bao/nexus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
eeb6174de0b806b04ffc0dec5353d2ee67f8e36f
nexus/README.md
T
bao eeb6174de0 Initial commit: Nexus Mission Control Platform 
- ASP.NET Core 10 Backend (JWT Auth, Agent config API)
- Vue 3 Frontend (Dashboard, Team, Agents, Config Editor)
- PostgreSQL Database
- Docker Compose setup
- Mission Control Dashboard redesign
2026-06-09 16:31:56 +02:00

102 lines
3.6 KiB
Markdown
Raw Blame History

# Nexus
Nexus is the operations platform for the Noveria ecosystem. OpenClaw is an
adapter-backed agent runtime, not a dependency of the frontend or domain model.
## Current foundation
- Vue 3, TypeScript, Pinia, Vue Router and Tailwind CSS
- ASP.NET Core 10 REST API
- Entity Framework Core and PostgreSQL
- JWT owner authentication with rotating refresh sessions
- `IAgentRuntime` abstraction with an OpenClaw adapter
- `IModelProvider` abstractions for Ollama and NVIDIA
- Responsive dark-mode operations dashboard
- Container-only entry point on `127.0.0.1:18880`
## Local/container start
```bash
cp .env.example .env
# Replace every placeholder, especially POSTGRES_PASSWORD, JWT_KEY,
# OWNER_EMAIL and OWNER_PASSWORD.
docker compose up --build -d
curl http://127.0.0.1:18880/health
```
On an empty database the API creates exactly one owner from `OWNER_EMAIL`,
`OWNER_PASSWORD` and `OWNER_DISPLAY_NAME`. The password must contain at least 14
characters. Existing databases are never overwritten by the bootstrap process.
The web service is loopback-only. Public reverse-proxy activation for
`nexus.noveria.net` remains a separate infrastructure change and must terminate
TLS before forwarding to port `18880`.
## Authentication
- Passwords use versioned PBKDF2-SHA256 hashes with random salts and 210,000 iterations.
- Access tokens expire after 15 minutes and are held only in browser memory.
- Refresh tokens are random, stored only as SHA-256 hashes in PostgreSQL, rotated on use and checked for reuse.
- The browser receives the refresh token only as a `HttpOnly`, `Secure`, `SameSite=Strict` cookie.
- Login and refresh endpoints are rate-limited per forwarded client IP.
- All `/api/v1` operations routes require a valid access token; `/health` remains public.
- Swagger is enabled only in the Development environment.
## Security
- Never commit `.env`.
- Generate `JWT_KEY` from at least 32 random bytes.
- Rotate any credential that has appeared in chat before using it.
- Do not expose PostgreSQL or the API container directly.
- Keep OpenClaw behind the `IAgentRuntime` contract.
- Keep the API reachable only through the bundled web proxy or another trusted reverse proxy.
## Implemented Phase 1 modules
The SPA uses history-mode routes:
- `/login` owner login
- `/dashboard` operations snapshot
- `/projects` project portfolio
- `/tasks` task board
- `/agents` runtime and agent inventory
- `/models` provider routing status
- `/activity` audit timeline
- `/chat` mobile owner-chat preview
- `/settings` runtime and provider overview
The API currently exposes:
- `POST /api/v1/auth/login`
- `POST /api/v1/auth/refresh`
- `POST /api/v1/auth/logout`
- `GET /api/v1/auth/me`
- `GET /api/v1/operations/snapshot`
- `GET|POST /api/v1/projects`
- `GET|POST /api/v1/tasks`
- `PATCH /api/v1/tasks/{id}/state`
- `GET /api/v1/activity`
- `GET /api/v1/agents`
- `GET /api/v1/models`
- `GET /health`
Project and task mutations create activity records. The API applies committed EF
Core migrations after PostgreSQL becomes healthy. No destructive endpoints are
implemented.
## Runtime chat and model routing
`POST /api/v1/chat` routes authenticated owner messages through the
`IAgentRuntime` contract. The browser never receives a Gateway password or model
provider key. Conversation IDs are stable per browser and Iris is the default
agent target.
The configured model-routing policy is:
1. `qwen3:4b` through Ollama for routine and monitoring work
2. `moonshotai/kimi-k2.6` through NVIDIA for primary work
3. `gpt-5.5` through OpenClaw for strategic and critical review
The Settings module reports runtime and provider state without exposing
credentials.
Reference in New Issue View Git Blame Copy Permalink