# Automated Office 2.0 - Current Project State

## Overview
Project to automate all administrative and commercial processes within the company, using open-source solutions.

## Current Implementation Status

### 1. Project Structure
- Basic directory structure created
- Ansible roles established (common, docker, nginx, services)
- Configuration directories set up for all services
- Documentation structure established

### 2. Environment Setup
- Development environment using WSL
- NGINX running in WSL for development using NGINX Proxy Manager
- Docker environment being set up
- SSL certificates in place for development (self-signed)
- Staging and Production environment will use NGINX Server Config files and letsencrypt SSL certificates
- Automated password generation and encrypted storage implemented using `setup_environment.sh`

### 3. Service Status

#### Keycloak (auth.mrx8086.com)
- NGINX configuration complete
- Docker setup complete
- Keycloak is running behind a reverse proxy
- Implemented `setup_realm.js` script for automated realm, client, and user setup
- SSL certificates configured (self-signed)
- `setup_realm.js` configures the `office-automation` realm, `nextcloud`, `paperless`, and `nodered` clients.
- Test users `testadmin`, `testuser` and `testserviceuser` are also created with specific group assignments.
- Client Secrets are now managed and set correctly.
- The `groups-nextcloud` Client Scope is now created and managed by the `setup_realm.js` script.

#### Nextcloud (cloud.mrx8086.com)
- NGINX configuration complete
- Docker setup complete
- SSL certificates configured
- Nextcloud is now configured to use Keycloak for authentication via OpenID Connect.

#### Paperless (docs.mrx8086.com)
- NGINX configuration complete
- Docker setup pending
- SSL certificates configured

#### Node-RED (automate.mrx8086.com)
- NGINX configuration complete
- Docker setup pending
- SSL certificates configured
- Chosen over n8n for better open-source compatibility

### 4. Security
- Automated password generation implemented
- Encrypted credentials storage system in place
- SSL certificates managed and deployed
- Keycloak is used for central authentication

### 5. Development Decisions
- Using WSL for development environment
- NGINX running directly in WSL for development
- Docker containers for all services
- Focusing on completely open-source solutions
- Development environment uses Nginx Proxy Manager
- Staging and Production will use Nginx Server Config files

## Next Steps
1.  Complete Paperless docker setup
2.  Test Paperless authentication against Keycloak
3.  Proceed with remaining service deployments
4.  Setup Letsencrypt SSL Certificates in the Staging Environment
5.  Implement automated backups
6.  Implement monitoring

## Important Files Location
- NGINX configs: /config/nginx/sites-available/
- SSL certificates: /config/nginx/ssl/mrx8086.com/
- Docker compose: /docker/docker-compose.yml
- Environment variables: /docker/.env and /scripts/setup/keycloak/.env
- Encrypted credentials: /config/credentials/
- Keycloak setup script: /scripts/setup/keycloak/setup_realm.js

## Development Environment
- Domain: mrx8086.com
- SSL certificates in place (self-signed)
- NGINX running in WSL
- Docker running in WSL