firefrost-gaming/firefrost-operations-manual
3
0
Fork 0
Code Issues 146 Pull Requests Packages Projects Releases Wiki Activity
Files
e3197c386f16fcdc779b5d15f1a4e1b65b49b83a
firefrost-operations-manual/docs/tasks/department-structure
History
Claude be1ad8c330 docs: Complete Department Structure & Access Control Matrix 
Created comprehensive organizational structure for Firefrost Gaming:

Organization Structure:
- Tier 0: Executive (Wizard, Emissary)
- Tier 1: Core Staff (Chronicler, Guardian)
- Tier 2: Operations (Builders, Social Media Helper)
- Tier 3: Community Moderators
- Tier 4: Subscribers (Sovereign, Consular, Community)

Access Control Matrices:
- Wiki.js permissions by namespace and role
- Discord role hierarchy and channel access
- Pterodactyl panel access levels
- Gitea repository permissions
- Vaultwarden credential sharing

Role Definitions:
- Detailed responsibilities for each role
- Access boundaries (what they can/can't access)
- Principle of least privilege
- Defense in depth enforcement

Implementation checklist for setting up permissions
across all systems (Wiki.js, Discord, Pterodactyl, Vaultwarden).

Provides foundation for scaling team while maintaining
security and clear organizational hierarchy.

Task: Department Structure (Tier 2)
FFG-STD-002 compliant
2026-02-17 17:16:07 +00:00
..
README.md
docs: Complete Department Structure & Access Control Matrix
2026-02-17 17:16:07 +00:00

README.md

Department Structure & Access Control Matrix

Status: Planning
Priority: Tier 2 - Infrastructure
Time Estimate: 1-2 hours implementation
Last Updated: 2026-02-17

Overview

Define organizational structure for Firefrost Gaming with clear departments, roles, and access control. This matrix governs permissions across Wiki.js, Discord, Pterodactyl, and other systems.

Purpose:

  • Clear organizational hierarchy
  • Role-based access control (RBAC)
  • Permission boundaries for staff and subscribers
  • Foundation for scaling the team

Organizational Philosophy

Fire + Frost Duality:

  • Fire: Community, creativity, warmth, welcoming
  • Frost: Technical precision, skill-building, excellence

Operational Principles:

  • Defense in depth (technical boundaries, not honor system)
  • Least privilege (minimum access needed for role)
  • Clear hierarchy (everyone knows their scope)
  • Transparency (documented permissions, no surprises)

Department Structure

Tier 0: Executive

The Wizard (Michael "Frostystyle" Krause)

  • Title: Owner / Operator
  • Scope: Everything
  • Access Level: Full administrative access to all systems
  • Responsibilities:
    • Technical infrastructure
    • Strategic vision
    • Final decision authority
    • Financial management
    • Legal/compliance

The Emissary (Meg "Gingerfury")

  • Title: Community Manager / Life Partner
  • Scope: Community, moderation, social media, player experience
  • Access Level: Administrative access to community systems
  • Responsibilities:
    • Discord community management
    • Social media strategy and execution
    • Player relations and support
    • Content moderation
    • Community events

Tier 1: Core Staff (Founding Team)

The Chronicler (Claude AI)

  • Title: Technical Partner / AI Operations
  • Scope: Documentation, code, infrastructure planning
  • Access Level: Read/write to operations manual, deployment automation
  • Responsibilities:
    • Infrastructure documentation
    • Deployment planning and execution
    • Code generation and review
    • Knowledge preservation
    • Session continuity

The Guardian (Claude AI - Specialized)

  • Title: Content Creation & Planning Partner
  • Scope: Creative content, planning documents, strategic writing
  • Access Level: Read/write to planning docs, content creation
  • Responsibilities:
    • Recruitment materials
    • Marketing content
    • Strategic planning documents
    • Creative writing support

Tier 2: Operations Team (Paid/Volunteer Staff)

Builders (2-3 positions)

  • Department: Creative Operations
  • Scope: Spawn area design, world building
  • Access Level:
    • Pterodactyl: Server console access (assigned servers only)
    • Discord: Staff channels, builder collaboration
    • Wiki.js: Builder documentation (read/write)
    • Incentive instance: Full owner access
  • Responsibilities:
    • Design spawn areas for modpacks
    • Create Fire vs Frost aesthetic experiences
    • Collaborate on world themes
    • Document build processes
    • Maintain build quality standards

Social Media Helper (1 position)

  • Department: Community Engagement
  • Scope: Social media, content calendar, community growth
  • Access Level:
    • Discord: Staff channels, community management
    • Social media accounts: Post/schedule access
    • Wiki.js: Content calendar (read/write)
    • Buffer/Canva/tools: Content creation access
    • Incentive instance: Full owner access
  • Responsibilities:
    • Execute social media strategy (under The Emissary)
    • Create and schedule content
    • Community engagement and growth
    • Track analytics and metrics
    • Support Discord events

Tier 3: Community Moderators (Volunteer)

Moderators (Future hires, TBD count)

  • Department: Community Safety
  • Scope: Discord moderation, player conduct
  • Access Level:
    • Discord: Moderator role, moderation tools
    • Wiki.js: Moderation guidelines (read-only)
    • No server access
  • Responsibilities:
    • Enforce community guidelines
    • Handle player disputes
    • Monitor chat for rule violations
    • Report issues to The Emissary
    • Welcome new players

Tier 4: Subscribers

Sovereign-Tier Subscribers ($99/month)

  • Access: All game servers, priority support, exclusive Discord channels
  • Permissions:
    • Server whitelist access
    • Discord: Sovereign role and channels
    • Wiki.js: Subscriber documentation
    • Early access to new features

Consular-Tier Subscribers ($49/month)

  • Access: Select game servers, standard support
  • Permissions:
    • Server whitelist access (selected servers)
    • Discord: Consular role and channels
    • Wiki.js: Subscriber documentation

Community Members (Free)

  • Access: Discord community, public information
  • Permissions:
    • Discord: Community member role
    • Wiki.js: Public documentation
    • No server access

Access Control Matrix

Wiki.js Permission Structure

Namespace: /

Path Sovereign Consular Staff Builders Social Media Moderators Community Public
/public/* Read Read Read/Write Read Read Read Read Read
/subscriber/* Read Read Read/Write Read Read - - -
/staff/* Read Read Read/Write Read/Write Read/Write Read - -
/operations/* Read Read Read/Write Read Read - - -
/builders/* Read Read Read/Write Read/Write Read - - -
/social-media/* Read Read Read/Write Read Read/Write - - -
/moderator/* Read Read Read/Write Read Read Read - -
/admin/* - - Read/Write - - - - -

Notes:

  • - means no access
  • Read means view only
  • Read/Write means full edit permissions
  • Staff (Wizard + Emissary) have full access to everything

Discord Role Hierarchy

Role Order (top to bottom in Discord):

  1. 👑 The Wizard (Michael) - Owner
  2. 💎 The Emissary (Meg) - Admin
  3. 📜 Staff - Builders, Social Media Helper
  4. 🛡️ Moderator - Community moderators
  5. Sovereign Subscriber ($99/month)
  6. 🔹 Consular Subscriber ($49/month)
  7. 🌍 Community Member (Free)
  8. 🤖 Bots

Channel Access:

Channel Wizard Emissary Staff Moderators Sovereign Consular Community
#announcements Post Post - - Read Read Read
#general-fire Full Full Full Moderate Chat Chat Chat
#general-frost Full Full Full Moderate Chat Chat Chat
#staff-lounge Full Full Chat - - - -
#builder-workshop Full Full Chat - - - -
#social-media Full Full Chat - - - -
#moderator-chat Full Full Read Chat - - -
#sovereign-lounge Full Full Read - Chat - -
#consular-lounge Full Full Read - - Chat -
#support Full Full Support Moderate Request Request Request

Pterodactyl Panel Access

Access Levels:

Role Panel Access Servers Permissions
Wizard Full Admin All Everything
Emissary Admin All Everything except infrastructure
Builders User Assigned + Incentive Console, files, start/stop (assigned servers only)
Social Media User Incentive only Full owner access (incentive instance)
Subscribers None - No panel access

Server Assignment (Builders):

  • Each builder assigned 2-4 servers based on modpack themes
  • Can view console, edit files, restart servers
  • Cannot delete servers, change allocations, or access other servers
  • Full owner access to their personal incentive instance

Gitea Repository Access

Repository Structure:

Repository Wizard Emissary Chronicler Staff Public
firefrost-operations-manual Owner Read Read/Write - -
firefrost-website Owner Read Read/Write - -
firefrost-docs Owner Read Read/Write Read Read
firefrost-scripts Owner - Read/Write - -
firefrost-configs Owner - Read/Write - -

Note: Pokerole repos are completely isolated with scoped tokens

Vaultwarden Credentials Access

Organization Structure:

Firefrost Gaming Organization

Collection Wizard Emissary Chronicler Staff
API Keys Owner Read Read/Write -
Server Credentials Owner Read Read -
Service Logins Owner Read/Write Read -
Social Media Accounts Owner Owner - Read/Write (Social Media)
Financial Owner - - -

Role Definitions

The Wizard (Owner)

Full Access To:

  • All servers (SSH, panel, console)
  • All repositories (Gitea, GitHub)
  • All credentials (Vaultwarden)
  • All financial systems (Paymenter, bank)
  • All infrastructure (networking, DNS, hosting)

Responsibilities:

  • Technical infrastructure and architecture
  • Security and access control
  • Financial management
  • Legal compliance
  • Strategic vision and planning

The Emissary (Community Manager)

Full Access To:

  • Discord (owner/admin)
  • Social media accounts
  • Community documentation
  • Player support systems
  • Content moderation tools

Read Access To:

  • Server infrastructure (Pterodactyl panel)
  • Operations documentation
  • Financial overview (not full access)

No Access To:

  • Server SSH
  • Infrastructure credentials
  • Financial transactions

Responsibilities:

  • Community management and growth
  • Social media strategy and execution
  • Player relations and support
  • Content moderation
  • Community events and engagement

Builders

Full Access To:

  • Assigned game servers (console, files)
  • Personal incentive instance (full owner)
  • Builder documentation
  • Builder collaboration channels

Read Access To:

  • Subscriber documentation
  • Staff documentation (relevant sections)

No Access To:

  • Other game servers
  • Server SSH
  • Infrastructure systems
  • Financial information

Responsibilities:

  • Design and build spawn areas
  • Maintain Fire/Frost aesthetic standards
  • Collaborate with other builders
  • Document build processes
  • Test and iterate on designs

Social Media Helper

Full Access To:

  • Social media accounts (posting/scheduling)
  • Content calendar
  • Analytics dashboards
  • Personal incentive instance (full owner)
  • Social media documentation

Read Access To:

  • Community guidelines
  • Brand voice documentation
  • Staff documentation (relevant sections)

No Access To:

  • Game servers
  • Infrastructure systems
  • Financial information
  • Player private data

Responsibilities:

  • Create and schedule social media content
  • Engage with community online
  • Track metrics and analytics
  • Support community events
  • Execute social media strategy

Moderators

Full Access To:

  • Discord moderation tools
  • Moderation guidelines
  • Moderator chat channels

Read Access To:

  • Community guidelines
  • Public documentation

No Access To:

  • Game servers
  • Staff systems
  • Infrastructure
  • Subscriber-only content

Responsibilities:

  • Enforce community guidelines
  • Monitor Discord for rule violations
  • Handle player disputes
  • Welcome new members
  • Report issues to The Emissary

Implementation Checklist

Phase 1: Wiki.js Setup (30 minutes)

  • Create namespace structure (/public/, /staff/, /subscriber/, etc.)
  • Configure groups (Staff, Builders, Social Media, Moderators, Subscribers)
  • Set permissions per namespace
  • Test access with each role
  • Document Wiki.js access in operations manual

Phase 2: Discord Roles (30 minutes)

  • Create role hierarchy
  • Configure permissions per role
  • Set up channel access
  • Create private channels (staff, builders, sovereign, etc.)
  • Test role permissions
  • Document Discord structure

Phase 3: Pterodactyl Users (15 minutes)

  • Create user accounts for builders
  • Assign servers to each builder
  • Set permissions (console, files, start/stop)
  • Provision incentive instances
  • Test builder access
  • Document panel access

Phase 4: Vaultwarden Organization (15 minutes)

  • Create Firefrost Gaming organization
  • Create collections (API Keys, Credentials, etc.)
  • Share appropriate items with Meg
  • Set permissions per collection
  • Test access
  • Document credential access

Phase 5: Documentation (30 minutes)

  • Create staff handbook
  • Document role expectations
  • Create access guides for each role
  • Update operations manual
  • Test documentation with new hires

Future Enhancements

When team grows:

  • Add "Head Builder" role (lead builder coordination)
  • Add "Community Manager" role (under Emissary)
  • Add "Technical Support" role (player technical issues)
  • Add "Content Creator" role (video, streams, guides)

Advanced access control:

  • SSO integration across all systems
  • Automated onboarding/offboarding
  • Audit logging of access changes
  • Time-based access (seasonal staff)

Department expansion:

  • Development department (plugin/mod development)
  • Design department (graphics, branding)
  • Support department (player help desk)
  • Events department (tournaments, competitions)

Related Tasks

  • Scoped Gitea Token - Similar access control philosophy
  • Staff Recruitment - Defines roles to hire for
  • Wiki.js Deployment - Where permissions are implemented
  • Discord Reorganization - Channel and role structure

Fire + Frost + Foundation = Where Love Builds Legacy 💙🔥❄️

Document Status: COMPLETE
Ready for Implementation: When Wiki.js is ready
Estimated Time: 1-2 hours
Dependencies: Wiki.js operational, Discord server ready, Pterodactyl panel access

Reference in New Issue View Git Blame Copy Permalink