sheppy/opendesk
1
0
Fork 0
mirror of https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk.git synced 2025-12-06 07:21:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
e52343440d81c0596177399058b4711cc0d5da67
opendesk/docs/components.md
Thorsten Roßner 4d99bf3bf0 fix(docs): Spell check and streamline.
2024-05-24 18:36:13 +02:00

6.6 KiB
Raw Blame History

Components

This section covers the internal system requirements as well as external service requirements for productive use.

Overview

openDesk consists out of a variety of open-source projects. Here is a list with the description and type.

Components of type Eval are used for development and evaluation purposes only, they need to be replaced in production deployments.

Component Description Type
Certificates TLS certificates Eval
ClamAV (Distributed) Antivirus engine Eval
ClamAV (Simple) Antivirus engine Eval
Collabora Weboffice Functional
CryptPad Weboffice Functional
Element Secure communications platform Functional
Intercom Service Cross service data exchange Functional
Jitsi Videoconferencing Functional
MariaDB Database Eval
Memcached Cache Database Eval
MinIO Object Storage Eval
Nextcloud File share Functional
OpenProject Project management Functional
OX Appsuite Groupware Functional
OX Dovecot Mail backend (IMAP) Functional
Provisioning (OX Connector) Groupware provisioning Functional
Postfix MTA Eval
PostgreSQL Database Eval
Redis Cache Database Eval
Univention Management Stack Identity Management & Portal Functional
XWiki Knowledge Management Functional

Component integration

Some use cases require inter component integration.

flowchart TD
  OXAppSuiteFrontend-->|SilentLogin, Filepicker, CentralNavigation|IntercomService
  Element-->|CentralNavigation|IntercomService
  IntercomService-->|SilentLogin, TokenExchange|IdP
  IntercomService-->|Filepicker|Nextcloud
  IntercomService-->|CentralNavigation|Portal
  OXAppSuiteBackend-->|Filepicker|Nextcloud
  Nextcloud-->|CentralNavigation|Portal
  OpenProject-->|CentralNavigation|Portal
  OpenProject-->|File store|Nextcloud
  XWiki-->|CentralNavigation|Portal
  Nextcloud-->|CentralContacts|OXAppSuiteBackend
  OXAppSuiteFrontend-->|Filepicker|OXAppSuiteBackend

Intercom Service (ICS)

The Univention Intercom Service's role is to enable cross-application integration based on browser interaction. Handling authentication when the frontend of an application is using the API from another application is often a challenge. For more details on the ICS please refer to its own doc.

To establish a session with the Intercom Service, the application that wants to use the ICS must initiate a silent login.

Currently only OX AppSuite is using the frontend-based integration, and therefore it is right now the only consumer of the ICS API.

Filepicker

The Nextcloud filepicker which is integrated into the OX AppSuite allows you to add attachments or links to files from and saving attachments to Nextcloud.

The filepicker is using frontend and backend based integration. Frontend-based integration means that OX AppSuite in the browser is communicating with ICS. While using backend-based integration, OX AppSuite middleware is communicating with Nextcloud, which is especially used when adding a file to an email or storing a file into Nextcloud.

Central Navigation

Central navigation is based on an API endpoint in the portal that provides the contents of the portal for a user to allow components to render the menu showing all available SWP applications for the user.

(Read & write) Central contacts

Open-Xchange App Suite is used to manage contacts within openDesk. There is an API in the AppSuite that is being used by Nextcloud to lookup contacts as well as to create contacts. This is maybe done when a file is shared with a not yet available personal contact.

OpenProject file store

By default, Nextcloud is a configured option for storing attachments in OpenProject. The file store can be enabled on a per-project level in OpenProject's project admin section.

Identity data flows

An overview of

  • components that consume the LDAP service.
    • The components accessing the LDAP using a component specific LDAP search account.
  • components using Univention Keycloak as identity provider (IdP).
    • If not otherwise denoted the components make use of OAuth2 / OIDC flows.
    • All components have a client configured in Keycloak, except for Jitsi which is using authentication with the Authorization Code Flow that does not require an OIDC client to be configured in Keycloak.

Some components trust others to handle authentication for them.

flowchart TD
    K[IdP]-->L[LDAP]
    N[Nextcloud]-->L
    O[OpenProject] --> L
    A[OX AppSuite]-->L
    D[OX Dovecot]-->L
    P[Portal/Admin]-->L
    X[XWiki]-->L
    A-->K
    N-->K
    D-->K
    O-->K
    X-->K
    P-->|SAML|K
    E[Element]-->K
    J[Jitsi]-->K
    I[IntercomService]-->K
    C[Collabora]-->N
    R[CryptPad]-->N
    F[Postfix]-->D

Provisioning

Currently, active provisioning is only done for OX AppSuite. The OX-Connector is synchronizing, creating, modifying and deleting activities for the following objects to the OX AppSuite using the AppSuite's SOAP API:

  • Contexts
  • Users
  • Groups
  • Functional Mailboxes
  • Resources
Reference in New Issue View Git Blame Copy Permalink