firefrost-operations-manual/deployments/whitelist-manager/CHECKLIST.md

# 🔥❄️ Whitelist Manager - Deployment Checklist

**Status:** Ready for Deployment  
**Target:** Billing VPS (38.68.14.188)  
**Domain:** whitelist.firefrostgaming.com  
**Time Estimate:** 30-45 minutes

---

## Pre-Deployment Checklist

### DNS Configuration (Do First!)
- [ ] Log into your DNS provider (Cloudflare/Route53/etc)
- [ ] Create A record:
  - **Name:** `whitelist`
  - **Type:** A
  - **Value:** `38.68.14.188`
  - **TTL:** 300 (5 minutes)
- [ ] Wait 5-10 minutes for propagation
- [ ] Verify DNS: `nslookup whitelist.firefrostgaming.com`
  - Should return: `38.68.14.188`

### Files Ready
- [x] Application code created
- [x] Configuration files ready
- [x] Deployment scripts prepared
- [x] All files committed to Gitea

---

## Deployment Steps

### Method 1: Automated (Recommended)

**Step 1:** Copy files to Billing VPS
```bash
scp -r deployments/whitelist-manager root@38.68.14.188:/tmp/
```

**Step 2:** SSH and deploy
```bash
ssh root@38.68.14.188
cd /tmp/whitelist-manager
chmod +x deploy.sh
./deploy.sh
```

**Step 3:** Follow prompts and verify

### Method 2: Manual (If you prefer control)

Follow `deployments/whitelist-manager/DEPLOYMENT.md` step-by-step

---

## Post-Deployment Verification

### Test 1: Service Running
```bash
ssh root@38.68.14.188
systemctl status whitelist-manager
```
✅ Should show: "active (running)" in green

### Test 2: Health Check
```bash
curl http://localhost:5001/health
```
✅ Should return: `{"service":"whitelist-manager","status":"healthy"}`

### Test 3: Web Access
Open browser: `https://whitelist.firefrostgaming.com`

✅ Should show:
- Login prompt
- Valid SSL certificate (green padlock)

### Test 4: Dashboard Login
Login with:
- Username: `mkrause612`
- Password: `Butter2018!!`

✅ Should show:
- All 11 servers listed
- TX1 and NC1 servers grouped
- Server status indicators

### Test 5: Add Player Test
1. Select "Vanilla 1.21.11" server (safest for testing)
2. Enter test player: `TestPlayer123`
3. Click "Add to Whitelist"

✅ Should show: Green success message

### Test 6: Remove Player Test
1. Same server
2. Same player: `TestPlayer123`
3. Click "Remove from Whitelist"

✅ Should show: Green success message

### Test 7: Bulk Operation Test
1. Enter multiple test players (one per line):
   ```
   BulkTest1
   BulkTest2
   BulkTest3
   ```
2. Select "Vanilla 1.21.11"
3. Click "Bulk Add"

✅ Should show: 3 green success messages

---

## Success Criteria

All items must be checked:

- [ ] DNS resolves to 64.50.188.14
- [ ] HTTPS works with valid SSL
- [ ] Login successful with credentials
- [ ] All 11 servers visible
- [ ] Add player works
- [ ] Remove player works
- [ ] Bulk operations work
- [ ] Service auto-starts on reboot

---

## Rollback Plan (If needed)

If deployment fails:

```bash
# Stop service
systemctl stop whitelist-manager
systemctl disable whitelist-manager

# Remove Nginx config
rm /etc/nginx/sites-enabled/whitelist.firefrostgaming.com

# Reload Nginx
systemctl reload nginx

# Remove application
rm -rf /opt/whitelist-manager

# Remove SSL cert (optional)
certbot delete --cert-name whitelist.firefrostgaming.com
```

---

## Next Steps After Successful Deployment

### Immediate
1. [ ] Backup credentials to Vaultwarden
   - API Key: `ptlc_vudB5oRaeoJGPip4fH5PDiymgi28uc39OjJsCbTDVEK`
   - Dashboard: `mkrause612 / Butter2018!!`

2. [ ] Update infrastructure manifest
   ```bash
   # Add to Management Services table:
   Whitelist Manager | Billing VPS | 38.68.14.188 | whitelist.firefrostgaming.com | ✅ OPERATIONAL
   ```

3. [ ] Mark task complete in tasks.md
   ```
   Status: ✅ COMPLETE
   Completed: 2026-02-16
   ```

### Documentation
4. [ ] Create usage guide for Meg and staff
5. [ ] Document in Wiki.js Staff
6. [ ] Take screenshots for documentation

### Testing with Real Players
7. [ ] Test with actual player whitelist
8. [ ] Verify across multiple servers
9. [ ] Test bulk operations with real usernames

---

## Useful Commands Reference

### Service Management
```bash
# Status
systemctl status whitelist-manager

# Logs (live)
journalctl -u whitelist-manager -f

# Restart
systemctl restart whitelist-manager
```

### Nginx
```bash
# Test config
nginx -t

# Reload
systemctl reload nginx

# Logs
tail -f /var/log/nginx/whitelist.access.log
tail -f /var/log/nginx/whitelist.error.log
```

### SSL Certificate
```bash
# Check status
certbot certificates

# Renew
certbot renew
```

---

## Troubleshooting Quick Reference

**Service won't start:**
- Check logs: `journalctl -u whitelist-manager -n 50`
- Verify .env file exists
- Check port 5001 not in use: `netstat -tuln | grep 5001`

**Can't access web dashboard:**
- Verify DNS: `nslookup whitelist.firefrostgaming.com`
- Check service: `systemctl status whitelist-manager`
- Check Nginx: `systemctl status nginx`
- Check firewall: Ports 80 and 443 open

**SSL certificate fails:**
- Verify DNS propagation first
- Check Nginx is running
- Ensure ports 80/443 are open
- Retry: `certbot --nginx -d whitelist.firefrostgaming.com`

**Operations fail:**
- Verify API key in .env is correct
- Check Pterodactyl panel is accessible
- Test API: `curl -H "Authorization: Bearer ptlc_..." https://panel.firefrostgaming.com/api/client`

---

## Time Saved

**Before:** 15 minutes per whitelist change
- SSH to node
- Find server in Pterodactyl
- Use console commands
- Verify on each server
- Repeat for multiple servers

**After:** 30 seconds
- Open web dashboard
- Select servers
- Enter player name
- One click

**Impact:** 96.7% time reduction per operation

---

🔥❄️ **Fire + Frost + Foundation = Where Love Builds Legacy** 💙

**Ready to deploy!**