zephyrfs-web Public

Watch 0 Fork 0 Star 0

markdown · 7885 bytes Raw Blame History

ZephyrFS Web Interface

A modern, responsive web interface for ZephyrFS with zero-knowledge encryption support and production-ready deployment.

Features

Modern Web UI: Vue.js 3 + TypeScript + Tailwind CSS
Zero-Knowledge Encryption: Client-side encryption with capability-based access
Real-time Operations: WebSocket support for live updates
File Management: Upload, download, organize files with folder support
Batch Operations: Multi-select for bulk operations
File Preview: Built-in preview for images, documents, and media
Mobile Responsive: Progressive Web App (PWA) support
WebDAV Server: Native OS integration for mounting as network drive
Production Ready: Docker containerization with monitoring
High Performance: Sub-500ms response times with intelligent caching

Quick Start

Development

# Install dependencies
npm install

# Start development servers
npm run dev:server    # Backend on :3000
npm run dev:client    # Frontend on :5173

Production Deployment

# Copy and configure environment
cp .env.production.example .env.production
# Edit .env.production with your settings

# Deploy with Docker Swarm
./scripts/deploy.sh deploy

# Check health and performance
./scripts/health-check.sh

Alternative Deployment

# Docker Compose
docker-compose -f deploy/production.yml up -d

# Manual deployment
npm run build
npm run start:prod

API Endpoints

Authentication

POST /api/auth/login - Login with username/password
POST /api/auth/refresh - Refresh access token
POST /api/auth/logout - Logout and invalidate session
GET /api/auth/me - Get current user info

Core Operations

GET /api/files - List files and folders
POST /api/files/upload - Upload files
GET /api/files/:id/download - Download file
DELETE /api/files/:id - Delete file/folder
POST /api/folders - Create folder

Batch Operations

POST /api/bulk/download - Bulk download as ZIP
DELETE /api/bulk/delete - Bulk delete

Monitoring

GET /api/health - Health check
GET /api/metrics - Performance metrics
GET /api/cache/stats - Cache statistics
GET /api/status/network - Network status
GET /api/status/node - Node status
GET /api/status/ws - WebSocket status updates

WebDAV

GET /api/webdav - WebDAV discovery info
ALL /api/webdav/* - WebDAV protocol endpoints

WebDAV Setup

The WebDAV server allows mounting ZephyrFS as a network drive:

Windows

Open File Explorer
Right-click "This PC" → "Map network drive"
Click "Connect to a Web site"
Enter: http://localhost:3000/api/webdav/
Username: zephyrfs, Password: webdav

macOS

Open Finder
Go → Connect to Server (⌘K)
Enter: http://localhost:3000/api/webdav/
Username: zephyrfs, Password: webdav

Linux

Open file manager
Other Locations → Connect to Server
Enter: http://localhost:3000/api/webdav/
Username: zephyrfs, Password: webdav

Configuration

Environment variables (see .env.example):

PORT - Server port (default: 3000)
ZEPHYRFS_NODE_URL - ZephyrFS node URL
JWT_SECRET - JWT signing secret (min 32 chars)
CORS_ORIGINS - Allowed CORS origins
WEBDAV_ENABLED - Enable WebDAV server
LOG_LEVEL - Logging level (debug, info, warn, error)

Testing

npm test

Architecture

The web interface acts as a bridge between web clients and the ZephyrFS node:

Web Client/WebDAV → Fastify API → ZephyrFS Client → ZephyrFS Node

Fastify - High-performance web framework
JWT Authentication - Stateless authentication
WebDAV Server - Standards-compliant DAV implementation
ZephyrFS Client - HTTP client for node communication
Zero-Knowledge - Encryption keys never leave client side

Security

JWT tokens with configurable expiration
Rate limiting (100 requests/minute per IP)
Security headers (HSTS, CSP, etc.)
CORS protection
Input validation with Zod schemas
Secure error handling (no info leakage)

Architecture

┌─────────────────┐    ┌─────────────────┐    ┌─────────────────┐
│   Vue.js Client │────│  Fastify Server │────│  ZephyrFS Node  │
│                 │    │                 │    │                 │
│ • File Browser  │    │ • REST API      │    │ • Storage Layer │
│ • Upload/DL     │    │ • WebSocket     │    │ • Encryption    │
│ • Auth UI       │    │ • JWT Auth      │    │ • Deduplication │
│ • Real-time     │    │ • Caching       │    │ • Capabilities  │
└─────────────────┘    └─────────────────┘    └─────────────────┘

Performance

Response Times: Sub-500ms for all operations
Caching: Intelligent multi-layer caching
Compression: Gzip compression for all responses
CDN Ready: Static asset optimization
Monitoring: Prometheus + Grafana metrics
Streaming: Efficient file uploads/downloads
WebSocket: Real-time updates
Connection Pooling: Optimized HTTP connections

Security

Zero-Knowledge: Files encrypted client-side
JWT Authentication: Secure token-based auth
CORS Protection: Configurable origin restrictions
Rate Limiting: API endpoint protection
TLS Termination: HTTPS with nginx proxy
CSP Headers: Content Security Policy
Input Validation: Zod schema validation
Secure Headers: HSTS, X-Frame-Options, etc.

Deployment Options

Docker Swarm (Recommended)

./scripts/deploy.sh deploy

Manual Docker

docker-compose -f deploy/production.yml up -d

Kubernetes

# Coming soon - K8s manifests
kubectl apply -f deploy/k8s/

Configuration

Environment Variables

Variable	Description	Default
`NODE_ENV`	Environment mode	`production`
`PORT`	Server port	`3000`
`ZEPHYRFS_NODE_URL`	ZephyrFS node URL	`http://zephyrfs-node:8080`
`JWT_SECRET`	JWT signing secret	(required)
`CORS_ORIGINS`	Allowed CORS origins	`https://your-domain.com`
`MAX_FILE_SIZE`	Max upload size	`1073741824` (1GB)
`DATA_PATH`	Data storage path	`/opt/zephyrfs/data`

SSL Certificates

Place SSL certificates in ${SSL_CERTS_PATH}/:

cert.pem - Certificate file
key.pem - Private key file

Or use Let's Encrypt with:

certbot certonly --webroot -w /var/www/html -d your-domain.com

Monitoring

Access monitoring dashboards:

Grafana: http://localhost:3001 (admin/admin)
Prometheus: http://localhost:9090
Logs: docker service logs zephyrfs_loki

Development

Project Structure

zephyrfs-web/
├── client/           # Vue.js frontend
│   ├── src/
│   │   ├── components/
│   │   ├── views/
│   │   ├── stores/
│   │   └── utils/
│   └── public/
├── server/           # Node.js backend
│   ├── src/
│   │   ├── routes/
│   │   ├── middleware/
│   │   └── integration/
│   └── tests/
├── deploy/           # Production configs
├── monitoring/       # Prometheus/Grafana
└── scripts/          # Deployment scripts

Testing

npm test

Contributing

Fork the repository
Create feature branch: git checkout -b feature/name
Run tests: npm test
Commit changes: git commit -m "feat: description"
Push branch: git push origin feature/name
Create Pull Request

View source

  
        1
        # ZephyrFS Web Interface
      
        2
        
        3
        A modern, responsive web interface for ZephyrFS with zero-knowledge encryption support and production-ready deployment.
      
        4
        
        5
        ## Features
      
        6
        
        7
        - **Modern Web UI**: Vue.js 3 + TypeScript + Tailwind CSS
      
        8
        - **Zero-Knowledge Encryption**: Client-side encryption with capability-based access
      
        9
        - **Real-time Operations**: WebSocket support for live updates
      
        10
        - **File Management**: Upload, download, organize files with folder support
      
        11
        - **Batch Operations**: Multi-select for bulk operations
      
        12
        - **File Preview**: Built-in preview for images, documents, and media
      
        13
        - **Mobile Responsive**: Progressive Web App (PWA) support
      
        14
        - **WebDAV Server**: Native OS integration for mounting as network drive
      
        15
        - **Production Ready**: Docker containerization with monitoring
      
        16
        - **High Performance**: Sub-500ms response times with intelligent caching
      
        17
        
        18
        ## Quick Start
      
        19
        
        20
        ### Development
      
        21
        
        22
        ```bash
      
        23
        # Install dependencies
      
        24
        npm install
      
        25
        
        26
        # Start development servers
      
        27
        npm run dev:server    # Backend on :3000
      
        28
        npm run dev:client    # Frontend on :5173
      
        29
        ```
      
        30
        
        31
        ### Production Deployment
      
        32
        
        33
        ```bash
      
        34
        # Copy and configure environment
      
        35
        cp .env.production.example .env.production
      
        36
        # Edit .env.production with your settings
      
        37
        
        38
        # Deploy with Docker Swarm
      
        39
        ./scripts/deploy.sh deploy
      
        40
        
        41
        # Check health and performance
      
        42
        ./scripts/health-check.sh
      
        43
        ```
      
        44
        
        45
        ### Alternative Deployment
      
        46
        
        47
        ```bash
      
        48
        # Docker Compose
      
        49
        docker-compose -f deploy/production.yml up -d
      
        50
        
        51
        # Manual deployment
      
        52
        npm run build
      
        53
        npm run start:prod
      
        54
        ```
      
        55
        
        56
        ## API Endpoints
      
        57
        
        58
        ### Authentication
      
        59
        - `POST /api/auth/login` - Login with username/password
      
        60
        - `POST /api/auth/refresh` - Refresh access token
      
        61
        - `POST /api/auth/logout` - Logout and invalidate session
      
        62
        - `GET /api/auth/me` - Get current user info
      
        63
        
        64
        ### Core Operations
      
        65
        - `GET /api/files` - List files and folders
      
        66
        - `POST /api/files/upload` - Upload files
      
        67
        - `GET /api/files/:id/download` - Download file
      
        68
        - `DELETE /api/files/:id` - Delete file/folder
      
        69
        - `POST /api/folders` - Create folder
      
        70
        
        71
        ### Batch Operations
      
        72
        - `POST /api/bulk/download` - Bulk download as ZIP
      
        73
        - `DELETE /api/bulk/delete` - Bulk delete
      
        74
        
        75
        ### Monitoring
      
        76
        - `GET /api/health` - Health check
      
        77
        - `GET /api/metrics` - Performance metrics
      
        78
        - `GET /api/cache/stats` - Cache statistics
      
        79
        - `GET /api/status/network` - Network status
      
        80
        - `GET /api/status/node` - Node status
      
        81
        - `GET /api/status/ws` - WebSocket status updates
      
        82
        
        83
        ### WebDAV
      
        84
        - `GET /api/webdav` - WebDAV discovery info
      
        85
        - `ALL /api/webdav/*` - WebDAV protocol endpoints
      
        86
        
        87
        ## WebDAV Setup
      
        88
        
        89
        The WebDAV server allows mounting ZephyrFS as a network drive:
      
        90
        
        91
        ### Windows
      
        92
        1. Open File Explorer
      
        93
        2. Right-click "This PC" → "Map network drive"
      
        94
        3. Click "Connect to a Web site"
      
        95
        4. Enter: `http://localhost:3000/api/webdav/`
      
        96
        5. Username: `zephyrfs`, Password: `webdav`
      
        97
        
        98
        ### macOS
      
        99
        1. Open Finder
      
        100
        2. Go → Connect to Server (⌘K)
      
        101
        3. Enter: `http://localhost:3000/api/webdav/`
      
        102
        4. Username: `zephyrfs`, Password: `webdav`
      
        103
        
        104
        ### Linux
      
        105
        1. Open file manager
      
        106
        2. Other Locations → Connect to Server
      
        107
        3. Enter: `http://localhost:3000/api/webdav/`
      
        108
        4. Username: `zephyrfs`, Password: `webdav`
      
        109
        
        110
        ## Configuration
      
        111
        
        112
        Environment variables (see `.env.example`):
      
        113
        
        114
        - `PORT` - Server port (default: 3000)
      
        115
        - `ZEPHYRFS_NODE_URL` - ZephyrFS node URL
      
        116
        - `JWT_SECRET` - JWT signing secret (min 32 chars)
      
        117
        - `CORS_ORIGINS` - Allowed CORS origins
      
        118
        - `WEBDAV_ENABLED` - Enable WebDAV server
      
        119
        - `LOG_LEVEL` - Logging level (debug, info, warn, error)
      
        120
        
        121
        ## Testing
      
        122
        
        123
        ```bash
      
        124
        npm test
      
        125
        ```
      
        126
        
        127
        ## Architecture
      
        128
        
        129
        The web interface acts as a bridge between web clients and the ZephyrFS node:
      
        130
        
        131
        ```
      
        132
        Web Client/WebDAV → Fastify API → ZephyrFS Client → ZephyrFS Node
      
        133
        ```
      
        134
        
        135
        - **Fastify** - High-performance web framework
      
        136
        - **JWT Authentication** - Stateless authentication
      
        137
        - **WebDAV Server** - Standards-compliant DAV implementation
      
        138
        - **ZephyrFS Client** - HTTP client for node communication
      
        139
        - **Zero-Knowledge** - Encryption keys never leave client side
      
        140
        
        141
        ## Security
      
        142
        
        143
        - JWT tokens with configurable expiration
      
        144
        - Rate limiting (100 requests/minute per IP)
      
        145
        - Security headers (HSTS, CSP, etc.)
      
        146
        - CORS protection
      
        147
        - Input validation with Zod schemas
      
        148
        - Secure error handling (no info leakage)
      
        149
        
        150
        ## Architecture
      
        151
        
        152
        ```
      
        153
        ┌─────────────────┐    ┌─────────────────┐    ┌─────────────────┐
      
        154
        │   Vue.js Client │────│  Fastify Server │────│  ZephyrFS Node  │
      
        155
        │                 │    │                 │    │                 │
      
        156
        │ • File Browser  │    │ • REST API      │    │ • Storage Layer │
      
        157
        │ • Upload/DL     │    │ • WebSocket     │    │ • Encryption    │
      
        158
        │ • Auth UI       │    │ • JWT Auth      │    │ • Deduplication │
      
        159
        │ • Real-time     │    │ • Caching       │    │ • Capabilities  │
      
        160
        └─────────────────┘    └─────────────────┘    └─────────────────┘
      
        161
        ```
      
        162
        
        163
        ## Performance
      
        164
        
        165
        - **Response Times**: Sub-500ms for all operations
      
        166
        - **Caching**: Intelligent multi-layer caching
      
        167
        - **Compression**: Gzip compression for all responses
      
        168
        - **CDN Ready**: Static asset optimization
      
        169
        - **Monitoring**: Prometheus + Grafana metrics
      
        170
        - **Streaming**: Efficient file uploads/downloads
      
        171
        - **WebSocket**: Real-time updates
      
        172
        - **Connection Pooling**: Optimized HTTP connections
      
        173
        
        174
        ## Security
      
        175
        
        176
        - **Zero-Knowledge**: Files encrypted client-side
      
        177
        - **JWT Authentication**: Secure token-based auth
      
        178
        - **CORS Protection**: Configurable origin restrictions
      
        179
        - **Rate Limiting**: API endpoint protection
      
        180
        - **TLS Termination**: HTTPS with nginx proxy
      
        181
        - **CSP Headers**: Content Security Policy
      
        182
        - **Input Validation**: Zod schema validation
      
        183
        - **Secure Headers**: HSTS, X-Frame-Options, etc.
      
        184
        
        185
        ## Deployment Options
      
        186
        
        187
        ### Docker Swarm (Recommended)
      
        188
        ```bash
      
        189
        ./scripts/deploy.sh deploy
      
        190
        ```
      
        191
        
        192
        ### Manual Docker
      
        193
        ```bash
      
        194
        docker-compose -f deploy/production.yml up -d
      
        195
        ```
      
        196
        
        197
        ### Kubernetes
      
        198
        ```bash
      
        199
        # Coming soon - K8s manifests
      
        200
        kubectl apply -f deploy/k8s/
      
        201
        ```
      
        202
        
        203
        ## Configuration
      
        204
        
        205
        ### Environment Variables
      
        206
        
        207
        | Variable | Description | Default |
      
        208
        |----------|-------------|---------|
      
        209
        | `NODE_ENV` | Environment mode | `production` |
      
        210
        | `PORT` | Server port | `3000` |
      
        211
        | `ZEPHYRFS_NODE_URL` | ZephyrFS node URL | `http://zephyrfs-node:8080` |
      
        212
        | `JWT_SECRET` | JWT signing secret | (required) |
      
        213
        | `CORS_ORIGINS` | Allowed CORS origins | `https://your-domain.com` |
      
        214
        | `MAX_FILE_SIZE` | Max upload size | `1073741824` (1GB) |
      
        215
        | `DATA_PATH` | Data storage path | `/opt/zephyrfs/data` |
      
        216
        
        217
        ### SSL Certificates
      
        218
        
        219
        Place SSL certificates in `${SSL_CERTS_PATH}/`:
      
        220
        - `cert.pem` - Certificate file
      
        221
        - `key.pem` - Private key file
      
        222
        
        223
        Or use Let's Encrypt with:
      
        224
        ```bash
      
        225
        certbot certonly --webroot -w /var/www/html -d your-domain.com
      
        226
        ```
      
        227
        
        228
        ## Monitoring
      
        229
        
        230
        Access monitoring dashboards:
      
        231
        - **Grafana**: http://localhost:3001 (admin/admin)
      
        232
        - **Prometheus**: http://localhost:9090
      
        233
        - **Logs**: `docker service logs zephyrfs_loki`
      
        234
        
        235
        ## Development
      
        236
        
        237
        ### Project Structure
      
        238
        ```
      
        239
        zephyrfs-web/
      
        240
        ├── client/           # Vue.js frontend
      
        241
        │   ├── src/
      
        242
        │   │   ├── components/
      
        243
        │   │   ├── views/
      
        244
        │   │   ├── stores/
      
        245
        │   │   └── utils/
      
        246
        │   └── public/
      
        247
        ├── server/           # Node.js backend
      
        248
        │   ├── src/
      
        249
        │   │   ├── routes/
      
        250
        │   │   ├── middleware/
      
        251
        │   │   └── integration/
      
        252
        │   └── tests/
      
        253
        ├── deploy/           # Production configs
      
        254
        ├── monitoring/       # Prometheus/Grafana
      
        255
        └── scripts/          # Deployment scripts
      
        256
        ```
      
        257
        
        258
        ### Testing
      
        259
        ```bash
      
        260
        npm test
      
        261
        ```
      
        262
        
        263
        ### Contributing
      
        264
        
        265
        1. Fork the repository
      
        266
        2. Create feature branch: `git checkout -b feature/name`
      
        267
        3. Run tests: `npm test`
      
        268
        4. Commit changes: `git commit -m "feat: description"`
      
        269
        5. Push branch: `git push origin feature/name`
      
        270
        6. Create Pull Request

1	# ZephyrFS Web Interface
2
3	A modern, responsive web interface for ZephyrFS with zero-knowledge encryption support and production-ready deployment.
4
5	## Features
6
7	- Modern Web UI: Vue.js 3 + TypeScript + Tailwind CSS
8	- Zero-Knowledge Encryption: Client-side encryption with capability-based access
9	- Real-time Operations: WebSocket support for live updates
10	- File Management: Upload, download, organize files with folder support
11	- Batch Operations: Multi-select for bulk operations
12	- File Preview: Built-in preview for images, documents, and media
13	- Mobile Responsive: Progressive Web App (PWA) support
14	- WebDAV Server: Native OS integration for mounting as network drive
15	- Production Ready: Docker containerization with monitoring
16	- High Performance: Sub-500ms response times with intelligent caching
17
18	## Quick Start
19
20	### Development
21
22	```bash
23	# Install dependencies
24	npm install
25
26	# Start development servers
27	npm run dev:server # Backend on :3000
28	npm run dev:client # Frontend on :5173
29	```
30
31	### Production Deployment
32
33	```bash
34	# Copy and configure environment
35	cp .env.production.example .env.production
36	# Edit .env.production with your settings
37
38	# Deploy with Docker Swarm
39	./scripts/deploy.sh deploy
40
41	# Check health and performance
42	./scripts/health-check.sh
43	```
44
45	### Alternative Deployment
46
47	```bash
48	# Docker Compose
49	docker-compose -f deploy/production.yml up -d
50
51	# Manual deployment
52	npm run build
53	npm run start:prod
54	```
55
56	## API Endpoints
57
58	### Authentication
59	- `POST /api/auth/login` - Login with username/password
60	- `POST /api/auth/refresh` - Refresh access token
61	- `POST /api/auth/logout` - Logout and invalidate session
62	- `GET /api/auth/me` - Get current user info
63
64	### Core Operations
65	- `GET /api/files` - List files and folders
66	- `POST /api/files/upload` - Upload files
67	- `GET /api/files/:id/download` - Download file
68	- `DELETE /api/files/:id` - Delete file/folder
69	- `POST /api/folders` - Create folder
70
71	### Batch Operations
72	- `POST /api/bulk/download` - Bulk download as ZIP
73	- `DELETE /api/bulk/delete` - Bulk delete
74
75	### Monitoring
76	- `GET /api/health` - Health check
77	- `GET /api/metrics` - Performance metrics
78	- `GET /api/cache/stats` - Cache statistics
79	- `GET /api/status/network` - Network status
80	- `GET /api/status/node` - Node status
81	- `GET /api/status/ws` - WebSocket status updates
82
83	### WebDAV
84	- `GET /api/webdav` - WebDAV discovery info
85	- `ALL /api/webdav/*` - WebDAV protocol endpoints
86
87	## WebDAV Setup
88
89	The WebDAV server allows mounting ZephyrFS as a network drive:
90
91	### Windows
92	1. Open File Explorer
93	2. Right-click "This PC" → "Map network drive"
94	3. Click "Connect to a Web site"
95	4. Enter: `http://localhost:3000/api/webdav/`
96	5. Username: `zephyrfs`, Password: `webdav`
97
98	### macOS
99	1. Open Finder
100	2. Go → Connect to Server (⌘K)
101	3. Enter: `http://localhost:3000/api/webdav/`
102	4. Username: `zephyrfs`, Password: `webdav`
103
104	### Linux
105	1. Open file manager
106	2. Other Locations → Connect to Server
107	3. Enter: `http://localhost:3000/api/webdav/`
108	4. Username: `zephyrfs`, Password: `webdav`
109
110	## Configuration
111
112	Environment variables (see `.env.example`):
113
114	- `PORT` - Server port (default: 3000)
115	- `ZEPHYRFS_NODE_URL` - ZephyrFS node URL
116	- `JWT_SECRET` - JWT signing secret (min 32 chars)
117	- `CORS_ORIGINS` - Allowed CORS origins
118	- `WEBDAV_ENABLED` - Enable WebDAV server
119	- `LOG_LEVEL` - Logging level (debug, info, warn, error)
120
121	## Testing
122
123	```bash
124	npm test
125	```
126
127	## Architecture
128
129	The web interface acts as a bridge between web clients and the ZephyrFS node:
130
131	```
132	Web Client/WebDAV → Fastify API → ZephyrFS Client → ZephyrFS Node
133	```
134
135	- Fastify - High-performance web framework
136	- JWT Authentication - Stateless authentication
137	- WebDAV Server - Standards-compliant DAV implementation
138	- ZephyrFS Client - HTTP client for node communication
139	- Zero-Knowledge - Encryption keys never leave client side
140
141	## Security
142
143	- JWT tokens with configurable expiration
144	- Rate limiting (100 requests/minute per IP)
145	- Security headers (HSTS, CSP, etc.)
146	- CORS protection
147	- Input validation with Zod schemas
148	- Secure error handling (no info leakage)
149
150	## Architecture
151
152	```
153	┌─────────────────┐ ┌─────────────────┐ ┌─────────────────┐
154	│ Vue.js Client │────│ Fastify Server │────│ ZephyrFS Node │
155	│ │ │ │ │ │
156	│ • File Browser │ │ • REST API │ │ • Storage Layer │
157	│ • Upload/DL │ │ • WebSocket │ │ • Encryption │
158	│ • Auth UI │ │ • JWT Auth │ │ • Deduplication │
159	│ • Real-time │ │ • Caching │ │ • Capabilities │
160	└─────────────────┘ └─────────────────┘ └─────────────────┘
161	```
162
163	## Performance
164
165	- Response Times: Sub-500ms for all operations
166	- Caching: Intelligent multi-layer caching
167	- Compression: Gzip compression for all responses
168	- CDN Ready: Static asset optimization
169	- Monitoring: Prometheus + Grafana metrics
170	- Streaming: Efficient file uploads/downloads
171	- WebSocket: Real-time updates
172	- Connection Pooling: Optimized HTTP connections
173
174	## Security
175
176	- Zero-Knowledge: Files encrypted client-side
177	- JWT Authentication: Secure token-based auth
178	- CORS Protection: Configurable origin restrictions
179	- Rate Limiting: API endpoint protection
180	- TLS Termination: HTTPS with nginx proxy
181	- CSP Headers: Content Security Policy
182	- Input Validation: Zod schema validation
183	- Secure Headers: HSTS, X-Frame-Options, etc.
184
185	## Deployment Options
186
187	### Docker Swarm (Recommended)
188	```bash
189	./scripts/deploy.sh deploy
190	```
191
192	### Manual Docker
193	```bash
194	docker-compose -f deploy/production.yml up -d
195	```
196
197	### Kubernetes
198	```bash
199	# Coming soon - K8s manifests
200	kubectl apply -f deploy/k8s/
201	```
202
203	## Configuration
204
205	### Environment Variables
206
207	\| Variable \| Description \| Default \|
208	\|----------\|-------------\|---------\|
209	\| `NODE_ENV` \| Environment mode \| `production` \|
210	\| `PORT` \| Server port \| `3000` \|
211	\| `ZEPHYRFS_NODE_URL` \| ZephyrFS node URL \| `http://zephyrfs-node:8080` \|
212	\| `JWT_SECRET` \| JWT signing secret \| (required) \|
213	\| `CORS_ORIGINS` \| Allowed CORS origins \| `https://your-domain.com` \|
214	\| `MAX_FILE_SIZE` \| Max upload size \| `1073741824` (1GB) \|
215	\| `DATA_PATH` \| Data storage path \| `/opt/zephyrfs/data` \|
216
217	### SSL Certificates
218
219	Place SSL certificates in `${SSL_CERTS_PATH}/`:
220	- `cert.pem` - Certificate file
221	- `key.pem` - Private key file
222
223	Or use Let's Encrypt with:
224	```bash
225	certbot certonly --webroot -w /var/www/html -d your-domain.com
226	```
227
228	## Monitoring
229
230	Access monitoring dashboards:
231	- Grafana: http://localhost:3001 (admin/admin)
232	- Prometheus: http://localhost:9090
233	- Logs: `docker service logs zephyrfs_loki`
234
235	## Development
236
237	### Project Structure
238	```
239	zephyrfs-web/
240	├── client/ # Vue.js frontend
241	│ ├── src/
242	│ │ ├── components/
243	│ │ ├── views/
244	│ │ ├── stores/
245	│ │ └── utils/
246	│ └── public/
247	├── server/ # Node.js backend
248	│ ├── src/
249	│ │ ├── routes/
250	│ │ ├── middleware/
251	│ │ └── integration/
252	│ └── tests/
253	├── deploy/ # Production configs
254	├── monitoring/ # Prometheus/Grafana
255	└── scripts/ # Deployment scripts
256	```
257
258	### Testing
259	```bash
260	npm test
261	```
262
263	### Contributing
264
265	1. Fork the repository
266	2. Create feature branch: `git checkout -b feature/name`
267	3. Run tests: `npm test`
268	4. Commit changes: `git commit -m "feat: description"`
269	5. Push branch: `git push origin feature/name`
270	6. Create Pull Request