firefrost-gaming/firefrost-operations-manual
3
0
Fork 0
Code Issues 146 Pull Requests Packages Projects Releases Wiki Activity
Files
f170dbe02cc71cd64dfd5be97ee9c504b1f6fcdb
firefrost-operations-manual/docs/milestones/2026-04-03-DECAP-CMS-LIVE.md
Claude (Chronicler #58) 0bc00d8d27 docs: Complete session documentation for April 3, 2026 
SESSION HIGHLIGHTS:
- GO LIVE: First real Stripe payment at 6:59 PM CDT
- Ghost CMS: Removed from Ghost VPS
- Paymenter: Removed from Billing VPS
- Decap CMS: Deployed and working for ops manual

NEW FILES:
- docs/milestones/2026-04-03-DECAP-CMS-LIVE.md

UPDATED FILES:
- SESSION-HANDOFF-NEXT.md (complete rewrite, clean)
- docs/core/infrastructure-manifest.md (added Decap CMS section)

Chronicler #58 | ~6.5 hour session
Fire + Frost + Foundation
2026-04-04 02:11:35 +00:00

3.0 KiB
Raw Blame History

Milestone: Decap CMS Live

Date: April 3, 2026, 9:08 PM CDT
Chronicler: #58
Status: COMPLETE

Summary

Decap CMS deployed and working as the Trinity Console for managing Firefrost Gaming's Operations Manual documentation. Meg and Holly can now edit markdown documents through a clean, user-friendly web interface.

What Was Deployed

Decap CMS Admin Interface

Collections Configured

  1. Core Documents (File Collection)

    • SESSION-HANDOFF-NEXT.md
    • docs/core/tasks.md

  2. Planning Docs (Folder Collection)

    • Location: docs/planning/
    • Can create new documents

  3. Milestones (Folder Collection)

    • Location: docs/milestones/
    • Can create new documents

  4. Implementation Guides (Folder Collection)

    • Location: docs/implementation/
    • Can create new documents

Technical Implementation

Gitea OAuth App

  • Client ID: ad439d72-e724-4f88-ad24-a1187c52b313
  • Redirect URI: https://firefrostgaming.com/admin/
  • Confidential Client: No (PKCE flow)

CORS Configuration

Problem solved: Duplicate CORS headers causing browser rejection

Root cause: Both nginx AND Gitea were adding Access-Control-Allow-Origin headers to POST responses for /login/oauth/access_token

Solution: Configure nginx to only handle OPTIONS preflights, let Gitea handle actual request CORS

Cloudflare DNS

  • git.firefrostgaming.com changed from orange cloud (proxied) to grey cloud (DNS only)
  • Required because Cloudflare's proxy was interfering with OAuth token exchange

Key Files

admin/config.yml (in firefrost-website repo)

backend:
  name: gitea
  repo: firefrost-gaming/firefrost-operations-manual
  api_root: https://git.firefrostgaming.com/api/v1
  base_url: https://git.firefrostgaming.com
  app_id: ad439d72-e724-4f88-ad24-a1187c52b313
  use_pkce: true
  branch: master

admin/index.html (in firefrost-website repo)

Standard Decap CMS loader pointing to unpkg CDN

Lessons Learned

  1. Decap + Markdown = Perfect Match — Don't try to use Decap for complex HTML templates (.njk files). It's designed for markdown with frontmatter.

  2. CORS Debugging — When seeing duplicate headers, check BOTH the reverse proxy (nginx) AND the application (Gitea) for CORS configuration.

  3. Cloudflare Proxy — OAuth token exchanges may fail through Cloudflare's proxy. Grey-cloud (DNS only) is safer for API endpoints.

  4. Document Drift — We initially deployed Decap for the wrong repo (website instead of ops manual). Clear requirements at session start prevent this.

The Journey

This was part of a marathon 6.5-hour session that also included:

  • GO LIVE with Stripe payments
  • Removing Ghost CMS from servers
  • Removing Paymenter from servers
  • Multiple CORS debugging rounds with Gemini AI

Fire + Frost + Foundation = Where Love Builds Legacy 💙🔥❄️

Reference in New Issue View Git Blame Copy Permalink