18 Commits

Author	SHA1	Message	Date
devops	f95463ef50	fix: permanent owner password persistence with SeedAudit guard ... Root cause: Dual-source architecture for owner password (Gitea secret ENV_OWNER_PASSWORD vs host .env OWNER_PASSWORD) caused drift when the DB was ever re-seeded or the volume recreated. Changes: - Add SeedAudit entity + migration to track one-time seed operations - EnsureDatabaseAsync checks SeedAudit BEFORE seeding — owner is never re-created even if the Users table is wiped - Deploy and rollback workflows now read OWNER_PASSWORD from the host's persistent .env (single source of truth) instead of Gitea secrets - compose.yaml documented: OWNER_PASSWORD only used during initial seed - Cleanup: .gitignore extended for core dumps, changelog/deployment.md updated with 2026-06-20 session notes After this fix the DB is the single source of truth for the owner password after initial seed. The host .env is the single reference for the initial value.	2026-06-21 10:15:36 +02:00
devops	06eac66baa	fix: postgres WAL corruption recovery + memory bump + researcher/executor ... - Postgres memory: 256M→384M limits, 64M→96M reservations - Added pg_resetwal -f pre-deploy step to recover from corrupt WAL ('PANIC: could not locate a valid checkpoint record' caused by force-killed postgres during --force-recreate) - Added data-checksums initdb arg for future corruption detection - api→postgres and web→api depends_on: service_healthy→service_started - Deploy wait loop: fail fast on unhealthy, wait on starting (180s) - Added researcher/executor to ValidAssignees and frontend dropdowns	2026-06-20 18:56:11 +02:00
devops	b95bec7915	fix: relax web→api dependency + smarter wait loop ... - web's depends_on on api: change from service_healthy to service_started+restart (same as api→postgres fix) - deploy wait loop: fail fast on unhealthy, wait on starting, increased timeout to 180s (36×5s)	2026-06-20 18:50:29 +02:00
devops	071be50977	fix: relax api→postgres dependency to service_started+restart ... depends_on: condition: service_healthy on the api service was failing during docker compose up because postgres hasn't completed its healthcheck yet (start_period=30s). Changed to condition: service_started with restart: true so the API starts as soon as postgres is running and retries if the DB isn't ready yet. The .NET backend already handles transient DB connection failures.	2026-06-20 18:48:34 +02:00
devops	dcc8450c62	feat: Phase 2 — Delegated State, Auth, Review-Gate, Notifications, Zombie-Reset	2026-06-18 23:47:41 +02:00
devops	691152f889	fix: volume paths from /opt/openclaw to /home/projekte_bao/openclaw	2026-06-18 21:41:32 +02:00
devops	74ef58d274	fix: add Traefik labels and proxy network for nexus.noveria.net routing	2026-06-18 21:40:17 +02:00
devops	648a5d2151	refactor: move landingpage to separate repo bao/noveria-landing	2026-06-14 15:53:00 +02:00
devops	6280e87078	infra: landingpage compose + nginx config	2026-06-14 15:44:51 +02:00
reviewer	485357c6dc	review: error-handling for config file write + compose resource limits ... - AgentsController.SaveConfigFile: catch UnauthorizedAccessException and IOException instead of letting them bubble up unhandled; return clean 500 with logged message - compose.yaml: add deploy.resources.limits.memory and reservations.memory for api (512M/128M), web (128M/32M), postgres (256M/64M)	2026-06-14 11:30:25 +02:00
reviewer	8a556c25a0	Add local liveness health endpoint	2026-06-14 09:49:25 +02:00
reviewer	4ad0f9e493	refactor: SOLID architecture — backend service layer + frontend V2 components ... ## Backend — Service Layer & Repository Refactoring ### Neue Services (21 neue Dateien) **Interfaces & Implementierungen:** - `IOpenClawGatewayClient` — Interface für OpenClawGatewayClient (DIP-Fix: DashboardController hing an konkreter Klasse) - `IAgentConfigService` / `AgentConfigService` — Agent-Config-File-I/O aus AgentsController extrahiert - `IProjectService` / `ProjectService` — Projekt-CRUD + Activity-Logging (SRP) - `ITaskService` / `TaskService` — Task-State-Machine, Approve/Reject, Dashboard-Operationen (eliminiert Duplikation zwischen TasksController und DashboardController) - `IDashboardService` / `DashboardService` — Queue-Aggregation, Priority-Normalisierung, Gateway-Delegation - `IOperationsService` / `OperationsService` — Metriken-Berechnung aus OperationsController - `ITeamService` / `TeamService` — IDENTITY.md-Lesen aus TeamController - `IMemoryService` / `MemoryService` — File-I/O aus MemoryController - `IIncidentService` / `IncidentService` — File-Parsing (Regex-Source-Generatoren) aus IncidentsController - `IDocService` / `DocService` — Directory-Scan aus DocsController - `ICalendarService` / `CalendarService` — Gateway-HTTP-Calls + Fallback-Daten aus CalendarController ### Repository-Fixes **IUserRepository / UserRepository:** - `SaveChangesAsync` entfernt (leaky abstraction — Caller sollten nie SaveChanges steuern) - `RevokeTokenAsync(tokenHash)` — atomares Token-Revoke inkl. SaveChanges - `RevokeFamilyAsync(familyId)` — Batch-Revoke einer Token-Familie inkl. SaveChanges - `RemoveExpiredTokensAsync` speichert jetzt selbst (war vorher dependent auf nachfolgenden Save) ### AuthService-Fixes - `GetUserAsync`: unnötiges `Task.Run` entfernt → direkt `_users.GetByIdAsync().AsTask()` - `RevokeAsync`: delegiert jetzt an `IUserRepository.RevokeTokenAsync` - `RefreshAsync`: Token-Reuse-Detection delegiert an `IUserRepository.RevokeFamilyAsync` ### Bug-Fix - `OpenClawGatewayClient.ReadAgentGoalAsync`: pre-existing `CS1656` behoben (`reader` war `using`-Variable und wurde neu zugewiesen — in `reader2` umbenannt) ### Controller (16 Stück — alle slim) Alle Controller reduziert auf: Input validieren → Service aufrufen → HTTP-Result zurückgeben. Kein Business-Logic, kein File-I/O, keine direkte Repository-Nutzung (außer AgentsController für Activity-Log). **Program.cs — neue Registrierungen:** - `AddHttpClient<IOpenClawGatewayClient, OpenClawGatewayClient>` (war vorher konkrete Klasse) - Scoped: IDashboardService, IProjectService, ITaskService, IOperationsService, ITeamService, ICalendarService - Singleton: IAgentConfigService, IMemoryService, IIncidentService, IDocService --- ## Frontend — Dashboard V2 Components **AgentDetailModal.vue, IrisChat.vue, TaskStrip.vue:** - V2 Design-System: Dark Space Theme, Glass-Panels, Gradient-Akzente - Stores (agents, chat, tasks) nutzen Service + Mapper-Pattern - NexusLayout, FlowBoard, Topbar — Layoutfixes für fullHeight-Route-Meta Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-06-14 08:34:58 +02:00
reviewer	01c9bda339	fix(ops): change api healthcheck from curl to wget (curl not in base dotnet-aspnet image) [skip ci]	2026-06-13 21:04:29 +02:00
reviewer	98f98b55d5	fix(ops): change web healthcheck from wget to curl (wget IPv6 causes false unhealthy on nginx-alpine) [skip ci]	2026-06-13 21:03:41 +02:00
reviewer	d169cbe9d5	feat(ops): production resilience — healthchecks, restart_policy, log-rotation, --wait deploy [skip ci]	2026-06-13 20:04:42 +02:00
developer	3907548a1d	feat(models): add Claude Sonnet 4.6 + Opus 4.8, mount openclaw.json in API container	2026-06-11 17:11:59 +02:00
developer	b7b44494f0	fix(shadcn): isolate Nexus CSS vars with --nx- prefix + admin password reset endpoint	2026-06-11 10:06:58 +02:00
bao	eeb6174de0	Initial commit: Nexus Mission Control Platform ... - ASP.NET Core 10 Backend (JWT Auth, Agent config API) - Vue 3 Frontend (Dashboard, Team, Agents, Config Editor) - PostgreSQL Database - Docker Compose setup - Mission Control Dashboard redesign	2026-06-09 16:31:56 +02:00