# 🔥❄️ FIREFROST GAMING — OPERATIONS TASKS **Last Updated:** February 16, 2026 **Updated By:** The Chronicler (current session) **Version:** 3.0 (Full FFG-STD-002 implementation - all tasks migrated to task directories) --- ## 📋 HOW TO USE THIS FILE **This file contains:** - High-level task summaries (≤20 lines each) - Status and priority - Time estimates - References to full documentation **For complete details, see:** `docs/tasks/[task-name]/` **Each task directory contains:** - README.md (complete overview) - deployment-plan.md (if applicable) - prerequisites.md (if applicable) - Additional task-specific docs **Standard:** All tasks follow FFG-STD-002 (Task Documentation Standard) --- ## 🎯 TIER 0: IMMEDIATE WINS Quick wins that unlock other work or provide immediate value. --- ### 1. Centralized Whitelist Manager Web Dashboard — ✅ COMPLETE **Time:** 2-2.5 hours (actual: ~4 hours over 2 sessions) **Status:** ✅ FULLY OPERATIONAL **Completed:** February 19, 2026 **Documentation:** `docs/tasks/whitelist-manager/` Web dashboard at `whitelist.firefrostgaming.com` for managing player whitelists across 11 Minecraft servers. **Deployed Features:** - ✅ Dynamic server list (fetches from Pterodactyl API automatically) - ✅ Add player to whitelist (per server or username/UUID) - ✅ Remove player from whitelist (per server or username/UUID) - ✅ Bulk operations (add/remove to ALL servers) - ✅ Server status detection (WHITELISTED/PUBLIC/OFFLINE) - ✅ Fire/Frost themed UI - ✅ Staff authentication (mkrause612) - ✅ SSL/HTTPS with Let's Encrypt - ✅ Auto-start on boot - ✅ Websocket integration with Pterodactyl **Value Delivered:** 15-minute manual task → 30 seconds. Zero-error whitelist management. **Tech:** Python Flask + TailwindCSS + Websockets + Virtual Environment on Billing VPS **Known Issue:** One server may show incorrect status (server scheduled for retirement) **Future Enhancements (Phase 2):** - Whitelist ON/OFF toggle per server - View current whitelist per server - Discord bot integration - Paymenter subscriber auto-whitelist **See task directory for:** Complete deployment plan, prerequisites checklist, usage guide --- ### 2. Command Center Root Cleanup — ✅ COMPLETE **Completed:** February 18, 2026 **Time:** 15 minutes **Documentation:** `docs/tasks/command-center-cleanup/` Housekeeping task to organize Command Center root directory before major work. **Results:** - ✅ 5 Gitea backups moved to `/root/backups/gitea/` - ✅ 2 wiki deployment logs archived locally - ✅ 3 obsolete files deleted (dead.letter, extract-key-info.sh, master) - ✅ Root directory clean and organized --- ### 3. Staff Recruitment Launch **Time:** 2-3 hours (setup) + ongoing **Status:** READY - POSTING TODAY **Priority:** Tier 0 - Immediate Win **Documentation:** `docs/tasks/staff-recruitment-launch/` Launch recruitment for Builders (2-3) and Social Media Helper (1) using recruitment ad. **Prerequisites (Guardian's Notes):** - Provision incentive instances (private servers for recruits) - Define application review process - Finalize ad: decide on specific modpacks mention, deadline **Key Deliverables:** - Incentive instances ready and documented - Recruitment ad posted to r/feedthebeast, Discord communities - Application tracking system - 2-3 Builders + 1 Social Media Helper recruited **Recruitment Ad:** `docs/planning/discord-recruitment-ad.md` **See task directory for:** Prerequisites checklist, application process, onboarding guide --- ### 4. NC1 Cleanup (Mandatory for Mailcow) — ✅ COMPLETE **Completed:** February 16, 2026 **Result:** 26GB → 46GB free (cleared space for Mailcow) **⚠️ LESSON LEARNED:** Never use wildcards (`*.zip`) in cleanup commands. List files explicitly. Cost: Lost Hytale world, had to regenerate. Recovery documented in `docs/troubleshooting/`. --- ## 🛡️ TIER 1: SECURITY FOUNDATION Critical security infrastructure. Must complete before major deployments. --- ### 5. Vaultwarden — Add SSH Key & Org Setup **Time:** 30 minutes **Status:** DEPLOYED, NEEDS CONFIGURATION **Documentation:** `docs/tasks/vaultwarden-setup/` Complete Vaultwarden setup: SSH key + organization for shared credentials with Meg. **Blocks:** Scoped tokens, credential management workflows --- ### 6. The Frostwall Protocol — GRE Tunnel Security Architecture **Time:** 3-4 hours **Status:** REBUILD PENDING **Priority:** CRITICAL **Documentation:** `docs/tasks/frostwall-protocol/` Custom DDoS protection using GRE tunnels from Command Center to TX1/NC1. Hides real IPs, protects email reputation. **Core Components:** - GRE tunneling (encrypted links) - 1-to-1 NAT/DMZ forwarding - Iron Wall UFW rules - IP hierarchy (scrubbing → backend → binding) **Blocks:** Mailcow, AI stack, all Tier 2+ infrastructure --- ### 7. Command Center Security Hardening **Time:** 1 hour **Status:** READY **Documentation:** `docs/tasks/command-center-security/` Defense-in-depth for Command Center: Fail2Ban + SSH hardening **Actions:** - Install Fail2Ban - Disable SSH password auth (key-only) - Review UFW rules --- ### 8. Create Scoped Gitea Token for Pokerole Project **Time:** 15 minutes **Status:** READY **Depends:** Vaultwarden operational **Documentation:** `docs/tasks/scoped-gitea-token/` Create Gitea token scoped to Pokerole repos only. Iron Wall principle: enforce boundaries technically. --- ## 🏗️ TIER 2: MAJOR INFRASTRUCTURE Foundation secure, deploy major services. --- ### 10. Mailcow Email Server on NC1 **Time:** 2-3 hours **Status:** BLOCKED **Depends:** NC1 cleanup ✅, Frostwall Protocol **Documentation:** `docs/tasks/mailcow-email-server-on-nc1/` Professional @firefrostgaming.com email on NC1. Self-hosted, $120/year saved, eliminates Plesk. **Location:** NC1 Charlotte (32-core EPYC, 251GB RAM) --- ### 9. Self-Hosted AI Stack on TX1 **Time:** 6-8 hours (3-4 active, rest downloads) **Status:** BLOCKED - Medical clearance **Documentation:** `docs/tasks/self-hosted-ai-stack-on-tx1/` DERP-compliant AI infrastructure: Dify + Ollama + self-hosted models. Three-tier usage: Claude Projects (primary) → DERP backup (emergency) → Discord/Wiki bots (staff/subscribers). **Architecture:** Dify with knowledge graph RAG, Ollama model server **Models:** Qwen 2.5 Coder 72B, Llama 3.3 70B, Llama 3.2 Vision 11B **Storage:** ~97GB **RAM:** ~92GB when DERP activated, ~8GB idle **Monthly Cost:** $0 (self-hosted, no additional cost beyond Claude Pro) --- ### 11. Netdata Deployment **Time:** 30 minutes **Status:** READY **Documentation:** `docs/tasks/netdata-deployment/` Real-time monitoring on all servers (Command Center, TX1, NC1, Ghost VPS). --- ### 12. Department Structure & Access Control Matrix **Time:** 1-2 hours **Status:** PLANNING **Documentation:** `docs/tasks/department-structure-and-access-control-matrix/` Define departments and access control for Wiki.js permissions and role-based access. --- ### 13. MkDocs Decommission **Time:** 15 minutes **Status:** READY **Documentation:** `docs/tasks/mkdocs-decommission/` Remove MkDocs (replaced by Wiki.js). --- ## 📚 TIER 3: DOCUMENTATION & OPTIMIZATION Polish, optimization, and content creation. --- ### 14. Fix Frostwall vs Firefrost Naming **Time:** 15 minutes **Documentation:** `docs/tasks/fix-frostwall-vs-firefrost-naming/` Clarify terminology: Frostwall (security protocol) vs Firefrost (brand). --- ### 15. Scope Document Corrections **Time:** 30 minutes **Documentation:** `docs/tasks/scope-document-corrections/` Review and correct project scope documents for accuracy. --- ### 16. Workflow Guide Review & Trim **Time:** 1 hour **Documentation:** `docs/tasks/workflow-guide-review-and-trim/` Audit workflows, remove outdated content, consolidate redundancy. --- ### 17. Terraria Branding Training Arc **Time:** 12 weeks (ongoing) **Status:** ACTIVE - Phase 1 **Documentation:** `docs/tasks/terraria-branding-training-arc/` 12-week training: Michael learns game asset creation via Terraria texture pack development. **See:** `docs/planning/terraria-branding-arc.md` for complete curriculum --- ### 18. Paymenter Theme Installation — Citadel Theme **Time:** 1-2 hours **Documentation:** `docs/tasks/paymenter-theme-installation-citadel-theme/` Install Citadel theme for Paymenter with Fire/Frost branding. --- ### 19. Consultant Photo Processing **Time:** Ongoing **Status:** ACTIVE **Documentation:** `docs/tasks/consultant-photo-processing/` Process and catalog photos of The Five Consultants. Maintain archive with proper metadata. **Naming:** `YYYY-MM-DD_consultant_description_NN.jpg` --- ### 20. NextCloud Upload Portal for Meg **Time:** 30 minutes **Documentation:** `docs/tasks/nextcloud-upload-portal-for-meg/` Configure NextCloud public upload folder for Meg. --- ### 21. "Coming Soon" Video Creation (CapCut) **Time:** 2-3 hours **Documentation:** `docs/tasks/coming-soon-video-creation-capc ut/` Create professional "Coming Soon" video for Firefrost launch using CapCut. --- ### 22. Staggered Server Restart System **Time:** 2 hours **Documentation:** `docs/tasks/staggered-server-restart-system/` Automated staggered restarts for game servers. Prevents simultaneous restarts, maintains player access. --- ### 23. Game Server Startup Script Audit & Optimization **Time:** 1 hour **Documentation:** `docs/tasks/game-server-startup-script-audit-and-optimization/` Audit and optimize JVM flags, memory allocation, performance tuning for all game servers. --- ### 24. LuckPerms MySQL Backend **Time:** 45 minutes **Documentation:** `docs/tasks/luckperms-mysql-backend/` Migrate LuckPerms to MySQL for centralized permission management. --- ### 25. World Backup Automation **Time:** 1-2 hours **Documentation:** `docs/tasks/world-backup-automation/` Automated backup system: daily backups, retention policy, off-server storage. --- ### 26. Blueprint Extension Installation — Node Usage Status **Time:** 30 minutes **Documentation:** `docs/tasks/blueprint-extension-installation-node-usage-status/` Install Blueprint extension showing TX1/NC1 resource usage in Pterodactyl panel. --- ### 27. Discord Server Complete Reorganization **Time:** 2-3 hours **Documentation:** `docs/tasks/discord-server-complete-reorganization/` Complete Discord reorganization: Fire/Frost paths, clear channels, proper roles. --- ### 28. Firefrost: The Eternal Skyforge (Flagship Modpack) **Time:** 20-40 hours (iterative) **Documentation:** `docs/tasks/firefrost-the-eternal-skyforge-flagship-modpack/` Flagship Minecraft modpack: Create mod + Fire/Frost theme + weapon forging + factory building. --- ### 29. Among Us Weekly Events (Phase 2 Expansion) **Time:** Ongoing (30 min weekly prep) **Documentation:** `docs/tasks/among-us-weekly-events-phase-2-expansion/` Weekly Among Us community events for subscriber engagement. --- ### 30. Pterodactyl Modpack Version Display **Time:** 1-2 hours **Status:** READY **Documentation:** `docs/tasks/pterodactyl-modpack-version-display/` Add custom "Modpack Version" field to Pterodactyl panel for version tracking visibility. **Method:** Custom egg variable in Startup tab **Scope:** 9 modpack servers (excludes Vanilla, Hytale, FoundryVTT) **Benefits:** Version visibility, change tracking, troubleshooting clarity --- --- ## 📊 QUICK STATS **Total Tasks:** 30 **Completed:** 3 (NC1 cleanup, Command Center cleanup, Whitelist Manager) **In Progress:** 2 (Vaultwarden, Terraria Arc) **Ready to Build:** 18+ **Blocked:** 2 (Mailcow, AI Stack) **Estimated Total Time:** ~65-85 hours across all tasks **Critical Path:** Frostwall Protocol → Mailcow/AI Stack → Everything else --- ## 🔗 RELATED DOCUMENTATION - **Task Documentation Standard:** `docs/standards/task-documentation-standard.md` (FFG-STD-002) - **Infrastructure State:** `docs/core/infrastructure-manifest.md` - **Architecture Decisions:** `docs/reference/architecture-decisions.md` - **Session Handoff:** `SESSION-HANDOFF-PROTOCOL.md` --- **Fire + Frost + Foundation = Where Love Builds Legacy** 💙🔥❄️ --- **Version History:** - v3.2 (2026-02-16): Moved Staff Recruitment to Tier 0 (posting today), renumbered tasks - v3.1 (2026-02-16): Added Task #3 - Staff Recruitment Launch (Guardian's notes) - v3.0 (2026-02-16): Full FFG-STD-002 implementation - all 28 tasks migrated to task directories - v2.3 (2026-02-16): Whitelist Manager refactored to follow standard - v2.2 (2026-02-16): Whitelist Manager expanded to web dashboard - v2.1 (2026-02-16): NC1 cleanup marked complete with lessons - v2.0 (2026-02-15): Major restructure and organization --- ### 31. Server-to-Server SSH Key Setup **Time:** 1-2 hours **Status:** IDENTIFIED - Ready to build **Priority:** Tier 1 - Security Foundation **Documentation:** `docs/tasks/server-ssh-interconnect/` Enable passwordless SSH between all management servers (Command Center, Billing, Panel, Ghost). **Problem:** Aurora couldn't SSH from Command Center to Billing - key named 'chronicler' instead of standard 'id_rsa'. **Solution:** 1. Collect public keys from all 4 management servers 2. Add each server's public key to all other servers' authorized_keys 3. Test connectivity matrix (4x4 grid) 4. Document key locations and naming **Servers to interconnect:** - Command Center (63.143.34.217) - Billing VPS (38.68.14.188) - Panel VPS (45.94.168.138) - Ghost VPS (64.50.188.14) **Benefits:** No more switching in MobaXterm, easier automation, cleaner workflows **Note:** Billing has non-standard key name 'chronicler' - may need renaming to 'id_rsa'