matthias/dashboard
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
dashboard/README.md
Matthias Hochmeister f09748f4a1 inital
2026-02-23 17:08:58 +01:00

411 lines
11 KiB
Markdown
Raw Permalink Blame History

# Feuerwehr Dashboard
A modern, secure web application for managing fire department operations with integrated Authentik SSO authentication.
## Overview
The Feuerwehr Dashboard is a full-stack web application designed specifically for fire departments (Feuerwehr) to manage operations, personnel, and administrative tasks. Built with modern technologies and security best practices, it provides a robust platform for fire service management.
## Features
### Authentication & Security
- OAuth 2.0 / OpenID Connect integration with Authentik
- Secure JWT-based session management
- Role-based access control (RBAC)
- Automatic token refresh
- Rate limiting and security headers (Helmet.js)
- CORS protection
### Dashboard & User Management
- Modern, responsive Material-UI interface
- Real-time user profile management
- Secure user session handling
- Multi-device support
- Dark mode ready
### Service Management
- Extensible service architecture
- Database-backed operations
- RESTful API design
- Health monitoring endpoints
## Tech Stack
### Frontend
- **React 18** - Modern UI library
- **TypeScript** - Type-safe development
- **Material-UI (MUI)** - Component library
- **React Router** - Client-side routing
- **Axios** - HTTP client
- **Vite** - Build tool and dev server
- **Nginx** - Production web server
### Backend
- **Node.js 18+** - Runtime environment
- **Express 5** - Web framework
- **TypeScript** - Type-safe development
- **PostgreSQL 16** - Database
- **jsonwebtoken** - JWT handling
- **Helmet** - Security middleware
- **Winston** - Logging
- **Zod** - Schema validation
### Infrastructure
- **Docker & Docker Compose** - Containerization
- **PostgreSQL 16 Alpine** - Production database
- **Nginx Alpine** - Frontend serving
- **Health checks** - Service monitoring
## Prerequisites
- **Docker** 20.10+ and **Docker Compose** 2.0+
- **Authentik** instance (self-hosted or cloud)
- **Node.js 18+** (for local development)
- **Git**
## Quick Start
Get the dashboard running in 3 simple steps:
### 1. Clone and Configure
```bash
git clone <your-repository-url>
cd feuerwehr_dashboard
cp .env.example .env
```
Edit `.env` with your configuration (see [Environment Variables](#environment-variables) section).
### 2. Configure Authentik
Follow the [Authentik Setup Guide](AUTHENTIK_SETUP.md) to create and configure your OAuth application.
### 3. Deploy
```bash
make prod
# or
./deploy.sh production
```
The dashboard will be available at `http://localhost` (or your configured domain).
## Project Structure
```
feuerwehr_dashboard/
├── backend/ # Node.js/Express backend
│ ├── src/
│ │ ├── config/ # Configuration files
│ │ ├── controllers/ # Request handlers
│ │ ├── database/ # Database setup and migrations
│ │ ├── middleware/ # Express middleware
│ │ ├── models/ # Data models
│ │ ├── routes/ # API routes
│ │ ├── services/ # Business logic
│ │ ├── types/ # TypeScript types
│ │ ├── utils/ # Utility functions
│ │ ├── app.ts # Express app setup
│ │ └── server.ts # Server entry point
│ ├── Dockerfile # Backend container
│ └── package.json
├── frontend/ # React/TypeScript frontend
│ ├── src/
│ │ ├── components/ # Reusable components
│ │ ├── contexts/ # React contexts
│ │ ├── pages/ # Page components
│ │ ├── services/ # API services
│ │ ├── theme/ # MUI theme
│ │ ├── types/ # TypeScript types
│ │ ├── utils/ # Utility functions
│ │ ├── App.tsx # Main app component
│ │ └── main.tsx # Entry point
│ ├── Dockerfile # Frontend container
│ ├── nginx.conf # Nginx configuration
│ └── package.json
├── docker-compose.yml # Production deployment
├── docker-compose.dev.yml # Development database
├── .env.example # Environment template
├── deploy.sh # Deployment script
├── Makefile # Make commands
├── README.md # This file
├── DEPLOYMENT.md # Deployment guide
├── DEVELOPMENT.md # Developer guide
├── AUTHENTIK_SETUP.md # Authentik configuration
├── API_DOCUMENTATION.md # API reference
├── ARCHITECTURE.md # System architecture
├── SECURITY.md # Security guidelines
├── CONTRIBUTING.md # Contribution guide
└── CHANGELOG.md # Version history
```
## Development Setup
For local development without Docker, follow these steps:
### 1. Start Development Database
```bash
make dev
# or
./deploy.sh local
```
This starts a PostgreSQL container with development credentials.
### 2. Install Dependencies
```bash
make install
# or manually:
cd backend && npm install
cd ../frontend && npm install
```
### 3. Configure Environment
Backend `.env` (in `backend/.env`):
```bash
DATABASE_URL=postgresql://dev_user:dev_password@localhost:5432/feuerwehr_dev
JWT_SECRET=your_development_secret
NODE_ENV=development
PORT=3000
```
Frontend `.env` (in `frontend/.env`):
```bash
VITE_API_URL=http://localhost:3000
```
### 4. Run Services
Terminal 1 - Backend:
```bash
cd backend
npm run dev
```
Terminal 2 - Frontend:
```bash
cd frontend
npm run dev
```
Access the app at `http://localhost:5173` (Vite dev server).
For more details, see [DEVELOPMENT.md](DEVELOPMENT.md).
## Production Deployment
For complete production deployment instructions, see [DEPLOYMENT.md](DEPLOYMENT.md).
### Quick Production Setup
1. **Configure environment variables** in `.env`:
- Set strong `POSTGRES_PASSWORD`
- Generate secure `JWT_SECRET` (use `openssl rand -base64 32`)
- Configure `CORS_ORIGIN` to match your frontend URL
- Set Authentik credentials
2. **Deploy all services**:
```bash
make prod
```
3. **Verify deployment**:
```bash
docker-compose ps
make logs-prod
```
## Environment Variables
### Required Variables
| Variable | Description | Example |
|----------|-------------|---------|
| `POSTGRES_PASSWORD` | Database password (production) | `SecureP@ssw0rd!` |
| `JWT_SECRET` | JWT signing secret | `openssl rand -base64 32` |
| `AUTHENTIK_CLIENT_ID` | OAuth client ID from Authentik | `abc123...` |
| `AUTHENTIK_CLIENT_SECRET` | OAuth client secret | `xyz789...` |
| `AUTHENTIK_ISSUER` | Authentik issuer URL | `https://auth.example.com/application/o/feuerwehr/` |
### Optional Variables
| Variable | Description | Default |
|----------|-------------|---------|
| `POSTGRES_DB` | Database name | `feuerwehr_prod` |
| `POSTGRES_USER` | Database user | `prod_user` |
| `POSTGRES_PORT` | Database port | `5432` |
| `BACKEND_PORT` | Backend API port | `3000` |
| `FRONTEND_PORT` | Frontend port | `80` |
| `NODE_ENV` | Node environment | `production` |
| `CORS_ORIGIN` | Allowed frontend origin | `http://localhost:80` |
| `VITE_API_URL` | Frontend API URL | `http://localhost:3000` |
For complete documentation, see [.env.example](.env.example).
## Available Commands
### Using Make (Recommended)
```bash
# Development
make dev # Start local development database
make logs-dev # Show development logs
make rebuild-dev # Rebuild development services
# Production
make prod # Deploy production environment
make logs-prod # Show production logs
make rebuild # Rebuild production services
# General
make stop # Stop all services
make clean # Remove all containers, volumes, and images
make install # Install all dependencies
make test # Run tests
make help # Show all available commands
```
### Using Deploy Script
```bash
./deploy.sh production # Deploy production
./deploy.sh local # Start local dev database
./deploy.sh stop # Stop all services
./deploy.sh logs # Show production logs
./deploy.sh rebuild # Rebuild services
./deploy.sh clean # Clean up everything
```
## Troubleshooting
### Database Connection Failed
**Symptoms**: Backend logs show database connection errors
**Solutions**:
```bash
# Check if database is running
docker-compose ps
# View database logs
make logs-dev # or logs-prod
# Restart database
docker-compose restart postgres
# Verify credentials in .env match docker-compose.yml
```
### Authentication Not Working
**Symptoms**: Login redirects fail or return errors
**Solutions**:
1. Verify Authentik configuration (see [AUTHENTIK_SETUP.md](AUTHENTIK_SETUP.md))
2. Check redirect URIs match exactly
3. Verify `AUTHENTIK_CLIENT_ID` and `AUTHENTIK_CLIENT_SECRET` in `.env`
4. Check browser console for CORS errors
5. Ensure `CORS_ORIGIN` matches your frontend URL
### Port Already in Use
**Symptoms**: Docker fails to start with "port already allocated"
**Solutions**:
```bash
# Find what's using the port
lsof -i :3000 # or :80, :5432
# Change ports in .env
BACKEND_PORT=3001
FRONTEND_PORT=8080
POSTGRES_PORT=5433
```
### Frontend Can't Reach Backend
**Symptoms**: API calls fail with network errors
**Solutions**:
1. Verify `VITE_API_URL` in `.env` matches backend URL
2. Check `CORS_ORIGIN` in backend allows frontend URL
3. Ensure backend is running: `curl http://localhost:3000/health`
4. Check network connectivity between containers
### Complete Reset
If all else fails:
```bash
make clean # Removes everything
make prod # Fresh deployment
```
For more issues, see [DEVELOPMENT.md](DEVELOPMENT.md#common-issues).
## API Documentation
See [API_DOCUMENTATION.md](API_DOCUMENTATION.md) for complete API reference.
### Quick API Overview
- `POST /api/auth/callback` - Handle OAuth callback
- `POST /api/auth/refresh` - Refresh access token
- `POST /api/auth/logout` - Logout user
- `GET /api/user/me` - Get current user
- `GET /health` - Health check endpoint
## Security
This application implements security best practices:
- OAuth 2.0 / OpenID Connect authentication
- JWT-based stateless sessions
- HTTP security headers (Helmet.js)
- CORS protection
- Rate limiting
- SQL injection protection (parameterized queries)
- XSS protection
- Secure password handling (delegated to Authentik)
For security guidelines and reporting vulnerabilities, see [SECURITY.md](SECURITY.md).
## Contributing
We welcome contributions! Please see [CONTRIBUTING.md](CONTRIBUTING.md) for:
- Code style guidelines
- Development workflow
- Pull request process
- Issue reporting
## Architecture
For system architecture, component diagrams, and data flow, see [ARCHITECTURE.md](ARCHITECTURE.md).
## Changelog
See [CHANGELOG.md](CHANGELOG.md) for version history and release notes.
## License
This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.
## Support
For questions or issues:
1. Check [Troubleshooting](#troubleshooting) section
2. Review relevant documentation files
3. Search existing issues
4. Create a new issue with detailed information
## Acknowledgments
- Built with modern open-source technologies
- Designed for fire department operations management
- Inspired by the need for secure, user-friendly emergency services software
Reference in New Issue View Git Blame Copy Permalink