diff --git a/Architecture.md b/Architecture.md new file mode 100644 index 0000000..bc4c420 --- /dev/null +++ b/Architecture.md @@ -0,0 +1,70 @@ +# Architecture + +## Overview + +Thoughts runs as four independent Docker services orchestrated by Docker Compose. Traffic enters via Nginx, which routes API calls to the Rust backend and everything else to the Next.js frontend. Both services share a PostgreSQL database. + +``` +User's Browser + │ + ▼ + Nginx (Reverse Proxy) + ├── /api/* ──────────────► Rust Backend (Axum) + │ │ + └── /* ──────► Next.js └──► PostgreSQL + Frontend +``` + +## Components + +### Backend — Rust (Axum) + +The stateless core of the platform. Handles all business logic, authentication, database operations, and (planned) ActivityPub federation. + +- Framework: **Axum** +- ORM / query builder: **SeaORM** with migrations via `sea-orm-cli` +- OpenAPI docs generated at runtime (see `/doc` crate) +- Runs on the `tokio` async runtime + +**Crate layout:** + +| Crate | Role | +|---|---| +| `api` | HTTP handlers, extractors, routers | +| `app` | Business logic, persistence layer | +| `models` | Shared domain types, query/schema structs | +| `common` | Shared utilities (pagination, etc.) | +| `doc` | OpenAPI / Swagger doc generation | +| `migration` | Database migrations (SeaORM) | +| `utils` | Test helpers, DB utilities | + +### Frontend — Next.js + +Server-Side Rendered (SSR) web client. Fetches data from the Rust API during the request-response cycle; minimal client-side JS. + +- Uses **shadcn/ui** component library +- Frutiger font for the Frutiger Aero aesthetic +- Progressive Web App (PWA) manifest included + +### Database — PostgreSQL + +Single source of truth. UUIDs as primary keys to prevent enumeration and ease future federation. + +### Reverse Proxy — Nginx + +Routes traffic: +- `yourdomain.com/api/*` → Rust backend +- `yourdomain.com/*` → Next.js frontend + +## Authentication + +Two methods: + +| Method | Header | Use case | +|---|---|---| +| JWT | `Authorization: Bearer ` | Official web client sessions (short-lived) | +| API Key | `Authorization: ApiKey ` | Third-party apps (long-lived, user-generated) | + +## Planned: ActivityPub Federation + +Each user profile will be exposed as an ActivityPub actor (e.g. `@username@thoughts.social`), making the platform a Fediverse citizen compatible with Mastodon and other federated platforms.