diff --git a/cloudflared-config.yml b/cloudflared-config.yml index 9449c959e..1673f4724 100644 --- a/cloudflared-config.yml +++ b/cloudflared-config.yml @@ -117,8 +117,6 @@ ingress: # /api/v1/me/ai-audit that powers the Workbench "Datenzugriff" tab. # The background tick loop + /metrics stay internal; only the # JWT-gated user endpoint is public. - - hostname: mana-ai.mana.how - service: http://localhost:3067 # ============================================ # API Gateway (Go) diff --git a/docker-compose.macmini.yml b/docker-compose.macmini.yml index 9b811ac97..b3cc0a47b 100644 --- a/docker-compose.macmini.yml +++ b/docker-compose.macmini.yml @@ -268,53 +268,6 @@ services: # and docs/plans/ai-mission-key-grant.md). # ============================================ - mana-ai: - build: - context: . - dockerfile: services/mana-ai/Dockerfile - image: mana-ai:local - container_name: mana-ai - restart: always - mem_limit: 256m - depends_on: - postgres: - condition: service_healthy - mana-llm: - condition: service_started - mana-api: - condition: service_healthy - mana-research: - condition: service_started - environment: - TZ: Europe/Berlin - NODE_ENV: production - PORT: 3067 - SYNC_DATABASE_URL: postgresql://postgres:${POSTGRES_PASSWORD:-mana123}@postgres:5432/mana_sync - MANA_LLM_URL: http://mana-llm:3020 - MANA_API_URL: http://mana-api:3060 - MANA_RESEARCH_URL: http://mana-research:3068 - MANA_AI_DEEP_RESEARCH_ENABLED: ${MANA_AI_DEEP_RESEARCH_ENABLED:-false} - MANA_SERVICE_KEY: ${MANA_SERVICE_KEY} - TICK_INTERVAL_MS: ${MANA_AI_TICK_INTERVAL_MS:-60000} - TICK_ENABLED: ${MANA_AI_TICK_ENABLED:-true} - # RSA-OAEP-2048 private key paired with MANA_AI_PUBLIC_KEY_PEM on - # mana-auth. Used to unwrap per-mission data keys at tick time. - # Absent → all grants skip silently with reason="not-configured". - MANA_AI_PRIVATE_KEY_PEM: ${MANA_AI_PRIVATE_KEY_PEM:-} - OTEL_EXPORTER_OTLP_ENDPOINT: http://tempo:4318 - ports: - - "3067:3067" - healthcheck: - test: ["CMD", "bun", "-e", "fetch('http://127.0.0.1:3067/health').then(r=>process.exit(r.ok?0:1)).catch(()=>process.exit(1))"] - interval: 120s - timeout: 10s - retries: 3 - start_period: 40s - - # ============================================ - # Tier 1b: Credits Service (Hono + Bun) - # ============================================ - mana-credits: build: context: . diff --git a/infrastructure/docker-compose.gpu-box.yml b/infrastructure/docker-compose.gpu-box.yml index eb46dfe49..12e53d10b 100644 --- a/infrastructure/docker-compose.gpu-box.yml +++ b/infrastructure/docker-compose.gpu-box.yml @@ -523,6 +523,47 @@ services: retries: 3 start_period: 30s + # ============================================ + # Phase 2f-3 — mana-ai (AI Mission Runner, 2026-05-07) + # Background tick-loop (60s default), queryt mana-api + mana-llm + + # mana-research, persistiert via mana_sync. Geographische Nähe zum + # gpu-llm/gpu-ollama-Stack ist Bonus für künftige direct-LLM-Pfade. + # services/mana-ai/Dockerfile ist bereits workspace-aware (pnpm + # multi-stage), funktioniert nativ auf GPU-Box. + # ============================================ + mana-ai: + build: + context: /srv/mana/source + dockerfile: services/mana-ai/Dockerfile + image: mana-ai:gpu-box + container_name: mana-ai + restart: unless-stopped + environment: + TZ: Europe/Berlin + PORT: 3067 + NODE_ENV: production + TICK_INTERVAL_MS: '60000' + TICK_ENABLED: 'true' + MANA_AI_DEEP_RESEARCH_ENABLED: 'false' + # Cross-LAN dependency wiring — alle Mini-Services via Host-Port. + MANA_API_URL: http://192.168.178.131:3060 + SYNC_DATABASE_URL: postgresql://postgres:${POSTGRES_PASSWORD}@192.168.178.131:5432/mana_sync + MANA_LLM_URL: http://192.168.178.131:3025 + MANA_RESEARCH_URL: http://192.168.178.131:3068 + # Internal-service-auth + RSA für Mission-Grant-Decryption. + MANA_SERVICE_KEY: ${MANA_SERVICE_KEY} + MANA_AI_PRIVATE_KEY_PEM: ${MANA_AI_PRIVATE_KEY_PEM} + # OTEL: Tempo läuft seit Phase 2c nicht mehr — leer = SDK no-op + OTEL_EXPORTER_OTLP_ENDPOINT: '' + ports: + - '3067:3067' + healthcheck: + test: ['CMD', 'bun', '-e', "fetch('http://localhost:3067/health').then(r => process.exit(r.ok ? 0 : 1)).catch(() => process.exit(1))"] + interval: 60s + timeout: 10s + retries: 3 + start_period: 30s + verdaccio: image: verdaccio/verdaccio:6 container_name: mana-verdaccio