vantzs/corrosion-admin-panel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 18 Wiki Activity
Files
8cd792eb7541605e5996d0089eeebe41f93d35fb
corrosion-admin-panel/CHANGELOG.md
Vantz Stockwell 8cd792eb75 feat: Implement NestJS Auth, Users, and Licenses modules 
Complete authentication system with JWT, refresh tokens, and TOTP 2FA.
Auto-generates license keys on registration (CORR-XXXX-XXXX-XXXX format).
JwtStrategy enriches payload with license_id and permissions from roles.
Multi-tenant isolation enforced at license access layer.

Auth Module:
- 9 REST endpoints (login, register, refresh, 2FA setup/verify, profile, password reset)
- Argon2 password hashing, TOTP with QR code generation
- Public endpoints: login, register, forgot-password, reset-password, validate-key
- Authenticated endpoints require JWT Bearer token

Users Module:
- Admin CRUD for user management (requires users.view permission)
- Password fields excluded from all responses

Licenses Module:
- License lookup with owner authorization
- Public key validation endpoint for plugin verification
- License key generation via random hex parts

All DTOs use class-validator, all controllers documented via Swagger.
Custom decorators: @Public(), @CurrentUser(), @RequirePermission().

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-15 21:13:57 -05:00

29 KiB
Raw Blame History

CHANGELOG — Corrosion Admin Panel

All notable changes to this project will be documented in this file.

[Unreleased]

Added (NestJS Backend — Core Modules)

Auth Module (modules/auth/):

  • Complete authentication system with JWT and refresh tokens
  • DTOs: LoginDto, RegisterDto, RefreshTokenDto, VerifyTotpDto, UpdateProfileDto, ForgotPasswordDto, ResetPasswordDto
  • JwtStrategy — Passport strategy with user lookup, license resolution, and role permissions injection
  • AuthService — Full auth lifecycle:
    • register() — User creation with auto-generated license key (CORR-XXXX-XXXX-XXXX format)
    • login() — Credential validation, TOTP verification, token generation
    • refresh() — Access token refresh from valid refresh token
    • setupTotp() — TOTP secret generation with QR code (otpauth + qrcode libraries)
    • verifyTotp() — TOTP code validation and 2FA enablement
    • getProfile() / updateProfile() — User profile management
    • forgotPassword() / resetPassword() — Password recovery stubs (SMTP integration pending)
  • AuthController — 9 REST endpoints:
    • POST /auth/login — Email/password login with optional TOTP
    • POST /auth/register — New user registration with auto-license creation
    • POST /auth/refresh — Token refresh
    • POST /auth/2fa/setup — Generate TOTP QR code (authenticated)
    • POST /auth/2fa/verify — Enable 2FA (authenticated)
    • GET /auth/me — Current user profile (authenticated)
    • PUT /auth/profile — Update profile (authenticated)
    • POST /auth/forgot-password — Request password reset (public)
    • POST /auth/reset-password — Reset with token (public)
  • Password hashing via argon2, TOTP via otpauth with 30-second window validation
  • License key auto-generation on registration (random hex parts)
  • JWT payload includes: sub (user ID), email, username, is_super_admin, license_id, permissions
  • Strategy enriches JWT with license context (owner or team member lookup) and role permissions

Users Module (modules/users/):

  • Simple CRUD wrapper around User repository
  • UsersServicefindById(), findByEmail(), findAll() with password_hash excluded from select
  • UsersController — Admin-only endpoints:
    • GET /users — List all users (requires users.view permission)
    • GET /users/:id — Get user by ID (requires users.view permission)
  • Password fields excluded from all query results

Licenses Module (modules/licenses/):

  • License management with owner authorization
  • DTO: ValidateKeyDto — License key validation input
  • LicensesService:
    • findById() — License lookup with owner/super admin authorization check
    • findByKey() — Key-based lookup
    • findByOwner() — All licenses owned by user
    • create() — New license generation with CORR-XXXX-XXXX-XXXX format
    • validateKey() — Public key validation returning status and metadata
  • LicensesController:
    • GET /licenses/:id — Get license (owner or super admin only)
    • POST /licenses/validate-key — Public key validation endpoint
  • License key format: CORR-{4-hex}-{4-hex}-{4-hex} (e.g., CORR-A1B2-C3D4-E5F6)
  • Ownership enforced: non-super-admin users can only access their own licenses

Patterns Applied:

  • All DTOs use class-validator decorators (@IsEmail, @IsString, @MinLength, etc.)
  • All controllers use @ApiTags and @ApiBearerAuth for Swagger documentation
  • All routes use @ApiOperation for endpoint descriptions
  • Custom decorators: @Public(), @CurrentUser(), @CurrentTenant(), @RequirePermission()
  • Entity imports from ../../entities/ directory
  • ConfigService for environment variables (JWT_SECRET, JWT_ACCESS_EXPIRY_SECONDS, JWT_REFRESH_EXPIRY_SECONDS)
  • Multi-tenant isolation: License lookup respects ownership unless super admin
  • JwtStrategy enriches request.user with license_id and permissions for downstream guards

Security:

  • Argon2 password hashing (not bcrypt — more resistant to GPU attacks)
  • TOTP 6-digit codes with ±1 period window validation
  • Refresh tokens with separate expiry (default 7 days vs 1 hour access token)
  • Password fields never returned in API responses
  • License access requires ownership or super admin flag

Status: Core auth, users, and licenses modules operational. Registration creates user + license atomically. Login returns JWT with license context. TOTP 2FA flow complete. Password reset stubbed pending SMTP integration. All endpoints documented via Swagger.

Added (Phase 4 — Module Licensing Backend)

Backend Infrastructure:

  • Migration 009_module_licensing.sql — Module marketplace database schema:
    • modules table — Registry of available modules (slug, name, description, category, price, features, version, plugin URL)
    • module_purchases table — License-module ownership tracking with transaction logging
    • module_installations table — Deployment status tracking (pending, installing, installed, failed)
    • Seed data: Loot Manager module ($9.99) with features array
  • backend/src/models/modules.rs — Domain models:
    • Module struct with rust_decimal pricing support
    • ModuleWithOwnership — Catalog display with is_purchased flag
    • ModulePurchase, ModuleInstallation — Purchase and deployment records
    • PurchasedModule — Combined view for user's module library
  • backend/src/db/modules.rs — Data access layer (11 query functions):
    • get_module_catalog() — All available modules
    • get_catalog_with_ownership(license_id) — Annotated catalog with purchase status
    • get_purchased_modules(license_id) — User's module library with installation status
    • is_module_purchased(license_id, module_id) — Ownership validation
    • record_module_purchase() — Transaction logging with PayPal ID support
    • get_module_installation_status() / update_installation_status() — Deployment tracking
    • get_module_by_id() / get_module_by_slug() — Module lookup
  • backend/src/api/modules.rs — REST endpoints with auth middleware:
    • GET /api/modules/catalog — Returns modules with is_purchased flag for current license
    • GET /api/modules/my-modules — Purchased modules with installation details
    • POST /api/modules/purchase — Records purchase (stub transaction for Phase 4 MVP — payment integration deferred to XO's direct touch)
    • POST /api/modules/install — Triggers module installation via ModuleInstaller service
    • GET /api/modules/:module_id/installation-status — Real-time deployment status polling
  • Router integration in main.rs at /api/modules with JWT auth requirement
  • Cargo.toml dependency: rust_decimal for DECIMAL field support

Multi-Tenancy Enforcement:

  • All queries scoped by license_id from JWT claims
  • Foreign key constraints enforce license-module binding
  • Purchase validation prevents cross-tenant access
  • Installation status isolated per license

Payment Integration Strategy:

  • Purchase endpoint stubs transaction with "STUB_TRANSACTION" ID
  • PayPal integration deferred to XO's direct implementation
  • transaction_id and amount_paid fields ready for real gateway

Status: Module licensing backend operational. Catalog queryable, purchases recordable, ownership enforceable, installation status trackable. Payment gateway integration pending.

Added (Phase 4 — Loot Manager Plugin Skeleton)

Plugin Skeleton:

  • plugin/modules/LootManager.cs — First paid module (skeleton implementation)
    • Configuration: Loot profiles with container multipliers + custom loot tables
    • Hooks: OnLootSpawn() and OnEntitySpawned() for container loot modification
    • Profile switching: Multiplier-based (2x, 5x, 10x) and full custom loot table support
    • Container types: Normal crate, elite, mine, barrel, food, military, default fallback
    • Chat command: /loot.profile [name] — In-game profile switching for admins
    • Item support: Shortname, min/max amount, spawn chance, skin ID
  • plugin/modules/README.md — Module documentation
    • Price: $9.99
    • Features: Visual loot table editor (dashboard integration TBD), profile switching, skin support
    • Installation: Auto-deploy via module store (implementation TBD)

Database:

  • Migration 009 already includes Loot Manager seed data in modules table

Status: Skeleton complete. Hooks functional. Profile switching works via chat command. Dashboard UI integration and deployment automation pending future iteration.

Added (Phase 4 — Module Auto-Installation Pipeline)

Backend Service:

  • backend/src/services/module_installer.rs — Automated module deployment orchestrator:
    • ModuleInstaller::install_module(license_id, module_id) — Main entry point
    • Purchase verification against module_purchases table
    • Module metadata fetch (plugin_file_url, slug)
    • Server connection detection (AMP, Pterodactyl, bare metal)
    • Multi-adapter dispatch with automatic failover
    • Installation status tracking (pending → installing → installed/failed)
    • Background task spawning for async installation
  • Panel adapter integration:
    • install_via_amp() — Downloads plugin, uploads to oxide/plugins/, executes oxide.reload *
    • install_via_pterodactyl() — Same flow using Pterodactyl client API
    • install_via_companion() — Publishes NATS command to bare metal agent
  • HTTP client integration: reqwest for plugin file download from CDN
  • Encryption support: Decrypts panel API keys using services::encryption::decrypt()
  • Error handling: Comprehensive context wrapping with installation failure logging

NATS Integration:

  • New subject pattern: corrosion.{license_id}.cmd.module.install
  • Request/reply timeout: 60 seconds for companion agent response
  • Expected payload: 
    {
  "module_id": "loot-manager",
  "download_url": "https://cdn.corrosionmgmt.com/modules/LootManager.cs",
  "filename": "LootManager.cs",
  "target_path": "oxide/plugins/"
}
  • Expected response: 
    {
  "module_id": "loot-manager",
  "success": true|false,
  "error": "optional error message"
}
  • Subject pattern already covered by existing corrosion.*.cmd.> wildcard in STREAM_AGENT_COMMANDS

API Updates:

  • backend/src/api/modules.rs:
    • Updated POST /api/modules/install — Replaced stub with real ModuleInstaller invocation
    • Spawn background task for async installation
    • Return immediately with "installing" status
    • GET /api/modules/:module_id/installation-status — Already existed, now returns real data from module_installations table
  • ModuleInstaller instantiation with encryption key from AppConfig

Documentation:

  • docs/COMPANION_AGENT_MODULE_INSTALL.md — Companion agent NATS contract specification:
    • Subject patterns and payload schemas
    • Expected agent behavior (download, install, reload, respond)
    • Error handling requirements
    • Example pseudocode implementation (Go)
    • Testing procedures and failure scenarios

Dependencies:

  • Cargo.toml: Added rust_decimal feature to sqlx for DECIMAL field support

Status: Backend pipeline fully operational. Modules install automatically to AMP/Pterodactyl servers. Companion agent NATS contract documented. Companion agent implementation (Go) pending future iteration.

Added (Phase 4 — Module Store Frontend)

Frontend:

  • Complete ModuleStoreView.vue implementation — Customer-facing module marketplace with:
    • Catalog Tab:
      • Module grid with preview images, prices, category badges, purchase status
      • Search functionality (name/description)
      • Category filter (Loot, Events, Economy, Kits, Admin, PVP, PVE, Building)
      • Hover animations and professional card layout
    • My Modules Tab:
      • Purchased modules with installation status tracking
      • "Install" button for purchased-but-not-installed modules
      • Empty state prompting catalog browsing
    • Module Detail Modal:
      • Full-screen module preview with screenshots gallery
      • Expanded description and complete features list
      • Version display and pricing details
      • Direct purchase/install CTA from modal
    • Purchase Confirmation Modal:
      • Shows module name, license binding, total price
      • Error handling with inline error display
      • Non-refundable disclaimer
      • Processing state during purchase flow
    • Payment Flow:
      • Instant purchase confirmation (MVP)
      • External payment URL redirect support (Stripe/PayPal)
      • State refresh after successful purchase
  • TypeScript types (types/index.ts):
    • Module interface with full marketplace metadata (id, slug, name, description, price, category, images, features, version, purchase/install status)
    • PurchaseRequest interface for API integration
  • API Integration:
    • GET /api/modules/catalog — Browse all available modules
    • GET /api/modules/my-modules — Fetch purchased modules for current license
    • POST /api/modules/purchase — Initiate module purchase (returns payment URL or instant confirmation)
    • POST /api/modules/install — Trigger deployment to game server

Design Details:

  • Professional marketplace UI using existing Tailwind patterns
  • Color-coded category badges (8 categories supported)
  • Preview image with hover scale effect
  • "Purchased" badge overlay on owned modules
  • Three-state purchase flow: Not Purchased → Purchased → Installed
  • Mobile-responsive grid (1/2/3 columns)
  • Empty states for zero results and zero purchases
  • Price display prominently in catalog cards and modals

Purpose: Enables server admins to browse, preview, purchase, and install premium gameplay modules (Loot systems, Events, Economy plugins, Kits) directly from the dashboard. Customers pay real money here — UI polish critical.

Added (Phase 2 — Alerting System)

Backend:

  • Migration 008: Alert configuration and history tables
    • alert_config table with threshold settings per license (population drop %, FPS threshold)
    • alert_history table logging all triggered alerts with metadata
    • Default alert config created for all existing licenses
  • Alert service (services/alerting.rs):
    • check_population_anomaly() — Detects player count drops exceeding threshold
    • check_fps_degradation() — Monitors server performance degradation
    • Spam prevention (30-minute duplicate suppression)
    • Multi-channel notifications (Discord + Pushbullet + Email)
    • Severity levels: Info, Warning, Critical
  • Alert database layer (db/alerts.rs):
    • get_alert_config() / update_alert_config() — Threshold configuration
    • insert_alert() / mark_alert_notified() — Alert history tracking
    • check_recent_alert() — Duplicate detection
    • cleanup_old_alerts() — 90-day retention cleanup
  • Updated db/notifications.rs — Notification config retrieval with webhook/API key support

Alert Types:

  • Population Drop — Triggers when player count drops >X% in 1 hour
  • FPS Degradation — Triggers when FPS falls below configurable threshold
  • Server Crash — Critical alert for auto-recovery failures
  • Wipe Failed — Alert when wipe execution fails

Purpose: Proactive monitoring for server health issues. Alerts server admins via Discord/Pushbullet when anomalies detected (population crashes, performance degradation). Configurable thresholds per license.

Added (Phase 2 — Wipe Performance Analytics)

Backend:

  • backend/src/db/wipes.rs — Comprehensive wipe analytics query layer:
    • get_wipe_success_rate() — Success vs failure rate over time range
    • get_average_wipe_duration() — Average execution time for successful wipes
    • get_wipe_to_peak_population() — Hours from wipe completion to peak player count (24h window)
    • get_population_curve_by_cycle() — Day 1 vs Day 2 vs Day 3 average player counts post-wipe
    • get_optimal_wipe_timing() — Recommends best day of week + hour based on historical peak populations
    • get_wipe_analytics_entries() — Detailed per-wipe records for charting (duration, peak pop, success)
    • All queries use hourly aggregates (server_stats_hourly) with 90-day retention
  • backend/src/api/analytics.rs — Wipe performance endpoint:
    • GET /api/analytics/wipes/performance?range=90d — Returns full wipe performance metrics
    • Supports range params: 6d, 12d, 90d, all (converted to wipe count estimates)
    • Response includes: success rate, avg duration, population curve, optimal timing, individual wipe entries

Frontend:

  • WipeAnalyticsView.vue — Complete wipe performance dashboard:
    • ECharts Visualizations:
      • Wipe success timeline (scatter plot: green = success, red = failed)
      • Population curve bar chart (Day 1/Day 2/Day 3 average players post-wipe)
      • Wipe duration trend (line chart showing execution time evolution)
    • Insight Cards:
      • Success rate percentage with total wipe count
      • Average wipe duration (formatted as minutes:seconds)
      • Peak population day identifier
      • Optimal wipe timing recommendation (day + hour)
    • Actionable Recommendations Banner:
      • Optimal wipe day/hour based on post-wipe player peaks
      • Weekly vs bi-weekly wipe suggestion (if Day 1 >> Day 2 population)
      • Duration optimization alerts (if avg > 10 minutes)
      • Rollback protection warnings (if failures detected)
    • Time range selector: Last 6 wipes / Last 12 wipes / All time
    • CSV export functionality
  • Added route /wipes/analytics to router
  • TypeScript interfaces: WipePerformanceMetrics, WipeAnalyticsEntry, PopulationCurve

Purpose: Answers critical questions: "How long do wipes take? When do players peak post-wipe? What's my success rate? When should I schedule wipes for max population?" Enables data-driven wipe timing optimization and operational insights.

Added (Phase 3 — Public Status Page)

Backend:

  • Migration 007: Added status_page_description TEXT column to public_site_config
  • Public API models (models/public.rs):
    • PublicServerStatus — Server status with live stats for public display
    • PlatformHealth — Platform-wide health metrics (total servers, online count, total players, uptime)
    • StatusPageResponse — Complete status page data structure
    • PublicSiteConfig — Full public site configuration model
  • Public database queries (db/public.rs):
    • get_public_servers() — Retrieves all opted-in servers with current stats, uptime percentages (24h/7d/30d), wipe schedules
    • get_platform_health() — Calculates platform-wide aggregate metrics
    • calculate_uptime_percentage() — Uptime calculation from hourly stats
    • format_cron_expression() — Human-readable wipe schedule formatting
    • get_public_site_config() / create_public_site_config() / update_public_site_config() — Config management
  • Public API endpoint (api/public.rs):
    • GET /api/public/status — Public status page data (no auth required)
  • Settings API (api/settings.rs):
    • GET /api/settings/public-site — Fetch public site config (auth required)
    • PUT /api/settings/public-site — Update status page opt-in and description (auth required)

Frontend:

  • StatusPageView.vue — Complete public status page with:
    • Platform health header (total servers, online now, total players, platform uptime)
    • Server grid with status indicators (green/yellow/red), player counts, uptime badges (24h/7d/30d)
    • Wipe schedule display with countdown timers
    • Server search/filter functionality
    • Auto-refresh every 10 seconds via polling
    • Mobile-responsive grid layout
    • "Powered by Corrosion" footer with panel link
  • Settings dashboard integration (SettingsView.vue):
    • New "Public Status" tab with toggle for show_on_status_page
    • Text area for status_page_description
    • Save endpoint integration

Infrastructure:

  • nginx already configured for status.corrosionmgmt.com routing
  • Router already configured with /status route on both panel and marketing domains

Purpose: Public-facing marketing page showcasing all Corrosion servers. Drives platform visibility and attracts new customers ("I want this for my server too").

Added (Phase 2.2 — Player Retention Analytics)

Backend:

  • Migration 004_player_sessions.sql — Player session tracking table with indexes for retention queries
  • backend/src/db/player_sessions.rs — Complete player session tracking and retention analysis:
    • track_player_join() / track_player_leave() — Record individual player sessions
    • calculate_retention_after_wipe() — Calculate 24h/48h/72h return rates per wipe
    • get_unique_player_count() / get_avg_session_duration() — Session metrics
    • get_new_vs_returning_ratio() — New vs returning player analysis
    • get_recent_wipe_retention_metrics() — Multi-wipe retention trends
    • cleanup_old_player_sessions() — 90-day retention cleanup
  • backend/src/api/plugin.rs — Plugin event endpoints:
    • POST /api/plugin/player-event — Track player join/leave events
    • POST /api/plugin/checkin — Plugin registration on server start
  • Extended backend/src/api/analytics.rs with retention endpoints:
    • GET /api/analytics/retention?wipe_count=6 — Multi-wipe retention metrics
    • GET /api/analytics/retention/export — CSV export of retention data

Frontend:

  • PlayerRetentionView.vue — Complete retention analytics dashboard:
    • ECharts retention curve (24h/48h/72h lines across multiple wipes)
    • Summary cards: unique players, avg session duration, new vs returning ratio
    • Wipe selector (last 3/6/10/20 wipes)
    • Detailed wipe table with retention percentages
    • CSV export functionality
  • Added route /retention to router
  • TypeScript interfaces: WipeRetentionMetric, SessionSummary, RetentionResponse

Plugin:

  • Updated CorrosionCompanion.cs to track player events via /api/plugin/player-event
  • Modified OnPlayerConnected / OnPlayerDisconnected hooks with license_key authentication

Purpose: Answers critical question: "What percentage of players return 24h/48h/72h after a wipe?" Enables data-driven wipe timing optimization and player retention analysis.

Added (Phase 2.2 — Map Analytics System)

Backend:

  • Migration 005: Added map_id FK to server_stats and wipe_history for map effectiveness tracking
  • Stats consumer now captures current_map_id from server_config when persisting stats
  • Map analytics database queries (db/maps.rs):
    • get_map_analytics() — Returns performance metrics per map (avg/peak players, times used, effectiveness score)
    • get_map_population_trends() — Player count trends per map over wipe cycles
    • Effectiveness scoring algorithm: (avg_players / peak_players) * 100
  • Analytics API endpoint (api/analytics.rs):
    • GET /api/analytics/maps?range=90d — Map performance summary with rotation effectiveness

Frontend:

  • MapAnalyticsView.vue — Complete map effectiveness dashboard with:
    • Summary cards: Best performing map, rotation effectiveness %, total maps tracked
    • ECharts bar chart comparing avg vs peak players per map
    • Sortable performance table with effectiveness color coding (green ≥80%, yellow ≥60%, red <60%)
    • Actionable insights section recommending rotation improvements
    • CSV export functionality
    • Time range selector (30d/90d/all)
  • TypeScript types: MapPerformanceMetrics, MapAnalyticsSummary
  • Router: Added /maps/analytics route under admin dashboard

Purpose: Answers "Which maps drive the most players? Is my rotation working?" Enables data-driven map selection for wipe day.

Added (Phase 2 — Data Aggregation Pipeline)

Backend:

  • Stats ingestion consumer service (stats_consumer.rs) subscribing to corrosion.*.stats NATS subject
  • Complete stats database queries (db/stats.rs) with support for:
    • Raw stats insertion and retrieval
    • Hourly aggregation queries
    • Analytics summary calculations (peak/avg players, uptime)
    • Data retention cleanup (7 days raw, 90 days hourly)
  • Hourly stats aggregation scheduler job (runs at :05 past every hour)
  • Daily cleanup scheduler job (runs at 03:00 UTC)
  • Analytics API endpoints (api/analytics.rs):
    • GET /api/analytics/summary — Peak/avg players, uptime percentage
    • GET /api/analytics/timeseries — Time-series data for charting (hourly/raw granularity)
    • GET /api/analytics/export — CSV export of server stats
  • Background service initialization in main.rs (stats consumer + scheduler)

Frontend:

  • Analytics TypeScript types (AnalyticsSummary, TimeseriesData, HourlyStats)
  • Complete AnalyticsView.vue implementation with:
    • Real-time data fetching from analytics API
    • Apache ECharts integration for Player Count and Server Performance charts
    • Time range selector (24h/7d/30d)
    • CSV export functionality
    • Loading states and responsive layout

Infrastructure:

  • Made NatsBridge.jetstream public for service consumer access

Added (Sovereign Infrastructure Stack)

Services Deployed:

  • Gitea (git.corrosionmgmt.com) — Self-hosted Git with Actions support
    • Container: corrosion-gitea on port 8090 (HTTP) and 8095 (SSH)
    • SQLite database (self-contained, persistent)
    • Replaces GitHub dependency for source control
    • Gitea Actions enabled for CI/CD
  • SeaweedFS (cdn.corrosionmgmt.com) — S3-compatible object storage and CDN
    • Container: corrosion-cdn with integrated Master/Volume/Filer/S3
    • Filer UI at port 8091 (cdn.corrosionmgmt.com)
    • Master UI at port 8093 (admin.cdn.corrosionmgmt.com)
    • S3 API at port 8092 (internal access)
    • Purpose: Map hosting, plugin packages, companion binaries, backups
  • Gitea Act Runner (asgard build server) — CI/CD execution environment
    • Runs on Ryzen 9 7945HX (16C/32T, 64GB DDR5)
    • Docker-based job execution
    • Go 1.21+ and Rust toolchains available
    • Connects to public Gitea instance remotely

CI/CD Workflows:

  • test-runner.yml — Runner capability validation (hostname, resources, toolchains)
  • build-companion.yml — Production companion agent build pipeline:
    • Triggers on version tags (v*..)
    • Cross-compiles for Linux AMD64 and Windows AMD64
    • Generates SHA256 checksums
    • Creates Gitea release with auto-generated installation instructions
    • Uploads binaries and checksums as release assets

Documentation:

  • infra/docker-compose.yml — Infrastructure stack definition
  • infra/README.md — Deployment guide and architecture overview
  • infra/NPM-CONFIG.md — Nginx Proxy Manager configuration
  • infra/ASGARD-RUNNER.md — Act runner setup guide

Repository Migration:

  • Migrated from GitHub to self-hosted Gitea
  • Remote updated to git@git.corrosionmgmt.com:vantzs/corrosion-admin-panel.git
  • All future development on sovereign infrastructure

Technical Details

Data Flow:

Plugin/Agent publishes stats (60s interval)
  → NATS JetStream (corrosion.*.stats)
  → StatsConsumerService persists to server_stats table
  → Hourly aggregation job rolls up to server_stats_hourly
  → Analytics API queries aggregated data
  → Frontend renders charts via ECharts

Database Schema:

  • server_stats table (raw stats, 7-day retention)
  • server_stats_hourly table (aggregated hourly data, 90-day retention)

Scheduler Jobs:

  • Hourly aggregation: 0 5 * * * * (at :05 past every hour)
  • Daily cleanup: 0 0 3 * * * (at 03:00 UTC)

Installation Notes

Frontend:

cd frontend && npm install echarts

Backend: No additional dependencies beyond existing Cargo.toml.

Deferred to Phase 2.2

  • Player retention tracking (new vs returning players, session duration)
  • Wipe-correlated analytics
  • Player activity heatmaps (time-of-day patterns)
  • Anomaly alerting system

[2025-02-15] — Phase 1 Complete

Added (Phase 1 — Foundation)

Backend Services:

  • Core control plane (Axum + Tokio)
  • Auto-wiper with rollback (wipe_engine.rs)
  • Plugin management system
  • WebSocket/NATS bridge for real-time data
  • Companion agent adapter (bare metal server management)
  • Panel adapters (AMP + Pterodactyl)

Frontend:

  • Vue 3 dashboard with 19 admin sub-views
  • Wipe management UI with real-time progress
  • Toast notification system
  • Plugin management interface
  • Public server site

Infrastructure:

  • PostgreSQL schema (migrations 001-003)
  • NATS JetStream streams (6 streams configured)
  • Docker Compose deployment (4 services)
  • JWT auth with refresh tokens, TOTP 2FA

Companion Agent:

  • Go binary for bare metal server management
  • NATS-based command execution
  • Process lifecycle control
  • File operations support

uMod Plugin:

  • C# plugin for Rust game server integration
  • Stats publishing every 60 seconds
  • Server lifecycle event reporting

Commits

  • c5d0571 — feat: Complete Phase 1 frontend — WebSocket + Wipe feature end-to-end
  • 590765f — feat: Complete Phase 1 backend services and WebSocket/NATS bridge
  • 8320591 — docs: Update companion agent language choice to Go
  • 3c39345 — docs: Add CLAUDE.md and Claude Code settings
  • 81eeb3b — docs: Add AGENTS.md roster and resource discipline

Format: type: Short description

Types: feat, fix, docs, refactor, test, chore, perf, ci

Reference in New Issue View Git Blame Copy Permalink