firefrost-gaming/firefrost-operations-manual
3
0
Fork 0
Code Issues 146 Pull Requests Packages Projects Releases Wiki Activity
Files
eb43711e0bb00a952ee9896a720ae07a20cb2ef5
firefrost-operations-manual/docs/tasks/whitelist-manager/prerequisites.md
mkrause612 cf35fa9fcf Add prerequisites checklist for whitelist-manager 
Complete pre-deployment checklist covering:
- Pterodactyl API access and key generation
- Ghost VPS access and requirements
- DNS configuration steps
- Whitelist enforcement method determination
- Authentication setup
- Server list verification (11 Minecraft servers)
- Network and firewall requirements
- SSL certificate preparation

Follows FFG-STD-002 standard for task documentation.

This ensures all prerequisites are gathered before starting
deployment, preventing mid-deployment blockers.

Phase 4 of complete restructure.

Date: February 16, 2026
Implemented by: The Chronicler
2026-02-16 06:21:05 -06:00

245 lines
6.7 KiB
Markdown
Raw Blame History

# Whitelist Manager - Prerequisites
**Task:** Whitelist Manager Web Dashboard
**Document Type:** Prerequisites Checklist
**Status:** ACTIVE
**Last Updated:** 2026-02-16
---
## Before You Begin
This checklist covers everything you need to gather/prepare BEFORE starting the deployment.
---
## ✅ PREREQUISITE CHECKLIST
### 1. Pterodactyl Panel Access
- [ ] **Panel URL confirmed:** `________________________`
- Likely: `https://panel.firefrostgaming.com` or similar
- [ ] **API Key generated**
- Log into Pterodactyl panel
- Navigate to: Account Settings → API Credentials
- Create new key with description: "Whitelist Manager"
- Permissions needed:
- ✅ Read server details
- ✅ Send console commands
- ✅ Access server variables (if whitelist enforcement is a variable)
- [ ] **API key tested**
```bash
curl -H "Authorization: Bearer YOUR_API_KEY" \
https://panel.firefrostgaming.com/api/client
```
- Should return your account details (confirms key works)
- [ ] **API key stored securely**
- DO NOT commit to Git
- Store in `.env` file (will create during deployment)
- Backup in Vaultwarden after deployment
---
### 2. Ghost VPS Access
- [ ] **SSH credentials obtained**
- IP address: `________________________`
- Username: root (or other)
- SSH key or password access
- [ ] **SSH access verified**
```bash
ssh root@[ghost-vps-ip]
```
- Can successfully connect
- [ ] **Server requirements met**
- [ ] Python 3.9+ installed
- [ ] Nginx installed and running
- [ ] Port 5001 available (internal app port)
- [ ] Sufficient disk space (≥1GB free)
- [ ] Sufficient RAM (≥512MB free)
- [ ] **Nginx status confirmed**
```bash
systemctl status nginx
```
- Should be active and running
---
### 3. DNS Configuration
- [ ] **DNS provider access confirmed**
- Cloudflare, Route53, or other
- Can create/modify DNS records
- [ ] **A Record to create:**
- **Name:** `whitelist.firefrostgaming.com`
- **Type:** A
- **Value:** [Ghost VPS IP Address]
- **TTL:** 300 (5 minutes for testing, increase after deployment)
- **Proxy:** Off (for initial setup)
- [ ] **Ghost VPS IP address confirmed:** `________________________`
---
### 4. Whitelist Enforcement Method
**Determine how Minecraft whitelist enforcement works on your servers:**
- [ ] **Option A: Console Commands** (Recommended)
- `/whitelist on` to enable
- `/whitelist off` to disable
- No server restart required
- **Check:** Test on one server to confirm
- [ ] **Option B: server.properties**
- `white-list=true/false` in config file
- Requires server restart to apply
- More complex to automate
- [ ] **Option C: Pterodactyl Startup Variable**
- Whitelist enabled/disabled via panel variable
- Check Pterodactyl server settings
**Confirmed method:** ________________________
---
### 5. Authentication
- [ ] **Admin username chosen:** `________________________`
- Recommendation: Use same username as Wiki.js Staff for consistency
- [ ] **Admin password chosen:** `________________________`
- Strong password (16+ characters)
- Mix of letters, numbers, symbols
- Store in password manager
- [ ] **Additional staff users identified** (if needed):
- User 1: `________________________`
- User 2: `________________________`
- User 3: `________________________`
- Note: MVP supports only one admin user; multi-user is Phase 2
---
### 6. Server List Verification
**Confirm these 11 Minecraft servers are correct:**
**Texas Node (TX1):**
- [ ] Reclamation - `1eb33479-a6bc-4e8f-b64d-d1e4bfa0a8b4`
- [ ] Stoneblock 4 - `a0efbfe8-4b97-4a90-869d-ffe6d3072bd5`
- [ ] Society: Sunlit Valley - `9310d0a6-62a6-4fe6-82c4-eb483dc68876`
- [ ] Vanilla 1.21.11 - `3bed1bda-f648-4630-801a-fe9f2e3d3f27`
- [ ] All The Mons - `668a5220-7e72-4379-9165-bdbb84bc9806`
**North Carolina Node (NC1):**
- [ ] The Ember Project - `124f9060-58a7-457a-b2cf-b4024fce2951`
- [ ] Minecolonies: Create and Conquer - `a14201d2-83b2-44e6-ae48-e6c4cbc56f24`
- [ ] All The Mods 10 - `82e63949-8fbf-4a44-b32a-53324e8492bf`
- [ ] Homestead - `2f85d4ef-aa49-4dd6-b448-beb3fca1db12`
- [ ] EMC Subterra Tech - `09a95f38-9f8c-404a-9557-3a7c44258223`
**Excluded (Non-Minecraft):**
- [ ] FoundryVTT (TX) - `7d8f15a0-4ee7-4dd6-85dc-ab42966f733d` - EXCLUDED
- [ ] Hytale (NC) - `13c80cb8-f6f8-4bfe-9cdb-823d7e951584` - EXCLUDED
---
### 7. Network & Firewall
- [ ] **Ghost VPS firewall rules checked**
- Port 80 (HTTP) open
- Port 443 (HTTPS) open
- Port 5001 does NOT need to be publicly accessible (internal only)
- [ ] **No port conflicts on 5001**
```bash
# On Ghost VPS:
netstat -tuln | grep 5001
```
- Should return nothing (port available)
---
### 8. SSL Certificate Preparation
- [ ] **Certbot installed on Ghost VPS**
```bash
certbot --version
```
- If not installed: `apt install certbot python3-certbot-nginx`
- [ ] **Email for Let's Encrypt notifications:** `________________________`
- Used for certificate expiration warnings
- Recommendation: Use admin email
---
## 🎯 PRE-FLIGHT SUMMARY
**When all checkboxes above are complete, you are ready to begin deployment.**
**Time estimate:** 5-10 minutes to gather all prerequisites
**Next step:** Begin deployment Phase 1 (Infrastructure Setup)
See: `deployment-plan.md` for complete deployment procedure
---
## 🚨 TROUBLESHOOTING PREREQUISITES
### Issue: Can't generate Pterodactyl API key
- Verify you have admin access to Pterodactyl panel
- Check with Meg if panel access needs updating
- Alternative: Have Meg generate key and provide securely
### Issue: Don't have Ghost VPS access
- Verify SSH key is added to authorized_keys
- Check firewall isn't blocking SSH (port 22)
- Alternative: Work from Command Center if Ghost VPS unavailable
### Issue: DNS changes not propagating
- Wait 5-10 minutes for TTL expiration
- Test with: `nslookup whitelist.firefrostgaming.com`
- Clear local DNS cache if needed
- Try from different network/device
### Issue: Can't determine whitelist enforcement method
- SSH to one Minecraft server
- Try: `/whitelist on` in console
- Check `server.properties` file for `white-list=` setting
- Test on Vanilla 1.21.11 (safest server for testing)
---
## 📋 QUICK REFERENCE
**Information to have ready during deployment:**
1. Pterodactyl panel URL
2. Pterodactyl API key (starts with `ptlc_...`)
3. Ghost VPS IP address
4. Admin username and password
5. Email for SSL certificate
6. Whitelist enforcement method (console/properties/variable)
**Save this info in:** `/tmp/whitelist-manager-prereqs.txt` for easy access
---
**Fire + Frost + Foundation = Where Love Builds Legacy** 💙🔥❄️
---
**Document Status:** ACTIVE
**Ready to Deploy:** When all checkboxes complete
Reference in New Issue View Git Blame Copy Permalink