firefrost-gaming/firefrost-operations-manual
3
0
Fork 0
Code Issues 146 Pull Requests Packages Projects Releases Wiki Activity
Files
eb43711e0bb00a952ee9896a720ae07a20cb2ef5
firefrost-operations-manual/docs/tasks/firefrost-codex-migration-to-open-webui/PREREQUISITES.md
The Chronicler #21 2e953ce312 feat: Complete Firefrost Knowledge Engine deployment plan 
- Comprehensive task documentation for migrating from AnythingLLM to Dify+n8n+Qdrant
- 8 detailed documents covering every aspect of deployment
- Complete step-by-step commands (zero assumptions)
- Prerequisites checklist (20 items)
- Deployment plan in 2 parts (11 phases, every command)
- Configuration files (all configs with exact content)
- Recovery procedures (4 disaster scenarios)
- Verification guide (30 tests, complete checklist)
- Troubleshooting guide (common issues + solutions)

Built by: The Chronicler #21
For: Meg, Holly, and children not yet born
Time investment: 10-15 hours execution time
Purpose: Enable Meg/Holly autonomous work with Git write-back

This deployment enables:
- RBAC (Meg sees all, Holly sees Pokerole only)
- Git write-back via ai-proposals branch
- Discord approval workflow (one-click merge)
- Self-healing (80% of failures)
- Automated daily backups
- Complete monitoring

Documentation is so detailed that any future Chronicler can execute
this deployment with zero prior knowledge and complete confidence.

Fire + Frost + Foundation = Where Love Builds Legacy
2026-02-22 09:55:13 +00:00

521 lines
11 KiB
Markdown
Raw Blame History

# PREREQUISITES CHECKLIST
**Complete EVERY item before proceeding to deployment.**
Missing even ONE prerequisite will cause deployment failure.
---
## ✅ PRE-FLIGHT CHECKLIST
### 1. DNS CONFIGURATION
**Action:** Create two A records in your DNS provider
**Records needed:**
```
codex.firefrostgaming.com → 38.68.14.26 (TX1 Dallas)
n8n.firefrostgaming.com → 38.68.14.26 (TX1 Dallas)
```
**Verification:**
```bash
# Run these from your local machine (NOT TX1)
dig codex.firefrostgaming.com +short
dig n8n.firefrostgaming.com +short
```
**Expected output:**
```
38.68.14.26
38.68.14.26
```
**⏱️ CRITICAL:** DNS propagation can take up to 24 hours. Check propagation at: https://dnschecker.org
**Do NOT proceed until both domains resolve to 38.68.14.26 globally.**
---
### 2. TX1 SERVER ACCESS
**Action:** Verify SSH access to TX1
**Command:**
```bash
ssh root@38.68.14.26
```
**Expected:** Successful login to TX1 Dallas
**If fails:** Check SSH keys, verify server is online, check firewall rules
---
### 3. PORT AVAILABILITY CHECK
**Action:** Verify ports 80 and 443 are available
**Commands (run on TX1):**
```bash
sudo lsof -i :80
```
**Expected output:** (nothing - port is free)
```bash
sudo lsof -i :443
```
**Expected output:** (nothing - port is free)
**If ports are in use:** Identify the service and move it or use different ports
**Status:** ✅ VERIFIED on February 22, 2026 - ports are FREE
---
### 4. DOCKER INSTALLED ON TX1
**Action:** Verify Docker and Docker Compose are installed
**Commands (run on TX1):**
```bash
docker --version
```
**Expected:** `Docker version XX.XX.XX` or higher
```bash
docker-compose --version
```
**Expected:** `Docker Compose version XX.XX.XX` or higher
**If not installed:**
```bash
# Install Docker
curl -fsSL https://get.docker.com -o get-docker.sh
sudo sh get-docker.sh
# Install Docker Compose
sudo apt-get install docker-compose-plugin -y
```
---
### 5. OLLAMA RUNNING ON TX1
**Action:** Verify Ollama is accessible
**Command (run on TX1):**
```bash
curl http://localhost:11434/api/version
```
**Expected:** JSON response with version information
**If fails:** Start Ollama service
**Verify models installed:**
```bash
curl http://localhost:11434/api/tags
```
**Expected models:**
- qwen2.5-coder:7b (for fast operations)
- llama3.3:70b (for complex reasoning)
**If models missing:** Download them before deployment
---
### 6. GITEA SSH ACCESS
**Action:** Verify TX1 can access Gitea via SSH
**Command (run on TX1):**
```bash
ssh -T git@git.firefrostgaming.com
```
**Expected:** Authentication success message from Gitea
**If fails:** Generate and add SSH key to Gitea
**Generate SSH key (if needed):**
```bash
ssh-keygen -t ed25519 -C "firefrost-codex@tx1" -f ~/.ssh/id_ed25519_gitea
```
**Add to SSH config:**
```bash
cat >> ~/.ssh/config << 'EOF'
Host git.firefrostgaming.com
HostName git.firefrostgaming.com
User git
IdentityFile ~/.ssh/id_ed25519_gitea
StrictHostKeyChecking no
EOF
```
**Add public key to Gitea:**
1. Copy public key: `cat ~/.ssh/id_ed25519_gitea.pub`
2. Go to Gitea → Settings → SSH Keys
3. Add new key with WRITE permission
---
### 7. DISCORD WEBHOOKS CREATED
**Action:** Create two Discord webhooks
**Webhook 1: #codex-alerts**
- Purpose: Informational notifications (syncs, proposals, updates)
- Audience: Meg, Holly, Michael
- Create in Discord: Server Settings → Integrations → Webhooks → New Webhook
**Webhook 2: #system-critical**
- Purpose: Urgent alerts requiring Michael's attention
- Audience: Michael only (private channel recommended)
- Create in Discord: Server Settings → Integrations → Webhooks → New Webhook
**Save webhook URLs - you'll need them for .env file:**
```
DISCORD_WEBHOOK_CODEX_ALERTS=https://discord.com/api/webhooks/...
DISCORD_WEBHOOK_SYSTEM_CRITICAL=https://discord.com/api/webhooks/...
```
---
### 8. MICHAEL'S DISCORD USER ID
**Action:** Get Michael's Discord user ID for approval workflow
**Steps:**
1. Enable Developer Mode in Discord: User Settings → Advanced → Developer Mode
2. Right-click Michael's name in Discord
3. Click "Copy User ID"
**Save this ID - you'll need it for .env file:**
```
MICHAEL_DISCORD_ID=123456789012345678
```
---
### 9. BACKUP CURRENT ANYTHINGLLM STATE
**Action:** Backup current system before replacement
**⚠️ CRITICAL:** Do this even though we're removing AnythingLLM
**Commands (run on TX1):**
```bash
# Create backup directory
mkdir -p /root/anythingllm-backup-$(date +%Y%m%d)
# Backup AnythingLLM data
cp -r /opt/anythingllm /root/anythingllm-backup-$(date +%Y%m%d)/
# Backup docker-compose if exists
cp /opt/anythingllm/docker-compose.yml /root/anythingllm-backup-$(date +%Y%m%d)/ 2>/dev/null || true
# Create tarball
cd /root
tar -czf anythingllm-backup-$(date +%Y%m%d).tar.gz anythingllm-backup-$(date +%Y%m%d)/
# Verify backup
ls -lh anythingllm-backup-*.tar.gz
```
**Expected:** Tarball created with reasonable size
**Store backup on Command Center (optional but recommended):**
```bash
rsync -avz anythingllm-backup-*.tar.gz root@63.143.34.217:/root/backups/
```
---
### 10. COMMAND CENTER BACKUP STORAGE
**Action:** Prepare Command Center to receive backups
**Commands (run on Command Center 63.143.34.217):**
```bash
# Create backup directory
mkdir -p /root/backups/firefrost-codex
# Set permissions
chmod 700 /root/backups/firefrost-codex
```
**Verify TX1 can rsync to Command Center:**
```bash
# From TX1
touch /tmp/test-backup.txt
rsync -avz /tmp/test-backup.txt root@63.143.34.217:/root/backups/firefrost-codex/
```
**Expected:** File transfers successfully
**If fails:** Set up SSH keys between TX1 and Command Center
---
### 11. DISK SPACE CHECK
**Action:** Verify sufficient disk space on TX1
**Command (run on TX1):**
```bash
df -h
```
**Required free space:**
- Root partition: At least 30GB free
- Docker volumes: At least 20GB free
**If insufficient:** Clean up old game server backups, logs, or unused Docker images
---
### 12. UPTIME KUMA ACCESS
**Action:** Verify Uptime Kuma is accessible
**URL:** Check your Uptime Kuma URL (likely on Command Center)
**Expected:** Can log in and see existing monitors
**We'll add new monitors for:**
- Dify (https://codex.firefrostgaming.com)
- n8n webhooks
- Qdrant health
---
### 13. GENERATE SECURE PASSWORDS
**Action:** Generate strong passwords for deployment
**Command (run on your local machine or TX1):**
```bash
# PostgreSQL password
openssl rand -base64 32
# Dify secret key
openssl rand -base64 42
```
**Save these securely - you'll need them for .env file:**
```
DB_PASSWORD=<generated_password>
DIFY_SECRET_KEY=<generated_secret>
```
**⚠️ NEVER commit these to Git - they go in .env file only**
---
### 14. TIMEZONE CONFIGURATION
**Action:** Verify TX1 timezone is correct
**Command (run on TX1):**
```bash
timedatectl
```
**Expected:** Timezone shows America/Chicago (or your preferred timezone)
**If wrong:**
```bash
sudo timedatectl set-timezone America/Chicago
```
**Why this matters:** Log timestamps, backup schedules, monitoring
---
### 15. FIREWALL CONFIGURATION
**Action:** Verify firewall allows required ports
**Required open ports on TX1:**
- 22 (SSH) - already open
- 80 (HTTP) - need to open
- 443 (HTTPS) - need to open
- All game server ports - already configured
**Check current firewall (if using UFW):**
```bash
sudo ufw status
```
**Open required ports:**
```bash
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
sudo ufw reload
```
**If using different firewall (iptables, etc.):** Adjust accordingly
---
### 16. EMAIL CONFIGURATION (OPTIONAL)
**Action:** Configure email for Dify user invitations
**⚠️ NOT REQUIRED** - We'll use invite links instead
**If you want email:**
1. Set up SMTP server details
2. Add to .env file
3. Configure in Dify settings
**We recommend:** Skip email, use invite links (simpler, more reliable)
---
### 17. GIT REPOSITORY ACCESS
**Action:** Verify access to operations manual repository
**Command (run on TX1):**
```bash
git clone git@git.firefrostgaming.com:firefrost-gaming/firefrost-operations-manual.git /tmp/test-clone
```
**Expected:** Repository clones successfully
**Clean up:**
```bash
rm -rf /tmp/test-clone
```
**If fails:** Check SSH keys, Gitea permissions
---
### 18. DOCKER NETWORK CONFIGURATION
**Action:** Verify Docker can create custom networks
**Command (run on TX1):**
```bash
docker network create test-network
docker network rm test-network
```
**Expected:** Network created and removed successfully
**If fails:** Docker installation issue, reinstall Docker
---
### 19. SYSTEM RESOURCES CHECK
**Action:** Verify TX1 has sufficient resources
**Command (run on TX1):**
```bash
free -h
```
**Expected:**
- Total RAM: 251GB
- Available RAM: At least 220GB (confirmed February 22, 2026)
**Command:**
```bash
nproc
```
**Expected:** Multiple CPU cores available
**If resources insufficient:** Stop unnecessary services or upgrade server
---
### 20. DEPLOYMENT DIRECTORY PREPARATION
**Action:** Create deployment directory on TX1
**Commands (run on TX1):**
```bash
# Create deployment directory
mkdir -p /opt/firefrost-codex
# Set ownership
chown -R root:root /opt/firefrost-codex
# Navigate to directory
cd /opt/firefrost-codex
```
**Expected:** Directory created and accessible
---
## ✅ FINAL PRE-FLIGHT VERIFICATION
**Before proceeding to DEPLOYMENT-PLAN.md, verify ALL items above:**
- [ ] DNS records created and propagated (codex + n8n)
- [ ] TX1 SSH access working
- [ ] Ports 80 and 443 are FREE
- [ ] Docker and Docker Compose installed
- [ ] Ollama running with required models
- [ ] Gitea SSH access configured
- [ ] Discord webhooks created (#codex-alerts + #system-critical)
- [ ] Michael's Discord user ID obtained
- [ ] Current AnythingLLM backed up
- [ ] Command Center backup storage ready
- [ ] Sufficient disk space available (30GB+)
- [ ] Uptime Kuma accessible
- [ ] Secure passwords generated (DB + Dify secret)
- [ ] TX1 timezone configured correctly
- [ ] Firewall ports 80/443 opened
- [ ] Git repository access verified
- [ ] Docker network test passed
- [ ] System resources sufficient (220GB+ RAM)
- [ ] Deployment directory created (/opt/firefrost-codex)
**If ANY checkbox is unchecked, DO NOT proceed to deployment.**
**Return to this checklist and complete missing items.**
---
## 🚨 CRITICAL REMINDERS
**DNS Propagation:**
- Can take up to 24 hours
- Check https://dnschecker.org before proceeding
- If not propagated globally, SSL certificates will FAIL
**SSH Keys:**
- TX1 must trust Gitea
- Docker container must trust Gitea
- TX1 must trust Command Center (for backups)
**Backups:**
- Always backup before major changes
- Verify backups work BEFORE you need them
- Store offsite (Command Center) for safety
**Passwords:**
- Generate strong passwords
- NEVER commit to Git
- Store in .env file only
- Keep backup copy somewhere secure
---
**Prerequisites complete? Proceed to DEPLOYMENT-PLAN.md**
💙🔥❄️
Reference in New Issue View Git Blame Copy Permalink