feat: complete tOS project with HR, LEAN, Dashboard and Integrations modules

Full enterprise web operating system including: - Next.js 14 frontend with App Router, i18n (DE/EN), shadcn/ui - NestJS 10 backend with Prisma, JWT auth, Swagger docs - Keycloak 24 SSO with role-based access control - HR module (employees, time tracking, absences, org chart) - LEAN module (3S planning, morning meeting SQCDM, skill matrix) - Integrations module (PlentyONE, Zulip, Todoist, FreeScout, Nextcloud, ecoDMS, GembaDocs) - Dashboard with customizable drag & drop widget grid - Docker Compose infrastructure (PostgreSQL 16, Redis 7, Keycloak 24) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-06 19:37:55 +01:00
parent a2b6612e9e
commit fe305f6fc8
509 changed files with 81111 additions and 1 deletions
--- a/.env.example
+++ b/.env.example
@@ -0,0 +1,98 @@
+# =============================================================================
+# tOS Environment Configuration
+# =============================================================================
+# Copy this file to .env and fill in the values
+# NEVER commit .env to version control!
+# =============================================================================
+
+# -----------------------------------------------------------------------------
+# General
+# -----------------------------------------------------------------------------
+NODE_ENV=development
+TZ=Europe/Berlin
+
+# -----------------------------------------------------------------------------
+# Database (PostgreSQL)
+# -----------------------------------------------------------------------------
+# NOTE: Application uses tos_app (Keycloak uses tos_db)
+DATABASE_URL=postgresql://tos_user:tos_secret_password@localhost:5432/tos_app?schema=public
+
+# -----------------------------------------------------------------------------
+# Redis
+# -----------------------------------------------------------------------------
+REDIS_URL=redis://localhost:6379
+
+# -----------------------------------------------------------------------------
+# NextAuth.js Configuration
+# -----------------------------------------------------------------------------
+NEXTAUTH_SECRET=your-super-secret-nextauth-key-change-in-production
+NEXTAUTH_URL=http://localhost:3000
+
+# -----------------------------------------------------------------------------
+# Keycloak Configuration
+# -----------------------------------------------------------------------------
+# Frontend client (confidential - used by NextAuth)
+KEYCLOAK_ID=tos-frontend
+KEYCLOAK_SECRET=your-keycloak-frontend-secret
+KEYCLOAK_ISSUER=http://localhost:8080/realms/tOS
+
+# Backend client (confidential)
+KEYCLOAK_BACKEND_CLIENT_ID=tos-backend
+KEYCLOAK_BACKEND_CLIENT_SECRET=your-keycloak-backend-secret
+
+# -----------------------------------------------------------------------------
+# Security & Encryption
+# -----------------------------------------------------------------------------
+# REQUIRED in production! Generate with: openssl rand -base64 32
+ENCRYPTION_KEY=dev-encryption-key-32-bytes-long!
+
+# JWT secret for API token signing (generate with: openssl rand -base64 64)
+JWT_SECRET=your-jwt-secret-change-in-production
+
+# -----------------------------------------------------------------------------
+# API Configuration
+# -----------------------------------------------------------------------------
+API_PORT=3001
+API_PREFIX=api/v1
+API_CORS_ORIGINS=http://localhost:3000
+
+# -----------------------------------------------------------------------------
+# Frontend Configuration
+# -----------------------------------------------------------------------------
+NEXT_PUBLIC_API_URL=http://localhost:3001
+NEXT_PUBLIC_APP_URL=http://localhost:3000
+NEXT_PUBLIC_KEYCLOAK_URL=http://localhost:8080
+
+# -----------------------------------------------------------------------------
+# Integration API Keys (Phase 3 - variable names match config.validation.ts)
+# -----------------------------------------------------------------------------
+# PlentyONE (OAuth2 Client Credentials)
+PLENTYONE_BASE_URL=
+PLENTYONE_CLIENT_ID=
+PLENTYONE_CLIENT_SECRET=
+
+# ZULIP (Basic Auth with API Key)
+ZULIP_BASE_URL=
+ZULIP_EMAIL=
+ZULIP_API_KEY=
+
+# Todoist (Bearer Token)
+TODOIST_API_TOKEN=
+
+# FreeScout (API Key)
+FREESCOUT_API_URL=
+FREESCOUT_API_KEY=
+
+# Nextcloud (Basic Auth / App Password)
+NEXTCLOUD_URL=
+NEXTCLOUD_USERNAME=
+NEXTCLOUD_PASSWORD=
+
+# ecoDMS (Session-based Auth)
+ECODMS_API_URL=
+ECODMS_USERNAME=
+ECODMS_PASSWORD=
+
+# GembaDocs
+GEMBADOCS_API_URL=
+GEMBADOCS_API_KEY=