4435e7ea0a
Services: Admin-Compliance, Backend-Compliance, AI-Compliance-SDK, Consent-SDK, Developer-Portal, PCA-Platform, DSMS Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
8.7 KiB
8.7 KiB
Breakpilot Service Coverage - Sprint 3
Übersicht
Vollständige Dokumentation aller 36 Breakpilot Services in der Compliance-Registry.
Service-Kategorien
Backend Services (11)
| Service | Port | PII | AI | Criticality | GDPR | AI Act | BSI-TR |
|---|---|---|---|---|---|---|---|
| python-backend | 8000 | ✓ | - | critical | ✓✓✓ | ✓✓ | ✓✓ |
| consent-service | 8081 | ✓ | - | critical | ✓✓✓ | - | ✓✓ |
| billing-service | 8083 | ✓ | - | critical | ✓✓✓ | - | - |
| school-service | 8084 | ✓ | - | high | ✓✓✓ | - | ✓✓ |
| calendar-service | 8085 | ✓ | - | medium | ✓✓ | - | - |
| h5p-service | 8082 | ✓ | - | medium | ✓✓ | - | - |
| website | 3000 | ✓ | - | high | ✓✓ | - | ✓✓ |
| dsms-gateway | 8082 | ✓ | - | medium | ✓✓ | - | - |
| erpnext | 8080 | ✓ | - | high | ✓✓✓ | - | - |
| camunda | 8089 | ✓ | - | medium | ✓✓ | - | - |
| compliance-module | - | - | ✓ | high | ✓✓ | ✓ | - |
AI Services (4)
| Service | Port | PII | AI | Criticality | GDPR | AI Act | Notes |
|---|---|---|---|---|---|---|---|
| klausur-service | 8086 | ✓ | ✓ | high | ✓✓✓ | ✓✓✓ | High-Risk KI (Bildung) |
| embedding-service | 8087 | - | ✓ | medium | ✓ | ✓✓ | RAG/Embeddings |
| transcription-worker | - | ✓ | ✓ | medium | ✓✓ | ✓✓ | Whisper ASR |
| llm-gateway | 8088 | ✓ | ✓ | high | ✓✓ | ✓✓✓ | LLM Orchestration |
| breakpilot-drive | 3001 | ✓ | ✓ | medium | ✓✓ | ✓✓ | Unity + LLM |
Databases (5)
| Service | Port | Type | PII | Criticality | GDPR | BSI-TR |
|---|---|---|---|---|---|---|
| postgresql | 5432 | Relational | ✓ | critical | ✓✓✓ | ✓✓✓ |
| qdrant | 6333 | Vector | - | medium | ✓ | ✓✓ |
| valkey | 6379 | Cache | ✓ | high | ✓✓ | ✓✓ |
| content-db | 5433 | Relational | - | medium | - | ✓✓ |
| erpnext-db | 3306 | MariaDB | ✓ | high | ✓✓ | ✓✓ |
Communication Services (6)
| Service | Port | PII | Criticality | GDPR | DSA | Notes |
|---|---|---|---|---|---|---|
| matrix-synapse | 8008 | ✓ | high | ✓✓✓ | ✓✓ | E2EE Chat |
| synapse-db | 5432 | ✓ | high | ✓✓✓ | - | Matrix DB |
| jitsi-meet | 8443 | ✓ | high | ✓✓✓ | - | Video Frontend |
| jitsi-prosody | 5222 | ✓ | high | ✓✓ | - | XMPP Server |
| jitsi-jicofo | - | - | medium | ✓ | - | Conference Focus |
| jitsi-jvb | 10000 | ✓ | high | ✓✓ | - | Video Bridge |
| jibri | - | ✓ | high | ✓✓✓ | - | Recording |
Storage Services (2)
| Service | Port | Type | PII | Criticality | GDPR | BSI-TR |
|---|---|---|---|---|---|---|
| minio | 9000 | S3 | ✓ | critical | ✓✓✓ | ✓✓ |
| dsms-node | 5001 | IPFS | ✓ | medium | ✓✓ | ✓✓ |
Infrastructure Services (5)
| Service | Port | PII | Criticality | GDPR | NIS2 | Notes |
|---|---|---|---|---|---|---|
| vault | 8200 | - | critical | ✓✓ | - | Secrets Management |
| traefik | 443 | ✓ | critical | - | ✓✓ | Reverse Proxy |
| mailpit | 8025 | ✓ | low | ✓ | - | Dev Mail Server |
| backup | - | ✓ | critical | ✓✓✓ | - | DB Backups |
Monitoring Services (3)
| Service | Port | PII | Criticality | GDPR | BSI-TR | Notes |
|---|---|---|---|---|---|---|
| loki | 3100 | ✓ | high | ✓✓ | ✓✓ | Log Aggregation |
| grafana | 3000 | - | medium | - | ✓✓ | Dashboards |
| prometheus | 9090 | - | medium | - | ✓✓ | Metrics |
Security Services (1)
| Service | Port | PII | Criticality | GDPR | BSI-TR | Notes |
|---|---|---|---|---|---|---|
| vault | 8200 | - | critical | ✓✓ | ✓✓✓ | Encryption as a Service |
Statistiken
Gesamt
- 36 Services dokumentiert
- 26 Services (72%) verarbeiten PII
- 5 Services (14%) enthalten KI-Komponenten
- 9 Services (25%) sind als "critical" eingestuft
Nach Service-Typ
Backend: 11 (31%)
Communication: 6 (17%)
Database: 5 (14%)
AI: 5 (14%)
Infrastructure: 5 (14%)
Monitoring: 3 (8%)
Storage: 2 (6%)
Security: 1 (3%)
Technologie-Stack (Top 10)
Python: 15 Services
PostgreSQL: 8 Services
FastAPI: 7 Services
Go: 4 Services
Java: 3 Services
JavaScript: 2 Services
WebRTC: 2 Services
Redis/Valkey: 2 Services
Nginx: 2 Services
Docker: 36 Services (alle)
Compliance-Abdeckung
GDPR
- Critical: 15 Services (consent, billing, school, postgresql, minio, backup, etc.)
- High: 10 Services (python-backend, klausur-service, matrix-synapse, etc.)
- Medium: 8 Services (calendar, embedding, dsms, etc.)
- Low: 3 Services (mailpit, etc.)
AI Act
- Critical: 3 Services (klausur-service, llm-gateway)
- High: 2 Services (python-backend)
- Medium: 5 Services (embedding-service, transcription-worker, compliance-module, etc.)
BSI-TR-03161
- Critical: 4 Services (postgresql, vault, backup)
- High: 8 Services (consent-service, school-service, matrix-synapse, etc.)
- Medium: 12 Services (qdrant, valkey, minio, etc.)
Port-Übersicht
Häufig genutzte Ports
8000 - python-backend
8008 - matrix-synapse
8025 - mailpit (Web UI)
8081 - consent-service
8082 - h5p-service / dsms-gateway (Konflikt möglich)
8083 - billing-service
8084 - school-service
8085 - calendar-service
8086 - klausur-service
8087 - embedding-service
8088 - llm-gateway
8089 - camunda
8090 - erpnext-frontend
8200 - vault
8443 - jitsi-meet
3000 - website / grafana (Konflikt möglich)
3001 - breakpilot-drive
3100 - loki
3306 - erpnext-db (MariaDB)
5001 - dsms-node (IPFS API)
5222 - jitsi-prosody (XMPP)
5432 - postgresql / synapse-db
5433 - content-db
6333 - qdrant
6379 - valkey (Redis)
9000 - minio (S3 API)
9001 - minio (Console)
9090 - prometheus
10000 - jitsi-jvb (UDP)
Erkannte Port-Konflikte
- Port 8082: h5p-service, dsms-gateway (beide in service_modules.py)
- Port 3000: website, grafana (beide in service_modules.py)
- Port 5432: postgresql, synapse-db (separater Service)
Hinweis: Konflikte in docker-compose.yml durch unterschiedliche Profile oder Host-Ports gelöst.
PII-Verarbeitung
Services die PII verarbeiten (26)
Critical PII Processing:
- consent-service (Einwilligungen)
- billing-service (Zahlungsdaten)
- school-service (Schülerdaten)
- postgresql (alle persistenten Daten)
- minio (Dateispeicher)
- backup (Datensicherung)
High PII Processing:
- python-backend (User-Daten, Dokumente)
- klausur-service (Klausuren, Korrekturen)
- matrix-synapse (Chat-Inhalte)
- jitsi-meet/jvb (Video/Audio)
- jibri (Aufzeichnungen)
- transcription-worker (Sprachaufnahmen)
KI-Komponenten
Services mit KI (5)
-
klausur-service (High-Risk AI)
- Claude API für Klausurkorrektur
- AI Act Art. 6 (Bildungsbereich)
- GDPR Art. 22 (automatisierte Entscheidungen)
-
embedding-service
- SentenceTransformers (lokal)
- General-Purpose AI System
-
transcription-worker
- Whisper ASR (OpenAI)
- Biometrische Daten (GDPR)
-
llm-gateway
- LLM Orchestrierung
- Externe API-Calls
-
breakpilot-drive
- Unity + LLM Integration
- Lernspiel mit KI
Kritikalität
Critical Services (9)
Ausfall führt zu System-Shutdown oder schwerwiegendem Datenverlust:
- python-backend
- consent-service
- billing-service
- postgresql
- minio
- vault
- traefik
- backup
High Services (10)
Wichtige Funktionalität, aber System kann degradiert weiterlaufen:
- klausur-service
- school-service
- website
- matrix-synapse
- jitsi-meet/jvb
- valkey
- loki
- erpnext
- erpnext-db
Medium Services (14)
Standard-Funktionalität:
- calendar-service
- embedding-service
- transcription-worker
- h5p-service
- qdrant
- dsms-node/gateway
- jitsi-jicofo
- grafana
- prometheus
- compliance-module
- camunda
- breakpilot-drive
Low Services (3)
Nur für Entwicklung/Testing:
- mailpit
- content-db
Nächste Schritte
Sprint 4 Planung
- Port-Konflikte auflösen (8082, 3000)
- Compliance-Score Berechnung
- Automatische Dependency-Graph-Erstellung
- Service-Health-Checks integrieren
- Gap-Analyse pro Service
- Dashboard für Service-Overview
Fehlende Services
Services in docker-compose.yml aber nicht kritisch für Compliance:
- erpnext-redis-queue
- erpnext-redis-cache
- erpnext-create-site (Init-Service)
- erpnext-backend
- erpnext-websocket
- erpnext-scheduler
- erpnext-worker-long
- erpnext-worker-short
Grund: Interne ERPNext Worker, keine separate Compliance-Relevanz.