mAi
1ffbfc6e69
gitea package (new): minimal client mirroring caldav's structure
- client.go: token auth, 5s timeout, ErrNotFound
- issues.go: ListIssues(owner, repo, opts) hitting
/repos/{o}/{r}/issues?type=issues&state=…&since=…, ParseRepoRef,
RepoHTMLURL. PullRequest-flagged rows dropped server- and client-side.
- httptest stubs covering parse, 404, ParseRepoRef variants.
web wiring:
- Server.Gitea optional GiteaDeps (Client + in-memory 3-min TTL cache
keyed by owner/repo|state).
- detailIssues iterates every gitea-repo link, sums open issues, captures
last-30d closed (≤20) into a disclosure. Per-repo failures surface as
banner; one missing repo never blanks the section.
- relativeTime renders "Nm/h/d ago" / "yesterday" / fallback date.
Templates:
- issues_section.tmpl: per-repo block, header "Issues (n) + ↗ Gitea repo",
rows with #N · title · labels · milestone · assignees · updated.
Titles open in new tab.
- detail.tmpl: include the partial when Gitea is on and issues != nil.
- CSS: matches the Tasks section visual language.
main.go: GITEA_URL gates the integration (off when unset). GITEA_URL set
but GITEA_TOKEN missing → refuse to start.
deploy/dokploy.yaml: GITEA_URL env + GITEA_TOKEN secret added.
docs/design.md: new §6 mirroring §5's structure (link model, listing
semantics, caching, env contract, parked items).
49 lines
1.4 KiB
YAML
49 lines
1.4 KiB
YAML
# Dokploy app: projax
|
|
#
|
|
# Apply via Dokploy UI on mlake, or as a reference for the manual setup.
|
|
# Public over HTTPS with Let's Encrypt; auth is enforced at the application
|
|
# layer via Supabase JWT cookies federated with mgmt.msbls.de.
|
|
# Single replica, single tenant (m).
|
|
#
|
|
# Environment expected (set via Dokploy secrets, NEVER commit):
|
|
# PROJAX_DB_URL postgres://projax_admin:<pw>@<msupabase-tailscale-ip>:6789/postgres?sslmode=disable
|
|
# PROJAX_LISTEN_ADDR :8080 (default; Dokploy maps to public port)
|
|
# PROJAX_AUTO_MIGRATE on (default; set "off" to bypass embedded migrations on boot)
|
|
#
|
|
# README §"Deploy / 0. Manual prerequisite" documents the one-time CREATE ROLE
|
|
# projax_admin + cross-schema grants + RLS policy on mai.projects. The
|
|
# migrations themselves are credential-free.
|
|
|
|
name: projax
|
|
service: projax
|
|
image:
|
|
build:
|
|
context: .
|
|
dockerfile: Dockerfile
|
|
domain:
|
|
host: projax.msbls.de
|
|
port: 8080
|
|
https: true
|
|
healthcheck:
|
|
path: /healthz
|
|
interval: 30s
|
|
timeout: 3s
|
|
retries: 3
|
|
resources:
|
|
cpu: 250m
|
|
memory: 128Mi
|
|
replicas: 1
|
|
restart: unless-stopped
|
|
env:
|
|
- PROJAX_LISTEN_ADDR=:8080
|
|
- PROJAX_AUTO_MIGRATE=on
|
|
- SUPABASE_URL=https://supa.flexsiebels.de
|
|
- DAV_URL=https://dav.msbls.de/dav/calendars/m/
|
|
- GITEA_URL=https://mgit.msbls.de
|
|
secrets:
|
|
- PROJAX_DB_URL
|
|
- SUPABASE_ANON_KEY
|
|
- DAV_USER
|
|
- DAV_PASSWORD
|
|
- GITEA_TOKEN # = GITEA_TOKEN_AI from .env.age (mAi automation account)
|