feat(api): onboarding API endpoints (MS22-P1e)

docker/.env.example

@@ -1,3 +0,0 @@
-DATABASE_URL=postgresql://mosaic:changeme@postgres:5432/mosaic
-DATABASE_PASSWORD=changeme
-MOSAIC_SECRET_KEY=your-secret-key-at-least-32-characters-long

docker/README.md

@@ -1,40 +0,0 @@
-# Mosaic Docker (Core Services)
-
-This folder includes the Compose stack for **core Mosaic services only**:
-
-- `mosaic-api`
-- `mosaic-web`
-- `postgres`
-
-User OpenClaw containers are **not** defined in Compose. They are created and managed dynamically by the API's `ContainerLifecycleService` through Docker socket access.
-
-## Start the stack
-
-```bash
-docker compose -f docker/mosaic-compose.yml up -d
-```
-
-## Required environment variables
-
-- `DATABASE_URL`
-- `MOSAIC_SECRET_KEY`
-- `DATABASE_PASSWORD`
-
-Use [`docker/.env.example`](./.env.example) as a starting point.
-
-## Architecture overview
-
-See the design doc: [`docs/design/MS22-DB-CENTRIC-ARCHITECTURE.md`](../docs/design/MS22-DB-CENTRIC-ARCHITECTURE.md)
-
-`mosaic-agents` is an internal-only bridge network reserved for dynamically created user containers.
-
-## OpenClaw entrypoint behavior
-
-`docker/openclaw-entrypoint.sh` is intended for dynamically created user OpenClaw containers:
-
-1. Validates required env vars (`MOSAIC_API_URL`, `AGENT_TOKEN`, `AGENT_ID`).
-2. Fetches agent-specific OpenClaw config from Mosaic API internal endpoint.
-3. Writes the config to `/tmp/openclaw.json`.
-4. Starts OpenClaw gateway with `OPENCLAW_CONFIG_PATH=/tmp/openclaw.json`.
-
-`docker/openclaw-healthcheck.sh` probes `http://localhost:18789/health` for container health.

docker/mosaic-compose.yml

@@ -1,53 +0,0 @@
-services:
-  mosaic-api:
-    image: mosaic/api:latest
-    environment:
-      DATABASE_URL: ${DATABASE_URL}
-      MOSAIC_SECRET_KEY: ${MOSAIC_SECRET_KEY}
-    volumes:
-      - /var/run/docker.sock:/var/run/docker.sock
-    networks:
-      - internal
-    healthcheck:
-      test: ["CMD", "curl", "-f", "http://localhost:4000/api/health"]
-      interval: 30s
-      timeout: 10s
-      retries: 3
-
-  mosaic-web:
-    image: mosaic/web:latest
-    environment:
-      NEXT_PUBLIC_API_URL: http://mosaic-api:4000
-    ports:
-      - "3000:3000"
-    networks:
-      - internal
-    depends_on:
-      mosaic-api:
-        condition: service_healthy
-
-  postgres:
-    image: postgres:17-alpine
-    environment:
-      POSTGRES_DB: mosaic
-      POSTGRES_USER: mosaic
-      POSTGRES_PASSWORD: ${DATABASE_PASSWORD}
-    volumes:
-      - postgres-data:/var/lib/postgresql/data
-    networks:
-      - internal
-    healthcheck:
-      test: ["CMD-SHELL", "pg_isready -U mosaic"]
-      interval: 10s
-      timeout: 5s
-      retries: 5
-
-networks:
-  internal:
-    driver: bridge
-  mosaic-agents:
-    driver: bridge
-    internal: true
-
-volumes:
-  postgres-data:

docker/openclaw-entrypoint.sh

@@ -1,20 +0,0 @@
-#!/bin/sh
-set -e
-: "${MOSAIC_API_URL:?MOSAIC_API_URL is required}"
-: "${AGENT_TOKEN:?AGENT_TOKEN is required}"
-: "${AGENT_ID:?AGENT_ID is required}"
-
-echo "[entrypoint] Fetching config for agent ${AGENT_ID}..."
-HTTP_CODE=$(curl -sf -w "%{http_code}" \
-  "${MOSAIC_API_URL}/api/internal/agent-config/${AGENT_ID}" \
-  -H "Authorization: Bearer ${AGENT_TOKEN}" \
-  -o /tmp/openclaw.json)
-
-if [ "$HTTP_CODE" != "200" ]; then
-  echo "[entrypoint] ERROR: Config fetch failed with HTTP ${HTTP_CODE}"
-  exit 1
-fi
-
-echo "[entrypoint] Config loaded. Starting OpenClaw gateway..."
-export OPENCLAW_CONFIG_PATH=/tmp/openclaw.json
-exec openclaw gateway run --bind lan --auth token

docker/openclaw-healthcheck.sh

@@ -1,2 +0,0 @@
-#!/bin/sh
-curl -sf http://localhost:18789/health || exit 1