- Add MODEL_METADATA config for Ollama models with descriptions and modality
- Update default model to gemma3:4b
- Show model descriptions in ModelSelector and ComparisonSelector
- Add docs/OLLAMA_MODELS.md with instructions for adding new models
- Document external 4TB SSD setup in MAC_MINI_SERVER.md
- Add gemma3:12b, gemma3:27b, qwen2.5-coder:14b to model registry
Remove all 6 Telegram bot services to focus on Matrix as the sole
messaging platform for full UI/UX control and DSGVO compliance.
Removed services:
- telegram-nutriphi-bot
- telegram-ollama-bot
- telegram-project-doc-bot
- telegram-stats-bot
- telegram-todo-bot
- telegram-zitare-bot
Also:
- Remove Telegram bot scripts from package.json
- Remove telegram-stats-bot from docker-compose.macmini.yml
- Disable Watchtower Telegram notifications
- Remove Telegram devlog
- Add comprehensive MATRIX_BOT_ARCHITECTURE.md documentation
The Matrix-only approach provides:
- Full control over user experience
- Complete DSGVO compliance (all data on own servers)
- No dependency on third-party platforms
- Unified command patterns across all bots
Add new blueprints content collection and pages for documenting
architecture decisions, technology strategies and long-term planning.
- Add blueprints collection schema with status tracking (draft/proposal/accepted/implemented/superseded)
- Create index and detail pages for blueprints at /blueprints
- Add first blueprint: Mana Cluster & Federation Architecture
- Add ADR-002 in docs/decisions for internal reference
- Add nav.blueprints translation for all 5 languages
- Add blueprints link to main navigation
Comprehensive documentation of today's work including:
- Matrix SSO/OIDC integration with Better Auth
- 9 new Matrix bots for app integration
- LLM Playground UI
- Demo mode removal from all apps
- Docker and build fixes
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Configure Matrix Synapse as a trusted client that skips the consent screen.
This enables seamless SSO login without requiring user consent for each login.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Better Auth expects 'redirectUrls' (lowercase 'urls') but schema had
'redirectURLs' (uppercase 'URLs'). This caused the redirect URI validation
to fail because Drizzle returned the wrong property name.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add Dockerfile for multi-stage Docker build
- Add mana-core-auth integration with login/register pages
- Add auth store using Svelte 5 runes
- Add protected route layout with auth guard
- Add health endpoint for container health checks
- Add runtime URL injection via hooks.server.ts
- Add logout button to header
- Update docker-compose.macmini.yml with llm-playground service
- Update cloudflared-config.yml with playground.mana.how route
- Update mana-llm CORS config for playground domain
- Update generate-env.mjs with auth URL variable
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Better Auth's OIDC provider expects redirect_urls to be a comma-separated
string, not a JSON array. Updated seed script and schema documentation.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The OIDC request handler was not properly forwarding sign-in requests.
Added a dedicated handler that:
- Directly calls Better Auth's handler
- Properly handles Set-Cookie headers for session cookies
- Exposed getHandler() method from BetterAuthService
- Added trustedOrigins configuration to allow cross-origin requests
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Chat interface with message history
- Model selector for available LLM models
- Parameter panel (temperature, max tokens, etc.)
- System prompt editor
- Svelte 5 runes-based stores
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Update pnpm-lock.yaml with matrix bot dependencies
- Add environment variables to generate-env.mjs
- Improve mana-llm config and ollama provider
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Enforce login redirect for unauthenticated users
- Remove demo banner, AuthGateModal, and GuestWelcomeModal
- Remove guest mode state variables and CSS styles
- Simplify showLogout to always show when user is logged in
Affected apps: todo-web, contacts-web, clock-web, questions-web, chat-web
- Quick chat mode for stateless single messages (!chat)
- Full conversation management (create, list, select, delete)
- Message history with context-aware AI responses
- Model selection (Ollama, OpenRouter, OpenAI, Anthropic)
- Conversation actions: archive, restore, pin, unpin, rename
- German/English command aliases
- Number-based reference system for ease of use
- JWT auth via mana-core-auth
- Health check endpoint on port 3327
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Remove demo events and related data files
- Redirect unauthenticated users to /login
- Remove AuthGateModal, GuestWelcomeModal
- Remove demo banner and related CSS
- Simplify events store (no more demo checks)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Skill management: create, list, view details, delete
- XP tracking with level-up notifications
- Branch filtering (intellect, body, creativity, social, practical, mindset, custom)
- Activity history per skill or global
- User statistics (total XP, skill count, highest level, streak)
- German/English command aliases
- Number-based reference system for ease of use
- JWT auth via mana-core-auth
- Health check endpoint on port 3326
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The OIDC login page was using our custom /api/v1/auth/login endpoint
which returns tokens but doesn't set session cookies. Better Auth's
OIDC provider needs session cookies to recognize logged-in users.
Changes:
- Update login page to use /api/auth/sign-in/email (Better Auth native)
- Add sign-in endpoint handler in oidc.controller.ts
- Add route exclusion in main.ts for the sign-in path
This fixes the infinite redirect loop where users would log in but
then be sent back to login because the OAuth2 authorize endpoint
couldn't detect the session.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add build script to compile TypeScript to dist/
- Update exports to point to compiled files
- Update calendar-web Dockerfile to build shared-vite-config
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add build script to compile TypeScript to dist/
- Update exports to point to compiled files
- Update calendar-web Dockerfile to build shared-vite-config
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
When redirected from authorization endpoint, the client_id is encoded
in the returnUrl parameter, not directly in query params. This fix
extracts it properly to display the correct application name.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Full NestJS bot with matrix-bot-sdk integration
- Plant CRUD: list, add, view, edit, delete plants
- Watering: mark as watered, upcoming waterings, history
- Care settings: light, humidity, temperature, soil, notes
- Watering interval configuration
- Health status tracking with emoji indicators
- German/English command aliases
- Number-based reference system for plants
- JWT auth via mana-core-auth
- Runs on port 3322
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The login page uses inline JavaScript for the form submission handler.
Helmet's default CSP was blocking this, preventing users from logging in
via OIDC/SSO flows (e.g., Matrix Synapse).
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Full NestJS bot with matrix-bot-sdk integration
- Deck CRUD: list, create, view, delete decks
- Card management: view cards and card details
- AI generation: generate decks with AI (30 Mana)
- Study sessions: start learning sessions
- Progress tracking: due cards, statistics
- Public features: featured decks, leaderboard
- Credit system: mana balance display
- German/English command aliases
- Number-based reference system for decks and cards
- JWT auth via mana-core-auth
- Runs on port 3321
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- List, search, and view contact details
- Create, edit, and delete contacts
- Toggle favorites and archive status
- Number-based reference system for easy commands
- German and English command aliases
- Login/logout via mana-core-auth
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Generate images via Picture backend with `!generate` command
- Support prompt options (--width, --height, --steps, --negative)
- Model selection with `!models` and `!model [id]`
- Image history and deletion
- Login/logout via mana-core-auth
- Credit balance display
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Svelte 5 runes in @manacore/shared-ui components were not being
transformed correctly during SSR, causing "$state is not defined"
errors. Since matrix-js-sdk requires browser APIs anyway, disabling
SSR for the (app) routes is the correct solution.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Email alerts were causing too many notifications. Changed default
from true to false so new users won't receive email notifications
unless explicitly enabled. Push notifications remain enabled.
Replaced the matrix-mana-gateway-bot devlog with a more comprehensive post
covering all 55 commits: 3 new microservices (mana-llm, mana-crawler,
mana-notify), Matrix Web Client Phase 3 features, and the massive codebase
consolidation with 8 new shared packages saving ~2,500 LOC.
Only include emailOptions object when from or replyTo is provided,
preventing validation errors when these optional fields are not set.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Move queue name constants to separate file (queue-names.ts) to avoid
circular dependency between queue.module.ts and processor files.
The @Processor decorator evaluates at module load time, and importing
constants from queue.module.ts created a circular dependency that
resulted in undefined queue names.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
