deploy(calc): add docker-compose, cloudflared tunnel, SSO config

- docker-compose.macmini.yml: calc-web service on port 5026 - cloudflared-config.yml: calc.mana.how → localhost:5026 - mana-auth trusted origins: add https://calc.mana.how - mana-credits & mana-user CORS: add https://calc.mana.how - Dockerfile port updated from 5018 to 5026 (5018 used by zitare) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-05-14 19:41:09 +02:00 · 2026-03-29 08:53:41 +02:00 · 2026-03-29 08:53:41 +02:00 · cb549776ac
commit cb549776ac
parent 0841f6b334
4 changed files with 38 additions and 8 deletions
--- a/apps/calc/apps/web/Dockerfile
+++ b/apps/calc/apps/web/Dockerfile
@ -21,10 +21,10 @@ COPY --from=builder /app/apps/calc/apps/web/node_modules ./node_modules
 COPY --from=builder /app/apps/calc/apps/web/build ./build
 COPY --from=builder /app/apps/calc/apps/web/package.json ./

-EXPOSE 5018
-ENV NODE_ENV=production PORT=5018 HOST=0.0.0.0
+EXPOSE 5026
+ENV NODE_ENV=production PORT=5026 HOST=0.0.0.0

 HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
-  CMD wget --no-verbose --tries=1 --spider http://localhost:5018/health || exit 1
+  CMD wget --no-verbose --tries=1 --spider http://localhost:5026/health || exit 1

 CMD ["node", "build"]
--- a/cloudflared-config.yml
+++ b/cloudflared-config.yml
@ -114,6 +114,10 @@ ingress:
  - hostname: picture-api.mana.how
    service: http://localhost:3040

+  # Calc App
+  - hostname: calc.mana.how
+    service: http://localhost:5026
+
  # LLM Services
  - hostname: playground.mana.how
    service: http://localhost:5090
--- a/docker-compose.macmini.yml
+++ b/docker-compose.macmini.yml
@ -302,7 +302,7 @@ services:
      STRIPE_SECRET_KEY: ${STRIPE_SECRET_KEY:-}
      STRIPE_WEBHOOK_SECRET: ${STRIPE_CREDITS_WEBHOOK_SECRET:-}
      BASE_URL: https://credits.mana.how
-      CORS_ORIGINS: https://mana.how,https://chat.mana.how,https://picture.mana.how,https://todo.mana.how,https://zitare.mana.how,https://calendar.mana.how,https://clock.mana.how,https://contacts.mana.how,https://manadeck.mana.how,https://presi.mana.how,https://storage.mana.how,https://nutriphi.mana.how,https://planta.mana.how,https://mukke.mana.how,https://context.mana.how,https://photos.mana.how,https://questions.mana.how
+      CORS_ORIGINS: https://mana.how,https://chat.mana.how,https://picture.mana.how,https://todo.mana.how,https://zitare.mana.how,https://calendar.mana.how,https://clock.mana.how,https://contacts.mana.how,https://manadeck.mana.how,https://presi.mana.how,https://storage.mana.how,https://nutriphi.mana.how,https://planta.mana.how,https://mukke.mana.how,https://context.mana.how,https://photos.mana.how,https://questions.mana.how,https://calc.mana.how
    ports:
      - "3002:3002"
    healthcheck:
@ -332,7 +332,7 @@ services:
      DATABASE_URL: postgresql://postgres:${POSTGRES_PASSWORD:-mana123}@postgres:5432/mana_user
      MANA_CORE_AUTH_URL: http://mana-auth:3001
      MANA_CORE_SERVICE_KEY: ${MANA_CORE_SERVICE_KEY}
-      CORS_ORIGINS: https://mana.how,https://calendar.mana.how,https://chat.mana.how,https://clock.mana.how,https://contacts.mana.how,https://context.mana.how,https://manadeck.mana.how,https://mukke.mana.how,https://nutriphi.mana.how,https://photos.mana.how,https://picture.mana.how,https://planta.mana.how,https://presi.mana.how,https://questions.mana.how,https://storage.mana.how,https://todo.mana.how,https://zitare.mana.how
+      CORS_ORIGINS: https://mana.how,https://calc.mana.how,https://calendar.mana.how,https://chat.mana.how,https://clock.mana.how,https://contacts.mana.how,https://context.mana.how,https://manadeck.mana.how,https://mukke.mana.how,https://nutriphi.mana.how,https://photos.mana.how,https://picture.mana.how,https://planta.mana.how,https://presi.mana.how,https://questions.mana.how,https://storage.mana.how,https://todo.mana.how,https://zitare.mana.how
    ports:
      - "3062:3062"
    healthcheck:
@ -906,14 +906,14 @@ services:
        condition: service_healthy
    environment:
      NODE_ENV: production
-      PORT: 5018
+      PORT: 5026
      PUBLIC_MANA_CORE_AUTH_URL: http://mana-auth:3001
      PUBLIC_MANA_CORE_AUTH_URL_CLIENT: https://auth.mana.how
      PUBLIC_SYNC_SERVER_URL: ws://mana-sync:3010
    ports:
-      - "5018:5018"
+      - "5026:5026"
    healthcheck:
-      test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://127.0.0.1:5018/health"]
+      test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://127.0.0.1:5026/health"]
      interval: 180s
      timeout: 10s
      retries: 3
@ -1247,6 +1247,31 @@ services:
      retries: 3
      start_period: 20s

+  calc-web:
+    build:
+      context: .
+      dockerfile: apps/calc/apps/web/Dockerfile
+    image: calc-web:local
+    container_name: mana-app-calc-web
+    restart: always
+    depends_on:
+      mana-auth:
+        condition: service_healthy
+    environment:
+      NODE_ENV: production
+      PORT: 5026
+      PUBLIC_MANA_CORE_AUTH_URL: http://mana-auth:3001
+      PUBLIC_MANA_CORE_AUTH_URL_CLIENT: https://auth.mana.how
+      PUBLIC_SYNC_SERVER_URL: ws://mana-sync:3010
+    ports:
+      - "5026:5026"
+    healthcheck:
+      test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://127.0.0.1:5026/health"]
+      interval: 180s
+      timeout: 10s
+      retries: 3
+      start_period: 20s
+
  mana-llm:
    build:
      context: ./services/mana-llm
--- a/services/mana-auth/src/auth/better-auth.config.ts
+++ b/services/mana-auth/src/auth/better-auth.config.ts
@ -241,6 +241,7 @@ export function createBetterAuth(databaseUrl: string) {
 			'https://auth.mana.how',
 			'https://mana.how',
 			// Production domains - all apps (keep alphabetical)
+			'https://calc.mana.how',
 			'https://calendar.mana.how',
 			'https://chat.mana.how',
 			'https://clock.mana.how',