# BreakPilot Compliance - Dokumentation

Willkommen zur Dokumentation des **BreakPilot Compliance**-Stacks (Team B: DSGVO/Compliance).

## Drei-Projekt-Architektur

BreakPilot besteht aus drei unabhaengigen Projekten:

| Projekt | Beschreibung | Docs |
|---------|-------------|------|
| **breakpilot-core** | Shared Infrastructure (DB, Cache, Vault, Nginx) | Port 8009 |
| **breakpilot-lehrer** | Bildungs-Stack | Port 8010 |
| **breakpilot-compliance** (dieses Projekt) | DSGVO/Compliance-Stack | Port 8011 |

Compliance haengt von Core ab (PostgreSQL, Valkey, Vault, Qdrant, MinIO, Embedding, RAG).

---

## Services

| Service | Container | Port | Tech | Beschreibung |
|---------|-----------|------|------|--------------|
| Admin Compliance | bp-compliance-admin | 3007 | Next.js | Compliance-Dashboard |
| Developer Portal | bp-compliance-developer-portal | 3006 | Next.js | API-Dokumentation fuer Kunden |
| Backend Compliance | bp-compliance-backend | 8002 | Python/FastAPI | Compliance API |
| AI Compliance SDK | bp-compliance-ai-sdk | 8090/8093 | Go/Gin | DSGVO-konforme KI-Nutzung |
| DSMS Node | bp-compliance-dsms-node | 4001/5001 | IPFS | Dezentrales Datenschutz-Management |
| DSMS Gateway | bp-compliance-dsms-gateway | 8082 | Node.js/Express | IPFS Gateway |
| Document Crawler | bp-compliance-document-crawler | 8098 | Python | Web-Crawler fuer Rechtstexte |

---

## SDK-Module

Das AI Compliance SDK implementiert folgende DSGVO-Module:

| Modul | Beschreibung |
|-------|--------------|
| **TOM** | Technisch-Organisatorische Massnahmen |
| **DSFA** | Datenschutz-Folgenabschaetzung |
| **VVT** | Verzeichnis von Verarbeitungstaetigkeiten |
| **Loeschfristen** | Loeschfristen-Verwaltung |
| **AI Act Compliance** | KI-Verordnung Konformitaet |
| **Consent Management** | Einwilligungs-Verwaltung |
| **DSR** | Betroffenenrechte (Art. 15-21 DSGVO) |
| **Academy** | Datenschutz-Schulungen |
| **Whistleblower** | Hinweisgebersystem (HinSchG) |
| **Incidents** | Datenschutz-Vorfaelle |
| **Vendors** | Auftragsverarbeiter-Management |
| **Reporting** | Compliance-Berichte |

---

## URLs

| URL | Service | Beschreibung |
|-----|---------|--------------|
| https://macmini:3007/ | Admin Compliance | Compliance-Dashboard |
| https://macmini:3006/ | Developer Portal | API-Dokumentation |
| https://macmini:8002/ | Backend API | Compliance REST API |
| https://macmini:8093/ | AI SDK API | SDK Backend-API |

### SDK-Module (Admin Compliance)

| URL | Modul |
|-----|-------|
| https://macmini:3007/sdk | SDK Uebersicht |
| https://macmini:3007/sdk/tom | TOM |
| https://macmini:3007/sdk/dsfa | DSFA |
| https://macmini:3007/sdk/vvt | VVT |
| https://macmini:3007/sdk/loeschfristen | Loeschfristen |
| https://macmini:3007/sdk/academy | Academy |
| https://macmini:3007/sdk/whistleblower | Whistleblower |
| https://macmini:3007/sdk/incidents | Incidents |

---

## Abhaengigkeiten zu Core

Compliance-Services nutzen folgende Core-Infrastruktur:

| Core Service | Genutzt von | Zweck |
|-------------|-------------|-------|
| PostgreSQL (5432) | Alle | Zentrale Datenbank |
| Valkey (6379) | Backend, Admin | Session Cache |
| Vault (8200) | Alle | Secrets Management |
| Qdrant (6333) | AI SDK, Document Crawler | Vector-Suche |
| MinIO (9000) | Document Crawler | Datei-Storage |
| Embedding (8087) | AI SDK | Text-Embeddings |
| RAG Service (8097) | AI SDK | Retrieval Augmented Generation |
| Nginx | Alle | HTTPS Reverse Proxy |

---

## Services-Dokumentation

- [AI Compliance SDK](services/ai-compliance-sdk/index.md)
  - [Architektur](services/ai-compliance-sdk/ARCHITECTURE.md)
  - [Developer Guide](services/ai-compliance-sdk/DEVELOPER.md)
  - [Auditor-Dokumentation](services/ai-compliance-sdk/AUDITOR_DOCUMENTATION.md)
  - [SBOM](services/ai-compliance-sdk/SBOM.md)
- [Document Crawler](services/document-crawler/index.md)
- SDK-Module:
  - [Academy](services/sdk-modules/academy.md)
  - [Whistleblower](services/sdk-modules/whistleblower.md)
  - [Incidents](services/sdk-modules/incidents.md)

## Entwicklung

- [Testing](development/testing.md)
- [Dokumentation](development/documentation.md)
- [CI/CD Pipeline](development/ci-cd-pipeline.md)

---

## Deployment

```bash
# Voraussetzung: breakpilot-core muss laufen

# Alle Compliance-Services starten
docker compose -f breakpilot-compliance/docker-compose.yml up -d

# Einzelnen Service neu bauen
docker compose -f breakpilot-compliance/docker-compose.yml build --no-cache <service>
docker compose -f breakpilot-compliance/docker-compose.yml up -d <service>
```

---

## Git

```bash
# Zwei Remotes - IMMER zu beiden pushen:
git push origin main && git push gitea main

# Remotes:
# origin: http://macmini:3003/pilotadmin/breakpilot-compliance.git
# gitea:  git@gitea.meghsakha.com:Benjamin_Boenisch/breakpilot-compliance.git
```