feat(ai-access): per-workspace Gitea bot + tenant-safe Coolify proxy + MCP

Ship Phases 1–3 of the multi-tenant AI access plan so an AI agent can
act on a Vibn workspace with one bearer token and zero admin reach.

Phase 1 — Gitea bot per workspace
- Add gitea_bot_username / gitea_bot_user_id / gitea_bot_token_encrypted
  columns to vibn_workspaces (migrate route).
- New lib/auth/secret-box.ts (AES-256-GCM, VIBN_SECRETS_KEY) for PAT at rest.
- Extend lib/gitea.ts with createUser, createAccessTokenFor (Sudo PAT),
  createOrgTeam, addOrgTeamMember, ensureOrgTeamMembership.
- ensureWorkspaceProvisioned now mints a vibn-bot-<slug> user, adds it to
  a Writers team (write perms only) on the workspace's org, and stores
  its PAT encrypted.
- GET /api/workspaces/[slug]/gitea-credentials returns a workspace-scoped
  bot PAT + clone URL template; session or vibn_sk_ bearer auth.

Phase 2 — Tenant-safe Coolify proxy + real MCP
- lib/coolify.ts: projectUuidOf, listApplicationsInProject,
  getApplicationInProject, TenantError, env CRUD, deployments list.
- Workspace-scoped REST endpoints (all filtered by coolify_project_uuid):
  GET/POST /api/workspaces/[slug]/apps/[uuid](/deploy|/envs|/deployments),
  GET /api/workspaces/[slug]/deployments/[deploymentUuid]/logs.
- Full rewrite of /api/mcp off legacy Firebase onto Postgres vibn_sk_
  keys, exposing workspace.describe, gitea.credentials, projects.*,
  apps.* (list/get/deploy/deployments, envs.list/upsert/delete).

Phase 3 — Settings UI AI bundle
- GET /api/workspaces/[slug]/bootstrap.sh: curl|sh installer that writes
  .cursor/rules, .cursor/mcp.json and appends VIBN_* to .env.local.
  Embeds the caller's vibn_sk_ token when invoked with bearer auth.
- WorkspaceKeysPanel: single AiAccessBundleCard with system-prompt block,
  one-line bootstrap, Reveal-bot-PAT button, collapsible manual-setup
  fallback. Minted-key modal also shows the bootstrap one-liner.

Ops prerequisites:
  - Set VIBN_SECRETS_KEY (>=16 chars) on the frontend.
  - Run /api/admin/migrate to add the three bot columns.
  - GITEA_API_TOKEN must be a site-admin token (needed for admin/users
    + Sudo PAT mint); otherwise provision_status lands on 'partial'.

Made-with: Cursor

app/api/workspaces/[slug]/apps/route.ts

@@ -0,0 +1,50 @@
+/**
+ * GET /api/workspaces/[slug]/apps — list Coolify apps in this workspace
+ *
+ * Auth: session OR `Bearer vibn_sk_...`. The workspace's
+ * `coolify_project_uuid` acts as the tenant boundary — any app whose
+ * Coolify project uuid doesn't match is filtered out even if the
+ * token issuer accidentally had wider reach.
+ */
+
+import { NextResponse } from 'next/server';
+import { requireWorkspacePrincipal } from '@/lib/auth/workspace-auth';
+import { listApplicationsInProject, projectUuidOf } from '@/lib/coolify';
+
+export async function GET(
+  request: Request,
+  { params }: { params: Promise<{ slug: string }> }
+) {
+  const { slug } = await params;
+  const principal = await requireWorkspacePrincipal(request, { targetSlug: slug });
+  if (principal instanceof NextResponse) return principal;
+
+  const ws = principal.workspace;
+  if (!ws.coolify_project_uuid) {
+    return NextResponse.json(
+      { error: 'Workspace has no Coolify project yet', apps: [] },
+      { status: 503 }
+    );
+  }
+
+  try {
+    const apps = await listApplicationsInProject(ws.coolify_project_uuid);
+    return NextResponse.json({
+      workspace: { slug: ws.slug, coolifyProjectUuid: ws.coolify_project_uuid },
+      apps: apps.map(a => ({
+        uuid: a.uuid,
+        name: a.name,
+        status: a.status,
+        fqdn: a.fqdn ?? null,
+        gitRepository: a.git_repository ?? null,
+        gitBranch: a.git_branch ?? null,
+        projectUuid: projectUuidOf(a),
+      })),
+    });
+  } catch (err) {
+    return NextResponse.json(
+      { error: 'Coolify request failed', details: err instanceof Error ? err.message : String(err) },
+      { status: 502 }
+    );
+  }
+}