README.md

May 29, 2026 ยท View on GitHub

Important

๐Ÿšš This repository has moved to Codeberg

Active development now happens at https://codeberg.org/Conduction/docudesk. This GitHub mirror is read-only โ€” issues, pull requests, and new commits should go to Codeberg. Update your remote with: git remote set-url origin https://codeberg.org/Conduction/docudesk

DocuDesk logo

DocuDesk

GDPR-compliant document anonymization, consent management, and metadata enrichment for Nextcloud

Latest release License Code quality Documentation


DocuDesk adds GDPR-safe document processing to Nextcloud. It anonymizes sensitive documents using AI-powered PII detection, tracks publication consent periods under the Dutch Wet Open Overheid (WOO), generates PDF documents from Twig templates, and automatically enriches document metadata โ€” all without sending data to external cloud services.

Requires: OpenRegister โ€” all data is stored as OpenRegister objects (no own database tables).

Screenshots

Dashboard with document processing overview Document anonymization with PII detection WOO publication consent management
Dashboard Anonymization Consent Management

Features

Document Anonymization

  • Local Processing Pipeline โ€” All text extraction, entity recognition, and anonymization runs on your own instance; no data leaves your premises
  • 3-Step Workflow โ€” Upload, review detected entities, anonymize; inspect identified PII before committing
  • Named Entity Recognition โ€” Detect names, addresses, BSN numbers, and other sensitive data via Presidio / OpenAnonymiser
  • Risk Level Assessment โ€” Automatic risk classification per document using configurable thresholds
  • Batch Processing โ€” Process multiple documents in a single operation
  • Objection Period Tracking โ€” Enforce the minimum 4-week publication objection period required by the Wet Open Overheid
  • Consent Lifecycle โ€” Track each document through intake, objection period, consent decision, and publication
  • Consent Dashboard โ€” At-a-glance statistics on pending objection periods, decisions, and recent activity
  • Audit Trail โ€” Full history of every consent decision and status change

Document Generation

  • PDF Generation โ€” Create PDF documents from structured data using mPDF
  • Twig Templates โ€” Define reusable document templates with Twig syntax
  • Metadata Enrichment โ€” Automatic language detection, keyword extraction, and topic classification on upload

Integrations

  • OpenRegister Events โ€” Listens to ObjectCreated, ObjectUpdated, and ObjectDeleted events for automated enrichment
  • Nextcloud Dashboard Widgets โ€” AnonymizationWidget and FileEntitiesWidget for quick overviews
  • Admin Settings โ€” Configure register/schema bindings, consent period duration, and enrichment toggles

Architecture

graph TD
    A[Vue 2 Frontend] -->|REST API| B[PHP Controllers]
    B --> C[AnonymizationService]
    B --> D[ConsentService]
    B --> E[MetadataService]
    C --> F[OpenRegister TextExtractionService]
    C --> G[Presidio / OpenAnonymiser]
    D --> H[OpenRegister ObjectService]
    E --> F
    I[OpenRegister Events] -->|ObjectCreated/Updated| E
    J[Nextcloud Files] --> C

Data Model

ObjectDescription
PublicationConsentConsent record with objection period, notification, and decision
FileNextcloud file with extracted metadata (language, keywords, entities, risk level)
EntityDetected sensitive data point (person name, address, BSN, etc.)

Directory Structure

docudesk/
โ”œโ”€โ”€ appinfo/           # Nextcloud app manifest, routes, navigation
โ”œโ”€โ”€ lib/               # PHP backend โ€” controllers, services, event listeners, widgets
โ”‚   โ”œโ”€โ”€ Controller/    # Anonymization, Consent, Metadata, Settings, Dashboard
โ”‚   โ”œโ”€โ”€ Service/       # AnonymizationService, ConsentService, MetadataService
โ”‚   โ”œโ”€โ”€ EventListener/ # OpenRegister object event integration
โ”‚   โ””โ”€โ”€ Dashboard/     # Nextcloud Dashboard widget definitions
โ”œโ”€โ”€ src/               # Vue 2 frontend โ€” components, Pinia stores, views
โ”‚   โ”œโ”€โ”€ views/         # Dashboard, anonymization, consent, settings
โ”‚   โ””โ”€โ”€ store/         # Pinia stores (consent, anonymization)
โ”œโ”€โ”€ docs/              # Feature specs, architecture, API documentation
โ”œโ”€โ”€ img/               # App icons and screenshots
โ”œโ”€โ”€ l10n/              # Translations (en, nl)
โ””โ”€โ”€ website/           # Docusaurus documentation site (docudesk.app)

Requirements

DependencyVersion
Nextcloud28 โ€“ 33
PHP8.1+
OpenRegisterlatest
Presidio / OpenAnonymiseroptional โ€” for AI-powered entity recognition

Installation

From the Nextcloud App Store

  1. Go to Apps in your Nextcloud instance
  2. Search for DocuDesk
  3. Click Download and enable

OpenRegister must be installed first. Install OpenRegister

From Source

cd /var/www/html/custom_apps
git clone https://github.com/ConductionNL/docudesk.git
cd docudesk
npm install
npm run build
composer install
php occ app:enable docudesk

Development

Start the environment

docker compose -f openregister/docker-compose.yml up -d

# With AI services (Presidio, OpenAnonymiser):
docker compose -f openregister/docker-compose.yml --profile ai up -d

Frontend development

cd docudesk
npm install
npm run dev        # Watch mode
npm run build      # Production build

Code quality

# PHP
composer phpcs          # Check coding standards
composer cs:fix         # Auto-fix issues
composer phpmd          # Mess detection
composer phpmetrics     # HTML metrics report

# Frontend
npm run lint            # ESLint
npm run stylelint       # CSS linting

Tech Stack

LayerTechnology
FrontendVue 2.7, Pinia, @nextcloud/vue
BuildWebpack 5, @nextcloud/webpack-vue-config
BackendPHP 8.1+, Nextcloud App Framework
DataOpenRegister (PostgreSQL JSON objects)
PDFmPDF 8
TemplatesTwig 3
NLPPresidio, OpenAnonymiser (optional)
QualityPHPCS, PHPMD, phpmetrics, ESLint, Stylelint

Documentation

Full documentation is available at docudesk.app

PageDescription
ArchitectureTechnical architecture and design decisions
FeaturesPer-feature specification documents
APIREST API and integration documentation

Standards & Compliance

  • GDPR / AVG: Privacy-by-design; all processing happens locally, no external cloud
  • Wet Open Overheid (WOO): Enforces the mandatory 4-week publication objection period
  • Rijksoverheid Data Sovereignty: 100% local processing โ€” sensitive documents never leave your instance
  • Accessibility: WCAG AA (Dutch government requirement)
  • Authorization: RBAC via OpenRegister
  • Audit trail: Full change history on all objects
  • Localization: English and Dutch
  • OpenRegister โ€” Object storage layer (required dependency)
  • OpenCatalogi โ€” Publish anonymized documents in open catalogs
  • Procest โ€” Case management for document-related processes

License

EUPL-1.2

Authors

Built by Conduction โ€” open-source software for Dutch government and public sector organizations.