- Use transparent background to adapt to Element theme
- Remove min-height and centering (content starts at top)
- Reduce font sizes and spacing for compact display
- Use semi-transparent backgrounds for theme compatibility
- Add flex-wrap for narrow panels
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add matrix-onboarding-bot service that guides users through profile setup
- Extend mana-core-auth GlobalSettings with displayName, interests, onboardingCompleted fields
- Implement state machine for onboarding flow (NAME → INTERESTS → LANGUAGE → SUMMARY)
- Support commands: !start, !profile, !edit, !skip, !help
- Add German and English localization
- Integrate with mana-core-auth Settings API for profile persistence
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
NestJS matches routes in declaration order. The dynamic :code route was
matching before me/created and me/received, treating 'me' as a gift code.
Moved specific routes before the dynamic parameter route.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- !stats now shows personal stats (requires login)
- !global now shows global Umami analytics
- Update keywords and help text accordingly
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add Piper TTS section to mana-tts CLAUDE.md
- Document available German voices (local and cloud)
- Update matrix-tts-bot CLAUDE.md with new default voice
- Add language auto-detection documentation
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add isTokenValid() to decode JWT and check exp claim
- Refresh tokens 60 seconds before expiry (buffer)
- Auto-fetch fresh token via SSO-Link when cached token expires
- Clear invalid sessions when refresh fails
- Prevents "exp claim timestamp check failed" errors
JWT tokens from mana-core-auth expire after 15 minutes, but sessions
were cached for 7 days. Now tokens are transparently refreshed when
they expire, keeping users authenticated.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Download and configure Kerstin Piper voice (63MB, local)
- Update piper_service.py to support multiple voice models
- Set de_kerstin as default voice for TTS bot
- Update help text with new voice options
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The auto endpoint now properly routes German voices (de_thorsten, de_katja, etc.)
to Piper TTS instead of falling back to English Kokoro voices.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add editMessage() method to BaseMatrixService for Matrix message editing
- Implement live timer updates every 10 seconds using background interval
- Display progress bar using Unicode block characters (█░)
- Track active timers and update messages with current state
- Show percentage completion and remaining time
- Handle timer pause/resume/finish states
- Clean up tracking on timer completion or errors
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The /synthesize/piper endpoint doesn't exist - use /synthesize/auto
which automatically routes to the correct TTS backend based on voice.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add recentEmojis field to GlobalSettings in shared-theme
- Create userSettings store for Matrix app with JWT token management
- Exchange session cookie for JWT after SSO login
- Update MessageInput to use userSettings instead of localStorage
- Add recentEmojis support to mana-core-auth settings API
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Remove !login and !logout commands from all 16+ Matrix bots
- Remove login/logout references from all help/welcome messages
- Disable password login in Synapse (password_config.enabled: false)
- System is now OIDC-only via Mana Core authentication
Users must authenticate via "Sign in with Mana Core" in Element.
Existing bot access tokens remain valid.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add 5 new commands powered by Prometheus/VictoriaMetrics:
- !system: Mac Mini status (CPU, RAM, Disk, Uptime, Load)
- !services: Backend service health (UP/DOWN)
- !traffic: HTTP traffic & latency per service
- !db: PostgreSQL & Redis status
- !growth: User growth statistics
New modules:
- PrometheusService: Query Prometheus/VictoriaMetrics API
- InfrastructureService: Generate infrastructure reports
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Export the following from @manacore/bot-services:
- LOGIN_MESSAGES: Pre-defined auth error messages for all bot types
- AUTH_ERROR_MESSAGES: Same as LOGIN_MESSAGES (preferred name)
- formatAuthErrorMessage(): Helper to create custom auth error messages
These are used by bots to show consistent error messages when token
refresh fails and the user needs to re-authenticate.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
When the JWT token expires (15 min), the bot now automatically:
1. Detects the 401 "exp claim" error
2. Clears the expired session
3. Attempts to fetch a new token via Matrix-SSO-Link
4. Retries the failed operation with the new token
This prevents users from getting authentication errors after 15 minutes
of inactivity.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
MP3 format was causing "no supported sources" error in Element.
Switch to WAV which has broader browser/client support.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The Matrix Media API now requires authentication (spec v1.11+). Updated
all 5 affected bots to use downloadMedia() from BaseMatrixService which
handles authenticated downloads via /_matrix/client/v1/media/download/.
Affected bots:
- matrix-nutriphi-bot (images + audio)
- matrix-zitare-bot (audio)
- matrix-todo-bot (audio)
- matrix-ollama-bot (images)
- matrix-project-doc-bot (images + audio)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The Umami API returns stats in a different format than expected:
- Before: { pageviews: { value, change } }
- After: { pageviews: number, comparison: { pageviews: number } }
Transform the raw API response to the expected format and calculate
percentage change from comparison values.
Also update URL_SCHEMA.md with complete list of all mana.how services.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add TTS_API_KEY config option to configuration.ts
- Send X-API-Key header in TtsService requests
- Update docker-compose.macmini.yml with TTS_INTERNAL_API_KEY env var
- Update .env.example and CLAUDE.md documentation
The mana-tts service requires authentication, but the TTS bot was not
sending the required X-API-Key header, causing 401 errors.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Remove duplicate route prefix in GiftsController (was /api/v1/api/v1/gifts)
- Fix JwtAuthGuard to use JWT_ISSUER as fallback when BASE_URL is not set
- Add comprehensive GIFT_CODES.md documentation
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add gift code creation, redemption, and refund endpoints
- Add Stripe payment link generation for credits
- Add gifts database schema
- Enhance credits controller with new operations
Add backend endpoints for user profile management:
- GET /auth/profile - retrieve user profile data
- POST /auth/profile - update name and profile image
- POST /auth/change-password - change password (requires current)
- DELETE /auth/account - soft-delete account (requires password)
Security features:
- Password verification before sensitive actions
- Soft-delete preserves data for retention
- Security events logged for audit trail
- Rate limiting on sensitive endpoints
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Remove credit display from responses (credits still charged)
- Remove "Synchronisiert" text (sync still works)
- Use sendMessage instead of sendReply to avoid quoting user ID
- Simplify status output
- Use cleaner formatting with dots instead of pipes
- Add account deletion confirmation email
- Extend data export with sessions, security events, transactions
- Add DSGVO info banner with privacy policy link
- Add data retention periods section
- Add cookie info (no tracking cookies)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add 6-language support: original, de, en, it, fr, es
- Add quote metadata: source, year, tags, imageUrl, authorBio, verified
- Add originalLanguage field to preserve original quote language (la, el, zh, sa, etc.)
- Update all 50 quotes with full translations and metadata
- Add new utility functions: getQuoteText, getQuotesByTag, getAllTags,
getQuotesByAuthor, getVerifiedQuotes, getQuotesByYearRange,
getQuotesByOriginalLanguage
- Update matrix-zitare-bot to use new multilingual schema
- Remove local JSON storage from matrix-todo-bot and matrix-calendar-bot
- Delete TodoService, CalendarService and their modules
- Add requireLogin() helper that prompts users to authenticate
- All bot commands now require login before any operation
- Data is always synced with respective backends (todo-backend, calendar-backend)
- Update CLAUDE.md documentation for both bots
BREAKING CHANGE: Bots no longer work without authentication
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add admin modules with GET/DELETE /api/v1/admin/user-data/:userId
- Photos: albums, favorites, tags counting and deletion
- Clock: alarms, timers, world clocks, presets counting and deletion
- Storage: files, folders, shares, tags counting and deletion
- Update UserDataService to include photos, clock, storage backends
- Add ADMIN_SERVICE_KEY env var to all backends in docker-compose
- Build storage-backend locally instead of using GHCR image
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Disable api-gateway and skilltree-web (no working images/Dockerfiles)
- Fix mana-search Dockerfile healthcheck port and endpoint
- Update health-check.sh to skip disabled services
- Fix search service health endpoint (/api/v1/health)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
pnpm creates symlinks in node_modules that point to ../../node_modules/.pnpm/
These symlinks break when only the service node_modules are copied.
Using pnpm deploy creates a standalone version with all dependencies
copied (no symlinks), which works correctly in Docker.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add /api/v1/me/data endpoints for users to view, export, and delete
their own data without admin privileges (GDPR compliance).
Backend:
- New MeModule with MeController and MeService
- GET /api/v1/me/data - view own data summary
- GET /api/v1/me/data/export - download as JSON
- DELETE /api/v1/me/data - delete all own data
Frontend:
- New /settings/my-data page with full data overview
- Export button for JSON download
- DeleteConfirmationModal with email verification
- Link from settings page to my-data
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Keep same directory structure in production stage so pnpm symlinks
resolve correctly. Copy the .pnpm store and app's node_modules
separately.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add api_keys schema in mana-core-auth with SHA-256 hashing
- Create NestJS module with CRUD endpoints and validation
- Add external auth module to STT/TTS for sk_live_ key validation
- Create web UI page at /api-keys for key management
- Support rate limiting per key with configurable limits
- Cache validation results for 5 minutes to reduce auth service load
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Source .env file before starting uvicorn to enable API key auth
and other environment-based configuration.
Removes hardcoded PORT values in favor of .env configuration.
Add auth.py module to both STT and TTS services with:
- API key validation via X-API-Key header
- Rate limiting with sliding window (requests per minute)
- Internal API key option for unlimited access
- Environment variable configuration
All protected endpoints now require authentication.
Public endpoints (/health, /docs) remain accessible.
- Add Photos NestJS backend (port 3019) with albums, favorites, tags
- Add Photos SvelteKit web app (port 5189) with gallery, upload, filters
- Extend mana-media with EXIF extraction service using exifr
- Add cross-app photo listing endpoint to mana-media
- Add photo stats endpoint to mana-media
- Add photos to setup-databases.sh
Backend features:
- Albums CRUD with cover image and items management
- Favorites toggle with status check
- Tags CRUD with photo-tag associations
- Photo proxy to mana-media with local data enrichment
Web features:
- Photo grid with infinite scroll
- Photo detail modal with EXIF display
- Album grid and detail views
- Upload dropzone with progress tracking
- Filter bar (app, date range, location, sort)
- i18n support (de/en)
- Svelte 5 runes mode
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
