529c37d91a
All checks were successful
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / test-go-ai-compliance (push) Successful in 35s
CI / test-python-backend-compliance (push) Successful in 30s
CI / test-python-document-crawler (push) Successful in 20s
CI / test-python-dsms-gateway (push) Successful in 28s
- admin-compliance: .dockerignore + Dockerfile bereinigt - dsfa-corpus/route.ts + legal-corpus/route.ts entfernt (obsolet) - webhooks/woodpecker/route.ts: minor fix - dsfa/[id]/page.tsx: Refactoring - service_modules.py + README.md: aktualisiert - Migration 028 → 032 umbenannt (legal_documents_extend) - docs: index.md + DEVELOPER.md aktualisiert Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
8.1 KiB
8.1 KiB
BreakPilot Compliance - Dokumentation
Willkommen zur Dokumentation des BreakPilot Compliance-Stacks (Team B: DSGVO/Compliance).
Drei-Projekt-Architektur
| Projekt | Beschreibung | Docs |
|---|---|---|
| breakpilot-core | Shared Infrastructure (DB, Cache, Vault, Nginx) | Port 8009 |
| breakpilot-lehrer | Bildungs-Stack | Port 8010 |
| breakpilot-compliance (dieses Projekt) | DSGVO/Compliance-Stack | Port 8011 |
Compliance haengt ausschliesslich von Core ab (PostgreSQL, Valkey, Vault, Qdrant, MinIO, Embedding, RAG). Es gibt keine Laufzeitabhaengigkeit zu breakpilot-lehrer.
Services
| Service | Container | Port | Tech | Beschreibung |
|---|---|---|---|---|
| Admin Compliance | bp-compliance-admin | 3007 | Next.js | Compliance-Dashboard |
| Developer Portal | bp-compliance-developer-portal | 3006 | Next.js | API-Dokumentation fuer Kunden |
| Backend Compliance | bp-compliance-backend | 8002 | Python/FastAPI | Compliance API |
| AI Compliance SDK | bp-compliance-ai-sdk | 8090/8093 | Go/Gin | DSGVO-konforme KI-Nutzung |
| DSMS Node | bp-compliance-dsms-node | 4001/5001 | IPFS | Dezentrales Datenschutz-Management |
| DSMS Gateway | bp-compliance-dsms-gateway | 8082 | Node.js/Express | IPFS Gateway |
| Document Crawler | bp-compliance-document-crawler | 8098 | Python | Web-Crawler fuer Rechtstexte |
SDK-Module (Kundenbereich)
Module die Compliance-Kunden im SDK sehen und nutzen:
| Modul | Beschreibung | Frontend |
|---|---|---|
| TOM | Technisch-Organisatorische Massnahmen | /sdk/tom |
| DSFA | Datenschutz-Folgenabschaetzung | /sdk/dsfa |
| VVT | Verzeichnis von Verarbeitungstaetigkeiten | /sdk/vvt |
| Loeschfristen | Loeschfristen-Verwaltung | /sdk/loeschfristen |
| Requirements | Compliance-Anforderungen (CRUD + RAG) | /sdk/requirements |
| Controls | Technische/Organisatorische Kontrollen | /sdk/controls |
| Evidence | Compliance-Nachweise mit Gueltigkeit | /sdk/evidence |
| Risk Matrix | 5x5 Risikomatrix (Inherent/Residual) | /sdk/risks |
| AI Act Compliance | KI-Verordnung Konformitaet | /sdk/ai-act |
| Audit Checklist | Audit-Checkliste mit Sign-Off | /sdk/audit-checklist |
| Audit Report | Audit-Berichte mit PDF-Export | /sdk/audit-report |
| Consent Management | Einwilligungs-Verwaltung | /sdk/einwilligungen |
| DSR | Betroffenenrechte (Art. 15-21 DSGVO) | /sdk/dsr |
| Academy | Datenschutz-Schulungen mit PDF-Zertifikaten | /sdk/academy |
| Whistleblower | Hinweisgebersystem (HinSchG) | /sdk/whistleblower |
| Incidents | Datenschutz-Vorfaelle (Art. 33/34 DSGVO) | /sdk/incidents |
| Vendors | Auftragsverarbeiter-Management | /sdk/vendor-compliance |
| Reporting | Compliance-Berichte fuer Top Management | /sdk/reporting |
| Industry Templates | Branchenvorlagen (E-Commerce, Gesundheit, etc.) | /sdk/industry-templates |
| Document Crawler | Automatisches Crawling von Rechtstexten | /sdk/document-crawler |
| Advisory Board | KI-Compliance-Beirat | /sdk/advisory-board |
Admin-Module (Plattform-Verwaltung)
Interne Tools fuer die BreakPilot-Plattformverwaltung:
| Modul | Beschreibung | Frontend |
|---|---|---|
| Katalogverwaltung | SDK-Kataloge & Auswahltabellen | /dashboard/catalog-manager |
| Mandantenverwaltung | B2B-Kundenverwaltung & Mandanten | /dashboard/multi-tenant |
| SSO-Konfiguration | Single Sign-On & Authentifizierung | /dashboard/sso |
| DSB Portal | Datenschutzbeauftragter-Arbeitsbereich | /dashboard/dsb-portal |
URLs
| URL | Service | Beschreibung |
|---|---|---|
| https://macmini:3007/ | Admin Compliance | Compliance-Dashboard |
| https://macmini:3006/ | Developer Portal | API-Dokumentation |
| https://macmini:8002/ | Backend API | Compliance REST API |
| https://macmini:8093/ | AI SDK API | SDK Backend-API |
SDK-Module (Admin Compliance)
| URL | Modul |
|---|---|
| https://macmini:3007/sdk | SDK Uebersicht |
| https://macmini:3007/sdk/requirements | Requirements |
| https://macmini:3007/sdk/controls | Controls |
| https://macmini:3007/sdk/evidence | Evidence |
| https://macmini:3007/sdk/risks | Risk Matrix |
| https://macmini:3007/sdk/ai-act | AI Act |
| https://macmini:3007/sdk/audit-checklist | Audit Checklist |
| https://macmini:3007/sdk/audit-report | Audit Report |
| https://macmini:3007/sdk/tom | TOM |
| https://macmini:3007/sdk/dsfa | DSFA |
| https://macmini:3007/sdk/vvt | VVT |
| https://macmini:3007/sdk/loeschfristen | Loeschfristen |
| https://macmini:3007/sdk/academy | Academy |
| https://macmini:3007/sdk/whistleblower | Whistleblower |
| https://macmini:3007/sdk/incidents | Incidents |
| https://macmini:3007/sdk/reporting | Reporting |
| https://macmini:3007/sdk/vendor-compliance | Vendor Compliance |
| https://macmini:3007/sdk/industry-templates | Branchenvorlagen |
| https://macmini:3007/sdk/document-crawler | Document Crawler |
| https://macmini:3007/sdk/advisory-board | Advisory Board |
Admin-Module (Dashboard)
| URL | Modul |
|---|---|
| https://macmini:3007/dashboard | Dashboard |
| https://macmini:3007/dashboard/catalog-manager | Katalogverwaltung |
| https://macmini:3007/dashboard/multi-tenant | Mandantenverwaltung |
| https://macmini:3007/dashboard/sso | SSO-Konfiguration |
| https://macmini:3007/dashboard/dsb-portal | DSB Portal |
Abhaengigkeiten zu Core
Compliance-Services nutzen folgende Core-Infrastruktur:
| Core Service | Genutzt von | Zweck |
|---|---|---|
| PostgreSQL (5432) | Alle | Zentrale Datenbank |
| Valkey (6379) | Backend, Admin | Session Cache |
| Vault (8200) | Alle | Secrets Management |
| Qdrant (6333) | AI SDK, Document Crawler | Vector-Suche |
| MinIO (9000) | Document Crawler | Datei-Storage |
| Embedding (8087) | AI SDK | Text-Embeddings |
| RAG Service (8097) | AI SDK | Retrieval Augmented Generation |
| Nginx | Alle | HTTPS Reverse Proxy |
Services-Dokumentation
- AI Compliance SDK
- Document Crawler
- SDK-Module:
- Analyse-Module (Paket 2) — Requirements, Controls, Evidence, Risk Matrix, AI Act, Audit Checklist, Audit Report
- Dokumentations-Module (Paket 3+) — VVT, Source Policy, Document Generator, Audit Checklist, Training Engine
- DSFA (Art. 35 DSGVO) — vollständig backend-persistent, Migration 024
- Rechtliche Texte (Paket 4) — Einwilligungen, Consent, Cookie Banner, Workflow
- Academy
- Whistleblower
- Incidents
- Reporting
- Vendors
- Industry Templates
- Document Crawler
- Advisory Board
- DSB Portal
Entwicklung
Deployment
# Voraussetzung: breakpilot-core muss laufen
# Alle Compliance-Services starten
docker compose -f breakpilot-compliance/docker-compose.yml up -d
# Einzelnen Service neu bauen
docker compose -f breakpilot-compliance/docker-compose.yml build --no-cache <service>
docker compose -f breakpilot-compliance/docker-compose.yml up -d <service>
Git
# Zwei Remotes - IMMER zu beiden pushen:
git push origin main && git push gitea main
# Remotes:
# origin: http://macmini:3003/pilotadmin/breakpilot-compliance.git
# gitea: git@gitea.meghsakha.com:Benjamin_Boenisch/breakpilot-compliance.git