fix(web): handle correct agent status values in AgentStatusWidget

- Use isWorking/isIdle/isErrored helpers to match both old
  status names (running/failed) and new enum values (WORKING/ERROR)
- Fix stats computation and card styling

.woodpecker/ci.yml

@@ -337,44 +337,3 @@ steps:
       - security-trivy-api
       - security-trivy-orchestrator
       - security-trivy-web
-
-  # ─── Deploy to Docker Swarm (main only) ─────────────────────
-
-  # ─── Deploy to Docker Swarm via Portainer (main only) ─────────────────────
-
-  deploy-swarm:
-    image: alpine:3
-    environment:
-      SSH_PRIVATE_KEY:
-        from_secret: ssh_private_key
-      SSH_KNOWN_HOSTS:
-        from_secret: ssh_known_hosts
-      PORTAINER_URL:
-        from_secret: portainer_url
-      PORTAINER_API_KEY:
-        from_secret: portainer_api_key
-    commands:
-      - apk add --no-cache curl openssh-client
-      - |
-        set -e
-        echo "🚀 Deploying to Docker Swarm..."
-
-        # Setup SSH for fallback
-        mkdir -p ~/.ssh
-        echo "$SSH_KNOWN_HOSTS" > ~/.ssh/known_hosts
-        chmod 600 ~/.ssh/known_hosts
-        echo "$SSH_PRIVATE_KEY" > ~/.ssh/id_ed25519
-        chmod 600 ~/.ssh/id_ed25519
-
-        # Force service updates (images are pulled from public registry)
-        ssh -o StrictHostKeyChecking=no localadmin@10.1.1.45 \
-          "docker service update --with-registry-auth --force mosaic-stack-api && \
-           docker service update --with-registry-auth --force mosaic-stack-web && \
-           docker service update --with-registry-auth --force mosaic-stack-orchestrator && \
-           docker service update --with-registry-auth --force mosaic-stack-coordinator && \
-           echo '✅ All services updated'"
-    when:
-      - branch: [main]
-        event: [push, manual, tag]
-    depends_on:
-      - link-packages

apps/api/prisma/migrations/20260303000001_ms21_user_auth_fields/migration.sql

@@ -1,13 +0,0 @@
--- MS21: Add admin, local auth, and invitation fields to users table
--- These columns were added to schema.prisma but never captured in a migration.
-
-ALTER TABLE "users"
-  ADD COLUMN IF NOT EXISTS "deactivated_at" TIMESTAMPTZ,
-  ADD COLUMN IF NOT EXISTS "is_local_auth" BOOLEAN NOT NULL DEFAULT false,
-  ADD COLUMN IF NOT EXISTS "password_hash" TEXT,
-  ADD COLUMN IF NOT EXISTS "invited_by" UUID,
-  ADD COLUMN IF NOT EXISTS "invitation_token" TEXT,
-  ADD COLUMN IF NOT EXISTS "invited_at" TIMESTAMPTZ;
-
--- CreateIndex
-CREATE UNIQUE INDEX IF NOT EXISTS "users_invitation_token_key" ON "users"("invitation_token");

apps/coordinator/tests/test_coordinator.py

@@ -601,21 +601,9 @@ class TestCoordinatorIntegration:
         coordinator = Coordinator(queue_manager=queue_manager, poll_interval=0.02)
 
         task = asyncio.create_task(coordinator.start())
-
+        await asyncio.sleep(0.5)  # Allow time for processing
-        # Poll for completion with timeout instead of fixed sleep
-        deadline = asyncio.get_event_loop().time() + 5.0  # 5 second timeout
-        while asyncio.get_event_loop().time() < deadline:
-            all_completed = True
-            for i in range(157, 162):
-                item = queue_manager.get_item(i)
-                if item is None or item.status != QueueItemStatus.COMPLETED:
-                    all_completed = False
-                    break
-            if all_completed:
-                break
-            await asyncio.sleep(0.05)
-
         await coordinator.stop()
+
         task.cancel()
         try:
             await task

docker-compose.swarm.portainer.yml

@@ -9,8 +9,6 @@
 #   - OpenBao: Standalone container (see docker-compose.openbao.yml)
 #   - Authentik: External OIDC provider
 #   - Ollama: External AI inference
-#   - PostgreSQL: Provided by the openbrain stack (openbrain_brain-db)
-#                 Deploy openbrain stack before this stack.
 #
 # Usage (Portainer):
 #   1. Stacks -> Add Stack -> Upload or paste
@@ -38,75 +36,37 @@
 # Required vars use plain ${VAR} — the app validates at startup.
 #
 # ==============================================
-# DATABASE (openbrain_brain-db — external)
-# ==============================================
-#
-# This stack uses the PostgreSQL instance from the openbrain stack.
-# The openbrain stack must be deployed first and its brain-internal
-# overlay network must exist.
-#
-# Required env vars for DB access:
-#   BRAIN_DB_ADMIN_USER     — openbrain superuser (default: openbrain)
-#   BRAIN_DB_ADMIN_PASSWORD — openbrain superuser password
-#                             (must match openbrain stack POSTGRES_PASSWORD)
-#   POSTGRES_USER           — mosaic application DB user (created by mosaic-db-init)
-#   POSTGRES_PASSWORD       — mosaic application DB password
-#   POSTGRES_DB             — mosaic application database name (default: mosaic)
-#
-# ==============================================
 
 services:
   # ============================================
-  #  DATABASE INIT
+  #  CORE INFRASTRUCTURE
   # ============================================
 
   # ======================
-  # Mosaic Database Init
+  # PostgreSQL Database
   # ======================
-  # Creates the mosaic application user and database in the shared
+  postgres:
-  # openbrain PostgreSQL instance (openbrain_brain-db).
+    image: git.mosaicstack.dev/mosaic/stack-postgres:${IMAGE_TAG:-latest}
-  # Runs once and exits. Idempotent — safe to run on every deploy.
-  mosaic-db-init:
-    image: postgres:17-alpine
     environment:
-      PGHOST: openbrain_brain-db
+      POSTGRES_USER: ${POSTGRES_USER}
-      PGPORT: 5432
+      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
-      PGUSER: ${BRAIN_DB_ADMIN_USER:-openbrain}
+      POSTGRES_DB: ${POSTGRES_DB}
-      PGPASSWORD: ${BRAIN_DB_ADMIN_PASSWORD}
+      POSTGRES_SHARED_BUFFERS: ${POSTGRES_SHARED_BUFFERS:-256MB}
-      MOSAIC_USER: ${POSTGRES_USER}
+      POSTGRES_EFFECTIVE_CACHE_SIZE: ${POSTGRES_EFFECTIVE_CACHE_SIZE:-1GB}
-      MOSAIC_PASSWORD: ${POSTGRES_PASSWORD}
+      POSTGRES_MAX_CONNECTIONS: ${POSTGRES_MAX_CONNECTIONS:-100}
-      MOSAIC_DB: ${POSTGRES_DB:-mosaic}
+    volumes:
-    entrypoint: ["sh", "-c"]
+      - postgres_data:/var/lib/postgresql/data
-    command:
+    healthcheck:
-      - |
+      test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER} -d ${POSTGRES_DB}"]
-        until pg_isready -h openbrain_brain-db -p 5432 -U $${PGUSER}; do
+      interval: 10s
-          echo "Waiting for openbrain_brain-db..."
+      timeout: 5s
-          sleep 2
+      retries: 5
-        done
+      start_period: 30s
-        echo "Database ready. Creating mosaic user and database..."
-
-        psql -h openbrain_brain-db -U $${PGUSER} -tc "SELECT 1 FROM pg_roles WHERE rolname='$${MOSAIC_USER}'" | grep -q 1 || \
-          psql -h openbrain_brain-db -U $${PGUSER} -c "CREATE USER $${MOSAIC_USER} WITH PASSWORD '$${MOSAIC_PASSWORD}';"
-
-        psql -h openbrain_brain-db -U $${PGUSER} -tc "SELECT 1 FROM pg_database WHERE datname='$${MOSAIC_DB}'" | grep -q 1 || \
-          psql -h openbrain_brain-db -U $${PGUSER} -c "CREATE DATABASE $${MOSAIC_DB} OWNER $${MOSAIC_USER} ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' TEMPLATE template0;"
-
-        echo "Enabling required extensions in $${MOSAIC_DB}..."
-        psql -h openbrain_brain-db -U $${PGUSER} -d $${MOSAIC_DB} -c "CREATE EXTENSION IF NOT EXISTS vector;"
-        psql -h openbrain_brain-db -U $${PGUSER} -d $${MOSAIC_DB} -c "CREATE EXTENSION IF NOT EXISTS \"uuid-ossp\";"
-
-        echo "Mosaic database ready: $${MOSAIC_DB}"
     networks:
-      - openbrain-brain-internal
+      - internal
     deploy:
       restart_policy:
         condition: on-failure
-        delay: 5s
-        max_attempts: 5
-
-  # ============================================
-  #  CORE INFRASTRUCTURE
-  # ============================================
 
   # ======================
   # Valkey Cache
@@ -145,7 +105,7 @@ services:
       NODE_ENV: production
       PORT: ${API_PORT:-3001}
       API_HOST: ${API_HOST:-0.0.0.0}
-      DATABASE_URL: postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@openbrain_brain-db:5432/${POSTGRES_DB:-mosaic}
+      DATABASE_URL: postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@postgres:5432/${POSTGRES_DB}
       VALKEY_URL: redis://valkey:6379
       # Auth (external Authentik)
       OIDC_ENABLED: ${OIDC_ENABLED:-false}
@@ -203,7 +163,6 @@ services:
     networks:
       - internal
       - traefik-public
-      - openbrain-brain-internal
     deploy:
       restart_policy:
         condition: on-failure
@@ -348,36 +307,36 @@ services:
   # ======================
   # Synapse Database Init
   # ======================
-  # Creates the 'synapse' database in the shared openbrain PostgreSQL instance.
+  # Creates the 'synapse' database in the shared PostgreSQL instance.
   # Runs once and exits. Idempotent — safe to run on every deploy.
   synapse-db-init:
     image: postgres:17-alpine
     environment:
-      PGHOST: openbrain_brain-db
+      PGHOST: postgres
       PGPORT: 5432
-      PGUSER: ${BRAIN_DB_ADMIN_USER:-openbrain}
+      PGUSER: ${POSTGRES_USER}
-      PGPASSWORD: ${BRAIN_DB_ADMIN_PASSWORD}
+      PGPASSWORD: ${POSTGRES_PASSWORD}
       SYNAPSE_DB: ${SYNAPSE_POSTGRES_DB}
       SYNAPSE_USER: ${SYNAPSE_POSTGRES_USER}
       SYNAPSE_PASSWORD: ${SYNAPSE_POSTGRES_PASSWORD}
     entrypoint: ["sh", "-c"]
     command:
       - |
-        until pg_isready -h openbrain_brain-db -p 5432 -U $${PGUSER}; do
+        until pg_isready -h postgres -p 5432 -U $${PGUSER}; do
-          echo "Waiting for openbrain_brain-db..."
+          echo "Waiting for PostgreSQL..."
           sleep 2
         done
-        echo "Database ready. Creating Synapse user and database..."
+        echo "PostgreSQL is ready. Creating Synapse database and user..."
 
-        psql -h openbrain_brain-db -U $${PGUSER} -tc "SELECT 1 FROM pg_roles WHERE rolname='$${SYNAPSE_USER}'" | grep -q 1 || \
+        psql -h postgres -U $${PGUSER} -tc "SELECT 1 FROM pg_roles WHERE rolname='$${SYNAPSE_USER}'" | grep -q 1 || \
-          psql -h openbrain_brain-db -U $${PGUSER} -c "CREATE USER $${SYNAPSE_USER} WITH PASSWORD '$${SYNAPSE_PASSWORD}';"
+          psql -h postgres -U $${PGUSER} -c "CREATE USER $${SYNAPSE_USER} WITH PASSWORD '$${SYNAPSE_PASSWORD}';"
 
-        psql -h openbrain_brain-db -U $${PGUSER} -tc "SELECT 1 FROM pg_database WHERE datname='$${SYNAPSE_DB}'" | grep -q 1 || \
+        psql -h postgres -U $${PGUSER} -tc "SELECT 1 FROM pg_database WHERE datname='$${SYNAPSE_DB}'" | grep -q 1 || \
-          psql -h openbrain_brain-db -U $${PGUSER} -c "CREATE DATABASE $${SYNAPSE_DB} OWNER $${SYNAPSE_USER} ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' TEMPLATE template0;"
+          psql -h postgres -U $${PGUSER} -c "CREATE DATABASE $${SYNAPSE_DB} OWNER $${SYNAPSE_USER} ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' TEMPLATE template0;"
 
         echo "Synapse database ready: $${SYNAPSE_DB}"
     networks:
-      - openbrain-brain-internal
+      - internal
     deploy:
       restart_policy:
         condition: on-failure
@@ -492,6 +451,7 @@ services:
 # Volumes
 # ======================
 volumes:
+  postgres_data:
   valkey_data:
   orchestrator_workspace:
   speaches_models:
@@ -504,6 +464,3 @@ networks:
     driver: overlay
   traefik-public:
     external: true
-  openbrain-brain-internal:
-    external: true
-    name: openbrain_brain-internal