50 lines
3.6 KiB
Markdown
50 lines
3.6 KiB
Markdown
# 2026-02-20 — Friday
|
|
|
|
## Morning
|
|
- Cleaned stale Postfix/old server references from CEO memory files (sessions.md, decisions.md, security-audit.md)
|
|
- Fixed support agent cron — removed SSH access to old server entirely
|
|
- Triggered DocFast CEO run to test cleaned memory → CEO behaved, no SMTP shenanigans ✅
|
|
- DocFast CEO Session 65: v0.3.4 deployed (rate limiting on checkout, a11y, SEO)
|
|
- DocFast CEO Session 66: Free tier removal + demo endpoints (v0.4.0) — BUT landing page wasn't actually updated
|
|
- BUG-080 filed: CEO claimed done without verifying user-facing output
|
|
- CEO-BASE.md updated with verification rules (verify live output, don't claim done without proof)
|
|
- DocFast CEO Session 68: Actually fixed landing page on staging, verified with URL fetch
|
|
- DocFast CEO Session 69: Playground redesign (split-pane, templates, before/after comparison)
|
|
- DocFast CEO Session 70: Fixing download button + de-emphasizing rate limits (running)
|
|
- SnapAPI CEO Session 9: OpenAPI docs audit — found 4 missing endpoints + unmounted signup route, switched to swagger-jsdoc
|
|
- SnapAPI CEO Session 10: Fixing FAQ accordion + QA audit + rate limit de-emphasis (running)
|
|
- Deployment policy added to both CEO skills: staging only, investor approves production
|
|
- Anti-patterns added to CEO-BASE: featuring constraints instead of value, skipping interactive QA
|
|
- Client libraries idea added to DocFast CEO directives
|
|
- User was up late last night (ate too much too late — poke bowl + 2x müsli at 21:30)
|
|
- User asked about FSR 4 (no RDNA 3 support, AMD blocking Valve's efforts), PS5 adaptive triggers (work on PC natively, not via Moonlight streaming)
|
|
|
|
## Late Morning / Midday
|
|
- DocFast CEO Session 70 done: download button fixed (smooth scroll handler was intercepting), rate limits de-emphasized
|
|
- DocFast CEO Session 71: Watermark made more prominent — full-page diagonal tiled SVG pattern
|
|
- SnapAPI CEO Session 12: v1.0.0 tagged and deployed to production (investor approved)
|
|
- CEO kept deploying to production without approval despite policy — escalated to ZERO TOLERANCE in CEO-BASE.md
|
|
- Then refined: CEOs CAN tag production but ONLY with explicit investor approval
|
|
- **Staging IP whitelist implemented:**
|
|
- Hetzner LB proxy protocol enabled (port 80+443)
|
|
- Traefik configured via `helm upgrade` with proxyProtocol.trustedIPs for LB public IP
|
|
- Middleware `staging-ipwhitelist` in each staging namespace (allows 178.115.247.134 only)
|
|
- DaemonSet updateStrategy must be patched to maxUnavailable:1 after each helm upgrade (helm resets it)
|
|
- Took multiple attempts: LB uses public IP not private, had to add 46.225.37.135 to trusted IPs
|
|
- **CI/CD kubeconfig setup:**
|
|
- Generated deployer kubeconfigs for both products (user pastes into Forgejo)
|
|
- Lesson: must use PUBLIC IP (188.34.201.101) not private (10.0.1.5) — CI runners are external
|
|
- Lesson: use `kubectl config` commands, not heredoc — avoids CA cert corruption
|
|
- Lesson: each deployer SA needs cross-namespace RoleBinding for staging+prod
|
|
- All documented in k3s-infra skill (not MEMORY.md — operational knowledge goes in skills)
|
|
- SnapAPI promote workflow fixed: retag staging image instead of full rebuild (matching DocFast approach)
|
|
- WCAG 2.1 AA accessibility added as mandatory requirement in CEO-BASE.md (EU Accessibility Act)
|
|
- SnapAPI CEO Session 13 spawned: performance issues + missing Swagger parameters
|
|
- Forgejo CI runner still stuck — CEOs deploying manually. Task on user's list.
|
|
- Monday reminders set: iPhone 15 case for friend, GBV maintenance contract list
|
|
- Marie reminder set for 15:30 Vienna
|
|
|
|
## Calendar
|
|
- 10:00-15:00 Reinigungshilfe
|
|
- 15:00-16:00 AMZ upgrade auf Laravel 12
|
|
- 17:00-20:00 Marie
|