firefrost-gaming/firefrost-operations-manual
3
0
Fork 0
Code Issues 146 Pull Requests Packages Projects Releases Wiki Activity
Files
d2c36fac0e479bd999e9e88bee604f09f4002a23
firefrost-operations-manual/docs/core/tasks.md
Chronicler d2c36fac0e docs(tasks): Promote IDEA-006 Modpack Update Monitor to Task #11 (Tier 2) 
Promoted from ideas backlog per Michael's request for "sooner than later"
operational need.

Task #11: Modpack Update Monitor - Blueprint Extension
- Status: HIGH priority, queued after Codex Phase 2
- Time: 8-12 hours (full Blueprint extension)
- Affects: 9 modpack servers across TX1/NC1
- Purpose: Automated version checking vs latest available
- APIs: CurseForge, Modrinth, FTB, Technic
- Dashboard: Per-server update status visibility

Decision rationale: Michael's "do it once and get it done" philosophy
- Blueprint extension = permanent solution
- No revisiting with scripts later
- Integrates with existing Pterodactyl workflow
- Professional, scalable, maintainable

Execution order: Codex Phase 2 → Modpack Monitor (finish what we
started, then tackle this with full focus)

Updated tasks.md to v3.6
Updated ideas-backlog.md to v1.9
2026-02-20 22:06:40 +00:00

21 KiB
Raw Blame History

🔥❄️ FIREFROST GAMING — OPERATIONS TASKS

Last Updated: February 20, 2026
Updated By: The Deployer (Chronicler #20)
Version: 3.6 (Promoted IDEA-006: Modpack Update Monitor to Task #11)

📋 HOW TO USE THIS FILE

This file contains:

  • High-level task summaries (≤20 lines each)
  • Status and priority
  • Time estimates
  • References to full documentation

For complete details, see: docs/tasks/[task-name]/

Each task directory contains:

  • README.md (complete overview)
  • deployment-plan.md (if applicable)
  • prerequisites.md (if applicable)
  • Additional task-specific docs

Standard: All tasks follow FFG-STD-002 (Task Documentation Standard)

🎯 TIER 0: IMMEDIATE WINS

Quick wins that unlock other work or provide immediate value.

1. Centralized Whitelist Manager Web Dashboard — COMPLETE

Time: 2-2.5 hours (actual: ~4 hours over 2 sessions)
Status: FULLY OPERATIONAL
Completed: February 19, 2026
Documentation: docs/tasks/whitelist-manager/

Web dashboard at whitelist.firefrostgaming.com for managing player whitelists across 11 Minecraft servers.

Deployed Features:

  • Dynamic server list (fetches from Pterodactyl API automatically)
  • Add player to whitelist (per server or username/UUID)
  • Remove player from whitelist (per server or username/UUID)
  • Bulk operations (add/remove to ALL servers)
  • Server status detection (WHITELISTED/PUBLIC/OFFLINE)
  • Fire/Frost themed UI
  • Staff authentication (mkrause612)
  • SSL/HTTPS with Let's Encrypt
  • Auto-start on boot
  • Websocket integration with Pterodactyl

Value Delivered: 15-minute manual task → 30 seconds. Zero-error whitelist management.

Tech: Python Flask + TailwindCSS + Websockets + Virtual Environment on Billing VPS

Known Issue: One server may show incorrect status (server scheduled for retirement)

Future Enhancements (Phase 2):

  • Whitelist ON/OFF toggle per server
  • View current whitelist per server
  • Discord bot integration
  • Paymenter subscriber auto-whitelist

See task directory for: Complete deployment plan, prerequisites checklist, usage guide

2. Command Center Root Cleanup — COMPLETE

Completed: February 18, 2026
Time: 15 minutes
Documentation: docs/tasks/command-center-cleanup/

Housekeeping task to organize Command Center root directory before major work.

Results:

  • 5 Gitea backups moved to /root/backups/gitea/
  • 2 wiki deployment logs archived locally
  • 3 obsolete files deleted (dead.letter, extract-key-info.sh, master)
  • Root directory clean and organized

3. Staff Recruitment Launch

Time: 2-3 hours (setup) + ongoing
Status: READY - POSTING TODAY
Priority: Tier 0 - Immediate Win
Documentation: docs/tasks/staff-recruitment-launch/

Launch recruitment for Builders (2-3) and Social Media Helper (1) using recruitment ad.

Prerequisites (Guardian's Notes):

  • Provision incentive instances (private servers for recruits)
  • Define application review process
  • Finalize ad: decide on specific modpacks mention, deadline

Key Deliverables:

  • Incentive instances ready and documented
  • Recruitment ad posted to r/feedthebeast, Discord communities
  • Application tracking system
  • 2-3 Builders + 1 Social Media Helper recruited

Recruitment Ad: docs/planning/discord-recruitment-ad.md

See task directory for: Prerequisites checklist, application process, onboarding guide

4. NC1 Cleanup (Mandatory for Mailcow) — COMPLETE

Completed: February 16, 2026
Result: 26GB → 46GB free (cleared space for Mailcow)

⚠️ LESSON LEARNED: Never use wildcards (*.zip) in cleanup commands. List files explicitly. Cost: Lost Hytale world, had to regenerate. Recovery documented in docs/troubleshooting/.

🛡️ TIER 1: SECURITY FOUNDATION

Critical security infrastructure. Must complete before major deployments.

5. Vaultwarden — Add SSH Key & Org Setup

Time: 30 minutes
Status: DEPLOYED, NEEDS CONFIGURATION
Documentation: docs/tasks/vaultwarden-setup/

Complete Vaultwarden setup: SSH key + organization for shared credentials with Meg.

Blocks: Scoped tokens, credential management workflows

6. The Frostwall Protocol — GRE Tunnel Security Architecture

Time: 3-4 hours
Status: REBUILD PENDING
Priority: CRITICAL
Documentation: docs/tasks/frostwall-protocol/

Custom DDoS protection using GRE tunnels from Command Center to TX1/NC1. Hides real IPs, protects email reputation.

Core Components:

  • GRE tunneling (encrypted links)
  • 1-to-1 NAT/DMZ forwarding
  • Iron Wall UFW rules
  • IP hierarchy (scrubbing → backend → binding)

Blocks: Mailcow, AI stack, all Tier 2+ infrastructure

7. Command Center Security Hardening

Time: 1 hour
Status: READY
Documentation: docs/tasks/command-center-security/

Defense-in-depth for Command Center: Fail2Ban + SSH hardening

Actions:

  • Install Fail2Ban
  • Disable SSH password auth (key-only)
  • Review UFW rules

8. Create Scoped Gitea Token for Pokerole Project

Time: 15 minutes
Status: READY
Depends: Vaultwarden operational
Documentation: docs/tasks/scoped-gitea-token/

Create Gitea token scoped to Pokerole repos only. Iron Wall principle: enforce boundaries technically.

🏗️ TIER 2: MAJOR INFRASTRUCTURE

Foundation secure, deploy major services.

9. Firefrost Codex - AI Assistant

Time: 8-12 hours (4-6 active, rest downloads)
Status: READY - Planning Complete
Priority: Tier 2 - Major Infrastructure
Documentation: docs/tasks/firefrost-codex/

Self-hosted AI assistant providing 24/7 support to all community tiers. "Most Minecraft servers have Discord. We have an AI."

Architecture:

  • AnythingLLM (RAG platform with LanceDB)
  • Ollama (local LLM server)
  • 3 Models: Qwen 2.5 Coder 72B, Llama 3.3 70B, Llama 3.2 Vision 11B
  • Discord bot + Web interface + Embedded widgets
  • mclo.gs integration (Minecraft log analysis)

Five-Tier Access:

  1. Public (marketing widget) - Public KB workspace
  2. Subscribers ($1+) - Subscriber KB workspace
  3. Staff - Operations + Brainstorming workspaces
  4. Michael/Meg - All 5 workspaces + admin panel
  5. Potential subscribers - Same as Public

Key Features:

  • 24/7 instant answers (never wait for staff)
  • mclo.gs log analysis (paste link, get diagnosis)
  • Role-based knowledge access
  • Growing knowledge base
  • Complete privacy (self-hosted, zero cloud APIs)

Monthly Cost: $0 (self-hosted on TX1)

Deployment Phases:

  1. Core Infrastructure (3-4 hours)
  2. Model Downloads (overnight, 6-8 hours)
  3. Workspace Setup (2-3 hours)
  4. Discord Bot (2-3 hours)
  5. Embedded Widgets (1-2 hours)
  6. Testing & Validation (2 hours)

Marketing Ready: Complete launch strategy, messaging framework, content calendar in docs

See task directory for: Complete architecture, marketing strategy, deployment plan, branding guide

10. Mailcow Email Server on NC1

Time: 2-3 hours
Status: BLOCKED
Depends: NC1 cleanup , Frostwall Protocol
Documentation: docs/tasks/mailcow-email-server-on-nc1/

Professional @firefrostgaming.com email on NC1. Self-hosted, $120/year saved, eliminates Plesk.

Location: NC1 Charlotte (32-core EPYC, 251GB RAM)

11. Self-Hosted AI Stack on TX1 — ⚠️ SUPERSEDED BY CODEX

Time: 6-8 hours (3-4 active, rest downloads)
Status: SUPERSEDED - See Task #9 (Firefrost Codex)
Documentation: docs/tasks/self-hosted-ai-stack-on-tx1/

NOTE: Original plan for Dify-based AI has been replaced by Firefrost Codex (Task #9), which uses AnythingLLM instead. This provides better document handling (1,000+ docs), built-in multi-user support, and embedded widget capabilities. See Firefrost Codex documentation for the complete updated architecture.

12. Netdata Deployment

Time: 30 minutes
Status: READY
Documentation: docs/tasks/netdata-deployment/

Real-time monitoring on all servers (Command Center, TX1, NC1, Ghost VPS).

12. Department Structure & Access Control Matrix

Time: 1-2 hours
Status: PLANNING
Documentation: docs/tasks/department-structure-and-access-control-matrix/

Define departments and access control for Wiki.js permissions and role-based access.

13. MkDocs Decommission

Time: 15 minutes
Status: READY
Documentation: docs/tasks/mkdocs-decommission/

Remove MkDocs (replaced by Wiki.js).

10. Pokerole WikiJS Deployment

Time: 2-4 hours (infrastructure) + 4-6 hours (content migration)
Status: REQUESTED BY CLAUDIUS
Priority: Medium (post-Holly approval of Tier 4 content)
Server: Ghost VPS (64.50.188.14) - alongside existing wikis
Documentation: See Claudius's Session 9 report + WIKIJS_DEPLOYMENT_REQUEST.md in misc-docs repo

Purpose: Deploy WikiJS for Aurelian Pokédex publication

What's Ready:

  • Tier 4: 31 Pokémon converted (awaiting Holly approval)
  • Tier 3: 26 Pokémon converted (awaiting Holly approval)
  • 18 custom game mechanics documented
  • All content in Git (pokerole-data repo)

Deployment Requirements:

  • Domain: pokerole.firefrostgaming.com
  • Software: WikiJS v2.x (Docker preferred)
  • Database: PostgreSQL or SQLite
  • SSL: Let's Encrypt certificate
  • Content: ~50-75 wiki pages, 15-20MB Markdown, images TBD

Dependencies:

  • Holly's approval of Tier 3 Batch 4-13 (22 entries)
  • Holly's approval of Tier 4 content (31 entries)
  • Additional Pokémon artwork (optional but recommended)

Workflow:

  1. Chronicler deploys WikiJS infrastructure on Ghost (2-4 hours)
  2. Claudius migrates content from Git to WikiJS (4-6 hours)
  3. Holly reviews published content
  4. Michael approves layout/organization
  5. Public launch (or private beta)

Alternative Options if Delayed:

  • Static site via Nginx
  • GitHub Pages via Gitea
  • Keep in Git until ready

Notes:

  • NOT urgent - content safely stored in Git
  • Can proceed after Holly completes reviews
  • WikiJS supports multi-user if Holly wants edit access
  • Can be private initially, public later

11. Modpack Update Monitor — Blueprint Extension

Time: 8-12 hours (Blueprint extension development)
Status: PROMOTED FROM IDEAS (IDEA-006)
Priority: HIGH - Queued after Codex Phase 2
Documentation: docs/tasks/modpack-update-monitor/ (to be created)

Purpose: Automated version checking for all modpack servers - compare installed vs latest available versions

The Problem:

  • 12 game servers running modpacks
  • Manual checking across CurseForge/FTB/Modrinth/Technic is tedious
  • No existing Blueprint extension monitors for updates (only installers exist)
  • Risk of running outdated versions with bugs/exploits

The Solution: Build Blueprint extension that:

  1. Scans each server to detect installed modpack + current version (read manifest files)
  2. Queries platform APIs (CurseForge, FTB, Modrinth, Technic) for latest versions
  3. Dashboard showing update status per server
  4. Optional integration with existing Modpack Installer for one-click updates

Dashboard Display:

  • Server name
  • Current modpack + version
  • Latest available version
  • Update status ( Up to date / ⚠️ Update available / Check failed)
  • Last checked timestamp
  • Source platform (CurseForge/FTB/Modrinth/Technic)

Technical Requirements:

  • Read server manifests (CurseForge manifest.json, FTB modlist.html, Modrinth modrinth.index.json, etc.)
  • API integration: CurseForge API, Modrinth API, FTB API, Technic API
  • Database table: server_id, modpack_id, current_version, latest_version, last_checked, source_platform
  • React dashboard component for Pterodactyl admin view
  • Cron job for daily checks (configurable interval)

Affected Servers (9 modpack servers):

  • All The Mons (Cobblemon) - NC1
  • Stoneblock 4 - TX1
  • Society: Sunlit Valley - TX1
  • Reclamation - TX1
  • The Ember Project - NC1
  • Minecolonies: Create and Conquer - NC1
  • All The Mods 10 - NC1
  • EMC Subterra Tech - NC1
  • Mayview - NC1

Not Applicable:

  • Vanilla 1.21.11 (no modpack)
  • Homestead (retiring soon)
  • Hytale (different game)
  • FoundryVTT (not Minecraft)

Existing Infrastructure:

Workflow Example:

  1. Dashboard shows "ATM10 on NC1 is v1.3, v1.5 available on CurseForge"
  2. Admin clicks details to see changelog
  3. Admin uses Modpack Installer to update (or manual)
  4. Admin uses staggered restart system to schedule restart
  5. Result: Systematic update workflow

API Rate Limits to Consider:

  • CurseForge: 1000 requests/hour
  • Modrinth: 300 requests/minute
  • FTB: Unknown (need to research)
  • Technic: Unknown (need to research)
  • Daily cron job = 9 servers × 4 platforms = 36 API calls max

Benefits:

  • Immediate visibility of outdated servers
  • Reduced manual checking time (15 min/day → 0)
  • Proactive security (catch important updates faster)
  • Professional operations
  • Fills gap in Blueprint marketplace (publishable as community extension)
  • Pairs perfectly with staggered restart system

Success Criteria:

  • Extension installed in Blueprint framework
  • Dashboard accessible from Pterodactyl admin panel
  • All 9 modpack servers detected and monitored
  • API integration working for all 4 platforms
  • Daily cron job running
  • Update notifications working

Considerations:

  • Handle custom/manually installed modpacks (no source platform = "Unknown")
  • Permission levels (who can see updates vs install them)
  • Notification system (email/Discord when updates available - future enhancement)
  • Error handling for API failures (graceful degradation)

Why Tier 2 (not Tier 0 quick script):

  • Michael prefers "do it once and get it done"
  • Blueprint extension = permanent solution, no revisiting
  • Integrates with existing Pterodactyl workflow
  • Professional, scalable, maintainable
  • Worth the upfront time investment for forever solution

Execution Order:

  1. Complete Codex Phase 2 first (finish what we started)
  2. Then build this with full focus (8-12 hour session)
  3. Then enjoy automated version monitoring forever

📚 TIER 3: DOCUMENTATION & OPTIMIZATION

Polish, optimization, and content creation.

14. Fix Frostwall vs Firefrost Naming

Time: 15 minutes
Documentation: docs/tasks/fix-frostwall-vs-firefrost-naming/

Clarify terminology: Frostwall (security protocol) vs Firefrost (brand).

15. Scope Document Corrections

Time: 30 minutes
Documentation: docs/tasks/scope-document-corrections/

Review and correct project scope documents for accuracy.

16. Workflow Guide Review & Trim

Time: 1 hour
Documentation: docs/tasks/workflow-guide-review-and-trim/

Audit workflows, remove outdated content, consolidate redundancy.

17. Terraria Branding Training Arc

Time: 12 weeks (ongoing)
Status: ACTIVE - Phase 1
Documentation: docs/tasks/terraria-branding-training-arc/

12-week training: Michael learns game asset creation via Terraria texture pack development.

See: docs/planning/terraria-branding-arc.md for complete curriculum

18. Paymenter Theme Installation — Citadel Theme

Time: 1-2 hours
Documentation: docs/tasks/paymenter-theme-installation-citadel-theme/

Install Citadel theme for Paymenter with Fire/Frost branding.

19. Consultant Photo Processing

Time: Ongoing
Status: ACTIVE
Documentation: docs/tasks/consultant-photo-processing/

Process and catalog photos of The Five Consultants. Maintain archive with proper metadata.

Naming: YYYY-MM-DD_consultant_description_NN.jpg

20. NextCloud Upload Portal for Meg

Time: 30 minutes
Documentation: docs/tasks/nextcloud-upload-portal-for-meg/

Configure NextCloud public upload folder for Meg.

21. "Coming Soon" Video Creation (CapCut)

Time: 2-3 hours
Documentation: docs/tasks/coming-soon-video-creation-capc ut/

Create professional "Coming Soon" video for Firefrost launch using CapCut.

22. Staggered Server Restart System

Time: 2 hours
Documentation: docs/tasks/staggered-server-restart-system/

Automated staggered restarts for game servers. Prevents simultaneous restarts, maintains player access.

23. Game Server Startup Script Audit & Optimization

Time: 1 hour
Documentation: docs/tasks/game-server-startup-script-audit-and-optimization/

Audit and optimize JVM flags, memory allocation, performance tuning for all game servers.

24. LuckPerms MySQL Backend

Time: 45 minutes
Documentation: docs/tasks/luckperms-mysql-backend/

Migrate LuckPerms to MySQL for centralized permission management.

25. World Backup Automation

Time: 1-2 hours
Documentation: docs/tasks/world-backup-automation/

Automated backup system: daily backups, retention policy, off-server storage.

26. Blueprint Extension Installation — Node Usage Status

Time: 30 minutes
Documentation: docs/tasks/blueprint-extension-installation-node-usage-status/

Install Blueprint extension showing TX1/NC1 resource usage in Pterodactyl panel.

27. Discord Server Complete Reorganization

Time: 2-3 hours
Documentation: docs/tasks/discord-server-complete-reorganization/

Complete Discord reorganization: Fire/Frost paths, clear channels, proper roles.

28. Firefrost: The Eternal Skyforge (Flagship Modpack)

Time: 20-40 hours (iterative)
Documentation: docs/tasks/firefrost-the-eternal-skyforge-flagship-modpack/

Flagship Minecraft modpack: Create mod + Fire/Frost theme + weapon forging + factory building.

29. Among Us Weekly Events (Phase 2 Expansion)

Time: Ongoing (30 min weekly prep)
Documentation: docs/tasks/among-us-weekly-events-phase-2-expansion/

Weekly Among Us community events for subscriber engagement.

30. Pterodactyl Modpack Version Display

Time: 1-2 hours
Status: READY
Documentation: docs/tasks/pterodactyl-modpack-version-display/

Add custom "Modpack Version" field to Pterodactyl panel for version tracking visibility.

Method: Custom egg variable in Startup tab
Scope: 9 modpack servers (excludes Vanilla, Hytale, FoundryVTT)
Benefits: Version visibility, change tracking, troubleshooting clarity

📊 QUICK STATS

Total Tasks: 32 (including Firefrost Codex)
Completed: 3 (NC1 cleanup, Command Center cleanup, Whitelist Manager)
In Progress: 2 (Vaultwarden, Terraria Arc)
Ready to Build: 19+ (including Firefrost Codex!)
Blocked: 2 (Mailcow, original AI Stack - superseded by Codex)
Superseded: 1 (Original AI Stack → Firefrost Codex)

Estimated Total Time: ~75-95 hours across all tasks
Critical Path: Frostwall Protocol → Mailcow → Everything else
Big Win Available: Firefrost Codex (8-12 hours, massive community impact)

🔗 RELATED DOCUMENTATION

  • Task Documentation Standard: docs/standards/task-documentation-standard.md (FFG-STD-002)
  • Infrastructure State: docs/core/infrastructure-manifest.md
  • Architecture Decisions: docs/reference/architecture-decisions.md
  • Session Handoff: SESSION-HANDOFF-PROTOCOL.md

Fire + Frost + Foundation = Where Love Builds Legacy 💙🔥❄️

Version History:

  • v3.2 (2026-02-16): Moved Staff Recruitment to Tier 0 (posting today), renumbered tasks
  • v3.1 (2026-02-16): Added Task #3 - Staff Recruitment Launch (Guardian's notes)
  • v3.0 (2026-02-16): Full FFG-STD-002 implementation - all 28 tasks migrated to task directories
  • v2.3 (2026-02-16): Whitelist Manager refactored to follow standard
  • v2.2 (2026-02-16): Whitelist Manager expanded to web dashboard
  • v2.1 (2026-02-16): NC1 cleanup marked complete with lessons
  • v2.0 (2026-02-15): Major restructure and organization

31. Server-to-Server SSH Key Setup

Time: 1-2 hours
Status: IDENTIFIED - Ready to build
Priority: Tier 1 - Security Foundation
Documentation: docs/tasks/server-ssh-interconnect/

Enable passwordless SSH between all management servers (Command Center, Billing, Panel, Ghost).

Problem: Aurora couldn't SSH from Command Center to Billing - key named 'chronicler' instead of standard 'id_rsa'.

Solution:

  1. Collect public keys from all 4 management servers
  2. Add each server's public key to all other servers' authorized_keys
  3. Test connectivity matrix (4x4 grid)
  4. Document key locations and naming

Servers to interconnect:

  • Command Center (63.143.34.217)
  • Billing VPS (38.68.14.188)
  • Panel VPS (45.94.168.138)
  • Ghost VPS (64.50.188.14)

Benefits: No more switching in MobaXterm, easier automation, cleaner workflows

Note: Billing has non-standard key name 'chronicler' - may need renaming to 'id_rsa'

32. Whitelist Manager Refinements

Time: 30-60 minutes
Status: IDENTIFIED
Priority: Low - Polish/Cosmetic
Documentation: docs/tasks/whitelist-manager-refinements/

Small improvements to Whitelist Manager:

  • Fix Mayview server grouping - Currently shows under "Unknown (1 servers)" instead of "NC1 (5 servers)"
  • Update server detection logic or Pterodactyl metadata
  • [Future refinements can be added here as discovered]

Impact: Cosmetic only - does not affect functionality

Reference in New Issue View Git Blame Copy Permalink