Caddy was binding 0.0.0.0:443, which prevented tailscaled from claiming
100.87.53.10:443 for `tailscale serve --https=443`. Restricting Caddy to
the public eth0 IP (187.124.159.82) keeps the public api.bytelyst.com /
devops.bytelyst.com routing intact while freeing the Tailscale IP so the
tailnet-only dashboard URL (https://srv1491630.tailf85608.ts.net) is
reachable again.
Generated with [Devin](https://cli.devin.ai/docs)
Co-Authored-By: Devin <158243242+devin-ai-integration[bot]@users.noreply.github.com>
deploy.resources.limits.memory applied per roadmap table.
Limits derived from 2-day RSS baseline (2026-05-27-29).
Takes effect on next docker compose up — no running containers affected.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
What changed:
- Remove nomgap-web from the ecosystem Docker stack now that web is Vercel-hosted.
- Add a TODO for deciding whether local Docker smoke tests still need a NomGap web service.
- Update NomGap product containers and feature flags.
- Seed the NomGap push trigger flag without duplicating the common encryption flag.
Safety notes:
- Dropped unrelated pnpm-lock.yaml formatting churn instead of committing it.
Verification:
- node JSON.parse products/nomgap/product.json
- ruby Psych.safe_load docker-compose.ecosystem.yml
- pnpm --filter @bytelyst/admin-web typecheck
- pnpm --filter @bytelyst/admin-web test
- pnpm --filter @bytelyst/admin-web exec eslint . --ext .ts,.tsx
- pnpm --filter @lysnrai/platform-service build
- pnpm --filter @lysnrai/platform-service test
- pnpm --filter @lysnrai/platform-service exec eslint . --ext .ts,.tsx
- pnpm typecheck
- pnpm lint
- G4: Add healthcheck to all 9 product web services (matching llmlab-dashboard pattern)
- B4: Remove dead NEXT_PUBLIC_* from runtime environment (Next.js bakes at build time only)
- Replace with non-prefixed server-side vars (PLATFORM_SERVICE_URL, BACKEND_URL, etc.)
- Add clarifying comments on build-time vs runtime var behavior
Each product web app reads different env var names in product-config.ts.
The compose file was using generic NEXT_PUBLIC_BACKEND_URL and
NEXT_PUBLIC_PLATFORM_URL for all 9 web services, but most products
use different names. This caused SSR (server-side rendering) to miss
the correct backend/platform URLs.
Corrected per product:
- lysnrai-dashboard: PLATFORM_SERVICE_URL (server-side, not NEXT_PUBLIC)
- chronomind-web: NEXT_PUBLIC_BACKEND_URL + NEXT_PUBLIC_PLATFORM_SERVICE_URL
- jarvisjr-web: NEXT_PUBLIC_PLATFORM_SERVICE_URL (no backend client)
- flowmonk-web: NEXT_PUBLIC_PLATFORM_URL (backend is hardcoded)
- notelett-web: NEXT_PUBLIC_NOTES_API_URL + NEXT_PUBLIC_PLATFORM_SERVICE_URL
- mindlyst-web: NEXT_PUBLIC_PLATFORM_SERVICE_URL
- nomgap-web: NEXT_PUBLIC_NOMGAP_API_URL + NEXT_PUBLIC_PLATFORM_SERVICE_URL
- actiontrail-web: NEXT_PUBLIC_API_URL + NEXT_PUBLIC_PLATFORM_URL
- localmemgpt-web: already correct (unchanged)
