The production domain is mana.how, not manacore.app. Updated all
references across shared-branding APP_URLS, app configs, landing pages,
docs, help content, calendar iCal UIDs, and deploy scripts.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add docker/Dockerfile.nestjs-base with all shared packages pre-built
- Convert 6 backend Dockerfiles (chat, todo, calendar, clock, contacts,
mukke) to inherit from nestjs-base:local
- Fix bugs: duplicate shared-nestjs-setup builds (mukke), unnecessary
shared-error-tracking rebuild in production stage (chat, clock)
- CD pipeline builds base image before services when backends deploy
- Net reduction: 317 lines removed, 112 added (-205 lines)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Dockerfile, docker-compose service (port 5100), Caddy and cloudflared
routing for the WhoPixels game. PORT is now configurable via env var.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add pnpm prune --prod and remove .ts/.map/test/docs files from
node_modules in the builder stage for chat, todo, calendar, clock,
and contacts backends. Same approach as mana-core-auth optimization.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Ensure shared-nestjs-metrics, shared-nestjs-setup, and shared-error-tracking
are all built in correct dependency order before the backend build step.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
All 3 backends (calendar, contacts, todo) need these packages copied and
built in the Docker build stage for error tracking and Swagger support.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Reflect production readiness improvements: Chat 74→82, Picture 72→81, Mukke 71→80.
Also fix Dockerfiles to include shared-error-tracking and shared-nestjs-setup packages.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Infrastructure:
- Add GlitchTip (web + worker) to docker-compose.macmini.yml (port 8020)
- Add glitchtip.mana.how to Cloudflare Tunnel config
- Add glitchtip database to init-db SQL
- Add GLITCHTIP_DSN to .env.development
Shared Package (@manacore/shared-error-tracking):
- initErrorTracking() - Sentry-compatible init with GlitchTip DSN
- captureException(), captureMessage(), setUser(), setTag(), flush()
- SentryExceptionFilter for NestJS (captures 5xx errors only)
- Graceful no-op when DSN is not configured
Integration:
- Add instrument.ts to calendar, contacts, todo backends
- Import instrument.ts before app bootstrap in all 3 main.ts files
- Error tracking auto-initializes when GLITCHTIP_DSN env var is set
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Extend shared-nestjs-setup bootstrapApp with optional swagger config
- Auto-setup Swagger/OpenAPI when swagger: true is passed
- Add @nestjs/swagger as optional peer dependency
- Enable swagger in calendar (:3014/api/docs), contacts (:3015/api/docs), todo (:3018/api/docs)
- Migrate todo main.ts from custom bootstrap to shared bootstrapApp
- JWT Bearer auth configured in Swagger UI
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Calendar: validate startTime < endTime on event create/update, verify
share invitation recipient matches accepting user, add @MaxLength on
search DTO, use ConfigService for FRONTEND_URL, fix Docker default port.
Contacts: replace Error with NotFoundException in tag controller, verify
contact ownership before tag operations, add @ArrayMaxSize(100) on batch
DTOs, add unique constraint on contact tags (userId, name), add
@MaxLength(10000) on note content, reorder photo upload for safety.
Todo: add self-referencing FK on parentTaskId with cascade delete,
validate parent task ownership on create, add @Min/@Max on query
limit/offset, add @MaxLength(500) on search, add error handling to
quick add in web app.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Critical bugs: fix contacts delete() inverted logic, fix photo URLs
hardcoded to localhost:9000. Add missing DB indexes across all three
apps (27 indexes total). Add data integrity constraints: cascade delete
on tasks.projectId, unique label names per user, unique default calendar
per user with race condition handling. Wrap 12 multi-step operations in
transactions (todo). Replace contacts duplicate detection full-table scan
with targeted SQL GROUP BY queries. Fix calendar N+1 event tag queries
with batch loading. Fix contacts tagId filter not being applied. Add
proper RRULE error logging. Clear calendar auth store on sign-out.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Calendar backend: upgrade jest 29→30 to fix broken pnpm symlink
(jest 29 wasn't resolving in pnpm store, all 63 tests now pass)
- Contacts backend: add @nestjs/throttler (100 req/min)
- Todo backend: add @nestjs/throttler (100 req/min)
- Consistent rate limiting across all three backends (calendar already had it)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add 22 E2E tests across 5 test suites covering auth, calendar views,
settings, event CRUD, and calendar management. Tests that require the
calendar backend gracefully skip when it's not running.
Also fixes: hooks.server.ts env fallbacks, ThrottlerGuard DI error,
and auth metrics service TypeScript error.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The package was imported but not listed in package.json, causing
Docker builds to fail since hoisted node_modules aren't available.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Backend/Web Dockerfiles: use PORT env var in healthcheck (was hardcoded)
- Web Dockerfile: align default port to 5012 (matching docker-compose)
- docker-compose.macmini.yml: add ENCRYPTION_KEY env var for calendar-backend
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add AES-256-GCM encryption for CalDAV/Apple passwords in sync service
- Add rate limiting (100 req/min) via @nestjs/throttler
- Add pagination (limit/offset) to events API with metadata response
- Add security headers (CSP, X-Frame-Options, etc.) to web app
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Changed sharedWithUserId and invitedBy from UUID to TEXT type
in calendar_shares table to match Mana Core Auth user ID format.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
All backends with setGlobalPrefix('api/v1') were registering routes
as /api/v1/api/v1/admin instead of /api/v1/admin. Changed all admin
controllers to use @Controller('admin') instead of @Controller('api/v1/admin').
Affected backends:
- calendar
- contacts
- picture
- presi
- todo
- zitare
- chat
Note: storage backend still uses @Controller('api/v1/admin') as it has
no global prefix.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
All backends use postgres-js driver, not node-postgres. The admin
services incorrectly imported from drizzle-orm/node-postgres which
caused runtime errors: "Cannot find module 'pg'"
Fixed in: chat, todo, calendar, contacts, picture, zitare
The root package.json postinstall script runs scripts/generate-env.mjs
which doesn't exist in the Docker build context. Using --ignore-scripts
skips this postinstall step since env generation isn't needed in Docker.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add comprehensive admin dashboard to view and manage user data across all projects:
Backend:
- Add admin endpoints to Chat, Todo, Contacts, Calendar, Picture, Zitare, Presi
- Each backend exposes GET/DELETE /api/v1/admin/user-data/:userId
- Service-to-service auth via X-Service-Key header
Aggregation (mana-core-auth):
- GET /api/v1/admin/users - Paginated user list with search
- GET /api/v1/admin/users/:userId/data - Aggregated data from all backends
- DELETE /api/v1/admin/users/:userId/data - GDPR deletion across all projects
Frontend (ManaCore web):
- New User Data tab in admin navigation
- User search page at /admin/user-data
- User detail page with ProjectDataCard components
- GDPR deletion dialog with email confirmation
Presi:
- Migrate user_id from UUID to TEXT for Better Auth compatibility
- Add SQL migration script
- Build matrix-mana-bot only for linux/amd64 (arm64 fails due to QEMU)
- Move pnpm overrides for cpu-features and ssh2 to root package.json
- These native deps cause illegal instruction errors under QEMU emulation
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Define compiler options locally instead of extending shared-tsconfig
to fix drizzle-orm type compatibility issues. Also add missing
shared-vite-config dependency to skilltree/web.
Fixed backends:
- calendar, chat, clock, contacts, nutriphi
- picture, presi, questions, skilltree, todo
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add mana-search + SearXNG to docker-compose.macmini.yml
- Add api-gateway dependency on mana-search
- Add CI workflow for building mana-search Docker image
- Add CI workflow for building api-gateway Docker image
Replace local MetricsService implementations with @manacore/shared-nestjs-metrics:
- chat, calendar, todo, clock, contacts, skilltree
Removes ~350 LOC of duplicated metrics code:
- Delete local metrics directories (service, module, controller)
- Remove manual metrics middleware from main.ts
- Use MetricsModule.register({ prefix: 'app_' }) pattern
Part of consolidation effort - see docs/CONSOLIDATION_OPPORTUNITIES.md
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Implement external calendar synchronization:
- CalDAV sync for Apple Calendar and generic CalDAV servers
- Google Calendar API integration with OAuth2 flow
- iCal URL import for read-only calendar feeds
- Bi-directional sync with configurable direction
- Scheduled background sync (every 5 minutes)
- Manual sync trigger via API
New endpoints:
- GET/POST /api/v1/sync/external - List/connect external calendars
- GET/PUT/DELETE /api/v1/sync/external/:id - Manage external calendar
- POST /api/v1/sync/external/:id/sync - Trigger manual sync
- POST /api/v1/sync/caldav/discover - Discover CalDAV calendars
- GET /api/v1/sync/google/auth-url - Get Google OAuth URL
- GET /api/v1/sync/google/callback - Handle OAuth callback
- GET /api/v1/calendars/:id/export.ics - Export calendar as iCal
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Replace console.error with NestJS Logger in NetworkService
- Remove debug console.log statements from mana page and events store
- Remove stale TODO comment in ShareController (user.email already available)
- Update TODO comments to "Workaround" notes in EventContextMenu
- Fix port fallback in main.ts (3016 → 3014) for consistency
- Email Service: Add email.service.ts with Brevo SMTP for reminders and
calendar share invitations (German templates)
- Push Notifications: Add notification module with Expo Push API support,
device token management, and notification.controller.ts endpoints
- Reminder Service: Integrate email and push notifications in reminder
processing, add userEmail field to reminders schema
- Share Service: Send invitation emails when sharing calendars
- Unit Tests: Add jest.config.js and 63 tests for CalendarService,
EventService, ReminderService, and ShareService with mock utilities
- Database Migrations: Add migrate.ts with advisory locks for safe
production deployments
- Type-Checking: Enable type-check script for web app, fix all TypeScript
errors including CalendarViewType completeness and optional field access
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add metrics module to calendar, chat, clock, contacts backends
- Add metrics module to mana-core-auth service
- Expose /metrics endpoint for Prometheus scraping
- Track HTTP requests, response times, and custom business metrics
Co-Authored-By: Claude <noreply@anthropic.com>
- Add network view as "N" option in view switcher (like contacts app pattern)
- Create view-mode store to switch between calendar/network modes
- Move NetworkView from /network route to embedded component
- Add heatmap mode with StatsOverlay for event density visualization
- Extend network service to create connections by:
- Shared tags (highest priority, variable strength)
- Same calendar (strength 50%)
- Same date (strength 40%)
- Same location (strength 60%)
- Fix network controller route prefix (was /api/v1/api/v1/network)
- Remove separate /network and /statistics pages
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add portal action to move overlay to body, escaping parent stacking contexts
- Set z-index: 99999 via inline style to ensure overlay appears above all UI elements
- Remove z-index: 0 from main-content that was creating a stacking context
- Overlay now correctly displays above DateStrip, Toolbar, and InputBar
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Create 4 default calendars for new users: Persönlich, Beruf, Familie, Freizeit
- Add event count dots below dates in DateStrip (max 5 dots)
- Show blue dots for events, white dots on today
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
New users can now create events without having a pre-existing calendar.
The backend automatically creates a default calendar ("Mein Kalender")
when an event is created without a calendarId.
Changes:
- Make calendarId optional in CreateEventDto and CreateEventInput
- Event service calls getOrCreateDefaultCalendar when no calendarId provided
- Frontend forms show "Standardkalender wird erstellt" when no calendars exist
- Frontend refreshes calendars after event creation if none existed
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Better Auth generates non-UUID user IDs (32-char base62 format like
'otUe1YrfENPdHnrF3g1vSBfpkQfambCZ'). Changed all `uuid('user_id')` to
`text('user_id')` in Drizzle schemas for consistency with auth system.
Affected packages/apps:
- apps/calendar, clock, picture, zitare
- games/figgos, voxelava
- packages/manadeck-database, news-database, uload-database
- services/mana-core-auth (feedback schema)
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Add complete Docker deployment infrastructure for 4 new applications:
- Dockerfiles for backend (NestJS) and web (SvelteKit) apps
- docker-entrypoint.sh scripts with PostgreSQL wait and schema push
- Updated docker-compose.staging.yml with 7 new services
- Updated CI/CD workflows with build matrix and health checks
