mosaic/stack
1
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases 2 Wiki Activity
Files
fd38fc94d07f4563803a5b51e78b5233f318d1fa
stack/apps/api
History
Jason Woltje fd38fc94d0
Some checks failed
ci/woodpecker/push/orchestrator Pipeline failed
Details
ci/woodpecker/push/web Pipeline failed
Details
ci/woodpecker/push/api Pipeline failed
Details
feat(api): add terminal WebSocket gateway with PTY session management 
Implements CT-TERM-001: WebSocket-based terminal service that spawns real
shell sessions via node-pty and streams I/O to connected clients.

- Add node-pty dependency and configure pnpm build permissions
- Create TerminalModule with Gateway, Service, and DTOs
- TerminalGateway: /terminal namespace, auth via handshake token,
  workspace-scoped rooms, handles terminal:create/input/resize/close events
- TerminalService: manages IPty sessions per workspace with max 10 session
  limit, cleanup on disconnect
- DTOs: CreateTerminalDto, TerminalInputDto, TerminalResizeDto, CloseTerminalDto
  with class-validator decorators
- Unit tests: 25 gateway tests + 23 service tests (all passing)
- Register TerminalModule in AppModule

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-25 20:26:31 -06:00
..
prisma
feat(api): seed 7 widget definitions for dashboard system (#496)
2026-02-24 00:28:02 +00:00
scripts
feat(#359): Encrypt LLM provider API keys in database
2026-02-07 16:49:37 -06:00
src
feat(api): add terminal WebSocket gateway with PTY session management
2026-02-25 20:26:31 -06:00
test
feat(#175): Implement E2E test harness
2026-02-01 21:44:04 -06:00
.dockerignore
feat(#37-41): Add domains, ideas, relationships, agents, widgets schema
2026-01-29 12:29:21 -06:00
.env.example
fix(#338): Implement proper system admin role separate from workspace ownership
2026-02-05 16:44:50 -06:00
.env.test
feat(#93): implement agent spawn via federation
2026-02-03 14:37:06 -06:00
.env.test.example
fix(test): Fix DATABASE_URL environment setup for integration tests
2026-02-07 17:46:59 -06:00
.swcrc
feat(#1): Set up monorepo scaffold with pnpm workspaces + TurboRepo
2026-01-28 13:31:33 -06:00
AGENTS.md
feat(#401): add speech services config and env vars
2026-02-15 02:03:21 -06:00
docker-entrypoint.sh
fix(api): use node_modules prisma binary in entrypoint
2026-02-15 00:05:46 -06:00
Dockerfile
fix: reduce Kaniko disk usage in Node.js Dockerfiles
2026-02-16 20:21:44 -06:00
eslint.config.mjs
chore: upgrade Node.js runtime to v24 across codebase
2026-02-16 17:33:26 -06:00
nest-cli.json
feat(#1): Set up monorepo scaffold with pnpm workspaces + TurboRepo
2026-01-28 13:31:33 -06:00
package.json
feat(api): add terminal WebSocket gateway with PTY session management
2026-02-25 20:26:31 -06:00
prisma.config.ts
chore: migrate Prisma config from package.json to prisma.config.ts
2026-01-31 10:32:48 -06:00
README.md
feat(#93): implement agent spawn via federation
2026-02-03 14:37:06 -06:00
tsconfig.json
feat(#1): Set up monorepo scaffold with pnpm workspaces + TurboRepo
2026-01-28 13:31:33 -06:00
vitest.config.ts
fix(#410): use toNodeHandler for BetterAuth Express compatibility
2026-02-15 19:06:49 -06:00
vitest.e2e.config.ts
feat(#175): Implement E2E test harness
2026-02-01 21:44:04 -06:00
vitest.setup.ts
fix(test): Use correct CI detection for Woodpecker
2026-02-07 21:47:53 -06:00

README.md

Mosaic Stack API

The Mosaic Stack API is a NestJS-based backend service providing REST endpoints and WebSocket support for the Mosaic productivity platform.

Overview

The API serves as the central backend for:

  • Task Management - Create, update, track tasks with filtering and sorting
  • Event Management - Calendar events and scheduling
  • Project Management - Organize work into projects
  • Knowledge Base - Wiki-style documentation with markdown support and wiki-linking
  • Ideas - Quick capture and organization of ideas
  • Domains - Categorize work across different domains
  • Personalities - AI personality configurations for the Ollama integration
  • Widgets & Layouts - Dashboard customization
  • Activity Logging - Track all user actions
  • WebSocket Events - Real-time updates for tasks, events, and projects

Available Modules

Module Base Path Description
Tasks /api/tasks CRUD operations for tasks with filtering
Events /api/events Calendar events and scheduling
Projects /api/projects Project management
Knowledge /api/knowledge/entries Wiki entries with markdown support
Knowledge Tags /api/knowledge/tags Tag management for knowledge entries
Ideas /api/ideas Quick capture and idea management
Domains /api/domains Domain categorization
Personalities /api/personalities AI personality configurations
Widgets /api/widgets Dashboard widget data
Layouts /api/layouts Dashboard layout configuration
Ollama /api/ollama LLM integration (generate, chat, embed)
Users /api/users/me/preferences User preferences

Health Check

  • GET / - API health check
  • GET /health - Detailed health status including database connectivity

Authentication

The API uses BetterAuth for authentication with the following features:

Authentication Flow

  1. Email/Password - Users can sign up and log in with email and password
  2. Session Tokens - BetterAuth generates session tokens with configurable expiration

Guards

The API uses a layered guard system:

Guard Purpose Applies To
AuthGuard Verifies user authentication via Bearer token Most protected endpoints
WorkspaceGuard Validates workspace membership and sets Row-Level Security (RLS) context Workspace-scoped resources
PermissionGuard Enforces role-based access control Admin operations

Workspace Roles

  • OWNER - Full control over workspace
  • ADMIN - Administrative functions (can delete content, manage members)
  • MEMBER - Standard access (create/edit content)
  • GUEST - Read-only access

Permission Levels

Used with @RequirePermission() decorator:

Permission.WORKSPACE_OWNER; // Requires OWNER role
Permission.WORKSPACE_ADMIN; // Requires ADMIN or OWNER
Permission.WORKSPACE_MEMBER; // Requires MEMBER, ADMIN, or OWNER
Permission.WORKSPACE_ANY; // Any authenticated member including GUEST

Providing Workspace Context

Workspace ID can be provided via:

  1. Header: X-Workspace-Id: <workspace-id> (highest priority)
  2. URL Parameter: :workspaceId
  3. Request Body: workspaceId field

Example: Protected Controller

@Controller("tasks")
@UseGuards(AuthGuard, WorkspaceGuard, PermissionGuard)
export class TasksController {
  @Post()
  @RequirePermission(Permission.WORKSPACE_MEMBER)
  async create(@Body() dto: CreateTaskDto, @Workspace() workspaceId: string) {
    // workspaceId is verified and RLS context is set
  }
}

Environment Variables

Variable Description Default
PORT API server port 3001
DATABASE_URL PostgreSQL connection string Required
NODE_ENV Environment (development, production) -
NEXT_PUBLIC_APP_URL Frontend application URL (for CORS) http://localhost:3000
WEB_URL WebSocket CORS origin http://localhost:3000

Running Locally

Prerequisites

  • Node.js 18+
  • PostgreSQL database
  • pnpm workspace (part of Mosaic Stack monorepo)

Setup

  1. Install dependencies:

    pnpm install

  2. Set up environment variables:

    cp .env.example .env  # If available
# Edit .env with your DATABASE_URL

  3. Generate Prisma client:

    pnpm prisma:generate

  4. Run database migrations:

    pnpm prisma:migrate

  5. Seed the database (optional):

    pnpm prisma:seed

Development

pnpm dev

The API will start on http://localhost:3001

Production Build

pnpm build
pnpm start:prod

Database Management

# Open Prisma Studio
pnpm prisma:studio

# Reset database (dev only)
pnpm prisma:reset

# Run migrations in production
pnpm prisma:migrate:prod

API Documentation

The API does not currently include Swagger/OpenAPI documentation. Instead:

  • Controller files contain detailed JSDoc comments describing each endpoint
  • DTO classes define request/response schemas with class-validator decorators
  • Refer to the controller source files in src/ for endpoint details

Example: Reading an Endpoint

// src/tasks/tasks.controller.ts

/**
 * POST /api/tasks
 * Create a new task
 * Requires: MEMBER role or higher
 */
@Post()
@RequirePermission(Permission.WORKSPACE_MEMBER)
async create(@Body() createTaskDto: CreateTaskDto, @Workspace() workspaceId: string) {
  return this.tasksService.create(workspaceId, user.id, createTaskDto);
}

WebSocket Support

The API provides real-time updates via WebSocket. Clients receive notifications for:

  • task:created - New task created
  • task:updated - Task modified
  • task:deleted - Task removed
  • event:created - New event created
  • event:updated - Event modified
  • event:deleted - Event removed
  • project:updated - Project modified

Clients join workspace-specific rooms for scoped updates.

Testing

# Run unit tests
pnpm test

# Run tests with coverage
pnpm test:coverage

# Run e2e tests
pnpm test:e2e

# Watch mode
pnpm test:watch

Project Structure

src/
├── activity/          # Activity logging
├── auth/              # Authentication (BetterAuth config, guards)
├── common/            # Shared decorators and guards
├── database/          # Database module
├── domains/           # Domain management
├── events/            # Event management
├── filters/           # Global exception filters
├── ideas/             # Idea capture and management
├── knowledge/         # Knowledge base (entries, tags, markdown)
├── layouts/           # Dashboard layouts
├── lib/               # Utility functions
├── ollama/            # LLM integration
├── personalities/     # AI personality configurations
├── prisma/            # Prisma service
├── projects/          # Project management
├── tasks/             # Task management
├── users/             # User preferences
├── widgets/           # Dashboard widgets
├── websocket/         # WebSocket gateway
├── app.controller.ts  # Root controller (health check)
├── app.module.ts      # Root module
└── main.ts            # Application bootstrap
Reference in New Issue View Git Blame Copy Permalink