Skip to main content

Architecture

LibreApps Desktop features a modern, decoupled architecture designed for high performance, enterprise security, and extreme customizability through its rebranding engine.

System Architecture

LibreApps Desktop is more than a frontend; it's a complete ecosystem comprising the dashboard client, AI services, authentication layers, and backend management services.

Component Overview

1. LibreApps Desktop Frontend (Full-Kit)

The primary user interface built with Next.js 15 and React 19. It leverages Tailwind CSS 4 and shadcn/ui for its component library. It handles the core dashboard experience, application views (Email, Chat, etc.), and the theme customization engine.

2. Rebrand Engine

The automation layer that enables rapid white-labeling. It consists of bash scripts (scripts/build-rebrand.sh) that parse a central rebrand/settings.md file to inject app names, logos, themes, and component configurations into the build.

3. Smash AI Chat

A specialized React component integrated into the dashboard that provides conversational AI capabilities. It connects through the Gateway to backend AI services.

4. LibreApps Gateway

The enterprise entry point for all backend traffic. Built on Apache APISIX, it handles:

  • Routing: Directing traffic to microservices.
  • Service Discovery: Using Eureka to find active services.
  • Security: Validating JWT tokens from Keycloak.
  • Resilience: Circuit breaking and rate limiting.

5. AI Infrastructure

  • LiteLLM Server: A unified proxy that connects to 100+ LLM providers (OpenAI, Anthropic, local models) while exposing a single API.
  • Vector Database: Stores and retrieves document embeddings for RAG (Retrieval-Augmented Generation) use cases.

6. Management Services

A suite of microservices that provide the "SaaS plumbing":

  • User & Account Management: Handling multi-tenant identities.
  • Policy Management: Role-based access control and feature flags.
  • Usage & Finance: Tracking AI token consumption and generating billing data.

Request Flow

  1. Authentication: User logs in via LibreApps Desktop, which redirects to Keycloak.
  2. Token Acquisition: After successful login, LibreApps Desktop receives a JWT token.
  3. API Call: A request from the frontend (e.g., a chat message) is sent to the Gateway with the JWT.
  4. Validation: The Gateway validates the token with Keycloak.
  5. Routing: The Gateway routes the request to the appropriate service (e.g., AI Chat Server).
  6. AI Processing: The service calls LiteLLM to get a response from an AI model.
  7. Tracking: The Usage Tracking service logs the transaction for billing.

Next Steps: Learn how to get up and running in minutes. Quick Start →