till/managarten
1
0
Fork 0
mirror of https://github.com/Memo-2023/mana-monorepo.git synced 2026-05-14 21:21:10 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

fix(monitoring): photon via Cloudflare-Tunnel, drop dead whopxl

Browse source 
Two cleanups against the status-page DOWN list:

photon-self (photon.mana.how route):
  mana-geocoding's /health/photon-self pings the photon backend, which
  lives as a Docker container on the GPU-Box (port 2322). PHOTON_SELF_API_URL
  was http://192.168.178.11:2322 — Mini-host can hit that fine but
  Mini-Docker-containers can't (Colima-NAT-quirk we keep running into).
  Routed photon through the mana-gpu-server tunnel (config v26) and
  flipped the env var to https://photon.mana.how. Probe goes UP, geocoding
  for sensitive queries (privacy:'local' provider tier) actually works
  now too — was effectively orphaned before.

whopxl removed everywhere it still lingered:
  Container hasn't existed on the Mini in months (no compose service,
  no source dir under apps/, no listener on :5100 — only the dead
  cloudflared route + a stale CORS_ORIGINS entry on mana-auth). Cleaned
  cloudflared-config.yml, prometheus.yml blackbox-web target, and the
  mana-auth CORS list. Old DNS CNAME for whopxl.mana.how stays for now;
  no harm.

Plus while we were here: who-api.mana.how/api/decks was the right probe
for who-server's deck catalogue (root /api/decks lives on who-api, not
who.mana.how which is the SSR shell).

Live: status.mana.how shows 58/59 UP; the last 'whopxl' entry will
fall off after VM's TSDB rolls past the probe_success staleness window.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Till JS 2026-05-07 14:39:50 +02:00
parent 82db4eb794
commit 1e8d18ac8d
3 changed files with 8 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

3
cloudflared-config.yml
View file

@ -187,9 +187,6 @@ ingress:
service: http://localhost:5050
- hostname: manavoxel.mana.how
service: http://localhost:5028
- hostname: whopxl.mana.how
service: http://localhost:5100
# ============================================
# Who? Game (Standalone-Bun-Stack, native auf Mac Mini unter PM2)
# Source: ~/projects/who/, Deploy-Doc: who/docs/MAC_MINI_DEPLOY.md

12
docker-compose.macmini.yml
View file

@ -250,7 +250,7 @@ services:
# Enforced by services/mana-auth/src/auth/sso-config.spec.ts.
# All productivity modules now live under mana.how (path-based) —
# no per-module subdomain entries required here.
CORS_ORIGINS: https://mana.how,https://auth.mana.how,https://whopxl.mana.how,https://cards.mana.how
CORS_ORIGINS: https://mana.how,https://auth.mana.how,https://cards.mana.how
ports:
- "3001:3001"
healthcheck:
@ -460,10 +460,12 @@ services:
environment:
TZ: Europe/Berlin
PORT: 3018
# Self-hosted Photon on mana-gpu (cross-LAN). When set, registers
# as `photon-self` provider with privacy: 'local' — eligible for
# sensitive queries. Empty value = slot disabled.
PHOTON_SELF_API_URL: ${PHOTON_SELF_API_URL:-}
# Self-hosted Photon. Läuft als Docker-Container auf der GPU-Box
# (mana-server-gpu, WSL2). Mini-Container können die GPU-LAN-IP
# nicht direkt routen (Colima-NAT-Quirk), daher via Cloudflare-
# Tunnel — `photon.mana.how` schickt direkt an den GPU-tunnel.
# Empty value = slot disabled.
PHOTON_SELF_API_URL: ${PHOTON_SELF_API_URL:-https://photon.mana.how}
# Cold-start cross-LAN fetches to photon-self consistently take
# >10s on the first probe; the 8s default false-marked it unhealthy
# on every cold path. 20s leaves headroom while still cutting off

3
docker/prometheus/prometheus.yml
View file

@ -276,7 +276,6 @@ scrape_configs:
- https://mana.how/mail
- https://mana.how/playground
# ─── Standalone Apps / Games (separate Container, eigene Tunnel-Hostnames) ───
- https://whopxl.mana.how
- https://manavoxel.mana.how
# Memoro Standalone-Stack (Phase 2 mana e.V. Plattform-Migration)
- https://memoro.mana.how
@ -307,7 +306,7 @@ scrape_configs:
- https://memoro-api.mana.how/health
- https://memoro-audio.mana.how/health
# who.mana.how API on /api/decks — root is 404 by design (Phaser-Cantina mounts at /cantina)
- https://who.mana.how/api/decks
- https://who-api.mana.how/api/decks
# Verein backoffice (mana e.V. Plattform); only /health returns 200, root is auth-walled
- https://admin.mana.how/health
relabel_configs: