3.5 KiB
3.5 KiB
MVP Checklist
Planning
- Confirm target environment: Linux only or mixed infrastructure
- Confirm server access method: SSH, Docker API, or local agent
- Confirm which services may be managed from the panel
- Confirm MVP bot scope: notifications only or notifications plus commands
- Confirm user roles and permission boundaries
- Confirm where secrets will be stored
Repository Setup
- Create
backend/ - Create
frontend/ - Create
bot/ - Create
docs/ - Add
.env.example - Add
docker-compose.yml - Add top-level
README.md
Backend Foundation
- Add FastAPI app entrypoint
- Add configuration loader
- Add structured logging
- Add database session setup
- Add migration setup
- Add health endpoint
- Add test framework setup
Authentication and Roles
- Create user model
- Add password hashing
- Add login endpoint
- Add refresh token flow
- Add current user endpoint
- Add role checks for protected endpoints
- Add bootstrap admin creation flow
Server Management
- Create server model
- Add server CRUD endpoints
- Add server connectivity check
- Add server health endpoint
- Add basic metrics collection
- Add server list UI
- Add server details UI
Service Management
- Define allowed service list model or config
- Add service status endpoint
- Add service start action
- Add service stop action
- Add service restart action
- Route actions through worker or task queue
- Add UI action buttons with loading and error states
Logs and Audit
- Add recent logs endpoint
- Limit log output safely
- Create audit log model
- Record all control actions
- Add audit list endpoint
- Add audit list UI
Telegram Integration
- Create bot service skeleton
- Add bot config via environment variables
- Implement Telegram user linking
- Send test notification
- Add
/startcommand - Add
/statuscommand - Add
/servicescommand - Add restricted
/restartcommand - Log bot-triggered actions in audit trail
Frontend
- Add login page
- Add dashboard page
- Add servers page
- Add server details page
- Add services page
- Add logs page
- Add settings page
- Add auth guard
- Add API client layer
- Add loading, empty, and error states
Security
- Store secrets in environment variables only
- Avoid arbitrary shell command execution
- Restrict actions to approved operations
- Add audit logging for sensitive actions
- Validate all input from UI and Telegram
- Review token lifetime and session invalidation
Deployment
- Add development Docker Compose setup
- Add production environment variable template
- Add reverse proxy config
- Add backend service definition
- Add bot service definition
- Document startup procedure
- Document rollback procedure
Testing and Validation
- Add API tests for auth
- Add API tests for server CRUD
- Add API tests for service actions
- Add API tests for authorization failures
- Add smoke test for bot notification flow
- Validate
docker compose config - Run backend tests
- Run frontend build
Release Readiness
- Setup documentation is complete
- API documentation is complete enough for frontend work
- Known limitations are documented
- Admin onboarding steps are documented
- Telegram setup steps are documented
- MVP acceptance criteria are checked