59 lines
1.6 KiB
Markdown
59 lines
1.6 KiB
Markdown
# 2026-02-07 — Host controls + delete failsafe
|
|
|
|
## Problem
|
|
|
|
- The frontend gained a **Delete Server** button with confirmation.
|
|
- Backend has a **failsafe**: do not allow deleting a container unless the host (LXC) is stopped.
|
|
- At the time, the portal only had "server" controls (game server process), not host controls (LXC start/stop).
|
|
|
|
## Decision
|
|
|
|
✅ Keep the failsafe.
|
|
|
|
Instead of removing safety checks, add **Host Controls** to the UI and wire them to the API:
|
|
- Start Host
|
|
- Stop Host
|
|
- Restart Host
|
|
|
|
This keeps the deletion gate meaningful, and also gives users a way to stop compute spend / idle containers.
|
|
|
|
## UX wording
|
|
|
|
Avoid saying "container" in the user-facing UI if possible.
|
|
|
|
Use:
|
|
- "Host Controls" or "Server Host"
|
|
- "Start Host / Stop Host / Restart Host"
|
|
|
|
(Internally it is Proxmox LXC lifecycle, but the UI doesn't need to expose that.)
|
|
|
|
## Backend wiring (high-level)
|
|
|
|
Routes in `servers.js`:
|
|
|
|
- `POST /servers/:id/host/start`
|
|
- `POST /servers/:id/host/stop`
|
|
- `POST /servers/:id/host/restart`
|
|
|
|
Implementation calls `proxmoxClient.startContainer(vmid)`, `stopContainer(...)` or `shutdownContainer(...)`.
|
|
|
|
## Delete gate
|
|
|
|
Delete endpoint should enforce something like:
|
|
|
|
- refuse delete if host is still running
|
|
- or auto-stop then delete (only if you explicitly want that behavior)
|
|
|
|
Current stance:
|
|
- keep it strict to avoid accidental data loss.
|
|
- make the user stop the host first, then delete.
|
|
|
|
## Testing checklist
|
|
|
|
- Start Host → LXC goes running
|
|
- Stop Host → LXC shuts down
|
|
- Restart Host → stop then start
|
|
- Delete Server:
|
|
- while running → denied (expected)
|
|
- after stop → allowed (expected)
|