iris
a79d8282dc
- 15 Controller-Klassen ersetzen Minimal APIs in Program.cs - Repository Pattern mit Interfaces + Implementierungen (Project, Task, Activity, User) - AuthService verwendet jetzt IUserRepository statt direktem DbContext-Zugriff - SecurityHeadersMiddleware als eigenständige Middleware-Klasse - PathSecurityHelper als gemeinsamer Helper für Pfadvalidierung - DTOs in eigenem Namespace Nexus.Api.DTOs - EF-Entities in Nexus.Api.Data (vorher Nexus.Api.Domain) - Program.cs auf DI-Registrierung + Middleware reduziert - Alle 43 Endpoints unverändert erhalten - Build + 3/3 Tests erfolgreich
Nexus
Nexus is the operations platform for the Noveria ecosystem. OpenClaw is an adapter-backed agent runtime, not a dependency of the frontend or domain model.
Current foundation
- Vue 3, TypeScript, Pinia, Vue Router and Tailwind CSS
- ASP.NET Core 10 REST API
- Entity Framework Core and PostgreSQL
- JWT owner authentication with rotating refresh sessions
IAgentRuntimeabstraction with an OpenClaw adapterIModelProviderabstractions for Ollama and NVIDIA- Responsive dark-mode operations dashboard
- Container-only entry point on
127.0.0.1:18880
Local/container start
cp .env.example .env
# Replace every placeholder, especially POSTGRES_PASSWORD, JWT_KEY,
# OWNER_EMAIL and OWNER_PASSWORD.
docker compose up --build -d
curl http://127.0.0.1:18880/health
On an empty database the API creates exactly one owner from OWNER_EMAIL,
OWNER_PASSWORD and OWNER_DISPLAY_NAME. The password must contain at least 14
characters. Existing databases are never overwritten by the bootstrap process.
The web service is loopback-only. Public reverse-proxy activation for
nexus.noveria.net remains a separate infrastructure change and must terminate
TLS before forwarding to port 18880.
Authentication
- Passwords use versioned PBKDF2-SHA256 hashes with random salts and 210,000 iterations.
- Access tokens expire after 15 minutes and are held only in browser memory.
- Refresh tokens are random, stored only as SHA-256 hashes in PostgreSQL, rotated on use and checked for reuse.
- The browser receives the refresh token only as a
HttpOnly,Secure,SameSite=Strictcookie. - Login and refresh endpoints are rate-limited per forwarded client IP.
- All
/api/v1operations routes require a valid access token;/healthremains public. - Swagger is enabled only in the Development environment.
Security
- Never commit
.env. - Generate
JWT_KEYfrom at least 32 random bytes. - Rotate any credential that has appeared in chat before using it.
- Do not expose PostgreSQL or the API container directly.
- Keep OpenClaw behind the
IAgentRuntimecontract. - Keep the API reachable only through the bundled web proxy or another trusted reverse proxy.
Implemented Phase 1 modules
The SPA uses history-mode routes:
/loginowner login/dashboardoperations snapshot/projectsproject portfolio/taskstask board/agentsruntime and agent inventory/modelsprovider routing status/activityaudit timeline/chatmobile owner-chat preview/settingsruntime and provider overview
The API currently exposes:
POST /api/v1/auth/loginPOST /api/v1/auth/refreshPOST /api/v1/auth/logoutGET /api/v1/auth/meGET /api/v1/operations/snapshotGET|POST /api/v1/projectsGET|POST /api/v1/tasksPATCH /api/v1/tasks/{id}/stateGET /api/v1/activityGET /api/v1/agentsGET /api/v1/modelsGET /health
Project and task mutations create activity records. The API applies committed EF Core migrations after PostgreSQL becomes healthy. No destructive endpoints are implemented.
Runtime chat and model routing
POST /api/v1/chat routes authenticated owner messages through the
IAgentRuntime contract. The browser never receives a Gateway password or model
provider key. Conversation IDs are stable per browser and Iris is the default
agent target.
The configured model-routing policy is:
qwen3:4bthrough Ollama for routine and monitoring workmoonshotai/kimi-k2.6through NVIDIA for primary workgpt-5.5through OpenClaw for strategic and critical review
The Settings module reports runtime and provider state without exposing credentials.