Fix Dockerfile to include all required shared packages and add
health endpoint for Docker healthcheck. Enable skilltree-web
service in docker-compose.macmini.yml.
- Add Dockerfile for production build
- Add docker-entrypoint.sh for runtime config
- Add hooks.server.ts for client-side env injection
- Add zitare-web service to docker-compose.macmini.yml
- Port 5012
- Depends on zitare-backend
- Health check on /health endpoint
- Add Dockerfile for zitare-backend (multi-stage build, port 3007)
- Add docker-entrypoint.sh for database setup
- Add zitare-backend service to docker-compose.macmini.yml
- Update matrix-zitare-bot to depend on zitare-backend
- Add zitare-backend to CI workflow (change detection + build job)
After successful !login, the bot now stores a persistent link between
the Matrix user ID and the Mana account in mana-core-auth. This allows
the bot to auto-authenticate users in the future without requiring
another !login command.
Changes:
- Add createMatrixUserLink() method to SessionService
- Call link creation after successful login
- Add MANA_CORE_SERVICE_KEY to todo and calendar bot docker config
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Switch manacore-web from GHCR image to local build for faster
deployment of frontend changes (self-service /settings/my-data).
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Medium priority stability improvements:
Alerting:
- Add vmalert for evaluating Prometheus alert rules
- Add alertmanager for alert routing and grouping
- Add alert-notifier service for Telegram/ntfy notifications
- Enable cadvisor scraping in prometheus config
Disk Monitoring:
- Add check-disk-space.sh for hourly disk monitoring
- Alert on 80% (warning) and 90% (critical) thresholds
- Auto-cleanup Docker when disk is critical
- Add com.manacore.disk-check.plist for LaunchD
Weekly Reports:
- Add weekly-report.sh for system health summary
- Includes: backup status, disk usage, container health,
database stats, error log summary
- Runs every Sunday at 10 AM via LaunchD
Health Check Updates:
- Add checks for vmalert, alertmanager, alert-notifier
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add admin modules with GET/DELETE /api/v1/admin/user-data/:userId
- Photos: albums, favorites, tags counting and deletion
- Clock: alarms, timers, world clocks, presets counting and deletion
- Storage: files, folders, shares, tags counting and deletion
- Update UserDataService to include photos, clock, storage backends
- Add ADMIN_SERVICE_KEY env var to all backends in docker-compose
- Build storage-backend locally instead of using GHCR image
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Configure mana-auth with internal Docker network URLs to query
project backends for user data (Chat, Todo, Calendar, Contacts,
Picture, Presi).
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Disable api-gateway and skilltree-web (no working images/Dockerfiles)
- Fix mana-search Dockerfile healthcheck port and endpoint
- Update health-check.sh to skip disabled services
- Fix search service health endpoint (/api/v1/health)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- mana-search: GHCR image is broken (missing node_modules)
- skilltree-web: GHCR image doesn't exist
- api-gateway: disabled (no image, no Dockerfile)
All three now build locally on Mac Mini instead of pulling from GHCR.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Switch 5 backends from pulling ghcr.io images to building locally:
- chat-backend
- todo-backend
- calendar-backend
- clock-backend
- contacts-backend
This ensures Dockerfiles with shared-drizzle-config are used directly.
mana-media Dockerfile has a pre-existing bug with pnpm symlinks
that needs to be fixed separately.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add Dockerfile for photos-backend (port 3039)
- Add Dockerfile for photos-web (port 5019)
- Add docker-entrypoint.sh for database migrations
- Add health endpoint for photos-web
- Add photos services to docker-compose.macmini.yml
- Update CORS_ORIGINS for mana-auth and mana-media
- Update CLAUDE.md with production URLs
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Use --ignore-scripts to skip postinstall builds during install
- Remove unnecessary shared-builder stage
- Fix health check URL to /api/v1/health
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Implement mana-media service with PostgreSQL/Drizzle ORM persistence
- Add content-addressable storage (SHA-256) for automatic deduplication
- Add Matrix MXC URL import endpoint to copy images from Matrix
- Create @manacore/media-client package for service consumption
- Integrate mana-media into NutriPhi bot for persistent image storage
- Update pnpm-workspace.yaml to include nested service packages
- Add mana-media to docker-compose with port 3015
Images sent to NutriPhi bot are now stored in mana-media after analysis,
providing persistent storage with deduplication across all apps.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add mana-llm FastAPI service for LLM API gateway
- Configure CORS for playground.mana.how
- Use shared Redis from existing infra
- Connect playground to mana-llm container
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Configure Better Auth with crossSubDomainCookies for .mana.how domain
- Add COOKIE_DOMAIN environment variable (production: .mana.how)
- Sync trustedOrigins with all production subdomains
- Users now login once and are authenticated across all apps
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Move PostgreSQL data from Docker volume to /Volumes/ManaData/postgres
for better data safety and performance.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Mac Mini with Apple Silicon needs explicit platform specification
to pull amd64 images since matrix bots only have amd64 builds.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Mount MinIO data directly to /Volumes/ManaData/minio for better
performance and persistence on external SSD.
Requires Docker Desktop "Full Disk Access" permission on Mac Mini.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
SSD bind mount requires Docker Desktop GUI configuration for
/Volumes access. Reverting to standard volume until manually configured.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Update 10 Matrix Bot Dockerfiles for monorepo builds with pnpm
- Add shared package support (bot-services, matrix-bot-common)
- Extend CI pipeline with change detection and build jobs
- Update docker-compose.macmini.yml to use GHCR images
- Enable Watchtower auto-updates for Matrix Bots
Bots: mana, ollama, stats, project-doc, todo, calendar, nutriphi, zitare, clock, tts
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Switch MinIO from Docker VM storage to external SSD volume
at /Volumes/TillJakob-S04/ManaData/minio for better performance.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Remove rslave mount that doesn't work on macOS
- Use selective collectors instead of defaults
- Note: This monitors the Docker VM metrics, not host Mac
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add node-exporter service to docker-compose for CPU/Memory/Disk monitoring
- Enable node-exporter scrape target in Prometheus config
- Update System Overview dashboard with Host System section:
- CPU, Memory, Disk usage gauges
- Total RAM, Total Disk, Uptime, Load stats
- CPU & Memory over time graph
- Network I/O graph
- Add Node Exporter to service status panel
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Container was built with PORT=5180 but docker-compose had PORT=4090.
Fixed port mapping and healthcheck to use correct internal port.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add SYNAPSE_OIDC_CLIENT_SECRET to mana-core-auth env
- Enable OIDC provider config in homeserver.yaml
- Add matrix.mana.how and element.mana.how to CORS origins
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Remove all 6 Telegram bot services to focus on Matrix as the sole
messaging platform for full UI/UX control and DSGVO compliance.
Removed services:
- telegram-nutriphi-bot
- telegram-ollama-bot
- telegram-project-doc-bot
- telegram-stats-bot
- telegram-todo-bot
- telegram-zitare-bot
Also:
- Remove Telegram bot scripts from package.json
- Remove telegram-stats-bot from docker-compose.macmini.yml
- Disable Watchtower Telegram notifications
- Remove Telegram devlog
- Add comprehensive MATRIX_BOT_ARCHITECTURE.md documentation
The Matrix-only approach provides:
- Full control over user experience
- Complete DSGVO compliance (all data on own servers)
- No dependency on third-party platforms
- Unified command patterns across all bots
- Add Dockerfile for multi-stage Docker build
- Add mana-core-auth integration with login/register pages
- Add auth store using Svelte 5 runes
- Add protected route layout with auth guard
- Add health endpoint for container health checks
- Add runtime URL injection via hooks.server.ts
- Add logout button to header
- Update docker-compose.macmini.yml with llm-playground service
- Update cloudflared-config.yml with playground.mana.how route
- Update mana-llm CORS config for playground domain
- Update generate-env.mjs with auth URL variable
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- mana-core-auth container has no wget/curl, only node
- nutriphi-web had IPv6/IPv4 resolution issues with wget
- Both now use native Node.js http module for healthchecks
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add mana-search + SearXNG to docker-compose.macmini.yml
- Add api-gateway dependency on mana-search
- Add CI workflow for building mana-search Docker image
- Add CI workflow for building api-gateway Docker image
