firefrost-gaming/firefrost-operations-manual
3
0
Fork 0
Code Issues 146 Pull Requests Packages Projects Releases Wiki Activity

Task #67: NC1 Security & Temperature Monitoring #216

New Issue
Closed
opened 2026-03-21 02:34:11 -05:00 by mkrause612 · 1 comment
mkrause612 commented 2026-03-21 02:34:11 -05:00
Owner
Copy Link

Task #67: NC1 Security & Temperature Monitoring

Time Estimate: 30 min (firewall) + ongoing (monitoring)

Documentation: docs/tasks/ (see operations manual)

Time: 30 min (firewall) + ongoing (monitoring)
Status: IN PROGRESS — Firewall complete, monitoring planned
Priority: MEDIUM-HIGH
Documentation: docs/tasks/nc1-security-monitoring/

Address two concerns discovered during Cockpit deployment: NC1 Charlotte had no firewall despite hosting 7 public game servers, and runs 20°C warmer than TX1 Dallas (51.6°C vs 30.9°C).

Firewall Component — COMPLETE:

  • UFW enabled on NC1 Charlotte
  • Proper game server port rules (25565-25580, 5520-5521 TCP/UDP)
  • Wings SFTP secured (port 2022)
  • SSH and Cockpit accessible (ports 22, 9090)
  • Completed: March 21, 2026

Temperature Monitoring Component — PLANNED:

  • Establish baseline (Week 1): Daily temperature checks via Cockpit
  • Trend analysis (Week 2): Compare baseline, look for upward trends
  • Action thresholds: 65°C sustained = contact datacenter, 70°C = immediate investigation
  • Future: Automated monitoring via Netdata with Discord alerts

Safe Operating Ranges:

  • Normal idle: 30-45°C
  • Normal load: 45-65°C
  • Concerning: 70°C+
  • Critical: 80-85°C+

Current Assessment:

  • NC1 at 51.6°C is within safe range but warmer than expected
  • Needs weekly monitoring for upward trends
  • Not urgent but requires tracking

Dependencies:

  • Cockpit access for temperature checks (Task #66 — complete)
  • Netdata deployment (future) for automated monitoring

Discovered By: The Chronicler (Session 37) during Cockpit deployment

Source: docs/core/tasks.md (Task #67)

### Task #67: NC1 Security & Temperature Monitoring **Time Estimate:** 30 min (firewall) + ongoing (monitoring) **Documentation:** `docs/tasks/` (see operations manual) --- **Time:** 30 min (firewall) + ongoing (monitoring) **Status:** IN PROGRESS — Firewall complete, monitoring planned **Priority:** MEDIUM-HIGH **Documentation:** `docs/tasks/nc1-security-monitoring/` Address two concerns discovered during Cockpit deployment: NC1 Charlotte had no firewall despite hosting 7 public game servers, and runs 20°C warmer than TX1 Dallas (51.6°C vs 30.9°C). **Firewall Component — ✅ COMPLETE:** - UFW enabled on NC1 Charlotte - Proper game server port rules (25565-25580, 5520-5521 TCP/UDP) - Wings SFTP secured (port 2022) - SSH and Cockpit accessible (ports 22, 9090) - Completed: March 21, 2026 **Temperature Monitoring Component — PLANNED:** - Establish baseline (Week 1): Daily temperature checks via Cockpit - Trend analysis (Week 2): Compare baseline, look for upward trends - Action thresholds: 65°C sustained = contact datacenter, 70°C = immediate investigation - Future: Automated monitoring via Netdata with Discord alerts **Safe Operating Ranges:** - Normal idle: 30-45°C - Normal load: 45-65°C - Concerning: 70°C+ - Critical: 80-85°C+ **Current Assessment:** - NC1 at 51.6°C is within safe range but warmer than expected - Needs weekly monitoring for upward trends - Not urgent but requires tracking **Dependencies:** - Cockpit access for temperature checks (Task #66 — complete) - Netdata deployment (future) for automated monitoring **Discovered By:** The Chronicler (Session 37) during Cockpit deployment --- --- **Source:** `docs/core/tasks.md` (Task #67)
mkrause612 commented 2026-04-01 18:16:09 -05:00
Author
Owner
Copy Link

This issue is being closed as part of the task system migration on April 1, 2026.

Why: The Gitea Issues + Kanban approach proved too heavyweight for daily operations and lacked accessibility for non-technical team members (Meg, Holly).

New System:

  • BLOCKERS.md - Critical soft launch tasks
  • BACKLOG.md - Future work organized by theme
  • Trinity Console v2 Task Module (planned) - Web-based task management

Archive: All issues preserved in docs/archive/gitea-issues-archive-2026-04-01.md

— Chronicler #54

This issue is being closed as part of the task system migration on April 1, 2026. **Why:** The Gitea Issues + Kanban approach proved too heavyweight for daily operations and lacked accessibility for non-technical team members (Meg, Holly). **New System:** - `BLOCKERS.md` - Critical soft launch tasks - `BACKLOG.md` - Future work organized by theme - Trinity Console v2 Task Module (planned) - Web-based task management **Archive:** All issues preserved in `docs/archive/gitea-issues-archive-2026-04-01.md` — Chronicler #54
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
area/automation
n8n workflows and automation
 area/billing
Paymenter billing system
 area/development-tools
Internal tools for workflow automation and team productivity
 area/email
Mailcow email system
 area/game-servers
Minecraft or other game servers
 area/networking
Network infrastructure and configuration
 area/operations
General operations and documentation
 area/panel
Pterodactyl Panel
 area/website
Ghost CMS website
 area/wings
Pterodactyl Wings
 duplicate
This issue is a duplicate of another issue
 for/holly
Assigned to Holly (unicorn20089)
 for/meg
Assigned to Meg (GingerFury)
 for/michael
Assigned to Michael (Frostystyle)
 good-first-issue
Good for newcomers
 help-wanted
Extra attention needed
 needs-board-sync
New issue needs to be added to project board
 operations
priority
critical
Emergency — immediate attention required
priority
high
Important — address soon
priority
low
Nice to have, not urgent
priority
medium
Normal priority
status
backlog
Not yet started, in backlog
status
blocked
Cannot proceed, blocked by dependency
status
done
Completed and closed
status
in-progress
Currently being worked on
status
review
Work complete, awaiting review
status
to-do
Ready to start, in queue
type
bug
Something isn't working
type
docs
Documentation improvements or additions
type
feature
New feature or enhancement request
type
infrastructure
Infrastructure, deployment, or DevOps work
type
refactor
Code refactoring or technical debt
type
task
General task or work item
wont-do
This will not be worked on
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
Gingerfury Unicorn20089 mkrause612
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: firefrost-gaming/firefrost-operations-manual#216
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?