m/projax
1
0
Fork 0
Code Issues 5 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
dc508238607cd3470ceba75bee09847b566b7da7
projax/deploy/dokploy.yaml
mAi dc50823860 feat(phase 3a mcp): MCP surface so mai/otto/Claude can read+write projax 
mcp package (new): minimal JSON-RPC 2.0 + MCP-protocol server, tools
delegate to *store.Store (no business-logic duplication).

- handler.go: handleRPC routes initialize / tools/list / tools/call /
  ping / notifications/initialized; Bearer-token middleware; results
  flow through the standard MCP content[].text envelope; tool errors
  surface as isError: true (transport errors stay JSON-RPC errors).
- tools.go: 10 tools — list_items / get_item / create_item /
  update_item / delete_item / list_links / add_link / remove_link /
  search / tree. Multi-parent in/out — parent_paths[] string array,
  resolved per call. itemView/linkView keep the wire shape snake_case
  and stable.
- mcp_test.go + tools_test.go: protocol primitives (no DB) plus a
  full create → get → search → delete round-trip skipping cleanly
  when the DB env is absent. Multi-parent assertion discovers the
  test pair from the live DB rather than hard-coding a row.

store extensions:
- ListByFilters(SearchFilters) with parent_path/tags/management/kind/
  status/q/has_repo/has_caldav predicates.
- Search(q, limit) ranked across title/slug/aliases/content_md.
- GetByPathOrSlug for callers that don't know the full path.
- SoftDeleteCascade refuses on live descendants unless cascade=true.

web:
- New optional Server.MCP http.Handler. main.go mounts an mcp.Server
  when PROJAX_MCP_TOKEN is set; /mcp/* gets a StripPrefix and bypasses
  the Supabase-cookie auth middleware (its own Bearer auth applies).
- Off cleanly when the token is unset.

ops:
- ~/.claude/mcp/projax.sh stdio→HTTP bridge (NDJSON in, NDJSON out,
  Bearer header).
- .mcp.json adds an http-transport entry for clients that speak
  HTTP+MCP natively.
- deploy/dokploy.yaml advertises PROJAX_MCP_TOKEN as a secret.
- docs/design.md §7 added: tool list, multi-parent semantics, env
  contract, transport + bridge.
2026-05-15 17:59:03 +02:00

50 lines
1.5 KiB
YAML
Raw Blame History

# Dokploy app: projax
#
# Apply via Dokploy UI on mlake, or as a reference for the manual setup.
# Public over HTTPS with Let's Encrypt; auth is enforced at the application
# layer via Supabase JWT cookies federated with mgmt.msbls.de.
# Single replica, single tenant (m).
#
# Environment expected (set via Dokploy secrets, NEVER commit):
# PROJAX_DB_URL postgres://projax_admin:<pw>@<msupabase-tailscale-ip>:6789/postgres?sslmode=disable
# PROJAX_LISTEN_ADDR :8080 (default; Dokploy maps to public port)
# PROJAX_AUTO_MIGRATE on (default; set "off" to bypass embedded migrations on boot)
#
# README §"Deploy / 0. Manual prerequisite" documents the one-time CREATE ROLE
# projax_admin + cross-schema grants + RLS policy on mai.projects. The
# migrations themselves are credential-free.
name: projax
service: projax
image:
build:
context: .
dockerfile: Dockerfile
domain:
host: projax.msbls.de
port: 8080
https: true
healthcheck:
path: /healthz
interval: 30s
timeout: 3s
retries: 3
resources:
cpu: 250m
memory: 128Mi
replicas: 1
restart: unless-stopped
env:
- PROJAX_LISTEN_ADDR=:8080
- PROJAX_AUTO_MIGRATE=on
- SUPABASE_URL=https://supa.flexsiebels.de
- DAV_URL=https://dav.msbls.de/dav/calendars/m/
- GITEA_URL=https://mgit.msbls.de
secrets:
- PROJAX_DB_URL
- SUPABASE_ANON_KEY
- DAV_USER
- DAV_PASSWORD
- GITEA_TOKEN # = GITEA_TOKEN_AI from .env.age (mAi automation account)
- PROJAX_MCP_TOKEN # 32-char Bearer secret for /mcp/rpc; missing → MCP off cleanly
Reference in New Issue View Git Blame Copy Permalink