johan
/
dealspace
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Imported from bare git on Zurich
109 Commits 1 Branch 0 Tags 133 MiB
HTML 58.9%
Go 35.3%
CSS 3.2%
Shell 1.5%
JavaScript 0.9%
Other 0.2%
Go to file
James ae01ef8531 fix: orgToMap missing version field — always caused version_conflict on save; stop rollback on catch 2026-03-20 01:26:32 -04:00
.claude/skills chore: auto-commit uncommitted changes 2026-03-15 06:02:11 -04:00
api fix: orgToMap missing version field — always caused version_conflict on save; stop rollback on catch 2026-03-20 01:26:32 -04:00
cmd/server chore: auto-commit uncommitted changes 2026-03-16 06:02:44 -04:00
data chore: auto-commit uncommitted changes 2026-03-18 06:02:21 -04:00
deploy chore: auto-commit uncommitted changes 2026-02-28 06:01:21 -05:00
docs chore: auto-commit uncommitted changes 2026-03-16 00:01:27 -04:00
lib feat: member inline edit (name/title/email/biz+personal phone); expand/collapse rows; add form includes phone fields 2026-03-20 00:41:03 -04:00
mcp Initial Go foundation 2026-02-28 04:25:57 -05:00
migrations chore: auto-commit uncommitted changes 2026-03-04 00:01:22 -05:00
portal fix: orgToMap missing version field — always caused version_conflict on save; stop rollback on catch 2026-03-20 01:26:32 -04:00
scripts Add production smoke test script 2026-02-28 07:17:46 -05:00
templates chore: auto-commit uncommitted changes 2026-03-16 18:02:01 -04:00
website fix: chat widget paths → /static/chat.js 2026-03-07 17:08:58 -05:00
.env chore: auto-commit uncommitted changes 2026-03-16 06:02:44 -04:00
.gitignore Remove binary from tracking, add to .gitignore 2026-02-28 05:42:52 -05:00
API-SPEC.yaml Add WebMCP + agent-friendly enhancements 2026-02-28 04:39:38 -05:00
CLAUDE.md chore: auto-commit uncommitted changes 2026-03-15 06:02:11 -04:00
EMBED-SPEC.md Initial Go foundation 2026-02-28 04:25:57 -05:00
MCP-SPEC.md Initial Go foundation 2026-02-28 04:25:57 -05:00
MVP.md Initial Go foundation 2026-02-28 04:25:57 -05:00
Makefile Fix deploy: scp migration files not directory to avoid nesting 2026-03-03 18:37:58 -05:00
ONBOARDING-SPEC.md Add WebMCP + agent-friendly enhancements 2026-02-28 04:39:38 -05:00
README.md Add ops: systemd service, deploy scripts, backup, healthcheck, README 2026-02-28 05:38:02 -05:00
SECURITY-SPEC.md Initial Go foundation 2026-02-28 04:25:57 -05:00
SPEC-REVIEW.md Initial Go foundation 2026-02-28 04:25:57 -05:00
SPEC.md Add all missing app templates: projects, project, request, orgs, admin 2026-02-28 06:48:51 -05:00
UI-SPEC.md Initial Go foundation 2026-02-28 04:25:57 -05:00
WATERMARK-SPEC.md Initial Go foundation 2026-02-28 04:25:57 -05:00
dealspace chore: auto-commit uncommitted changes 2026-03-17 00:01:24 -04:00
dealspace.db chore: auto-commit uncommitted changes 2026-03-17 00:01:24 -04:00
go.mod chore: auto-commit uncommitted changes 2026-03-04 00:01:22 -05:00
go.sum chore: auto-commit uncommitted changes 2026-03-04 00:01:22 -05:00
server chore: auto-commit uncommitted changes 2026-02-28 06:01:21 -05:00

README.md

Dealspace

M&A deal management platform for investment banks, sellers, and buyers.

What is Dealspace?

A workflow platform where M&A deals are managed through a structured request-and-answer system. Investment banks issue request lists, sellers provide answers with supporting documents, and buyers access a data room with vetted information.

Not a document repository with features bolted on. Designed from first principles around the core primitive: the Request.

Architecture

Internet
    │
    ▼
┌─────────┐
│  Caddy  │  (TLS termination, reverse proxy)
└────┬────┘
     │ :8080
     ▼
┌─────────────┐
│  Dealspace  │  (Go binary, single process)
│             │
│  ┌───────┐  │
│  │SQLite │  │  (FTS5, encrypted at rest)
│  │ + WAL │  │
│  └───────┘  │
│  ┌───────┐  │
│  │ Store │  │  (Encrypted object storage)
│  └───────┘  │
└─────────────┘

Key decisions:

  • SQLite with FTS5 for full-text search
  • All sensitive data encrypted with AES-256-GCM
  • Blind indexes (HMAC-SHA256) for searchable encrypted fields
  • Per-request watermarking on document downloads
  • Zero external database dependencies

Quick Start

Development

# Clone
git clone git@zurich.inou.com:dealspace.git
cd dealspace

# Build
make build

# Run locally
make run

Production Deployment

# First time: install service on Shannon
ssh root@82.24.174.112
cd /tmp
scp -r yourhost:/path/to/dealspace/deploy .
cd deploy
./install.sh

# Deploy updates (from dev machine)
make deploy

# View logs
make logs

Environment Variables

Variable Required Default Description
MASTER_KEY Yes 32-byte hex key for encryption. Never change after data exists.
DB_PATH No ./dealspace.db SQLite database path
STORE_PATH No ./store Object storage directory
PORT No 8080 HTTP listen port
ENV No development development or production
SESSION_TTL_HOURS No 1 Session token TTL
REFRESH_TTL_DAYS No 7 Refresh token TTL
SMTP_HOST No SMTP server for email
SMTP_PORT No 587 SMTP port
SMTP_USER No SMTP username
SMTP_PASS No SMTP password
SMTP_FROM No From address for emails
FIREWORKS_API_KEY No Fireworks AI API key for embeddings
NTFY_URL No ntfy URL for alerts
NTFY_TOKEN No ntfy auth token

See deploy/env.template for a complete example.

Development

Prerequisites

  • Go 1.22+
  • SQLite3 with FTS5 support
  • CGO enabled (required for SQLite)

Building

# Development build
make build

# Linux production build (cross-compile)
make build-linux

# Run tests
make test

# Clean build artifacts
make clean

Testing

# Run all tests
make test

# Run with verbose output
CGO_ENABLED=1 go test -tags fts5 ./... -v

Project Structure

dealspace/
├── cmd/server/       # Entry point, config loading
├── lib/              # Core business logic
│   ├── types.go      # All shared types
│   ├── dbcore.go     # EntryRead/Write/Delete (the single throat)
│   ├── rbac.go       # Access control
│   ├── crypto.go     # Encryption, blind indexes
│   ├── store.go      # Object storage
│   └── ...
├── api/              # HTTP handlers (thin layer)
├── portal/           # HTML templates, static assets
├── mcp/              # MCP server for AI tools
├── migrations/       # SQL migration files
├── deploy/           # Deployment scripts
└── website/          # Public marketing site

Operations

Backup

Daily backups run automatically at 3 AM via cron. Backups are:

  • Hot SQLite backups (safe with WAL)
  • Compressed with gzip
  • Retained for 30 days
  • Stored in /opt/dealspace/backups/

Manual backup:

/opt/dealspace/backup.sh

Monitoring

Health checks run every 5 minutes. If the service is down, an alert is sent to ntfy.

Check health manually:

curl http://localhost:8080/health
# or externally:
curl https://muskepo.com/health

Logs

# Follow live logs
journalctl -u dealspace -f

# Last 100 lines
journalctl -u dealspace -n 100

# Since specific time
journalctl -u dealspace --since "1 hour ago"

Service Management

systemctl status dealspace
systemctl start dealspace
systemctl stop dealspace
systemctl restart dealspace

Security

  • All content encrypted with AES-256-GCM (BoringCrypto for FIPS 140-3)
  • Blind indexes for searchable encrypted fields
  • MFA required for IB admin/member roles
  • Dynamic watermarking on all document downloads
  • Comprehensive audit logging
  • Session management with single active session per user

License

Proprietary. All rights reserved.