Web apps use hooks.server.ts to inject window.__PUBLIC_*__ variables at
runtime, but docker-compose.staging.yml was only setting vars for
docker-entrypoint.sh config.json. This caused web apps to fall back to
localhost URLs in production.
Changes:
- Add PUBLIC_*_CLIENT env vars for all staging web apps
- Update calendar-web hooks.server.ts to inject contacts API URL
- Add picture-backend and picture-web to CI Docker build matrix
- Add picture services to staging deployment workflow
- Add picture-backend to production deployment workflow
- Create Dockerfile and docker-entrypoint.sh for picture-web
- Fix picture-backend Dockerfile port (3003→3006) and health endpoint
- Add picture routes to Caddyfile.staging
- Add REPLICATE_API_TOKEN and MANA_CORE_SERVICE_KEY env vars
Calendar app was using $env/dynamic/public for TODO and Contacts API
URLs, which doesn't work in SPA mode. Updated to use runtime config:
- Add TODO_API_URL and CONTACTS_API_URL to runtime config
- Update docker-entrypoint.sh to include new env vars
- Refactor todos.ts and birthdays.ts to use lazy-loaded clients
- Refactor user-settings.svelte.ts with lazy store initialization
- Add env vars to docker-compose.staging.yml
This fixes staging deployment where cross-app integrations were
calling localhost instead of staging URLs.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Replace window injection and build-time env vars with runtime config
loaded from /config.json (generated by Docker entrypoint). This fixes
the staging deployment issue where apps were requesting localhost URLs
instead of production URLs.
Changes:
- Add runtime.ts config loader with Zod validation (fail-hard in prod)
- Disable SSR via +layout.ts (apps are client-only SPAs)
- Update API clients and auth stores to use async config getters
- Add docker-entrypoint.sh scripts to generate config.json at startup
- Update Dockerfiles with ENTRYPOINT for config generation
- Simplify docker-compose.staging.yml env vars (12-factor pattern)
- Add static/config.json as dev fallback (localhost defaults)
- Fix onMount return type (Svelte 5 compatibility)
- Add zod dependency to Picture app
- Add backward compat exports for Contacts app
Apps updated:
- Clock (port 3017)
- Chat (port 3002)
- Picture (port 3006)
- Contacts (port 3015)
- Calendar (port 3016)
- Manacore (multi-app platform)
Benefits:
- Build once, deploy anywhere (same Docker image for all envs)
- Configuration in environment, not code (12-factor compliance)
- Fail-hard on missing/invalid config in production
- No accidental SSR localhost fallbacks
- Schema validation ensures all required URLs are present
- Updated all web app hooks.server.ts to use $env/dynamic/private
instead of process.env for reading environment variables
- This allows Docker containers to inject env vars at runtime
- Updated docker-compose.staging.yml with HTTPS staging domains
- Fixes Mixed Content errors when accessing staging via domains
Affected apps: clock, chat, calendar, todo, manacore
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add Dockerfile and entrypoint for todo-backend
- Add todo-backend and todo-web services to docker-compose.staging.yml
- Add todo to cd-staging-tagged.yml workflow options and port mappings
- Add todo-backend and todo-web to ci-main.yml build matrix
- Enable CI builds on dev branch (staging deployments)
- Fix workflow bug: add --force-recreate to handle stale containers
Allow manacore-web (port 5173) to call todo-backend, calendar-backend,
and clock-backend APIs by adding it to their CORS_ORIGINS.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- manacore-web: Update todo, calendar, contacts service files to use
runtime URLs from window instead of import.meta.env (baked at build time)
- manacore-web: Add backend URL env vars to docker-compose.staging.yml
- manacore-web: Fix fallback ports (todo: 3017→3018, calendar: 3014→3016)
- todo-web: Update API client to use runtime URL from window
This enables Docker containers to use runtime-injected URLs instead of
build-time environment variables.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Added CORS origins for all staging web apps:
- manacore-web: 5173
- calendar-web: 5186
- clock-web: 5187
- todo-web: 5188
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Add complete Docker deployment infrastructure for 4 new applications:
- Dockerfiles for backend (NestJS) and web (SvelteKit) apps
- docker-entrypoint.sh scripts with PostgreSQL wait and schema push
- Updated docker-compose.staging.yml with 7 new services
- Updated CI/CD workflows with build matrix and health checks
Allow cross-origin requests from chat-web (port 3000) and chat-backend (port 3002)
to mana-core-auth (port 3001) on staging server.
Without this, browser requests from chat-web to mana-core-auth are blocked
by CORS policy since they're on different ports (3000 vs 3001).
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Problem: Browser was calling localhost:3001 instead of staging server IP
because environment variables from Docker aren't available client-side.
Solution:
1. Add PUBLIC_*_CLIENT env vars to docker-compose.staging.yml for browser URLs
2. Inject these into window.__PUBLIC_*__ via hooks.server.ts transformPageChunk
3. Auth store reads from window variable for client-side requests
This pattern properly handles:
- SSR: Uses Docker internal URLs (http://mana-core-auth:3001)
- Client: Uses public URLs (http://46.224.108.214:3001)
- Local dev: Falls back to localhost
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
The chat-backend NestJS health endpoint is at /api/v1/health, not /api/health.
This was causing the container to be marked as unhealthy, preventing chat-web
from starting due to its depends_on condition.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add @sveltejs/adapter-node for server-side rendering
- Create Dockerfile for chat web SvelteKit app
- Add /health endpoint for container health checks
- Add chat-web service to docker-compose.staging.yml
- Update CI/CD workflow with chat-web health check
The chat app now deploys with both backend and web frontend:
- mana-core-auth (port 3001) - central auth
- chat-backend (port 3002) - API
- chat-web (port 3000) - web frontend
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Archived full staging config for future restoration:
- docker-compose.staging.full.yml (includes manadeck, nginx)
- .github/workflows/cd-staging.full.yml (includes all health checks)
Simplified staging deployment:
- Only deploys postgres, redis, mana-core-auth, chat-backend
- Added database creation step for manacore_auth and chat DBs
- Faster iteration for testing central auth integration
To restore full config:
cp docker-compose.staging.full.yml docker-compose.staging.yml
cp .github/workflows/cd-staging.full.yml .github/workflows/cd-staging.yml
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Fixes two critical deployment issues:
1. Postgres Container Startup Failure:
- Remove missing init.sql volume mount that caused postgres to fail
- Postgres was trying to mount ./docker/postgres/init.sql which doesn't exist
- Added REDIS_PASSWORD environment variable
2. Health Check SSH Issues:
- Consolidated health checks into single SSH session
- Increased wait time from 30s to 60s for services to fully initialize
- Improved health check output with clear status messages
- Added container status logging for debugging
3. Docker Compose Improvements:
- Remove obsolete 'version: 3.9' field (deprecated in Compose v2)
- Increase initial startup wait from 10s to 15s
Changes to docker-compose.staging.yml:
- Removed non-existent init.sql volume mount from postgres
- Removed obsolete version field
Changes to .github/workflows/cd-staging.yml:
- Added REDIS_PASSWORD to environment variables
- Consolidated health checks into single SSH session (fixes "ssh: command not found")
- Increased wait times for service initialization
- Improved logging and error messages
This should fix the "dependency failed to start: container manacore-postgres-staging is unhealthy" error.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Changes to .github/workflows/cd-staging.yml:
- Add Docker login step for GitHub Container Registry (ghcr.io)
- Add permissions for packages:read
- Update service deployment options to only include services with Dockerfiles
- Update health checks to match deployed services
Changes to docker-compose.staging.yml:
- Comment out services without Dockerfiles:
- maerchenzauber-backend (no Dockerfile yet)
- nutriphi-backend (no Dockerfile yet)
- news-api (no Dockerfile yet)
- Keep only services with Docker images:
- mana-core-auth ✅
- chat-backend ✅
- manadeck-backend ✅
- Update nginx dependencies to remove disabled services
This fixes the "error from registry: denied" error that was preventing
staging deployments. The deployment was trying to pull Docker images
that were never built because those services don't have Dockerfiles.
Now only services with actual Docker images will be deployed to staging.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
