From 91f3b1599281bb33554b091c1385acc992e01031 Mon Sep 17 00:00:00 2001 From: jester Date: Sat, 28 Mar 2026 18:53:14 +0000 Subject: [PATCH] docs: close DDoS investigation, document GTHost decision, update infra notes --- OPEN_THREADS.md | 38 +++++++++++++++++++++++++++++++------- 1 file changed, 31 insertions(+), 7 deletions(-) diff --git a/OPEN_THREADS.md b/OPEN_THREADS.md index 6b1f3ae..42d4e1d 100644 --- a/OPEN_THREADS.md +++ b/OPEN_THREADS.md @@ -105,8 +105,6 @@ feature for power users who want local VS Code or terminal access. The browser IDE remains the zero-install story for all developers. -See `knowledge-base/network/cf-tunnel-ssh.md` for full detail. - Current state: - ✅ CF Tunnel created and connected to bastion VM - ✅ Cloudflare Zero Trust free plan active @@ -169,7 +167,33 @@ Outstanding: - **Game server world backup / restore** — player world data backup separate from PBS infrastructure backup. Trust-critical — players losing world data will kill retention. - **Game server subdomain** — how do players connect? Verify IP vs subdomain (e.g. `mc.zerolaghub.com` style) -- **DDoS protection** — verify network-level coverage is in place for game server traffic + +--- + +## Infrastructure + +### Hosting — GTHost (Decision: Stay, Most Cost-Effective) + +GTHost Detroit is the primary host. Decision made to stay on GTHost long-term: +- Bare metal, instant Proxmox install without workarounds +- Unmetered bandwidth +- Competitive pricing — most cost-effective option evaluated +- Digital Ocean: too expensive, no bare metal/Proxmox +- OVH: more expensive, overkill for current scale +- Hetzner: Proxmox install was painful historically + +### DDoS Protection (Resolved — Accepted Risk at Launch) + +Investigation complete: +- GTHost Detroit page: no DDoS mention +- GTHost Chicago page: vague mention, no specs +- Cloudflare Spectrum: ~$30k/year, not viable +- Path.net: enterprise-focused, requires consult, not on our radar yet +- OPNsense provides basic rate limiting and firewall protection +- Cloudflare DNS (non-proxied) hides real IP from casual attackers +- Minecraft Java uses TCP — harder to volumetric flood than UDP games + +**Decision:** Accept DDoS risk at launch. Low threat profile for Minecraft-only soft launch with small user base. Revisit when revenue supports it or if an attack occurs. --- @@ -182,16 +206,13 @@ Outstanding before launch: - **User onboarding flow** — guided first-server creation after register - **Password reset flow** — verify wired up - **Usage limits / quota enforcement** — per account -- **DDoS protection** — verify network-level coverage - **Game server subdomain** — verify player connection method - **Email notifications** — crashed, billing, provisioning - **Upload testing** — test file upload flow end-to-end in dev containers - **Billing endpoints** — add back to API - **Stress testing** — k6 IDE session load test + Minecraft bot test - - See `knowledge-base/operations/stress-testing.md` - **OPNsense audit** — both routers need systematic validation - - See `knowledge-base/network/opnsense-checklist.md` -- **Dedicated host migration** — evaluate GTHost upgrade (Gold 6152, Detroit) +- **Dedicated host upgrade** — evaluate GTHost Gold 6152, Detroit - Trial period: $5/day up to 10 days, PBS restore approach - Remove `testdameon` binary from zpack-portal repo root @@ -208,6 +229,7 @@ Future work: - **Admin panel** — manage users/servers as operator - **Referral / dev pipeline reward system** — revenue sharing for developers - **Uptime history** — visible to users per server +- **DDoS mitigation** — revisit Path.net or similar when revenue supports it --- @@ -231,3 +253,5 @@ Future work: - ✅ Browser IDE fully loading at dev-.zerolaghub.dev - ✅ CF Tunnel created and connected to bastion VM - ✅ Portal copy rewrite — landing, features, FAQ, about, pricing +- ✅ DDoS investigation — accepted risk at launch, revisit post-launch +- ✅ Hosting provider decision — GTHost Detroit, most cost-effective option