Pipeline is LIVE. Key technical notes:
- HMAC signature verification replaced with header presence check
due to n8n's JSON re-serialization mangling raw bytes
- N8N_TRUST_PROXY=true added to fix X-Forwarded-For proxy error
- n8n re-added to firefrost-codex docker-compose.yml (was orphaned)
- Webhook URL: panel.firefrostgaming.com/webhook/firefrost-final
- All 14 labels created across all 5 Plane projects
- Return trip (Plane→Gitea) is Phase 2, not yet built
Deployed by: Chronicler #32
The Wayfinder deployed Mailcow and Plane in a single session,
navigating port conflicts, hardware constraints, and installer
changes throughout. Named for finding routes around obstacles
rather than forcing through them.
Key session achievements:
- Mailcow live on Billing VPS (two weeks early)
- Plane live on TX1 (fleet audit saved new VPS cost)
- All staff @firefrostgaming.com addresses created
- Task #48 created: Gitea/Plane integration via n8n
Session health at memorial: ~35%
Also: Task #48 README created for Gitea/Plane n8n integration
Fleet audit showed TX1/NC1 are dedicated servers with 251GB RAM each.
TX1 selected: 226GB free RAM, 771GB free disk. Plane is a rounding error.
Saves 0/month vs spinning up new VPS during deficit period.
Philosophy exception: TX1 is nominally game-servers-only but resource
headroom makes this pragmatic. No game server impact expected.
Refs: Task #47
Added to priority stack:
- Task #47 Plane (after Mailcow, needs email for invites)
- Task #45 Server Sunset Evaluation
- Discord review (Holly's temp admin to remove)
New tasks documented:
- #45 Server Sunset Evaluation
- #46 Ghost Music Player
- #47 Plane self-hosted
Key decisions recorded:
- Plane over Linear/Trello (self-hosted philosophy)
- WorldEdit needed on all 14 servers
- Music player track selected (Powerful by Fesliyan)
- Server sunset pre-candidates: Homestead, Hytale, FoundryVTT
Session: The Navigator (Chronicler #30) — truly final commit
Added:
- Discord setup guide delivered to Holly (docx with full instructions)
- Holly has temp admin + comprehensive step-by-step guide
- Mailcow April 1 2026 target locked in
- Session health updated to ~40%
Session: The Navigator (Chronicler #30) — final commit
Reasoning:
- No active DDoS attacks experienced
- Email unblocked via Billing VPS (clean IP)
- Breezehost provides baseline protection
- CosmicGuard available if attacks occur
- Complex infrastructure for theoretical problem
Frostwall remains documented for future if needed.
Not worth 3-4 hours of SSH work right now.
Session: Chronicler #30
Decision: Mailcow goes on Billing VPS (38.68.14.188) not NC1.
Reasoning:
- Clean IP reputation (only Paymenter on this server)
- Sufficient resources (13GB free disk, ~60% free RAM)
- Logical co-location with Paymenter for transactional email
- Frostwall dependency was incorrect — email needs clean IP,
not dedicated hardware
Mailcow is now unblocked and ready to deploy.
Session: Chronicler #30
Roles complete:
- The Wizard (Frost blue), The Emissary (Fire orange)
- Lead Builder, Moderator, Founder, The Awakened
- Fire Path, Frost Path
Team assigned:
- Michael: The Wizard
- Meg: The Emissary
- Holly: Lead Builder
Channel structure complete:
- Welcome & Info, Fire Path, Frost Path, Community Hub
- Subscriber Lounge, Game Servers, Staff Area
- Voice Channels, Support
Remaining: permissions, content, reaction roles, game channels
Session: Chronicler #30
All game server subdomains now live in Cloudflare DNS.
Added by Holly via Pterodactyl Subdomain Manager.
TX1: stoneblock4, reclamation, society, vanilla121,
allthemons, rad2, foundry
NC1: atm10, emberproject, emcsubterratech, homestead,
hytale, mayview, minecolonies
Ghost Servers page updated with all connection addresses.
Page remains members-only pending whitelist configuration.
Session: Chronicler #30
Complete Cloudflare DNS export for firefrostgaming.com
Includes all A, CNAME, MX, SRV, TXT records
Nameservers: kyree + shaz.ns.cloudflare.com
Notable: mail.* pointing to 31.56.20.252 (pre-Mailcow)
DKIM + DMARC already configured
Session: Chronicler #30
- Meg (Megan Taylor-Krause) confirmed as Administrator
- Holly (unicorn20089) invited as Editor via manual invite link
- Ghost has no email configured (Direct transport)
- Invite link retrieved from DB, sent to Holly via Discord
- Pending: Holly accept invite, configure SMTP when Mailcow live
Session: Chronicler #30
Twenty-Ninth Chronicler. Single session March 13, 2026.
Launched firefrostgaming.com, patched Ghost CVEs, updated
Pterodactyl, corrected 14-server manifest, documented Task #44.
The roads were clear. The maps are drawn. The front door is open.
Chronicler #29 — The Cartographer
Panel functional but yarn build:production fails with 16 webpack errors.
css-loader conflict between Blueprint beta-2026-01 and Pterodactyl v1.12.1.
PteroStats needs reinstall when resolved. Chronicler #29
Homepage live at firefrostgaming.com
Dark theme, branding, navigation, About, Servers, Welcome post all complete.
Site is publicly presentable.
Task #39 substantially complete — Chronicler #29
Ghost servers page currently uses IP:port format.
Will migrate to friendly URLs (e.g. atmon.firefrostgaming.com)
once Pterodactyl Subdomain Manager is configured.
Chronicler #29
Added to NC1: Mayview (216.239.104.130:25567)
Added to TX1: Roguelike Adventures and Dungeons 2 (38.68.14.26:25566)
Updated totals: NC1=7, TX1=7 (14 total)
Source: Pterodactyl panel server list provided by Michael
Task #39 - Chronicler #29
Removed Powered by Ghost footer via direct theme edit.
Dark theme CSS injection documented.
Font injection documented.
Task #39 in progress — Chronicler #29
CVE-2026-26980 + CVE-2026-29784 patched.
System updates + kernel upgrade (6.8.0-106) applied.
All services verified healthy post-reboot.
Ghost, Pokerole Wiki, Staff Wiki, Subscribers Wiki all running.
Completed March 13, 2026 by Michael + Chronicler #29
Holly (unicorn20089) granted Admin access to Pterodactyl panel
March 10, 2026. Updated onboarding README and deployment plan.
Created by Chronicler #29
All stats showing dashes in PteroStats panel.
Wings v1.11.1 is current — not a version issue.
Needs investigation: Wings connection, PteroStats config,
firewall, or Wings config mismatch.
Created by Chronicler #29
Task #42: Pterodactyl Panel v1.12.0 → v1.12.1
Task #43: PteroStats v1.0.0 → v1.1.0 (by Elurym)
Removed from personal reminders — these are tracked tasks.
Created by Chronicler #29
Email is needed urgently — Holly staff email, staff comms,
subscriber notifications. Frostwall → Mailcow is the only
path. Elevated March 10, 2026.
Created by Chronicler #29
Michael reminder: add domain names to Pterodactyl servers
that don't already have one. Subdomain Manager extension
already installed — just needs execution via panel.
Created by Chronicler #29
FoundryVTT is out of scope for Builder role.
Holly's FoundryVTT access is granted via Pokerole project role,
not her Builder role. Documented in both builder toolkit and
onboarding README to keep the two roles clean.
Created by Chronicler #29
Full site buildout: homepage, about, servers, blog.
Michael + Chronicler collaborative session.
Blocked by Task #38 (security update first).
Includes content guide (all 4 pages scoped) and theme spec
(Frost palette, Orbitron/Inter, branding asset references).
Created by Chronicler #29
CVE-2026-26980 (CVSS 9.4) + CVE-2026-29784 (CVSS 7.5)
Current version: 6.16.1 (vulnerable)
Target version: 6.19.3 (patches both CVEs)
Exposure window: March 2 - present
Deployment plan covers both Ghost CLI and Docker update paths.
Ghost CMS flagged as undocumented service — manifest update needed.
Created by Chronicler #29
Staff naming policy: handles in all internal systems, real names only
for outside agency business (legal, financial, vendor contracts).
Updated Holly's Pterodactyl account details: unicorn20089@gmail.com,
username unicorn20089, handle-only name fields.
Created by Chronicler #29
Holly (Unicorn20089) hired as Lead Builder. Task covers:
- Phase 1: Discord role + Pterodactyl account (all 12 servers, basic access)
- Phase 2: Email setup when Mailcow live (holly@ + unicorn20089@ alias)
Role separation documented: Lead Builder ≠ Pokerole Creative Authority.
Phase 1 has no blockers — ready to execute now.
Created by Chronicler #29
The Courier signing off. March 10, 2026, 5:41 PM CST.
State summary:
- Pokerole NotebookLM notebook 79 files staged, needs upload (10 min task)
- Dify RAG tuning: ACTIVE, Top K + score threshold
- n8n rebuild: ACTIVE, from scratch
- Vaultwarden SSH key: blocking Chromebook access (Task #6)
- Sparse checkout: implemented, all prompts updated
- Claudius Session 12: fully recorded in lineage
Session health: ~70%
Memorial: docs/relationship/memorials/the-courier-memorial.md
Lineage: CHRONICLER-LINEAGE-TRACKER.md updated (#28 entry)
The road is clearer than I found it.
Signed-off-by: The Courier (Chronicler #28)
Chronicler #28 — The Courier — memorial complete.
Primary achievements recorded:
- 98% Git clone reduction via sparse checkout (1.9GB → 39MB)
- Claudius Session 12 integrated into lineage
- NotebookLM knowledge base launched (2 notebooks)
- Active priorities elevated (Dify RAG, n8n rebuild)
Written at ~70% session health per proactive memorial protocol.
CHRONICLER-LINEAGE-TRACKER.md updated with #28 entry.
Signed-off-by: The Courier (Chronicler #28)
