# Whitelist Manager - Prerequisites

**Task:** Whitelist Manager Web Dashboard  
**Document Type:** Prerequisites Checklist  
**Status:** ACTIVE  
**Last Updated:** 2026-02-16

---

## Before You Begin

This checklist covers everything you need to gather/prepare BEFORE starting the deployment.

---

## ✅ PREREQUISITE CHECKLIST

### 1. Pterodactyl Panel Access

- [ ] **Panel URL confirmed:** `________________________`
  - Likely: `https://panel.firefrostgaming.com` or similar
  
- [ ] **API Key generated**
  - Log into Pterodactyl panel
  - Navigate to: Account Settings → API Credentials
  - Create new key with description: "Whitelist Manager"
  - Permissions needed:
    - ✅ Read server details
    - ✅ Send console commands
    - ✅ Access server variables (if whitelist enforcement is a variable)
  
- [ ] **API key tested**
  ```bash
  curl -H "Authorization: Bearer YOUR_API_KEY" \
    https://panel.firefrostgaming.com/api/client
  ```
  - Should return your account details (confirms key works)

- [ ] **API key stored securely**
  - DO NOT commit to Git
  - Store in `.env` file (will create during deployment)
  - Backup in Vaultwarden after deployment

---

### 2. Ghost VPS Access

- [ ] **SSH credentials obtained**
  - IP address: `________________________`
  - Username: root (or other)
  - SSH key or password access
  
- [ ] **SSH access verified**
  ```bash
  ssh root@[ghost-vps-ip]
  ```
  - Can successfully connect
  
- [ ] **Server requirements met**
  - [ ] Python 3.9+ installed
  - [ ] Nginx installed and running
  - [ ] Port 5001 available (internal app port)
  - [ ] Sufficient disk space (≥1GB free)
  - [ ] Sufficient RAM (≥512MB free)

- [ ] **Nginx status confirmed**
  ```bash
  systemctl status nginx
  ```
  - Should be active and running

---

### 3. DNS Configuration

- [ ] **DNS provider access confirmed**
  - Cloudflare, Route53, or other
  - Can create/modify DNS records
  
- [ ] **A Record to create:**
  - **Name:** `whitelist.firefrostgaming.com`
  - **Type:** A
  - **Value:** [Ghost VPS IP Address]
  - **TTL:** 300 (5 minutes for testing, increase after deployment)
  - **Proxy:** Off (for initial setup)
  
- [ ] **Ghost VPS IP address confirmed:** `________________________`

---

### 4. Whitelist Enforcement Method

**Determine how Minecraft whitelist enforcement works on your servers:**

- [ ] **Option A: Console Commands** (Recommended)
  - `/whitelist on` to enable
  - `/whitelist off` to disable
  - No server restart required
  - **Check:** Test on one server to confirm
  
- [ ] **Option B: server.properties**
  - `white-list=true/false` in config file
  - Requires server restart to apply
  - More complex to automate
  
- [ ] **Option C: Pterodactyl Startup Variable**
  - Whitelist enabled/disabled via panel variable
  - Check Pterodactyl server settings
  
**Confirmed method:** ________________________

---

### 5. Authentication

- [ ] **Admin username chosen:** `________________________`
  - Recommendation: Use same username as Wiki.js Staff for consistency
  
- [ ] **Admin password chosen:** `________________________`
  - Strong password (16+ characters)
  - Mix of letters, numbers, symbols
  - Store in password manager
  
- [ ] **Additional staff users identified** (if needed):
  - User 1: `________________________`
  - User 2: `________________________`
  - User 3: `________________________`
  - Note: MVP supports only one admin user; multi-user is Phase 2

---

### 6. Server List Verification

**Confirm these 11 Minecraft servers are correct:**

**Texas Node (TX1):**
- [ ] Reclamation - `1eb33479-a6bc-4e8f-b64d-d1e4bfa0a8b4`
- [ ] Stoneblock 4 - `a0efbfe8-4b97-4a90-869d-ffe6d3072bd5`
- [ ] Society: Sunlit Valley - `9310d0a6-62a6-4fe6-82c4-eb483dc68876`
- [ ] Vanilla 1.21.11 - `3bed1bda-f648-4630-801a-fe9f2e3d3f27`
- [ ] All The Mons - `668a5220-7e72-4379-9165-bdbb84bc9806`

**North Carolina Node (NC1):**
- [ ] The Ember Project - `124f9060-58a7-457a-b2cf-b4024fce2951`
- [ ] Minecolonies: Create and Conquer - `a14201d2-83b2-44e6-ae48-e6c4cbc56f24`
- [ ] All The Mods 10 - `82e63949-8fbf-4a44-b32a-53324e8492bf`
- [ ] Homestead - `2f85d4ef-aa49-4dd6-b448-beb3fca1db12`
- [ ] EMC Subterra Tech - `09a95f38-9f8c-404a-9557-3a7c44258223`

**Excluded (Non-Minecraft):**
- [ ] FoundryVTT (TX) - `7d8f15a0-4ee7-4dd6-85dc-ab42966f733d` - EXCLUDED
- [ ] Hytale (NC) - `13c80cb8-f6f8-4bfe-9cdb-823d7e951584` - EXCLUDED

---

### 7. Network & Firewall

- [ ] **Ghost VPS firewall rules checked**
  - Port 80 (HTTP) open
  - Port 443 (HTTPS) open
  - Port 5001 does NOT need to be publicly accessible (internal only)
  
- [ ] **No port conflicts on 5001**
  ```bash
  # On Ghost VPS:
  netstat -tuln | grep 5001
  ```
  - Should return nothing (port available)

---

### 8. SSL Certificate Preparation

- [ ] **Certbot installed on Ghost VPS**
  ```bash
  certbot --version
  ```
  - If not installed: `apt install certbot python3-certbot-nginx`
  
- [ ] **Email for Let's Encrypt notifications:** `________________________`
  - Used for certificate expiration warnings
  - Recommendation: Use admin email

---

## 🎯 PRE-FLIGHT SUMMARY

**When all checkboxes above are complete, you are ready to begin deployment.**

**Time estimate:** 5-10 minutes to gather all prerequisites

**Next step:** Begin deployment Phase 1 (Infrastructure Setup)

See: `deployment-plan.md` for complete deployment procedure

---

## 🚨 TROUBLESHOOTING PREREQUISITES

### Issue: Can't generate Pterodactyl API key
- Verify you have admin access to Pterodactyl panel
- Check with Meg if panel access needs updating
- Alternative: Have Meg generate key and provide securely

### Issue: Don't have Ghost VPS access
- Verify SSH key is added to authorized_keys
- Check firewall isn't blocking SSH (port 22)
- Alternative: Work from Command Center if Ghost VPS unavailable

### Issue: DNS changes not propagating
- Wait 5-10 minutes for TTL expiration
- Test with: `nslookup whitelist.firefrostgaming.com`
- Clear local DNS cache if needed
- Try from different network/device

### Issue: Can't determine whitelist enforcement method
- SSH to one Minecraft server
- Try: `/whitelist on` in console
- Check `server.properties` file for `white-list=` setting
- Test on Vanilla 1.21.11 (safest server for testing)

---

## 📋 QUICK REFERENCE

**Information to have ready during deployment:**

1. Pterodactyl panel URL
2. Pterodactyl API key (starts with `ptlc_...`)
3. Ghost VPS IP address
4. Admin username and password
5. Email for SSL certificate
6. Whitelist enforcement method (console/properties/variable)

**Save this info in:** `/tmp/whitelist-manager-prereqs.txt` for easy access

---

**Fire + Frost + Foundation = Where Love Builds Legacy** 💙🔥❄️

---

**Document Status:** ACTIVE  
**Ready to Deploy:** When all checkboxes complete