docs: add sub-project service docs + sync vault 2026-06-08

Add 10 - Services/ docs for all sub-projects: backend, frontend, scanner,
deployment (new), update amanat-assist. Update Scanner Architecture,
Telegram Mini App flow, and Activity Log. Add payment safety edge cases.
This commit is contained in:
Siavash Sameni
2026-06-08 16:22:52 +04:00
parent 181e8e9c2f
commit 67244223ec
13 changed files with 2734 additions and 311 deletions

View File

@@ -246,12 +246,17 @@ trigger: push/manual to main
agent: linux/arm64 (same host as assist.amn.gg)
steps:
1. build-frontend: npm ci + npm run build (Vite)
2. deploy:
1. build-frontend (node:22-alpine):
- npm ci + npm run build (Vite)
- Bakes VITE_ env vars into the static bundle at build time
2. deploy (docker:27-cli, docker socket volume-mounted — no registry push):
- Copy dist/ to /opt/amanat-assist/dist/ (nginx bind-mount)
- Rebuild amanat-llm-proxy Docker image in-place
- docker compose up -d --no-deps llm-proxy
3. notify: Telegram CI notification
- Sync docker-compose.yml to /opt/amanat-assist/
- Rebuild amanat-llm-proxy Docker image in-place (locally, never pushed)
- docker compose up -d (recreates llm-proxy container)
3. notify (node:22-alpine):
- Runs scripts/ci/tg-notify.cjs on success or failure
- Uses TG_TOKEN + TG_USERS secrets
```
Nginx picks up new static files from the bind-mount without restart.
@@ -267,7 +272,7 @@ The proxy container is recreated with the new image.
| `MISTRAL_API_KEY` | llm-proxy runtime | Mistral API key (server-side only) |
| `KIMI_API_KEY` | llm-proxy runtime | Optional Kimi API key |
| `DEEPSEEK_API_KEY` | llm-proxy runtime | Optional DeepSeek API key (auto-fallback) |
| `OPENCODE_PROXY_URL` | llm-proxy runtime | OpenCode local proxy URL |
| `OPENCODE_PROXY_URL` | llm-proxy runtime | OpenCode local proxy URL (default `http://127.0.0.1:3456`) |
| `ALLOWED_ORIGINS` | llm-proxy runtime | CORS whitelist (comma-separated) |
| `PORT` | llm-proxy runtime | Port (default 3001) |
@@ -294,3 +299,5 @@ See `src/sections/assist/` in the frontend repo for the implementation.
- **Session storage is local only** — history lives in `localStorage`, not synced to backend
- **Vision model not streaming** — responses may feel slow for image analysis
- **categoryId from vision disabled** — vision returns category names, not ObjectIds; name→ID matching is left to the LLM in the follow-up turn
- **llm-proxy is zero-dependency** — `llm-proxy/index.mjs` uses only Node.js built-ins (`http`, native `fetch`); no npm packages. Logs rotate at 10 MB.
- **No registry push** — CI builds the llm-proxy image directly on the host via a docker socket volume mount; `docker pull` will always fail (intentional — image is local-only)