Add Code-Server deployment plan for accessibility enhancement
Battle Plan Created: - Comprehensive deployment guide (code-server-deployment-plan.md) - Browser-based VS Code for documentation editing - Eliminates 90% of terminal work for docs Project Scope Updated: - Code-Server as Phase 0.5 extension - Addresses hand limitations directly - Enables Meg to edit without SSH knowledge TASKS.md Updated: - Complete deployment checklist - Pre-deployment, installation, security steps - Post-deployment configuration and testing Strategic Value: - Works on Chromebook + Samsung S24 Ultra - Visual Git workflow (no commands) - Reduces hand strain significantly - Mobile-friendly documentation workflow Ready to deploy: code.firefrostgaming.com 🔥❄️
This commit is contained in:
Firefrost Automation
223
docs/code-server-deployment-plan.md
Normal file
223
docs/code-server-deployment-plan.md
Normal file
@@ -0,0 +1,223 @@
|
||||
# Code-Server Deployment Plan
|
||||
|
||||
**Service:** Visual Studio Code (Web-based IDE)
|
||||
**URL:** code.firefrostgaming.com
|
||||
**Location:** Command Center VPS (63.143.34.217)
|
||||
**Purpose:** Browser-based file editing for documentation (no SSH required)
|
||||
**Priority:** HIGH - Accessibility enhancement for hand limitations
|
||||
|
||||
---
|
||||
|
||||
## Strategic Value
|
||||
|
||||
**Problem Solved:**
|
||||
- Eliminates need for SSH terminal for doc editing
|
||||
- GUI-based file management
|
||||
- Works on Chromebook + Samsung Galaxy S24 Ultra
|
||||
- Enables Meg to edit docs without SSH knowledge
|
||||
- Visual Git workflow (no command line)
|
||||
|
||||
**The Wizard + The Emissary can both edit docs from any device!**
|
||||
|
||||
---
|
||||
|
||||
## Technical Specifications
|
||||
|
||||
**Software:** Code-Server (VS Code in browser)
|
||||
**Version:** Latest stable
|
||||
**Port:** 8080 (internal)
|
||||
**External Access:** HTTPS via Nginx reverse proxy
|
||||
**Authentication:** Password (upgrade to Authentik SSO in Phase 2)
|
||||
**SSL:** Let's Encrypt certificate
|
||||
**Firewall:** UFW rules for port 8080 (localhost only)
|
||||
|
||||
---
|
||||
|
||||
## Architecture
|
||||
```
|
||||
User Browser
|
||||
↓ HTTPS
|
||||
Nginx (code.firefrostgaming.com)
|
||||
↓ Reverse Proxy (localhost:8080)
|
||||
Code-Server
|
||||
↓ File Access
|
||||
/root/firefrost-work/firefrost-operations-manual/
|
||||
↓ Git Operations
|
||||
Gitea (git.firefrostgaming.com)
|
||||
```
|
||||
|
||||
---
|
||||
|
||||
## Pre-Deployment Checklist
|
||||
|
||||
- [ ] DNS A record: code.firefrostgaming.com → 63.143.34.217
|
||||
- [ ] Port 8080 available (check with `ss -tlnp | grep 8080`)
|
||||
- [ ] Disk space check (Code-Server ~500MB)
|
||||
- [ ] Backup current Git repo state
|
||||
|
||||
---
|
||||
|
||||
## Deployment Steps
|
||||
|
||||
### Step 1: Install Code-Server
|
||||
```bash
|
||||
curl -fsSL https://code-server.dev/install.sh | sh
|
||||
```
|
||||
|
||||
### Step 2: Configure Code-Server
|
||||
- Config file: `~/.config/code-server/config.yaml`
|
||||
- Set bind address: 127.0.0.1:8080
|
||||
- Set password: [STRONG_PASSWORD]
|
||||
- Disable telemetry
|
||||
|
||||
### Step 3: Create Systemd Service
|
||||
- Enable auto-start on boot
|
||||
- Set working directory: `/root/firefrost-work/firefrost-operations-manual`
|
||||
- Configure restart policy
|
||||
|
||||
### Step 4: Nginx Reverse Proxy
|
||||
- Create site config: `/etc/nginx/sites-available/code.firefrostgaming.com`
|
||||
- Proxy pass to localhost:8080
|
||||
- WebSocket support (critical for Code-Server)
|
||||
|
||||
### Step 5: SSL Certificate
|
||||
```bash
|
||||
certbot --nginx -d code.firefrostgaming.com
|
||||
```
|
||||
|
||||
### Step 6: UFW Firewall
|
||||
- Allow HTTP/HTTPS on ens3
|
||||
- Block direct access to port 8080
|
||||
|
||||
### Step 7: Verification
|
||||
- Test HTTPS access
|
||||
- Test file editing
|
||||
- Test Git operations
|
||||
- Test from mobile devices
|
||||
|
||||
---
|
||||
|
||||
## Post-Deployment Configuration
|
||||
|
||||
**VS Code Extensions to Install:**
|
||||
1. Markdown All in One (preview + shortcuts)
|
||||
2. Git Graph (visual Git history)
|
||||
3. GitLens (advanced Git features)
|
||||
4. Prettier (code formatting)
|
||||
5. Material Icon Theme (better file icons)
|
||||
|
||||
**Workspace Settings:**
|
||||
- Open folder: `/root/firefrost-work/firefrost-operations-manual`
|
||||
- Git: Enable auto-fetch
|
||||
- Files: Auto-save enabled
|
||||
- Terminal: Default shell bash
|
||||
|
||||
---
|
||||
|
||||
## Security Considerations
|
||||
|
||||
**Access Control:**
|
||||
- Password authentication (for now)
|
||||
- HTTPS only (no HTTP access)
|
||||
- Future: Integrate with Authentik SSO
|
||||
|
||||
**File Permissions:**
|
||||
- Code-Server runs as root (needs Git access)
|
||||
- Read/write to firefrost-operations-manual repo
|
||||
|
||||
**Network:**
|
||||
- Bound to localhost only
|
||||
- Nginx reverse proxy handles external access
|
||||
- UFW blocks direct port access
|
||||
|
||||
---
|
||||
|
||||
## Usage Workflow (Post-Deployment)
|
||||
|
||||
**For Michael:**
|
||||
1. Open code.firefrostgaming.com on Chromebook/phone
|
||||
2. Enter password
|
||||
3. Navigate files in sidebar
|
||||
4. Edit markdown files
|
||||
5. Use Source Control tab for Git
|
||||
6. Commit + Push with GUI buttons
|
||||
|
||||
**For Meg:**
|
||||
1. Same workflow as Michael
|
||||
2. No SSH knowledge required
|
||||
3. Visual file management
|
||||
4. Can edit branding docs easily
|
||||
|
||||
---
|
||||
|
||||
## Troubleshooting Guide
|
||||
|
||||
**Issue: Can't connect to code.firefrostgaming.com**
|
||||
- Check DNS propagation
|
||||
- Verify Nginx config: `nginx -t`
|
||||
- Check Code-Server status: `systemctl status code-server@root`
|
||||
|
||||
**Issue: WebSocket connection failed**
|
||||
- Verify Nginx proxy_http_version 1.1
|
||||
- Check Upgrade and Connection headers
|
||||
|
||||
**Issue: Git operations fail**
|
||||
- Verify Git credentials configured
|
||||
- Check file permissions
|
||||
|
||||
---
|
||||
|
||||
## Rollback Plan
|
||||
|
||||
**If deployment fails:**
|
||||
1. Stop Code-Server: `systemctl stop code-server@root`
|
||||
2. Remove Nginx config
|
||||
3. Remove DNS record
|
||||
4. Continue using SSH workflow
|
||||
|
||||
**No data loss risk - all Git repo files untouched**
|
||||
|
||||
---
|
||||
|
||||
## Success Metrics
|
||||
|
||||
- ✅ HTTPS accessible from browser
|
||||
- ✅ File editing works smoothly
|
||||
- ✅ Git commit/push from UI works
|
||||
- ✅ Accessible from Chromebook
|
||||
- ✅ Accessible from Samsung S24 Ultra
|
||||
- ✅ Meg can edit docs without SSH
|
||||
|
||||
---
|
||||
|
||||
## Timeline
|
||||
|
||||
**Estimated Deployment Time:** 1-2 hours
|
||||
|
||||
**Phase Breakdown:**
|
||||
- DNS + Prerequisites: 10 minutes
|
||||
- Code-Server install: 15 minutes
|
||||
- Configuration: 20 minutes
|
||||
- Nginx setup: 15 minutes
|
||||
- SSL certificate: 5 minutes
|
||||
- Testing: 20 minutes
|
||||
- Documentation: 15 minutes
|
||||
|
||||
**Total:** ~100 minutes
|
||||
|
||||
---
|
||||
|
||||
## Future Enhancements (Phase 2+)
|
||||
|
||||
- [ ] Authentik SSO integration
|
||||
- [ ] Custom VS Code theme (Fire + Frost colors)
|
||||
- [ ] Shared editing (Live Share extension)
|
||||
- [ ] Mobile app (code-server has PWA support)
|
||||
- [ ] Backup/snapshot system
|
||||
|
||||
---
|
||||
|
||||
**Status:** READY FOR DEPLOYMENT
|
||||
**Next Step:** Create DNS record, then begin installation
|
||||
|
||||
**Fire + Frost = Where Passion Meets Precision** 🔥❄️
|
||||
Reference in New Issue
Block a user