flfeders/FEDEO
2
1
Fork 0
Code Issues 95 Pull Requests Actions Packages Projects 22 Releases Wiki Activity

Compare commits

base: flfeders:bace26c084611d50adc791cd42fa4d8d3fa32fde
Branches Tags
flfeders:main flfeders:dev flfeders:uichange
..
compare: flfeders:14470da7dc8f4d5ec7027c94e961d50a91139e4e
Branches Tags
flfeders:dev flfeders:uichange flfeders:main

8 Commits
bace26c084 ... 14470da7dc

Author SHA1 Message Date
florianfederspiel
14470da7dc KI-AGENT: Webseite in Docker-Workflow aufgenommen
All checks were successful
Build and Push Docker Images / build-backend (push) Successful in 18s
Details
Build and Push Docker Images / build-frontend (push) Successful in 10s
Details
Build and Push Docker Images / build-website (push) Successful in 26s
Details
Build and Push Docker Images / build-docs (push) Successful in 10s
Details
2026-05-19 22:01:54 +02:00
florianfederspiel
85ac33c334 KI-AGENT: Neue Logo-Dateien in Webseite verwendet 2026-05-19 21:58:47 +02:00
florianfederspiel
9e38a488c8 KI-AGENT: Impressum auf Federspiel Technology aktualisiert 2026-05-19 21:49:56 +02:00
florianfederspiel
ed6283b9e1 KI-AGENT: Farbgebung der Webseite auf Grün aktualisiert 2026-05-19 21:44:09 +02:00
florianfederspiel
2d2e8552f0 KI-AGENT: Neue Nuxt-Webseite für FEDEO erstellt 2026-05-19 21:40:27 +02:00
florianfederspiel
25ed99b356 KI-AGENT: Ergänze geführtes Selfhost Setup 2026-05-19 20:45:54 +02:00
florianfederspiel
6cc7dc87ad KI-AGENT: Überspringe fehlende S3-Dateien beim Mandantenexport 2026-05-19 19:47:38 +02:00
florianfederspiel
697abc99fa KI-AGENT: Starte Matrix im Selfhost ohne Profil 2026-05-19 19:00:35 +02:00
20 changed files with 12370 additions and 77 deletions
Expand all files Collapse all files

8
.env.example
View File

@@ -64,9 +64,9 @@ FEDEO_BOOTSTRAP_TENANT_SHORT=MEIN
# FEDEO Matrix-Kommunikation
#
# Diese Werte werden von docker-compose.yml und docker-compose.selfhost.yml
# gelesen, wenn das Profil "matrix" genutzt wird. Für produktive Systeme
# müssen alle Geheimnisse ersetzt werden.
# Diese Werte werden von docker-compose.selfhost.yml für den integrierten
# Matrix-Stack gelesen. Für produktive Systeme müssen alle Geheimnisse ersetzt
# werden.
MATRIX_SERVER_NAME=app.example.com
@@ -84,7 +84,7 @@ MATRIX_HOMESERVER_URL=http://matrix-synapse:8008
MATRIX_RTC_HOST=app.example.com
MATRIX_RTC_JWT_URL=https://app.example.com/livekit/jwt
MATRIX_LIVEKIT_URL=wss://app.example.com/livekit/sfu
MATRIX_REGISTRATION_SHARED_SECRET=copy-from-matrix-synapse-homeserver-yaml
MATRIX_REGISTRATION_SHARED_SECRET=change-this-matrix-registration-secret
MATRIX_SERVICE_USER_LOCALPART=fedeo_service
NUXT_PUBLIC_MATRIX_ELEMENT_URL=https://app.example.com/element

34
.gitea/workflows/build-push.yaml
View File

@@ -1,5 +1,5 @@
name: Build and Push Docker Images
run-name: Build Backend, Frontend & Docs by @${{ github.actor }}
run-name: Build Backend, Frontend, Website & Docs by @${{ github.actor }}
on: [push]
@@ -135,3 +135,35 @@ jobs:
push: true
tags: ${{ steps.meta-docs.outputs.tags }}
labels: ${{ steps.meta-docs.outputs.labels }}
build-website:
#needs: verify-docs-sync
runs-on: ubuntu-latest
steps:
- name: Check out repository code
uses: actions/checkout@v3
- name: Log in to Docker Registry
uses: docker/login-action@v2
with:
registry: ${{ env.REGISTRY_HOST }}
username: ${{ env.ACTOR }}
password: ${{ vars.CI_TOKEN }}
- name: Extract metadata (tags, labels) for Website
id: meta-website
uses: docker/metadata-action@v4
with:
images: ${{ env.REGISTRY_HOST }}/${{ env.IMAGE_NAME }}/website
tags: |
type=ref,event=branch
type=ref,event=tag
type=raw,value=latest,enable=${{ github.ref == 'refs/heads/main' }}
- name: Build and push Website
uses: docker/build-push-action@v4
with:
context: ./website
push: true
tags: ${{ steps.meta-website.outputs.tags }}
labels: ${{ steps.meta-website.outputs.labels }}

3
.gitignore vendored
View File

@@ -1,4 +1,7 @@
.env
node_modules/
.nuxt/
.output/
# Lokale Runtime-Daten und generierte Konfigurationen
matrix/postgres/

41
README.md
View File

@@ -132,6 +132,26 @@ cp .env.example .env
Ersetze anschließend alle Platzhalter und passe mindestens `DOMAIN`, `CONTACT_EMAIL`, Datenbank-, Secret-, SMTP- und S3-Werte an.
Alternativ kannst du die Konfiguration geführt erzeugen lassen:
```bash
bash scripts/selfhost-setup.sh
```
Für den schnellen Standardpfad:
```bash
bash scripts/selfhost-setup.sh --simple
```
Für mehr Rückfragen zu SMTP, API-Schlüsseln und optionalen Diensten:
```bash
bash scripts/selfhost-setup.sh --advanced
```
Der Assistent erklärt zuerst die Selfhost-Verzeichnisstruktur, schreibt anschließend `.env`, legt persistente Verzeichnisse inklusive `traefik/letsencrypt/acme.json` an und kann den Stack optional direkt starten.
## Beispiel `.env`
Diese Datei liegt neben der `docker-compose.yml`:
@@ -201,7 +221,7 @@ MATRIX_HOMESERVER_URL=http://matrix-synapse:8008
MATRIX_RTC_HOST=app.example.com
MATRIX_RTC_JWT_URL=https://app.example.com/livekit/jwt
MATRIX_LIVEKIT_URL=wss://app.example.com/livekit/sfu
MATRIX_REGISTRATION_SHARED_SECRET=copy-from-matrix-synapse-homeserver-yaml
MATRIX_REGISTRATION_SHARED_SECRET=change-this-matrix-registration-secret
MATRIX_SERVICE_USER_LOCALPART=fedeo_service
LIVEKIT_KEY=fedeo-livekit
LIVEKIT_SECRET=change-this-livekit-secret-please-replace
@@ -214,7 +234,7 @@ Die `FEDEO_BOOTSTRAP_*`-Werte sind für den ersten Start gedacht. Wenn `FEDEO_BO
Die Selfhost-Konfiguration liegt in `docker-compose.selfhost.yml`. Sie startet MinIO standardmäßig mit. Wenn du stattdessen AWS S3, Hetzner Object Storage, Backblaze B2 S3 oder einen anderen externen S3-Dienst nutzen willst, kannst du die Services `minio` und `createbuckets` entfernen und nur die entsprechenden S3-Umgebungsvariablen auf den externen Anbieter zeigen lassen.
Der Matrix-Stack ist im Selfhost-Compose als optionales Profil `matrix` enthalten. Er umfasst Synapse, eine eigene PostgreSQL-Datenbank für Synapse, Redis, `.well-known/matrix`, coturn, LiveKit, den LiveKit-JWT-Service und Element Web. Das einfache Selfhost-Setup nutzt nur `DOMAIN`: Synapse läuft unter `https://DOMAIN/_matrix`, Matrix-Well-Known unter `https://DOMAIN/.well-known/matrix`, LiveKit unter `https://DOMAIN/livekit/sfu`, der JWT-Service unter `https://DOMAIN/livekit/jwt` und Element Web unter `https://DOMAIN/element`. Vor dem ersten Start musst du `matrix/synapse/homeserver.yaml` erzeugen und `matrix/selfhost/element-config.json` auf deine Domain anpassen.
Der Matrix-Stack ist im Selfhost-Compose direkt enthalten. Er umfasst Synapse, eine eigene PostgreSQL-Datenbank für Synapse, Redis, `.well-known/matrix`, coturn, LiveKit, den LiveKit-JWT-Service und Element Web. Das einfache Selfhost-Setup nutzt nur `DOMAIN`: Synapse läuft unter `https://DOMAIN/_matrix`, Matrix-Well-Known unter `https://DOMAIN/.well-known/matrix`, LiveKit unter `https://DOMAIN/livekit/sfu`, der JWT-Service unter `https://DOMAIN/livekit/jwt` und Element Web unter `https://DOMAIN/element`.
Das Backend führt beim Containerstart standardmäßig `npm run migrate` aus. Setze `FEDEO_RUN_MIGRATIONS=false`, wenn du Migrationen bewusst manuell ausführen möchtest.
@@ -416,22 +436,7 @@ docker compose -f docker-compose.selfhost.yml build
docker compose -f docker-compose.selfhost.yml up -d
```
Mit Matrix-Profil:
```bash
docker compose -f docker-compose.selfhost.yml --profile matrix up -d
```
Synapse-Konfiguration vor dem ersten Matrix-Start erzeugen:
```bash
docker compose -f docker-compose.selfhost.yml --profile matrix run --rm \
-e SYNAPSE_SERVER_NAME="${MATRIX_SERVER_NAME}" \
-e SYNAPSE_REPORT_STATS=no \
matrix-synapse generate
```
Danach in `matrix/synapse/homeserver.yaml` mindestens Datenbank, Redis, `public_baseurl`, TURN und `registration_shared_secret` setzen. Der Wert von `registration_shared_secret` muss zusätzlich als `MATRIX_REGISTRATION_SHARED_SECRET` in die `.env`, damit FEDEO Matrix-Nutzer provisionieren kann.
Synapse erzeugt `matrix/synapse/homeserver.yaml` beim ersten Start automatisch und aktualisiert die für FEDEO relevanten Werte aus der `.env`. `MATRIX_REGISTRATION_SHARED_SECRET` muss in der `.env` gesetzt und geheim bleiben, weil FEDEO damit Matrix-Nutzer provisioniert.
Danach Status prufen:

55
backend/src/utils/tenantFullExport.ts
View File

@@ -25,7 +25,9 @@ export type TenantFullExport = {
name: string | null
mimeType: string | null
size: number | null
contentBase64: string
contentBase64: string | null
missing?: boolean
error?: string
}[]
}
@@ -121,18 +123,37 @@ const decryptEntityBankAccountsForExport = (rows: Record<string, any>[] = []) =>
})
}
const isMissingObjectError = (err: any) =>
err?.Code === "NoSuchKey" ||
err?.name === "NoSuchKey" ||
err?.$metadata?.httpStatusCode === 404
const loadObjectAsBase64 = async (path: string) => {
const { Body } = await s3.send(new GetObjectCommand({
Bucket: secrets.S3_BUCKET,
Key: path,
}))
try {
const { Body } = await s3.send(new GetObjectCommand({
Bucket: secrets.S3_BUCKET,
Key: path,
}))
const chunks: Buffer[] = []
for await (const chunk of Body as any) {
chunks.push(Buffer.isBuffer(chunk) ? chunk : Buffer.from(chunk))
const chunks: Buffer[] = []
for await (const chunk of Body as any) {
chunks.push(Buffer.isBuffer(chunk) ? chunk : Buffer.from(chunk))
}
return {
contentBase64: Buffer.concat(chunks).toString("base64"),
missing: false,
error: null,
}
} catch (err: any) {
if (!isMissingObjectError(err)) throw err
return {
contentBase64: null,
missing: true,
error: err?.Code || err?.name || "NoSuchKey",
}
}
return Buffer.concat(chunks).toString("base64")
}
export const buildTenantFullExport = async (server: FastifyInstance, tenantId: number): Promise<TenantFullExport> => {
@@ -198,13 +219,25 @@ export const buildTenantFullExport = async (server: FastifyInstance, tenantId: n
for (const file of fileRows) {
if (!file.path) continue
const object = await loadObjectAsBase64(file.path)
if (object.missing) {
server.log.warn({
fileId: file.id,
path: file.path,
bucket: secrets.S3_BUCKET,
error: object.error,
}, "Tenant full export skipped missing S3 object")
}
files.push({
id: file.id,
path: file.path,
name: file.name || null,
mimeType: file.mimeType || null,
size: file.size || null,
contentBase64: await loadObjectAsBase64(file.path),
contentBase64: object.contentBase64,
missing: object.missing || undefined,
error: object.error || undefined,
})
}

142
docker-compose.selfhost.yml
View File

@@ -135,10 +135,10 @@ services:
MATRIX_RTC_HOST: ${MATRIX_RTC_HOST:-${DOMAIN}}
MATRIX_RTC_JWT_URL: ${MATRIX_RTC_JWT_URL:-}
MATRIX_LIVEKIT_URL: ${MATRIX_LIVEKIT_URL:-}
MATRIX_REGISTRATION_SHARED_SECRET: ${MATRIX_REGISTRATION_SHARED_SECRET:-}
MATRIX_REGISTRATION_SHARED_SECRET: ${MATRIX_REGISTRATION_SHARED_SECRET:-change-this-matrix-registration-secret}
MATRIX_SERVICE_USER_LOCALPART: ${MATRIX_SERVICE_USER_LOCALPART:-fedeo_service}
LIVEKIT_KEY: ${LIVEKIT_KEY:-fedeo-livekit}
LIVEKIT_SECRET: ${LIVEKIT_SECRET:-}
LIVEKIT_SECRET: ${LIVEKIT_SECRET:-change-this-livekit-secret-please-replace}
labels:
- traefik.enable=true
- traefik.http.routers.fedeo-backend.rule=Host(`${DOMAIN}`) && PathPrefix(`/backend`)
@@ -178,8 +178,6 @@ services:
image: postgres:16-alpine
container_name: fedeo-matrix-db
restart: unless-stopped
profiles:
- matrix
environment:
POSTGRES_DB: ${MATRIX_POSTGRES_DB:-synapse}
POSTGRES_USER: ${MATRIX_POSTGRES_USER:-synapse}
@@ -199,8 +197,6 @@ services:
image: redis:7-alpine
container_name: fedeo-matrix-redis
restart: unless-stopped
profiles:
- matrix
networks:
- internal
@@ -208,15 +204,79 @@ services:
image: ghcr.io/element-hq/synapse:latest
container_name: fedeo-matrix-synapse
restart: unless-stopped
profiles:
- matrix
depends_on:
matrix-db:
condition: service_healthy
matrix-redis:
condition: service_started
environment:
DOMAIN: ${DOMAIN}
MATRIX_POSTGRES_DB: ${MATRIX_POSTGRES_DB:-synapse}
MATRIX_POSTGRES_USER: ${MATRIX_POSTGRES_USER:-synapse}
MATRIX_POSTGRES_PASSWORD: ${MATRIX_POSTGRES_PASSWORD:-change-this-matrix-db-password}
MATRIX_REGISTRATION_SHARED_SECRET: ${MATRIX_REGISTRATION_SHARED_SECRET:-change-this-matrix-registration-secret}
MATRIX_SERVER_NAME: ${MATRIX_SERVER_NAME:-${DOMAIN}}
MATRIX_TURN_SHARED_SECRET: ${MATRIX_TURN_SHARED_SECRET:-change-this-turn-secret}
SYNAPSE_CONFIG_PATH: /data/homeserver.yaml
SYNAPSE_REPORT_STATS: "no"
SYNAPSE_SERVER_NAME: ${MATRIX_SERVER_NAME:-${DOMAIN}}
entrypoint: /bin/sh
command:
- -ec
- |
if [ ! -f /data/homeserver.yaml ]; then
/start.py generate
fi
python - <<'PY'
import os
import yaml
path = "/data/homeserver.yaml"
with open(path, "r", encoding="utf-8") as handle:
config = yaml.safe_load(handle) or {}
domain = os.environ["DOMAIN"]
server_name = os.environ.get("MATRIX_SERVER_NAME") or domain
config["server_name"] = server_name
config["public_baseurl"] = f"https://{domain}/"
config["database"] = {
"name": "psycopg2",
"args": {
"user": os.environ.get("MATRIX_POSTGRES_USER", "synapse"),
"password": os.environ["MATRIX_POSTGRES_PASSWORD"],
"database": os.environ.get("MATRIX_POSTGRES_DB", "synapse"),
"host": "matrix-db",
"cp_min": 5,
"cp_max": 10,
},
}
config["redis"] = {"enabled": True, "host": "matrix-redis"}
config["registration_shared_secret"] = os.environ["MATRIX_REGISTRATION_SHARED_SECRET"]
config["turn_uris"] = [
f"turn:{domain}:3478?transport=udp",
f"turn:{domain}:3478?transport=tcp",
]
config["turn_shared_secret"] = os.environ["MATRIX_TURN_SHARED_SECRET"]
config["turn_user_lifetime"] = "1h"
config["enable_registration"] = False
config["experimental_features"] = {
**(config.get("experimental_features") or {}),
"msc3266_enabled": True,
"msc4222_enabled": True,
}
config["login_via_existing_session"] = {
"enabled": True,
"require_ui_auth": False,
"token_timeout": "5m",
}
config["max_event_delay_duration"] = "24h"
config["rc_message"] = {"per_second": 0.5, "burst_count": 30}
config["rc_delayed_event_mgmt"] = {"per_second": 1, "burst_count": 20}
with open(path, "w", encoding="utf-8") as handle:
yaml.safe_dump(config, handle, sort_keys=False)
PY
exec /start.py
volumes:
- ./matrix/synapse:/data
labels:
@@ -234,10 +294,30 @@ services:
image: nginx:1.27-alpine
container_name: fedeo-matrix-well-known
restart: unless-stopped
profiles:
- matrix
volumes:
- ./matrix/well-known:/usr/share/nginx/html/.well-known/matrix:ro
command:
- /bin/sh
- -ec
- |
mkdir -p /usr/share/nginx/html/.well-known/matrix
cat >/usr/share/nginx/html/.well-known/matrix/client <<EOF
{
"m.homeserver": {
"base_url": "https://${DOMAIN}"
},
"org.matrix.msc4143.rtc_foci": [
{
"type": "livekit",
"livekit_service_url": "https://${DOMAIN}/livekit/jwt"
}
]
}
EOF
cat >/usr/share/nginx/html/.well-known/matrix/server <<EOF
{
"m.server": "${MATRIX_SERVER_NAME:-${DOMAIN}}:443"
}
EOF
exec nginx -g 'daemon off;'
labels:
- traefik.enable=true
- traefik.http.middlewares.fedeo-matrix-well-known-cors.headers.accesscontrolalloworiginlist=*
@@ -256,8 +336,6 @@ services:
image: instrumentisto/coturn:4
container_name: fedeo-matrix-turn
restart: unless-stopped
profiles:
- matrix
command:
- --fingerprint
- --use-auth-secret
@@ -282,8 +360,6 @@ services:
image: livekit/livekit-server:v1.9
container_name: fedeo-matrix-livekit
restart: unless-stopped
profiles:
- matrix
depends_on:
- matrix-redis
entrypoint: /bin/sh
@@ -325,8 +401,6 @@ services:
image: ghcr.io/element-hq/lk-jwt-service:latest
container_name: fedeo-matrix-rtc-jwt
restart: unless-stopped
profiles:
- matrix
depends_on:
- matrix-livekit
- matrix-synapse
@@ -353,10 +427,34 @@ services:
image: vectorim/element-web:latest
container_name: fedeo-matrix-element
restart: unless-stopped
profiles:
- matrix
volumes:
- ./matrix/selfhost/element-config.json:/app/config.json:ro
entrypoint: /bin/sh
command:
- -ec
- |
cat >/app/config.json <<EOF
{
"default_server_config": {
"m.homeserver": {
"base_url": "https://${DOMAIN}",
"server_name": "${MATRIX_SERVER_NAME:-${DOMAIN}}"
}
},
"org.matrix.msc4143.rtc_foci": [
{
"type": "livekit",
"livekit_service_url": "https://${DOMAIN}/livekit/jwt"
}
],
"disable_custom_urls": false,
"disable_guests": true,
"brand": "FEDEO Matrix",
"default_theme": "light",
"features": {
"feature_video_rooms": true
}
}
EOF
exec nginx -g 'daemon off;'
labels:
- traefik.enable=true
- traefik.http.routers.fedeo-matrix-element.rule=Host(`${DOMAIN}`) && PathPrefix(`/element`)

21
matrix/selfhost/element-config.json
View File

@@ -1,21 +0,0 @@
{
"default_server_config": {
"m.homeserver": {
"base_url": "https://app.example.com",
"server_name": "app.example.com"
}
},
"org.matrix.msc4143.rtc_foci": [
{
"type": "livekit",
"livekit_service_url": "https://app.example.com/livekit/jwt"
}
],
"disable_custom_urls": false,
"disable_guests": true,
"brand": "FEDEO Matrix",
"default_theme": "light",
"features": {
"feature_video_rooms": true
}
}

469
scripts/selfhost-setup.sh Executable file
View File

@@ -0,0 +1,469 @@
#!/usr/bin/env bash
set -euo pipefail
ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
ENV_FILE="$ROOT_DIR/.env"
ENV_EXAMPLE="$ROOT_DIR/.env.example"
COMPOSE_FILE="$ROOT_DIR/docker-compose.selfhost.yml"
MODE=""
START_STACK="ask"
FORCE="false"
usage() {
cat <<'USAGE'
FEDEO Selfhost Setup
Nutzung:
bash scripts/selfhost-setup.sh
bash scripts/selfhost-setup.sh --simple
bash scripts/selfhost-setup.sh --advanced
bash scripts/selfhost-setup.sh --simple --start
Optionen:
--simple Kurzer Assistent mit lokalen Diensten und sicheren Defaults
--advanced Fragt zusätzliche Integrationen wie SMTP, OpenAI und DATEV-nahes Umfeld ab
--start Startet den Stack nach dem Schreiben der Konfiguration
--no-start Schreibt nur Konfiguration und Verzeichnisse
--force Überschreibt eine vorhandene .env ohne Rückfrage
USAGE
}
while [[ $# -gt 0 ]]; do
case "$1" in
--simple)
MODE="simple"
;;
--advanced)
MODE="advanced"
;;
--start)
START_STACK="yes"
;;
--no-start)
START_STACK="no"
;;
--force)
FORCE="true"
;;
-h|--help)
usage
exit 0
;;
*)
echo "Unbekannte Option: $1" >&2
usage
exit 1
;;
esac
shift
done
need_file() {
if [[ ! -f "$1" ]]; then
echo "Fehlt: $1" >&2
exit 1
fi
}
random_secret() {
if command -v openssl >/dev/null 2>&1; then
openssl rand -base64 48 | tr -d '\n'
else
LC_ALL=C tr -dc 'A-Za-z0-9' </dev/urandom | head -c 64
fi
}
env_quote() {
local value="$1"
value="${value//\'/\'\\\'\'}"
printf "'%s'" "$value"
}
prompt() {
local label="$1"
local default_value="${2:-}"
local value
if [[ -n "$default_value" ]]; then
read -r -p "$label [$default_value]: " value
echo "${value:-$default_value}"
else
read -r -p "$label: " value
echo "$value"
fi
}
prompt_required() {
local label="$1"
local default_value="${2:-}"
local value
while true; do
value="$(prompt "$label" "$default_value")"
if [[ -n "$value" ]]; then
echo "$value"
return
fi
echo "Bitte einen Wert eintragen." >&2
done
}
prompt_secret() {
local label="$1"
local default_value="${2:-}"
local value
if [[ -n "$default_value" ]]; then
read -r -s -p "$label [vorbelegt, Enter übernimmt]: " value
echo >&2
echo "${value:-$default_value}"
else
read -r -s -p "$label: " value
echo >&2
echo "$value"
fi
}
yes_no() {
local label="$1"
local default_value="${2:-n}"
local answer
while true; do
read -r -p "$label [$default_value]: " answer
answer="${answer:-$default_value}"
case "$answer" in
y|Y|j|J|yes|Yes|ja|Ja)
return 0
;;
n|N|no|No|nein|Nein)
return 1
;;
*)
echo "Bitte ja oder nein eingeben."
;;
esac
done
}
choose_mode() {
if [[ -n "$MODE" ]]; then
return
fi
echo
echo "Setup-Modus"
echo " 1) einfach - Domain, Admin, lokale Datenbank, MinIO, Matrix"
echo " 2) advanced - zusätzlich SMTP, externe Schlüssel und optionale Dienste"
echo
local choice
while true; do
read -r -p "Modus wählen [1]: " choice
case "${choice:-1}" in
1|einfach|simple)
MODE="simple"
return
;;
2|advanced|erweitert)
MODE="advanced"
return
;;
*)
echo "Bitte 1 oder 2 wählen."
;;
esac
done
}
print_structure_guide() {
cat <<EOF
FEDEO Selfhost Setup
Dieses Script führt dich durch die lokale Betriebsstruktur:
$ROOT_DIR/
docker-compose.selfhost.yml Docker Stack für FEDEO, Traefik, PostgreSQL, MinIO und Matrix
.env Zielkonfiguration, wird von diesem Script geschrieben
postgres/ persistente FEDEO-Datenbank
minio/ lokaler S3-kompatibler Dateispeicher
matrix/postgres/ persistente Synapse-Datenbank
matrix/synapse/ generierte Synapse-Konfiguration und Matrix-Daten
traefik/letsencrypt/ Let's-Encrypt-Zertifikate
traefik/logs/ Traefik-Logs
Öffentliche Endpunkte auf einer Domain:
https://DOMAIN/ FEDEO Frontend
https://DOMAIN/backend FEDEO API
https://DOMAIN/_matrix Matrix Homeserver
https://DOMAIN/.well-known Matrix Discovery
https://DOMAIN/livekit/sfu LiveKit
https://DOMAIN/livekit/jwt LiveKit JWT-Service
https://DOMAIN/element Element Web
EOF
}
write_env() {
local domain="$1"
local contact_email="$2"
local db_password="$3"
local minio_password="$4"
local cookie_secret="$5"
local jwt_secret="$6"
local encryption_key="$7"
local m2m_key="$8"
local admin_email="$9"
local admin_password="${10}"
local admin_first_name="${11}"
local admin_last_name="${12}"
local tenant_name="${13}"
local tenant_short="${14}"
local matrix_db_password="${15}"
local matrix_turn_secret="${16}"
local matrix_registration_secret="${17}"
local livekit_secret="${18}"
local mailer_host="${19}"
local mailer_port="${20}"
local mailer_ssl="${21}"
local mailer_user="${22}"
local mailer_pass="${23}"
local mailer_from="${24}"
local web_push_public="${25}"
local web_push_private="${26}"
local pdf_license="${27}"
local openai_key="${28}"
local stirling_key="${29}"
local gocardless_secret_id="${30}"
local gocardless_secret_key="${31}"
local dokubox_host="${32}"
local dokubox_port="${33}"
local dokubox_secure="${34}"
local dokubox_user="${35}"
local dokubox_password="${36}"
cat >"$ENV_FILE" <<EOF
# FEDEO Selfhosting
DOMAIN=$(env_quote "$domain")
CONTACT_EMAIL=$(env_quote "$contact_email")
DB_NAME=$(env_quote "fedeo")
DB_USER=$(env_quote "fedeo")
DB_PASSWORD=$(env_quote "$db_password")
DATABASE_URL=$(env_quote "postgres://fedeo:$db_password@db:5432/fedeo")
MINIO_ROOT_USER=$(env_quote "fedeo-minio")
MINIO_ROOT_PASSWORD=$(env_quote "$minio_password")
MINIO_BUCKET=$(env_quote "fedeo")
HOST=$(env_quote "0.0.0.0")
PORT=$(env_quote "3100")
FEDEO_RUN_MIGRATIONS=$(env_quote "true")
COOKIE_SECRET=$(env_quote "$cookie_secret")
JWT_SECRET=$(env_quote "$jwt_secret")
ENCRYPTION_KEY=$(env_quote "$encryption_key")
MAILER_SMTP_HOST=$(env_quote "$mailer_host")
MAILER_SMTP_PORT=$(env_quote "$mailer_port")
MAILER_SMTP_SSL=$(env_quote "$mailer_ssl")
MAILER_SMTP_USER=$(env_quote "$mailer_user")
MAILER_SMTP_PASS=$(env_quote "$mailer_pass")
MAILER_FROM=$(env_quote "$mailer_from")
WEB_PUSH_PUBLIC_KEY=$(env_quote "$web_push_public")
WEB_PUSH_PRIVATE_KEY=$(env_quote "$web_push_private")
WEB_PUSH_SUBJECT=$(env_quote "mailto:$contact_email")
S3_ENDPOINT=$(env_quote "http://minio:9000")
S3_REGION=$(env_quote "eu-central-1")
S3_ACCESS_KEY=$(env_quote "fedeo-minio")
S3_SECRET_KEY=$(env_quote "$minio_password")
S3_BUCKET=$(env_quote "fedeo")
M2M_API_KEY=$(env_quote "$m2m_key")
API_BASE_URL=$(env_quote "https://$domain/backend")
GOCARDLESS_BASE_URL=$(env_quote "https://api.gocardless.com")
GOCARDLESS_SECRET_ID=$(env_quote "$gocardless_secret_id")
GOCARDLESS_SECRET_KEY=$(env_quote "$gocardless_secret_key")
DOKUBOX_IMAP_HOST=$(env_quote "$dokubox_host")
DOKUBOX_IMAP_PORT=$(env_quote "$dokubox_port")
DOKUBOX_IMAP_SECURE=$(env_quote "$dokubox_secure")
DOKUBOX_IMAP_USER=$(env_quote "$dokubox_user")
DOKUBOX_IMAP_PASSWORD=$(env_quote "$dokubox_password")
OPENAI_API_KEY=$(env_quote "$openai_key")
STIRLING_API_KEY=$(env_quote "$stirling_key")
NUXT_PUBLIC_PDF_LICENSE=$(env_quote "$pdf_license")
FEDEO_BOOTSTRAP_ADMIN_EMAIL=$(env_quote "$admin_email")
FEDEO_BOOTSTRAP_ADMIN_PASSWORD=$(env_quote "$admin_password")
FEDEO_BOOTSTRAP_ADMIN_FIRST_NAME=$(env_quote "$admin_first_name")
FEDEO_BOOTSTRAP_ADMIN_LAST_NAME=$(env_quote "$admin_last_name")
FEDEO_BOOTSTRAP_TENANT_NAME=$(env_quote "$tenant_name")
FEDEO_BOOTSTRAP_TENANT_SHORT=$(env_quote "$tenant_short")
MATRIX_SERVER_NAME=$(env_quote "$domain")
MATRIX_POSTGRES_DB=$(env_quote "synapse")
MATRIX_POSTGRES_USER=$(env_quote "synapse")
MATRIX_POSTGRES_PASSWORD=$(env_quote "$matrix_db_password")
MATRIX_TURN_SHARED_SECRET=$(env_quote "$matrix_turn_secret")
LIVEKIT_KEY=$(env_quote "fedeo-livekit")
LIVEKIT_SECRET=$(env_quote "$livekit_secret")
MATRIX_HOMESERVER_URL=$(env_quote "http://matrix-synapse:8008")
MATRIX_RTC_HOST=$(env_quote "$domain")
MATRIX_RTC_JWT_URL=$(env_quote "https://$domain/livekit/jwt")
MATRIX_LIVEKIT_URL=$(env_quote "wss://$domain/livekit/sfu")
MATRIX_REGISTRATION_SHARED_SECRET=$(env_quote "$matrix_registration_secret")
MATRIX_SERVICE_USER_LOCALPART=$(env_quote "fedeo_service")
NUXT_PUBLIC_MATRIX_ELEMENT_URL=$(env_quote "https://$domain/element")
EOF
}
prepare_directories() {
mkdir -p \
"$ROOT_DIR/traefik/letsencrypt" \
"$ROOT_DIR/traefik/logs" \
"$ROOT_DIR/postgres" \
"$ROOT_DIR/minio" \
"$ROOT_DIR/matrix/postgres" \
"$ROOT_DIR/matrix/synapse"
touch "$ROOT_DIR/traefik/letsencrypt/acme.json"
chmod 600 "$ROOT_DIR/traefik/letsencrypt/acme.json"
}
main() {
need_file "$COMPOSE_FILE"
need_file "$ENV_EXAMPLE"
print_structure_guide
choose_mode
if [[ -f "$ENV_FILE" && "$FORCE" != "true" ]]; then
if yes_no ".env existiert bereits. Backup erstellen und überschreiben?" "n"; then
cp "$ENV_FILE" "$ENV_FILE.$(date +%Y%m%d-%H%M%S).bak"
else
echo "Abgebrochen, .env bleibt unverändert."
exit 0
fi
fi
echo
echo "Basis"
local domain contact_email admin_email admin_password admin_first_name admin_last_name tenant_name tenant_short
domain="$(prompt_required "Domain für FEDEO" "app.example.com")"
contact_email="$(prompt_required "Kontakt-E-Mail für Let's Encrypt" "admin@example.com")"
admin_email="$(prompt_required "Erster Admin-Login" "$contact_email")"
admin_password="$(prompt_secret "Erstes Admin-Passwort" "$(random_secret)")"
admin_first_name="$(prompt_required "Admin-Vorname" "Admin")"
admin_last_name="$(prompt_required "Admin-Nachname" "Benutzer")"
tenant_name="$(prompt_required "Name des ersten Mandanten" "Mein Unternehmen")"
tenant_short="$(prompt_required "Kurzname des ersten Mandanten" "MEIN")"
echo
echo "Secrets werden automatisch erzeugt."
local db_password minio_password cookie_secret jwt_secret encryption_key m2m_key
local matrix_db_password matrix_turn_secret matrix_registration_secret livekit_secret
db_password="$(random_secret)"
minio_password="$(random_secret)"
cookie_secret="$(random_secret)"
jwt_secret="$(random_secret)"
encryption_key="$(random_secret)"
m2m_key="$(random_secret)"
matrix_db_password="$(random_secret)"
matrix_turn_secret="$(random_secret)"
matrix_registration_secret="$(random_secret)"
livekit_secret="$(random_secret)"
local mailer_host="smtp.example.com"
local mailer_port="587"
local mailer_ssl="false"
local mailer_user="mailer@example.com"
local mailer_pass="change-this-mail-password"
local mailer_from="FEDEO <no-reply@example.com>"
local web_push_public="replace-this-web-push-public-key"
local web_push_private="replace-this-web-push-private-key"
local pdf_license="replace-with-your-pdf-license"
local openai_key="replace-this"
local stirling_key="replace-this"
local gocardless_secret_id="replace-this"
local gocardless_secret_key="replace-this"
local dokubox_host="imap.example.com"
local dokubox_port="993"
local dokubox_secure="true"
local dokubox_user="dokubox@example.com"
local dokubox_password="change-this-imap-password"
if [[ "$MODE" == "advanced" ]]; then
echo
echo "Advanced: SMTP"
mailer_host="$(prompt "SMTP Host" "$mailer_host")"
mailer_port="$(prompt "SMTP Port" "$mailer_port")"
mailer_ssl="$(prompt "SMTP SSL true/false" "$mailer_ssl")"
mailer_user="$(prompt "SMTP Benutzer" "$mailer_user")"
mailer_pass="$(prompt_secret "SMTP Passwort" "$mailer_pass")"
mailer_from="$(prompt "Absender" "FEDEO <no-reply@$domain>")"
echo
echo "Advanced: optionale Schlüssel"
pdf_license="$(prompt "PDF-Lizenz" "$pdf_license")"
openai_key="$(prompt_secret "OpenAI API Key" "$openai_key")"
stirling_key="$(prompt_secret "Stirling API Key" "$stirling_key")"
web_push_public="$(prompt "Web Push Public Key" "$web_push_public")"
web_push_private="$(prompt_secret "Web Push Private Key" "$web_push_private")"
echo
echo "Advanced: Banking und Dokubox"
gocardless_secret_id="$(prompt "GoCardless Secret ID" "$gocardless_secret_id")"
gocardless_secret_key="$(prompt_secret "GoCardless Secret Key" "$gocardless_secret_key")"
dokubox_host="$(prompt "Dokubox IMAP Host" "$dokubox_host")"
dokubox_port="$(prompt "Dokubox IMAP Port" "$dokubox_port")"
dokubox_secure="$(prompt "Dokubox IMAP Secure true/false" "$dokubox_secure")"
dokubox_user="$(prompt "Dokubox IMAP Benutzer" "$dokubox_user")"
dokubox_password="$(prompt_secret "Dokubox IMAP Passwort" "$dokubox_password")"
fi
write_env \
"$domain" "$contact_email" "$db_password" "$minio_password" \
"$cookie_secret" "$jwt_secret" "$encryption_key" "$m2m_key" \
"$admin_email" "$admin_password" "$admin_first_name" "$admin_last_name" \
"$tenant_name" "$tenant_short" "$matrix_db_password" "$matrix_turn_secret" \
"$matrix_registration_secret" "$livekit_secret" "$mailer_host" "$mailer_port" \
"$mailer_ssl" "$mailer_user" "$mailer_pass" "$mailer_from" "$web_push_public" \
"$web_push_private" "$pdf_license" "$openai_key" "$stirling_key" \
"$gocardless_secret_id" "$gocardless_secret_key" "$dokubox_host" \
"$dokubox_port" "$dokubox_secure" "$dokubox_user" "$dokubox_password"
prepare_directories
echo
echo "Konfiguration geschrieben:"
echo " $ENV_FILE"
echo
echo "Vor dem Start prüfen:"
echo " 1. DNS zeigt auf diesen Server: $domain"
echo " 2. Ports 80, 443, 3478/tcp, 3478/udp, 5349/tcp, 49160-49200/udp sind offen"
echo " 3. Platzhalter für optionale Dienste in .env bei Bedarf ersetzen"
if [[ "$START_STACK" == "ask" ]]; then
if yes_no "Stack jetzt mit Docker Compose starten?" "n"; then
START_STACK="yes"
else
START_STACK="no"
fi
fi
if [[ "$START_STACK" == "yes" ]]; then
docker compose -f "$COMPOSE_FILE" up -d
else
echo
echo "Start später mit:"
echo " docker compose -f docker-compose.selfhost.yml up -d"
fi
}
main

6
website/.dockerignore Normal file
View File

@@ -0,0 +1,6 @@
node_modules
.nuxt
.output
.data
.env
npm-debug.log*

19
website/Dockerfile Normal file
View File

@@ -0,0 +1,19 @@
FROM node:20-alpine AS builder
WORKDIR /app/website
COPY package.json package-lock.json ./
RUN npm ci
COPY . ./
RUN npm run build
FROM node:20-alpine AS runner
WORKDIR /app/website
ENV NODE_ENV=production
ENV NUXT_HOST=0.0.0.0
ENV NUXT_PORT=3000
COPY --from=builder /app/website/.output ./.output
EXPOSE 3000
CMD ["node", ".output/server/index.mjs"]

3
website/app/app.vue Normal file
View File

@@ -0,0 +1,3 @@
<template>
<NuxtPage />
</template>

593
website/app/assets/css/main.css Normal file
View File

@@ -0,0 +1,593 @@
:root {
--accent: #69c350;
--accent-dark: #2f7f24;
--accent-soft: rgba(105, 195, 80, 0.18);
--ink: #17211f;
color: #17211f;
background: #f6f2ea;
font-family: Inter, ui-sans-serif, system-ui, -apple-system, BlinkMacSystemFont, "Segoe UI", sans-serif;
scroll-behavior: smooth;
}
* {
box-sizing: border-box;
}
body {
margin: 0;
background:
radial-gradient(circle at 15% 15%, var(--accent-soft), transparent 28rem),
linear-gradient(180deg, #f7f3ec 0%, #ffffff 45%, #eef8eb 100%);
}
a {
color: inherit;
text-decoration: none;
}
main {
min-height: 100vh;
}
.site-header {
align-items: center;
backdrop-filter: blur(20px);
background: rgba(247, 243, 236, 0.84);
border-bottom: 1px solid rgba(23, 33, 31, 0.1);
display: flex;
gap: 2rem;
justify-content: space-between;
left: 0;
padding: 1rem clamp(1rem, 4vw, 4.5rem);
position: sticky;
right: 0;
top: 0;
z-index: 20;
}
.brand img,
footer img {
display: block;
height: 2.4rem;
width: auto;
}
nav {
align-items: center;
display: flex;
flex-wrap: wrap;
gap: 0.35rem 1.25rem;
justify-content: flex-end;
font-size: 0.95rem;
}
nav a {
color: #44514d;
}
nav a:hover {
color: var(--accent-dark);
}
.login-link {
border: 1px solid rgba(105, 195, 80, 0.38);
border-radius: 999px;
color: var(--accent-dark);
padding: 0.55rem 0.9rem;
}
.hero-section {
align-items: center;
display: grid;
gap: clamp(2rem, 6vw, 5rem);
grid-template-columns: minmax(0, 0.95fr) minmax(20rem, 1.05fr);
min-height: calc(100vh - 4.5rem);
padding: clamp(3rem, 7vw, 7rem) clamp(1rem, 4vw, 4.5rem) 4rem;
}
.eyebrow {
color: var(--accent-dark);
font-size: 0.82rem;
font-weight: 800;
letter-spacing: 0;
margin: 0 0 0.9rem;
text-transform: uppercase;
}
h1,
h2,
h3,
p {
margin-top: 0;
}
h1 {
color: #14211e;
font-size: clamp(3rem, 7vw, 6.6rem);
letter-spacing: 0;
line-height: 0.92;
margin-bottom: 1.4rem;
max-width: 9ch;
}
h2 {
color: #14211e;
font-size: clamp(2rem, 4vw, 3.6rem);
letter-spacing: 0;
line-height: 1.02;
}
h3 {
color: #14211e;
font-size: 1.1rem;
line-height: 1.25;
margin-bottom: 0.75rem;
}
.hero-text,
.section-heading p,
.open-source-section p,
.contact-section p,
.workflow-section li {
color: #51605c;
font-size: 1.08rem;
line-height: 1.7;
}
.hero-text {
max-width: 39rem;
}
.hero-actions,
.contact-section {
align-items: center;
display: flex;
flex-wrap: wrap;
gap: 1rem;
margin-top: 2rem;
}
.primary-action,
.secondary-action {
align-items: center;
border-radius: 999px;
display: inline-flex;
font-weight: 800;
justify-content: center;
min-height: 3rem;
padding: 0.85rem 1.25rem;
}
.primary-action {
background: var(--accent);
color: #10210d;
box-shadow: 0 1rem 2rem rgba(105, 195, 80, 0.28);
}
.secondary-action {
background: #ffffff;
border: 1px solid rgba(23, 33, 31, 0.12);
color: #17211f;
}
.product-preview {
background: #17211f;
border: 1px solid rgba(255, 255, 255, 0.24);
border-radius: 0.5rem;
box-shadow: 0 2rem 5rem rgba(23, 33, 31, 0.24);
color: #ffffff;
min-height: 31rem;
overflow: hidden;
}
.preview-toolbar {
align-items: center;
background: #24302d;
display: flex;
gap: 0.45rem;
height: 3rem;
padding: 0 1rem;
}
.preview-toolbar span {
background: #cbd7d3;
border-radius: 50%;
display: block;
height: 0.65rem;
opacity: 0.7;
width: 0.65rem;
}
.preview-grid {
display: grid;
grid-template-columns: 12rem minmax(0, 1fr);
min-height: 28rem;
}
.preview-grid aside {
background: rgba(255, 255, 255, 0.06);
display: flex;
flex-direction: column;
gap: 0.75rem;
padding: 1.5rem;
}
.preview-grid aside strong {
color: var(--accent);
margin-bottom: 1rem;
}
.preview-grid aside span {
color: rgba(255, 255, 255, 0.68);
font-size: 0.92rem;
}
.preview-content {
display: grid;
gap: 1.25rem;
padding: 1.5rem;
}
.metric-row {
display: grid;
gap: 1rem;
grid-template-columns: repeat(3, minmax(0, 1fr));
}
.metric-row div,
.work-card {
background: rgba(255, 255, 255, 0.1);
border: 1px solid rgba(255, 255, 255, 0.12);
border-radius: 0.45rem;
padding: 1rem;
}
.metric-row small {
color: rgba(255, 255, 255, 0.6);
display: block;
line-height: 1.35;
margin-bottom: 0.7rem;
}
.metric-row strong {
color: #ffffff;
font-size: 1.8rem;
}
.timeline {
align-content: center;
background: rgba(255, 255, 255, 0.06);
border-radius: 0.45rem;
display: grid;
gap: 1rem;
min-height: 10rem;
padding: 1.5rem;
}
.timeline span {
background: linear-gradient(90deg, var(--accent), #d9ef72);
border-radius: 999px;
display: block;
height: 1.15rem;
width: var(--width);
}
.work-card {
align-self: end;
}
.work-card p {
color: rgba(255, 255, 255, 0.68);
line-height: 1.55;
margin: 0.65rem 0 0;
}
.highlights,
.section,
.workflow-section,
.open-source-section,
.contact-section,
footer {
margin: 0 auto;
max-width: 1180px;
padding-left: clamp(1rem, 4vw, 2rem);
padding-right: clamp(1rem, 4vw, 2rem);
}
.highlights {
display: grid;
gap: 1rem;
grid-template-columns: repeat(3, minmax(0, 1fr));
padding-bottom: 5rem;
}
.highlights article,
.feature-grid article {
background: rgba(255, 255, 255, 0.76);
border: 1px solid rgba(23, 33, 31, 0.1);
border-radius: 0.5rem;
padding: 1.35rem;
}
.highlights span,
.feature-grid span {
color: var(--accent-dark);
display: inline-block;
font-size: 0.82rem;
font-weight: 800;
margin-bottom: 1rem;
}
.highlights h2 {
font-size: 1.2rem;
margin-bottom: 0.75rem;
}
.highlights p,
.feature-grid p {
color: #51605c;
line-height: 1.6;
margin: 0;
}
.section {
padding-bottom: 5rem;
padding-top: 1rem;
}
.section-heading {
max-width: 48rem;
}
.feature-grid {
display: grid;
gap: 1rem;
grid-template-columns: repeat(4, minmax(0, 1fr));
margin-top: 2.5rem;
}
.workflow-section,
.open-source-section,
.contact-section {
align-items: start;
display: grid;
gap: 2rem;
grid-template-columns: minmax(0, 0.9fr) minmax(20rem, 1fr);
padding-bottom: 5rem;
padding-top: 5rem;
}
.workflow-section {
border-top: 1px solid rgba(23, 33, 31, 0.12);
}
.workflow-section ol {
counter-reset: workflow;
display: grid;
gap: 1rem;
list-style: none;
margin: 0;
padding: 0;
}
.workflow-section li {
background: #ffffff;
border: 1px solid rgba(23, 33, 31, 0.1);
border-radius: 0.5rem;
padding: 1rem 1rem 1rem 3.8rem;
position: relative;
}
.workflow-section li::before {
align-items: center;
background: var(--accent);
border-radius: 50%;
color: #10210d;
content: counter(workflow);
counter-increment: workflow;
display: flex;
font-size: 0.9rem;
font-weight: 800;
height: 2rem;
justify-content: center;
left: 1rem;
position: absolute;
top: 1rem;
width: 2rem;
}
.open-source-section {
align-items: center;
background: #17211f;
border-radius: 0.5rem;
color: #ffffff;
margin-bottom: 5rem;
padding: clamp(2rem, 5vw, 4rem);
}
.open-source-section h2,
.contact-section h2 {
margin-bottom: 1rem;
}
.open-source-section h2 {
color: #ffffff;
}
.open-source-section p {
color: rgba(255, 255, 255, 0.74);
margin-bottom: 0;
}
.open-source-section .secondary-action {
justify-self: end;
}
.contact-section {
background: #ffffff;
border: 1px solid rgba(23, 33, 31, 0.1);
border-radius: 0.5rem;
grid-template-columns: minmax(0, 1fr) auto;
margin-bottom: 5rem;
padding: clamp(2rem, 5vw, 4rem);
}
.contact-section p {
margin-bottom: 0;
}
.legal-page {
margin: 0 auto;
max-width: 1180px;
padding: clamp(3rem, 7vw, 6rem) clamp(1rem, 4vw, 2rem) 5rem;
}
.legal-heading {
max-width: 45rem;
margin-bottom: 2.5rem;
}
.legal-heading h1 {
max-width: none;
}
.legal-heading p,
.legal-grid p {
color: #51605c;
font-size: 1.02rem;
line-height: 1.7;
}
.legal-grid {
display: grid;
gap: 1rem;
grid-template-columns: repeat(2, minmax(0, 1fr));
}
.legal-grid article {
background: rgba(255, 255, 255, 0.76);
border: 1px solid rgba(23, 33, 31, 0.1);
border-radius: 0.5rem;
padding: 1.35rem;
}
.legal-grid h2 {
font-size: 1.2rem;
margin-bottom: 0.75rem;
}
.legal-grid p {
margin-bottom: 0.8rem;
}
.legal-grid p:last-child {
margin-bottom: 0;
}
.legal-grid a {
color: var(--accent-dark);
font-weight: 700;
overflow-wrap: anywhere;
}
footer {
align-items: center;
border-top: 1px solid rgba(23, 33, 31, 0.1);
display: grid;
gap: 1rem;
grid-template-columns: auto 1fr auto;
padding-bottom: 2rem;
padding-top: 2rem;
}
footer div {
display: flex;
flex-wrap: wrap;
gap: 1rem;
justify-content: center;
}
footer a,
footer p {
color: #51605c;
font-size: 0.92rem;
}
footer p {
margin: 0;
text-align: right;
}
@media (max-width: 980px) {
.hero-section,
.workflow-section,
.open-source-section,
.contact-section {
grid-template-columns: 1fr;
}
.hero-section {
min-height: auto;
}
.highlights,
.feature-grid,
.legal-grid {
grid-template-columns: repeat(2, minmax(0, 1fr));
}
.open-source-section .secondary-action {
justify-self: start;
}
footer {
grid-template-columns: 1fr;
justify-items: start;
}
footer div {
justify-content: flex-start;
}
footer p {
text-align: left;
}
}
@media (max-width: 680px) {
.site-header {
align-items: flex-start;
flex-direction: column;
}
nav {
justify-content: flex-start;
}
.hero-section {
padding-top: 2.5rem;
}
h1 {
font-size: 3rem;
}
.product-preview {
min-height: auto;
}
.preview-grid {
grid-template-columns: 1fr;
}
.preview-grid aside {
display: none;
}
.metric-row,
.highlights,
.feature-grid,
.legal-grid {
grid-template-columns: 1fr;
}
}

105
website/app/pages/impressum.vue Normal file
View File

@@ -0,0 +1,105 @@
<template>
<main>
<header class="site-header">
<NuxtLink class="brand" to="/" aria-label="FEDEO Startseite">
<img src="/Logo.png" alt="FEDEO" />
</NuxtLink>
<nav aria-label="Hauptnavigation">
<NuxtLink to="/#funktionen">Funktionen</NuxtLink>
<NuxtLink to="/#open-source">Open Source</NuxtLink>
<NuxtLink to="/#kontakt">Kontakt</NuxtLink>
<a class="login-link" href="https://app.fedeo.de">Einloggen</a>
</nav>
</header>
<section class="legal-page">
<div class="legal-heading">
<p class="eyebrow">Federspiel Technology</p>
<h1>Impressum</h1>
<p>Angaben gemäß § 5 TMG</p>
</div>
<div class="legal-grid">
<article>
<h2>Betreiber</h2>
<p>
Federspiel Technology UG (haftungsbeschränkt)<br>
Am Schwarzen Brack 14<br>
26452 Sande<br>
Deutschland
</p>
</article>
<article>
<h2>Handelsregister</h2>
<p>
Amtsgericht Oldenburg<br>
Registernummer: HRB 216842
</p>
</article>
<article>
<h2>Vertreten durch</h2>
<p>
Florian Federspiel<br>
Geschäftsführer
</p>
</article>
<article>
<h2>Kontakt</h2>
<p>
Telefon: <a href="tel:+4915755769509">+49 157 55769509</a><br>
E-Mail: <a href="mailto:f.federspiel@federspiel.tech">f.federspiel@federspiel.tech</a><br>
Website: <a href="https://federspiel.group/tech">federspiel.group/tech</a>
</p>
</article>
<article>
<h2>Umsatzsteuer-ID</h2>
<p>
Umsatzsteuer-Identifikationsnummer gemäß § 27 a Umsatzsteuergesetz:<br>
DE343020780
</p>
</article>
<article>
<h2>Inhaltlich verantwortlich</h2>
<p>
Verantwortlich für den Inhalt nach § 18 Abs. 2 MStV:<br>
Florian Federspiel<br>
Am Schwarzen Brack 14<br>
26452 Sande
</p>
</article>
<article>
<h2>EU-Streitschlichtung</h2>
<p>
Die Europäische Kommission stellt eine Plattform zur Online-Streitbeilegung bereit:
<a href="https://ec.europa.eu/consumers/odr/">https://ec.europa.eu/consumers/odr/</a>
</p>
<p>Unsere E-Mail-Adresse findest du oben im Impressum.</p>
</article>
<article>
<h2>Verbraucherstreitbeilegung</h2>
<p>
Wir sind nicht bereit oder verpflichtet, an Streitbeilegungsverfahren vor einer Verbraucherschlichtungsstelle teilzunehmen.
</p>
</article>
</div>
</section>
<footer>
<img src="/Logo.png" alt="FEDEO" />
<div>
<NuxtLink to="/impressum">Impressum</NuxtLink>
<a href="https://federspiel.tech/datenschutz">Datenschutz</a>
<a href="https://app.fedeo.de">Einloggen</a>
</div>
<p>Copyright © 2026 Federspiel Technology UG haftungsbeschränkt.</p>
</footer>
</main>
</template>

199
website/app/pages/index.vue Normal file
View File

@@ -0,0 +1,199 @@
<template>
<main>
<header class="site-header">
<a class="brand" href="#start" aria-label="FEDEO Startseite">
<img src="/Logo.png" alt="FEDEO" />
</a>
<nav aria-label="Hauptnavigation">
<a href="#funktionen">Funktionen</a>
<a href="#open-source">Open Source</a>
<a href="#kontakt">Kontakt</a>
<a class="login-link" href="https://app.fedeo.de">Einloggen</a>
</nav>
</header>
<section id="start" class="hero-section">
<div class="hero-copy">
<p class="eyebrow">Open-Source Unternehmenssoftware</p>
<h1>Platz für dein Unternehmen.</h1>
<p class="hero-text">
FEDEO bündelt Projekte, Zeiten, Buchhaltung, Kommunikation, Geräte und Warenflüsse in einer Oberfläche, die den Arbeitsalltag kleiner und mittlerer Teams spürbar ruhiger macht.
</p>
<div class="hero-actions">
<a class="primary-action" href="#kontakt">Demo anfragen</a>
<a class="secondary-action" href="#funktionen">Funktionen ansehen</a>
</div>
</div>
<div class="product-preview" aria-label="FEDEO Oberfläche">
<div class="preview-toolbar">
<span></span>
<span></span>
<span></span>
</div>
<div class="preview-grid">
<aside>
<strong>FEDEO</strong>
<span>Dashboard</span>
<span>Projekte</span>
<span>Zeiterfassung</span>
<span>Buchhaltung</span>
<span>Kommunikation</span>
</aside>
<div class="preview-content">
<div class="metric-row">
<div>
<small>Offene Aufgaben</small>
<strong>18</strong>
</div>
<div>
<small>Rapporte heute</small>
<strong>42</strong>
</div>
<div>
<small>Geräte online</small>
<strong>9</strong>
</div>
</div>
<div class="timeline">
<span style="--width: 82%"></span>
<span style="--width: 64%"></span>
<span style="--width: 48%"></span>
</div>
<div class="work-card">
<strong>Projekt Nordhalle</strong>
<p>Personal, Material und Zeiten sind auf dem aktuellen Stand.</p>
</div>
</div>
</div>
</div>
</section>
<section class="highlights" aria-label="Die wichtigsten Punkte">
<article>
<span>01</span>
<h2>Einfache Bedienung</h2>
<p>Schnelle Abläufe, klare Masken und kurze Wege für Teams, die mitten im Betrieb arbeiten.</p>
</article>
<article>
<span>02</span>
<h2>Cloud oder selbst gehostet</h2>
<p>FEDEO kann bequem betrieben werden und bleibt offen für eigene Infrastruktur.</p>
</article>
<article>
<span>03</span>
<h2>Ganzheitlich</h2>
<p>Von Kundenkontakt bis Inventar greifen die Arbeitsbereiche ineinander.</p>
</article>
</section>
<section id="funktionen" class="section">
<div class="section-heading">
<p class="eyebrow">Aktuelle Funktionen</p>
<h2>Alles, was im Betrieb zusammengehört, an einem Ort.</h2>
<p>
Die neue Webseite zeigt FEDEO als modularen Werkzeugkasten für Organisation, kaufmännische Abläufe und tägliche Teamarbeit.
</p>
</div>
<div class="feature-grid">
<article v-for="feature in features" :key="feature.title">
<span>{{ feature.tag }}</span>
<h3>{{ feature.title }}</h3>
<p>{{ feature.description }}</p>
</article>
</div>
</section>
<section class="workflow-section">
<div>
<p class="eyebrow">Vom Auftrag bis zur Auswertung</p>
<h2>FEDEO verbindet Büro, Lager und Einsatzorte.</h2>
</div>
<ol>
<li>Kontakte, Objekte und Projekte zentral anlegen</li>
<li>Teams, Fahrzeuge und Material auf der Plantafel planen</li>
<li>Arbeitszeiten, Rapporte und Aufgaben laufend erfassen</li>
<li>Belege, Auswertungen und Kommunikation sauber weiterführen</li>
</ol>
</section>
<section id="open-source" class="open-source-section">
<div>
<p class="eyebrow">Open Source</p>
<h2>Offen, nachvollziehbar und anpassbar.</h2>
<p>
FEDEO wird als Open-Source-Software entwickelt. Das schafft Transparenz, erleichtert eigene Anpassungen und macht die Lösung unabhängig von geschlossenen Plattformversprechen.
</p>
</div>
<a class="secondary-action" href="https://git.federspiel.tech/flfeders/FEDEO">Repository ansehen</a>
</section>
<section id="kontakt" class="contact-section">
<div>
<p class="eyebrow">Jetzt anfragen</p>
<h2>Bereit für mehr Ruhe im Betrieb?</h2>
<p>
Frag eine Demo an und wir zeigen dir, wie FEDEO zu deinen Abläufen passt.
</p>
</div>
<a class="primary-action" href="https://fedeo.de/kontakt">Kontakt aufnehmen</a>
</section>
<footer>
<img src="/Logo.png" alt="FEDEO" />
<div>
<NuxtLink to="/impressum">Impressum</NuxtLink>
<a href="https://federspiel.tech/datenschutz">Datenschutz</a>
<a href="https://app.fedeo.de">Einloggen</a>
</div>
<p>Copyright © 2026 Federspiel Technology UG haftungsbeschränkt.</p>
</footer>
</main>
</template>
<script setup lang="ts">
const features = [
{
tag: 'Projekte',
title: 'Projekte und Objekte',
description: 'Aufträge, Dokumentation und projektunabhängige Objektinformationen bleiben nachvollziehbar verbunden.'
},
{
tag: 'Team',
title: 'Plantafel und Zeiterfassung',
description: 'Mitarbeitende, Ressourcen, Fahrzeuge, Arbeitszeiten und Rapportzeiten lassen sich durchgängig planen und erfassen.'
},
{
tag: 'Büro',
title: 'Aufgaben und Kommunikation',
description: 'Aufgaben, interne Nachrichten und betriebliche Abstimmung laufen dort zusammen, wo die Arbeit entsteht.'
},
{
tag: 'Warenfluss',
title: 'Lager und Inventar',
description: 'Bestände, Ein- und Ausgänge, Inventar und regelmäßige Überprüfungen bleiben im Blick.'
},
{
tag: 'Kaufmännisch',
title: 'Buchhaltung und Bankportal',
description: 'Belege, offene Posten, Exporte und Bankabläufe unterstützen den kaufmännischen Alltag.'
},
{
tag: 'Geräte',
title: 'Geräteintegration',
description: 'Bürogeräte, Drucker und angebundene Hardware werden in digitale Prozesse eingebunden.'
},
{
tag: 'Kontakte',
title: 'Kunden und Lieferanten',
description: 'Kontakte, Ansprechpartner und Stammdaten sind zentral erreichbar und für Folgeprozesse nutzbar.'
},
{
tag: 'Mobil',
title: 'Web und App',
description: 'FEDEO ist für Arbeit am Schreibtisch und für mobile Abläufe im Einsatz vorbereitet.'
}
]
</script>

21
website/nuxt.config.ts Normal file
View File

@@ -0,0 +1,21 @@
export default defineNuxtConfig({
css: ['~/assets/css/main.css'],
compatibilityDate: '2024-07-11',
nitro: {
preset: 'node-server'
},
app: {
head: {
title: 'FEDEO - Open-Source Unternehmenssoftware',
meta: [
{
name: 'description',
content: 'FEDEO bündelt Projekte, Zeiterfassung, Buchhaltung, Kommunikation, Lager, Inventar und Geräte in einer offenen Unternehmenssoftware.'
}
],
htmlAttrs: {
lang: 'de'
}
}
}
})

10704
website/package-lock.json generated Normal file
View File

File diff suppressed because it is too large Load Diff

21
website/package.json Normal file
View File

@@ -0,0 +1,21 @@
{
"name": "fedeo-website",
"private": true,
"type": "module",
"scripts": {
"build": "nuxt build",
"dev": "nuxt dev --host 0.0.0.0 --port 3006",
"generate": "nuxt generate",
"preview": "nuxt preview --host 0.0.0.0 --port 3006",
"postinstall": "nuxt prepare"
},
"dependencies": {
"nuxt": "^4.4.2"
},
"devDependencies": {
"typescript": "^6.0.2"
},
"engines": {
"node": ">=20.0"
}
}

BIN
website/public/Logo.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 34 KiB

BIN
website/public/Logo_Dark.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 35 KiB

3
website/tsconfig.json Normal file
View File

@@ -0,0 +1,3 @@
{
"extends": "./.nuxt/tsconfig.json"
}