firefrost-operations-manual/docs/core/tasks.md

# 🔥❄️ FIREFROST GAMING — OPERATIONS TASKS

**Last Updated:** February 16, 2026  
**Updated By:** The Chronicler (current session)  
**Version:** 3.0 (Full FFG-STD-002 implementation - all tasks migrated to task directories)

---

## 📋 HOW TO USE THIS FILE

**This file contains:**
- High-level task summaries (≤20 lines each)
- Status and priority
- Time estimates
- References to full documentation

**For complete details, see:** `docs/tasks/[task-name]/`

**Each task directory contains:**
- README.md (complete overview)
- deployment-plan.md (if applicable)
- prerequisites.md (if applicable)
- Additional task-specific docs

**Standard:** All tasks follow FFG-STD-002 (Task Documentation Standard)

---

## 🎯 TIER 0: IMMEDIATE WINS

Quick wins that unlock other work or provide immediate value.

---

### 1. Centralized Whitelist Manager Web Dashboard
**Time:** 2-2.5 hours  
**Status:** READY TO BUILD  
**Documentation:** `docs/tasks/whitelist-manager/`

Web dashboard at `whitelist.firefrostgaming.com` for managing player whitelists across 11 Minecraft servers.

**Value:** 15-minute manual task → 30 seconds. Zero-error whitelist management with full visibility.

**Key Deliverables:**
- Web interface with server list and whitelist status
- Toggle whitelist ON/OFF per server
- Add/remove players (individual or bulk)
- Staff authentication

**Tech:** Python Flask + TailwindCSS on Ghost VPS

**See task directory for:** Complete deployment plan, prerequisites checklist, usage guide

---

### 2. Command Center Root Cleanup
**Time:** 15 minutes  
**Status:** READY  
**Documentation:** `docs/tasks/command-center-cleanup/`

Housekeeping task to organize Command Center root directory before major work.

**Actions:**
- Move Gitea backups to `/root/backups/gitea/`
- Archive deployment logs to repo
- Delete obsolete files

---

### 3. NC1 Cleanup (Mandatory for Mailcow) — ✅ COMPLETE
**Completed:** February 16, 2026  
**Result:** 26GB → 46GB free (cleared space for Mailcow)

**⚠️ LESSON LEARNED:** Never use wildcards (`*.zip`) in cleanup commands. List files explicitly. Cost: Lost Hytale world, had to regenerate. Recovery documented in `docs/troubleshooting/`.

---

## 🛡️ TIER 1: SECURITY FOUNDATION

Critical security infrastructure. Must complete before major deployments.

---

### 4. Vaultwarden — Add SSH Key & Org Setup
**Time:** 30 minutes  
**Status:** DEPLOYED, NEEDS CONFIGURATION  
**Documentation:** `docs/tasks/vaultwarden-setup/`

Complete Vaultwarden setup: SSH key + organization for shared credentials with Meg.

**Blocks:** Scoped tokens, credential management workflows

---

### 5. The Frostwall Protocol — GRE Tunnel Security Architecture
**Time:** 3-4 hours  
**Status:** REBUILD PENDING  
**Priority:** CRITICAL  
**Documentation:** `docs/tasks/frostwall-protocol/`

Custom DDoS protection using GRE tunnels from Command Center to TX1/NC1. Hides real IPs, protects email reputation.

**Core Components:**
- GRE tunneling (encrypted links)
- 1-to-1 NAT/DMZ forwarding
- Iron Wall UFW rules
- IP hierarchy (scrubbing → backend → binding)

**Blocks:** Mailcow, AI stack, all Tier 2+ infrastructure

---

### 6. Command Center Security Hardening
**Time:** 1 hour  
**Status:** READY  
**Documentation:** `docs/tasks/command-center-security/`

Defense-in-depth for Command Center: Fail2Ban + SSH hardening

**Actions:**
- Install Fail2Ban
- Disable SSH password auth (key-only)
- Review UFW rules

---

### 7. Create Scoped Gitea Token for Pokerole Project
**Time:** 15 minutes  
**Status:** READY  
**Depends:** Vaultwarden operational  
**Documentation:** `docs/tasks/scoped-gitea-token/`

Create Gitea token scoped to Pokerole repos only. Iron Wall principle: enforce boundaries technically.

---

## 🏗️ TIER 2: MAJOR INFRASTRUCTURE

Foundation secure, deploy major services.

---

### 8. Mailcow Email Server on NC1
**Time:** 2-3 hours  
**Status:** BLOCKED  
**Depends:** NC1 cleanup ✅, Frostwall Protocol  
**Documentation:** `docs/tasks/mailcow-email-server-on-nc1/`

Professional @firefrostgaming.com email on NC1. Self-hosted, $120/year saved, eliminates Plesk.

**Location:** NC1 Charlotte (32-core EPYC, 251GB RAM)

---

### 9. Self-Hosted AI Stack on TX1
**Time:** 8-12 hours (3-4 active, rest downloads)  
**Status:** BLOCKED - Medical clearance  
**Documentation:** `docs/tasks/self-hosted-ai-stack-on-tx1/`

Dual AI deployment: AnythingLLM (ops) + Open WebUI (staff). DERP backup, unlimited AI access.

**Models:** Qwen 2.5 Coder 72B, Llama 3.3 70B, Llama 3.2 Vision 11B  
**Storage:** ~150GB  
**RAM:** ~110GB when loaded

---

### 10. Netdata Deployment
**Time:** 30 minutes  
**Status:** READY  
**Documentation:** `docs/tasks/netdata-deployment/`

Real-time monitoring on all servers (Command Center, TX1, NC1, Ghost VPS).

---

### 11. Department Structure & Access Control Matrix
**Time:** 1-2 hours  
**Status:** PLANNING  
**Documentation:** `docs/tasks/department-structure-and-access-control-matrix/`

Define departments and access control for Wiki.js permissions and role-based access.

---

### 12. MkDocs Decommission
**Time:** 15 minutes  
**Status:** READY  
**Documentation:** `docs/tasks/mkdocs-decommission/`

Remove MkDocs (replaced by Wiki.js).

---

## 📚 TIER 3: DOCUMENTATION & OPTIMIZATION

Polish, optimization, and content creation.

---

### 13. Fix Frostwall vs Firefrost Naming
**Time:** 15 minutes  
**Documentation:** `docs/tasks/fix-frostwall-vs-firefrost-naming/`

Clarify terminology: Frostwall (security protocol) vs Firefrost (brand).

---

### 14. Scope Document Corrections
**Time:** 30 minutes  
**Documentation:** `docs/tasks/scope-document-corrections/`

Review and correct project scope documents for accuracy.

---

### 15. Workflow Guide Review & Trim
**Time:** 1 hour  
**Documentation:** `docs/tasks/workflow-guide-review-and-trim/`

Audit workflows, remove outdated content, consolidate redundancy.

---

### 16. Terraria Branding Training Arc
**Time:** 12 weeks (ongoing)  
**Status:** ACTIVE - Phase 1  
**Documentation:** `docs/tasks/terraria-branding-training-arc/`

12-week training: Michael learns game asset creation via Terraria texture pack development.

**See:** `docs/planning/terraria-branding-arc.md` for complete curriculum

---

### 17. Paymenter Theme Installation — Citadel Theme
**Time:** 1-2 hours  
**Documentation:** `docs/tasks/paymenter-theme-installation-citadel-theme/`

Install Citadel theme for Paymenter with Fire/Frost branding.

---

### 18. Consultant Photo Processing
**Time:** Ongoing  
**Status:** ACTIVE  
**Documentation:** `docs/tasks/consultant-photo-processing/`

Process and catalog photos of The Five Consultants. Maintain archive with proper metadata.

**Naming:** `YYYY-MM-DD_consultant_description_NN.jpg`

---

### 19. NextCloud Upload Portal for Meg
**Time:** 30 minutes  
**Documentation:** `docs/tasks/nextcloud-upload-portal-for-meg/`

Configure NextCloud public upload folder for Meg.

---

### 20. "Coming Soon" Video Creation (CapCut)
**Time:** 2-3 hours  
**Documentation:** `docs/tasks/coming-soon-video-creation-capc ut/`

Create professional "Coming Soon" video for Firefrost launch using CapCut.

---

### 21. Staggered Server Restart System
**Time:** 2 hours  
**Documentation:** `docs/tasks/staggered-server-restart-system/`

Automated staggered restarts for game servers. Prevents simultaneous restarts, maintains player access.

---

### 22. Game Server Startup Script Audit & Optimization
**Time:** 1 hour  
**Documentation:** `docs/tasks/game-server-startup-script-audit-and-optimization/`

Audit and optimize JVM flags, memory allocation, performance tuning for all game servers.

---

### 23. LuckPerms MySQL Backend
**Time:** 45 minutes  
**Documentation:** `docs/tasks/luckperms-mysql-backend/`

Migrate LuckPerms to MySQL for centralized permission management.

---

### 24. World Backup Automation
**Time:** 1-2 hours  
**Documentation:** `docs/tasks/world-backup-automation/`

Automated backup system: daily backups, retention policy, off-server storage.

---

### 25. Blueprint Extension Installation — Node Usage Status
**Time:** 30 minutes  
**Documentation:** `docs/tasks/blueprint-extension-installation-node-usage-status/`

Install Blueprint extension showing TX1/NC1 resource usage in Pterodactyl panel.

---

### 26. Discord Server Complete Reorganization
**Time:** 2-3 hours  
**Documentation:** `docs/tasks/discord-server-complete-reorganization/`

Complete Discord reorganization: Fire/Frost paths, clear channels, proper roles.

---

### 27. Firefrost: The Eternal Skyforge (Flagship Modpack)
**Time:** 20-40 hours (iterative)  
**Documentation:** `docs/tasks/firefrost-the-eternal-skyforge-flagship-modpack/`

Flagship Minecraft modpack: Create mod + Fire/Frost theme + weapon forging + factory building.

---

### 28. Among Us Weekly Events (Phase 2 Expansion)
**Time:** Ongoing (30 min weekly prep)  
**Documentation:** `docs/tasks/among-us-weekly-events-phase-2-expansion/`

Weekly Among Us community events for subscriber engagement.

---

## 📊 QUICK STATS

**Total Tasks:** 28  
**Completed:** 1 (NC1 cleanup)  
**In Progress:** 2 (Vaultwarden, Terraria Arc, Photo Processing)  
**Ready to Build:** 20+  
**Blocked:** 2 (Mailcow, AI Stack)

**Estimated Total Time:** ~65-85 hours across all tasks  
**Critical Path:** Frostwall Protocol → Mailcow/AI Stack → Everything else

---

## 🔗 RELATED DOCUMENTATION

- **Task Documentation Standard:** `docs/standards/task-documentation-standard.md` (FFG-STD-002)
- **Infrastructure State:** `docs/core/infrastructure-manifest.md`
- **Architecture Decisions:** `docs/reference/architecture-decisions.md`
- **Session Handoff:** `SESSION-HANDOFF-PROTOCOL.md`

---

**Fire + Frost + Foundation = Where Love Builds Legacy** 💙🔥❄️

---

**Version History:**
- v3.0 (2026-02-16): Full FFG-STD-002 implementation - all 28 tasks migrated to task directories
- v2.3 (2026-02-16): Whitelist Manager refactored to follow standard
- v2.2 (2026-02-16): Whitelist Manager expanded to web dashboard
- v2.1 (2026-02-16): NC1 cleanup marked complete with lessons
- v2.0 (2026-02-15): Major restructure and organization