fix(all): Organizing APIs and docs.

Author: rodrigorodriguez

.idea/.gitignore

@@ -211,6 +211,82 @@ Licensed under terms specified in workspace configuration.
 - Global expansion
 - Enterprise features
 
+
+
+# Infrastructure Compliance Checklist - ISO 27001, HIPAA, LGPD
+
+| ✓ | Requirement | Component | Standard | Implementation Steps |
+|---|-------------|-----------|-----------|---------------------|
+| ⬜ | TLS 1.3 Configuration | Nginx | All | Configure modern SSL parameters and ciphers in `/etc/nginx/conf.d/ssl.conf` |
+| ⬜ | Access Logging | Nginx | All | Enable detailed access logs with privacy fields in `/etc/nginx/nginx.conf` |
+| ⬜ | Rate Limiting | Nginx | ISO 27001 | Implement rate limiting rules in location blocks |
+| ⬜ | WAF Rules | Nginx | HIPAA | Install and configure ModSecurity with OWASP rules |
+| ⬜ | Reverse Proxy Security | Nginx | All | Configure security headers (X-Frame-Options, HSTS, CSP) |
+| ⬜ | MFA Implementation | Zitadel | All | Enable and enforce MFA for all administrative accounts |
+| ⬜ | RBAC Configuration | Zitadel | All | Set up role-based access control with least privilege |
+| ⬜ | Password Policy | Zitadel | All | Configure strong password requirements (length, complexity, history) |
+| ⬜ | OAuth2/OIDC Setup | Zitadel | ISO 27001 | Configure secure OAuth flows and token policies |
+| ⬜ | Audit Logging | Zitadel | All | Enable comprehensive audit logging for user activities |
+| ⬜ | Encryption at Rest | Garage (S3) | All | Configure encrypted storage with key management |
+| ⬜ | Bucket Policies | Garage (S3) | All | Implement strict bucket access policies |
+| ⬜ | Object Versioning | Garage (S3) | HIPAA | Enable versioning for data recovery capability |
+| ⬜ | Access Logging | Garage (S3) | All | Enable detailed access logging for object operations |
+| ⬜ | Lifecycle Rules | Garage (S3) | LGPD | Configure data retention and deletion policies |
+| ⬜ | DKIM/SPF/DMARC | Stalwart | All | Configure email authentication mechanisms |
+| ⬜ | Mail Encryption | Stalwart | All | Enable TLS for mail transport |
+| ⬜ | Content Filtering | Stalwart | All | Implement content scanning and filtering rules |
+| ⬜ | Mail Archiving | Stalwart | HIPAA | Configure compliant email archiving |
+| ⬜ | Sieve Filtering | Stalwart | All | Implement security-focused mail filtering rules |
+| ⬜ | System Hardening | Ubuntu | All | Apply CIS Ubuntu Linux benchmarks |
+| ⬜ | System Updates | Ubuntu | All | Configure unattended-upgrades for security patches |
+| ⬜ | Audit Daemon | Ubuntu | All | Configure auditd for system event logging |
+| ⬜ | Firewall Rules | Ubuntu | All | Configure UFW with restrictive rules |
+| ⬜ | Disk Encryption | Ubuntu | All | Implement LUKS encryption for system disks |
+| ⬜ | SELinux/AppArmor | Ubuntu | All | Enable and configure mandatory access control |
+| ⬜ | Monitoring Setup | All | All | Install and configure Prometheus + Grafana |
+| ⬜ | Log Aggregation | All | All | Implement centralized logging (e.g., ELK Stack) |
+| ⬜ | Backup System | All | All | Configure automated backup system with encryption |
+| ⬜ | Network Isolation | All | All | Implement proper network segmentation |
+
+
+## Documentation Requirements
+
+1. **Security Policies**
+   - Information Security Policy
+   - Access Control Policy
+   - Password Policy
+   - Data Protection Policy
+   - Incident Response Plan
+
+2. **Procedures**
+   - Backup and Recovery Procedures
+   - Change Management Procedures
+   - Access Review Procedures
+   - Security Incident Procedures
+   - Data Breach Response Procedures
+
+3. **Technical Documentation**
+   - Network Architecture Diagrams
+   - System Configuration Documentation
+   - Security Controls Documentation
+   - Encryption Standards Documentation
+   - Logging and Monitoring Documentation
+
+4. **Compliance Records**
+   - Risk Assessment Reports
+   - Audit Logs
+   - Training Records
+   - Incident Reports
+   - Access Review Records
+
+## Regular Maintenance Tasks
+
+- Weekly security updates
+- Monthly access reviews
+- Quarterly compliance audits
+- Annual penetration testing
+- Bi-annual disaster recovery testing
+
 ---
 
 Built with ❤️ from Brazil, using Rust for maximum performance and reliability.

.idea/general-bots.iml

@@ -42,8 +42,8 @@ mod tests {
             kind: "test".to_string(),
             content: "integration test".to_string(),
             metadata: serde_json::Value::Object(serde_json::Map::new()),
-            created_at: chrono::Utc::now(),
-            shard_key: 0,
+            created_at: Some(chrono::Utc::now()),
+            shard_key: Some(0),
         };
 
         let response = app