archivmail/CLAUDE.md

# archivmail

Selbst gehostetes Mail-Archiv-System. Go-Backend + Next.js-Frontend + PostgreSQL + Manticore Search.

## Tech Stack

- **Backend:** Go 1.24, CGO_ENABLED=0, Manticore Search (Volltext-Index)
- **Frontend:** Next.js 16 (App Router), TypeScript, Tailwind CSS, shadcn/ui
- **Datenbank:** PostgreSQL (pgx/v5)
- **Volltext-Index:** Manticore Search (MySQL-Protokoll, Port 9306)
- **Deployment:** On-Premise, Systemd — Produktiv: 192.168.1.131 | Test: 192.168.1.132
- **Auth:** JWT (httpOnly Cookie), bcrypt Cost 12

## Projektstruktur

```
cmd/archivmail/       CLI-Einstiegspunkt + Subkommandos
config/               YAML-Konfiguration
internal/
  api/                HTTP-API + Handler
  audit/              Audit-Log (PostgreSQL + Flat-File)
  auth/               JWT-Authentifizierung
  imap/               IMAP-Import, Scheduler, Store
  index/              Manticore Search (CGO-frei), Async Worker
  smtpd/              Eingebetteter SMTP-Daemon
  storage/            AES-256-GCM Dateispeicher + PostgreSQL-Metadaten
  userstore/          Benutzerverwaltung
pkg/mailparser/       RFC-2822 Parser, MBOX-Splitter
src/
  app/                Next.js Seiten (/, /search, /mail/[id], /admin, /imap)
  components/         UI-Komponenten (shadcn/ui)
  hooks/              useAuth
  lib/                api.ts, auth-cache.ts
```

## Build & Deploy

```bash
# Backend (kein CGO erforderlich)
CGO_ENABLED=0 go build -buildvcs=false -o archivmail ./cmd/archivmail/

# Frontend
npm run build         # .next/standalone/ für Produktion

# Auf Server deployen
bash update.sh        # oder: curl ... | bash
```

## Konventionen

- **Commits:** `feat(PROJ-X): ...`, `fix(PROJ-X): ...`, `chore: ...`
- **Feature-IDs:** PROJ-1, PROJ-2, … (nächste freie: PROJ-44)
- **shadcn/ui:** Keine Custom-Versionen installierter Komponenten
- **Kein Supabase, kein Vercel** – reines On-Premise-Deployment

## Wichtige Konfiguration (Server)

```
/etc/archivmail/config.yml   Hauptkonfiguration
/etc/archivmail/keyfile      AES-256 Schlüssel (32 Bytes, nie committen)
/var/archivmail/store/       Verschlüsselter E-Mail-Speicher
/var/lib/manticore/          Manticore RT-Indizes (emails_global, emails_tenant_N)
```

## Dienste (Systemd)

```bash
systemctl status archivmail        # Go-Backend (Port 8080 + 2525)
systemctl status archivmail-web    # Next.js-Frontend (Port 3000)
systemctl status manticore         # Manticore Search (Port 9306, localhost)
journalctl -u archivmail -f
```