Disco DeDisco
c9a61e5614
coturn: optional dual-stack TURN via guarded coturn_public_ip6
...
Set coturn_public_ip6 in inventory to advertise IPv6 relay candidates (2nd external-ip) AND emit matching v6 denied-peer-ip ranges (::1, fe80::/10, fc00::/7) for SSRF parity with the v4 lockdown. Unset → byte-identical pure-IPv4 config as before, so it's zero-risk opt-in. Droplet now has IPv6 on; this makes the conf dual-stack-ready.
Code architected by Disco DeDisco <discodedisco@outlook.com >
Git commit message Co-Authored-By:
Claude Opus 4.7 (1M context) <noreply@anthropic.com >
2026-05-27 14:10:28 -04:00
Disco DeDisco
41217d5438
my-sea voice Phase C: WebRTC mesh signaling app + TURN endpoint + voice-btn wiring + coturn infra — TDD
...
Phase C (final) of the my-sea invite → spectator → voice blueprint. Self-
hosted WebRTC mesh voice, built room-general but wired for my-sea only; epic
6-seat rooms reuse the same consumer later (key on Room.id). Media never
touches the server — only signaling is relayed. Built from the blueprint's
distilled spec (disco-voice-mesh.pdf unreadable in-env: no poppler/pypdf).
- C1: new apps/voice/ — RoomVoiceConsumer (AsyncJsonWebsocketConsumer):
signaling-only relay (room group voice.<room_id> + per-peer peer.<uuid>;
hello→present handshake, offer/answer/ice routed by target/source, left on
disconnect). room_id is a STRING kwarg (mysea-<owner_id> now). _can_join
gates: mysea → owner OR present invitee (token deposited, not left); epic
UUID → seated gamer (later). routing.py ws/voice/<str:room_id>/; asgi.py
aggregates epic + voice urlpatterns under AuthMiddlewareStack.
voice-mesh.js: VoiceRoom client (getUserMedia AEC/NS/AGC, mesh
RTCPeerConnection, newcomer-offers handshake, tuneOpus SDP munge =
inbandfec+dtx+40kbps cap, mute via getAudioTracks().enabled), lazy-loaded.
- C2: apps/api VoiceTURNCredentialsAPI at /api/voice/turn-credentials/ —
coturn use-auth-secret REST scheme: username=<expiry>:<user_id>,
credential=base64(HMAC-SHA1(username, COTURN_SHARED_SECRET)) + stun/turn
iceServers + ttl. Authenticated-only. 4 ITs (HMAC shape, auth gate).
- C3: settings COTURN_SHARED_SECRET / COTURN_TURN_HOST / COTURN_REALM /
COTURN_TTL env block.
- C4: #id_voice_btn wiring — _burger.html renders .active + data-room-id when
voice_active; burger-btn.js bindVoiceBtn (active click → lazy-load
voice-mesh.js → join / toggle-mute; inactive → existing 2-pulse flash).
my_sea (owner) + my_sea_visit (spectator) views compute voice_active
(open 24h window) + voice_room_id=mysea-<owner_id>; spectator page now
includes the burger. 4 voice-context ITs.
- C5: infra/coturn.conf.j2 (use-auth-secret, the external-ip footgun, relay
port range, TLS 5349, peer-IP lockdown) + infra/coturn-playbook.yaml
(dedicated droplet, PySwiss-style split: install coturn, template conf, ufw
3478/5349/49152-65535, systemd enable) + [coturn] inventory placeholder.
*** Manual ops step: provision the droplet + fill inventory before voice
works on staging/prod; CI/local need none of it. ***
- C6: 8 channels ITs (@tag channels) — connect/auth/_can_join gate (owner,
present invitee, stranger, not-present, anon) + hello/present handshake +
offer routing + left-on-disconnect. Scope-injected; TransactionTestCase.
- JS: VoiceMeshSpec.js (tuneOpus) + voice-mesh.js registered in SpecRunner.
1440 IT/UT green; voice channels IT + full Jasmine + voice-btn FT green.
Voice infra is code-complete — provision the coturn droplet to go live.
Code architected by Disco DeDisco <discodedisco@outlook.com >
Git commit message Co-Authored-By:
Claude Opus 4.7 (1M context) <noreply@anthropic.com >
2026-05-27 13:57:09 -04:00
Disco DeDisco
bd9a2fdae3
pyswiss_url env var added to more places throughout ansible vault architecture; staging now has working astro wheel
ci/woodpecker/push/pyswiss Pipeline was successful
ci/woodpecker/push/main Pipeline was successful
2026-04-16 12:04:46 -04:00
Disco DeDisco
4f8e52890b
forgot PYSWISS_URL in live server env, preventing Sky selection from generating an astro wheel
ci/woodpecker/push/pyswiss Pipeline was successful
ci/woodpecker/push/main Pipeline was successful
2026-04-16 11:22:52 -04:00
Disco DeDisco
4e63323019
a pair of small fixes to infra/nginx.conf.j2, to ensure WebSockets functionality; & to role-select.js, to fix the inventory from not updating to that of the new position when a gamer passed the Role cards to the next position when he also occupies that position; separate inventories now ensured
ci/woodpecker/push/woodpecker Pipeline was successful
2026-03-18 21:42:59 -04:00
Disco DeDisco
67697fa90e
established parallel CI pipeline for quicker testing after DO droplet upsizing; ensured gamearray (docker) and gamearray_celery services restart automatically when not purposefully powered off
ci/woodpecker/push/woodpecker Pipeline failed
2026-03-18 20:24:02 -04:00
Disco DeDisco
bd72135a2f
full passing test suite w. new stripe integration across multiple project nodes; new gameboard django app; stripe in test mode on staging
ci/woodpecker/push/woodpecker Pipeline failed
2026-03-09 01:07:16 -04:00
Disco DeDisco
105b8f1e34
buttressed ansible playbook for automatic ssl certification
ci/woodpecker/push/woodpecker Pipeline was successful
2026-03-03 14:18:21 -05:00
Disco DeDisco
44c335b089
added superuser support in apps.lyric.admin & new manage.py cmd ensure_superuser; .tests.integrated.test_admin & .test_management_commands green
ci/woodpecker/push/woodpecker Pipeline was successful
2026-02-22 20:42:33 -05:00
Disco DeDisco
87ef197823
enabled redis alongside celery, but waiting on true caching functionality—flash messages will behave better w. cache_page after they rely on htmx library, not current full-page reload
ci/woodpecker/push/woodpecker Pipeline was successful
2026-02-21 23:13:23 -05:00
Disco DeDisco
04e28b96c8
offloaded some apps.lyric.views responsibilities to new Celery depend fn in .tasks; core.celery created for celery config; CELERY_BROKER_URL added to .settings & throughout project; some lyric view IT responsibility now accordingly covered by task UT domain
ci/woodpecker/push/woodpecker Pipeline failed
2026-02-21 21:35:15 -05:00
Disco DeDisco
84fd0554bd
moved adman magic link to howdy.earthmanrpg.com, in anticipation of having to mirror the prod server location; staging server preserved, along w. gitea & woodpecker, on earthmanrpg.me
ci/woodpecker/push/woodpecker Pipeline failed
2026-02-18 23:04:21 -05:00
Disco DeDisco
55f2a043c6
postgres integration complete thru woodpecker pipeline
ci/woodpecker/push/woodpecker Pipeline was successful
2026-02-18 21:12:01 -05:00
Disco DeDisco
877e3f35cf
hoping to sidestep CD permissions issue w. python call in infra/deploy.sh.j2
ci/woodpecker/push/woodpecker Pipeline was successful
2026-02-17 18:21:50 -05:00
Disco DeDisco
2a9ac4c0f0
renormalized to LF end of line sequences for all files for CD compatibility; created .gitattributes @ project root to manage it; defined {{ ansible_user }} more explicitly in the ansible playbook
ci/woodpecker/push/woodpecker Pipeline failed
2026-02-17 17:48:09 -05:00
Disco DeDisco
510874b87c
created CD pipeline to complement the existing gitea/woodpecker CI pipeline: build, push to registry, deploy to staging on main
ci/woodpecker/push/woodpecker Pipeline failed
2026-02-13 15:27:59 -05:00
Disco DeDisco
b94f1f48aa
Dockerfile.ci & debug-ci now build working container for CI test image
2026-02-10 22:42:45 -05:00
Disco DeDisco
fec1cfcb30
Gitea repo init; Woodpecker pipeline init; much CI/CD structure outlined in ./infra, incl. docker-compose.yaml, cicd-playbook.yaml, new cicd vault, & config files for gitea, woodpecker & ansible
ci/woodpecker/push/woodpecker Pipeline failed
2026-02-10 21:16:00 -05:00
Disco DeDisco
8190317c21
nginx compatibility added to serve static files on server; whitenoise installed to catch static file serving in local docker container, also added to core.settings middleware; console logs & print statements removed from dashboard.js & functional_tests.container_commands; ansible playbook and nginx config file support nginx w.in deployment workflow
2026-02-08 17:55:09 -05:00
Disco DeDisco
10ba5b84e4
after many diversions and forlorn pivot from copilot to claude, new infra/ structure contains group_vars and ansible vaults; requests added to dev and prod dependencies; apps.lyric.views and core
...
.settings both abandon django's send_mail(); instead incorporate requests to target Mailgun's HTTP API (DigitalOcean's SMTP blocker thwarted previous magic login link email attempts, but this issue has been resol
ved with this commit)
2026-02-07 18:58:17 -05:00
Disco DeDisco
449b40e12e
new functional_tests.container_commands file discerns local from server containers; .base calls now calls reset_database() therefrom; .test_my_lists also discerns test server location for different session keys; functional_tests restored as app in core.settings
2026-02-03 22:14:55 -05:00
Disco DeDisco
55bb589f61
added functional_tests to installed apps in core.settings (but only when debug is true); created management dir to contain new django cmds & listed in .dockerignore; created management.create_session cmd; recreated container.db.sqlite3; tweaked test_server setup in functional_tests.base; added test_server failsafe to magic link login testing in .test_login
2026-02-03 14:54:37 -05:00
Disco DeDisco
c1295d671f
added subdomains of earthmanrpg.me to ansible playbook
2026-01-13 21:27:11 -05:00
Disco DeDisco
4b137db317
manage.py changed to lf; FTs tweaked to accomodate WSL2 ansible deployment
2026-01-13 20:58:05 -05:00
Disco DeDisco
d942839308
supplemented ansible playbook early w. task to build container img locally before export
2026-01-13 15:02:43 -05:00
Disco DeDisco
affbddc3cd
commented back in the 'USER: nonroot' line in the Dockerfile now that pushing to a server thru an ansible playbook has rendered all local WSL-2 considerations a nonissue; updated said deploy-playbook.yaml with new tasks to build out real docker container on server
2026-01-13 14:57:17 -05:00
Disco DeDisco
eb38722a53
ansible playbook commenced; deployment aimed at staging.earthmanrpg.me
2026-01-13 00:35:28 -05:00
