{"id":50983984,"url":"https://github.com/valkyoth/mythenheim","last_synced_at":"2026-06-19T17:03:56.458Z","repository":{"id":358960326,"uuid":"1243807231","full_name":"valkyoth/mythenheim","owner":"valkyoth","description":"Security-first Rust forum platform for serious communities.","archived":false,"fork":false,"pushed_at":"2026-05-31T18:57:56.000Z","size":572,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-05-31T19:12:32.067Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"eupl-1.2","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/valkyoth.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":".github/CONTRIBUTING.md","funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":"NOTICE","maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"github":["eldryoth"],"thanks_dev":"u/gh/eldryoth"}},"created_at":"2026-05-19T17:24:15.000Z","updated_at":"2026-05-31T18:58:00.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/valkyoth/mythenheim","commit_stats":null,"previous_names":["valkyoth/mythenheim"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/valkyoth/mythenheim","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/valkyoth%2Fmythenheim","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/valkyoth%2Fmythenheim/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/valkyoth%2Fmythenheim/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/valkyoth%2Fmythenheim/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/valkyoth","download_url":"https://codeload.github.com/valkyoth/mythenheim/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/valkyoth%2Fmythenheim/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34540570,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-19T02:00:06.005Z","response_time":61,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2026-06-19T17:03:54.074Z","updated_at":"2026-06-19T17:03:56.444Z","avatar_url":"https://github.com/valkyoth.png","language":"Rust","funding_links":["https://github.com/sponsors/eldryoth","https://thanks.dev/u/gh/eldryoth"],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n  \u003cb\u003eSecurity-first Rust forum platform for serious communities.\u003c/b\u003e\u003cbr\u003e\n  API-first. Moderation-aware. Built for SurrealDB, rootless containers, Fluxheim, and WASM extension boundaries.\n\u003c/p\u003e\n\n\u003cdiv align=\"center\"\u003e\n  \u003ca href=\"https://mythenheim.eu\"\u003eHome Page\u003c/a\u003e\n  \u0026middot;\n  \u003ca href=\"docs/architecture-plan.md\"\u003eArchitecture\u003c/a\u003e\n  \u0026middot;\n  \u003ca href=\"docs/version-plan.md\"\u003eVersion Plan\u003c/a\u003e\n  \u0026middot;\n  \u003ca href=\"SECURITY.md\"\u003eSecurity\u003c/a\u003e\n  \u0026middot;\n  \u003ca href=\".github/CONTRIBUTING.md\"\u003eContributing\u003c/a\u003e\n\u003c/div\u003e\n\n\u003cbr\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"./.github/images/mythenheim.webp\" alt=\"Mythenheim overview\" width=\"920\"\u003e\n\u003c/p\u003e\n\n# Mythenheim\n\nMythenheim is a security-first forum platform written in Rust. It aims to cover\nthe durable workflows expected from mature forum communities while keeping a\nstricter execution boundary: Rust core, SurrealDB storage, rootless Podman\noperation, and sandboxed extension points.\n\nThe compiled Mythenheim binary targets Linux, macOS, and Windows. Linux remains\nthe container and rootless Podman target, while direct binary deployments should\nstay portable across the supported operating-system families. BSD is kept as a\nbest-effort source portability goal, not a release-blocking target.\n\nThe project started at `0.10.0` and is currently `0.12.0`. Releases before\n`1.0.0` are incubator releases: every version has tests and docs, but public\nAPIs and database schema can still change. `1.0.0` is the first stable\nproduction forum core.\n\nProduction origin: `https://mythenheim.eu`.\n\nLocal development origin on this machine, when DNS/proxying is needed:\n`https://dev.mythenheim.eu`.\n\n## Current Scope\n\n- Rust `1.96.0`, edition `2024`.\n- Axum health service.\n- TOML config loader and validator.\n- Safe Markdown preview renderer backed by `pulldown-cmark` and `ammonia`.\n- Capability string validator for the RBAC/ABAC permission plan.\n- Preview RBAC/ABAC permission resolver and role store with trust-level grants,\n  scoped roles, ownership checks, and role-assignment escalation prevention.\n- Password hashing, opaque session-token primitives, preview auth routes, and\n  login lockout hooks.\n- Preview category/topic/post API with nested category reads, private\n  categories, direct post reads, edit revisions, soft deletes, pagination, and\n  sanitized Markdown rendering.\n- Versioned SurrealDB schema migrations for identity, roles, sessions,\n  categories, topics, posts, moderation, audit logs, and graph edges.\n- Migration validation CLI and rootless SurrealDB migration smoke test.\n- Fluxheim-inspired checks: format, clippy, tests, release metadata, doc links.\n- Rootless Podman helper that starts SurrealDB on a random local port for tests.\n- Fluxheim Wolfi reverse-proxy smoke fixture.\n- Binary portability CI for Linux, Windows, and macOS.\n- Versioned roadmap from `0.10.0` through `1.0.0` and later `1.x`.\n\n## Architecture Direction\n\nMythenheim is API-first and deployment-conscious:\n\n- Axum and Tokio for HTTP service code.\n- SurrealDB for document and graph storage.\n- Opaque server-side sessions instead of primary stateless session tokens.\n- Server-side content parsing and sanitization.\n- Capability-based permissions with contextual ownership checks.\n- Rootless Podman and direct compiled-binary deployment.\n- Direct binary portability across Linux, macOS, and Windows.\n- Fluxheim reverse-proxy compatibility for `mythenheim.eu` and\n  `dev.mythenheim.eu`.\n- OpenTelemetry and Prometheus planned before `1.0.0`.\n- WebAssembly plugins and theme/template safety after the stable forum core.\n\n## Quick Start\n\n```sh\ncargo run -- --check-config --config examples/mythenheim.toml\nscripts/checks.sh\n```\n\nRun the development HTTP service:\n\n```sh\ncargo run -- --config examples/mythenheim.toml\n```\n\nDefault example listener: `127.0.0.1:37171`.\n\nStart a rootless SurrealDB test container on a random host port:\n\n```sh\nscripts/start_surrealdb_test.sh\n```\n\nThe script prints a `MYTHENHEIM_DATABASE_ENDPOINT=...` line that can be used by\nfuture integration tests.\n\nValidate and print the SurrealDB schema migrations:\n\n```sh\ncargo run -- --check-migrations\ncargo run -- --print-migrations\n```\n\nBuild a local validation release binary from the current checkout:\n\n```sh\npython3 scripts/build_release_binary.py linux --repo . --ref HEAD --allow-untagged\n```\n\nExercise the preview auth API while the local service is running:\n\n```sh\ncurl -sSf -X POST http://127.0.0.1:37171/api/v1/auth/register \\\n  -H 'content-type: application/json' \\\n  -d '{\"username\":\"Member\",\"email\":\"member@example.test\",\"password\":\"correct horse battery staple\"}'\n```\n\nApply the generated migrations twice against a temporary rootless SurrealDB\ncontainer:\n\n```sh\nscripts/smoke_surrealdb_migrations.sh\n```\n\nRun the Fluxheim Wolfi reverse-proxy smoke:\n\n```sh\nscripts/smoke_fluxheim_wolfi.sh\n```\n\nThis builds or reuses a Fluxheim Wolfi image and verifies both `mythenheim.eu`\nand `dev.mythenheim.eu` through the proxy.\n\n## Documentation\n\n- [Architecture plan](docs/architecture-plan.md)\n- [Forum feature investigation](docs/forum-feature-investigation.md)\n- [Version plan](docs/version-plan.md)\n- [Build and test guide](docs/build-and-test.md)\n- [Authentication and session plan](docs/auth-session-plan.md)\n- [Forum core preview](docs/forum-core-preview.md)\n- [Permissions preview](docs/permissions-preview.md)\n- [Platform support](docs/platform-support.md)\n- [Release binary builds](docs/release-binaries.md)\n- [Rootless SurrealDB testing](docs/surrealdb-test-podman.md)\n- [Fluxheim proxy deployment](docs/fluxheim-proxy.md)\n- [Observability plan](docs/observability.md)\n- [Release checklist](docs/release-checklist.md)\n- [Security policy](SECURITY.md)\n- [Contributing guide](.github/CONTRIBUTING.md)\n\n## Project Hygiene\n\n- Pull requests use [.github/PULL_REQUEST_TEMPLATE.md](.github/PULL_REQUEST_TEMPLATE.md).\n- Public issues use structured templates under `.github/ISSUE_TEMPLATE`.\n- Dependabot checks Rust and GitHub Actions weekly.\n- CI runs formatting, release metadata validation, doc link checks, clippy,\n  tests, reduced feature builds, local smoke, binary portability checks,\n  dependency policy, and advisory checks.\n- Container image builds are handled by `.github/workflows/container.yml`.\n- The expensive Fluxheim Wolfi proxy smoke is manual through\n  `.github/workflows/fluxheim-wolfi-smoke.yml`.\n\n## License\n\nMythenheim is licensed under the European Union Public Licence 1.2. See\n`LICENSE` and `NOTICE`.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvalkyoth%2Fmythenheim","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fvalkyoth%2Fmythenheim","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvalkyoth%2Fmythenheim/lists"}