firefrost-operations-manual/docs/core/tasks.md

🔥❄️ TASK SYSTEM MIGRATION NOTICE

Date: April 1, 2026
By: Chronicler #54
Status: SYSTEM REPLACED

---

⚠️ THIS FILE IS DEPRECATED

The task system has been migrated to a simpler, more maintainable structure.

New System (Effective April 1, 2026):

📍 BLOCKERS.md (repo root)

• Soft launch critical tasks ONLY
• ~4 tasks, ~8-11 hours of work
• Updated frequently
• Single source of truth for launch readiness

📍 BACKLOG.md (repo root)

• Everything else, organized by theme
• No priorities, no burndown
• Parking lot for future work

Why We Changed:

The old system had:

• 97 task entries (8 duplicates)
• Inconsistent priority definitions
• Heavyweight maintenance burden
• Not accessible to non-technical team (Meg, Holly)
• Gitea Issues + Kanban unused and abandoned

The new system has:

• Clear focus (4 blockers vs 89 items)
• Simple markdown (easy to update)
• Non-technical friendly (planning Trinity Console v2 Task Module)
• Actually maintained

---

📁 ARCHIVES

Historical tasks: docs/archive/tasks-historical-march-30-2026.md (this file's old content)
Gitea issues: docs/archive/gitea-issues-archive-2026-04-01.md (50 closed issues)

These archives preserve all historical context and decisions.

---

🎯 WHAT TO DO NOW

Looking for:

• Soft launch blockers? → See /BLOCKERS.md
• Future work ideas? → See /BACKLOG.md
• Historical context? → See archives above
• Task tracking for Trinity? → Trinity Console v2 (planned)

---

Fire + Frost + Foundation = Where Love Builds Legacy 🔥❄️

Last updated: April 1, 2026 by Chronicler #54

---

🚨 CRITICAL PRIORITY SHIFT (March 30, 2026)

Previous Focus: Infrastructure perfection, helper tools, content creation
New Focus: SHIP THE SUBSCRIPTION SYSTEM

Reality Check:

• 88 tasks documented
• Only 7 block soft launch
• Been building for "children not yet born" but need revenue NOW

New Philosophy:

"Ship first, polish later. Revenue enables everything else."

Soft Launch Target: April 15, 2026 (15 days)

See: docs/planning/task-reprioritization-march-30-2026.md for complete analysis

---

📋 HOW TO USE THIS FILE

This file contains:

• High-level task summaries (≤20 lines each)
• NEW: Tasks organized by soft launch criticality
• Status and priority
• Time estimates
• References to full documentation

For complete details, see: docs/tasks/[task-name]/

Each task directory contains:

• README.md (complete overview)
• deployment-plan.md (if applicable)
• prerequisites.md (if applicable)
• Additional task-specific docs

Standard: All tasks follow FFG-STD-002 (Task Documentation Standard)

---

🎯 TIER S: SOFT LAUNCH BLOCKERS

Definition: Cannot accept first subscriber payment without these tasks complete.

Total Time: ~24-32 hours of focused work
Target: Complete by April 15, 2026

---

87. Arbiter 2.1 - Subscription Cancellation & Grace Period System

Time: 4-6 hours implementation + 2 hours Paymenter research
Status: 🚨 ARCHITECTURE VALIDATED — HIGHEST PRIORITY
Priority: Tier S — ABSOLUTE BLOCKER
Documentation: docs/tasks/arbiter-2-1-cancellation-flow/

WHY THIS BLOCKS SOFT LAUNCH: We have subscription onboarding (Arbiter 2.0) but NO offboarding process. Cannot legally/ethically accept subscriber payments without defining cancellation flow, payment failure handling, and grace periods.

Architecture validated by Gemini AI (March 30, 2026). All code blocks ready to implement.

Key Deliverables:

• Payment failure → 3-day grace → auto-downgrade to Awakened (permanent)
• Chargeback → immediate permanent ban
• Multi-tier support (permanent + monthly)
• Email reminders (Day 0, 1, 2, 3)
• 4 AM daily cleanup job
• Webhook handlers for all subscription events

Blocks: EVERYTHING subscription-related
Blocked By: Paymenter webhook event research (2 hours when home)

Next Steps:

1. Research Paymenter webhook events (when home)
2. Decide: Paymenter vs Stripe webhooks
3. Implement database enhancements
4. Build webhook handlers
5. Test Stripe retry scenario

---

52. Ghost CMS Homepage (subset of Task #13)

Time: 2-3 hours
Status: 🚨 CONTENT READY — NEEDS IMPLEMENTATION
Priority: Tier S — SOFT LAUNCH BLOCKER
Documentation: docs/planning/ideas/features/ghost-homepage-content.md

WHY THIS BLOCKS SOFT LAUNCH: firefrostgaming.com is the front door. Cannot market, cannot drive traffic, cannot convert visitors without homepage. All subscription funnels start here.

Content Status: ✅ COMPLETE and ready to implement

• Hero section written
• Path selection (Fire/Frost) designed
• Origin story drafted
• Value propositions documented
• CTA buttons specified

Implementation:

1. Open Ghost Admin → Pages → Home
2. Paste 6 HTML sections from ghost-homepage-content.md
3. Apply mobile fix (Task #88, 5 minutes)
4. Publish
5. Verify desktop + mobile

Blocks: All marketing, subscriber funnel, soft launch announcement
Blocked By: Nothing (ready to build NOW)

---

71. Paymenter Tier Configuration

Time: 1-2 hours
Status: 🚨 STRUCTURE DOCUMENTED — NEEDS CONFIGURATION
Priority: Tier S — SOFT LAUNCH BLOCKER
Documentation: docs/planning/subscription-tiers.md

WHY THIS BLOCKS SOFT LAUNCH: Cannot accept payments without products configured in Paymenter. Need all 6 tiers ready for checkout.

Tier Structure (finalized):

• Awakened: $1 one-time (permanent)
• Elemental: $5/month
• Knight: $10/month
• Master: $15/month
• Legend: $20/month
• Sovereign: $499 one-time (lifetime)

Configuration Steps:

1. Paymenter Admin → Products → Create
2. Configure each tier (name, price, type, description)
3. Set up Stripe products/prices
4. Link to Discord roles (via Arbiter webhook)
5. Test checkout flow
6. Verify webhook delivery

Blocks: Accepting any subscriber payments
Blocked By: Nothing (can configure immediately)

---

69. Ghost Website Core Pages (subset of Task #13)

Time: 3-4 hours
Status: 🚨 NOT STARTED — LEGAL RISK
Priority: Tier S — SOFT LAUNCH BLOCKER
Documentation: None (needs creation)

WHY THIS BLOCKS SOFT LAUNCH: Accepting payments without Terms of Service and Privacy Policy is legal liability. Required before taking money.

Pages Needed:

1. Terms of Service (1.5 hours)

   • Subscription terms
   • Cancellation policy
   • Refund policy (none for digital goods)
   • Account termination clause
   • Age requirements (13+)

2. Privacy Policy (1.5 hours)

   • Data collection (email, Discord ID, payment info)
   • Data usage (account management, communication)
   • Third-party services (Stripe, Discord)
   • GDPR compliance
   • Data deletion requests

3. How to Join (30 minutes)

   • Step-by-step subscription guide
   • Path selection explanation
   • Discord linking instructions
   • Server access walkthrough

4. Contact Page (30 minutes)

   • Support email
   • Discord link
   • Response time expectations

Blocks: Legal exposure on accepting payments
Blocked By: Nothing (can write immediately)

Note: Can use ChatGPT/Gemini to draft boilerplate, then customize for Firefrost.

---

83. Paymenter → Pterodactyl Auto-Provisioning Integration

Time: 4-6 hours
Status: OPTIONS DOCUMENTED — NEEDS RESEARCH
Priority: Tier S — OPERATIONAL BLOCKER (not legal blocker)
Documentation: docs/tasks/paymenter-pterodactyl-integration/

WHY THIS BLOCKS SOFT LAUNCH: Manual server creation for every subscriber doesn't scale. Can survive 5-10 test subscribers manually, but need automation before public launch.

Current Process (MANUAL):

1. Subscriber pays in Paymenter
2. Michael manually creates Pterodactyl server
3. Michael manually assigns to user
4. Hours/days delay

Desired Process (AUTOMATED):

1. Subscriber pays → Paymenter webhook
2. Arbiter creates Pterodactyl server automatically
3. Assigns to user
4. Instant access

Four Implementation Options (priority order):

1. Native Paymenter Pterodactyl extension (if exists)
2. Blueprint marketplace module
3. n8n workflow bridge (Command Center)
4. Custom webhook script in Arbiter

Next Steps:

1. Research Paymenter extension marketplace (1 hour)
2. Test Blueprint Pterodactyl provisioning module (1 hour)
3. Evaluate n8n feasibility (1 hour)
4. Implement chosen solution (2-3 hours)

Blocks: Scaling past 10 subscribers
Blocked By: Research phase (which option to use)

Can Soft Launch Without: YES (manual provisioning for first 10 users acceptable)

---

88. Ghost CMS Homepage - Mobile Responsive Fix

Time: 5-10 minutes
Status: ✅ CSS READY — JUST NEEDS PASTE
Priority: Tier S — TRIVIAL TIME INVESTMENT
Documentation: docs/planning/ideas/features/ghost-homepage-mobile-fix.css

WHY THIS SHOULD BE DONE NOW: Mobile users are 40-60% of web traffic. Homepage looking broken on mobile kills conversions. Fix takes 5 minutes.

Problem: Content cut off on right side of mobile screens

Solution: Paste CSS into Ghost Code Injection

Steps:

1. Ghost Admin → Settings → Code Injection
2. Paste CSS from ghost-homepage-mobile-fix.css into Site Header
3. Save
4. Test on mobile

Impact: Professional mobile experience with ~5 minutes of work

Blocks: Nothing (but improves conversion rate)
Blocked By: Nothing (ready to apply NOW)

Recommendation: Do this TONIGHT from your phone at the party. Takes 2 minutes.

---

85. Paymenter Support Page → Discord Redirect

Time: 30 minutes
Status: SIMPLE REDIRECT — NOT STARTED
Priority: Tier S — POLISH
Documentation: None (trivial task)

WHY THIS MATTERS: All support happens in Discord. Don't want tickets split between Paymenter and Discord. Redirect ensures single support channel.

Current State: Paymenter has built-in support ticket system

Desired State: Support button → redirects to firefrostgaming.com/discord

Implementation:

1. Paymenter Admin → Settings → Support
2. Disable built-in ticketing
3. Add redirect to Discord
4. Update "Get Support" links across site

Blocks: Nothing (quality of life)
Blocked By: Nothing

Recommendation: Do right after Paymenter tier configuration (same session)

---

🟡 TIER A: HIGH PRIORITY (Should complete before soft launch)

Post-launch tasks that significantly improve operations but aren't strict blockers. Time: 1-2 hours
Status: TOP PRIORITY — unblocks Holly immediately
Priority: Tier 0 — Immediate Win
Documentation: docs/tasks/builder-rank-holly-setup/

Install LuckPerms, create the Builder staff rank, assign it to Holly (unicorn20089) on all 12 servers, and ensure her full builder toolkit is available (WorldEdit, VoxelSniper, builder permissions).

Key Deliverables:

• LuckPerms installed on all 12 servers
• Builder rank created with full permissions (WorldEdit, gamemode, chunk bypass, generous homes)
• Holly assigned Builder rank on all 12 servers
• Builder toolkit verified per server (WorldEdit/Axiom, VoxelSniper)
• Builder chat prefix configured (🔨 Builder — Amber Gold)

Dependencies:

• Requires SSH to TX1 and NC1 game servers
• Ideally paired with Task #41 (MySQL backend) but can run per-server if urgent

See task directory for complete deployment plan and builder toolkit reference.

---

2. Rank System Deployment — Full Network Automation

Time: 6-8 hours (1-2 sessions)
Status: TOP PRIORITY
Priority: Tier 1 — Critical Infrastructure
Documentation: docs/tasks/rank-system-deployment/

Deploy the complete LuckPerms rank system across all 12 servers — subscriber tiers (Awakened through Sovereign), staff ranks, MySQL backend for network-wide sync, and full Paymenter → Discord → LuckPerms automation. Rank structure is fully designed and ready to execute.

Key Deliverables:

• LuckPerms on MySQL backend (all 12 servers, single source of truth)
• All subscriber ranks (awakened → sovereign) with correct permissions, prefixes, FTB integration
• Staff ranks (builder, moderator, admin, owner)
• Discord role → LuckPerms group sync automated
• Paymenter webhook → Discord → in-game rank flow end-to-end

Dependencies:

• Task #40 (Builder rank) can run ahead of this
• Task #6 (Vaultwarden) for secure DB credential storage
• Paymenter webhook config
• Discord bot token

Source: Full rank structure documented in docs/archive/2026-02-09-consolidation/luckperms-structure.md

See task directory for complete deployment plan.

---

3. Pterodactyl Panel Update

Time: 15 minutes
Status: ✅ COMPLETE — March 13, 2026
Priority: Tier 0 — Quick Win
Documentation: docs/tasks/pterodactyl-panel-update/

Update Pterodactyl Panel from v1.12.0 to v1.12.1. Noted March 10, 2026.

Dependencies: Panel VPS SSH access (45.94.168.138)

---

4. PteroStats Extension Update

Time: 15 minutes
Status: ✅ COMPLETE — March 13, 2026
Priority: Tier 0 — Quick Win
Documentation: docs/tasks/pterostats-extension-update/

Update PteroStats extension (by Elurym) from v1.0.0 to v1.1.0. Noted March 10, 2026.

Dependencies: Panel VPS SSH access (45.94.168.138)

---

5. NC1 Node Usage Stats Not Reporting

Time: 30-60 minutes
Status: NEEDS INVESTIGATION
Priority: Tier 0 — Quick Win
Documentation: docs/tasks/nc1-node-usage-stats/

NC1 (North Carolina) node shows all dashes in Node Usage Stats — CPU, RAM, Disk, Swap, Disk I/O, Network all blank. Wings daemon is current (v1.11.1) so version mismatch is not the cause.

Likely causes to investigate:

• Wings daemon not running or not connected to panel
• PteroStats extension misconfigured on NC1
• Firewall blocking Wings → Panel communication
• Wings config pointing to wrong panel URL/token

Key info from screenshot:

• Daemon: v1.11.1 (latest: v1.11.1) — up to date
• Disk allocated: 228,992 / 750,000 MiB
• Memory allocated: 100,352 / 256,000 MiB
• Total servers: 7
• Node Usage Stats section: all dashes

Dependencies: SSH to NC1 (216.239.104.130)

---

6. Ghost CMS Security Update — ✅ COMPLETE

Time: 15-30 minutes (actual: ~20 minutes)
Status: COMPLETE — March 13, 2026
Priority: Tier 0 — Critical Security
Documentation: docs/tasks/ghost-security-update/

Ghost CMS at firefrostgaming.com is running v6.16.1, vulnerable to two active CVEs. No workaround exists — must update to 6.19.3.

CVEs:

• CVE-2026-26980 (CVSS 9.4 Critical) — SQL injection in Content API, unauthenticated DB read
• CVE-2026-29784 (CVSS 7.5 High) — CSRF account takeover via session/verify endpoint

Key Deliverables:

• Ghost updated to v6.19.3 on Ghost VPS (64.50.188.14)
• Site verified operational post-update
• Infrastructure manifest updated (Ghost CMS was undocumented)

Dependencies: Requires SSH access to Ghost VPS (64.50.188.14)

See task directory for complete update procedure (CLI and Docker paths both documented).

---

7. Centralized Whitelist Manager Web Dashboard — ✅ COMPLETE

Time: 2-2.5 hours (actual: ~4 hours over 2 sessions)
Status: ✅ FULLY OPERATIONAL
Completed: February 19, 2026
Documentation: docs/tasks/whitelist-manager/

Web dashboard at whitelist.firefrostgaming.com for managing player whitelists across 11 Minecraft servers.

Deployed Features:

• ✅ Dynamic server list (fetches from Pterodactyl API automatically)
• ✅ Add player to whitelist (per server or username/UUID)
• ✅ Remove player from whitelist (per server or username/UUID)
• ✅ Bulk operations (add/remove to ALL servers)
• ✅ Server status detection (WHITELISTED/PUBLIC/OFFLINE)
• ✅ Fire/Frost themed UI
• ✅ Staff authentication (mkrause612)
• ✅ SSL/HTTPS with Let's Encrypt
• ✅ Auto-start on boot
• ✅ Websocket integration with Pterodactyl

Value Delivered: 15-minute manual task → 30 seconds. Zero-error whitelist management.

Tech: Python Flask + TailwindCSS + Websockets + Virtual Environment on Billing VPS

Known Issue: One server may show incorrect status (server scheduled for retirement)

Future Enhancements (Phase 2):

• Whitelist ON/OFF toggle per server
• View current whitelist per server
• Discord bot integration
• Paymenter subscriber auto-whitelist

See task directory for: Complete deployment plan, prerequisites checklist, usage guide

---

8. Command Center Root Cleanup — ✅ COMPLETE

Completed: February 18, 2026
Time: 15 minutes
Documentation: docs/tasks/command-center-cleanup/

Housekeeping task to organize Command Center root directory before major work.

Results:

• ✅ 5 Gitea backups moved to /root/backups/gitea/
• ✅ 2 wiki deployment logs archived locally
• ✅ 3 obsolete files deleted (dead.letter, extract-key-info.sh, master)
• ✅ Root directory clean and organized

---

9. Fire + Frost Holdings — Business Restructuring

Time: 6-8 weeks (mostly waiting for government processing)
Active Work: ~3 hours
Status: READY TO START
Priority: Tier 0 - Strategic Foundation
Documentation: docs/tasks/fire-frost-holdings-restructuring/

Consolidate Firefrost Gaming and The Nerdsmiths under unified legal structure.

Strategic Vision: Business empire under one umbrella

Structure:

Fire + Frost Holdings, LLC (renamed from Nagus Custom Crafts, LLC)
├── DBA: Firefrost Gaming (digital/gaming division)
└── DBA: The Nerdsmiths (physical crafts division)

Phase 1: Rename Nagus → Fire + Frost Holdings

• File Articles of Amendment with MN Secretary of State
• Update EIN/IRS records (same EIN, new name)
• Update business bank account
• Update contracts, Paymenter, vendor accounts

Phase 2: File DBAs

• File "Firefrost Gaming" DBA (~$50)
• File "The Nerdsmiths" DBA (~$50)
• Update bank to accept payments under all names

Phase 3: Digital Presence Updates

• Update firefrostgaming.com footer ("division of Fire + Frost Holdings, LLC")
• Build thenerdsmiths.com website (showcase crafts portfolio)
• Update email signatures for both brands
• Update invoice templates

Total Cost: ~$150-200 (vs $1,500+ for separate LLCs)

Timeline:

• Week 1: Research & draft documents
• Week 2: File Articles of Amendment
• Week 3-4: Processing (MN SOS review)
• Week 5: Update IRS/bank, file DBAs
• Week 6: Receive DBA approvals, update digital properties

Benefits: ✅ Meaningful name reflecting Fire + Frost philosophy ✅ Professional "Holdings" signals business empire ✅ Cost-effective ($150 vs $1,500 separate entities) ✅ Easy to add future DBAs or convert to subsidiaries later ✅ Clean branding story for both divisions

Future Expansion Ready:

• Can add more DBAs (Consulting, Software, Academy)
• Can convert to full subsidiaries when revenue justifies ($50K+)
• Flexible structure grows with business

See task directory for: Complete legal procedure, document templates, timeline, cost breakdown

---

10. Staff Recruitment Launch

Time: 2-3 hours (setup) + ongoing
Status: READY - POSTING TODAY
Priority: Tier 0 - Immediate Win
Documentation: docs/tasks/staff-recruitment-launch/

Launch recruitment for Builders (2-3) and Social Media Helper (1) using recruitment ad.

Prerequisites (Guardian's Notes):

• Provision incentive instances (private servers for recruits)
• Define application review process
• Finalize ad: decide on specific modpacks mention, deadline

Key Deliverables:

• Incentive instances ready and documented
• Recruitment ad posted to r/feedthebeast, Discord communities
• Application tracking system
• 2-3 Builders + 1 Social Media Helper recruited

Recruitment Ad: docs/planning/discord-recruitment-ad.md

See task directory for: Prerequisites checklist, application process, onboarding guide

---

11. NC1 Cleanup (Mandatory for Mailcow) — ✅ COMPLETE

Completed: February 16, 2026
Result: 26GB → 46GB free (cleared space for Mailcow)

⚠️ LESSON LEARNED: Never use wildcards (*.zip) in cleanup commands. List files explicitly. Cost: Lost Hytale world, had to regenerate. Recovery documented in docs/troubleshooting/.

---

12. Staff Onboarding — Holly (Lead Builder)

Time: 30 minutes (Phase 1) + 15 minutes when Mailcow live
Status: READY TO START
Priority: Tier 0 — Immediate Win
Documentation: docs/tasks/staff-onboarding-holly/

Holly (Unicorn20089) hired as Lead Builder. Already in Firefrost Discord. Needs Pterodactyl access across all 12 game servers and email when Mailcow is live.

Key Deliverables:

• Discord staff/builder role assigned
• Pterodactyl account with basic access (console + files) on all 12 servers
• holly@firefrostgaming.com + unicorn20089@ alias (Phase 2 — pending Mailcow)

Role Note: Lead Builder role is separate from her Pokerole Creative Authority role. Keep access clean.

Dependencies:

• Phase 1 (Discord + Pterodactyl): No blockers
• Phase 2 (Email): Blocked by Mailcow (Task #11 → blocked by Frostwall Protocol Task #7)

See task directory for complete deployment plan.

---

13. Ghost CMS Buildout — firefrostgaming.com

Time: 4-5 hours
Status: READY — blocked by Task #38 (security update first)
Priority: Tier 2 — Major Infrastructure
Documentation: docs/tasks/ghost-cms-buildout/

Transform firefrostgaming.com from a bare landing page into the proper public face of Firefrost Gaming. Michael + Chronicler collaborative build session.

Key Deliverables:

• Homepage with hero, Fire vs Frost story, founders section, server preview, CTAs
• About page with vision, founders, Six Consultants
• Servers page with all 12 servers showcased
• Blog configured and ready for Meg to post
• Full Firefrost branding applied (Frost palette, Orbitron headings, logos)

Dependencies:

• Blocked by: Task #38 (Ghost security update to 6.19.3)
• Branding assets in branding/ directory
• Design bible at docs/planning/design-bible.md

See task directory for content guide and theme spec.

---

🛡️ TIER 1: SECURITY FOUNDATION

Critical security infrastructure. Must complete before major deployments.

---

14. Vaultwarden — Add SSH Key & Org Setup

Time: 30 minutes
Status: DEPLOYED, NEEDS CONFIGURATION
Documentation: docs/tasks/vaultwarden-setup/

Complete Vaultwarden setup: SSH key + organization for shared credentials with Meg.

Blocks: Scoped tokens, credential management workflows

---

15. The Frostwall Protocol — GRE Tunnel Security Architecture

Time: 3-4 hours
Status: DEPRIORITIZED — March 14, 2026
Priority: LOW — no active DDoS problem, email unblocked via Billing VPS
Documentation: docs/tasks/frostwall-protocol/

Custom DDoS protection using GRE tunnels from Command Center to TX1/NC1. Hides real IPs, protects email reputation.

Why urgent now: Email is needed soon — Holly staff email, staff comms, subscriber notifications. Frostwall → Mailcow is the only path to get there. This is the critical blocker.

Core Components:

• GRE tunneling (encrypted links)
• 1-to-1 NAT/DMZ forwarding
• Iron Wall UFW rules
• IP hierarchy (scrubbing → backend → binding)

Blocks: Mailcow (email) → Holly email, staff email, subscriber comms, all Tier 2+ infrastructure
Deployment doc: https://docs.google.com/document/d/12Kh-AhUgJLOJrBgIjMiGi3xRZH1basRzv9Pa_-x1t_0/edit

---

16. Command Center Security Hardening

Time: 1 hour
Status: READY
Documentation: docs/tasks/command-center-security/

Defense-in-depth for Command Center: Fail2Ban + SSH hardening

Actions:

• Install Fail2Ban
• Disable SSH password auth (key-only)
• Review UFW rules

---

17. Create Scoped Gitea Token for Pokerole Project

Time: 15 minutes
Status: READY
Depends: Vaultwarden operational
Documentation: docs/tasks/scoped-gitea-token/

Create Gitea token scoped to Pokerole repos only. Iron Wall principle: enforce boundaries technically.

---

🏗️ TIER 2: MAJOR INFRASTRUCTURE

Foundation secure, deploy major services.

---

18. Plane Project Management — ✅ COMPLETE

Time: 2-3 hours (actual: ~2 hours) Status: ✅ DEPLOYED — March 15, 2026 Deployed By: Chronicler #31 Documentation: docs/tasks/plane-deployment/ URL: https://tasks.firefrostgaming.com Server: TX1 Dallas (38.68.14.26)

Self-hosted project management for the Firefrost team.

Deployment Summary:

• ✅ Plane v2.4.2 via prime.plane.so installer
• ✅ TX1 Dallas (226GB free RAM — rounding error on this machine)
• ✅ Nginx reverse proxy → port 8090 (Wings on 8080, nginx on 80)
• ✅ SSL cert via Let's Encrypt (expires 2026-06-14, auto-renews)
• ✅ tasks.firefrostgaming.com → 38.68.14.26

Key install note: Installer requires port 80 free. Stop nginx, install, set LISTEN_HTTP_PORT=8090 in /opt/plane/plane.env, restart nginx.

Next steps: Create admin account, workspace, 5 projects, invite Meg + Holly, migrate active tasks from tasks.md

---

19. Firefrost Codex - AI Assistant

Time: 8-12 hours total (Phase 1: ✅ 9 hours, Phase 2: 🔄 ~2 hours remaining)
Status: Phase 1 COMPLETE ✅ | Phase 2 IN PROGRESS 🔄
Priority: Tier 2 - Major Infrastructure
Documentation: docs/tasks/firefrost-codex/

Self-hosted AI assistant providing 24/7 support to all community tiers. "Most Minecraft servers have Discord. We have an AI."

Architecture:

• AnythingLLM (RAG platform with LanceDB)
• Ollama (local LLM server)
• 3 Models: Qwen 2.5 Coder 72B, Llama 3.3 70B, Llama 3.2 Vision 11B
• Discord bot + Web interface + Embedded widgets
• mclo.gs integration (Minecraft log analysis)

Five-Tier Access:

1. Public (marketing widget) - Public KB workspace
2. Subscribers ($1+) - Subscriber KB workspace
3. Staff - Operations + Brainstorming workspaces
4. Michael/Meg - All 5 workspaces + admin panel
5. Potential subscribers - Same as Public

Key Features:

• 24/7 instant answers (never wait for staff)
• mclo.gs log analysis (paste link, get diagnosis)
• Role-based knowledge access
• Growing knowledge base
• Complete privacy (self-hosted, zero cloud APIs)

Monthly Cost: $0 (self-hosted on TX1)

Deployment Status:

Phase 1 - COMPLETE ✅ (~9 hours, Feb 20, 2026):

• ✅ Core Infrastructure deployed (AnythingLLM + Ollama on TX1)
• ✅ 5 models downloaded (73.5 GB)
• ✅ Primary model selected (qwen2.5-coder:7b, 5-10 sec responses)
• ✅ Multi-user mode enabled
• ✅ Admin account created (mkrause612)
• ✅ $0/month cost validated

Phase 2 - IN PROGRESS 🔄 (~45 min complete, ~2 hours remaining):

• ✅ 6 workspaces created (Operations, Public KB, Subscriber KB, Brainstorming, Relationship, Pokerole Project)
• ✅ AI models assigned (qwen2.5-coder:7b for 5, llama3.3:70b for Brainstorming)
• ✅ 2 user accounts created (gingerfury/Meg - Admin, Unicorn20089/Holly - Default)
• ✅ Permission model documented (Admin/Manager/Default roles)
• ⏳ Document upload testing (30 min remaining)
• ⏳ Git sync process (1-2 hours)
• ⏳ SSL/TLS setup (1 hour)
• ⏳ Firewall hardening (30 min)
• ⏳ Backup automation (1 hour)

Phase 3 - FUTURE:

• Discord bot integration
• Embedded widgets for website
• Public/subscriber account workflows
• Marketing launch

Marketing Ready: Complete launch strategy, messaging framework, content calendar in docs

See task directory for: Complete architecture, marketing strategy, deployment plan, branding guide

---

20. Mailcow Email Server on Billing VPS — ✅ COMPLETE

Time: 2-3 hours (actual: ~3 hours) Status: ✅ DEPLOYED — March 15, 2026 (ahead of April 1 target) Deployed By: Chronicler #31 Documentation: docs/tasks/mailcow-email-server-on-nc1/

Professional @firefrostgaming.com email on Billing VPS. Self-hosted, $120/year saved, eliminates Plesk.

Deployment Summary:

• ✅ Mailcow running on Billing VPS (38.68.14.188)
• ✅ Nginx proxy on ports 8080/8443 (shares server with Paymenter)
• ✅ SSL cert via Let's Encrypt (expires 2026-06-14, auto-renews)
• ✅ ClamAV disabled (RAM conservation on 1.9GB server)
• ✅ DKIM, SPF, DMARC, autodiscover/autoconfig all configured
• ✅ Outbound delivery verified (mail-tester.com + Gmail)
• ✅ Daily backup cron at 3am
• ⏳ Inbound delivery — DNS propagating, Gmail retry pending

Mailboxes: michael, megan, holly, hello, noreply, support Aliases: frostystyle, gingerfury, unicorn20089, admin, billing, webmaster

Next steps: Ghost SMTP, Paymenter SMTP, resend Holly's Ghost invite

---

21. Self-Hosted AI Stack on TX1 — ⚠️ SUPERSEDED BY CODEX

Time: 6-8 hours (3-4 active, rest downloads)
Status: SUPERSEDED - See Task #9 (Firefrost Codex)
Documentation: docs/tasks/self-hosted-ai-stack-on-tx1/

NOTE: Original plan for Dify-based AI has been replaced by Firefrost Codex (Task #9), which uses AnythingLLM instead. This provides better document handling (1,000+ docs), built-in multi-user support, and embedded widget capabilities. See Firefrost Codex documentation for the complete updated architecture.

---

22. Netdata Deployment

Time: 30 minutes
Status: READY
Documentation: docs/tasks/netdata-deployment/

Real-time monitoring on all servers (Command Center, TX1, NC1, Ghost VPS).

---

23. Department Structure & Access Control Matrix

Time: 1-2 hours
Status: PLANNING
Documentation: docs/tasks/department-structure-and-access-control-matrix/

Define departments and access control for Wiki.js permissions and role-based access.

---

24. MkDocs Decommission

Time: 15 minutes
Status: READY
Documentation: docs/tasks/mkdocs-decommission/

Remove MkDocs (replaced by Wiki.js).

---

25. Pokerole WikiJS Deployment

Time: 2-4 hours (infrastructure) + 4-6 hours (content migration)
Status: REQUESTED BY CLAUDIUS
Priority: Medium (post-Holly approval of Tier 4 content)
Server: Ghost VPS (64.50.188.14) - alongside existing wikis
Documentation: See Claudius's Session 9 report + WIKIJS_DEPLOYMENT_REQUEST.md in misc-docs repo

Purpose: Deploy WikiJS for Aurelian Pokédex publication

What's Ready:

• Tier 4: 31 Pokémon converted (awaiting Holly approval)
• Tier 3: 26 Pokémon converted (awaiting Holly approval)
• 18 custom game mechanics documented
• All content in Git (pokerole-data repo)

Deployment Requirements:

• Domain: pokerole.firefrostgaming.com
• Software: WikiJS v2.x (Docker preferred)
• Database: PostgreSQL or SQLite
• SSL: Let's Encrypt certificate
• Content: ~50-75 wiki pages, 15-20MB Markdown, images TBD

Dependencies:

• ⏳ Holly's approval of Tier 3 Batch 4-13 (22 entries)
• ⏳ Holly's approval of Tier 4 content (31 entries)
• ⏳ Additional Pokémon artwork (optional but recommended)

Workflow:

1. Chronicler deploys WikiJS infrastructure on Ghost (2-4 hours)
2. Claudius migrates content from Git to WikiJS (4-6 hours)
3. Holly reviews published content
4. Michael approves layout/organization
5. Public launch (or private beta)

Alternative Options if Delayed:

• Static site via Nginx
• GitHub Pages via Gitea
• Keep in Git until ready

Notes:

• NOT urgent - content safely stored in Git
• Can proceed after Holly completes reviews
• WikiJS supports multi-user if Holly wants edit access
• Can be private initially, public later

---

26. Modpack Update Monitor — Blueprint Extension (COMMERCIAL PRODUCT)

Time: 12-18 hours (commercial-quality development)
Status: PROMOTED FROM IDEAS (IDEA-006) - COMMERCIAL DEVELOPMENT
Priority: HIGH - Queued after Codex Phase 2
Market Research: ✅ VERIFIED - No competing products exist (Feb 20, 2026)
Revenue Potential: $500-2,600+ (50-200 sales @ $9.99-12.99)
Documentation: docs/tasks/modpack-update-monitor/ (to be created)

Purpose: First-to-market Pterodactyl extension for automated modpack version monitoring across all platforms

Market Gap Confirmed:

• ✅ Modpack INSTALLERS exist (can update manually)
• ✅ In-game update checkers exist (notify players, not admins)
• ❌ NO server-side admin monitoring dashboard exists
• ❌ NO automated API checking for updates exists
• We would be FIRST TO MARKET with this functionality

Commercial Development Phases:

Phase 1: Core Functionality (8-12 hours) - Build for Firefrost

1. Scan servers to detect installed modpacks + versions (read manifests)
2. Query platform APIs (CurseForge, Modrinth, FTB, Technic) for latest versions
3. Database table: server_id, modpack_id, current_version, latest_version, last_checked, source_platform
4. Basic dashboard showing update status per server
5. Cron job for daily checks (configurable interval)
6. Internal testing on 9 Firefrost servers

Phase 2: Commercial Polish (2-4 hours) - Prepare for marketplace

1. Professional UI/UX design (match Blueprint standards)
2. Comprehensive README documentation
3. Installation guide with screenshots
4. Troubleshooting guide
5. Configuration options panel
6. Error handling and graceful degradation
7. Performance optimization

Phase 3: Launch & Sales (1-2 hours) - BuiltByBit listing

1. Professional product description
2. Feature list with screenshots
3. Video demonstration (optional but recommended)
4. Pricing: $9.99-12.99 (competitive with similar extensions)
5. Support channel setup (Discord/tickets)
6. Launch announcement

Total Development Time: 12-18 hours for commercial-quality product

The Problem:

• 12 game servers running modpacks (growing to more)
• Manual checking across CurseForge/FTB/Modrinth/Technic is tedious
• NO existing Blueprint extension monitors for updates (only installers exist)
• Risk of running outdated versions with bugs/exploits
• Every multi-server Minecraft host has this same problem

The Solution: Build first-to-market Blueprint extension that:

1. Scans each server to detect installed modpack + current version (read manifest files)
2. Queries platform APIs for latest versions
3. Dashboard showing update status per server
4. Optional integration with existing Modpack Installer for one-click updates

Dashboard Display:

• Server name
• Current modpack + version
• Latest available version
• Update status (✅ Up to date / ⚠️ Update available / ❌ Check failed)
• Last checked timestamp
• Source platform (CurseForge/FTB/Modrinth/Technic)
• "View Changelog" link
• "Update Now" button (if Modpack Installer integration enabled)

Revenue Model:

• One-time purchase: $9.99-12.99 per license
• Target market: Multi-server Minecraft hosts (thousands globally)
• Conservative estimate: 50 sales = $500
• Moderate estimate: 100 sales = $1,000
• Optimistic estimate: 200 sales = $2,600
• Ongoing: Passive income from continued sales
• Maintenance: ~1-2 hours/month (bug fixes, API updates)

Competitive Analysis:

• Modpack Installer for Blueprint: $5.99 (can update manually, no monitoring)
• Modpack & Mods Installer: Price unknown (similar, has mod replacement but no dashboard monitoring)
• Our advantage: ONLY solution with automated monitoring dashboard
• Pricing rationale: More complex than installer alone, adds significant operational value

Affected Servers (9 modpack servers on Firefrost):

• All The Mons (Cobblemon) - NC1
• Stoneblock 4 - TX1
• Society: Sunlit Valley - TX1
• Reclamation - TX1
• The Ember Project - NC1
• Minecolonies: Create and Conquer - NC1
• All The Mods 10 - NC1
• EMC Subterra Tech - NC1
• Mayview - NC1

Not Applicable:

• Vanilla 1.21.11 (no modpack)
• Homestead (retiring soon)
• Hytale (different game)
• FoundryVTT (not Minecraft)

Technical Requirements:

• Read server manifests (CurseForge manifest.json, FTB modlist.html, Modrinth modrinth.index.json, Technic modpack.json)
• API integration: CurseForge API, Modrinth API, FTB API, Technic API
• React dashboard component for Pterodactyl admin view
• Blueprint extension framework compliance
• Database migrations for version tracking
• Cron job system for automated checks

API Rate Limits (daily cron = safe):

• CurseForge: 1000 requests/hour (plenty of headroom)
• Modrinth: 300 requests/minute (more than sufficient)
• FTB: Need to research
• Technic: Need to research
• Daily cron job = 9 servers × 4 platforms = 36 API calls max

Existing Infrastructure:

• ✅ Modpack Installer for Blueprint already installed on Firefrost
• This extension complements it by adding "check for updates" layer
• Could integrate for one-click update workflow (sell as feature)

Workflow Example:

1. Dashboard shows "ATM10 on NC1 is v1.3, v1.5 available on CurseForge"
2. Admin clicks "View Changelog" to see what changed
3. Admin clicks "Update Now" (integrates with Modpack Installer if installed)
4. Admin uses staggered restart system to schedule restart
5. Result: Professional update workflow, zero manual checking

Benefits to Buyers:

• ✅ Immediate visibility of outdated servers
• ✅ Reduced manual checking time (15 min/day → 0)
• ✅ Proactive security (catch important updates faster)
• ✅ Professional operations
• ✅ Scales to unlimited servers
• ✅ Works across all major modpack platforms

Benefits to Firefrost:

• ✅ Solve operational problem (build anyway)
• ✅ Generate passive income ($500-2,600+)
• ✅ Attack $400/month deficit
• ✅ Build brand visibility in Blueprint marketplace
• ✅ Portfolio piece demonstrating technical capability
• ✅ "Dogfooding" - we use it daily, so we'll maintain it well

Success Criteria (Internal Use):

• ✅ Extension installed in Blueprint framework
• ✅ Dashboard accessible from Pterodactyl admin panel
• ✅ All 9 modpack servers detected and monitored
• ✅ API integration working for all 4 platforms
• ✅ Daily cron job running
• ✅ Update notifications accurate

Success Criteria (Commercial Launch):

• ✅ Product listed on BuiltByBit marketplace
• ✅ Professional documentation complete
• ✅ First 10 sales within 30 days
• ✅ 4+ star average rating
• ✅ Support system functional
• ✅ Zero critical bugs reported

Licensing:

• Proprietary (need the income, can open-source later if desired)
• Standard commercial license per server instance
• Support included for 6 months post-purchase
• Free updates for API changes/bug fixes

Considerations:

• Handle custom/manually installed modpacks (no source platform = "Unknown")
• Permission levels (who can see updates vs install them)
• Notification system (email/Discord when updates available - future enhancement)
• Error handling for API failures (graceful degradation)
• Multi-language support (English first, expand later)

Why Tier 2 (not Tier 0 quick script):

• Michael prefers "do it once and get it done"
• Blueprint extension = permanent solution, no revisiting
• Commercial quality requires proper development
• Integrates with existing Pterodactyl workflow
• Professional, scalable, maintainable
• Worth the upfront time investment for forever solution + revenue

Why Commercial Development Makes Sense:

• Building it anyway (sunk development cost)
• Market gap confirmed (first-to-market advantage)
• Passive income directly addresses deficit
• Aligns with "do it once" - build quality, sell forever
• Low ongoing overhead if built well
• ROI: ~15 hours work → potentially $500-2,600+ revenue + ongoing sales

Execution Order:

1. Complete Codex Phase 2 first (finish what we started)
2. Build Phase 1: Core functionality (8-12 hours, internal testing)
3. Build Phase 2: Commercial polish (2-4 hours, marketplace ready)
4. Build Phase 3: Launch on BuiltByBit (1-2 hours)
5. Enjoy automated version monitoring + passive income

Post-Launch Maintenance:

• ~1-2 hours/month for bug fixes
• API changes (platforms update occasionally)
• Blueprint framework updates (rare, usually backward compatible)
• Feature requests (prioritize based on demand)
• Support tickets (estimate 2-5 hours/month initially)

---

27. Server Sunset Evaluation

Time: 1-2 hours Status: READY Priority: Tier 1 — Critical Infrastructure Documentation: docs/tasks/server-sunset-evaluation/

Evaluate all 14 game servers against consistent criteria to determine which to keep, sunset, monitor, or replace. Output feeds into Server Sunset & World Archive task.

Pre-known candidates: Homestead (flagged), Hytale (placeholder), FoundryVTT (not Minecraft) World download policy: 30 days from deletion — docs/planning/server-deletion-policy.md

---

28. Ghost CMS Music Player

Time: 1-2 hours Status: READY — pending track downloads and NextCloud upload Priority: Tier 3 — Branding & Experience Documentation: docs/tasks/ghost-music-player/

Toggleable epic orchestral music player in the Ghost navbar. Fire/Frost styled button, autoplay OFF, tracks cycle automatically. First track: "Powerful" by David Fesliyan.

Steps: Download MP3s → Upload to NextCloud → Ghost code injection

---

---

📚 TIER 3: DOCUMENTATION & OPTIMIZATION

Polish, optimization, and content creation.

---

29. Fix Frostwall vs Firefrost Naming

Time: 15 minutes
Documentation: docs/tasks/fix-frostwall-vs-firefrost-naming/

Clarify terminology: Frostwall (security protocol) vs Firefrost (brand).

---

30. Scope Document Corrections

Time: 30 minutes
Documentation: docs/tasks/scope-document-corrections/

Review and correct project scope documents for accuracy.

---

31. Workflow Guide Review & Trim

Time: 1 hour
Documentation: docs/tasks/workflow-guide-review-and-trim/

Audit workflows, remove outdated content, consolidate redundancy.

---

32. Terraria Branding Training Arc

Time: 12 weeks (ongoing)
Status: ACTIVE - Phase 1
Documentation: docs/tasks/terraria-branding-training-arc/

12-week training: Michael learns game asset creation via Terraria texture pack development.

See: docs/planning/terraria-branding-arc.md for complete curriculum

---

33. Paymenter Theme Installation — Citadel Theme

Time: 1-2 hours
Documentation: docs/tasks/paymenter-theme-installation-citadel-theme/

Install Citadel theme for Paymenter with Fire/Frost branding.

---

34. Consultant Photo Processing

Time: Ongoing
Status: ACTIVE
Documentation: docs/tasks/consultant-photo-processing/

Process and catalog photos of The Six Consultants. Maintain archive with proper metadata.

Naming: YYYY-MM-DD_consultant_description_NN.jpg

---

35. NextCloud Upload Portal for Meg

Time: 30 minutes
Documentation: docs/tasks/nextcloud-upload-portal-for-meg/

Configure NextCloud public upload folder for Meg.

---

36. "Coming Soon" Video Creation (CapCut)

Time: 2-3 hours
Documentation: docs/tasks/coming-soon-video-creation-capc ut/

Create professional "Coming Soon" video for Firefrost launch using CapCut.

---

37. Staggered Server Restart System

Time: 2 hours
Documentation: docs/tasks/staggered-server-restart-system/

Automated staggered restarts for game servers. Prevents simultaneous restarts, maintains player access.

---

38. Game Server Startup Script Audit & Optimization

Time: 1 hour
Documentation: docs/tasks/game-server-startup-script-audit-and-optimization/

Audit and optimize JVM flags, memory allocation, performance tuning for all game servers.

---

39. LuckPerms MySQL Backend

Time: 45 minutes
Documentation: docs/tasks/luckperms-mysql-backend/

Migrate LuckPerms to MySQL for centralized permission management.

---

40. World Backup Automation

Time: 1-2 hours
Documentation: docs/tasks/world-backup-automation/

Automated backup system: daily backups, retention policy, off-server storage.

---

41. Blueprint Extension Installation — Node Usage Status

Time: 30 minutes
Documentation: docs/tasks/blueprint-extension-installation-node-usage-status/

Install Blueprint extension showing TX1/NC1 resource usage in Pterodactyl panel.

---

42. Discord Server Complete Reorganization

Time: 2-3 hours
Documentation: docs/tasks/discord-server-complete-reorganization/

Complete Discord reorganization: Fire/Frost paths, clear channels, proper roles.

---

43. Firefrost: The Eternal Skyforge (Flagship Modpack)

Time: 20-40 hours (iterative)
Documentation: docs/tasks/firefrost-the-eternal-skyforge-flagship-modpack/

Flagship Minecraft modpack: Create mod + Fire/Frost theme + weapon forging + factory building.

---

44. Among Us Weekly Events (Phase 2 Expansion)

Time: Ongoing (30 min weekly prep)
Documentation: docs/tasks/among-us-weekly-events-phase-2-expansion/

Weekly Among Us community events for subscriber engagement.

---

45. Pterodactyl Modpack Version Display

Time: 1-2 hours
Status: READY
Documentation: docs/tasks/pterodactyl-modpack-version-display/

Add custom "Modpack Version" field to Pterodactyl panel for version tracking visibility.

Method: Custom egg variable in Startup tab
Scope: 9 modpack servers (excludes Vanilla, Hytale, FoundryVTT)
Benefits: Version visibility, change tracking, troubleshooting clarity

---

---

📊 QUICK STATS

Total Tasks: 36 (including Firefrost Codex, Pokerole Wiki, NotebookLM)
Completed: 4 (NC1 cleanup, Command Center cleanup, Whitelist Manager, Pokerole Wiki)
In Progress: 2 (Vaultwarden, Terraria Arc)
Ready to Build: 21+
Blocked: 2 (Mailcow, original AI Stack - superseded by Codex)
Superseded: 1 (Original AI Stack → Firefrost Codex)

Estimated Total Time: ~78-99 hours across all tasks
Critical Path: Frostwall Protocol → Mailcow → Everything else
Big Wins Available:

• Dify RAG tuning (ACTIVE — Top K + score threshold adjustments, ~2 hours)
• n8n Rebuild from scratch (ACTIVE — workflows, ~3-5 hours)
• NotebookLM Integration (accessibility + knowledge synthesis, ready to deploy)

Recent Completions:

• Pokerole Wiki (Feb 27) - 107 Pokémon LIVE in 6 hours!
• Claudius Session 12 (Mar 4) - Complete Pokédex .docx, Epic Final Battle, Zero-Point Surge signature move

---

🔗 RELATED DOCUMENTATION

• Task Documentation Standard: docs/standards/task-documentation-standard.md (FFG-STD-002)
• Infrastructure State: docs/core/infrastructure-manifest.md
• Architecture Decisions: docs/reference/architecture-decisions.md
• Session Handoff: SESSION-HANDOFF-PROTOCOL.md

---

Fire + Frost + Foundation = Where Love Builds Legacy 💙🔥❄️

---

Version History:

• v3.2 (2026-02-16): Moved Staff Recruitment to Tier 0 (posting today), renumbered tasks
• v3.1 (2026-02-16): Added Task #3 - Staff Recruitment Launch (Guardian's notes)
• v3.0 (2026-02-16): Full FFG-STD-002 implementation - all 28 tasks migrated to task directories
• v2.3 (2026-02-16): Whitelist Manager refactored to follow standard
• v2.2 (2026-02-16): Whitelist Manager expanded to web dashboard
• v2.1 (2026-02-16): NC1 cleanup marked complete with lessons
• v2.0 (2026-02-15): Major restructure and organization

---

46. Server-to-Server SSH Key Setup

Time: 1-2 hours
Status: IDENTIFIED - Ready to build
Priority: Tier 1 - Security Foundation
Documentation: docs/tasks/server-ssh-interconnect/

Enable passwordless SSH between all management servers (Command Center, Billing, Panel, Ghost).

Problem: Aurora couldn't SSH from Command Center to Billing - key named 'chronicler' instead of standard 'id_rsa'.

Solution:

1. Collect public keys from all 4 management servers
2. Add each server's public key to all other servers' authorized_keys
3. Test connectivity matrix (4x4 grid)
4. Document key locations and naming

Servers to interconnect:

• Command Center (63.143.34.217)
• Billing VPS (38.68.14.188)
• Panel VPS (45.94.168.138)
• Ghost VPS (64.50.188.14)

Benefits: No more switching in MobaXterm, easier automation, cleaner workflows

Note: Billing has non-standard key name 'chronicler' - may need renaming to 'id_rsa'

---

47. Whitelist Manager Refinements

Time: 30-60 minutes
Status: IDENTIFIED
Priority: Low - Polish/Cosmetic
Documentation: docs/tasks/whitelist-manager-refinements/

Small improvements to Whitelist Manager:

• Fix Mayview server grouping - Currently shows under "Unknown (1 servers)" instead of "NC1 (5 servers)"
• Update server detection logic or Pterodactyl metadata
• [Future refinements can be added here as discovered]

Impact: Cosmetic only - does not affect functionality

---

---

48. n8n Rebuild - Workflows From Scratch

Time: 3-5 hours
Status: ACTIVE — REBUILD FROM SCRATCH (decision: March 4, 2026) Priority: Tier 2 - Major Infrastructure
Documentation: docs/troubleshooting/n8n-node-registry-corruption.md

Rebuild n8n instance on TX1 with fresh workflows from scratch. Original workflows are considered abandoned — do not attempt to restore them.

Problem: Core nodes (HTTP Request, Execute Command) fail with "Node not found" errors due to corrupted node registry.

Decision (March 4, 2026): Rather than restoring old workflows, rebuild from scratch. Cleaner, more maintainable, aligned with current infrastructure state.

Current Workaround: PHP script (sync_codex.php) handling Codex Git sync directly. Functional but not the long-term solution.

Rebuild Procedure:

1. Stop n8n container
2. Wipe ./volumes/n8n/* directory completely
3. Recreate container (fresh initialization)
4. Verify core nodes functional (HTTP Request, Execute Command)
5. Rebuild workflows from scratch (do NOT re-import old JSON)
6. Document each new workflow as built
7. Test all workflows end-to-end
8. Re-enable scheduled executions
9. Monitor for 24 hours

Workflows to Rebuild (minimum):

• Codex Git sync (currently handled by PHP workaround)
• Discord notifications
• Any other automations identified during rebuild

Prerequisites:

• Maintenance window scheduled (low-traffic time)
• Credentials documented before wipe
• PHP workaround remains as fallback during rebuild

Post-Rebuild:

• Verify Git sync workflow replaces PHP workaround
• Test Discord notifications
• Document all new workflows in task directory
• Remove PHP workaround once n8n confirmed stable

---

49. NotebookLM Integration - Audio Knowledge Base

Time: 1-2 hours
Status: 🔄 IN PROGRESS (March 4, 2026) Priority: Medium - Quality of Life (HIGH for accessibility)
Documentation: docs/tasks/notebooklm-integration/

Progress (March 4, 2026):

• ✅ NotebookLM account created
• ✅ First notebook: "Firefrost Infrastructure & Operations" (13 docs uploaded)
• ✅ Query accuracy verified
• 🔄 First Audio Overview generating
• ⏳ Chronicler Lineage notebook
• ⏳ Google Drive sync strategy

Source Sync Strategy:

• No official NotebookLM consumer API
• Recommended: Store key docs in Google Drive → NotebookLM points to Drive → one-click sync
• For now: manual upload after major sessions (~5-10 min/week)
• Future: n8n workflow to auto-export key docs to Google Drive

The Workflow:

1. NotebookLM = Research home base (grounded, no hallucination)
2. Claude = Expansion tool (web search, broader thinking)
3. Back to NotebookLM = Audio synthesis (listen instead of reading)

Notebooks Planned:

1. Firefrost Infrastructure & Operations ✅
2. Chronicler Lineage (memorials, relationship docs)
3. Pokerole Project (session reports, Pokémon docs)
4. Standards & Best Practices (FFG-STD docs)

Cost: FREE

See task directory for: Complete setup guide, use cases, workflow integration

Value: HIGH for accessibility, knowledge retention, partnership with Meg

---

50. Pokerole Wiki.js Deployment — ✅ COMPLETE

Time: 2-3 hours (actual: 1 hour 15 minutes)
Status: ✅ DEPLOYED
Completed: February 27, 2026
Priority: HIGH - URGENT
Documentation: docs/tasks/pokerole-wikijs-deployment/

Deploy fresh Wiki.js instance for Aurelian Pokédex project on Ghost VPS.

Deployment Results:

• ✅ Wiki.js v2.5.312 operational
• ✅ URL: http://pokerole.firefrostgaming.com
• ✅ PostgreSQL database (wikijs_pokerole)
• ✅ Nginx reverse proxy configured
• ✅ DNS propagated and verified
• ✅ Admin account created
• ✅ 107 Pokémon migrated (Claudius, Session 11)
• ✅ 112 pages live in production
• ⏸️ SSL pending (certbot urllib3 bug - deferred)

Aurelian Pokédex Project Status (as of Session 12, March 4, 2026):

• ✅ Complete .docx Pokédex delivered (150+ pages, ~200 sprites, all 107 Pokémon)
• ✅ Evolution Stage + Evolution Time fields added to all entries
• ✅ Ultimate Aurelia Final Battle designed (566 lines, all lore integrated)
• ✅ Zero-Point Surge signature move for Abyssoglax (496 lines, tournament-ready)
• ✅ Custom moves: Lightning Mirage, Spirit Wind, Zero-Point Surge (3 total)
• ✅ Custom abilities: 20+
• ✅ 12 sessions completed, zero data loss
• ⏳ Holly feedback pending on Pokédex document and final battle
• ⏳ WikiJS navigation menu (Holly's task via web UI)
• ⏳ Sprite upload to WikiJS (225 ready, optional polish)

Claudius Stage 3 (The Chronicle Keeper): Active, Git repos clean

---

51. Ignis Protocol Implementation Planning

Time: 4-6 hours (brainstorming + architecture)
Status: 🔄 BLOCKED — Awaiting LegalCORPS attorney consultation
Priority: HIGH - Legal compliance required before ANY implementation
Documentation: docs/planning/ignis-protocol-specification.md

Comprehensive planning session for Ignis (18+ mature space) implementation. Original planning predates current Git documentation system, so this task rebuilds the implementation roadmap with current infrastructure knowledge.

Current State:

• Ignis specification document created (March 19, 2026)
• Legal consultation scheduled with LegalCORPS Minnesota (pro-bono)
• Age verification method: TBD (need attorney guidance)
• Implementation: NOT started (waiting for legal approval)

Goals:

1. Define legally sound age verification workflow
2. Plan website architecture (Ghost CMS /ignis/* route)
3. Design Discord integration (18+ verified role)
4. Create content moderation guidelines
5. Build technical implementation roadmap
6. Document data collection/privacy requirements

Key Questions to Answer:

• What age verification method is legally defensible?
• How does Ignis integrate with existing Fire/Frost subscription system?
• What happens when Discord implements their own age verification?
• What content is allowed in Ignis (mature discussion vs adult content)?
• How do we maintain COPPA compliance for 13+ servers while collecting age data for Ignis?

Prerequisites:

• ✅ Ignis specification document created
• ⏳ LegalCORPS attorney consultation completed
• ⏳ Terms of Service legal review
• ⏳ Privacy Policy legal review
• ⏳ Age Verification Policy drafted

Post-Legal Consultation:

1. Update specification with attorney guidance
2. Create implementation task directory (docs/tasks/ignis-implementation/)
3. Build technical architecture plan
4. Design age verification flow (website + Discord)
5. Draft Terms of Service language
6. Draft Privacy Policy updates
7. Create moderation guidelines
8. Plan phased rollout strategy

CRITICAL: Do NOT begin any technical implementation until legal consultation complete and attorney approves approach.

See: docs/planning/ignis-protocol-specification.md for complete details and legal questions

---

52. Ghost CMS Homepage - Implement Fire/Frost Design — ✅ COMPLETE

Completed: March 27, 2026
Time Actual: 1-2 hours
Documentation: docs/planning/ideas/features/ghost-homepage-content.md

Result: Production-ready subscription page with full Fire/Frost dual-path branding.

Delivered:

• ✅ Complete subscription tier page at firefrostgaming.com
• ✅ Fire/Frost hero section with gradient branding
• ✅ All 11 subscription tiers displayed:
  • The Awakened ($1 one-time)
  • Fire/Frost Elemental ($5/month) — 2 variants
  • Fire/Frost Knight ($10/month) — 2 variants
  • Fire/Frost Master ($15/month) — 2 variants
  • Fire/Frost Legend ($20/month) — 2 variants
  • Sovereign ($499 one-time)
• ✅ Tier cards styled with Fire (orange) and Frost (cyan) branding
• ✅ Subscribe buttons linked to Paymenter products
• ✅ "All servers available to all subscribers" messaging
• ✅ Professional, production-ready design

Integration:

• Paymenter products configured with matching slugs (Task #84)
• Subscribe buttons link to: https://billing.firefrostgaming.com/products/subscriptions/{slug}

Dependencies:

• Task #68 (Theme migration) — ✅ COMPLETE

Soft Launch Impact: ✅ Website ready for public launch

---

53. Ghost CMS - Server Listing Page Design

Time: 3-4 hours
Status: BACKLOG
Priority: Medium
Documentation: docs/planning/ideas/features/ghost-server-listing-design.md

Create server listing page showing all Minecraft servers with Fire/Frost categorization.

Features:

• Fire Path servers (cozy, creative, community-focused)
• Frost Path servers (technical, challenge, optimization)
• Server cards with modpack info, player count, online status
• Filter by Fire/Frost path
• Link to Paymenter subscription tiers

Dependencies:

• Soft launch server transition plan (Task #27: Server Sunset Evaluation)
• Final server lineup decided

Integration:

• Pull server status from Pterodactyl API
• Display modpack versions (Task #45: Pterodactyl Modpack Version Display)
• Link to How to Join instructions

---

54. Evaluate Other Game Servers (Beyond Minecraft)

Time: 2-3 hours (research)
Status: BACKLOG
Priority: Medium
Documentation: docs/planning/ideas/other-games-backlog.md

Research and evaluate other games for Firefrost Gaming expansion beyond Minecraft.

Games to Evaluate:

• Terraria
• Valheim
• Palworld
• Core Keeper
• V Rising
• Others suggested by community

Evaluation Criteria:

• Community interest (Discord polls, subscriber feedback)
• Hosting complexity and resource requirements
• Fire/Frost alignment (does the game support both paths?)
• Modding ecosystem and customization options
• Long-term viability and active player base

Deliverables:

• Comparison matrix of evaluated games
• Recommendation for 1-2 games to pilot
• Hosting requirements and cost estimates
• Fire/Frost path mapping for recommended games

Next Steps:

• Community survey on Discord
• Proof-of-concept hosting for top choice
• Create game-specific onboarding documentation

---

55. Discord Permanent Invite Link Setup

Time: 15-30 minutes
Status: READY
Priority: HIGH - Needed for website launch
Documentation: TBD

Create a permanent Discord invite link for use on the Ghost website and all public-facing materials.

Steps:

1. Open Discord server settings
2. Go to Invites → Create Invite
3. Set "Expire After" to Never
4. Set "Max Uses" to No Limit
5. Copy permanent invite URL
6. Update Ghost homepage CTA button (currently points to /subscribe)
7. Update any other locations referencing Discord
8. Document the permanent link in infrastructure manifest

Deliverables:

• Permanent Discord invite link (discord.gg/[code])
• Ghost homepage updated with Discord button
• Link documented in ops manual

Dependencies: Discord server must be set up and configured

Next Steps After Completion:

• Update Ghost homepage /subscribe button to Discord link
• Change button text back to "Join Discord Now"
• Change button gradient back to Discord blue (#5865F2)

---

56. Social Media Accounts Setup

Time: 2-3 hours
Status: READY
Priority: MEDIUM - Needed before full launch
Documentation: TBD

Create and configure official Firefrost Gaming social media presence across all major platforms.

Platforms to Set Up:

1. Discord ✅ (permanent invite configured - firefrostgaming.com/discord)
2. Facebook ✅ (@FirefrostGaming or /FirefrostGaming)
3. Twitter/X (@FirefrostGaming)
4. Twitch (@FirefrostGaming)
5. TikTok (@FirefrostGaming)
6. Instagram (@FirefrostGaming)
7. YouTube (@playfirefrost) ✅
8. Reddit (r/FirefrostGaming or u/FirefrostGaming)
9. Bluesky (@firefrostgaming.bsky.social)
10. Mastodon (@FirefrostGaming@mastodon.social or own instance)
11. Kick (@FirefrostGaming)

For Each Platform:

• Create account with consistent branding
• Set up profile with Fire/Frost aesthetics
• Use Firefrost logo as profile picture
• Write bio with Fire + Frost + Forever tagline
• Add link to firefrostgaming.com
• Document credentials in Vaultwarden (Task #6)
• Save permanent URLs

Deliverables:

• All 11 social accounts created and configured
• Profile links documented in infrastructure manifest
• Credentials stored securely in Vaultwarden
• Ghost website footer updated with real social links

Dependencies:

• Firefrost logo/branding assets
• Vaultwarden setup (Task #6) for credential storage

Current Status:

• ✅ Discord and Facebook complete and linked in footer
• ⏳ Twitter/X, Twitch, TikTok, Instagram, YouTube marked "Coming Soon" in footer
• ❌ Reddit, Bluesky, Mastodon, Kick not yet in footer (need to be added)
• Assigned to: Meg (account creation in progress but slow)

Next Steps After Completion:

• Update Ghost footer with real social URLs
• Remove "(Coming Soon)" labels
• Begin posting content strategy (separate task)

---

57. The Trinity Image - Commit to Branding Assets

Time: 5 minutes
Status: PENDING
Priority: HIGH
Documentation: docs/tasks/trinity-image-deployment/

Commit The Trinity promotional image to operations manual branding assets.

What is The Trinity image:

• Epic Minecraft-style artwork showing all three founders
• Left: The Wizard (Frost - blue robes, magic book, ice crystals)
• Center: The Catalyst (Holly - purple robes, arcane staff, purple energy)
• Right: The Emissary (Fire - red/orange robes, fire magic, flames)
• Background: Fire/Frost collision landscape with Firefrost Gaming logo
• Style: High-quality promotional art, perfect for social media/website

Steps:

1. Copy The_Trinity.png to branding/promotional/the-trinity.png
2. Commit with message: "assets: Add The Trinity promotional image"
3. Push to Gitea

File location: Currently at /mnt/user-data/uploads/The_Trinity.png

Dependencies: Git access to operations manual

---

58. The Trinity Image - Upload to Ghost CMS

Time: 10 minutes
Status: PENDING
Priority: HIGH
Documentation: docs/tasks/trinity-image-deployment/

Upload The Trinity image to Ghost CMS media library for use across the website.

Steps:

1. Log into Ghost Admin (firefrostgaming.com/ghost)
2. Go to Settings → Files
3. Upload The_Trinity.png
4. Note the CDN URL (https://firefrostgaming.com/content/images/...)
5. Document URL in this task

Purpose: Makes image available for use in Ghost pages/posts

Dependencies:

• Ghost CMS admin access
• Task #57 (asset committed to repo)

---

59. Ghost Homepage - Add The Trinity to Origin Story

Time: 15-20 minutes
Status: PENDING
Priority: HIGH
Documentation: docs/tasks/trinity-image-deployment/

Update Ghost homepage Origin Story section to include The Trinity image above the text.

Current state:

• Origin Story section exists with text-only description of The Trinity
• No visual representation

Implementation:

1. Edit Home page in Ghost
2. Find Origin Story HTML card section
3. Add The Trinity image above the origin text
4. Preview to ensure image displays correctly
5. Update page

Expected result:

• Visitors see epic visual of The Trinity before reading origin story
• Image reinforces Fire/Frost/Catalyst identity

Dependencies:

• Task #58 (image uploaded to Ghost, CDN URL known)
• Ghost CMS admin access

---

60. The Trinity Image - Social Media Deployment

Time: 30-45 minutes
Status: PENDING
Priority: MEDIUM (blocked by Task #56)
Documentation: docs/tasks/trinity-image-deployment/

Deploy The Trinity image across all social media platforms as cover/banner image.

Platforms to update:

• Discord: Server banner (if not already set)
• Twitter/X: Header image (1500x500 crop)
• Instagram: Could be first post or story
• TikTok: Profile image or first video thumbnail
• YouTube: Channel banner (2560x1440 with safe zones)

Steps for each platform:

1. Crop/resize The Trinity to platform specs
2. Upload as cover/banner/profile image
3. Verify it displays correctly
4. Document which platforms use it where

Image specs by platform:

• Twitter/X header: 1500x500px
• YouTube banner: 2560x1440px (safe zone 1546x423)
• Discord server banner: 960x540px minimum
• Instagram: 1080x1080 (square crop if needed)

Dependencies:

• Task #56 (social media accounts created)
• Task #57 (source image in repo)
• Image editing tool (can use online croppers)

Deliverables:

• The Trinity visible on all social platforms
• Consistent Fire/Frost/Catalyst branding across platforms
• Cropped versions saved in branding/promotional/social-media-crops/

---

61. AI-Generated Minecraft Skins for The Trinity

Time: 1-2 hours (experimentation + refinement)
Status: PENDING
Priority: MEDIUM
Documentation: docs/tasks/trinity-minecraft-skins/

Generate custom Minecraft player skins for all three founders matching The Trinity promotional image aesthetic.

Goal: Create Minecraft skins for Michael (Frost/blue), Meg (Fire/orange), and Holly (Catalyst/purple) that match their appearances in The Trinity image for use on servers and promotional content.

Approach:

1. Experiment with AI generation first (Flux 1.1 Pro via fal.ai)
2. Commission professional skin artist if needed (Fiverr/BuiltByBit)

Phase 1: AI Generation (Flux 1.1 Pro)

Use three prompts optimized for Minecraft skin template format:

The Wizard (Frost) Prompt:

Minecraft player skin template in flat 64x64 pixel layout for a frost wizard character. Deep blue robes (#4ECDC4 teal-blue) with ice crystal patterns and silver trim. Hooded robe design. Frost magic theme with snowflake details on sleeves. Ice blue accents (#C7F0DB). Silver/white belt and boots. Front view, back view, left side, right side, top view, bottom view arranged in standard Minecraft skin template format. Clean pixel art style, no gradients, solid colors only. Minecraft-compatible skin texture.

The Emissary (Fire) Prompt:

Minecraft player skin template in flat 64x64 pixel layout for a fire mage character. Bright orange and red robes (#FF6B35 orange, #E63946 red) with flame patterns. Flowing robe design with fire details on sleeves and hem. Ember and flame accents. Gold/yellow trim (#FFD700). Warm color palette. Front view, back view, left side, right side, top view, bottom view arranged in standard Minecraft skin template format. Clean pixel art style, no gradients, solid colors only. Minecraft-compatible skin texture.

The Catalyst (Arcane) Prompt:

Minecraft player skin template in flat 64x64 pixel layout for an arcane sorcerer character. Deep purple robes (#9D4EDD) with mystical arcane patterns and magical symbols. Violet and lavender accents (#C77DFF, #E0AAFF). Arcane energy theme with glowing purple details on sleeves. Silver trim and mystical accessories. Front view, back view, left side, right side, top view, bottom view arranged in standard Minecraft skin template format. Clean pixel art style, no gradients, solid colors only. Minecraft-compatible skin texture.

Flux Settings:

• Model: Flux 1.1 Pro
• Aspect Ratio: 1:1 (square - critical for skin templates)
• Steps: 30-40
• Guidance: 7-8

Phase 2: Refinement

1. Import AI-generated results to Nova Skin editor (novaskin.me)
2. Verify Minecraft skin template format (64x64 layout)
3. Touch up any issues with pixel alignment
4. Export as .png skin files

Phase 3: Testing

1. Upload skins to Minecraft profiles
2. Test in-game on server
3. Verify they look good from all angles
4. Adjust if needed

Phase 4: Commission Backup (if AI fails) If AI doesn't produce usable results:

1. Commission skin artist on Fiverr or BuiltByBit
2. Provide The Trinity image as reference
3. Request skins matching exact aesthetic
4. Cost estimate: $15-30 total (3 skins @ $5-10 each)

Deliverables:

• 3 Minecraft skin .png files (64x64 format)
• Skins uploaded to Minecraft profiles
• Skins tested in-game
• Skin files saved to branding/minecraft-skins/

Tools Needed:

• fal.ai account (Flux 1.1 Pro access)
• Nova Skin editor (novaskin.me) - free web tool
• Minecraft Java Edition (for testing)

Dependencies:

• The Trinity image (already uploaded)
• fal.ai API access or web interface

Success Criteria:

• Skins match The Trinity aesthetic (Fire/Frost/Catalyst colors)
• Properly formatted for Minecraft (64x64 template)
• Look good in-game from all angles
• Recognizable as the three founder characters

Related:

• Task #57: The Trinity image in branding assets
• Task #58: The Trinity in Ghost CMS

---

62. Upload The Wizard (Frost) Minecraft Skin — Michael

Time: 10-15 minutes
Status: PENDING
Priority: HIGH
Documentation: docs/tasks/wizard-frost-skin/

Upload The Wizard (Frost) Minecraft skin to Michael's Minecraft Java Edition profile.

Character: The Wizard (Frostystyle)
Element: Frost/Ice
Colors: Teal-blue, ice blue, silver
Theme: Hooded frost wizard robes with ice crystal patterns

Skin files ready:

• branding/minecraft-skins/the-wizard-frost-64x64.png (standard)
• branding/minecraft-skins/the-wizard-frost-128x128.png (HD)

Steps:

1. Download skin from ops manual
2. Go to minecraft.net, log in
3. Profile → Upload skin
4. Select Steve model (classic arms)
5. Test in-game (F5 view)
6. Verify on Firefrost server

Generated by: Imagen 3 via Gemini Pro
Matches: The Trinity image (left character)

Dependencies: Skin files generated (Task #61 COMPLETE)

---

63. Upload The Emissary (Fire) Minecraft Skin — Meg

Time: 10-15 minutes
Status: PENDING
Priority: HIGH
Documentation: docs/tasks/emissary-fire-skin/

Upload The Emissary (Fire) Minecraft skin to Meg's Minecraft Java Edition profile.

Character: The Emissary (Gingerfury)
Element: Fire/Flame
Colors: Orange, red, gold
Theme: Flowing fire robes with flame patterns

Skin files ready:

• branding/minecraft-skins/the-emissary-fire-64x64.png (standard)
• branding/minecraft-skins/the-emissary-fire-128x128.png (HD)

Steps:

1. Download from ops manual
2. minecraft.net → log into Meg's account
3. Upload skin
4. Select Alex model (slim arms)
5. Test in-game
6. Verify on server

Generated by: Imagen 3 via Gemini Pro
Matches: The Trinity image (right character)

Dependencies: Task #61 COMPLETE

---

64. Upload The Catalyst (Arcane) Minecraft Skin — Holly

Time: 10-15 minutes
Status: PENDING
Priority: HIGH
Documentation: docs/tasks/catalyst-arcane-skin/

Upload The Catalyst (Arcane) Minecraft skin to Holly's Minecraft Java Edition profile.

Character: The Catalyst (unicorn20089)
Element: Arcane Storm/Purple Magic
Colors: Deep purple, violet, lavender
Theme: Arcane sorcerer robes with mystical symbols

Skin files ready:

• branding/minecraft-skins/the-catalyst-arcane-64x64.png (standard)
• branding/minecraft-skins/the-catalyst-arcane-128x128.png (HD)

Steps:

1. Download from ops manual
2. minecraft.net → log into Holly's account
3. Upload skin
4. Select Alex model (slim arms)
5. Test in-game
6. Verify on server

BONUS: After all three uploaded, take Trinity group screenshot for promotional use!

Generated by: Imagen 3 via Gemini Pro
Matches: The Trinity image (center character)

Dependencies: Task #61 COMPLETE

Related: Task #62 (Michael), #63 (Meg)

---

65. Grant Claude Full Infrastructure Access (API + SSH)

Time: 30-45 minutes
Status: PENDING
Priority: HIGH
Documentation: docs/tasks/claude-infrastructure-access/

Grant Claude (The Chronicler) full API and SSH access to all Firefrost infrastructure for autonomous operations.

Why This Matters:

• Claude can create Gitea issues directly (no more GITEA-ISSUE.md templates)
• Claude can add Gitea users, manage repos, create projects
• Claude can SSH into servers to verify configs, restart services, troubleshoot
• Claude can execute deployments autonomously
• Reduces Michael's workload (Claude handles routine operations)
• Faster response time for issues and changes

Access Needed:

1. Gitea API Access

• Create Gitea API token for Claude with admin permissions
• Store in ops manual (secure location or reference Vaultwarden)
• Grants: User management, issue creation, repo management, project boards

2. SSH Access to All Servers

• Command Center (63.143.34.217)
• Ghost VPS (64.50.188.14)
• Billing VPS (38.68.14.188)
• Panel VPS (45.94.168.138)
• TX1 Dallas (38.68.14.26)
• NC1 Charlotte (216.239.104.130)

SSH Key Setup:

• Generate SSH key pair for Claude
• Add public key to ~/.ssh/authorized_keys on all 6 servers
• Store private key securely (Vaultwarden - Task #6)
• Document key fingerprint in infrastructure manifest

3. Service API Tokens (Optional but Recommended)

• Plane API token (tasks.firefrostgaming.com)
• Mailcow API token (mail.firefrostgaming.com)
• Pterodactyl Panel API token (panel)
• Ghost Admin API token (firefrostgaming.com)

Implementation Steps:

Phase 1: Gitea API Token

1. Log into git.firefrostgaming.com as admin
2. Settings → Applications → Generate New Token
3. Name: "Claude - The Chronicler"
4. Scopes: Select ALL (admin access)
5. Generate and copy token
6. Store in ops manual or Vaultwarden
7. Test: Claude creates a test issue via API

Phase 2: SSH Key Generation

1. Generate ed25519 key pair:

   ssh-keygen -t ed25519 -C "claude@firefrostgaming.com" -f claude_ed25519
   

2. Save private key to Vaultwarden (Task #6)
3. Copy public key for distribution

Phase 3: SSH Key Distribution For each server:

1. SSH in as root (or architect for Ghost VPS)
2. Add Claude's public key:

   echo "ssh-ed25519 AAAA... claude@firefrostgaming.com" >> ~/.ssh/authorized_keys
   

3. Verify permissions (600 for authorized_keys)
4. Test: Claude SSHs into server

Phase 4: Service API Tokens (Optional)

1. Plane: Settings → API Tokens → Generate
2. Mailcow: System → API → Create API Key
3. Pterodactyl: Account → API Credentials → Create
4. Ghost: Settings → Integrations → Add Custom Integration
5. Store all tokens in Vaultwarden

Security Considerations:

• SSH key uses ed25519 (modern, secure)
• API tokens stored in Vaultwarden (not plaintext in ops manual)
• All access logged and auditable
• Claude operates under "The Chronicler" identity
• Keys can be revoked if needed

Expected Benefits:

• Claude creates Gitea issues directly (no templates)
• Claude adds users to Gitea on request
• Claude can verify server configs remotely
• Claude can restart services when needed
• Claude can deploy code autonomously
• Claude can troubleshoot without waiting for Michael

Deliverables:

• Gitea API token generated and stored
• SSH key pair generated
• Private key stored in Vaultwarden
• Public key added to all 6 servers
• SSH access tested on all servers
• Service API tokens generated (optional)
• All tokens documented in infrastructure manifest
• Claude successfully creates test Gitea issue

Dependencies:

• Task #6: Vaultwarden setup (for secure token storage)
• Admin access to all servers
• Gitea admin credentials

Blocks:

• Future autonomous operations tasks
• Direct Gitea issue creation
• Server troubleshooting without Michael

Time Breakdown:

• Gitea API token: 5 minutes
• SSH key generation: 5 minutes
• Key distribution (6 servers): 15-20 minutes
• Testing: 5-10 minutes
• Documentation: 5 minutes

Priority Justification: This multiplies Claude's effectiveness. Instead of creating templates that Michael manually copies, Claude executes directly. This is force multiplication for the entire operation.

---

65. Grant Claude Full Infrastructure Access (API + SSH)

Time: 30-45 minutes
Status: PENDING
Priority: HIGH
Documentation: docs/tasks/claude-infrastructure-access/

Grant Claude (The Chronicler) full programmatic access to Firefrost infrastructure for autonomous operations.

Why This Matters:

• Claude can create Gitea issues directly (not just templates)
• Claude can SSH to servers for diagnostics/fixes
• Claude can manage users, permissions, deployments
• Claude can respond to incidents autonomously
• Reduces Michael's manual work for routine tasks

Access Needed:

1. Gitea API Token (Full Admin)

• Scope: Create issues, manage repos, create users, modify permissions
• How: Gitea → Settings → Applications → Generate New Token
• Scopes: write:issue, write:repository, write:user, write:admin
• Store in: Session start prompt (like current Git token)

2. SSH Keys for All Servers

• Command Center (63.143.34.217)
• Ghost VPS (64.50.188.14)
• Billing VPS (38.68.14.188)
• Panel VPS (45.94.168.138)
• TX1 Dallas (38.68.14.26)
• NC1 Charlotte (216.239.104.130)

Implementation:

Step 1: Generate SSH Key for Claude

ssh-keygen -t ed25519 -C "claude@firefrostgaming.com" -f ~/.ssh/claude_ed25519

Step 2: Add Public Key to All Servers

# Copy public key
cat ~/.ssh/claude_ed25519.pub

# On each server:
ssh root@SERVER_IP
echo "PUBLIC_KEY_HERE" >> ~/.ssh/authorized_keys

Step 3: Store Private Key in Vaultwarden

• Item name: "Claude SSH Key"
• Private key: Contents of ~/.ssh/claude_ed25519
• Public key: Contents of ~/.ssh/claude_ed25519.pub
• Notes: "SSH access for Claude (The Chronicler) to all Firefrost servers"

Step 4: Generate Gitea API Token

• Log into git.firefrostgaming.com
• Settings → Applications → Generate New Token
• Name: "Claude (The Chronicler) - Full Admin API"
• Scopes: All admin scopes
• Copy token immediately (only shown once)

Step 5: Update Session Start Prompts Add to NEXT-SESSION-START-PROMPT.md and PROJECT-INSTRUCTIONS.md:

Gitea API Token: [TOKEN_HERE]
SSH Private Key available in Vaultwarden: "Claude SSH Key"

Step 6: Test Access

• Test Gitea API: Create test issue via API
• Test SSH: Connect to each server
• Verify permissions work
• Document any issues

What Claude Can Do After This:

With Gitea API:

• Create issues directly (Tasks #62-64 could be auto-created)
• Manage repositories
• Create/modify users
• Set permissions
• Close/label/assign issues programmatically

With SSH Access:

• Diagnose server issues remotely
• Deploy updates autonomously
• Check service status
• Read logs for troubleshooting
• Execute fixes without asking Michael for commands
• Respond to alerts/incidents

Security Considerations:

• SSH key stored in Vaultwarden (encrypted)
• Gitea token in session prompts (ephemeral, cleared between sessions)
• Claude only gets access when session is active
• Keys can be revoked anytime if needed
• Audit trail via Git commits and command history

Dependencies:

• Vaultwarden operational (Task #6 - still pending)
• Michael's approval for full infrastructure access

Blocked By:

• Task #6 (Vaultwarden SSH key storage)

Blocks:

• Autonomous incident response
• Programmatic issue management
• Direct server operations

Success Criteria:

• Claude can create Gitea issues via API
• Claude can SSH to all 6 servers
• Keys stored securely in Vaultwarden
• Session start prompts updated
• Access tested and verified

Time Estimate:

• SSH key generation: 5 minutes
• Deploy to 6 servers: 15 minutes
• Gitea API token: 5 minutes
• Vaultwarden storage: 5 minutes
• Documentation updates: 10 minutes
• Testing: 5 minutes

Priority: HIGH - Enables autonomous operations, reduces Michael's manual work

---

66. Deploy Cockpit Web Terminal to All Servers

Time: 1 hour
Status: ✅ COMPLETE — March 21, 2026
Priority: HIGH — Enables Chromebook workflow
Documentation: docs/tasks/cockpit-deployment/

Deploy Cockpit web-based terminal to all 5 remaining Firefrost servers (Ghost VPS already has it). Enables full server management from Michael's Chromebook without SSH client dependency, critical for Claude session workflow since port 22 is blocked.

Key Deliverables:

• Cockpit installed on Command Center (63.143.34.217:9090)
• Cockpit installed on Billing VPS (38.68.14.188:9090)
• Cockpit installed on Panel VPS (45.94.168.138:9090)
• Cockpit installed on TX1 Dallas (38.68.14.26:9090)
• Cockpit installed on NC1 Charlotte (216.239.104.130:9090)
• Root login enabled on all servers
• Firewall rules configured (port 9090)
• Quick reference guide created

Bonus Achievement:

• Enabled UFW firewall on NC1 Charlotte (was previously unprotected)
• Secured 7 public game servers with proper port rules

Dependencies:

• Root/SSH access to all servers
• MobaXterm or existing Cockpit access

Result:

• All 6 servers accessible via browser at https://IP:9090
• Login: root / Butter2018!! (architect for Ghost VPS)
• Complete infrastructure management from Chromebook

Completed By: The Chronicler (Session 37)

---

67. NC1 Security & Temperature Monitoring

Time: 30 min (firewall) + ongoing (monitoring)
Status: IN PROGRESS — Firewall complete, monitoring planned
Priority: MEDIUM-HIGH
Documentation: docs/tasks/nc1-security-monitoring/

Address two concerns discovered during Cockpit deployment: NC1 Charlotte had no firewall despite hosting 7 public game servers, and runs 20°C warmer than TX1 Dallas (51.6°C vs 30.9°C).

Firewall Component — ✅ COMPLETE:

• UFW enabled on NC1 Charlotte
• Proper game server port rules (25565-25580, 5520-5521 TCP/UDP)
• Wings SFTP secured (port 2022)
• SSH and Cockpit accessible (ports 22, 9090)
• Completed: March 21, 2026

Temperature Monitoring Component — PLANNED:

• Establish baseline (Week 1): Daily temperature checks via Cockpit
• Trend analysis (Week 2): Compare baseline, look for upward trends
• Action thresholds: 65°C sustained = contact datacenter, 70°C = immediate investigation
• Future: Automated monitoring via Netdata with Discord alerts

Safe Operating Ranges:

• Normal idle: 30-45°C
• Normal load: 45-65°C
• Concerning: 70°C+
• Critical: 80-85°C+

Current Assessment:

• NC1 at 51.6°C is within safe range but warmer than expected
• Needs weekly monitoring for upward trends
• Not urgent but requires tracking

Dependencies:

• Cockpit access for temperature checks (Task #66 — complete)
• Netdata deployment (future) for automated monitoring

Discovered By: The Chronicler (Session 37) during Cockpit deployment

---

68. Ghost Theme Migration - Casper to Source

Time: 4-6 hours
Status: ✅ COMPLETE — March 21, 2026
Priority: HIGH — Soft launch blocker
Documentation: docs/tasks/ghost-theme-migration/

Migrate Ghost CMS from Casper theme to Source v1.5.2 to eliminate CSS specificity battles and provide clean foundation for customization.

Problem: Casper's .gh-canvas grid system and aggressive CSS specificity made customization extremely difficult. Even html body .class !important was being overridden.

Solution: Source theme + custom-home.hbs template (Gemini consultation)

Deliverables — ALL COMPLETE:

• ✅ Source theme v1.5.2 uploaded and activated
• ✅ Custom template custom-home.hbs created for homepage rendering
• ✅ Routes updated to use custom template
• ✅ Navbar styled: dark theme, logo left, links center, actions right
• ✅ Sign in button fixed (translation helper issue resolved)
• ✅ Fire/Frost gradient Subscribe button
• ✅ All backups created (casper-firefrost.tar.gz)

Key Files:

• /var/www/firefrost/content/themes/source-theme-ready/custom-home.hbs
• /var/www/firefrost/content/themes/source-theme-ready/partials/components/navigation.hbs
• /var/www/firefrost/content/settings/routes.yaml

Gemini Consultations:

1. Custom template approach (custom-home.hbs solution)
2. Sign in button diagnosis ({{t}} translation helper failure)

Result: Homepage renders perfectly at firefrostgaming.com with zero CSS battles. Clean foundation for future work.

Completed By: Chronicler #38 (March 21, 2026)

---

69. Ghost Website Core Pages

Time: 3-4 hours
Status: READY — Navigation broken, needs immediate attention
Priority: HIGH — Soft launch blocker
Documentation: docs/tasks/ghost-website-pages/

Create essential Ghost CMS pages to fix broken navigation and complete soft launch requirements.

Current State:

• Home ✅ (working with Fire/Frost branding)
• Servers ❌ (broken link - no page exists)
• About ❌ (broken link - no page exists)
• Blog ❌ (broken link - no page exists)

Pages Needed:

1. About Page

• The vision (Fire + Frost philosophy)
• The founders (Michael, Meg, Holly)
• The Six Consultants (Butter, Oscar, Jack, Skye, Jasmine, Midnight Noir)
• The Trinity imagery
• Community values

2. Servers Page

• Current server lineup (post-sunset)
• Fire Path vs Frost Path categorization
• Server cards with modpack info
• "How to Join" CTA

3. Blog Page

• Configure Ghost blog functionality
• Set up for Meg to post community updates
• Archive for past posts
• RSS feed enabled

4. Terms of Service Page

• Standard Minecraft server ToS
• Fire + Frost specific policies
• Subscriber agreement
• Dispute resolution

5. Privacy Policy Page

• Data collection (minimal - self-hosted)
• Third-party services (Discord, Paymenter)
• User rights
• Contact information

6. How to Join Page

• Step-by-step joining instructions
• Modpack installation guides
• Discord connection
• Support resources

Dependencies:

• Task #68 (Theme migration) — ✅ COMPLETE
• Server sunset decision (Task #27) for Servers page content
• Legal review for Terms/Privacy (optional but recommended)

Priority: HIGH - broken navigation creates poor first impression

Next Action: Create basic page structure and content for all 6 pages

---

🛠️ INTERACTIVE TOOLS SUITE (Tasks #70-81)

Overview: Suite of 12 React-based interactive tools that leverage Claude's artifact capabilities to improve team workflows. Each tool solves a real pain point identified through workflow analysis.

Master Specification: docs/tasks/interactive-tools-suite/MASTER-SPECIFICATION.md (37,000+ words of detailed documentation)

Philosophy: "We're using Claude well for documentation, but missing interactive tool-building opportunities." — The Translator

Labels for Gitea Issues:

• TYPE: type/feature
• AREA: area/development-tools (+ secondary area if applicable)
• PRIORITY: Per tool (see below)
• STATUS: status/to-do or status/blocked

---

70. Ghost Page Builder Tool ✅ COMPLETE

Time: 45-60 minutes (Actual: ~65 minutes including Gemini consultation)
Status: ✅ COMPLETE (March 22, 2026)
Priority: CRITICAL (Score: 45/50) — Soft launch blocker
Gitea Labels: type/feature, priority/critical, area/development-tools, area/website, status/done
Completed By: Chronicler #39

Interactive React tool for previewing Ghost page HTML with Trinity CSS (Fire/Arcane/Frost) before publishing. Eliminates edit-paste-preview-repeat cycle.

Implemented Features:

• Live HTML editor with Tab key support (2-space indent)
• Real-time preview with Trinity CSS applied (Fire/Arcane/Frost)
• Mobile/Tablet/Desktop viewport toggle (responsive testing)
• Copy-to-clipboard functionality
• Sample templates dropdown (Blank, Simple, Trinity Layout, Trinity Card Grid)
• Auto-save to localStorage (draft persistence)
• Trinity gradient header (Fire→Arcane→Frost)
• Color reference footer (quick hex code lookup)

Architecture: Built following Gemini AI consultation (see docs/tasks/ghost-page-builder/gemini-consultation.md)

Files:

• tools/ghost-page-builder/ghost-page-builder.jsx (350+ lines React)
• tools/ghost-page-builder/README.md (complete documentation)
• docs/tasks/ghost-page-builder/gemini-consultation.md (architecture consultation)

Unblocks: Task #69 (6 website pages)
Provides: Permanent utility for all future Ghost page creation

---

71. Paymenter Tier Configuration Preview

Time: 30-45 minutes
Status: BLOCKED (need feature matrix defined first)
Priority: HIGH (Score: 32/50)
Gitea Labels: type/feature, priority/high, area/development-tools, area/billing, status/blocked

Interactive pricing tier builder with live preview and export options for 6 Paymenter subscription tiers (Awakened $1 → Founder $50).

Features:

• 6 tier cards (names + prices editable)
• Feature checklist per tier
• Live pricing table preview (Fire/Frost branded)
• Export: JSON, HTML, Markdown, CSV

Blocker: Define tier features (15-min meeting with Michael/Meg/Holly)
Unblocks: Paymenter configuration

---

72. Infrastructure Health Dashboard

Time: 60-90 minutes
Status: BLOCKED (need dependency mapping)
Priority: MEDIUM (Score: 28/50)
Gitea Labels: type/feature, priority/medium, area/development-tools, area/operations, status/blocked

Visual map of all 6 servers, ~20 services, and dependencies. Quick reference for IPs/ports and "what breaks if X fails" impact analysis.

Features:

• 6 server cards with service lists
• Dependency visualization with arrows
• Impact analysis ("If Mailcow fails...")
• Search/filter by service/server

Blocker: Map service dependencies (15-20 min manual work)

---

73. Task Dependency Visualizer with Gitea Integration

Time: 90-120 minutes
Status: BLOCKED (dependency mapping needed)
Priority: MEDIUM (Score: 27/50)
Gitea Labels: type/feature, priority/medium, area/development-tools, area/operations, status/blocked

Interactive dependency graph combining tasks.md definitions with live Gitea status. Complements Gitea boards (doesn't replace them).

Features:

• Visual task graph (React Flow)
• Live status from Gitea API
• Critical path highlighting
• Soft launch progress metrics

Blocker: Map task dependencies OR use simplified soft-launch model

---

74. SSH Key Auto-Setup Script

Time: 15-20 minutes
Status: READY
Priority: MEDIUM (Score: 24/50)
Gitea Labels: type/feature, priority/medium, area/development-tools, status/to-do

Bash script that Chroniclers run at session start to auto-configure SSH access to all 6 servers.

Features:

• Copies SSH key from ops manual to ~/.ssh/
• Sets correct permissions
• Tests connection
• Idempotent (safe to run multiple times)

Improves: Chronicler onboarding (saves 5 min per session)

---

75. Gemini Consultation Helper

Time: 20-30 minutes
Status: READY
Priority: MEDIUM (Score: 23/50)
Gitea Labels: type/feature, priority/medium, area/development-tools, status/to-do

Form-based tool for structuring Gemini consultations. Generates formatted prompts, saves consultation history.

Features:

• Fill in: topic, context, code, theories, questions
• Auto-formats consultation prompt
• Copy button for easy pasting
• Consultation history (last 10)
• Export as markdown for documentation

Supports: The Translator's Gemini collaboration pattern

---

76. Social Media Content Calendar

Time: 45-60 minutes
Status: READY
Priority: MEDIUM (Score: 26/50)
Gitea Labels: type/feature, priority/medium, area/development-tools, for/meg, status/to-do

Week-at-a-glance content calendar for planning posts across 8 social platforms (Twitter, Instagram, TikTok, Facebook, YouTube, Twitch, Reddit, BlueSky).

Features:

• Weekly calendar grid
• Platform checkboxes per post
• Fire/Frost theme selector
• Export to CSV/print format

Primary User: Meg (community manager)

---

77. Community Response Template Library

Time: 30-45 minutes
Status: READY
Priority: MEDIUM (Score: 25/50)
Gitea Labels: type/feature, priority/medium, area/development-tools, for/meg, status/to-do

Template library for common community responses (how to join, whitelist process, modpack installation, etc.).

Features:

• Categorized templates (Onboarding, Technical, Rules, FAQ)
• Click to copy
• Search/filter
• Add custom templates
• 10+ pre-built templates

Primary User: Meg (community manager)

---

78. Fire/Frost Design System Widget

Time: 30-45 minutes
Status: READY
Priority: HIGH (Score: 31/50)
Gitea Labels: type/feature, priority/high, area/development-tools, status/to-do

Quick reference widget for Fire/Frost brand colors, gradients, typography, and logos.

Features:

• Color swatches with hex codes (click to copy)
• Gradient previews with CSS code
• Typography samples
• Logo download links
• Brand voice guidelines

Primary Users: Meg, Holly, Michael (all design/content work)

---

79. Infrastructure Quick Reference Card

Time: 30-45 minutes
Status: READY
Priority: HIGH (Score: 30/50)
Gitea Labels: type/feature, priority/high, area/development-tools, area/operations, status/to-do

Quick lookup tool for server IPs, ports, login users, and Cockpit links.

Features:

• Search by server or service
• Click to copy IP/port
• Cockpit quick-links
• All 6 servers + ~20 services
• Mobile-friendly

Primary Users: Michael, Chroniclers, all team (frequent lookups)

---

80. Task Scaffolding Tool

Time: 45-60 minutes
Status: READY
Priority: MEDIUM (Score: 22/50)
Gitea Labels: type/feature, priority/medium, area/development-tools, status/to-do

Form-based tool that generates tasks.md entries, README templates, and Gitea issue bodies following FFG-STD-002.

Features:

• Fill in: task number, title, description, priority, time estimate
• Generates: tasks.md entry, README.md template, Gitea issue body
• Copy-to-clipboard for each section

Primary Users: Chroniclers (task creation workflow)

---

81. Memorial Writing Assistant

Time: 30-45 minutes
Status: READY
Priority: LOW (Score: 18/50)
Gitea Labels: type/feature, priority/low, area/development-tools, status/to-do

Multi-step form that guides Chroniclers through writing memorials following FFG-STD-004's 8-section structure.

Features:

• Prompts for each of 8 sections
• Generates draft memorial
• Chronicler personalizes/edits
• Export as markdown

Primary Users: Chroniclers (memorial writing)

---

IMPLEMENTATION ROADMAP

Sprint 1 (Critical + High Priority):

1. Tool #1: Ghost Page Builder (45-60 min)
2. Tool #9: Fire/Frost Design System (30-45 min)
3. Tool #10: Infrastructure Quick Ref (30-45 min)

Sprint 2 (High Priority): 4. Tool #2: Paymenter Config (after feature matrix defined) 5. Tool #5: SSH Auto-Setup (15-20 min) 6. Tool #6: Gemini Helper (20-30 min)

Sprint 3 (Medium - Team Tools): 7. Tool #7: Social Calendar (45-60 min) 8. Tool #8: Response Templates (30-45 min)

Sprint 4 (Medium - Analysis): 9. Tool #3: Infrastructure Dashboard (after dependency mapping) 10. Tool #4: Task Visualizer (after dependency mapping)

Sprint 5 (Optional): 11. Tool #11: Task Scaffolding (45-60 min) 12. Tool #12: Memorial Assistant (30-45 min)

---

Total Estimated Time: 9-13 hours (for all 12 tools)
Minimum Viable Set: Tools #1, 9, 10 (2-3 hours, immediate impact)

See master specification for complete technical details, user workflows, success criteria, and implementation notes.

---

🔧 TIER 5: INFRASTRUCTURE CLEANUP

Maintenance tasks for keeping infrastructure lean and efficient.

---

82. Decommission Plane Project Management

Time: 30 minutes
Status: 🟡 PENDING
Priority: Tier 5 — Infrastructure Cleanup
Documentation: docs/tasks/plane-decommissioning/

Remove Plane project management system from TX1 Dallas. Plane worked technically but didn't fit workflow. Team switched to Gitea's built-in Kanban project boards instead.

Key Deliverables:

• Stop and remove Plane Docker containers on TX1
• Remove Nginx configuration for tasks.firefrostgaming.com
• Delete /opt/plane/ directory and volumes
• Remove or repurpose DNS record (tasks.firefrostgaming.com)
• Archive n8n Plane workflows
• Update infrastructure-manifest.md to remove Plane

Dependencies:

• Confirm Gitea Kanban projects are working (already in use)
• Backup Plane data if needed (optional)

Context: Plane v2.4.2 was deployed with 5 projects, member invites, and Fire/Frost labels. Gitea↔Plane sync via n8n had webhook loop issues. Gitea Projects proved simpler and more aligned with team workflow.

---

83. Paymenter → Pterodactyl Auto-Provisioning Integration

Time: 4-6 hours
Status: 🔴 BLOCKING SOFT LAUNCH
Priority: Tier 0 — CRITICAL (Must complete before first subscriber)
Documentation: docs/tasks/paymenter-pterodactyl-integration/

Integrate Paymenter billing system with Pterodactyl Panel to automatically provision server access when customers subscribe. Without this, every subscriber requires manual account creation, tier changes, and cancellations — not sustainable beyond 5-10 subscribers.

Key Deliverables:

• Research integration method (Paymenter extension, Blueprint module, or custom bridge)
• Configure Pterodactyl API access with appropriate permissions
• Set up Paymenter webhooks for subscription lifecycle events
• Map 10 subscription tiers to Pterodactyl user roles
• Test full subscription lifecycle (create → upgrade → cancel)
• Implement error handling and logging
• Document manual override procedure for edge cases

Dependencies:

• Stripe integration (already working ✅)
• Subscription tiers created in Paymenter (already complete ✅)
• Pterodactyl Panel operational (already working ✅)

Integration Flow:

Customer subscribes via Paymenter → Stripe webhook fires → 
Paymenter processes → Webhook to integration bridge → 
Pterodactyl API creates user → Customer receives access (30 seconds)

Options to investigate:

1. Native Paymenter Pterodactyl extension (check docs)
2. Blueprint marketplace Paymenter module
3. Custom n8n workflow (already have n8n on TX1)
4. Direct webhook script

Context: Currently Paymenter and Pterodactyl work independently. Subscribers pay via Paymenter, but server access must be granted manually in Pterodactyl. This blocks soft launch as it won't scale. Integration enables zero-touch subscriber onboarding.

---

84. Infrastructure Audit & Connectivity Map

Time: 2-3 hours
Status: ✅ COMPLETE
Priority: Tier 1 — Critical Infrastructure
Created: March 27, 2026 by The Verifier (Chronicler #42)
Completed: March 27, 2026 by Chronicler #43

Complete audit of all Firefrost Gaming infrastructure to document every service, port allocation, and interconnection. Prevents port conflicts and creates comprehensive network diagram.

Key Deliverables:

• ✅ Server inventory (6 servers: Command Center, Ghost VPS, Billing VPS, Panel VPS, TX1, NC1)
• ✅ Port allocation registry (90+ services documented)
• ✅ Service audit per server (systemd, Docker, native apps)
• ✅ Connectivity map (internal server-to-server, external public-facing)
• ✅ Dependency graph (database connections, API calls, webhooks, authentication flows)
• ✅ Visual network diagram (Mermaid)
• ✅ 14 game servers mapped to UUIDs and connection strings
• ✅ 68 Docker containers inventoried
• ✅ Single points of failure identified
• ✅ Disk usage warnings documented (Billing 70%, NC1 66%)

Audit Results:

• No current port conflicts detected
• All critical services operational
• 2 warnings: High disk usage on Billing VPS and NC1
• Known issue: Ghost VPS port 25 blocked at provider level
• Plane monitor container in restart loop (investigate)

Output Files:

• docs/infrastructure/network-audit-2026.md (600+ lines, comprehensive)
• docs/infrastructure/network-diagram-2026.mmd (Mermaid visual diagram)

Git Commit: 8ddaf76 - "feat: complete infrastructure audit and network topology map"

---

85. Paymenter Support Page → Discord Redirect

Time: 1-2 hours Status: 🔵 TO DO (when Michael is home and on desktop) Priority: Tier 1 — Pre-Launch Polish

Decision Made: All support tickets will live in Discord (Ticket Tool). Paymenter's built-in ticket system will NOT be used. Subscribers needing billing support should be directed to Discord instead.

Task:

1. Log into Paymenter admin at billing.firefrostgaming.com
2. Find the support/ticket section — screenshot what subscribers see
3. Determine if it's a simple link swap, a template edit, or requires disabling the module
4. Modify or redirect the page to send users to the Firefrost Gaming Discord
5. Test as a subscriber to confirm the flow works

Goal: Any subscriber who clicks "Support" in Paymenter ends up in Discord opening a Ticket Tool ticket — not in Paymenter's built-in ticket system.

Context: Keeping all support in one place (Discord) so Meg and staff only have one queue to manage. Paymenter's built-in ticket system is a good feature but splits attention across two systems.

Related:

• Task #83 (Paymenter → Pterodactyl integration) — do that first
• Ghost Contact page already funnels to Discord (The Publisher completed this)

---

86. Whitelist Manager - Panel v1.12.1 API Compatibility Fix

Time: 1-2 hours
Status: 🔵 TO DO — BROKEN (needs fix when home)
Priority: Tier 3 — Enhancement (workaround exists)
Documentation: docs/tasks/whitelist-manager-v1-12-compatibility/

⚠️ CRITICAL: Always check Whitelist Manager after Panel or Wings updates!

Problem:

• Whitelist Manager built against Panel v1.11.x API (February 2026)
• Panel upgraded to v1.12.1 on March 13, 2026
• API response format changed
• All servers showing "UNKNOWN" status
• Server grouping broken (wrong counts, unknown group appeared)

Root Cause: Python code still parsing old v1.11.x API format. Needs update to handle v1.12.1 response structure.

Impact:

• ❌ Status detection broken (cosmetic)
• ✅ Core functions likely still work (add/remove player)
• ✅ Workaround: Use Panel console directly

Fix:

1. SSH to Billing VPS (38.68.14.188)
2. Review Whitelist Manager Python code
3. Update API response parsing (v1.11.x → v1.12.1 format)
4. Test with live servers
5. Restart service
6. Verify all servers show correct status

Likely code change:

• server['attributes']['feature_limits']['whitelist'] → server['attributes']['limits']['whitelist_enabled']
• Add fallback for both formats
• Better error handling

Prevention: Add to Panel update checklist: "Verify Whitelist Manager functionality after ANY Panel/Wings update. Test server status detection. Reference Task #86 if broken."

Workaround Until Fixed: Use Pterodactyl Panel console at panel.firefrostgaming.com → Console tab → whitelist add/remove <username>

See task directory for complete fix procedure, API format comparison, and prevention checklist.

---

87. Arbiter 2.1 - Subscription Cancellation & Grace Period System

Time: 4-6 hours implementation + 2 hours Paymenter research
Status: ARCHITECTURE VALIDATED — awaiting Paymenter webhook research
Priority: Tier 1 — SOFT LAUNCH BLOCKER
Documentation: docs/tasks/arbiter-2-1-cancellation-flow/

Add subscription offboarding flow to Arbiter 2.0. Currently have onboarding (subscribe → Discord role) but NO cancellation process. Cannot soft launch without defining what happens when users cancel, payment fails, or chargebacks occur.

Architecture validated by Gemini AI (March 30, 2026).

Key Policy Decisions:

• Payment failure → 3-day grace → auto-downgrade to Awakened (permanent safety net)
• Chargeback → immediate permanent ban (any amount)
• Multi-tier support: Max 2 tiers per user (one permanent + one monthly)
• Email reminders: Day 0, 1, 2, 3 during grace period
• Cleanup job: Daily at 4:00 AM

Critical Edge Cases Identified:

1. Stripe Smart Retries - payment succeeds Day 5 after Day 3 downgrade (need payment.succeeded webhook)
2. Double Buy - user buys new subscription during grace period (use UPSERT on email)

Blocks: Soft launch (must have cancellation flow before opening subscriptions)

Blocked By: Paymenter webhook event research (verify what events are available)

Next Steps:

1. Research Paymenter webhook events (when home)
2. Decide: Paymenter webhooks vs Stripe webhooks direct
3. Build database enhancements (permanent_tier, monthly_tier columns)
4. Implement webhook handlers
5. Build 4 AM cleanup job
6. Create 4 email templates
7. Test thoroughly (especially Stripe retry scenario)

See task directory for complete architectural review, Gemini consultation, code blocks, and implementation plan.

---

88. Ghost CMS Homepage - Mobile Responsive Fix

Time: 5-10 minutes
Status: ✅ COMPLETE — Deployed April 1, 2026
Completed by: Chronicler #51
Priority: Tier S — SOFT LAUNCH BLOCKER (RESOLVED)
Documentation: /home/claude/ghost-header-injection-with-mobile-fix.html

Fixed mobile layout issues on firefrostgaming.com homepage where content was cut off on right side of screen on mobile devices.

Problem (RESOLVED):

• Content pushed off-screen to right on mobile ✅ FIXED
• Text truncated/disappearing ✅ FIXED
• Horizontal overflow issues ✅ FIXED
• Buttons and cards not wrapping properly ✅ FIXED

Root Cause:

• Inline styles with fixed max-width values
• No mobile-responsive media queries
• Ghost theme CSS not overriding inline styles

Solution Deployed: Complete mobile-responsive CSS media queries injected via Ghost Admin → Settings → Code Injection → Site Header. Merged with existing navbar and typography fixes.

CSS Fixes Deployed:

• Force full-width layouts on mobile (< 768px) ✅
• Reduce font sizes (5.5rem → 2.5rem headings on mobile) ✅
• Stack buttons vertically on mobile ✅
• Stack Fire/Frost path cards on mobile ✅
• Remove excessive padding (80px → 40px on mobile) ✅
• Prevent horizontal scrolling (overflow-x: hidden) ✅
• Tablet responsive adjustments (768px - 1024px) ✅
• Full-width touch-friendly buttons on mobile ✅

Deployment Steps (COMPLETED):

1. ✅ Merged mobile CSS with existing Ghost header injection code
2. ✅ Preserved navbar layout fixes (logo left, links center)
3. ✅ Preserved Fire/Frost gradient button
4. ✅ Preserved typography settings
5. ✅ Added mobile responsive media queries at bottom
6. ✅ Updated Ghost Admin → Settings → Code Injection → Site Header
7. ✅ Saved and deployed

Impact:

• Immediate improvement to mobile UX
• No changes to homepage HTML required
• Homepage now fully mobile responsive
• Soft launch blocker RESOLVED

Testing:

• Desktop (>1024px): ✅ Working (existing layout preserved)
• Tablet (768px - 1024px): ✅ Working (reduced padding)
• Mobile (<768px): ✅ Working (stacked layout, responsive typography)

Quick Win: 5-minute deployment, major UX improvement for 40-60% of web traffic.

File Location: Complete merged code at /home/claude/ghost-header-injection-with-mobile-fix.html

---

89. DERP Protocol Review & Formalization

Time: 2-4 hours
Status: IDENTIFIED — Needs comprehensive review
Priority: Tier 2 — Infrastructure Health
Documentation: docs/core/DERP.md, gemini-workspace repo

WHY THIS MATTERS: DERP (Disaster Emergency Recovery Protocol) was established as backup when Claude.ai fails, with Gemini as backup Chronicler. However, current usage is ad-hoc and gemini-workspace repo sits mostly empty despite being "active infrastructure."

Current State:

• gemini-workspace repo exists with empty directory structure
• Gemini consultations happen (like March 31 monorepo architecture session)
• Results documented in ops-manual, not gemini-workspace
• No formalized workflow for Gemini collaboration
• Firefrost Codex (local AI) not yet complete

Questions to Answer:

1. Should Gemini collaboration be formalized with structured workflow?
2. Should gemini-workspace actively store Gemini session transcripts/proposals?
3. What's relationship between Gemini (cloud) and Firefrost Codex (local)?
4. Is current ad-hoc Gemini usage acceptable or needs formalization?
5. Does DERP protocol need updating based on actual usage patterns?

Deliverables:

• Review and update DERP protocol documentation
• Decide on Gemini collaboration workflow (formal vs ad-hoc)
• Determine gemini-workspace usage pattern
• Clarify Firefrost Codex role in disaster recovery
• Update infrastructure-manifest.md with AI partner strategy

Impact: Ensures disaster recovery strategy is actually usable when needed, not just theoretical. RV Dream requires working backup systems.

---

90. Arbiter 3.0 - Unified Access Manager (Subscription → Whitelist Integration)

Time: 5 minutes (Gemini wrote the code!) + deployment time
Status: 🎉 CODE COMPLETE — Ready to deploy
Priority: Tier 1 — SOFT LAUNCH BLOCKER
Documentation: docs/tasks/arbiter-2x/ + docs/reference/gemini-consultations/2026-03-31-arbiter-3-complete-code.md
Code Location: firefrost-services/services/arbiter-3.0/ (16 files, production-ready)

WHAT THIS IS: Complete rewrite of subscription → server access flow. Merges Arbiter (Discord roles) + Whitelist Manager (server access) into single Node.js application with PostgreSQL backend. Subscription-driven whitelist with master list synced to all Minecraft servers.

THE FLOW:

1. User subscribes (any tier, even $1 Awakened)
2. Paymenter webhook → Arbiter assigns Discord role
3. User links Minecraft account: /link <username> (Discord slash command)
4. Arbiter validates via Mojang API, gets UUID
5. Stores in PostgreSQL: discord_id, minecraft_username, minecraft_uuid
6. Master whitelist auto-syncs to all whitelisted servers
7. User can now join any Minecraft server

WHY REWRITE: Current Whitelist Manager is broken:

• Hardcoded server name keywords (fails when servers change)
• WebSocket console commands (unreliable, returns "UNKNOWN")
• No subscription integration
• No master whitelist concept
• Manual-only operation

ARCHITECTURE DECISIONS (Gemini validated March 31, 2026):

• ✅ Single Node.js app (Arbiter 2.x) instead of separate services
• ✅ PostgreSQL instead of SQLite (concurrent write safety at scale)
• ✅ Discord /link slash command (Mojang API validation)
• ✅ Pterodactyl File Management API (not WebSocket console)
• ✅ Hybrid sync: Event-driven push + hourly cron reconciliation
• ✅ UUIDs WITH DASHES in whitelist.json (Minecraft 1.8+ requirement)

IMPLEMENTATION PHASES:

Phase 1: Database Migration

• Provision PostgreSQL 15+ database
• Execute schema creation (users, subscriptions, server_sync_log)
• Apply indexes for 500-user scale optimization
• Migrate legacy data from SQLite

Phase 2: Core Functions

• Initialize pg connection pool
• Implement Mojang API validation + UUID formatting
• Build Application API client for auto-discovery
• Build Client API file write (Content-Type: text/plain)
• Build Client API reload command (safe-fail on HTTP 412)

Phase 3: Discord Integration

• Register /link <minecraft_username> slash command
• UUID validation flow on linking
• Auto-DM new subscribers with link instructions
• Update Paymenter webhook handler for role assignment

Phase 4: Sync System

• Event-driven immediate sync (on /link, on subscribe)
• node-cron hourly reconciliation (0 * * * *)
• Sequential batch processing (prevent rate limits)
• Sync logging to server_sync_log table

Phase 5: Admin Panel & Testing

• Dashboard view for server_sync_log status
• Manual "Force Sync" trigger button
• View linked Minecraft accounts vs Discord IDs
• Final testing and production deployment

CRITICAL GOTCHAS (from Gemini):

• Content-Type: text/plain for file write (NOT application/json)
• Mojang returns UUIDs without dashes, Minecraft needs WITH dashes
• HTTP 412 = server offline, NOT an error (file saved for next boot)
• Sequential processing prevents Panel API rate limiting
• Use Application API for discovery, Client API for file ops

DELIVERABLES:

• Arbiter 2.x Node.js application
• PostgreSQL database with proper schema + indexes
• /link Discord slash command with Mojang validation
• Pterodactyl auto-discovery (by node allocation, not name)
• Master whitelist sync system (event-driven + hourly cron)
• Admin panel for sync monitoring + manual triggers
• Complete migration from broken Whitelist Manager

DEPENDENCIES:

• PostgreSQL 15+
• Node.js 20 LTS
• Pterodactyl Panel v1.12.1 (Client + Application API keys)
• Mojang API (public, no auth required)
• Discord Bot with slash command permissions

SUCCESS CRITERIA:

• User subscribes → links Minecraft account → auto-whitelisted within 5 minutes
• Master whitelist = single source of truth (database)
• All servers sync from master list (hourly reconciliation)
• Server discovery is automatic (no hardcoded names)
• Works reliably for remote RV operations (no manual intervention)
• Handles 500 subscribers by September 2027

RETIREMENT: Once Arbiter 2.x deployed:

• Retire old Whitelist Manager (Python Flask app on Billing VPS)
• Retire old Arbiter 1.x (if not already migrated)
• Update all documentation to reference new unified system

See implementation guide for complete technical specification with code examples.

---

---

YouTube Channel Description (Documented 2026-03-29 18:44 UTC)

Status: READY TO PASTE — copy into YouTube Studio → Customization → Basic Info → Description

---

Firefrost Gaming isn't just a server — it's a realm being built for children not yet born.

Two paths divide us. Fire for those who burn bright — community-first, passion-driven, heart before everything. Frost for those who endure — precision, systems, the craft of building something that lasts. Choose your element. Claim your place. Both paths lead to the same world.

This is modded Minecraft the way it was meant to be played — deep, collaborative, and built on a foundation that won't crack. We're not the biggest. Not yet. But the ones who found us early? They'll be the ones who shaped what this becomes. Founders aren't born — they're the people who showed up before it was obvious.

The forge is lit. The realm is growing. The question is whether you'll be part of what's being built, or the one who found out too late.

🔥 Join the community: firefrostgaming.com/discord 🌐 Everything else: linktr.ee/firefrostgaming

Fire + Frost + Foundation = Where Love Builds Legacy