From 572820f3d69ed039f4c2dc8e74416d95bd517be9 Mon Sep 17 00:00:00 2001 From: Till JS Date: Wed, 15 Apr 2026 15:03:42 +0200 Subject: [PATCH] feat(infra): wire mana-ai URL + PUBLIC_AI_MISSION_GRANTS flag into mana-web MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Webapp now passes: - PUBLIC_MANA_AI_URL / PUBLIC_MANA_AI_URL_CLIENT → getManaAiUrl() resolves these; powers the Workbench "Datenzugriff" tab fetch. - PUBLIC_AI_MISSION_GRANTS (default false) → gates the MissionGrant dialog + audit tab. Flip to "true" in .env once the keypair is provisioned. Follow-up for operator: add a Cloudflare tunnel route for mana-ai.mana.how → mana-ai:3067 (mirroring the existing pattern for credits/events/llm) so the audit fetch resolves from the browser. Co-Authored-By: Claude Opus 4.6 (1M context) --- docker-compose.macmini.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/docker-compose.macmini.yml b/docker-compose.macmini.yml index eb69ee040..e3ea6b062 100644 --- a/docker-compose.macmini.yml +++ b/docker-compose.macmini.yml @@ -867,6 +867,16 @@ services: PUBLIC_MANA_LLM_URL_CLIENT: https://llm.mana.how PUBLIC_MANA_EVENTS_URL: http://mana-events:3065 PUBLIC_MANA_EVENTS_URL_CLIENT: https://events.mana.how + # mana-ai background Mission Runner. Browser calls the audit + # endpoint (/api/v1/me/ai-audit) to render the Workbench + # "Datenzugriff" tab. SSR doesn't hit this service directly. + PUBLIC_MANA_AI_URL: http://mana-ai:3067 + PUBLIC_MANA_AI_URL_CLIENT: https://mana-ai.mana.how + # Feature flag for the Mission Key-Grant consent UI. false → the + # dialog + Workbench audit tab stay hidden even on missions with + # encrypted inputs. Flip to "true" per deployment once the keypair + # is provisioned (see docs/plans/ai-mission-key-grant.md). + PUBLIC_AI_MISSION_GRANTS: ${PUBLIC_AI_MISSION_GRANTS:-false} # Analytics & Error Tracking PUBLIC_UMAMI_WEBSITE_ID: 32777167-e026-4618-933a-3429120b479b PUBLIC_GLITCHTIP_DSN: ${GLITCHTIP_DSN_MANA_WEB:-}