Commit Graph

13 Commits

Author SHA1 Message Date
shadowdao 69439afe4a docs(local-dev): add 'Local development' section + PHP 8.5 support
Build and deploy / deploy (push) Successful in 23s
Adds /whp/local-dev/ with three articles documenting the public cloud
container images on repo.anhonesthost.net/cloud-hosting-platform/:

- overview: dev/prod parity pitch, prerequisites, table of images,
  link to the Gitea org, and a note that this is for customers
  comfortable with Docker (the hosted side needs none of this).
- php-apache: cloud-apache-container (cac). PHP 7.4 through 8.5 side
  by side, default 8.3, AlmaLinux 9 + Apache mod_ssl. Documents
  image tags, local-dev.sh flags, manual docker command, bind-mount
  layout, WordPress install, helper scripts (instance_start /
  instance_stop / instance_logs / instance_db_info), and cleanup.
- node: cloud-node-container (cnoc). Node 18/20/22, default 20,
  AlmaLinux 9 + Nginx (SSL + HTTP→HTTPS redirect) + PM2 +
  Memcached. Same shape: tags, flags, manual docker, where code
  goes (user/app/), logs layout, helpers, cleanup.

Sidebar gains a 'Local development' group between Site Builder and
Reference. Section redirect /whp/local-dev/ -> overview added to
the section-landing redirect set.
2026-05-18 12:01:49 -07:00
shadowdao aeb033bae5 feat(routing): redirect section landings + harden 404 / no directory listings
Build and deploy / deploy (push) Successful in 23s
- astro.config.mjs: section-only URLs now redirect to the first article in
  that section. /whp/admin/ used to render Apache's directory listing
  because no index.html existed; now it serves a meta-refresh to
  /whp/admin/overview/. Same for /whp/, /whp/getting-started/,
  /whp/how-to/, /whp/site-builder/, /whp/reference/, /whp/add-ons/.
- public/.htaccess: ships in dist, disables Options Indexes + MultiViews
  (defense in depth so any future section without a redirect doesn't
  leak a listing), and routes 404/403 to /404.html.
- src/content/docs/404.md: replaces the bare 'check the URL' tagline
  with two explicit actions — 'Go to the knowledge base home' and
  'WHP getting started'.
2026-05-18 11:18:35 -07:00
shadowdao 119d376029 docs(admin): rewrite + extend WHP super-admin section from real UI
Build and deploy / deploy (push) Successful in 24s
Verified every page against the live admin panel on whp01 (read-only).
Five existing articles rewritten; one new article added; customer-facing
backups article updated to match server reality.

Article changes
- overview: super admin = the root user only (no UI to add another);
  WHMCS portal route doesn't apply for admin; accurate sidebar map of
  every admin-only section; customer backups don't cover server config
  (multiple locations, not just /etc — full-server backup is the right
  safety net).
- server-settings: walked all six tabs (System / Services / Mail / DNS
  / Network & SSL / Security); clarified that host Apache + PHP-FPM
  serve the WHP control panel, not customer sites; that MySQL runs as
  a container so host MySQL config is client-facing; that custom
  container needs are met by publishing a custom Docker image (linked
  to repo.anhonesthost.net/cloud-hosting-platform/ for examples).
- coraza-waf: real Firing rules / CRS catalog / Activity tabs; global
  WAF mode pill (off/detect/enforce); per-rule + per-host overrides;
  Ask AI link; security.db source-of-truth + SIGHUP reload note.
- site-monitoring: split into the three actual admin pages — AI Monitor
  dashboard, Issues, Ignore Rules — with stat tiles + health-check
  timeline + ignore-rule AND-semantics.
- user-management: account types corrected to full / domain_dns /
  mail_dns (verified in web-files/pages/user-management.php:26);
  system users are protected against deletion (verified is_protected_user
  in web-files/libs/usermgmt.php:697); delegated users are admin-editable
  (not read-only); suspension page is served by haproxy's 503 errorfile
  (verified in haproxy-manager-base/haproxy_tarpit_config.txt:31) so
  troubleshooting points at haproxy reload / container logs.
- new admin/backups: customer-data backups vs full-server backups;
  auto-backups only run with a default target; how to add global vs
  per-customer targets; how to fire on-demand backups for any user;
  troubleshooting around missing targets / failed test / disk pressure.
- how-to/backups (customer): aside about default-target requirement;
  new section explaining what full-server backups cover vs customer
  backups (managed plans + VDS covered by AnHonestHost; elsewhere is
  the server operator's responsibility).

New components / tooling
- admin-signin partial: 'sign in directly at :8443 as root'.
- Head.astro override + medium-zoom: click-to-zoom lightbox on every
  article image; auto-reattaches after Starlight client navigation.
- capture-admin.ts: read-only Playwright capture for admin docs with
  multi-pass redaction (server hostnames, mail server, customer
  domains, customer usernames in table cells, IPs except RFC1918 and
  public resolvers, password/key/token/secret/api input values, plus
  LiteLLM URLs, model names, JWT/sk-prefix API keys, root → admin).
2026-05-18 10:49:43 -07:00
shadowdao 8c965f76d2 fix(a11y): broken support/signin links + WCAG AA contrast in light mode
Build and deploy / deploy (push) Successful in 29s
Caught by Lighthouse on prod:

1. CRITICAL: support-link.mdx and signing-in.mdx used the MDX expression
   `{URLS.x}` inside Markdown-link parens, which MDX doesn't evaluate —
   the resulting href was URL-encoded '%7BURLS.whmcsTicket%7D' on every
   page with a Support partial. Replaced with HTML anchors so the
   expression evaluates.
2. Light-mode --sl-color-text-accent was the brand teal (#00d4aa) on a
   cream background = 1.73:1 contrast. Introduced --anhh-accent-on-light
   (#047857) at ~6:1 for inline accent text/links. Brand graphics keep
   the original teal.
3. Bumped light-mode --anhh-text-secondary and --anhh-text-muted to
   #334155 / #475569 so muted UI text clears AA.
4. Hub brand link aria-label now includes 'Knowledge Base' so the
   accessible name covers the visible text.
2026-05-17 21:04:10 -07:00
shadowdao 6a0a461c26 docs(site-builder): add 5-article Site Builder section (Beta)
Build and deploy / deploy (push) Successful in 23s
Adds /whp/site-builder/ with overview, getting-started, blocks-and-pages,
styling, and publishing. Wired as a 'Site Builder' sidebar group with a
Beta badge.

- Captured real screenshots via the demo account through a redaction
  step (server names, domain, demo-user all swapped for placeholders)
- New beta-callout partial shared across all 5 articles
- capture-site-builder.ts is local-only (uses tools/screenshots/.env
  for demo creds, never runs in CI)
2026-05-17 18:40:47 -07:00
shadowdao fef98357c7 docs(admin): add WHP super-admin section (5 draft articles)
Adds /whp/admin/ with: overview, server-settings, coraza-waf,
site-monitoring, user-management. Articles are product-neutral
(no VDS in titles or required framing) since super admin may be
offered as a separate service later. They're marked Draft via:

- 'Draft' sidebar badge on the group + each article
- A draft callout partial at the top of every page noting WIP

The super-admin-callout partial (renamed from vds-only-callout)
mentions VDS as today's most common way to get super admin without
locking the docs to that single product.
2026-05-17 18:04:01 -07:00
shadowdao 5d829c44ba docs(explainer): switch analogy to apartment vs townhome in a gated community
The apartment-vs-townhome framing maps more cleanly onto containers:
- An apartment shares walls, plumbing, air — neighbour noise/smells leak in.
  That's the experience on shared hosting.
- A townhome in a gated community keeps the shared upside (security, gates,
  community centre = the server/host) but isolates each unit. That's the
  containerized story.
2026-05-17 17:44:43 -07:00
shadowdao c602b8f8f3 docs: verify against real WHP + capture real screenshots
Discovery against the demo account on whp01 surfaced several inaccuracies:

- Cache is Valkey (Redis wire-compatible), not Redis or Memcached.
  No Memcached is offered as a separate service.
- Site Monitoring is the sidebar label (not 'AI Monitor').
- 'Add a domain' has no Primary/Add-on distinction.
- Sites form: 'Container Type' (not 'Site type'), Number of Containers
  (1-10 for horizontal scaling), CPU per Container (default 0.25),
  Memory per Container (default 256MB), SSL inline on the same form.
- Backups: default retention 5 days / 10 backups; on-demand + scheduled;
  S3 backup targets are visible and configurable.
- Email: per-domain settings live behind 'Setup Instructions' on the
  Email page; mail server hostname is on the Dashboard (per-server,
  e.g. mail01.cloud-hosting.io), not per-domain.

Also reworked the screenshot pipeline:
- New shots.config.ts targets the real index.php?page=... URLs
- Added redactSensitive() step that runs before each screenshot to swap
  server names, IPs, mail hostnames, and demo-user-isms with neutral
  placeholders. This keeps docs portable across the fleet.
- Hides .brand-full and .navbar-text (top-bar server identifier and
  Welcome greeting).
- Captured 9 real WHP screenshots; removed stale placeholders.
2026-05-17 17:00:13 -07:00
shadowdao 53bc37fd0d docs: fix mail server + drop SSH tunneling
- Remove smtp.anhonesthost.com row from service-hostnames partial — we
  don't operate a single shared SMTP gateway; mail server hostnames are
  per-domain and listed on the WHP Dashboard
- Drop SSH tunneling section from service-hostnames reference (not a
  supported access path)
- Point email-client setup at the Dashboard for the per-domain host
  rather than assuming a 'mail.<yourdomain>' pattern
2026-05-17 16:38:36 -07:00
shadowdao 748fcfeb6f docs(whp): add reference + 5 add-on articles, env.d.ts for font CSS imports 2026-05-17 10:34:43 -07:00
shadowdao 231aa583a0 docs(whp): add how-to articles (domain, site, email, backups) + placeholder screenshots
Placeholders are 1440x900 'Screenshot pending' PNGs that will be
overwritten by real captures via 'npm run screenshots' once a demo
user is provisioned.
2026-05-17 10:32:23 -07:00
shadowdao e782234f65 docs(whp): add welcome + containerized hosting explainer 2026-05-17 10:29:57 -07:00
shadowdao 8c23b835d6 feat(content): add reusable partials and how-to template 2026-05-17 10:28:52 -07:00