infra(phase 2g): mana-research → GPU-Box

Web-Research-Orchestrator (16+ search-/LLM-providers) auf die GPU-Box verlagert. Cross-LAN für mana-auth/mana-credits/mana-llm/mana-search/ postgres/redis (192.168.178.131). research.mana.how routet jetzt zum mana-gpu-server-Tunnel (CF config v29). Mini-Container-Count 42 → 41. PUBLIC_MANA_RESEARCH_URL in mana-app-web auf https-URL umgestellt — Mini-Container können 192.168.178.11 nicht direkt erreichen (Colima-NAT), daher Cross-LAN-Bridge via Cloudflare-Tunnel wie bei mana-ai. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-14 20:21:09 +02:00 · 2026-05-07 20:26:10 +02:00 · 2026-05-07 20:26:10 +02:00 · c84742005b
commit c84742005b
parent 521ae52a62
7 changed files with 80 additions and 63 deletions
--- a/infrastructure/.env.gpu-box.example
+++ b/infrastructure/.env.gpu-box.example
@ -34,3 +34,22 @@ GLITCHTIP_ADMIN_PASSWORD=
 # in mana-auth's MANA_AI_PUBLIC_KEY_PEM auf dem Mini steht).
 MANA_SERVICE_KEY=
 MANA_AI_PRIVATE_KEY_PEM=
+
+# ─── Redis-Mini Auth (für Cross-LAN-Cache von mana-research, Phase 2g) ───
+# Identisch mit mana-monorepo/.env.macmini REDIS_PASSWORD.
+REDIS_PASSWORD=
+
+# ─── mana-research (Web-Research-Orchestrator, Phase 2g) ─────
+# 16 Search-/LLM-Provider — alle optional, leer lassen wenn ungenutzt.
+# Aktuell aktiv im Live-Betrieb: GOOGLE_GENAI_API_KEY (von Mini übernommen).
+GOOGLE_GENAI_API_KEY=
+ANTHROPIC_API_KEY=
+OPENAI_API_KEY=
+PERPLEXITY_API_KEY=
+EXA_API_KEY=
+TAVILY_API_KEY=
+BRAVE_API_KEY=
+SERPER_API_KEY=
+JINA_API_KEY=
+FIRECRAWL_API_KEY=
+SCRAPINGBEE_API_KEY=
--- a/infrastructure/README.md
+++ b/infrastructure/README.md
@ -21,6 +21,10 @@ Hilfsdienste vom Mini abgegeben — siehe [`docs/PLAN_OPTION_C.md`](../docs/PLAN
 | `gpu-node-exporter`, `gpu-cadvisor`, `gpu-promtail` | (intern) | Self-Monitoring (Phase 2c) |
 | `glitchtip` + worker + dedizierte postgres + redis | `:8020` → `glitchtip.mana.how` | Error-Tracking mit eigenem DB-Stack (Phase 2d) |
 | `status-page-gen`, `status-nginx` | `:8090` → `status.mana.how` | Status-Seite (Phase 2e) |
+| `verdaccio` | `:4873` → `npm.mana.how` | Private @mana/* npm-Registry (Phase 2f-1) |
+| `news-ingester` | (intern) | RSS-Crawl + News-Ingestion (Phase 2f-2) |
+| `mana-ai` | `:3067` → `mana-ai.mana.how` | AI Mission Runner (Phase 2f-3) |
+| `mana-research` | `:3068` → `research.mana.how` | Web-Research-Orchestrator (Phase 2g) |

 Plus der bestehende `photon`-Container (Geocoder), der vor Phase 2 schon
 auf der Box existierte und unangetastet blieb.
@ -81,6 +85,7 @@ Aktive Public-Hostnames (Stand 2026-05-07, config v28):
 | `photon.mana.how` | `:2322` | Photon Geocoder (cross-LAN-Workaround für mana-geocoding's Probe + privacy-local Provider) |
 | `npm.mana.how` | `:4873` | Verdaccio @mana/* npm-Registry (Phase 2f-1) |
 | `mana-ai.mana.how` | `:3067` | AI Mission Runner (Phase 2f-3) |
+| `research.mana.how` | `:3068` | Web-Research-Orchestrator (Phase 2g) |

 API-Update (idempotent):

--- a/infrastructure/docker-compose.gpu-box.yml
+++ b/infrastructure/docker-compose.gpu-box.yml
@ -523,6 +523,55 @@ services:
      retries: 3
      start_period: 30s

+  # ============================================
+  # Phase 2g — mana-research (Web Research Orchestrator, 2026-05-07)
+  # 16+ search-providers + LLM-Pipeline. User-facing aber latenztolerant
+  # (5-30s queries). Schreibt in mana_platform.research-Tabellen, nutzt
+  # Redis-Cache + ruft mana-credits + mana-search auf. Geographische Nähe
+  # zu gpu-llm/gpu-ollama wie bei mana-ai.
+  # ============================================
+  mana-research:
+    build:
+      context: /srv/mana/source
+      dockerfile: services/mana-research/Dockerfile
+    image: mana-research:gpu-box
+    container_name: mana-research
+    restart: unless-stopped
+    environment:
+      TZ: Europe/Berlin
+      NODE_ENV: production
+      PORT: 3068
+      DATABASE_URL: postgresql://postgres:${POSTGRES_PASSWORD}@192.168.178.131:5432/mana_platform
+      REDIS_URL: redis://:${REDIS_PASSWORD}@192.168.178.131:6379
+      CACHE_TTL_SECONDS: '3600'
+      CORS_ORIGINS: https://mana.how,https://chat.mana.how,https://research.mana.how
+      # Cross-LAN service deps
+      MANA_AUTH_URL: http://192.168.178.131:3001
+      MANA_CREDITS_URL: http://192.168.178.131:3002
+      MANA_LLM_URL: http://192.168.178.131:3025
+      MANA_SEARCH_URL: http://192.168.178.131:3012
+      MANA_SERVICE_KEY: ${MANA_SERVICE_KEY}
+      # LLM + Search provider keys (most empty, only Google active currently)
+      ANTHROPIC_API_KEY: ${ANTHROPIC_API_KEY:-}
+      OPENAI_API_KEY: ${OPENAI_API_KEY:-}
+      GOOGLE_GENAI_API_KEY: ${GOOGLE_GENAI_API_KEY:-}
+      PERPLEXITY_API_KEY: ${PERPLEXITY_API_KEY:-}
+      EXA_API_KEY: ${EXA_API_KEY:-}
+      TAVILY_API_KEY: ${TAVILY_API_KEY:-}
+      BRAVE_API_KEY: ${BRAVE_API_KEY:-}
+      SERPER_API_KEY: ${SERPER_API_KEY:-}
+      JINA_API_KEY: ${JINA_API_KEY:-}
+      FIRECRAWL_API_KEY: ${FIRECRAWL_API_KEY:-}
+      SCRAPINGBEE_API_KEY: ${SCRAPINGBEE_API_KEY:-}
+    ports:
+      - '3068:3068'
+    healthcheck:
+      test: ['CMD', 'bun', '-e', "fetch('http://localhost:3068/health').then(r => process.exit(r.ok ? 0 : 1)).catch(() => process.exit(1))"]
+      interval: 60s
+      timeout: 10s
+      retries: 3
+      start_period: 30s
+
  # ============================================
  # Phase 2f-3 — mana-ai (AI Mission Runner, 2026-05-07)
  # Background tick-loop (60s default), queryt mana-api + mana-llm +