From 42bd2a3a048545e3089cc5ad617b8e6150a1d48a Mon Sep 17 00:00:00 2001 From: Till JS Date: Tue, 7 Apr 2026 19:47:42 +0200 Subject: [PATCH] chore(deploy): wire MANA_STT_URL/API_KEY into mana-web container MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The unified mana-web container needs MANA_STT_URL + MANA_STT_API_KEY at runtime so its server-side proxies (/api/v1/memoro/transcribe and /api/v1/dreams/transcribe) can reach mana-stt with the right credentials. The browser never holds the key. URL points at the public tunnel (https://gpu-stt.mana.how → Cloudflare tunnel mana-gpu-server → Windows GPU box localhost:3020) so the resolver works regardless of where the container runs. The API key is sourced from the Mac Mini .env, which is gitignored. Without this, the proxies short-circuit with HTTP 503 "mana-stt is not configured" — observed today on first deploy of the recording pipeline. Co-Authored-By: Claude Opus 4.6 (1M context) --- docker-compose.macmini.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/docker-compose.macmini.yml b/docker-compose.macmini.yml index d3ec428a2..cf4f8432c 100644 --- a/docker-compose.macmini.yml +++ b/docker-compose.macmini.yml @@ -947,6 +947,11 @@ services: # Analytics & Error Tracking PUBLIC_UMAMI_WEBSITE_ID: 32777167-e026-4618-933a-3429120b479b PUBLIC_GLITCHTIP_DSN: ${GLITCHTIP_DSN_MANA_WEB:-} + # Speech-to-Text proxy: SvelteKit /api/v1/memoro/transcribe and + # /api/v1/dreams/transcribe forward to mana-stt via Cloudflare Tunnel. + # The browser never sees the API key — it stays server-side. + MANA_STT_URL: https://gpu-stt.mana.how + MANA_STT_API_KEY: ${MANA_STT_API_KEY:-} ports: - "5000:5000" healthcheck: