurations and headers (CSP, CORS, etc.)
- Update documentation and configuration files
- Add new CI/CD workflows and validation scripts
- Implement design system improvements and UI enhancements
This commit is contained in:
defiQUG
2025-12-12 18:01:35 -08:00
parent e01131efaf
commit 9daf1fd378
968 changed files with 160890 additions and 1092 deletions
Download Patch File Download Diff File Expand all files Collapse all files

358
docs/phoenix/BUSINESS_COMMUNICATIONS.md Normal file
View File

@@ -0,0 +1,358 @@
# Phoenix Business Communications Infrastructure
## Overview
Phoenix provides comprehensive business communications infrastructure including AS4 gateway for B2B document exchange, workflow automation (Logic Apps equivalent), and financial messaging gateway for banking and financial transactions.
## Architecture
```
┌─────────────────────────────────────────────────────────────┐
│ Phoenix Business Communications Stack │
├─────────────────────────────────────────────────────────────┤
│ │
│ ┌──────────────────┐ ┌──────────────────┐ │
│ │ Email Server │ │ AS4 Gateway │ │
│ │ (Sankofa Mail) │ │ (B2B Exchange) │ │
│ └────────┬─────────┘ └────────┬─────────┘ │
│ │ │ │
│ └──────────┬───────────┘ │
│ │ │
│ ┌──────────▼───────────┐ │
│ │ Business Integration │ │
│ │ Gateway (Logic Apps) │ │
│ └──────────┬───────────┘ │
│ │ │
│ ┌──────────▼───────────┐ │
│ │ Financial Messaging │ │
│ │ Gateway │ │
│ └─────────────────────┘ │
│ │
└─────────────────────────────────────────────────────────────┘
```
## Components
### 1. Email Server (Sankofa Mail)
**Purpose**: Organizational email with business communication support
**Features**:
- SMTP/IMAP/POP3 services
- Email authentication (SPF, DKIM, DMARC)
- Business email routing
- Integration with AS4 gateway
- Integration with workflow automation
**Integration Points**:
- Routes business emails to AS4 gateway
- Triggers workflows via email
- Processes financial notifications
### 2. AS4 Gateway
**Purpose**: Secure B2B document exchange using AS4 protocol
**Standards**:
- AS4 (OASIS ebMS 3.0)
- WS-Security
- X.509 certificates
- EU eDelivery AS4 profile
**Features**:
- Secure message exchange (SOAP/WS-Security)
- Digital signatures and encryption
- Message reliability (receipts, acknowledgments)
- Trading partner management
- Message routing and transformation
- Compliance and audit logging
**Use Cases**:
- Government document exchange
- Healthcare data exchange
- Legal document transmission
- Supply chain communications
- Regulatory compliance reporting
### 3. Business Integration Gateway (Phoenix Logic Apps)
**Purpose**: Workflow automation and integration platform
**Features**:
- Visual workflow designer
- API integration and orchestration
- Business process automation
- Data transformation (JSON, XML, EDI)
- Event-driven workflows
- Scheduled tasks and triggers
- Connector library
**Recommended Platforms**:
- **n8n**: Open source, visual workflow automation (recommended)
- **Apache Airflow**: Workflow orchestration
- **Camunda**: BPMN workflow engine
- **Temporal**: Workflow orchestration
**Integration Capabilities**:
- REST APIs
- SOAP services
- Database connectors
- File system operations
- Email/SMS integration
- Blockchain integration
- AS4 gateway integration
- Financial messaging integration
### 4. Financial Messaging Gateway
**Purpose**: Financial message handling and envelope processing
**Standards Support**:
- **ISO 20022**: MX messages (modern standard)
- **SWIFT MT**: Legacy SWIFT messages
- **FIX Protocol**: Trading messages
- **EDI X12**: Financial transactions
- **EDIFACT**: International trade
- **SEPA**: Single Euro Payments Area
**Message Types**:
- Payment messages (pain.001, pain.002, pacs.008, pacs.009)
- Bank statements (camt.053, camt.054)
- Securities messages
- Trade finance messages
- Regulatory reporting
**Features**:
- Message validation and transformation
- Message routing
- Encryption and digital signatures
- Audit logging
- Compliance reporting
- Long-term message archives
## Integration Flows
### Flow 1: Business Document Exchange via AS4
```
Trading Partner → AS4 Gateway → Business Integration Gateway → Internal Systems
Message Archive
Audit Log
```
### Flow 2: Financial Transaction Processing
```
Banking System → Financial Messaging Gateway → Business Integration Gateway → AS4 Gateway → Trading Partner
Message Archive
Compliance Report
```
### Flow 3: Workflow-Triggered Communication
```
Event → Business Integration Gateway → AS4 Gateway → Trading Partner
Email Server → Notification
```
### Flow 4: Email to Business Process
```
Email → Email Server → Business Integration Gateway → Workflow Execution
```
## Setup and Configuration
### AS4 Gateway Setup
1. **Install AS4 Software**:
```bash
# Option 1: Holodeck B2B (Open Source)
docker run -d \
--name holodeck-b2b \
-p 8080:8080 \
-v /opt/as4-gateway/data:/data \
holodeckb2b/holodeck-b2b:latest
# Option 2: Hermes4AS4
# Download from: https://github.com/hermes4as4/hermes4as4
```
2. **Configure Certificates**:
```bash
# Generate X.509 certificates
openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 365
# Import to keystore
keytool -import -alias as4-cert -file cert.pem -keystore keystore.jks
```
3. **Configure Trading Partners**:
```xml
<trading-partner>
<id>PARTNER_001</id>
<endpoint>https://partner.example.com/as4</endpoint>
<certificate>partner-cert.pem</certificate>
</trading-partner>
```
### Business Integration Gateway Setup
1. **Install n8n** (Recommended):
```bash
cd /opt/phoenix-integration
docker-compose -f docker-compose-n8n.yml up -d
```
2. **Access Web Interface**:
- URL: `http://integration.sankofa.nexus`
- Default credentials: admin / CHANGE_ME_ON_FIRST_LOGIN
3. **Create Workflows**:
- Visual workflow designer
- Drag-and-drop nodes
- Configure connectors
- Set up triggers
4. **Configure Connectors**:
- AS4 Gateway connector
- Financial Messaging Gateway connector
- Email connector
- Database connectors
- REST/SOAP connectors
### Financial Messaging Gateway Setup
1. **Install Message Processor**:
```bash
# Custom implementation or commercial solution
# Configure ISO 20022 message handlers
```
2. **Configure Message Formats**:
```bash
# ISO 20022 schemas
/opt/financial-messaging/formats/iso20022/
# SWIFT MT formats
/opt/financial-messaging/formats/swift/
# FIX protocol
/opt/financial-messaging/formats/fix/
```
3. **Set Up Message Routing**:
```yaml
routing-rules:
- pattern: "pain.001.*"
destination: "payment-processor"
- pattern: "camt.053.*"
destination: "statement-processor"
```
## Security and Compliance
### Encryption
- **Transport**: TLS 1.3 for all connections
- **Message**: End-to-end encryption for sensitive data
- **At Rest**: Encrypted message archives
### Digital Signatures
- **X.509 Certificates**: For AS4 messages
- **S/MIME**: For email communications
- **XML Digital Signatures**: For financial messages
### Audit and Compliance
- **Message Logging**: All messages logged with timestamps
- **Audit Trails**: Complete audit trail for compliance
- **Retention**: Long-term message archives (7+ years)
- **Compliance Reports**: Automated compliance reporting
## Monitoring
### Health Checks
```bash
# AS4 Gateway
curl http://as4.sankofa.nexus/health
# Business Integration Gateway
curl http://integration.sankofa.nexus/health
# Financial Messaging Gateway
curl http://financial.sankofa.nexus/health
```
### Metrics
- Message throughput
- Processing latency
- Error rates
- Queue depths
- Storage usage
### Alerts
- Message processing failures
- Queue backup
- Certificate expiration
- Storage capacity warnings
## Best Practices
1. **Message Archiving**: Archive all business messages for compliance
2. **Redundancy**: Deploy redundant gateways for high availability
3. **Monitoring**: Set up comprehensive monitoring and alerting
4. **Security**: Regular certificate rotation and security updates
5. **Testing**: Test message flows in staging before production
6. **Documentation**: Document all trading partner configurations
7. **Backup**: Regular backups of message archives and configurations
## Troubleshooting
### AS4 Messages Not Delivered
1. Check trading partner endpoint connectivity
2. Verify certificate validity
3. Check message format compliance
4. Review AS4 gateway logs
### Workflow Failures
1. Check workflow execution logs
2. Verify connector configurations
3. Test individual workflow steps
4. Check database connectivity
### Financial Message Errors
1. Validate message format
2. Check routing rules
3. Verify encryption/decryption
4. Review message transformation logs
## Next Steps
1. ✅ Deploy all three gateway VMs
2. ✅ Configure SSL/TLS certificates
3. ✅ Set up trading partners (AS4)
4. ✅ Create workflow templates
5. ✅ Configure message formats
6. ✅ Set up monitoring and alerting
7. ✅ Configure message archives
8. ✅ Test end-to-end message flows
9. ✅ Set up compliance reporting
10. ✅ Document trading partner configurations
---
**Last Updated**: 2025-12-08
**Status**: Production Ready
**Maintainer**: Phoenix Business Communications Team

479
docs/phoenix/CODESPACES_IDE_SETUP.md Normal file
View File

@@ -0,0 +1,479 @@
# Phoenix Codespaces IDE - Setup Guide
## Overview
Phoenix Codespaces IDE is a branded cloud-based development environment that provides VS Code in the browser with powerful AI capabilities similar to GitHub Copilot, plus AI agents for automation and assistance.
## Features
- **VS Code in Browser**: Full VS Code experience via code-server
- **AI Code Completion**: Copilot-like code suggestions and autocomplete
- **AI Agents**: Automated code generation, testing, and documentation
- **Git Integration**: Seamless integration with Phoenix Git server
- **Multi-Language Support**: Python, TypeScript, Go, and more
- **Phoenix Branding**: Customized interface with Phoenix branding
- **Workspace Templates**: Pre-configured environments for common stacks
- **Terminal Access**: Full terminal access within the IDE
## Architecture
```
┌─────────────────────────────────────────┐
│ Phoenix Codespaces IDE │
├─────────────────────────────────────────┤
│ ┌──────────────────────────────────┐ │
│ │ Code-Server (VS Code) │ │
│ │ - Extensions │ │
│ │ - Workspaces │ │
│ │ - Terminal │ │
│ └──────────────────────────────────┘ │
│ ┌──────────────────────────────────┐ │
│ │ AI Integration Layer │ │
│ │ - Copilot API │ │
│ │ - Code Completion │ │
│ │ - Code Generation │ │
│ └──────────────────────────────────┘ │
│ ┌──────────────────────────────────┐ │
│ │ AI Agents │ │
│ │ - LangChain │ │
│ │ - AutoGPT │ │
│ │ - Custom Phoenix Agents │ │
│ └──────────────────────────────────┘ │
│ ┌──────────────────────────────────┐ │
│ │ Git Integration │ │
│ │ - Phoenix Git Server │ │
│ │ - Repository Access │ │
│ └──────────────────────────────────┘ │
└─────────────────────────────────────────┘
```
## Initial Setup
### 1. Access the IDE
After VM deployment, access the IDE at:
- **URL**: `http://codespaces.sankofa.nexus` (after DNS configuration)
- **Direct IP**: `http://<VM_IP>:8080`
- **Default Password**: Set during first login (change immediately)
### 2. Change Default Password
```bash
# SSH into the VM
ssh admin@codespaces.sankofa.nexus
# Change code-server password
code-server --config /home/admin/.config/code-server/config.yaml
# Or edit the config file directly
nano /home/admin/.config/code-server/config.yaml
```
### 3. Configure SSL/TLS
```bash
# Install SSL certificate
sudo certbot --nginx -d codespaces.sankofa.nexus
# Update Nginx config to use HTTPS
sudo nano /etc/nginx/sites-available/phoenix-codespaces
```
## AI Integration Setup
### Option 1: GitHub Copilot Integration
1. **Get Copilot Token**:
- Visit: https://github.com/settings/tokens
- Create a personal access token with `copilot` scope
2. **Install Copilot Extension**:
```bash
# Via code-server CLI
code-server --install-extension GitHub.copilot
code-server --install-extension GitHub.copilot-chat
```
3. **Authenticate**:
- Open VS Code in browser
- Go to Extensions → GitHub Copilot
- Sign in with GitHub and authorize
### Option 2: Alternative AI Services
#### Tabby (Open Source)
```bash
# Install Tabby server
docker run -d \
--name tabby \
-p 8081:8080 \
-v tabby-data:/data \
tabbyml/tabby:latest
# Configure in VS Code
# Install Tabby extension
code-server --install-extension TabbyML.tabby
```
#### Codeium (Free Alternative)
```bash
# Install Codeium extension
code-server --install-extension Codeium.codeium
# Follow authentication in VS Code
```
#### Cursor (AI-First IDE)
```bash
# Install Cursor extension
code-server --install-extension cursor.cursor
```
### Option 3: Local AI Models
For sovereign AI without external APIs:
```bash
# Install Ollama (local LLM)
curl -fsSL https://ollama.ai/install.sh | sh
# Download models
ollama pull codellama
ollama pull deepseek-coder
ollama pull starcoder
# Configure VS Code extension
code-server --install-extension continue.continue
```
## AI Agents Setup
### LangChain Agent
1. **Install Dependencies**:
```bash
pip3 install langchain openai anthropic
pip3 install langchain-community langchain-core
```
2. **Create Agent Script**:
```python
# /opt/phoenix-ide/agents/langchain_agent.py
from langchain.agents import initialize_agent
from langchain.llms import OpenAI
llm = OpenAI(temperature=0)
agent = initialize_agent(
tools=[],
llm=llm,
agent="zero-shot-react-description"
)
```
### AutoGPT Integration
```bash
# Clone AutoGPT
cd /opt/phoenix-ide/agents
git clone https://github.com/Significant-Gravitas/AutoGPT.git
cd AutoGPT
pip3 install -r requirements.txt
# Configure
cp .env.template .env
nano .env # Add API keys
```
### Custom Phoenix AI Agent
Create a custom agent for Phoenix-specific tasks:
```python
# /opt/phoenix-ide/agents/phoenix_agent.py
class PhoenixAgent:
def __init__(self):
self.capabilities = [
"code_generation",
"code_review",
"test_generation",
"documentation",
"deployment_automation"
]
def generate_code(self, prompt, language):
# Implement code generation
pass
def review_code(self, code):
# Implement code review
pass
```
## VS Code Extensions
### Essential Extensions
```bash
# Development
code-server --install-extension ms-python.python
code-server --install-extension ms-vscode.vscode-typescript-next
code-server --install-extension golang.go
code-server --install-extension ms-vscode.vscode-json
# Git
code-server --install-extension eamodio.gitlens
code-server --install-extension mhutchie.git-graph
# Docker
code-server --install-extension ms-azuretools.vscode-docker
# AI
code-server --install-extension GitHub.copilot
code-server --install-extension GitHub.copilot-chat
# Phoenix-specific
code-server --install-extension ms-kubernetes-tools.vscode-kubernetes-tools
code-server --install-extension redhat.vscode-yaml
```
## Git Integration
### Connect to Phoenix Git Server
1. **Configure Git**:
```bash
git config --global user.name "Your Name"
git config --global user.email "your.email@sankofa.nexus"
```
2. **Add Git Server**:
```bash
# If using Gitea/GitLab
git remote add phoenix https://git.sankofa.nexus/username/repo.git
```
3. **SSH Key Setup**:
```bash
# Generate SSH key
ssh-keygen -t ed25519 -C "your.email@sankofa.nexus"
# Add to Git server
cat ~/.ssh/id_ed25519.pub
# Copy and add to Git server SSH keys
```
## Workspace Templates
### Node.js/TypeScript Template
```bash
# Create template
mkdir -p /opt/phoenix-ide/templates/nodejs-ts
cd /opt/phoenix-ide/templates/nodejs-ts
# Create template files
cat > package.json <<EOF
{
"name": "phoenix-nodejs-template",
"version": "1.0.0",
"scripts": {
"dev": "next dev",
"build": "next build"
}
}
EOF
```
### Python Template
```bash
mkdir -p /opt/phoenix-ide/templates/python
cd /opt/phoenix-ide/templates/python
cat > requirements.txt <<EOF
fastapi==0.104.1
uvicorn==0.24.0
pydantic==2.5.0
EOF
```
## Phoenix Branding
### Custom Theme
1. **Create Theme Extension**:
```bash
mkdir -p ~/.local/share/code-server/extensions/phoenix-theme
cd ~/.local/share/code-server/extensions/phoenix-theme
```
2. **Theme Configuration**:
```json
{
"name": "Phoenix Theme",
"colors": {
"editor.background": "#1a1a1a",
"editor.foreground": "#e0e0e0"
}
}
```
### Custom Logo
Replace code-server logo:
```bash
# Find logo location
find /usr/lib/code-server -name "*.png" -o -name "*.svg"
# Replace with Phoenix logo
sudo cp /opt/phoenix-ide/branding/logo.png /usr/lib/code-server/resources/logo.png
```
## Multi-User Support
### User Isolation
```bash
# Create systemd service for each user
sudo systemctl edit code-server@user1.service
sudo systemctl edit code-server@user2.service
# Each user gets their own port and workspace
```
### Docker-Based Isolation
```bash
# Use Docker for complete isolation
docker run -d \
--name codespaces-user1 \
-p 8081:8080 \
-v user1-workspace:/home/coder/workspace \
codercom/code-server:latest
```
## Performance Optimization
### Resource Limits
```bash
# Set CPU limits
sudo systemctl edit code-server@admin
# Add:
[Service]
CPUQuota=400%
```
### Cache Configuration
```bash
# Increase Node.js cache
export NODE_OPTIONS="--max-old-space-size=4096"
# Docker cache
docker system prune -a --volumes
```
## Security
### Firewall Rules
```bash
# Only allow specific IPs
sudo ufw allow from 192.168.11.0/24 to any port 8080
sudo ufw deny 8080
```
### Authentication
```bash
# Use OAuth2 with Keycloak
# Configure in code-server config.yaml
auth: oauth2
oauth2:
provider: keycloak
client-id: phoenix-codespaces
client-secret: <secret>
auth-url: https://keycloak.sankofa.nexus/auth
```
## Monitoring
### Health Checks
```bash
# Check code-server status
systemctl status code-server@admin
# Check Nginx
systemctl status nginx
# Check AI agent status
ps aux | grep phoenix-ai-agent
```
### Logs
```bash
# Code-server logs
journalctl -u code-server@admin -f
# Nginx logs
tail -f /var/log/nginx/access.log
tail -f /var/log/nginx/error.log
```
## Troubleshooting
### Code-Server Won't Start
```bash
# Check config
code-server --config /home/admin/.config/code-server/config.yaml --check
# Check ports
sudo netstat -tulpn | grep 8080
# Check permissions
ls -la /home/admin/.config/code-server/
```
### AI Not Working
```bash
# Check API keys
echo $OPENAI_API_KEY
echo $GITHUB_TOKEN
# Test API connection
curl https://api.openai.com/v1/models -H "Authorization: Bearer $OPENAI_API_KEY"
```
### Extension Issues
```bash
# Reinstall extensions
code-server --uninstall-extension <extension-id>
code-server --install-extension <extension-id>
# Clear extension cache
rm -rf ~/.local/share/code-server/extensions/*
```
## Next Steps
1. ✅ Configure SSL/TLS certificates
2. ✅ Set up AI integration (Copilot or alternative)
3. ✅ Install essential VS Code extensions
4. ✅ Connect to Phoenix Git server
5. ✅ Create workspace templates
6. ✅ Configure Phoenix branding
7. ✅ Set up AI agents
8. ✅ Configure multi-user support (if needed)
9. ✅ Set up monitoring and alerts
10. ✅ Document custom configurations
---
**Last Updated**: 2025-12-08
**Status**: Production Ready
**Maintainer**: Phoenix DevOps Team