diff --git a/OPEN_THREADS.md b/OPEN_THREADS.md index 3f23665..429d0ed 100644 --- a/OPEN_THREADS.md +++ b/OPEN_THREADS.md @@ -13,30 +13,32 @@ Keep this file short. ## Cross-Repo Active -### Backup / restore UX and contract polish -- keep Portal aligned with async restore start + status polling +### Final launch smoke test +- create Minecraft server +- confirm it reaches `Ready` / `connectable=true` +- verify public game hostname is shown only when connectable +- upload datapack on vanilla or install mod on supported modded runtime +- create backup +- restore backup +- stop/start/restart host lifecycle actions +- delete server +- confirm Velocity unregister, Cloudflare cleanup, and Technitium cleanup + +### Backup / restore polish +- happy-path local Minecraft backup create/restore has been verified live +- API restore starts asynchronously and Portal polls restore status - keep restore wording/status transitions clear through completion and restart - confirm checkpoint metadata presentation remains clean when exposed to Portal -- consider later hardening for automatic rollback from pre-restore checkpoint if restore apply/start fails after destructive replace - -### Dev access / IDE / SSH -- simplify and harden API `devProxy` -- complete SSH / CF tunnel access path across platform, API, Agent, and Portal UX -- add Portal SSH config snippet for power users -- resolve the dev console / shell workspace-boundary mismatch: current live validation shows hosted IDE and dev console work, but interactive shell traversal can still `cd ..` upward from `/home/dev/workspace` -- make docs and implementation agree on whether workspace scoping is file-API-only or true interactive-shell confinement - -### Dev backup strategy -- define dev-container backup ownership and user-facing restore contract -- current likely direction: prefer LXC snapshot-based backup/restore for dev containers instead of agent-managed dev backups -- keep game backup ownership separate from dev backup ownership unless that decision changes -- confirm how snapshot creation, retention, restore UX, and API/Portal exposure should work for dev containers +- later hardening: persist last restore failure/checkpoint state in Agent `/status` +- later hardening: automatic rollback from pre-restore checkpoint if restore apply/start fails after destructive replace ### Service discovery / launch validation -- service discovery migration for remaining hot-path references +- service discovery migration audit for remaining non-launch hot-path references - provisioning validation across current API/Agent/Portal assumptions -- Fabric / readiness / Velocity exposure final cross-component verification -- game server subdomain / player connection method verification +- keep public exposure model explicit: + - Portal public + - Minecraft game hostnames public as needed + - API/control plane/internal bridge/agent/admin services private ### Monitoring / observability - normalize game/dev Alloy monitoring contract across API discovery, agent-written Alloy labels, Prometheus targets, and Grafana dashboards @@ -46,15 +48,16 @@ Keep this file short. ### Notifications / launch polish - email notifications across backend contract + Portal UX -- remove stray `testdameon` / `testdaemon` binary from Portal repo +- billing launch validation: + - plan limit gating verified in Portal + - still verify checkout/portal/webhook/upgrade-downgrade if Stripe is live --- ## Platform / Infrastructure Active -- upload testing - stress testing: k6 IDE load, Minecraft bot load, code-server memory baseline -- OPNsense audit +- OPNsense / public exposure audit - billing endpoint/path cleanup verification ### Backup boundary @@ -66,22 +69,38 @@ Keep this file short. ## Recently Verified / No Longer Considered Blocked +- password reset and logged-in change-password work end-to-end +- password reset tokens are 5-minute, hashed at rest, single-use, and old unused tokens are invalidated on deploy +- API-owned Minecraft connection state derives from agent readiness, edge/DNS state, Velocity registration, and backend ping +- Velocity proxy lifecycle callbacks are live with `registered_with_proxy` and `proxy_ping_ok` landing in API state +- Portal consumes API-owned `connectable` / `connection` state and no longer infers Minecraft readiness itself +- Portal server creation redirects to `/servers` and tracks setup progress there +- Portal status labels no longer treat all non-connectable states as `Needs attention` - local Minecraft backup create/restore works end-to-end on live validation - restore creates intentional pre-restore checkpoint and API now starts restore asynchronously instead of holding the full request open - backup timestamps are normalized and pre-restore checkpoints are filtered from the default backup list - agent-backed file edits create shadow copies for revert and API route/stream forwarding issues were fixed +- vanilla datapack upload works +- vanilla Mods UI is hidden and direct vanilla `mods/` upload is rejected by API +- NeoForge mod search/install/list works +- delete/teardown lifecycle removes Velocity, Cloudflare, and Technitium records +- public exposure model is in place: Portal public, control plane private - vanilla / fabric runtime split is restored: - `vanilla` = Fabric-based internal profile with proxy/API/config injection - `fabric` = plain Fabric jar delivery only -- Forge / Neoforge first-start flow now avoids premature readiness gating, applies post-start property enforcement, and restarts through the readiness-aware path +- Forge / Neoforge first-start flow avoids premature readiness gating, applies post-start property enforcement, and restarts through the readiness-aware path - current validation indicates Minecraft server creation succeeds across supported runtime variants - current validation indicates dev container creation succeeds and hosted IDE access still works after the latest API/Portal runtime and cleanup passes --- -## Platform Future +## Platform Future / Phase 2 -- CF Tunnel SSH completion beyond first working path +- SSH / CF tunnel power-user access +- Portal SSH config snippets +- true interactive shell confinement / workspace-boundary decision +- dev-container backup ownership and user-facing restore contract +- likely direction for dev backups: LXC snapshot-based backup/restore instead of agent-managed dev backups - artifact version promotion - runtime rollback support - Cloudflare R2 for large artifact/mod delivery