Twake Workplace

Cozy Cloud, now branded as Twake Workplace, is an open‑source groupware platform that bundles real‑time communication, file storage, and collaborative tools into a single self‑hosted stack. From a developer standpoint it functions as a micro‑service ecosystem that exposes RESTful APIs, WebSocket endpoints, and pluggable modules. Its core goal is to keep user data on premises while providing a modern, responsive UI built with React and Redux, backed by a Node.js server that orchestrates business logic and persistence.

Technical Stack

• Backend – The API layer is written in Node.js (v18+), using the Express framework for routing and middleware. Authentication is handled via OAuth2/OpenID Connect, with JWTs issued by an internal identity provider.
• Database – Persistent data lives in a PostgreSQL 13+ instance. The schema is split across logical databases per tenant, allowing multi‑tenant isolation while sharing the same code base.
• Search & Indexing – Full‑text search is powered by Elasticsearch 7.x, which the backend queries via a dedicated micro‑service. This service also handles indexing of file metadata and message content.
• Storage – File blobs are stored in an S3‑compatible object store (MinIO or external providers). The backend exposes a signed URL API to upload/download directly, reducing load on the application server.
• Real‑time – WebSocket communication is implemented with socket.io, enabling instant messaging, presence indicators, and live collaboration on documents.
• Front‑end – The SPA is built with React 18, using TypeScript for type safety, and consumes the backend APIs through a thin SDK that abstracts authentication tokens.
• Containerization – The entire stack is delivered as a Docker Compose bundle (docker-compose.yml), with optional Kubernetes manifests for production deployments. Each service runs in its own container, facilitating CI/CD pipelines and scaling.

Core Capabilities & APIs

• RESTful CRUD for users, groups, channels, files, and tasks. Endpoints follow a consistent resource pattern (/api/v1/users, /api/v1/files/:id).
• WebSocket API for real‑time events: message receipt, typing indicators, file upload progress.
• Webhook support – External services can subscribe to events (e.g., new message, file added) via configurable URLs.
• OAuth2 Provider – Clients can register as third‑party applications, obtaining client credentials and defining scopes (read:messages, write:files).
• Plugin SDK – Developers can ship extensions as separate Docker containers that register with the core via a simple JSON manifest. The plugin system exposes hooks for UI injection, custom routes, and background jobs.
• CLI – A command‑line tool (twake-cli) lets admins perform routine tasks: backup, migration, user import/export.

Deployment & Infrastructure

• Self‑hosting is straightforward: pull the Docker images, adjust environment variables (DATABASE_URL, S3_ENDPOINT), and run docker compose up -d. For larger deployments, the provided Helm charts orchestrate stateful sets for PostgreSQL and Elasticsearch.
• Scalability is achieved by horizontally scaling the API layer behind a load balancer. The stateless nature of most services means additional instances can be spun up with minimal configuration.
• High‑availability: PostgreSQL uses streaming replication; Elasticsearch clusters are configured with at least three nodes. The system supports automatic failover via Kubernetes operators.
• Data residency: All components can be deployed within a single data center or across regions, but the default configuration keeps everything in one place to satisfy GDPR compliance.

Integration & Extensibility

• External identity providers (LDAP, Azure AD) can be plugged in via the auth module’s configuration.
• Third‑party services (e.g., payment gateways, calendar APIs) can be integrated through the plugin system or by exposing custom REST endpoints.
• Custom UI: The SPA exposes a theming API; developers can override CSS variables and inject React components into predefined slots.
• Automation: Background workers (written in Node.js) can consume message queues (RabbitMQ) to trigger actions such as file conversion or notification delivery.

Developer Experience

• Documentation is comprehensive, with API reference (Swagger UI), developer guides, and a plugin development tutorial. The docs are hosted alongside the source on GitHub.
• Community: A vibrant open‑source community maintains the codebase, with regular releases, a public roadmap, and active issue triage. Slack/Discord channels provide quick support.
• Testing: The repository includes unit and integration tests, using Jest for Node.js services and Cypress for end‑to‑end UI testing.
• Configuration: All settings are environment‑driven, making CI/CD pipelines trivial. Secret management can be integrated with HashiCorp Vault or Kubernetes Secrets.

Use Cases

• Enterprise Collaboration: Deploy on-premises to replace proprietary SaaS suites while keeping data under corporate control.
• Educational Institutions: Provide a GDPR‑compliant platform for student collaboration, file sharing, and messaging.
• DevOps Automation: Use the webhook API to trigger CI pipelines when new code is uploaded or a task is completed.
• Custom SaaS: Leverage the plugin SDK to build a niche collaboration product (e.g., legal document review) and host it for clients.

Advantages Over Alternatives

• Data sovereignty: All data stays on the host; no outbound traffic to external cloud providers unless explicitly configured.
• Open‑source licensing (MIT):