Add prerequisites checklist for whitelist-manager

Complete pre-deployment checklist covering:
- Pterodactyl API access and key generation
- Ghost VPS access and requirements
- DNS configuration steps
- Whitelist enforcement method determination
- Authentication setup
- Server list verification (11 Minecraft servers)
- Network and firewall requirements
- SSL certificate preparation

Follows FFG-STD-002 standard for task documentation.

This ensures all prerequisites are gathered before starting
deployment, preventing mid-deployment blockers.

Phase 4 of complete restructure.

Date: February 16, 2026
Implemented by: The Chronicler

docs/tasks/whitelist-manager/prerequisites.md

@@ -0,0 +1,244 @@
+# Whitelist Manager - Prerequisites
+
+**Task:** Whitelist Manager Web Dashboard  
+**Document Type:** Prerequisites Checklist  
+**Status:** ACTIVE  
+**Last Updated:** 2026-02-16
+
+---
+
+## Before You Begin
+
+This checklist covers everything you need to gather/prepare BEFORE starting the deployment.
+
+---
+
+## ✅ PREREQUISITE CHECKLIST
+
+### 1. Pterodactyl Panel Access
+
+- [ ] **Panel URL confirmed:** `________________________`
+  - Likely: `https://panel.firefrostgaming.com` or similar
+  
+- [ ] **API Key generated**
+  - Log into Pterodactyl panel
+  - Navigate to: Account Settings → API Credentials
+  - Create new key with description: "Whitelist Manager"
+  - Permissions needed:
+    - ✅ Read server details
+    - ✅ Send console commands
+    - ✅ Access server variables (if whitelist enforcement is a variable)
+  
+- [ ] **API key tested**
+  ```bash
+  curl -H "Authorization: Bearer YOUR_API_KEY" \
+    https://panel.firefrostgaming.com/api/client
+  ```
+  - Should return your account details (confirms key works)
+
+- [ ] **API key stored securely**
+  - DO NOT commit to Git
+  - Store in `.env` file (will create during deployment)
+  - Backup in Vaultwarden after deployment
+
+---
+
+### 2. Ghost VPS Access
+
+- [ ] **SSH credentials obtained**
+  - IP address: `________________________`
+  - Username: root (or other)
+  - SSH key or password access
+  
+- [ ] **SSH access verified**
+  ```bash
+  ssh root@[ghost-vps-ip]
+  ```
+  - Can successfully connect
+  
+- [ ] **Server requirements met**
+  - [ ] Python 3.9+ installed
+  - [ ] Nginx installed and running
+  - [ ] Port 5001 available (internal app port)
+  - [ ] Sufficient disk space (≥1GB free)
+  - [ ] Sufficient RAM (≥512MB free)
+
+- [ ] **Nginx status confirmed**
+  ```bash
+  systemctl status nginx
+  ```
+  - Should be active and running
+
+---
+
+### 3. DNS Configuration
+
+- [ ] **DNS provider access confirmed**
+  - Cloudflare, Route53, or other
+  - Can create/modify DNS records
+  
+- [ ] **A Record to create:**
+  - **Name:** `whitelist.firefrostgaming.com`
+  - **Type:** A
+  - **Value:** [Ghost VPS IP Address]
+  - **TTL:** 300 (5 minutes for testing, increase after deployment)
+  - **Proxy:** Off (for initial setup)
+  
+- [ ] **Ghost VPS IP address confirmed:** `________________________`
+
+---
+
+### 4. Whitelist Enforcement Method
+
+**Determine how Minecraft whitelist enforcement works on your servers:**
+
+- [ ] **Option A: Console Commands** (Recommended)
+  - `/whitelist on` to enable
+  - `/whitelist off` to disable
+  - No server restart required
+  - **Check:** Test on one server to confirm
+  
+- [ ] **Option B: server.properties**
+  - `white-list=true/false` in config file
+  - Requires server restart to apply
+  - More complex to automate
+  
+- [ ] **Option C: Pterodactyl Startup Variable**
+  - Whitelist enabled/disabled via panel variable
+  - Check Pterodactyl server settings
+  
+**Confirmed method:** ________________________
+
+---
+
+### 5. Authentication
+
+- [ ] **Admin username chosen:** `________________________`
+  - Recommendation: Use same username as Wiki.js Staff for consistency
+  
+- [ ] **Admin password chosen:** `________________________`
+  - Strong password (16+ characters)
+  - Mix of letters, numbers, symbols
+  - Store in password manager
+  
+- [ ] **Additional staff users identified** (if needed):
+  - User 1: `________________________`
+  - User 2: `________________________`
+  - User 3: `________________________`
+  - Note: MVP supports only one admin user; multi-user is Phase 2
+
+---
+
+### 6. Server List Verification
+
+**Confirm these 11 Minecraft servers are correct:**
+
+**Texas Node (TX1):**
+- [ ] Reclamation - `1eb33479-a6bc-4e8f-b64d-d1e4bfa0a8b4`
+- [ ] Stoneblock 4 - `a0efbfe8-4b97-4a90-869d-ffe6d3072bd5`
+- [ ] Society: Sunlit Valley - `9310d0a6-62a6-4fe6-82c4-eb483dc68876`
+- [ ] Vanilla 1.21.11 - `3bed1bda-f648-4630-801a-fe9f2e3d3f27`
+- [ ] All The Mons - `668a5220-7e72-4379-9165-bdbb84bc9806`
+
+**North Carolina Node (NC1):**
+- [ ] The Ember Project - `124f9060-58a7-457a-b2cf-b4024fce2951`
+- [ ] Minecolonies: Create and Conquer - `a14201d2-83b2-44e6-ae48-e6c4cbc56f24`
+- [ ] All The Mods 10 - `82e63949-8fbf-4a44-b32a-53324e8492bf`
+- [ ] Homestead - `2f85d4ef-aa49-4dd6-b448-beb3fca1db12`
+- [ ] EMC Subterra Tech - `09a95f38-9f8c-404a-9557-3a7c44258223`
+
+**Excluded (Non-Minecraft):**
+- [ ] FoundryVTT (TX) - `7d8f15a0-4ee7-4dd6-85dc-ab42966f733d` - EXCLUDED
+- [ ] Hytale (NC) - `13c80cb8-f6f8-4bfe-9cdb-823d7e951584` - EXCLUDED
+
+---
+
+### 7. Network & Firewall
+
+- [ ] **Ghost VPS firewall rules checked**
+  - Port 80 (HTTP) open
+  - Port 443 (HTTPS) open
+  - Port 5001 does NOT need to be publicly accessible (internal only)
+  
+- [ ] **No port conflicts on 5001**
+  ```bash
+  # On Ghost VPS:
+  netstat -tuln | grep 5001
+  ```
+  - Should return nothing (port available)
+
+---
+
+### 8. SSL Certificate Preparation
+
+- [ ] **Certbot installed on Ghost VPS**
+  ```bash
+  certbot --version
+  ```
+  - If not installed: `apt install certbot python3-certbot-nginx`
+  
+- [ ] **Email for Let's Encrypt notifications:** `________________________`
+  - Used for certificate expiration warnings
+  - Recommendation: Use admin email
+
+---
+
+## 🎯 PRE-FLIGHT SUMMARY
+
+**When all checkboxes above are complete, you are ready to begin deployment.**
+
+**Time estimate:** 5-10 minutes to gather all prerequisites
+
+**Next step:** Begin deployment Phase 1 (Infrastructure Setup)
+
+See: `deployment-plan.md` for complete deployment procedure
+
+---
+
+## 🚨 TROUBLESHOOTING PREREQUISITES
+
+### Issue: Can't generate Pterodactyl API key
+- Verify you have admin access to Pterodactyl panel
+- Check with Meg if panel access needs updating
+- Alternative: Have Meg generate key and provide securely
+
+### Issue: Don't have Ghost VPS access
+- Verify SSH key is added to authorized_keys
+- Check firewall isn't blocking SSH (port 22)
+- Alternative: Work from Command Center if Ghost VPS unavailable
+
+### Issue: DNS changes not propagating
+- Wait 5-10 minutes for TTL expiration
+- Test with: `nslookup whitelist.firefrostgaming.com`
+- Clear local DNS cache if needed
+- Try from different network/device
+
+### Issue: Can't determine whitelist enforcement method
+- SSH to one Minecraft server
+- Try: `/whitelist on` in console
+- Check `server.properties` file for `white-list=` setting
+- Test on Vanilla 1.21.11 (safest server for testing)
+
+---
+
+## 📋 QUICK REFERENCE
+
+**Information to have ready during deployment:**
+
+1. Pterodactyl panel URL
+2. Pterodactyl API key (starts with `ptlc_...`)
+3. Ghost VPS IP address
+4. Admin username and password
+5. Email for SSL certificate
+6. Whitelist enforcement method (console/properties/variable)
+
+**Save this info in:** `/tmp/whitelist-manager-prereqs.txt` for easy access
+
+---
+
+**Fire + Frost + Foundation = Where Love Builds Legacy** 💙🔥❄️
+
+---
+
+**Document Status:** ACTIVE  
+**Ready to Deploy:** When all checkboxes complete