Architecture

Verbatim Enterprise is a plugin that extends the open-source Verbatim Studio backend. It adds team features, authentication, cloud storage, and LLM integration via the plugin system.

System Overview

┌─────────┐     ┌──────────────────────┐     ┌────────────┐
│  nginx   │────▶│      backend         │────▶│ PostgreSQL │
│  :80     │     │      :8000           │     │  :5432     │
└─────────┘     │                      │     └────────────┘
     │          │  ┌────────────────┐  │
     │          │  │ Core (OSS)     │  │
     │          │  │  • Transcribe  │  │
     │          │  │  • OCR/Search  │  │
     │          │  │  • Projects    │  │
     │          │  └────────────────┘  │
     │          │  ┌────────────────┐  │
     │          │  │ Enterprise     │  │     ┌─────────────┐
     │          │  │  • Auth/Teams  │──┼────▶│ S3 / Azure  │
     │          │  │  • API Keys   │  │     │ (optional)  │
     │          │  │  • Webhooks   │  │     └─────────────┘
     │          │  │  • Audit      │  │
     │          │  │  • LLM        │  │     ┌─────────────┐
     │          │  │               │──┼────▶│ OpenAI /    │
     │          │  └────────────────┘  │     │ Anthropic   │
     │          └──────────────────────┘     └─────────────┘
     │
     └── Proxies all traffic to backend

Docker Services

ServiceImagePortPurpose
backendghcr.io/jongodb/verbatim-enterprise8000FastAPI + enterprise plugin + frontend SPA
postgrespostgres:16-alpine5432Database (internal only)
nginxnginx:1.27-alpine80Reverse proxy, SSL termination

Plugin System

The enterprise features are loaded via Python's entry point mechanism. The pyproject.toml declares:

[project.entry-points."verbatim.plugins"]
enterprise = "verbatim_enterprise.plugin:EnterprisePlugin"

On startup, the backend:

  1. load_plugins() — Discovers the enterprise plugin via entry point, calls register() which adds adapters, routes, middleware, and models
  2. run_startup_hooks() — Enterprise hook initializes PostgreSQL engine, replacing the default SQLite engine
  3. init_db() — Creates all tables (core + enterprise) in PostgreSQL
  4. apply_to_app() — Mounts enterprise routers and middleware onto the FastAPI application

Middleware Stack

Requests pass through middleware in this order:

  1. LicenseMiddleware — Validates the license JWT. Rejects all requests if the license is missing or expired (with a 14-day grace period for read-only access).
  2. JWTAuthMiddleware — Validates user authentication. Extracts the user from the JWT token and attaches it to the request state.
  3. AuditLogMiddleware — Logs all mutating requests (POST, PUT, DELETE) to the audit log table.

Persistent Volumes

  • postgres-data — PostgreSQL data directory. Survives container restarts and image updates.
  • app-data — Application uploads, recordings, and media files. Survives container restarts.