Document the icon standard: always use Phosphor components from
@manacore/shared-icons, never inline SVG paths. Lists exceptions
(spinners, brand logos, charts, decorative SVGs).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Without this, Better Auth's definePayload receives a user object
without the custom accessTier column, causing the JWT tier claim
to always default to 'public'.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Migrate 41 inline SVG icons to Phosphor components across 21 shared-ui
files including CommandBar, InputBar, Sidebar, AudioPlayer, PageHeader,
Select, TagBadge, SettingsRow, and more.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Replace remaining inline SVG icons in photos (25 SVGs), mukke player
controls, clock world-clock, and inventar settings. All remaining
inline SVGs are now exclusively spinners, brand logos, or dynamic
icon rendering via {@html}.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Move board view management (ViewSelector, activeViewId, ViewEditorModal)
from +page.svelte to +layout.svelte
- Layout pill in PillNav now toggles ViewSelector strip visibility
- +page.svelte reduced to minimal BoardViewRenderer with context-provided view
- Provide activeView via Svelte context from layout
- Fix broken import in TaskItem.svelte (linter artifact)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Migrate inline SVG icon paths to Phosphor components in chat, zitare,
times, citycorners, inventar, manacore, todo, playground, presi, and
more. Part of repo-wide icon unification effort.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Consolidate the two separate view systems (homepage paper pages + /kanban board)
into one unified system on `/`. All three layout modes (Fokus, Übersicht, Matrix)
share the same LocalBoardView data model and BoardViewRenderer, with layout
switching via PillNav tabs instead of route navigation.
- Add FokusLayout component (scroll-snap paper sheets with DnD)
- Add activeLayoutMode setting (fokus/uebersicht/matrix)
- Add layoutOverride prop to BoardViewRenderer
- Rewrite homepage to use BoardViewRenderer + ViewSelector
- Unify DnD type to 'task-dnd' across all layouts
- Convert PillNav from route-based to state-based view switching
- Delete /kanban route (redirect to / with uebersicht mode)
- Update PWA shortcuts, settings, onboarding, help content
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Migrate all inline SVG icon paths to Phosphor components from
@manacore/shared-icons across 38 files. Only spinners (loading
animations) and brand logos (Google) remain as inline SVGs.
Calendar: 0 inline icon SVGs remaining
Contacts: 6 remaining (3 spinners, 1 spinner, 2 Google logos)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Remove floating edit FAB from +page.svelte
- Add "Layout" pill (grid icon) to PillNav, only visible on homepage
- Share editMode state between layout and page via Svelte context
- Label toggles between "Layout" and "Fertig" when active
- Escape key exits edit mode
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
The client (shared-auth) calls /api/v1/auth/session-to-token for SSO and
2FA flows, but this endpoint was never implemented. Also, the login endpoint
returned raw Better Auth session data instead of the expected
{ accessToken, refreshToken } format.
- Add POST /api/v1/auth/session-to-token endpoint
- Fix login to generate JWT via Better Auth's /api/auth/token
- Fix refresh to return JWT instead of raw session data
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Introduces a tiered access control system so apps can be released
gradually (founder → alpha → beta → public) without extra infrastructure.
Users are gated at the AuthGate level based on their tier vs the app's
requiredTier. All apps remain deployed and reachable, but only users
with sufficient tier can enter.
- Add accessTier enum + column to users schema (default: 'public')
- Add tier claim to JWT payload in better-auth config
- Add requiredTier field to ManaApp interface + all 25 apps
- Add hasAppAccess(), getAccessibleManaApps(), ACCESS_TIER_LABELS
- Update AuthGate with tier check + access denied screen
- Update getPillAppItems + Home page to filter by user tier
- Update all 22 app layouts to pass user tier to PillNav
- Add admin API: GET/PUT /api/v1/admin/users/:id/tier
- Document access tier system in CLAUDE.md
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
pnpm skips workspace linking when glob patterns like apps/*/apps/* from
pnpm-workspace.yaml match no directories. This caused @manacore/feedback
and other packages to be copied but not linked in node_modules. Fix adds
a post-install step that creates symlinks for all packages/* entries.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- inventar-web: second nested <button> in list view also converted to
<div role="button"> to fix Svelte 5 HTML validation
- uload-server: port changed from 3041 to 3070 to avoid conflict with
Forgejo which also binds port 3041
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- mana-media: strip workspace devDep before bun install (shared-drizzle-config
is only needed for drizzle-kit, not at runtime)
- inventar-web: replace nested <button> with <div role="button"> to fix
Svelte 5 HTML validation error during build
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The mirror workflow runs git pull on the server's working directory,
which fails if there are uncommitted changes (e.g., from manual edits).
Adding git stash before pull prevents this.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Forgejo runner has no macOS binary — Docker-based runner can't access
host filesystem/SSH needed for CD. GitHub CD via native self-hosted
runner handles all deployments. Forgejo remains a push-mirror for
backup and visibility.
- Remove .forgejo/workflows/cd-macmini.yml
- Remove forgejo-runner service from docker-compose
- Update mirror workflow comments
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- check-disk-space.sh: always prune dangling images, unused volumes, and
build cache >7 days on every run (not just at critical threshold)
- check-disk-space.sh: auto-remove node_modules if found on server
(never needed — Docker builds inside containers)
- disk-check launchd: reduce interval from 60min to 15min to catch
disk issues faster (yesterday we hit 100% before hourly check caught it)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- check-disk-space.sh now pushes mac_disk_used_percent + mac_colima_disk_used_gb
to Pushgateway every hour so vmalert can alert on real macOS disk usage
- alerts.yml: replace broken node-exporter disk alerts with Pushgateway-based ones
- master-overview.json: add "Recent Errors (Loki)" section with live error log
stream, error rate timeseries and top error sources barchart
- move-colima-to-external-ssd.sh: guided script to move 200GB Colima VM
datadisk from internal SSD to /Volumes/ManaData (3.6TB external SSD)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
node-exporter runs in VM and can't see host macOS disks directly.
Use custom mac_disk_used_percent metrics pushed via Pushgateway instead.
Also add ColimaVMDiskLarge alert when datadisk exceeds 150 GB.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
relabel drop removed the entire stream before labels were set, causing
the "at least one label pair required" error. pipeline_stages drop runs
after labels are established, which is correct for filtering by tier.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
adapter-auto does not produce a build/ directory for node deployments,
causing Docker builds to fail. Switch to adapter-node like all other apps.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Both variables were used with bind:value but not declared.
Svelte 5 requires bind targets to be declared with $state().
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Containers that don't match any tier regex had no labels, causing Loki to
reject the stream with "at least one label pair is required".
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Loki healthcheck interval is 5min — using service_healthy blocks Promtail
from starting for up to 5 minutes. service_started is sufficient since
Loki reports /ready immediately after startup.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- .github/workflows/mirror-to-forgejo.yml: on push to main, runner on Mac Mini
pushes to Forgejo via local SSH (localhost:2222). Keeps Forgejo in sync.
- .forgejo/workflows/cd-macmini.yml: deploy step now pulls from forgejo remote
(ssh://localhost:2222) instead of GitHub origin.
Flow: local → git push origin main → GitHub → mirror-to-forgejo runs on Mac Mini
→ pushes to Forgejo → Forgejo CD pipeline → deploys containers
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- docker-compose: fix port mapping 2222:2222 → 2222:22 (sshd listens on 22)
- .forgejo/workflows/cd-macmini.yml: new CD pipeline for Forgejo Actions
(mirrors .github/workflows/cd-macmini.yml, run_url points to git.mana.how)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
colima delete wipes the entire VM disk on every power cycle, forcing
full image rebuilds. colima stop --force is sufficient to clear stale
process state after a hard shutdown.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
todo-web, calendar-web, contacts-web, mana-web all depend on
@manacore/shared-links but it was missing from the base image COPY list.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The startup script runs `colima delete` on hard shutdown recovery,
wiping the colima.yaml mount config. Then `colima start` only added
/Volumes/ManaData but forgot /Users/mana — causing all file bind-mounts
to appear as empty directories (VirtioFS can't see host files).
This was the root cause of Synapse/SearXNG/Alertmanager/Loki crashing
after the power outage. Now both mounts are always passed explicitly.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Now that VirtioFS is fixed (colima /Users/mana mount restored),
file bind-mounts work correctly. Replace the cp-in-entrypoint workaround
with a direct file mount to /etc/alertmanager/alertmanager.yml.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
vmalert: was copying prometheus.yml into /etc/alerts/ causing parse
failure. Now only copies alerts.yml (the actual rules file).
synapse: mana-auth (Better Auth) has no OIDC discovery endpoint,
so disable OIDC and enable password auth until OIDC is implemented.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
YAML '>' block scalar preserves newlines for over-indented lines,
causing 'exec binary' to run without its arguments. Fix: use JSON
array format for all entrypoints to avoid YAML folding entirely.
Also fixes SearXNG entrypoint path: image updated from
dockerfiles/docker-entrypoint.sh to entrypoint.sh.
Affected: victoriametrics, loki, vmalert, alertmanager, searxng, synapse
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Create entry-parser.ts with duration extraction (2h, 30min, 1h30m),
time range parsing (9-12, 14:00-16:30), project (@), tags (#), billable
($), and date recognition. Multi-entry splitting via semicolons with
context inheritance. Integrate quick-input bar into EntryForm — type
"Meeting 2h @Client $; Review 1h" and press Enter to create multiple
entries at once.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Replace the fixed CSS Grid widget layout with a recursive tiling system
using a binary tree data model. Each node is either a leaf (widget) or
a split (horizontal/vertical) with a draggable resize handle.
New components:
- TilingLayout: Recursive renderer (leaf→TilePanel, split→flex+handle)
- TilePanel: Widget wrapper with edit controls (split H/V, change, close)
- TileResizeHandle: Draggable divider, H+V, keyboard accessible, 10-90%
Architecture:
- Binary tree model (TileNode = TileLeaf | TileSplit)
- Immutable tree operations in tiling-tree.ts (splitLeaf, removeLeaf, etc.)
- Tiling store with debounced IndexedDB persistence
- Widget registry extracted from WidgetContainer for shared use
- Mobile fallback: flattened vertical stack under 768px
- Default: Clock | Tasks | Calendar (3 panels)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add quick-input bar to NewContactModal that parses natural language
contact info (name, company, email, phone, tags) and pre-fills form
fields on Enter. Add live duplicate detection that checks name/email
against IndexedDB while typing, showing warnings for fuzzy name matches
(Levenshtein) and exact email matches. Both features run offline.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Major systems added to ManaVoxel:
- Behavior runtime: EventBus + 10 triggers + 11 action executors
- Item persistence: save/load items, inventory, area pixels to IndexedDB
- NPC system: 4 types (hostile/passive/merchant/guard), patrol/chase/attack AI
- Lighting: darkness overlay with emissive material light sources
- Day/night cycle: time-based ambient lighting on streets
- Sound system: 8 synthesized Web Audio API presets
- Sprite animation: multi-frame support in editor with play/stop
- Dialog system: NPC interaction with text bubbles and options
- Item properties: range, speed, durability, element all functional
- Health endpoint for Docker, durability bar in inventory UI
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
