BUG: Was using server_id (column doesn't exist) instead of server_uuid
BUG: Was using update_available (column doesn't exist) instead of status
FIXED:
- Changed whereIn('server_id', $serverIds) to whereIn('server_uuid', $serverUuids)
- Changed pluck('id') to pluck('uuid')
- Changed (bool) $status->update_available to $status->status === 'update_available'
This fix makes the dashboard badge API actually work!
Signed-off-by: Claude (Chronicler #63) <claude@firefrostgaming.com>
- Isometric cube with checkmark (version check concept)
- Frost (#4ECDC4) edge on left, Fire (#FF6B35) edge on right
- Subtle Firefrost branding that fits Pterodactyl's UI
- 128x128 PNG with transparency
Designed by Gemini AI, April 2026.
Signed-off-by: Claude (Chronicler #63) <claude@firefrostgaming.com>
ROOT CAUSE (Gemini consultation):
Technic blocks requests with old/deprecated build numbers. The hardcoded
'?build=1' was being rejected as an ancient launcher version.
SOLUTION:
- Fetch current stable launcher build from /launcher/version/stable4
- Use that build number in the modpack request
- Fallback to 999 if version check fails
This 'RV-Ready' approach requires zero maintenance as Technic updates
their launcher versions over time.
ALL 4 PLATFORMS NOW WORKING:
✅ Modrinth
✅ FTB
✅ CurseForge
✅ Technic
Signed-off-by: Claude (Chronicler #63) <claude@firefrostgaming.com>
- Updated file structure to show app/Http/Controllers and app/Console/Commands
- Added explanation of why the app/ folder structure is used
- Updated platform support table with working status
- Added note about Technic API 401 error (investigation needed)
Signed-off-by: Claude (Chronicler #63) <claude@firefrostgaming.com>
BREAKING CHANGES - folder structure reorganized:
OLD STRUCTURE (broken):
Controllers/ModpackAPIController.php
console/CheckModpackUpdates.php
NEW STRUCTURE (working):
app/Http/Controllers/ModpackAPIController.php
app/Console/Commands/CheckModpackUpdates.php
CHANGES:
1. Moved controller to app/Http/Controllers/
- Namespace changed: Pterodactyl\Http\Controllers
- This aligns with Laravel's PSR-4 autoloading
- Blueprint's requests.app field merges into Pterodactyl's app/
2. Moved console command to app/Console/Commands/
- Now properly registered with Laravel's command system
- Run with: php artisan modpackchecker:check
3. Updated conf.yml:
- Set requests.app: 'app' (enables app/ folder merging)
- Cleared data.directory (was pointing to non-existent folder)
- Cleared dashboard.wrapper (TSX not supported, use build.sh)
4. Updated routes/client.php:
- Fixed use statement to match new namespace
TESTED AND VERIFIED:
- blueprint -build: SUCCESS
- yarn build:production: SUCCESS
- php artisan modpackchecker:check: SUCCESS
- API tests passed: Modrinth ✅, FTB ✅, CurseForge ✅
- Technic API now requires auth (needs investigation)
This commit represents the WORKING state deployed on Dev Panel.
Signed-off-by: Claude (Chronicler #63) <claude@firefrostgaming.com>
Added professional-grade documentation throughout the codebase so any
developer can pick up this project and understand it immediately.
PHILOSOPHY:
'Hand someone the repo and say: here's what we built, here's WHY we built
it this way, here's where it's going. Make it better.' — Michael
NEW FILES:
- blueprint-extension/README.md
- Complete developer onboarding guide (400+ lines)
- Architecture diagram showing cron → cache → badge flow
- Installation steps, configuration, usage
- API reference with example responses
- Troubleshooting guide
- Design decisions with rationale
ENHANCED DOCUMENTATION:
ModpackAPIController.php:
- 60-line file header explaining purpose, architecture, critical decisions
- Detailed docblocks on every method
- Explains WHY dashboard reads cache-only (rate limits)
- Documents all four platform APIs with links
- Example request/response for each endpoint
CheckModpackUpdates.php:
- 50-line file header with usage examples
- Recommended cron schedule
- Example console output
- Documents rate limiting strategy
- Explains relationship to dashboard badges
UpdateBadge.tsx:
- 50-line file header explaining the 'dumb badge' architecture
- Detailed comments on global cache pattern
- Documents the fetch-once deduplication strategy
- Explains render conditions and why each exists
- Brand color documentation (Fire/Frost)
- Accessibility notes (aria-label)
WHAT A NEW DEVELOPER NOW KNOWS:
1. The 'why' behind every architectural decision
2. How the cron → cache → badge flow prevents rate limits
3. Which methods call external APIs vs read cache
4. How to add a new platform
5. How to troubleshoot common issues
6. The relationship between all components
This codebase is now ready to hand to a contractor with the words:
'This was made great. Make it awesome.'
Signed-off-by: Claude (Chronicler #63) <claude@firefrostgaming.com>
Phase 5 Components (completing Pyrrhus's work):
NEW FILES:
- views/dashboard/UpdateBadge.tsx: Dashboard badge component
- Shows 🟢 (up to date) or 🟠 (update available) next to server names
- Global cache prevents multiple API calls on page load
- Reads from local database, never calls external APIs directly
- Fire (#FF6B35) and Frost (#4ECDC4) brand colors
- console/CheckModpackUpdates.php: Laravel cron command
- Run with: php artisan modpackchecker:check
- Loops through servers with MODPACK_PLATFORM variable
- Checks CurseForge, Modrinth, FTB, Technic APIs
- Rate limited (2s sleep between checks)
- Stores results in modpackchecker_servers table
UPDATED FILES:
- Controllers/ModpackAPIController.php:
- Added getStatus() method for dashboard badge endpoint
- Returns all user's servers' update status in single query
- Added DB facade import
- routes/client.php:
- Added GET /extensions/modpackchecker/status route
- build.sh:
- Complete rewrite for Phase 5
- Handles both console widget AND dashboard badge
- Auto-detects extension directory (dev vs extensions)
- Copies CheckModpackUpdates.php to app/Console/Commands/
- Injects UpdateBadge into ServerRow.tsx
- Clear status output and next-steps guide
Architecture (Gemini-approved):
CRON (hourly) → Database cache → Single API endpoint → React badge
Dashboard badge is 'dumb' - only reads from cache, never external APIs
Completing work started by Chronicler #62 (Pyrrhus).
UpdateBadge.tsx was lost in Blueprint corruption - reconstructed from
handoff notes and architecture documentation.
Signed-off-by: Claude (Chronicler #63) <claude@firefrostgaming.com>
PHASE 3 COMPLETE - All systems operational on Dev Panel
Changes:
- Renamed controllers/ to Controllers/ (PSR-4 case sensitivity fix)
- Updated namespace to use capital C in Controllers
- Fixed getEggVariable() method to use correct Pterodactyl model structure
- Changed from whereHas('variable'...) to direct where('env_variable'...)
- Changed return from variable_value to server_value
- Updated routes/client.php with correct namespace
- Updated wrapper.tsx with correct API path (/api/client/extensions/...)
- Added build.sh for React component injection via sed
Tested and verified:
- Admin UI renders correctly
- Client panel loads without 500 error
- React component appears on server console page
- API call executes successfully
- Returns proper 'no modpack detected' message for unconfigured servers
Key learnings documented:
- Blueprint wrapper field is for Blade only, not TSX
- TSX components require build.sh + sed injection + yarn build
- PHP-FPM OPCache requires restart after adding new classes
- Controller namespace must match directory case exactly
Dev Panel: http://64.50.188.14:128
Test Server UUID: c0a133db-6cb7-497d-a2ed-22ae66eb0de8
Next: Phase 4 - Real modpack testing with CurseForge API
Signed-off-by: Claude (Chronicler #62) <claude@firefrostgaming.com>
WHAT THIS ADDS:
- Discord role sync on new subscriptions (checkout.session.completed)
- Discord role removal on chargebacks (charge.dispute.created)
- Grace period expiration job (hourly cron check)
- Automatic downgrade to Awakened when grace period expires
NEW FILES:
- src/services/discordRoleSync.js - Role add/remove/sync functions
- src/sync/graceExpiration.js - Grace period expiration processor
MODIFIED FILES:
- src/routes/stripe.js - Added role sync calls to webhook handlers
- src/discord/events.js - Initialize role sync service on bot ready
- src/sync/cron.js - Added grace period check to hourly job
- src/index.js - Import discordRoleSync service
PHILOSOPHY:
'We Don't Kick People Out' - expired grace periods downgrade to
permanent Awakened tier (tier 1, lifetime). Users keep community
access, just lose premium perks.
ROLE MAPPING (tier_level -> role key):
1=the-awakened, 2=fire-elemental, 3=frost-elemental,
4=fire-knight, 5=frost-knight, 6=fire-master, 7=frost-master,
8=fire-legend, 9=frost-legend, 10=the-sovereign
CHARGEBACKS:
- Immediate role removal
- Added to banned_users table
- Full audit logging
Signed-off-by: Claude (Chronicler #62) <claude@firefrostgaming.com>
Replaces MemoryStore with connect-pg-simple.
Sessions now persist across Arbiter restarts.
Table 'session' auto-created if missing.
Signed-off-by: Claude (Chronicler #61) <claude@firefrostgaming.com>
Removed power task filter — Pterodactyl doesn't include task
relationships by default. Now catches any schedule not prefixed
with [Trinity].
Signed-off-by: Claude (Chronicler #61) <claude@firefrostgaming.com>
express-ejs-layouts doesn't support nested includes.
Changed scheduler.ejs to inline the table HTML.
Changed routes to return raw HTML for HTMX partials instead of rendering.
Signed-off-by: Claude (Chronicler #61) <claude@firefrostgaming.com>
WHAT WAS DONE:
- Added POST /admin/servers/sync-all/:node endpoint
- Accepts 'tx1' or 'nc1' as node parameter
- Syncs whitelist to all servers on that node
- Returns count of synced/errors
- Wired up buttons in index.ejs with htmx
- hx-post to the new endpoint
- Results display in #sync-result span
Files changed:
- services/arbiter-3.0/src/routes/admin/servers.js (+45 lines)
- services/arbiter-3.0/src/views/admin/servers/index.ejs
Signed-off-by: Claude (Chronicler #60) <claude@firefrostgaming.com>
WHAT WAS DONE:
- Re-added MINECRAFT_NEST_IDS filtering
- Keeps the node ID mapping fix (2→NC1, 3→TX1)
WHY:
Non-Minecraft servers were appearing in the matrix.
We need to filter to only show Minecraft servers.
Signed-off-by: Claude (Chronicler #60) <claude@firefrostgaming.com>
WHAT WAS DONE:
- Removed MINECRAFT_NEST_IDS filtering
- Now shows ALL servers from Pterodactyl, not just Minecraft nests
WHY:
Trinity Console should show all servers for management,
not just those in specific nests.
Signed-off-by: Claude (Chronicler #60) <claude@firefrostgaming.com>
WHAT WAS DONE:
- discovery.js: Added node field to server objects
- Maps Pterodactyl node ID 2 → NC1
- Maps Pterodactyl node ID 3 → TX1
- Also includes raw nodeId for debugging
- servers.js: Simplified grouping logic
- Removed fallback checks for 'Node 2', 'Node 3', name patterns
- Now uses clean s.node === 'TX1' / 'NC1' checks
THE BUG:
getMinecraftServers() was only returning identifier and name,
but the matrix filter was checking s.node which was undefined.
Servers were being grouped by name pattern fallback only.
Files changed:
- services/arbiter-3.0/src/panel/discovery.js (+8 lines)
- services/arbiter-3.0/src/routes/admin/servers.js (simplified)
Signed-off-by: Claude (Chronicler #60) <claude@firefrostgaming.com>
ISSUE:
Admin modules (Players, Grace, Audit, Servers, Roles) were failing silently
HTMX endpoints returned 500 errors because required tables didn't exist
ROOT CAUSE (per Gemini):
Modules expect users table (Identity) separate from subscriptions (Billing)
- users: discord_id, minecraft_username, minecraft_uuid, is_staff
- admin_audit_log: audit trail for Trinity actions
- server_sync_log: Pterodactyl sync tracking
SOLUTION:
Created schema migration with 3 new tables
- Preserves Identity/Billing separation (critical for whitelist sync)
- Auto-syncs existing subscriptions to users table
- Pre-populates Trinity members as staff
DEPLOYMENT:
Run on Command Center:
cp services/arbiter-3.0/migrations/arbiter_schema_migration.sql /tmp/
bash services/arbiter-3.0/migrations/run-migration.sh
After migration, all 5 admin modules will work correctly.
Credit: Gemini architectural guidance - Option A (create tables) vs Option B (rewrite queries)
Signed-off-by: Claude (Chronicler #57) <claude@firefrostgaming.com>
ISSUE:
We accidentally built a flat admin.js that replaced the working modular system
All modules (Players, Servers, Grace, Audit, Roles, Financials) exist in /routes/admin/
FIX:
1. Backed up flat admin.js to admin-backup-chronicler57.js
2. Changed index.js to require('./routes/admin/index')
3. Restored proper modular structure
MODULES RESTORED:
- /admin/players - Full CRUD with detail view, tier changes, staff toggle
- /admin/servers - Server matrix with Pterodactyl integration
- /admin/grace - Grace period management
- /admin/audit - Audit log feed
- /admin/roles - Role diagnostics
- /admin/financials - Revenue analytics
ALL ORIGINAL FUNCTIONALITY RESTORED
Signed-off-by: Claude (Chronicler #57) <claude@firefrostgaming.com>
FIXES:
1. Players: mrr_value is decimal type, needs parseFloat() before toFixed()
2. Audit Log: Use SELECT * to handle any column name variations
Signed-off-by: Claude (Chronicler #57) <claude@firefrostgaming.com>
COMPLETED ALL 5 ENDPOINTS:
1. Grace Period ✅ (already done)
- Shows users in grace period with countdown
2. Audit Log ✅ NEW
- Queries webhook_events_processed table
- Shows last 50 webhook events
- Color-coded by event type
3. Players ✅ NEW
- Queries subscriptions table
- Shows all subscribers with tier, status, MRR
- Sortable table with 100 most recent
4. Servers Matrix ✅ NEW
- Static server list (7 servers)
- Shows machine, status, player count
- Note about Pterodactyl API integration coming
5. Role Diagnostics ✅ NEW
- Shows subscription counts by tier
- Summary of active vs lifetime
- Note about Discord API integration coming
ALL ADMIN PAGES NOW FUNCTIONAL FOR SOFT LAUNCH
Signed-off-by: Claude (Chronicler #57) <claude@firefrostgaming.com>
ISSUE (per Gemini consultation):
express-ejs-layouts was wrapping HTMX AJAX responses in full layout
Caused crashes because HTMX endpoints don't pass layout variables
FIX:
Added middleware to detect HX-Request header
Sets res.locals.layout = false for HTMX requests
HTMX endpoints now return raw HTML fragments
This fixes all 5 admin modules:
- Servers Matrix
- Player Management
- Grace Period (with real DB query)
- Audit Log
- Role Diagnostics
Credit: Gemini consultation - HTMX middleware pattern
Signed-off-by: Claude (Chronicler #57) <claude@firefrostgaming.com>
Templates use HTMX to load data dynamically via AJAX
Added 5 endpoint stubs (will implement with real data):
1. /admin/servers/matrix - Server status grid
2. /admin/players/table - Player list
3. /admin/grace/list - Grace period users (WORKING with real DB query)
4. /admin/audit/feed - Recent webhook events
5. /admin/roles/mismatches - Discord role diagnostics
Grace endpoint COMPLETE - queries PostgreSQL and shows users in grace period
Others return 'Coming Soon' placeholders
TESTING:
- Grace Period page should show real data
- Other pages show 'Coming Soon' instead of loading spinner
Signed-off-by: Claude (Chronicler #57) <claude@firefrostgaming.com>
ISSUE:
All module templates still had old EJS v2 include() wrapper
Caused 'include is not a function' errors
FIX:
Removed first and last line (include wrapper) from:
- servers/index.ejs
- players/index.ejs
- roles/index.ejs
- grace/index.ejs
- audit/index.ejs
- financials/index.ejs
Same fix as dashboard.ejs - express-ejs-layouts handles layout injection
Signed-off-by: Claude (Chronicler #57) <claude@firefrostgaming.com>
Package was manually installed but not in package.json
Deploy script runs npm install which removed it every time
Signed-off-by: Claude (Chronicler #57) <claude@firefrostgaming.com>
ISSUE:
Layout.ejs expects 'title' parameter but admin route wasn't passing it
FIX:
Added title: 'Dashboard' to render context
Added error.message to error output for debugging
Signed-off-by: Claude (Chronicler #57) <claude@firefrostgaming.com>
ISSUE:
Admin panel at /admin returned JSON instead of EJS template
User authenticated successfully but saw raw data
FIX:
Changed res.json() to res.render('admin/dashboard')
Added user, mappings, csrfToken to template context
FILES MODIFIED:
- services/arbiter-3.0/src/routes/admin.js (5 lines changed)
TESTING:
Visit /admin after Discord OAuth, should show HTML UI
Signed-off-by: Claude (Chronicler #57) <claude@firefrostgaming.com>
Need BOTH mounts:
- /stripe/webhook (line 43, BEFORE json parser) - raw body for signature
- /stripe (line 83, AFTER json parser) - parsed body for checkout
This allows:
- Webhook at /stripe/webhook with raw body
- Checkout at /stripe/create-checkout-session with parsed body
Signed-off-by: Claude (Chronicler #57) <claude@firefrostgaming.com>
ISSUE:
Webhook signature verification failing with 'Payload was provided as a
parsed JavaScript object instead of raw Buffer'
CAUSE:
Line 43: app.use('/stripe/webhook', stripeRoutes) - raw body
Line 83: app.use('/stripe', stripeRoutes) - JSON parsed body
Same router mounted twice at different paths caused JSON parser to run
FIX:
Removed line 83 duplicate mount
Webhook stays at /stripe/webhook with raw body parsing
Checkout stays at /stripe/create-checkout-session
FILES MODIFIED:
- services/arbiter-3.0/src/index.js (-1 line)
TESTING:
Complete Stripe test checkout, webhook should process successfully
Signed-off-by: Claude (Chronicler #57) <claude@firefrostgaming.com>
Changed endpoint parameters from (priceId, discordId) to just (tier_level).
ISSUE:
Website sends: { tier_level: 1 }
Endpoint expected: { priceId, discordId }
Result: 400 error 'Missing priceId or discordId'
FIX:
- Accept tier_level from request body
- Look up stripe_price_id from stripe_products table
- Determine billing_type (one-time vs subscription)
- Create checkout session without requiring discordId
- Simplified for public checkout flow (no user tracking yet)
SIMPLIFIED CHECKOUT:
- No user verification required
- No Discord linking required
- Stripe collects email during checkout
- Webhook will handle subscription creation later
FILES MODIFIED:
- services/arbiter-3.0/src/routes/stripe.js (45 lines changed)
TESTING:
- Click Subscribe button on website
- Should now create Stripe checkout session successfully
- Should redirect to Stripe payment page
Signed-off-by: Claude (Chronicler #57) <claude@firefrostgaming.com>
THE CORS PREFLIGHT TRAP - solved by Gemini consultation.
ROOT CAUSE:
- Browser sends OPTIONS request BEFORE POST (CORS preflight)
- We only had cors() on router.post(), not router.options()
- Express had no OPTIONS handler, ignored CORS middleware
- Browser got response without Access-Control-Allow-Origin header
- Result: CORS error, POST request never sent
THE FIX (one line):
router.options('/create-checkout-session', cors(corsOptions));
This tells Express: 'When browser asks permission (OPTIONS),
say YES using CORS middleware.'
GEMINI INSIGHTS:
- fetch() with Content-Type triggers 'complex request' preflight
- OPTIONS request must be explicitly handled
- Added Cloudflare Pages preview domain to allowed origins
FILES MODIFIED:
- services/arbiter-3.0/src/routes/stripe.js (+4 lines)
DEPLOYMENT:
Copy to /opt/arbiter-3.0/src/routes/stripe.js and restart service
Signed-off-by: Claude (Chronicler #57) <claude@firefrostgaming.com>
Moved CORS middleware from index.js to stripe.js route handler to fix
'No Access-Control-Allow-Origin header' error.
ISSUE:
- CORS middleware in index.js was registered BEFORE routes
- Routes registered later overrode CORS settings
- Browser showed: 'No Access-Control-Allow-Origin header is present'
ROOT CAUSE:
Line 50: CORS middleware for /stripe/create-checkout-session
Line 91: app.use('/stripe', stripeRoutes) - registered AFTER CORS
Result: Routes don't inherit CORS settings from middleware above them
FIX:
- Added cors import to src/routes/stripe.js
- Applied CORS directly to create-checkout-session route handler
- Removed CORS middleware from src/index.js
- Now CORS is part of the route definition itself
FILES MODIFIED:
- services/arbiter-3.0/src/routes/stripe.js (+11 lines, CORS config)
- services/arbiter-3.0/src/index.js (-7 lines, removed middleware)
TESTING:
- Subscribe button should now successfully call endpoint
- Browser console should show 200 response, not CORS error
Signed-off-by: Claude (Chronicler #57) <claude@firefrostgaming.com>
Fixed CORS to properly handle both www and non-www origins plus OPTIONS preflight.
ISSUE:
- Subscribe button click from website showed error alert
- No request logged in Trinity Console (request blocked by CORS)
- Original config only allowed https://firefrostgaming.com (no www)
- Missing OPTIONS method for preflight requests
FIX:
- Added both origins: firefrostgaming.com and www.firefrostgaming.com
- Added OPTIONS method for CORS preflight handling
- Added optionsSuccessStatus: 200 for legacy browser support
FILES MODIFIED:
- services/arbiter-3.0/src/index.js (CORS config, 3 lines changed)
TESTING:
- Deploy to Command Center
- Test subscribe button from firefrostgaming.com
- Should now successfully create Stripe checkout session
Signed-off-by: Claude (Chronicler #57) <claude@firefrostgaming.com>
Added CORS middleware to allow website (firefrostgaming.com) to call
Trinity Console's /stripe/create-checkout-session endpoint.
WHAT WAS DONE:
- Installed cors package (npm install cors)
- Added cors import to src/index.js
- Configured CORS middleware for /stripe/create-checkout-session route
- Restricted to POST method only from firefrostgaming.com origin
- Positioned after body parsers, before session middleware
WHY:
- Gemini consultation verdict: Option 2 (JavaScript checkout) required
- Prevents double-click danger (users creating multiple checkout sessions)
- Enables instant button disable + loading state for better UX
- Industry standard for payment flows per Stripe documentation
FILES MODIFIED:
- services/arbiter-3.0/package.json (+cors dependency)
- services/arbiter-3.0/package-lock.json (dependency tree)
- services/arbiter-3.0/src/index.js (CORS middleware, 8 lines added)
RELATED TASKS:
- Soft launch blocker: Website subscribe button integration
- Next step: Update subscribe.njk with JavaScript checkout handler
Signed-off-by: Claude (Chronicler #57) <claude@firefrostgaming.com>
WHAT WAS DONE:
- Created src/routes/stripe.js with 3 endpoints:
* POST /stripe/create-checkout-session (dynamic mode: subscription or payment)
* POST /stripe/webhook (signature verified, transaction-safe, idempotent)
* POST /stripe/create-portal-session (Stripe Customer Portal access)
- Updated package.json to add stripe@^14.14.0 dependency
- Updated src/index.js to register Stripe routes (webhook BEFORE body parsers - critical!)
- Updated .env.example with STRIPE_SECRET_KEY, STRIPE_WEBHOOK_SECRET, BASE_URL
WHY:
- Eliminates Paymenter dependency (Gemini-approved architecture)
- Handles both recurring subscriptions (tiers 2-9) and one-time payments (Awakened, Sovereign)
- Webhook processes 8 event types with full transaction safety
- Grace period system for failed payments (3-day countdown, auto-downgrade to Awakened)
- Chargeback = immediate permanent ban
- Idempotency protection via webhook_events_processed table
TECHNICAL DETAILS:
- Checkout dynamically switches mode based on billing_type (recurring vs one-time)
- Webhook uses BEGIN/COMMIT/ROLLBACK for all database operations
- Raw body parser for webhook signature verification (must come before express.json())
- Supports Stripe Customer Portal for self-service subscription management
- Handles both stripe_subscription_id and stripe_payment_intent_id correctly
- Grace period logic excludes lifetime users (is_lifetime = TRUE)
FILES CHANGED:
- services/arbiter-3.0/src/routes/stripe.js (new, 421 lines)
- services/arbiter-3.0/package.json (added stripe dependency)
- services/arbiter-3.0/src/index.js (registered stripe routes, webhook ordering)
- services/arbiter-3.0/.env.example (added Stripe env vars)
NEXT STEPS:
- Deploy to Command Center
- Add STRIPE_SECRET_KEY and STRIPE_WEBHOOK_SECRET to production .env
- Configure Stripe webhook endpoint in Dashboard
- Test end-to-end in test mode
- Switch to live mode for launch
Signed-off-by: Claude (Chronicler #57) <claude@firefrostgaming.com>
WHAT WAS DONE:
- Created stripe-integration.sql migration for eliminating Paymenter
- Adds stripe_products table (product catalog with recurring/one-time support)
- Adds webhook_events_processed table (idempotency tracking)
- Updates subscriptions table for lifetime tier support (Sovereign)
- Adds performance indexes for webhook lookups and grace period queries
- Includes constraint to ensure exactly one of subscription_id or payment_intent_id exists
WHY:
- Part of Gemini-approved architecture to eliminate Paymenter
- Supports both recurring subscriptions (tiers 1-9) and one-time payment (Sovereign tier 10)
- Ensures grace period logic never affects lifetime users
- Production-ready with full comments and validation
FILES CHANGED:
- services/arbiter-3.0/migrations/stripe-integration.sql (new, 127 lines)
CONTEXT:
- Gemini consultation verdict: Rip out Paymenter before first customer
- Phase 1 of 5 in Stripe direct integration
- Supports $499 Sovereign one-time payment with is_lifetime flag
Signed-off-by: Claude (Chronicler #57) <claude@firefrostgaming.com>
