Mark Henderson
b9511601bc
Ship Phases 1–3 of the multi-tenant AI access plan so an AI agent can
act on a Vibn workspace with one bearer token and zero admin reach.
Phase 1 — Gitea bot per workspace
- Add gitea_bot_username / gitea_bot_user_id / gitea_bot_token_encrypted
columns to vibn_workspaces (migrate route).
- New lib/auth/secret-box.ts (AES-256-GCM, VIBN_SECRETS_KEY) for PAT at rest.
- Extend lib/gitea.ts with createUser, createAccessTokenFor (Sudo PAT),
createOrgTeam, addOrgTeamMember, ensureOrgTeamMembership.
- ensureWorkspaceProvisioned now mints a vibn-bot-<slug> user, adds it to
a Writers team (write perms only) on the workspace's org, and stores
its PAT encrypted.
- GET /api/workspaces/[slug]/gitea-credentials returns a workspace-scoped
bot PAT + clone URL template; session or vibn_sk_ bearer auth.
Phase 2 — Tenant-safe Coolify proxy + real MCP
- lib/coolify.ts: projectUuidOf, listApplicationsInProject,
getApplicationInProject, TenantError, env CRUD, deployments list.
- Workspace-scoped REST endpoints (all filtered by coolify_project_uuid):
GET/POST /api/workspaces/[slug]/apps/[uuid](/deploy|/envs|/deployments),
GET /api/workspaces/[slug]/deployments/[deploymentUuid]/logs.
- Full rewrite of /api/mcp off legacy Firebase onto Postgres vibn_sk_
keys, exposing workspace.describe, gitea.credentials, projects.*,
apps.* (list/get/deploy/deployments, envs.list/upsert/delete).
Phase 3 — Settings UI AI bundle
- GET /api/workspaces/[slug]/bootstrap.sh: curl|sh installer that writes
.cursor/rules, .cursor/mcp.json and appends VIBN_* to .env.local.
Embeds the caller's vibn_sk_ token when invoked with bearer auth.
- WorkspaceKeysPanel: single AiAccessBundleCard with system-prompt block,
one-line bootstrap, Reveal-bot-PAT button, collapsible manual-setup
fallback. Minted-key modal also shows the bootstrap one-liner.
Ops prerequisites:
- Set VIBN_SECRETS_KEY (>=16 chars) on the frontend.
- Run /api/admin/migrate to add the three bot columns.
- GITEA_API_TOKEN must be a site-admin token (needed for admin/users
+ Sudo PAT mint); otherwise provision_status lands on 'partial'.
Made-with: Cursor
48 lines
1.4 KiB
TypeScript
48 lines
1.4 KiB
TypeScript
/**
|
|
* POST /api/workspaces/[slug]/apps/[uuid]/deploy
|
|
*
|
|
* Trigger a deploy on a Coolify app. Guard: app must belong to this
|
|
* workspace's Coolify project before we forward the call.
|
|
*/
|
|
|
|
import { NextResponse } from 'next/server';
|
|
import { requireWorkspacePrincipal } from '@/lib/auth/workspace-auth';
|
|
import {
|
|
deployApplication,
|
|
getApplicationInProject,
|
|
TenantError,
|
|
} from '@/lib/coolify';
|
|
|
|
export async function POST(
|
|
request: Request,
|
|
{ params }: { params: Promise<{ slug: string; uuid: string }> }
|
|
) {
|
|
const { slug, uuid } = await params;
|
|
const principal = await requireWorkspacePrincipal(request, { targetSlug: slug });
|
|
if (principal instanceof NextResponse) return principal;
|
|
|
|
const ws = principal.workspace;
|
|
if (!ws.coolify_project_uuid) {
|
|
return NextResponse.json({ error: 'Workspace has no Coolify project yet' }, { status: 503 });
|
|
}
|
|
|
|
try {
|
|
// Tenant check before any mutation.
|
|
await getApplicationInProject(uuid, ws.coolify_project_uuid);
|
|
const result = await deployApplication(uuid);
|
|
return NextResponse.json({
|
|
ok: true,
|
|
deploymentUuid: result.deployment_uuid,
|
|
appUuid: uuid,
|
|
});
|
|
} catch (err) {
|
|
if (err instanceof TenantError) {
|
|
return NextResponse.json({ error: err.message }, { status: 403 });
|
|
}
|
|
return NextResponse.json(
|
|
{ error: 'Deploy failed', details: err instanceof Error ? err.message : String(err) },
|
|
{ status: 502 }
|
|
);
|
|
}
|
|
}
|