179 Commits

This Branch

This Branch

All Branches

Author	SHA1	Message	Date
devops	b89289989a	docs: document owner password persistence fix in deployment.md and changelog	2026-06-21 10:28:53 +02:00
devops	f95463ef50	fix: permanent owner password persistence with SeedAudit guard ... Root cause: Dual-source architecture for owner password (Gitea secret ENV_OWNER_PASSWORD vs host .env OWNER_PASSWORD) caused drift when the DB was ever re-seeded or the volume recreated. Changes: - Add SeedAudit entity + migration to track one-time seed operations - EnsureDatabaseAsync checks SeedAudit BEFORE seeding — owner is never re-created even if the Users table is wiped - Deploy and rollback workflows now read OWNER_PASSWORD from the host's persistent .env (single source of truth) instead of Gitea secrets - compose.yaml documented: OWNER_PASSWORD only used during initial seed - Cleanup: .gitignore extended for core dumps, changelog/deployment.md updated with 2026-06-20 session notes After this fix the DB is the single source of truth for the owner password after initial seed. The host .env is the single reference for the initial value.	2026-06-21 10:15:36 +02:00
devops	2d218853a5	Fix activity repository test double	2026-06-20 20:25:42 +02:00
devops	adae7ba26d	feat: ship agent progress visibility	2026-06-20 20:22:54 +02:00
devops	3dd745586b	retrigger: force deploy pipeline via push	2026-06-20 19:05:33 +02:00
devops	f0023ac033	fix: use external deploy script to avoid nested quoting errors ... The inner shell script run via docker:cli had complex escaping that caused 'unterminated quoted string' errors at runtime. Moved the deploy logic to an external script file (heredoc in the workflow YAML), mounted read-only into the docker:cli container. Pass BUILD_ARGS and SERVICE via environment variables instead of shell interpolation.	2026-06-20 19:00:53 +02:00
devops	73c5eb69d7	fix: ensure zombie container cleanup before deploy + verbose pg_resetwal	2026-06-20 18:57:54 +02:00
devops	06eac66baa	fix: postgres WAL corruption recovery + memory bump + researcher/executor ... - Postgres memory: 256M→384M limits, 64M→96M reservations - Added pg_resetwal -f pre-deploy step to recover from corrupt WAL ('PANIC: could not locate a valid checkpoint record' caused by force-killed postgres during --force-recreate) - Added data-checksums initdb arg for future corruption detection - api→postgres and web→api depends_on: service_healthy→service_started - Deploy wait loop: fail fast on unhealthy, wait on starting (180s) - Added researcher/executor to ValidAssignees and frontend dropdowns	2026-06-20 18:56:11 +02:00
devops	b95bec7915	fix: relax web→api dependency + smarter wait loop ... - web's depends_on on api: change from service_healthy to service_started+restart (same as api→postgres fix) - deploy wait loop: fail fast on unhealthy, wait on starting, increased timeout to 180s (36×5s)	2026-06-20 18:50:29 +02:00
devops	071be50977	fix: relax api→postgres dependency to service_started+restart ... depends_on: condition: service_healthy on the api service was failing during docker compose up because postgres hasn't completed its healthcheck yet (start_period=30s). Changed to condition: service_started with restart: true so the API starts as soon as postgres is running and retries if the DB isn't ready yet. The .NET backend already handles transient DB connection failures.	2026-06-20 18:48:34 +02:00
devops	baf4008d97	fix: remove --wait flag causing premature deploy failure, use manual health loop ... The docker compose --wait flag times out before postgres can become healthy (start_period=30s). Replaced with explicit poll loop (5s interval, up to 120s) that checks ps output for unhealthy/starting states.	2026-06-20 18:46:27 +02:00
devops	83e072bc27	feat: Bao/Iris-Statusrechte + Bao→Iris-Notifications + Agent-Workflow-Übersicht ... - Bao darf jetzt Status ändern (neben Iris), Sub-Agents weiterhin nicht - CanEditContent für Inhaltsbearbeitung durch alle bekannten Caller - Bao-Content-Änderungen triggern task_content_changed-Notification an Iris - Bao-Status-Änderungen triggern task_status_changed-Notification an Iris - Iris-Status-Änderungen triggern task_status_changed-Notification an Bao - Neue WorkTask-Felder: IsAgentTask (bool), ExpectedFrom (string) - Agent-Workflow-API: CreateAgentTask, WaitingTasks, AgentOverview - Frontend: Agent-Task-Badge, Iris-Overview-Panel, isBao-Getter - Login-Rate-Limiter mit strukturiertem JSON-Fehlermeldungs-Body - Volume-Name: nexus-postgres → postgres-data (Standardisierung)	2026-06-20 18:43:05 +02:00
devops	a516353ae8	fix: SettingsView owner→canManageUsers (owner || admin) ... Vorher war isOwner (= nur owner) gesetzt, was admins die User-Verwaltung verweigerte. Jetzt: canManageUsers = role===owner || role===admin. Delta: 1 Datei, 4 Zeilen (2 Logic, 1 Kommentar, 1 v-if). Builds: Backend 0 Errors, Frontend 0 Errors.	2026-06-20 14:29:34 +02:00
devops	1df663f57c	fix: AdminController roles hardened (owner+admin) + SettingsView visibility ... - [Authorize(Roles = "owner,admin")] statt nur owner – admin darf jetzt ebenfalls User verwalten - CreateUser erlaubt nur Rollen admin|user|viewer; owner ist blockiert - UpdateUserRole erlaubt nur admin|user|viewer; owner kann weder gesetzt noch überschrieben werden; admin darf andere admins nicht ändern und sich nicht selbst herabstufen - SettingsView: canManageUsers = role owner || admin statt nur owner - UI-Dropdown zeigt nur admin|user|viewer (owner als Kommentar notiert)	2026-06-20 14:27:24 +02:00
devops	e4091eee80	feat: Multi-User/Admin usermanagement + Galaxy Login/Settings + Task detail improvements ... - Backend: NEW AdminController with user CRUD (GET/POST/DELETE /api/v1/admin/users) - Backend: NEW GET /api/dashboard/tasks/{id} single task endpoint - Backend: NEW POST /api/dashboard/tasks/{id}/activity comment endpoint - Backend: IUserRepository + UserRepository extended with GetAllAsync, DeleteAsync - Backend: Admin DTOs (AdminUserInfo, AdminCreateUserRequest, AdminUpdateRoleRequest) - Frontend: NEW TaskDetailView.vue — URL-based (/tasks/:id) Galaxy-themed task detail with subtask create/edit/delete, activity with comments, property sidebar - Frontend: LoginView.vue — полностью Galaxy theme redesign with GalaxyBackground, glass-morphism card, password toggle, consistent brand - Frontend: SettingsView.vue — Galaxy theme redesign with glass cards, admin user management section (create/list users, visible only to owner role) - Frontend: TaskBoardView.vue — added "Full View" link to URL-based detail page - Frontend: Router — added /tasks/:id route for TaskDetailView - Frontend: App.vue — added TaskDetail to standaloneViews whitelist - Frontend: tasks store — stable Auth: Admin creates accounts, users log in with existing /api/v1/auth/login. Login/Settings deliver visible Galaxy-consistent design with nexus-tokens.css tokens.	2026-06-20 14:24:40 +02:00
devops	dcc8450c62	feat: Phase 2 — Delegated State, Auth, Review-Gate, Notifications, Zombie-Reset	2026-06-18 23:47:41 +02:00
devops	12998170e3	fix: update DEPLOY_PATH in all workflows from /opt/openclaw to /home/projekte_bao/openclaw	2026-06-18 21:44:33 +02:00
devops	691152f889	fix: volume paths from /opt/openclaw to /home/projekte_bao/openclaw	2026-06-18 21:41:32 +02:00
devops	74ef58d274	fix: add Traefik labels and proxy network for nexus.noveria.net routing	2026-06-18 21:40:17 +02:00
devops	5e7d074593	feat: Linear-style Task Board mit Drag&Drop	2026-06-18 21:34:07 +02:00
iris	c496608c86	docs: update README, changelog, phases — remove Ollama/NVIDIA refs, current model config, migration history	2026-06-16 15:00:30 +00:00
iris	c040696d91	docs: update README, changelog, phases — remove Ollama/NVIDIA refs, current model config, migration history	2026-06-16 15:00:30 +00:00
iris	7ba0bd26fa	docs: update README, changelog, phases — remove Ollama/NVIDIA refs, current model config, migration history	2026-06-16 15:00:29 +00:00
iris	4b1d140b53	docs: update README, changelog, phases — remove Ollama/NVIDIA refs, current model config, migration history	2026-06-16 15:00:29 +00:00
developer	e0c88238da	refactor: extract DI, helpers from Program.cs into extension classes	2026-06-16 16:52:17 +02:00
AzuTear	b0e65e3980	style: strengthen flow lines and tighten modal demo parity	2026-06-14 15:57:12 +02:00
devops	648a5d2151	refactor: move landingpage to separate repo bao/noveria-landing	2026-06-14 15:53:00 +02:00
devops	1a024eef96	feat: noveria.net landingpage template	2026-06-14 15:45:23 +02:00
devops	6280e87078	infra: landingpage compose + nginx config	2026-06-14 15:44:51 +02:00
AzuTear	64459ccdb3	feat: wire dashboard v2 to backend data	2026-06-14 15:44:05 +02:00
devops	38dc2efc6c	docs: devops deploy-actor documentation	2026-06-14 15:41:38 +02:00
AzuTear	390bffa208	fix: detect drag state on pointer release	2026-06-14 15:33:51 +02:00
AzuTear	e034883abd	fix: open agent cards only on click	2026-06-14 15:23:05 +02:00
AzuTear	6d4e8e7927	refactor: streamline flow board interactions	2026-06-14 15:11:05 +02:00
reviewer	0f8939306d	feat: mobile-responsive dashboard v2	2026-06-14 12:16:06 +02:00
reviewer	58675f0c69	ops: enhanced deploy verification with web-recovery + incident docs	2026-06-14 11:31:46 +02:00
reviewer	88cafc7b8e	review: remove version-bump from deploy workflow — VERSION is read-only source of truth	2026-06-14 11:31:04 +02:00
reviewer	485357c6dc	review: error-handling for config file write + compose resource limits ... - AgentsController.SaveConfigFile: catch UnauthorizedAccessException and IOException instead of letting them bubble up unhandled; return clean 500 with logged message - compose.yaml: add deploy.resources.limits.memory and reservations.memory for api (512M/128M), web (128M/32M), postgres (256M/64M)	2026-06-14 11:30:25 +02:00
devops	36b32f0e88	chore: bump version to 0.2.56 [skip ci] v0.2.56	2026-06-14 07:50:18 +00:00
reviewer	8a556c25a0	Add local liveness health endpoint	2026-06-14 09:49:25 +02:00
devops	f271602f31	chore: bump version to 0.2.55 [skip ci] v0.2.55	2026-06-14 07:29:01 +00:00
reviewer	63319e1046	fix: stream deploy env into docker cli	2026-06-14 09:27:56 +02:00
devops	b730fa1518	chore: bump version to 0.2.54 [skip ci] v0.2.54	2026-06-14 07:21:34 +00:00
reviewer	fadb5d75c4	Fix AgentService tests fixture path	2026-06-14 09:20:28 +02:00
reviewer	45a39d319f	Fix operations CI and snapshots	2026-06-14 09:14:24 +02:00
reviewer	5ea7aa9611	fix(ops): mount temp env directory for compose	2026-06-14 08:48:23 +02:00
devops	a6fabb90b0	chore: bump version to 0.2.53 [skip ci] v0.2.53	2026-06-14 06:46:55 +00:00
reviewer	db62354c97	fix(ops): pass temp env via compose --env-file	2026-06-14 08:44:42 +02:00
devops	20dedcd6fa	chore: bump version to 0.2.52 [skip ci] v0.2.52	2026-06-14 06:42:37 +00:00
reviewer	4ad0f9e493	refactor: SOLID architecture — backend service layer + frontend V2 components ... ## Backend — Service Layer & Repository Refactoring ### Neue Services (21 neue Dateien) **Interfaces & Implementierungen:** - `IOpenClawGatewayClient` — Interface für OpenClawGatewayClient (DIP-Fix: DashboardController hing an konkreter Klasse) - `IAgentConfigService` / `AgentConfigService` — Agent-Config-File-I/O aus AgentsController extrahiert - `IProjectService` / `ProjectService` — Projekt-CRUD + Activity-Logging (SRP) - `ITaskService` / `TaskService` — Task-State-Machine, Approve/Reject, Dashboard-Operationen (eliminiert Duplikation zwischen TasksController und DashboardController) - `IDashboardService` / `DashboardService` — Queue-Aggregation, Priority-Normalisierung, Gateway-Delegation - `IOperationsService` / `OperationsService` — Metriken-Berechnung aus OperationsController - `ITeamService` / `TeamService` — IDENTITY.md-Lesen aus TeamController - `IMemoryService` / `MemoryService` — File-I/O aus MemoryController - `IIncidentService` / `IncidentService` — File-Parsing (Regex-Source-Generatoren) aus IncidentsController - `IDocService` / `DocService` — Directory-Scan aus DocsController - `ICalendarService` / `CalendarService` — Gateway-HTTP-Calls + Fallback-Daten aus CalendarController ### Repository-Fixes **IUserRepository / UserRepository:** - `SaveChangesAsync` entfernt (leaky abstraction — Caller sollten nie SaveChanges steuern) - `RevokeTokenAsync(tokenHash)` — atomares Token-Revoke inkl. SaveChanges - `RevokeFamilyAsync(familyId)` — Batch-Revoke einer Token-Familie inkl. SaveChanges - `RemoveExpiredTokensAsync` speichert jetzt selbst (war vorher dependent auf nachfolgenden Save) ### AuthService-Fixes - `GetUserAsync`: unnötiges `Task.Run` entfernt → direkt `_users.GetByIdAsync().AsTask()` - `RevokeAsync`: delegiert jetzt an `IUserRepository.RevokeTokenAsync` - `RefreshAsync`: Token-Reuse-Detection delegiert an `IUserRepository.RevokeFamilyAsync` ### Bug-Fix - `OpenClawGatewayClient.ReadAgentGoalAsync`: pre-existing `CS1656` behoben (`reader` war `using`-Variable und wurde neu zugewiesen — in `reader2` umbenannt) ### Controller (16 Stück — alle slim) Alle Controller reduziert auf: Input validieren → Service aufrufen → HTTP-Result zurückgeben. Kein Business-Logic, kein File-I/O, keine direkte Repository-Nutzung (außer AgentsController für Activity-Log). **Program.cs — neue Registrierungen:** - `AddHttpClient<IOpenClawGatewayClient, OpenClawGatewayClient>` (war vorher konkrete Klasse) - Scoped: IDashboardService, IProjectService, ITaskService, IOperationsService, ITeamService, ICalendarService - Singleton: IAgentConfigService, IMemoryService, IIncidentService, IDocService --- ## Frontend — Dashboard V2 Components **AgentDetailModal.vue, IrisChat.vue, TaskStrip.vue:** - V2 Design-System: Dark Space Theme, Glass-Panels, Gradient-Akzente - Stores (agents, chat, tasks) nutzen Service + Mapper-Pattern - NexusLayout, FlowBoard, Topbar — Layoutfixes für fullHeight-Route-Meta Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-06-14 08:34:58 +02:00