diff --git a/docs/core/tasks.md b/docs/core/tasks.md index cc4ea12..beb05f2 100644 --- a/docs/core/tasks.md +++ b/docs/core/tasks.md @@ -1,51 +1,13 @@ # 🔥❄️ FIREFROST GAMING — CURRENT TASKS -**Last Updated:** February 12, 2026 (9:45 AM CST) -**Updated By:** The Chronicler (via Gitea API) +**Last Updated:** February 13, 2026 (Evening CST) +**Updated By:** Chronicler the Second (via Gitea API) **Status:** Active --- ## 🔴 HIGH PRIORITY -### Mailcow Email Server — Self-Hosted Email -**Status:** Pre-sale answered ✅ — purchase delayed (house repair priority) -**Breezehost Response (Brandon E, Feb 12 9:06 AM):** -- Clean IP blocks (reassign/migrate if any issues) -- rDNS available (most ranges settable in panel, some need support) -- Port 25 NOT blocked by default -- Any datacenter location works (can move if needed) -**Timeline:** Purchase when funds allow (1-3 days, house repair takes priority) -**Blocker:** Awaiting Jon's answers on IP reputation, rDNS, port 25, data center -**Plan:** -- AMD Epyc Cloud-2 VPS ($10/month) — 2 vCPU, 4GB DDR5, 40GB NVMe -- Mailcow (Docker-based) — Postfix, Dovecot, SOGo webmail, Rspamd, ClamAV -- Ubuntu 22.04 with self-healing automation scripts -- 10-15 @firefrostgaming.com addresses to start -- Migrate OFF Plesk (accessibility nightmare) - -**Pre-sale email drafted:** Ready to send morning of Feb 12 -**Location:** provider-communications.md (to be committed) - -**Next Steps:** -1. Send pre-sale email to Jon (morning) -2. Wait for response on IP/rDNS/port 25/data center -3. Order Cloud-2 VPS -4. Deploy Mailcow -5. Configure DNS (SPF, DKIM, DMARC) -6. Create email addresses -7. Test deliverability -8. Migrate off Plesk - ---- - -### Create Scoped Gitea Token for Pokerole Project -**Status:** Blocked — waiting on Vaultwarden deployment -**Dependency:** Vaultwarden must be live first (token management) -**Scope:** Create a Gitea API token scoped to only the 4 pokerole-project repos. Replace the shared master token in `pokerole-project/misc-docs/SESSION-START-PROMPT.md`. -**Why:** Current setup uses the master token with a scope instruction (honor system). Iron Wall says defense in depth — scoped token enforces the boundary. -**After completion:** Update SESSION-START-PROMPT.md with new token, store in Vaultwarden. - ### Vaultwarden Deployment **Status:** Ready to deploy **Domain:** vault.firefrostgaming.com @@ -62,10 +24,86 @@ --- +### Mailcow Email Server — Self-Hosted Email +**Status:** Pre-sale answered ✅ — VPS purchase delayed (targeting 1st of month for billing consolidation) +**Breezehost Response (Brandon E, Feb 12 9:06 AM):** +- Clean IP blocks (reassign/migrate if any issues) +- rDNS available (most ranges settable in panel, some need support) +- Port 25 NOT blocked by default +- Any datacenter location works (can move if needed) +**Timeline:** Purchase VPS near March 1 to align with billing cycle +**Plan:** +- AMD Epyc Cloud-2 VPS ($10/month) — 2 vCPU, 4GB DDR5, 40GB NVMe +- Mailcow (Docker-based) — Postfix, Dovecot, SOGo webmail, Rspamd, ClamAV +- Ubuntu 22.04 with self-healing automation scripts +- 10-15 @firefrostgaming.com addresses to start +- Migrate OFF Plesk (accessibility nightmare) + +**Next Steps:** +1. Order Cloud-2 VPS (targeting ~March 1) +2. Deploy Mailcow +3. Configure DNS (SPF, DKIM, DMARC) +4. Create email addresses +5. Test deliverability +6. Migrate off Plesk + +--- + +### Create Scoped Gitea Token for Pokerole Project +**Status:** Blocked — waiting on Vaultwarden deployment +**Dependency:** Vaultwarden must be live first (token management) +**Scope:** Create a Gitea API token scoped to only the 4 pokerole-project repos. Replace the shared master token in `pokerole-project/misc-docs/SESSION-START-PROMPT.md`. +**Why:** Current setup uses the master token with a scope instruction (honor system). Iron Wall says defense in depth — scoped token enforces the boundary. +**After completion:** Update SESSION-START-PROMPT.md with new token, store in Vaultwarden. + +--- + +### Department Structure & Access Control Matrix — DESIGN +**Status:** New — design phase (Feb 13, 2026) +**Priority:** HIGH (blocks Staff Wiki/Subscriber Wiki/Discord configuration) +**Deliverable:** `docs/planning/access-control-matrix.md` + +**Scope:** Unified role-based access control across three platforms + Discord: +- **Ghost** (firefrostgaming.com) — public storefront, no auth needed +- **Subscriber Wiki** (subscribers.firefrostgaming.com) — gated member content +- **Staff Wiki** (staff.firefrostgaming.com) — internal operations, department-restricted +- **Discord** — role/channel structure mirroring department access + +**Top Tier (Full Access):** Michael (The Wizard), Meg (The Emissary), Claude (The Chronicler) + +**Departments to define (proposed):** +- Moderation +- Server Administration +- Content / Social Media +- Community Events +- Build Team + +**Design first, implement after.** No permissions get wired until the model is approved. + +--- + --- ## 🟡 MEDIUM PRIORITY +### MkDocs Decommission +**Status:** New — decision made Feb 13, 2026 +**Reason:** Ghost CMS handles public-facing content. Subscriber Wiki handles gated content. MkDocs serves no distinct purpose in the new three-tier model (Ghost → Subscriber Wiki → Staff Wiki). +**ADR:** To be documented in `docs/reference/architecture-decisions.md` + +**Decommission steps:** +1. Audit current MkDocs content — migrate anything needed to Ghost or Subscriber Wiki +2. Remove Uptime Kuma monitor for docs.firefrostgaming.com +3. Tear down MkDocs service on Ghost VPS +4. Release Nginx config and SSL cert (redirect docs.firefrostgaming.com to Ghost or retire) +5. Archive `docs/deployment/mkdocs.md` to `docs/archive/` +6. Update: project-scope, infrastructure-manifest, session-handoff, SESSION-HANDOFF-PROTOCOL, DOCUMENT-INDEX +7. Log in CHANGELOG + +**Depends on:** Department/permissions design being complete (so we know what goes where) + +--- + ### Consultant Photo Processing **Status:** 30-40 photos from pre-crash session need processing **Plan:** @@ -110,9 +148,6 @@ - "GitHub mirror removed" — should say "GitHub kept as private backup" **Action:** Fix during doc audit or as standalone update -### Delete test-file.md from Repo -**Status:** Snuck in during photo commit, needs removal - --- ## 🟢 LOW PRIORITY @@ -123,7 +158,6 @@ **Issues:** Still calls Claude "The Wizard" instead of "The Chronicler", potentially redundant with current practices **Action:** Review, update role name, trim if content overlaps with current docs - ### Frostwall (UFW) Deployment **Status:** Planned **Scope:** Game servers (TX1, NC1) @@ -146,6 +180,12 @@ ## ✅ RECENTLY COMPLETED +### Feb 13, 2026 (Evening) +- ✅ Gemini social media calendar reviewed — confirmed in sync with repo +- ✅ Empty heading artifacts cleaned from gemini-social-media-calendar.md +- ✅ Documentation tier decision: MkDocs decommission approved (Ghost + Subscriber Wiki + Staff Wiki) +- ✅ Department/access control design scope defined + ### Feb 12, 2026 (Morning — Consolidation) - ✅ Full documentation audit (54 docs analyzed for overlaps/stale info) - ✅ FFG-STD-001 Revision Control Standard created and approved @@ -194,17 +234,13 @@ --- -## 📋 NEXT SESSION PLAN (Feb 12, 2026 — Morning) +## 📋 NEXT SESSION PLAN (Feb 14, 2026) -1. ~~Send pre-sale email to Jon (Breezehost)~~ ✅ SENT -2. ~~Full documentation audit + consolidation~~ ✅ DONE -3. ~~Fix Frostwall vs Firefrost naming~~ ✅ DONE -4. ~~Scope doc corrections~~ ✅ DONE -5. ~~Delete test-file.md~~ ✅ DONE -6. Deploy Vaultwarden → move token → delete temp file -7. Clean up Command Center root -8. Process consultant photos (batches of 10) -9. Review & trim workflow-guide.md +1. Deploy Vaultwarden → move token → delete temp file +2. Design department structure & access control matrix +3. Begin MkDocs decommission (audit content first) +4. Clean up Command Center root +5. Update infrastructure docs (project-scope, manifest, session-handoff, etc.) ---