docs: update portal migration - reflect Feb 2026 current state

2026-02-08 22:57:39 +00:00 · 2026-02-08 22:57:39 +00:00 · ccedde9b5c
commit ccedde9b5c
parent 7ef9bc63ad
1 changed files with 18 additions and 187 deletions
--- a/PORTAL_MIGRATION.md
+++ b/PORTAL_MIGRATION.md
@ -1,200 +1,31 @@
-# ZeroLagHub Portal Migration (v2)
+# Portal Migration — ZeroLagHub

-This document tracks the migration from the legacy portal model to the **ZLH-native Portal v2**.
+This document tracks the transition from legacy console behavior to the current
+agent-driven, PTY-backed architecture.

 ---

-## Migration Summary
+## Current State (Feb 2026)

-The portal is being rebuilt to support **heterogeneous workloads**:
- Game servers (Minecraft initially)
- Development servers (LXC-based)
- Future non-game services
-
-This required abandoning several legacy assumptions.
+- All server consoles are PTY-backed and agent-owned.
+- Frontend streams output via WebSocket (single writer).
+- Game and dev consoles are **route-separated** but share components.
+- Metrics and player presence are sourced server-side (API → agent).
+- No frontend log scraping or client-side metrics access.

 ---

-## Key Architectural Shifts
+## Migration Notes

-### 1. Pterodactyl is no longer the control plane
- No Docker-centric lifecycle assumptions
- No monolithic server controllers
- No HUD-style control surface
+- Pterodactyl-style assumptions (polling logs, iframe dashboards) are explicitly not used.
+- Grafana is reserved for internal/admin use only.
+- Customer-facing metrics are API-mediated summaries.
+- Game-specific context is additive and isolated to game routes.

 ---

-### 2. Agent-first runtime model
- Each server/LXC runs a ZLH Agent
- Agent is authoritative for:
-  - runtime state
-  - service health
-  - console output
- API v2 brokers access, not execution
+## Remaining Migration Work

---
-
-### 3. Dashboard redesign (Completed)
-
-Dashboard is now:
- Read-only
- Awareness-focused
- Non-operational
-
-Features:
- System Health indicator (frontend ↔ backend connectivity)
- Notices panel with expandable timeline
- Resource summaries (no controls)
-
---
-
-### 4. Servers page redesign (In progress)
-
-Servers page now:
- Groups servers by type (GAME / DEV)
- Uses expandable cards
- Collapsed cards show:
-  - status
-  - uptime
-  - identity
- Expanded cards show:
-  - runtime context
-  - metadata
-  - escalation action
-
-Only action exposed:
- **System View** (observation-first)
-
-No start/stop/restart bulk actions exist.
-
---
-
-## Explicitly Removed Concepts
-
- "Start All / Stop All / Restart All"
- HUD-style control buttons
- Console buttons on dashboard
- AWS-style terminal metaphors
-
-These are intentional removals.
-
---
-
-## Migration Status
-
- Auth v2: ✅ Complete
- Dashboard UX: ✅ Locked
- Servers page UX: 🔄 Active
- System View page: ⏳ Next
- Billing integration: ⏸ Deferred
-
---
-
-## Live Status Model (Finalized)
-
-The portal consumes **aggregated live state** from the API.
-It does not directly query agents, Proxmox, or exporters.
-
-### Status Layers
-
-#### Host / Agent Health
- Source: `GET /health` on agent
- Cached in Redis
- Determines host availability
-
-#### Service Runtime
- GAME:
-  - Source: `GET /status`
-  - Reflects actual game server lifecycle
- DEV:
-  - No service runtime
-  - Status inferred from host availability
-
-### UI Mapping
-
-| Container Type | Host Online | Agent State | UI Status |
-|----------------|-------------|-------------|-----------|
-| DEV            | true        | n/a         | running   |
-| DEV            | false       | n/a         | offline   |
-| GAME           | true        | running     | running   |
-| GAME           | true        | idle        | stopped   |
-| GAME           | false       | n/a         | offline   |
-
-### Notes
- "Idle" does **not** mean broken
- Offline means host unreachable
- UI refresh reflects Redis state, not instant agent changes
-
-This model intentionally mirrors Pterodactyl semantics.
-
---
-
-## Console Responsibility Split (Authoritative)
-
-### Agent
- Owns PTY lifecycle
- Owns process execution
- Owns security boundary
- Owns WebSocket console endpoint
-
-### API
- Authenticates console access
- Provides server metadata (vmid, type)
- Does NOT proxy PTY traffic
-
-### Portal
- Renders terminal UI
- Sends raw input bytes
- Displays streamed output
- Must not assume process state
-
-This split is intentional and enforced to prevent drift.
-
---
-
-## Architectural Boundaries (CRITICAL)
-
-### What Frontend MUST NOT Do
-
-**Never Call Agents Directly**
- Frontend cannot reach container IPs
- Frontend has no network path to agents
- All agent access flows through API
- This is non-negotiable architecture
-
-**Why This Matters**
- Container IPs are internal-only (10.x network)
- No CORS headers on agents (they're not web services)
- Direct calls would fail and break the security model
- API enforces auth, rate limits, and access control
-
-**Correct Flow**
-```
-User Action → Frontend → API → Agent → Response
-```
-
-**Incorrect Flow (FORBIDDEN)**
-```
-User Action → Frontend → Agent (FAILS - no network path)
-```
-
-### What Can Break This
-
-**AI Coding Tools**
- May suggest "quick fixes" that call agents directly
- May treat agents as HTTP APIs with CORS
- May generate code that "just works" in wrong way
-
-**Convenience Changes**
- Adding CORS headers to agents (never do this)
- Exposing agent ports through proxy (breaks security)
- Creating frontend → agent shortcuts (breaks architecture)
-
-### Enforcement
-
-If a change violates these boundaries:
- The change must be reverted
- The documentation takes precedence
- AI tools must be corrected
-
-These constraints override convenience.
+- Final UI polish and UX consistency checks
+- Concurrent provisioning validation
+- Formal GA readiness checklist