Raven Zero - Architecture
π System Overview
Raven Zero is built on a hybrid ephemeral architecture where Redis acts as the source of truth for active uploads, the filesystem provides encrypted storage, and all components are designed for data to disappear by default.
High-Level Architecture
βββββββββββββββ
β Client β (Browser, cURL, App)
ββββββββ¬βββββββ
β HTTPS
βΌ
βββββββββββββββββββββββββββββββββββββββββββ
β FastAPI Application β
β ββββββββββββββββββββββββββββββββββ β
β β Routers β β
β β - /upload - /download β β
β β - /preview - /status β β
β β - /health - /scalar β β
β ββββββββββββββ¬ββββββββββββββββββββ β
β β β
β ββββββββββββββΌββββββββββββββββββββ β
β β Services β β
β β - StorageService (encrypted) β β
β β - CacheService (Redis) β β
β β - DicewareService (keys) β β
β β - SecurityService (Fernet) β β
β ββββββββββ¬ββββββββββββ¬ββββββββββββ β
β β β β
β ββββββββββΌββββββββββββΌββββββββββββ β
β β Background Jobs (APScheduler)β β
β β - Orphan cleanup (10 min) β β
β β - Health heartbeat (1 min) β β
β ββββββββββββββββββββββββββββββββββ β
βββββββββββββΌββββββββββββΌββββββββββββββββββ
β β
βΌ βΌ
βββββββββββββ ββββββββββββ
β Redis β βFilesystemβ
β (Valkey) β β(Encryptedβ
β Metadata β β Files) β
βββββββββββββ ββββββββββββ
π― Technology Stack
Core Stack
| Component | Technology | Purpose |
|---|
| Language | Python 3.13 | Async/await, type hints |
| Web Framework | FastAPI | Async, Pydantic validation, auto-docs |
| Cache/Metadata | Redis/Valkey | TTL native, atomic ops |
| File Storage | Filesystem | Encrypted files with secure deletion |
| Package Manager | uv | Fast, modern Python package management |
| Containerization | Docker | Reproducible deployments |
Security & Encryption
| Component | Technology | Purpose |
|---|
| Encryption | Fernet (cryptography) | AES-128-CBC + HMAC-SHA256 |
| Integrity | hashlib SHA-256 | File verification |
| MIME Detection | python-magic | Magic bytes detection |
| Secure Delete | Custom shredding | Byte overwriting before deletion |
Observability
| Component | Technology | Purpose |
|---|
| Logging | structlog | Structured JSON logging |
| Scheduling | APScheduler | Background cleanup jobs |
| API Docs | Scalar | Interactive API documentation |
π Project Structure
app/
βββ main.py # FastAPI app, lifespan, middlewares
βββ config.py # Pydantic Settings (env vars)
β
βββ core/ # Infrastructure layer
β βββ logger.py # Structlog JSON configuration
β βββ logging_middleware.py # Request ID, timing
β βββ rate_limiting.py # Slowapi with Redis backend
β βββ redis.py # Async Redis client
β βββ security.py # Fernet encryption service
β βββ security_headers.py # HTTP security headers
β βββ uptime.py # Application uptime tracker
β
βββ models/
β βββ schemas.py # Pydantic request/response models
β
βββ routers/ # API endpoints
β βββ upload.py # POST /upload/
β βββ download.py # GET /download/{key}
β βββ preview.py # GET /preview/{key}
β βββ status.py # GET /status/{key}
β βββ health.py # GET /health/
β
βββ services/
βββ cache.py # Redis metadata operations
βββ diceware.py # Key generation (7776 words)
βββ scheduler.py # APScheduler cleanup jobs
β
βββ storage/ # File storage module
βββ storage_service.py # Main orchestrator
βββ repository.py # File I/O + secure shredding
βββ validators.py # Size/MIME validation
βββ sanitizer.py # Filename sanitization
βββ path_manager.py # Path resolution
βββ mime_detector.py # libmagic MIME detection
π Documentation Index
| Document | Description |
|---|
| Data Models | Redis schema, filesystem structure |
| Security | Encryption, shredding, defense layers |
| API Specification | Endpoints, examples, errors |
| Deployment | Docker, configuration, environment |
| Development | Patterns, testing, conventions |
| Decisions | Decision log, references |
