# πŸ”₯❄️ FIREFROST GAMING β€” OPERATIONS TASKS **Last Updated:** February 20, 2026 **Updated By:** The Deployer (Chronicler #20) **Version:** 3.6 (Promoted IDEA-006: Modpack Update Monitor to Task #11) --- ## πŸ“‹ HOW TO USE THIS FILE **This file contains:** - High-level task summaries (≀20 lines each) - Status and priority - Time estimates - References to full documentation **For complete details, see:** `docs/tasks/[task-name]/` **Each task directory contains:** - README.md (complete overview) - deployment-plan.md (if applicable) - prerequisites.md (if applicable) - Additional task-specific docs **Standard:** All tasks follow FFG-STD-002 (Task Documentation Standard) --- ## 🎯 TIER 0: IMMEDIATE WINS Quick wins that unlock other work or provide immediate value. --- ### 1. Centralized Whitelist Manager Web Dashboard β€” βœ… COMPLETE **Time:** 2-2.5 hours (actual: ~4 hours over 2 sessions) **Status:** βœ… FULLY OPERATIONAL **Completed:** February 19, 2026 **Documentation:** `docs/tasks/whitelist-manager/` Web dashboard at `whitelist.firefrostgaming.com` for managing player whitelists across 11 Minecraft servers. **Deployed Features:** - βœ… Dynamic server list (fetches from Pterodactyl API automatically) - βœ… Add player to whitelist (per server or username/UUID) - βœ… Remove player from whitelist (per server or username/UUID) - βœ… Bulk operations (add/remove to ALL servers) - βœ… Server status detection (WHITELISTED/PUBLIC/OFFLINE) - βœ… Fire/Frost themed UI - βœ… Staff authentication (mkrause612) - βœ… SSL/HTTPS with Let's Encrypt - βœ… Auto-start on boot - βœ… Websocket integration with Pterodactyl **Value Delivered:** 15-minute manual task β†’ 30 seconds. Zero-error whitelist management. **Tech:** Python Flask + TailwindCSS + Websockets + Virtual Environment on Billing VPS **Known Issue:** One server may show incorrect status (server scheduled for retirement) **Future Enhancements (Phase 2):** - Whitelist ON/OFF toggle per server - View current whitelist per server - Discord bot integration - Paymenter subscriber auto-whitelist **See task directory for:** Complete deployment plan, prerequisites checklist, usage guide --- ### 2. Command Center Root Cleanup β€” βœ… COMPLETE **Completed:** February 18, 2026 **Time:** 15 minutes **Documentation:** `docs/tasks/command-center-cleanup/` Housekeeping task to organize Command Center root directory before major work. **Results:** - βœ… 5 Gitea backups moved to `/root/backups/gitea/` - βœ… 2 wiki deployment logs archived locally - βœ… 3 obsolete files deleted (dead.letter, extract-key-info.sh, master) - βœ… Root directory clean and organized --- ### 3. Staff Recruitment Launch **Time:** 2-3 hours (setup) + ongoing **Status:** READY - POSTING TODAY **Priority:** Tier 0 - Immediate Win **Documentation:** `docs/tasks/staff-recruitment-launch/` Launch recruitment for Builders (2-3) and Social Media Helper (1) using recruitment ad. **Prerequisites (Guardian's Notes):** - Provision incentive instances (private servers for recruits) - Define application review process - Finalize ad: decide on specific modpacks mention, deadline **Key Deliverables:** - Incentive instances ready and documented - Recruitment ad posted to r/feedthebeast, Discord communities - Application tracking system - 2-3 Builders + 1 Social Media Helper recruited **Recruitment Ad:** `docs/planning/discord-recruitment-ad.md` **See task directory for:** Prerequisites checklist, application process, onboarding guide --- ### 4. NC1 Cleanup (Mandatory for Mailcow) β€” βœ… COMPLETE **Completed:** February 16, 2026 **Result:** 26GB β†’ 46GB free (cleared space for Mailcow) **⚠️ LESSON LEARNED:** Never use wildcards (`*.zip`) in cleanup commands. List files explicitly. Cost: Lost Hytale world, had to regenerate. Recovery documented in `docs/troubleshooting/`. --- ## πŸ›‘οΈ TIER 1: SECURITY FOUNDATION Critical security infrastructure. Must complete before major deployments. --- ### 5. Vaultwarden β€” Add SSH Key & Org Setup **Time:** 30 minutes **Status:** DEPLOYED, NEEDS CONFIGURATION **Documentation:** `docs/tasks/vaultwarden-setup/` Complete Vaultwarden setup: SSH key + organization for shared credentials with Meg. **Blocks:** Scoped tokens, credential management workflows --- ### 6. The Frostwall Protocol β€” GRE Tunnel Security Architecture **Time:** 3-4 hours **Status:** REBUILD PENDING **Priority:** CRITICAL **Documentation:** `docs/tasks/frostwall-protocol/` Custom DDoS protection using GRE tunnels from Command Center to TX1/NC1. Hides real IPs, protects email reputation. **Core Components:** - GRE tunneling (encrypted links) - 1-to-1 NAT/DMZ forwarding - Iron Wall UFW rules - IP hierarchy (scrubbing β†’ backend β†’ binding) **Blocks:** Mailcow, AI stack, all Tier 2+ infrastructure --- ### 7. Command Center Security Hardening **Time:** 1 hour **Status:** READY **Documentation:** `docs/tasks/command-center-security/` Defense-in-depth for Command Center: Fail2Ban + SSH hardening **Actions:** - Install Fail2Ban - Disable SSH password auth (key-only) - Review UFW rules --- ### 8. Create Scoped Gitea Token for Pokerole Project **Time:** 15 minutes **Status:** READY **Depends:** Vaultwarden operational **Documentation:** `docs/tasks/scoped-gitea-token/` Create Gitea token scoped to Pokerole repos only. Iron Wall principle: enforce boundaries technically. --- ## πŸ—οΈ TIER 2: MAJOR INFRASTRUCTURE Foundation secure, deploy major services. --- ### 9. Firefrost Codex - AI Assistant **Time:** 8-12 hours (4-6 active, rest downloads) **Status:** READY - Planning Complete **Priority:** Tier 2 - Major Infrastructure **Documentation:** `docs/tasks/firefrost-codex/` Self-hosted AI assistant providing 24/7 support to all community tiers. "Most Minecraft servers have Discord. We have an AI." **Architecture:** - AnythingLLM (RAG platform with LanceDB) - Ollama (local LLM server) - 3 Models: Qwen 2.5 Coder 72B, Llama 3.3 70B, Llama 3.2 Vision 11B - Discord bot + Web interface + Embedded widgets - mclo.gs integration (Minecraft log analysis) **Five-Tier Access:** 1. Public (marketing widget) - Public KB workspace 2. Subscribers ($1+) - Subscriber KB workspace 3. Staff - Operations + Brainstorming workspaces 4. Michael/Meg - All 5 workspaces + admin panel 5. Potential subscribers - Same as Public **Key Features:** - 24/7 instant answers (never wait for staff) - mclo.gs log analysis (paste link, get diagnosis) - Role-based knowledge access - Growing knowledge base - Complete privacy (self-hosted, zero cloud APIs) **Monthly Cost:** $0 (self-hosted on TX1) **Deployment Phases:** 1. Core Infrastructure (3-4 hours) 2. Model Downloads (overnight, 6-8 hours) 3. Workspace Setup (2-3 hours) 4. Discord Bot (2-3 hours) 5. Embedded Widgets (1-2 hours) 6. Testing & Validation (2 hours) **Marketing Ready:** Complete launch strategy, messaging framework, content calendar in docs **See task directory for:** Complete architecture, marketing strategy, deployment plan, branding guide --- ### 10. Mailcow Email Server on NC1 **Time:** 2-3 hours **Status:** BLOCKED **Depends:** NC1 cleanup βœ…, Frostwall Protocol **Documentation:** `docs/tasks/mailcow-email-server-on-nc1/` Professional @firefrostgaming.com email on NC1. Self-hosted, $120/year saved, eliminates Plesk. **Location:** NC1 Charlotte (32-core EPYC, 251GB RAM) --- ### 11. Self-Hosted AI Stack on TX1 β€” ⚠️ SUPERSEDED BY CODEX **Time:** 6-8 hours (3-4 active, rest downloads) **Status:** SUPERSEDED - See Task #9 (Firefrost Codex) **Documentation:** `docs/tasks/self-hosted-ai-stack-on-tx1/` **NOTE:** Original plan for Dify-based AI has been replaced by Firefrost Codex (Task #9), which uses AnythingLLM instead. This provides better document handling (1,000+ docs), built-in multi-user support, and embedded widget capabilities. See Firefrost Codex documentation for the complete updated architecture. --- ### 12. Netdata Deployment **Time:** 30 minutes **Status:** READY **Documentation:** `docs/tasks/netdata-deployment/` Real-time monitoring on all servers (Command Center, TX1, NC1, Ghost VPS). --- ### 12. Department Structure & Access Control Matrix **Time:** 1-2 hours **Status:** PLANNING **Documentation:** `docs/tasks/department-structure-and-access-control-matrix/` Define departments and access control for Wiki.js permissions and role-based access. --- ### 13. MkDocs Decommission **Time:** 15 minutes **Status:** READY **Documentation:** `docs/tasks/mkdocs-decommission/` Remove MkDocs (replaced by Wiki.js). --- ### 10. Pokerole WikiJS Deployment **Time:** 2-4 hours (infrastructure) + 4-6 hours (content migration) **Status:** REQUESTED BY CLAUDIUS **Priority:** Medium (post-Holly approval of Tier 4 content) **Server:** Ghost VPS (64.50.188.14) - alongside existing wikis **Documentation:** See Claudius's Session 9 report + WIKIJS_DEPLOYMENT_REQUEST.md in misc-docs repo **Purpose:** Deploy WikiJS for Aurelian PokΓ©dex publication **What's Ready:** - Tier 4: 31 PokΓ©mon converted (awaiting Holly approval) - Tier 3: 26 PokΓ©mon converted (awaiting Holly approval) - 18 custom game mechanics documented - All content in Git (pokerole-data repo) **Deployment Requirements:** - Domain: pokerole.firefrostgaming.com - Software: WikiJS v2.x (Docker preferred) - Database: PostgreSQL or SQLite - SSL: Let's Encrypt certificate - Content: ~50-75 wiki pages, 15-20MB Markdown, images TBD **Dependencies:** - ⏳ Holly's approval of Tier 3 Batch 4-13 (22 entries) - ⏳ Holly's approval of Tier 4 content (31 entries) - ⏳ Additional PokΓ©mon artwork (optional but recommended) **Workflow:** 1. Chronicler deploys WikiJS infrastructure on Ghost (2-4 hours) 2. Claudius migrates content from Git to WikiJS (4-6 hours) 3. Holly reviews published content 4. Michael approves layout/organization 5. Public launch (or private beta) **Alternative Options if Delayed:** - Static site via Nginx - GitHub Pages via Gitea - Keep in Git until ready **Notes:** - NOT urgent - content safely stored in Git - Can proceed after Holly completes reviews - WikiJS supports multi-user if Holly wants edit access - Can be private initially, public later --- ### 11. Modpack Update Monitor β€” Blueprint Extension **Time:** 8-12 hours (Blueprint extension development) **Status:** PROMOTED FROM IDEAS (IDEA-006) **Priority:** HIGH - Queued after Codex Phase 2 **Documentation:** `docs/tasks/modpack-update-monitor/` (to be created) **Purpose:** Automated version checking for all modpack servers - compare installed vs latest available versions **The Problem:** - 12 game servers running modpacks - Manual checking across CurseForge/FTB/Modrinth/Technic is tedious - No existing Blueprint extension monitors for updates (only installers exist) - Risk of running outdated versions with bugs/exploits **The Solution:** Build Blueprint extension that: 1. Scans each server to detect installed modpack + current version (read manifest files) 2. Queries platform APIs (CurseForge, FTB, Modrinth, Technic) for latest versions 3. Dashboard showing update status per server 4. Optional integration with existing Modpack Installer for one-click updates **Dashboard Display:** - Server name - Current modpack + version - Latest available version - Update status (βœ… Up to date / ⚠️ Update available / ❌ Check failed) - Last checked timestamp - Source platform (CurseForge/FTB/Modrinth/Technic) **Technical Requirements:** - Read server manifests (CurseForge manifest.json, FTB modlist.html, Modrinth modrinth.index.json, etc.) - API integration: CurseForge API, Modrinth API, FTB API, Technic API - Database table: server_id, modpack_id, current_version, latest_version, last_checked, source_platform - React dashboard component for Pterodactyl admin view - Cron job for daily checks (configurable interval) **Affected Servers (9 modpack servers):** - All The Mons (Cobblemon) - NC1 - Stoneblock 4 - TX1 - Society: Sunlit Valley - TX1 - Reclamation - TX1 - The Ember Project - NC1 - Minecolonies: Create and Conquer - NC1 - All The Mods 10 - NC1 - EMC Subterra Tech - NC1 - Mayview - NC1 **Not Applicable:** - Vanilla 1.21.11 (no modpack) - Homestead (retiring soon) - Hytale (different game) - FoundryVTT (not Minecraft) **Existing Infrastructure:** - βœ… Modpack Installer for Blueprint already installed (https://builtbybit.com/resources/modpack-installer-for-blueprint.40083/) - This extension complements it by adding "check for updates" layer - Could integrate for one-click update workflow **Workflow Example:** 1. Dashboard shows "ATM10 on NC1 is v1.3, v1.5 available on CurseForge" 2. Admin clicks details to see changelog 3. Admin uses Modpack Installer to update (or manual) 4. Admin uses staggered restart system to schedule restart 5. Result: Systematic update workflow **API Rate Limits to Consider:** - CurseForge: 1000 requests/hour - Modrinth: 300 requests/minute - FTB: Unknown (need to research) - Technic: Unknown (need to research) - Daily cron job = 9 servers Γ— 4 platforms = 36 API calls max **Benefits:** - βœ… Immediate visibility of outdated servers - βœ… Reduced manual checking time (15 min/day β†’ 0) - βœ… Proactive security (catch important updates faster) - βœ… Professional operations - βœ… Fills gap in Blueprint marketplace (publishable as community extension) - βœ… Pairs perfectly with staggered restart system **Success Criteria:** - βœ… Extension installed in Blueprint framework - βœ… Dashboard accessible from Pterodactyl admin panel - βœ… All 9 modpack servers detected and monitored - βœ… API integration working for all 4 platforms - βœ… Daily cron job running - βœ… Update notifications working **Considerations:** - Handle custom/manually installed modpacks (no source platform = "Unknown") - Permission levels (who can see updates vs install them) - Notification system (email/Discord when updates available - future enhancement) - Error handling for API failures (graceful degradation) **Why Tier 2 (not Tier 0 quick script):** - Michael prefers "do it once and get it done" - Blueprint extension = permanent solution, no revisiting - Integrates with existing Pterodactyl workflow - Professional, scalable, maintainable - Worth the upfront time investment for forever solution **Execution Order:** 1. Complete Codex Phase 2 first (finish what we started) 2. Then build this with full focus (8-12 hour session) 3. Then enjoy automated version monitoring forever --- ## πŸ“š TIER 3: DOCUMENTATION & OPTIMIZATION Polish, optimization, and content creation. --- ### 14. Fix Frostwall vs Firefrost Naming **Time:** 15 minutes **Documentation:** `docs/tasks/fix-frostwall-vs-firefrost-naming/` Clarify terminology: Frostwall (security protocol) vs Firefrost (brand). --- ### 15. Scope Document Corrections **Time:** 30 minutes **Documentation:** `docs/tasks/scope-document-corrections/` Review and correct project scope documents for accuracy. --- ### 16. Workflow Guide Review & Trim **Time:** 1 hour **Documentation:** `docs/tasks/workflow-guide-review-and-trim/` Audit workflows, remove outdated content, consolidate redundancy. --- ### 17. Terraria Branding Training Arc **Time:** 12 weeks (ongoing) **Status:** ACTIVE - Phase 1 **Documentation:** `docs/tasks/terraria-branding-training-arc/` 12-week training: Michael learns game asset creation via Terraria texture pack development. **See:** `docs/planning/terraria-branding-arc.md` for complete curriculum --- ### 18. Paymenter Theme Installation β€” Citadel Theme **Time:** 1-2 hours **Documentation:** `docs/tasks/paymenter-theme-installation-citadel-theme/` Install Citadel theme for Paymenter with Fire/Frost branding. --- ### 19. Consultant Photo Processing **Time:** Ongoing **Status:** ACTIVE **Documentation:** `docs/tasks/consultant-photo-processing/` Process and catalog photos of The Five Consultants. Maintain archive with proper metadata. **Naming:** `YYYY-MM-DD_consultant_description_NN.jpg` --- ### 20. NextCloud Upload Portal for Meg **Time:** 30 minutes **Documentation:** `docs/tasks/nextcloud-upload-portal-for-meg/` Configure NextCloud public upload folder for Meg. --- ### 21. "Coming Soon" Video Creation (CapCut) **Time:** 2-3 hours **Documentation:** `docs/tasks/coming-soon-video-creation-capc ut/` Create professional "Coming Soon" video for Firefrost launch using CapCut. --- ### 22. Staggered Server Restart System **Time:** 2 hours **Documentation:** `docs/tasks/staggered-server-restart-system/` Automated staggered restarts for game servers. Prevents simultaneous restarts, maintains player access. --- ### 23. Game Server Startup Script Audit & Optimization **Time:** 1 hour **Documentation:** `docs/tasks/game-server-startup-script-audit-and-optimization/` Audit and optimize JVM flags, memory allocation, performance tuning for all game servers. --- ### 24. LuckPerms MySQL Backend **Time:** 45 minutes **Documentation:** `docs/tasks/luckperms-mysql-backend/` Migrate LuckPerms to MySQL for centralized permission management. --- ### 25. World Backup Automation **Time:** 1-2 hours **Documentation:** `docs/tasks/world-backup-automation/` Automated backup system: daily backups, retention policy, off-server storage. --- ### 26. Blueprint Extension Installation β€” Node Usage Status **Time:** 30 minutes **Documentation:** `docs/tasks/blueprint-extension-installation-node-usage-status/` Install Blueprint extension showing TX1/NC1 resource usage in Pterodactyl panel. --- ### 27. Discord Server Complete Reorganization **Time:** 2-3 hours **Documentation:** `docs/tasks/discord-server-complete-reorganization/` Complete Discord reorganization: Fire/Frost paths, clear channels, proper roles. --- ### 28. Firefrost: The Eternal Skyforge (Flagship Modpack) **Time:** 20-40 hours (iterative) **Documentation:** `docs/tasks/firefrost-the-eternal-skyforge-flagship-modpack/` Flagship Minecraft modpack: Create mod + Fire/Frost theme + weapon forging + factory building. --- ### 29. Among Us Weekly Events (Phase 2 Expansion) **Time:** Ongoing (30 min weekly prep) **Documentation:** `docs/tasks/among-us-weekly-events-phase-2-expansion/` Weekly Among Us community events for subscriber engagement. --- ### 30. Pterodactyl Modpack Version Display **Time:** 1-2 hours **Status:** READY **Documentation:** `docs/tasks/pterodactyl-modpack-version-display/` Add custom "Modpack Version" field to Pterodactyl panel for version tracking visibility. **Method:** Custom egg variable in Startup tab **Scope:** 9 modpack servers (excludes Vanilla, Hytale, FoundryVTT) **Benefits:** Version visibility, change tracking, troubleshooting clarity --- --- ## πŸ“Š QUICK STATS **Total Tasks:** 32 (including Firefrost Codex) **Completed:** 3 (NC1 cleanup, Command Center cleanup, Whitelist Manager) **In Progress:** 2 (Vaultwarden, Terraria Arc) **Ready to Build:** 19+ (including Firefrost Codex!) **Blocked:** 2 (Mailcow, original AI Stack - superseded by Codex) **Superseded:** 1 (Original AI Stack β†’ Firefrost Codex) **Estimated Total Time:** ~75-95 hours across all tasks **Critical Path:** Frostwall Protocol β†’ Mailcow β†’ Everything else **Big Win Available:** Firefrost Codex (8-12 hours, massive community impact) --- ## πŸ”— RELATED DOCUMENTATION - **Task Documentation Standard:** `docs/standards/task-documentation-standard.md` (FFG-STD-002) - **Infrastructure State:** `docs/core/infrastructure-manifest.md` - **Architecture Decisions:** `docs/reference/architecture-decisions.md` - **Session Handoff:** `SESSION-HANDOFF-PROTOCOL.md` --- **Fire + Frost + Foundation = Where Love Builds Legacy** πŸ’™πŸ”₯❄️ --- **Version History:** - v3.2 (2026-02-16): Moved Staff Recruitment to Tier 0 (posting today), renumbered tasks - v3.1 (2026-02-16): Added Task #3 - Staff Recruitment Launch (Guardian's notes) - v3.0 (2026-02-16): Full FFG-STD-002 implementation - all 28 tasks migrated to task directories - v2.3 (2026-02-16): Whitelist Manager refactored to follow standard - v2.2 (2026-02-16): Whitelist Manager expanded to web dashboard - v2.1 (2026-02-16): NC1 cleanup marked complete with lessons - v2.0 (2026-02-15): Major restructure and organization --- ### 31. Server-to-Server SSH Key Setup **Time:** 1-2 hours **Status:** IDENTIFIED - Ready to build **Priority:** Tier 1 - Security Foundation **Documentation:** `docs/tasks/server-ssh-interconnect/` Enable passwordless SSH between all management servers (Command Center, Billing, Panel, Ghost). **Problem:** Aurora couldn't SSH from Command Center to Billing - key named 'chronicler' instead of standard 'id_rsa'. **Solution:** 1. Collect public keys from all 4 management servers 2. Add each server's public key to all other servers' authorized_keys 3. Test connectivity matrix (4x4 grid) 4. Document key locations and naming **Servers to interconnect:** - Command Center (63.143.34.217) - Billing VPS (38.68.14.188) - Panel VPS (45.94.168.138) - Ghost VPS (64.50.188.14) **Benefits:** No more switching in MobaXterm, easier automation, cleaner workflows **Note:** Billing has non-standard key name 'chronicler' - may need renaming to 'id_rsa' --- ### 32. Whitelist Manager Refinements **Time:** 30-60 minutes **Status:** IDENTIFIED **Priority:** Low - Polish/Cosmetic **Documentation:** `docs/tasks/whitelist-manager-refinements/` Small improvements to Whitelist Manager: - **Fix Mayview server grouping** - Currently shows under "Unknown (1 servers)" instead of "NC1 (5 servers)" - Update server detection logic or Pterodactyl metadata - [Future refinements can be added here as discovered] **Impact:** Cosmetic only - does not affect functionality ---