diff --git a/.env.example b/.env.example index 606a4b0..ff518e1 100644 --- a/.env.example +++ b/.env.example @@ -1,29 +1,40 @@ -# Application + +# --- Application Settings --- +# Set to 'production' for production environments NODE_ENV=development PORT_BACKEND=4000 PORT_FRONTEND=3000 +# --- Docker Compose Service Configuration --- +# These variables are used by docker-compose.yml to configure the services. Leave them unchanged if you use Docker services for Postgresql, Valkey (Redis) and Meilisearch. If you decide to use your own instances of these services, you can substitute them with your own connection credentials. # PostgreSQL -DATABASE_URL="postgresql://admin:password@postgres:5432/open_archive?schema=public" - -# Redis -REDIS_HOST=valkey -REDIS_PORT=6379 -REDIS_PASSWORD=astrongredispassword -REDIS_TLS_ENABLED=false - +POSTGRES_DB=open_archive +POSTGRES_USER=admin +POSTGRES_PASSWORD=password +DATABASE_URL="postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@postgres:5432/${POSTGRES_DB}" # Meilisearch MEILI_MASTER_KEY=aSampleMasterKey MEILI_HOST=http://meilisearch:7700 -# Storage + + +# Valkey (Redis compatible) +REDIS_HOST=valkey +REDIS_PORT=6379 +REDIS_PASSWORD=defaultredispassword +# If you run Valkey service from Docker Compose, set the REDIS_TLS_ENABLED variable to false. +REDIS_TLS_ENABLED=false + + +# --- Storage Settings --- # Choose your storage backend. Valid options are 'local' or 's3'. STORAGE_TYPE=local # --- Local Storage Settings --- -# The absolute path on the server where files will be stored. +# The path inside the container where files will be stored. +# This is mapped to a Docker volume for persistence. # This is only used if STORAGE_TYPE is 'local'. STORAGE_LOCAL_ROOT_PATH=/var/data/open-archiver @@ -37,18 +48,20 @@ STORAGE_S3_REGION= # Set to 'true' for MinIO and other non-AWS S3 services STORAGE_S3_FORCE_PATH_STYLE=false +# --- Security & Authentication --- + # JWT -JWT_SECRET="a-very-secret-key" +# IMPORTANT: Change this to a long, random, and secret string in your .env file +JWT_SECRET=a-very-secret-key-that-you-should-change JWT_EXPIRES_IN="7d" - - -# Admin users -ADMIN_EMAIL=admin@local.com -ADMIN_PASSWORD=a_strong_pass +# Admin User +# Set the credentials for the initial admin user. +ADMIN_EMAIL=admin@local.com +ADMIN_PASSWORD=a_strong_password_that_you_should_change SUPER_API_KEY= -# Master Encryption Key for sensitive data +# Master Encryption Key for sensitive data (Such as Ingestion source credentials and passwords) # IMPORTANT: Generate a secure, random 32-byte hex string for this -# Use `openssl rand -hex 32` to generate a key +# You can use `openssl rand -hex 32` to generate a key. ENCRYPTION_KEY= diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 21a09d2..6ac5960 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -29,6 +29,23 @@ If you have an idea for an enhancement, please open an issue to discuss it. This 6. **Update the documentation** if your changes require it. 7. **Submit a pull request** to the `main` branch of the main repository. Please provide a clear description of the problem and solution. Include the relevant issue number if applicable. +## Contributor License Agreement + +By submitting a pull request to this repository, you agree to the following terms and conditions for your contributions: + +1. **Grant of Rights.** You grant to us and our users a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable license to your contributions, allowing us to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute them and such derivative works. This license applies to both copyright and patent claims that you can license, which are necessarily infringed by your contribution alone or in combination with the project. + +2. **Your Representations.** You represent that: + + - You are legally entitled to grant the above license. + - If your employer has rights to intellectual property that you create, you have received permission to make the contributions on behalf of that employer, or your employer has waived such rights for your contributions. + - Your contribution is your own original work. + - You are not granting a license to any patents or copyrights that you do not own. + +3. **No Other Rights.** Except for the license granted herein, you reserve all right, title, and interest in and to your contributions. + +By submitting a contribution, you are agreeing to this license for your contribution. You also agree that you have read and understood this agreement. + ## Code of Conduct This project and everyone participating in it is governed by the [Open Archiver Code of Conduct](CODE_OF_CONDUCT.md). By participating, you are expected to uphold this code. Please report unacceptable behavior. diff --git a/README.md b/README.md index 5168ae3..0e9d5ee 100644 --- a/README.md +++ b/README.md @@ -1,27 +1,28 @@ # Open Archiver -> [!WARNING] -> This project is currently in active development and has not yet reached a stable General Availability (GA) release. It is not recommended for use in production environments. We welcome contributions from the community to help us accelerate development and improve the platform. Please see our [Contributing](#contributing) section for more details. - **A secure, sovereign, and affordable open-source platform for email archiving and eDiscovery.** -Open Archiver enables individuals and organizations to take control of their digital communication history. It provides a robust, self-hosted solution for ingesting, storing, indexing, and searching emails from major platforms, ensuring a permanent, tamper-proof record of your most critical data, free from vendor lock-in. +Open Archiver provides a robust, self-hosted solution for archiving, storing, indexing, and searching emails from major platforms, including Google Workspace (Gmail), Microsoft 365, as well as generic IMAP-enabled email inboxes. Use Open Archiver to keep a permanent, tamper-proof record of your communication history, free from vendor lock-in. -![Open Archiver Preview](assets/screenshots/email.png) +## Screenshots -## Vision +![Open Archiver Preview](assets/screenshots/dashboard.png) +_Dashboard_ -To provide individuals and organizations with a secure, sovereign, and affordable platform to preserve and access their digital communication history. +![Open Archiver Preview](assets/screenshots/archived-emails.png) +_Archived emails_ + +![Open Archiver Preview](assets/screenshots/search.png) +_Full-text search across all your emails and attachments_ ## Key Features - **Universal Ingestion**: Connect to Google Workspace, Microsoft 365, and standard IMAP servers to perform initial bulk imports and maintain continuous, real-time synchronization. - **Secure & Efficient Storage**: Emails are stored in the standard `.eml` format. The system uses deduplication and compression to minimize storage costs. All data is encrypted at rest. -- **Pluggable Storage Backends**: Start with local filesystem storage and scale to S3-compatible object storage (like AWS S3 or MinIO) as your needs grow. -- **Powerful Search & eDiscovery**: A high-performance search engine indexes the full text of emails and attachments (PDF, DOCX, etc.). The intuitive UI supports advanced search operators, filtering, and case management. -- **Compliance & Retention**: Define granular retention policies to automatically manage the lifecycle of your data. Place legal holds on communications to prevent deletion during litigation. -- **Comprehensive Auditing**: An immutable audit trail logs all system activities, ensuring you have a clear record of who accessed what and when. -- **Role-Based Access Control (RBAC)**: Enforce the principle of least privilege with pre-defined roles for Administrators, Auditors, and End Users. +- **Pluggable Storage Backends**: Support both local filesystem storage and S3-compatible object storage (like AWS S3 or MinIO). +- **Powerful Search & eDiscovery**: A high-performance search engine indexes the full text of emails and attachments (PDF, DOCX, etc.). +- **Compliance & Retention**: Define granular retention policies to automatically manage the lifecycle of your data. Place legal holds on communications to prevent deletion during litigation (TBD). +- **Comprehensive Auditing**: An immutable audit trail logs all system activities, ensuring you have a clear record of who accessed what and when (TBD). ## Tech Stack @@ -34,7 +35,7 @@ Open Archiver is built on a modern, scalable, and maintainable technology stack: - **Database**: PostgreSQL for metadata, user management, and audit logs - **Deployment**: Docker Compose for easy, one-command deployment -## Getting Started +## Deployment ### Prerequisites @@ -57,7 +58,7 @@ Open Archiver is built on a modern, scalable, and maintainable technology stack: cp .env.example .env ``` - You will need to edit the `.env` file to set your database passwords, secret keys, and other essential configuration. + You will need to edit the `.env` file to set your admin passwords, secret keys, and other essential configuration. Read the .env.example for how to set up. 3. **Run the application:** @@ -65,21 +66,17 @@ Open Archiver is built on a modern, scalable, and maintainable technology stack: docker compose up -d ``` - This command will build the necessary Docker images and start all the services (frontend, backend, database, etc.) in the background. + This command will pull the pre-built Docker images and start all the services (frontend, backend, database, etc.) in the background. 4. **Access the application:** Once the services are running, you can access the Open Archiver web interface by navigating to `http://localhost:3000` in your web browser. ## Contributing -We welcome contributions from the community! Whether you're a developer, a designer, or just an enthusiast, there are many ways to get involved. +We welcome contributions from the community! - **Reporting Bugs**: If you find a bug, please open an issue on our GitHub repository. - **Suggesting Enhancements**: Have an idea for a new feature? We'd love to hear it. Open an issue to start the discussion. - **Code Contributions**: If you'd like to contribute code, please fork the repository and submit a pull request. Please read our `CONTRIBUTING.md` file for more details on our code of conduct and the process for submitting pull requests. - -## License - -This project is licensed under the AGPL-3.0 License. diff --git a/assets/screenshots/archived-emails.png b/assets/screenshots/archived-emails.png new file mode 100644 index 0000000..f0a4187 Binary files /dev/null and b/assets/screenshots/archived-emails.png differ diff --git a/assets/screenshots/dashboard.png b/assets/screenshots/dashboard.png new file mode 100644 index 0000000..8efd860 Binary files /dev/null and b/assets/screenshots/dashboard.png differ diff --git a/assets/screenshots/search.png b/assets/screenshots/search.png new file mode 100644 index 0000000..6acad4c Binary files /dev/null and b/assets/screenshots/search.png differ