Updated `MASTER_ROADMAP_2026_Q1.md` and session logs to reflect completion of the Ping Service tracer bullet. Verified the end-to-end stack, including frontend, backend, and Gateway integration. Fixed query parameter mismatch in `PingApiKoinClient.syncPings()` (`lastSyncTimestamp` → `since`) for proper Delta-Sync functionality. Marked related roadmap tasks as completed.
Signed-off-by: Stefan Mogeritsch <stefan.mo.co@gmail.com>
Updated `MASTER_ROADMAP_2026_Q1.md` to reflect completed Redis-to-Valkey migration and Keycloak production configuration. Adjusted property paths in `base-application.yaml` and session logs with corrected environment variable names. Verified end-to-end Docker stability and roadmap alignment.
Signed-off-by: Stefan Mogeritsch <stefan.mo.co@gmail.com>
Marked Gateway CircuitBreaker tasks as completed and verified in archived roadmaps and session logs. Confirmed fixes for `ClassNotFoundException` via Spring Cloud 2025.0.1 and proper configuration of Resilience4j with fallback and metrics integration.
Signed-off-by: Stefan Mogeritsch <stefan.mo.co@gmail.com>
Completed OIDC Authorization Code Flow with PKCE (S256) for JS and JVM platforms.
- Added `launchOidcFlow`, `consumePendingOidcCallback`, and `getOidcRedirectUri` with platform-specific implementations.
- Integrated SHA-256 and Base64URL helpers for PKCE.
- Updated `LoginViewModel` with OIDC logic (key handling, token exchange, state validation).
- Enhanced `LoginScreen` with an OIDC login button and loading spinner.
- Verified implementation with system hardening roadmap tasks.
Includes browser redirects for JS, localhost HTTP callback for JVM, and built-in Keycloak URL construction.
Signed-off-by: Stefan Mogeritsch <stefan.mo.co@gmail.com>
Marked Zipkin integration tasks as completed and verified in archived roadmaps. Documented fixes for gateway propagation type (`w3c` → `b3`) and Zipkin endpoint configuration. Removed redundant dependencies in `build.gradle.kts` and updated related session logs.
Signed-off-by: Stefan Mogeritsch <stefan.mo.co@gmail.com>
Marked Micrometer 1.16.1 upgrade task as completed in archived roadmaps and session logs. Verified compatibility for Java 25 and updated notes to reflect no changes required in `libs.versions.toml`.
Signed-off-by: Stefan Mogeritsch <stefan.mo.co@gmail.com>
Documented the completed Keycloak hardening steps, including PKCE S256 support, CORS security improvements, strengthened password policy, and logout redirect URI configurations. Verified and updated the `meldestelle-realm.json` and roadmap to reflect these changes.
Signed-off-by: Stefan Mogeritsch <stefan.mo.co@gmail.com>
Added detailed hardware specifications for the Minisforum MS-R1 (Zora) and a complete tech stack overview for the Meldestelle project. Included session logs summarizing research findings, AI relevance, and next steps for self-hosted AI model configurations. Consolidated related reference materials for streamlined documentation.
Added a session log confirming the resolution of pipeline issues in iteration v6, including successful sequential builds and the use of direct `config.json` for Docker credentials. Detailed the root causes (registry proxy timeouts and RAM-OOM) and the implemented fixes, ensuring stability and reliable internal registry access.
Added a session log detailing the resolution of RAM-OOM issues and daemon interaction complexities by writing credentials directly to `config.json` and limiting jobs to sequential execution. Updated `.gitea/workflows/docker-publish.yaml` to reflect the simplified and rootless BuildKit configuration for internal HTTP registry access.
Added a session log detailing the resolution of HTTPS to HTTP conflicts during internal registry access by configuring the Docker Daemon with `insecure-registries` in `daemon.json` and restarting the service. Updated `.gitea/workflows/docker-publish.yaml` to reflect the new approach, ensuring reliable internal pushes bypassing Pangolin without timeouts.
Added a session log detailing the replacement of `iptables` DNAT with a rootless `buildkitd` mirror for internal Gitea registry access, eliminating the need for sudo, additional packages, or kernel-level configurations. Updated `.gitea/workflows/docker-publish.yaml` to reflect the new, purely configurational solution.
Added a detailed session log explaining the replacement of `socat` with `iptables` DNAT for internal Gitea registry access in the pipeline. Updated `.gitea/workflows/docker-publish.yaml` to reflect the new approach, eliminating the need for additional packages on minimal runners.
Added a detailed session log explaining the root cause and resolution for pipeline failures due to "connection refused" on Port 443. Updated `.gitea/workflows/docker-publish.yaml` to configure BuildKit for HTTP and introduced a `socat` TCP proxy for internal registry access.
Added a detailed session log documenting the root cause and resolution of 502 errors during Docker image pushes. Updated `.gitea/workflows/docker-publish.yaml` to bypass Pangolin for internal registry access and disable attestation manifests to prevent additional token requests.
Translated all remaining English architectural documents into German, including ADRs, guides, release notes, and reference materials. Standardized formatting across translated files, updated section headings, and localized inline comments within code examples for consistency.
Revised multiple documents to align with the migration from Incus to Proxmox VE 8.4.10. Updated hypervisor, IP ranges, subnet details, and NAT configurations across all relevant files. Marked Incus sections as historical for clarity. Added AI-Stack setup guide for Proxmox LXC.
Streamlined Keycloak configurations with defaults for development and production in `.env`. Added health checks and improved environment variable documentation with comments to differentiate local and server deployments. Ensured compatibility with pre-built registry images.
Aligned environment variable naming across backend and infrastructure files for improved consistency (e.g., `SPRING_CLOUD_CONSUL` and `SPRING_SECURITY_OAUTH2_RESOURCESERVER`). Introduced `PING_SERVICE_URL` to support dynamic Ping-Service routing. Updated Docker Compose health checks, profiles, and memory settings for scalability and stability.
- Adjusted infrastructure roadmap to use VM instead of nested LXC for Docker hosting, enhancing isolation and compatibility.
- Clarified multi-architecture CI/CD setup with native ARM64 builds and QEMU-based x86_64 builds.
- Updated documentation to include backup and offline-first strategies.
- Archived outdated session logs and reports for better file organization.
Added a detailed session log covering infrastructure setup for the Home-Server (Minisforum MS-R1) and reporting requirements. Updated `MASTER_ROADMAP_2026_Q1.md` with next steps, including PDF generation architecture evaluation and ARM64 hardware setup details.
Updated Dockerfile to streamline the hybrid build process and optimize artifact integration. Modified Caddyfile for better routing logic, enhanced security headers, Prometheus metrics, and improved API proxy handling. Adjusted `dc-gui.yaml` for container stability and simplified runtime configuration for `apiBaseUrl`. Expanded documentation with troubleshooting and session logs.
Replaced multi-stage Docker builds with a hybrid approach that pre-builds frontend artifacts locally and copies them into the container. Removed Kotlin Multiplatform configurations from the root project to resolve NodeJsRootPlugin conflicts. Adjusted `.dockerignore` to allow pre-built artifacts and increased Gradle/Kotlin daemon memory for faster builds. Updated Caddyfile for runtime stability and added documentation for new build processes.
Explicitly added JS target with browser and Node.js configurations at the root level to ensure the NodeJsRootPlugin is loaded. Resolved the "IsolatedKotlinClasspathClassCastException" error in subprojects. Updated Yarn lock to reflect new dependencies.
Updated persistence layer to align with Exposed 1.0.0. Refactored table definitions to use `javaUUID` for consistency with `java.util.UUID`. Adjusted transaction handling for compatibility with the latest API changes. Enhanced error handling in database utility functions and refined pagination logic. Added documentation and migration updates for best practices with Exposed 1.0.0.
- Documented E2E smoke test results for Ktor 3.4.0 and Exposed 1.0.0 migration in new reports and session logs.
- Introduced a fallback mechanism for desktop and web-app builds, ensuring robustness in distribution creation and static asset handling.
- Added a default SVG favicon to prevent 404 errors in the web-app.
- Updated Nginx configuration and Dockerfiles to include improved artifact paths, fallback handling, and script corrections.
Integrated a new `:platform:architecture-tests` module using ArchUnit to enforce backend and frontend architecture rules. Configured explicit dependencies to all relevant modules and implemented rules to prevent cross-dependencies between backend services and frontend features. Replaced legacy Gradle-based architecture guards with this robust solution. Updated CI pipeline to include these tests.
Added documentation outlining the recommended frontend state-management approach using Unidirectional Data Flow (UDF). Documented the 2026-01-28 session addressing the critical SQLDelight async issue, detailing the analysis, fix implementation, and results. Updated PingEventRepositoryImpl to use `awaitAsOneOrNull` for proper async handling.
- Added session log documenting Web-App stabilization, including fixes for Webpack build and login issues.
- Implemented full-sync workaround in `PingEventRepositoryImpl` due to SQLDelight async driver limitations.
- Updated `PingDashboard` to display sync completion messages.
- Added `libs.sqldelight.coroutines` dependency and regenerated SQLDelight queries.
- Updated roadmap and journal with progress on frontend sync integration.
Documented the 2026-01-26 session, covering Web-App database issue resolution, PingViewModel test fixes, and Gradle build task optimizations. Included technical insights on Webpack, Wasm, and SQLDelight challenges, along with pending tasks for build and runtime testing.
Archived obsolete reports and journal entries, introducing a clear archival structure under `_archive`. Moved and reorganized onboarding guides and tech stack references into updated directories (`02_Guides`, `01_Architecture/Reference/Tech_Stack`). Improved overall documentation structure and consistency.
Archived several outdated reports (`Ping-Service_Impl_01-2026.md`, `Frontend_Integration_Status.md`, etc.) and added archival notes and references to updated documents. Introduced a centralized reference structure for tech stack documentation, consolidating files under `01_Architecture/Reference/Tech_Stack`. Added new resources (`Gradle_Kotlin_DSL_Primer`, `Kotlin_2-3-0_ReleaseNotes`) for improved project organization and clarity.
- Reorganized `auth-feature` into `core/auth` to improve architecture and modularity.
- Removed unused PKCE and OAuth callback utilities (`AuthCallbackParams`, `OAuthPkceService`).
- Updated imports and adjusted build scripts to reflect new module structure.
- Refactored `LoginScreen` and `PingScreen` to include `onBack` functionality in top bars for improved navigation.
- Corrected sync endpoint in `PingSyncService`.
Archived obsolete Ping-Service documentation (`ping-service.md`, `PingService.md`) and replaced them with updated references (`PingService_Reference.md`, `Testing_with_Postman.md`). Improved clarity and organization of backend guides with a focus on current architecture, testing approaches, and microservice design principles. Documented the transition with a session log for traceability.
- Documented successful integration tests between KMP frontend and backend (via gateway).
- Included backend fixes: `/api/ping/simple` endpoint made public in `SecurityConfig.kt`.
- Added next steps: frontend authentication flow, JWT utilization, and delta-sync implementation.
Added Mailpit setup and updated Keycloak configuration in local development runbooks. Improved Docker Compose stability with updated service dependencies and configurations. Archived outdated journal entries and documents for better organization.
Enhanced the session log to include local development environment setup, DI fixes, tracing updates, and Docker Compose optimizations. Reflected improvements in architecture, observability, and build results.
Deleted obsolete files and models from the `ping-feature` module, including redundant enums, the old `PingApiClient`, and legacy view models. Simplified the module by consolidating its implementation with the new Koin-based DI and shared client architecture. Cleaned up unused code and improved module maintainability.
Added `/ping/sync` endpoint with timestamp-based Delta-Sync functionality to efficiently support offline-first clients. Extended `PingApi` and frontend clients (`PingApiClient`, `PingApiKoinClient`) with `syncPings`. Updated repository, service, and controller logic for sync handling, including new JPA query `findByCreatedAtAfter`. Adjusted test doubles and completed unit tests for backend and frontend alignment. Documented sync approach and API usage.
Refactored the `ping-feature` module to adopt centralized `HttpClient` through Koin DI, replacing legacy implementations. Added secure API calls with improved error handling and updated Webpack build scripts to resolve worker path issues. Enhanced `PingScreen` with extended functionality, UI updates, and aligned test cases for the new architecture. Consolidated feature workflows and finalized documentation with a comprehensive feature implementation guide.
Added new documentation for Zipkin setup, including Docker Compose configuration, service integration, and troubleshooting steps. Integrated tracing configuration for key microservices to enable distributed tracing and latency analysis.
Applied a unified header format to all documentation files for better status identification, referencing, and ownership tracking. Archived outdated roadmaps, reports, and journal entries. Updated playbooks with new responsibilities, lifecycle rules, and consistent handover formats to align with the new archiving strategy.
Applied a unified header format to all documentation files for better status identification, referencing, and ownership tracking. Archived outdated roadmaps, reports, and journal entries. Updated playbooks with new responsibilities, lifecycle rules, and consistent handover formats to align with the new archiving strategy.
Introduced an initial SQL schema draft for the core domain, focusing on offline-first architecture and aligning with OEPS legacy specifications. Expanded the domain glossary to include critical terms for improved clarity and domain understanding. Added session notes and user stories to document analysis outcomes and requirements.
Replaced fragmented roadmaps with a single MASTER_ROADMAP for Q1 2026 as the authoritative source. Deprecated outdated roadmap files and updated Architect playbook to reflect new ownership and delegation responsibilities. Introduced architecture improvement proposals and added related documents for enhanced collaboration and knowledge sharing.
stefan