till/managarten
1
0
Fork 0
mirror of https://github.com/Memo-2023/mana-monorepo.git synced 2026-05-19 01:21:24 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 6

🔀 merge: integrate till-dev into main

Browse source 
Merge till-dev branch containing:
- Planta plant care tracking application
- Clock backend with alarms, timers, world clocks
- Zitare backend with favorites and lists
- Various app improvements and fixes
- Auth system updates
- Infrastructure improvements

Note: Some type-check issues may need resolution after merge.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
Till-JS 2026-01-18 15:40:43 +01:00
commit 49a8c652da
475 changed files with 28008 additions and 22742 deletions
Download patch file Download diff file Expand all files Collapse all files

7
.github/workflows/cd-production.yml vendored
View file

@ -22,7 +22,6 @@ on:
- manadeck-backend
- nutriphi-backend
- news-api
- picture-backend
environment:
description: 'Deployment environment'
required: true
@ -180,7 +179,9 @@ jobs:
# Mana Core Auth
MANA_SERVICE_URL=${{ secrets.PRODUCTION_MANA_SERVICE_URL }}
# JWT keys managed automatically by Better Auth (EdDSA) - stored in auth.jwks table
JWT_SECRET=${{ secrets.PRODUCTION_JWT_SECRET }}
JWT_PUBLIC_KEY=${{ secrets.PRODUCTION_JWT_PUBLIC_KEY }}
JWT_PRIVATE_KEY=${{ secrets.PRODUCTION_JWT_PRIVATE_KEY }}
# Supabase
SUPABASE_URL=${{ secrets.PRODUCTION_SUPABASE_URL }}
@ -268,7 +269,7 @@ jobs:
if [ "$SERVICE" == "all" ]; then
# Rolling update for all services
for service in mana-core-auth maerchenzauber-backend chat-backend manadeck-backend nutriphi-backend news-api picture-backend; do
for service in mana-core-auth maerchenzauber-backend chat-backend manadeck-backend nutriphi-backend news-api; do
echo "Deploying \$service..."
docker compose up -d --no-deps --scale \$service=2 \$service
sleep 10

59
.github/workflows/cd-staging.yml vendored
View file

@ -31,8 +31,6 @@ on:
- calendar-web
- clock-backend
- clock-web
- picture-backend
- picture-web
workflow_call:
permissions:
@ -100,50 +98,29 @@ jobs:
POSTGRES_PORT=5432
POSTGRES_DB=manacore
POSTGRES_USER=postgres
POSTGRES_PASSWORD=${{ secrets.POSTGRES_PASSWORD }}
POSTGRES_PASSWORD=${{ secrets.STAGING_POSTGRES_PASSWORD }}
# Redis - Configuration
REDIS_HOST=redis
REDIS_PORT=6379
REDIS_PASSWORD=${{ secrets.REDIS_PASSWORD }}
REDIS_PASSWORD=${{ secrets.STAGING_REDIS_PASSWORD }}
# Mana Core Auth - Configuration
MANA_SERVICE_URL=http://mana-core-auth:3001
# JWT keys managed automatically by Better Auth (EdDSA) - stored in auth.jwks table
# Brevo Email Service
BREVO_API_KEY=${{ secrets.BREVO_API_KEY }}
EMAIL_SENDER_ADDRESS=noreply@manacore.ai
EMAIL_SENDER_NAME=ManaCore
# Base URL for auth callbacks (password reset, email verification)
BASE_URL=https://auth.staging.manacore.ai
# Frontend URL for password reset and email verification links
FRONTEND_URL=https://staging.manacore.ai
JWT_SECRET=${{ secrets.STAGING_JWT_SECRET }}
JWT_PUBLIC_KEY=${{ secrets.STAGING_JWT_PUBLIC_KEY }}
JWT_PRIVATE_KEY=${{ secrets.STAGING_JWT_PRIVATE_KEY }}
# Supabase
SUPABASE_URL=${{ secrets.SUPABASE_URL }}
SUPABASE_ANON_KEY=${{ secrets.SUPABASE_ANON_KEY }}
SUPABASE_SERVICE_ROLE_KEY=${{ secrets.SUPABASE_SERVICE_ROLE_KEY }}
SUPABASE_URL=${{ secrets.STAGING_SUPABASE_URL }}
SUPABASE_ANON_KEY=${{ secrets.STAGING_SUPABASE_ANON_KEY }}
SUPABASE_SERVICE_ROLE_KEY=${{ secrets.STAGING_SUPABASE_SERVICE_ROLE_KEY }}
# Azure OpenAI
AZURE_OPENAI_ENDPOINT=${{ secrets.AZURE_OPENAI_ENDPOINT }}
AZURE_OPENAI_API_KEY=${{ secrets.AZURE_OPENAI_API_KEY }}
AZURE_OPENAI_ENDPOINT=${{ secrets.STAGING_AZURE_OPENAI_ENDPOINT }}
AZURE_OPENAI_API_KEY=${{ secrets.STAGING_AZURE_OPENAI_API_KEY }}
AZURE_OPENAI_API_VERSION=2024-12-01-preview
# Hetzner Object Storage (S3-compatible)
S3_ENDPOINT=${{ secrets.S3_ENDPOINT }}
S3_REGION=${{ secrets.S3_REGION }}
S3_ACCESS_KEY=${{ secrets.S3_ACCESS_KEY }}
S3_SECRET_KEY=${{ secrets.S3_SECRET_KEY }}
MANACORE_STORAGE_PUBLIC_URL=${{ secrets.MANACORE_STORAGE_PUBLIC_URL }}
# Replicate API (for Picture app AI image generation)
REPLICATE_API_TOKEN=${{ secrets.REPLICATE_API_TOKEN }}
# Mana Core Service Key (for credit system)
MANA_CORE_SERVICE_KEY=${{ secrets.MANA_CORE_SERVICE_KEY }}
# Environment
NODE_ENV=staging
EOF
@ -223,9 +200,6 @@ jobs:
# Create clock database (for clock-backend service)
docker compose exec -T postgres psql -U postgres -c "CREATE DATABASE clock;" 2>/dev/null || echo "clock database already exists"
# Create picture database (for picture-backend service)
docker compose exec -T postgres psql -U postgres -c "CREATE DATABASE picture;" 2>/dev/null || echo "picture database already exists"
echo "✅ Databases ready"
EOF
@ -280,17 +254,12 @@ jobs:
if docker compose exec -T mana-core-auth test -f src/db/migrate.ts 2>/dev/null || \
docker compose exec -T mana-core-auth pnpm run db:migrate --help 2>/dev/null; then
run_migration mana-core-auth || {
echo "⚠️ mana-core-auth migration failed - falling back to db:push"
echo " This syncs schema directly, bypassing migration tracking"
docker compose exec -T mana-core-auth pnpm run db:push || {
echo "❌ mana-core-auth db:push also failed - aborting deployment"
exit 1
}
echo "✅ [mana-core-auth] Schema synced via db:push"
echo "❌ mana-core-auth migration failed - aborting deployment"
exit 1
}
else
echo "⏭️ [mana-core-auth] No db:migrate script, using db:push..."
docker compose exec -T mana-core-auth pnpm run db:push || echo "Auth schema push completed"
docker compose exec -T mana-core-auth npx drizzle-kit push --force || echo "Auth schema push completed"
fi
echo ""
@ -363,8 +332,6 @@ jobs:
check_health calendar-web http://localhost:5186/health || exit 1
check_health clock-backend http://localhost:3017/api/v1/health || exit 1
check_health clock-web http://localhost:5187/health || exit 1
check_health picture-backend http://localhost:3006/api/v1/health || exit 1
check_health picture-web http://localhost:5175/health || exit 1
echo ""
echo "✅ All health checks passed!"

264
.github/workflows/cd-staging.yml.bak vendored Normal file
View file

@ -0,0 +1,264 @@
# ARCHIVED: Full staging workflow with all services
# Active simplified workflow: .github/workflows/cd-staging.yml
#
# Services included: mana-core-auth, chat-backend, manadeck-backend
#
# To restore: cp .github/workflows/cd-staging.full.yml .github/workflows/cd-staging.yml
name: CD - Staging Deployment
on:
workflow_dispatch:
inputs:
service:
description: 'Service to deploy (leave empty for all)'
required: false
type: choice
options:
- all
- mana-core-auth
- chat-backend
- manadeck-backend
workflow_call:
permissions:
contents: read
packages: read
env:
NODE_VERSION: '20'
PNPM_VERSION: '9.15.0'
jobs:
deploy-staging:
name: Deploy to Staging
runs-on: ubuntu-latest
environment:
name: staging
url: https://staging.manacore.app
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup SSH for deployment
uses: webfactory/ssh-agent@v0.9.0
with:
ssh-private-key: ${{ secrets.STAGING_SSH_KEY }}
- name: Add staging server to known hosts
env:
STAGING_HOST: 46.224.108.214
run: |
mkdir -p ~/.ssh
ssh-keyscan -H $STAGING_HOST >> ~/.ssh/known_hosts
- name: Prepare deployment directory
env:
STAGING_USER: deploy
STAGING_HOST: 46.224.108.214
run: |
ssh $STAGING_USER@$STAGING_HOST << 'EOF'
mkdir -p ~/manacore-staging
cd ~/manacore-staging
# Create required directories
mkdir -p logs
mkdir -p data/postgres
mkdir -p data/redis
EOF
- name: Copy docker-compose file
env:
STAGING_USER: deploy
STAGING_HOST: 46.224.108.214
run: |
scp docker-compose.staging.yml $STAGING_USER@$STAGING_HOST:~/manacore-staging/docker-compose.yml
- name: Copy environment file
env:
STAGING_USER: deploy
STAGING_HOST: 46.224.108.214
run: |
# Create staging env file (mix of hardcoded config and secrets)
cat > .env.staging << EOF
# Database - Configuration
POSTGRES_HOST=postgres
POSTGRES_PORT=5432
POSTGRES_DB=manacore
POSTGRES_USER=postgres
POSTGRES_PASSWORD=${{ secrets.STAGING_POSTGRES_PASSWORD }}
# Redis - Configuration
REDIS_HOST=redis
REDIS_PORT=6379
REDIS_PASSWORD=${{ secrets.STAGING_REDIS_PASSWORD }}
# Mana Core Auth - Configuration
MANA_SERVICE_URL=http://mana-core-auth:3001
JWT_SECRET=${{ secrets.STAGING_JWT_SECRET }}
JWT_PUBLIC_KEY=${{ secrets.STAGING_JWT_PUBLIC_KEY }}
JWT_PRIVATE_KEY=${{ secrets.STAGING_JWT_PRIVATE_KEY }}
# Supabase
SUPABASE_URL=${{ secrets.STAGING_SUPABASE_URL }}
SUPABASE_ANON_KEY=${{ secrets.STAGING_SUPABASE_ANON_KEY }}
SUPABASE_SERVICE_ROLE_KEY=${{ secrets.STAGING_SUPABASE_SERVICE_ROLE_KEY }}
# Azure OpenAI
AZURE_OPENAI_ENDPOINT=${{ secrets.STAGING_AZURE_OPENAI_ENDPOINT }}
AZURE_OPENAI_API_KEY=${{ secrets.STAGING_AZURE_OPENAI_API_KEY }}
AZURE_OPENAI_API_VERSION=2024-12-01-preview
# Environment
NODE_ENV=staging
EOF
scp .env.staging $STAGING_USER@$STAGING_HOST:~/manacore-staging/.env
rm .env.staging
- name: Login to GitHub Container Registry on staging server
env:
STAGING_USER: deploy
STAGING_HOST: 46.224.108.214
run: |
ssh $STAGING_USER@$STAGING_HOST << EOF
# Login to ghcr.io with GitHub token
echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin
EOF
- name: Pull latest Docker images
env:
STAGING_USER: deploy
STAGING_HOST: 46.224.108.214
run: |
ssh $STAGING_USER@$STAGING_HOST << 'EOF'
cd ~/manacore-staging
docker compose pull
EOF
- name: Deploy services
env:
STAGING_USER: deploy
STAGING_HOST: 46.224.108.214
run: |
SERVICE="${{ github.event.inputs.service || 'all' }}"
ssh $STAGING_USER@$STAGING_HOST << EOF
cd ~/manacore-staging
# Determine which services to deploy
if [ "$SERVICE" == "all" ]; then
echo "Deploying all services..."
docker compose up -d
else
echo "Deploying service: $SERVICE"
docker compose up -d $SERVICE
fi
# Wait for initial startup
echo "Waiting for services to start..."
sleep 15
echo "=== Container Status ==="
docker compose ps
EOF
- name: Run health checks
env:
STAGING_USER: deploy
STAGING_HOST: 46.224.108.214
run: |
ssh $STAGING_USER@$STAGING_HOST << 'EOF'
cd ~/manacore-staging
# Wait for services to fully start
echo "Waiting 60s for services to fully initialize..."
sleep 60
echo "=== Container Status ==="
docker compose ps
echo ""
echo "=== Health Checks ==="
# Check mana-core-auth
echo "Checking mana-core-auth..."
if docker compose exec -T mana-core-auth wget -q -O - http://localhost:3001/api/v1/health > /dev/null 2>&1; then
echo "✅ mana-core-auth is healthy"
else
echo "❌ mana-core-auth health check failed"
echo "=== Logs ==="
docker compose logs --tail=50 mana-core-auth
exit 1
fi
# Check chat-backend
echo "Checking chat-backend..."
if docker compose exec -T chat-backend wget -q -O - http://localhost:3002/api/health > /dev/null 2>&1; then
echo "✅ chat-backend is healthy"
else
echo "❌ chat-backend health check failed"
echo "=== Logs ==="
docker compose logs --tail=50 chat-backend
exit 1
fi
# Check manadeck-backend
echo "Checking manadeck-backend..."
if docker compose exec -T manadeck-backend wget -q -O - http://localhost:3003/api/health > /dev/null 2>&1; then
echo "✅ manadeck-backend is healthy"
else
echo "❌ manadeck-backend health check failed"
echo "=== Logs ==="
docker compose logs --tail=50 manadeck-backend
exit 1
fi
echo ""
echo "✅ All health checks passed!"
EOF
- name: Run database migrations
env:
STAGING_USER: deploy
STAGING_HOST: 46.224.108.214
run: |
# Run migrations for services that need them
ssh $STAGING_USER@$STAGING_HOST << 'EOF'
cd ~/manacore-staging
# Mana Core Auth migrations
docker compose exec -T mana-core-auth pnpm run db:migrate || echo "Auth migrations skipped"
EOF
- name: Deployment summary
run: |
echo "## Staging Deployment Summary" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "- **Environment**: Staging" >> $GITHUB_STEP_SUMMARY
echo "- **Deployed by**: ${{ github.actor }}" >> $GITHUB_STEP_SUMMARY
echo "- **Commit**: ${{ github.sha }}" >> $GITHUB_STEP_SUMMARY
echo "- **Timestamp**: $(date -u +'%Y-%m-%d %H:%M:%S UTC')" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "### Services Deployed" >> $GITHUB_STEP_SUMMARY
echo "Service: ${{ github.event.inputs.service || 'all' }}" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "### Health Checks" >> $GITHUB_STEP_SUMMARY
echo "All health checks passed ✅" >> $GITHUB_STEP_SUMMARY
notify-deployment:
name: Notify Deployment
runs-on: ubuntu-latest
needs: deploy-staging
if: always()
steps:
- name: Deployment notification
run: |
STATUS="${{ needs.deploy-staging.result }}"
if [ "$STATUS" == "success" ]; then
echo "✅ Staging deployment completed successfully"
else
echo "❌ Staging deployment failed"
exit 1
fi

5
.github/workflows/ci.yml vendored
View file

@ -57,9 +57,6 @@ jobs:
- name: Type check
run: pnpm run type-check
- name: Validate migrations (no destructive changes)
run: node scripts/validate-migrations.mjs
- name: Lint
run: pnpm run lint || echo "Lint warnings found"
@ -80,8 +77,6 @@ jobs:
- { name: 'calendar-web', path: 'apps/calendar/apps/web', port: '5186' }
- { name: 'clock-backend', path: 'apps/clock/apps/backend', port: '3017' }
- { name: 'clock-web', path: 'apps/clock/apps/web', port: '5187' }
- { name: 'picture-backend', path: 'apps/picture/apps/backend', port: '3006' }
- { name: 'picture-web', path: 'apps/picture/apps/web', port: '5175' }
fail-fast: false
steps:
- name: Checkout code