From 97141560efebcb264677d082a70ef1ea99d08a3c Mon Sep 17 00:00:00 2001 From: Jeff Emmett Date: Thu, 16 Apr 2026 19:18:35 -0400 Subject: [PATCH] chore(backlog): follow-ups from 2026-04-16 deployment session 5 new backlog tasks covering loose ends from tonight's rTasks canvas + Sablier sidecar migration + infra cleanup work: - MEDIUM.8: create 5 sidecar containers on Netcup - MEDIUM.9: wire ollama into sidecar lifecycle (currently no-op) - MEDIUM.10: roll canvas-with-widgets UX to remaining rApps - LOW.1: Netcup memory pressure audit - LOW.2: version-control deploy of /opt/scripts/ - LOW.3: Sablier-for-encryptid (retargeted/deferred) Co-Authored-By: Claude Opus 4.7 (1M context) --- ...-memory-pressure-7.9G-in-swap-1.7G-free.md | 23 ++++++++++++++++ ...ps-repo-replace-unversioned-opt-scripts.md | 24 +++++++++++++++++ ...-encryptid-original-TASK-MEDIUM.7-scope.md | 22 ++++++++++++++++ ...h-widgets-UX-pattern-to-remaining-rApps.md | 24 +++++++++++++++++ ...d-freecad-blender-scribus-open-notebook.md | 26 +++++++++++++++++++ ...re-ollama-into-rspace-sidecar-lifecycle.md | 23 ++++++++++++++++ 6 files changed, 142 insertions(+) create mode 100644 backlog/tasks/task-low.1 - Netcup-memory-pressure-7.9G-in-swap-1.7G-free.md create mode 100644 backlog/tasks/task-low.2 - Deploy-enforce-container-limits.sh-from-dev-ops-repo-replace-unversioned-opt-scripts.md create mode 100644 backlog/tasks/task-low.3 - Sablier-scale-to-zero-for-encryptid-original-TASK-MEDIUM.7-scope.md create mode 100644 backlog/tasks/task-medium.10 - Roll-out-canvas-with-widgets-UX-pattern-to-remaining-rApps.md create mode 100644 backlog/tasks/task-medium.8 - Create-on-demand-sidecar-containers-kicad-freecad-blender-scribus-open-notebook.md create mode 100644 backlog/tasks/task-medium.9 - Wire-ollama-into-rspace-sidecar-lifecycle.md diff --git a/backlog/tasks/task-low.1 - Netcup-memory-pressure-7.9G-in-swap-1.7G-free.md b/backlog/tasks/task-low.1 - Netcup-memory-pressure-7.9G-in-swap-1.7G-free.md new file mode 100644 index 00000000..f548b757 --- /dev/null +++ b/backlog/tasks/task-low.1 - Netcup-memory-pressure-7.9G-in-swap-1.7G-free.md @@ -0,0 +1,23 @@ +--- +id: TASK-LOW.1 +title: 'Netcup memory pressure: 7.9G in swap, 1.7G free' +status: To Do +assignee: [] +created_date: '2026-04-16 23:18' +labels: [] +dependencies: [] +parent_task_id: TASK-LOW +--- + +## Description + + +Snapshot 2026-04-17 01:13: 45G/62G used, 1.7G free, 7.9G in swap. Page-swapping regularly. Not urgent but warrants a pass: (a) audit which containers have mem caps > working-set (too generous) vs containers with no cap at all (already fixed by enforce script patch tonight), (b) restart long-running JVM/node containers that leaked, (c) consider killing 'nice-to-have' services if starved. Top mem consumers last checked: mailcow stack, p2pwiki-elasticsearch (3G cap), various twenty-* stacks, gitea (633M / 1G cap = 63%). + + +## Acceptance Criteria + +- [ ] #1 Free mem > 4G under normal load +- [ ] #2 Swap usage < 2G under normal load +- [ ] #3 Identified + documented over-allocated containers + diff --git a/backlog/tasks/task-low.2 - Deploy-enforce-container-limits.sh-from-dev-ops-repo-replace-unversioned-opt-scripts.md b/backlog/tasks/task-low.2 - Deploy-enforce-container-limits.sh-from-dev-ops-repo-replace-unversioned-opt-scripts.md new file mode 100644 index 00000000..541de8d3 --- /dev/null +++ b/backlog/tasks/task-low.2 - Deploy-enforce-container-limits.sh-from-dev-ops-repo-replace-unversioned-opt-scripts.md @@ -0,0 +1,24 @@ +--- +id: TASK-LOW.2 +title: >- + Deploy enforce-container-limits.sh from dev-ops repo (replace unversioned + /opt/scripts/) +status: To Do +assignee: [] +created_date: '2026-04-16 23:18' +labels: [] +dependencies: [] +parent_task_id: TASK-LOW +--- + +## Description + + +Script is now in dev-ops at netcup/scripts/enforce-container-limits.sh (commit dev-ops/73acc6e → main/9b25487). /opt/scripts/enforce-container-limits.sh on Netcup is still a manual copy not tied to git. Consider: (a) symlink /opt/scripts/ → /opt/dev-ops/netcup/scripts/ so git pulls update the script, or (b) add a deploy hook that copies on commit. Option (a) is simpler but exposes directory structure; option (b) is safer. + + +## Acceptance Criteria + +- [ ] #1 Production /opt/scripts/enforce-container-limits.sh tracks dev-ops +- [ ] #2 Script edit in dev-ops flows to Netcup without manual scp + diff --git a/backlog/tasks/task-low.3 - Sablier-scale-to-zero-for-encryptid-original-TASK-MEDIUM.7-scope.md b/backlog/tasks/task-low.3 - Sablier-scale-to-zero-for-encryptid-original-TASK-MEDIUM.7-scope.md new file mode 100644 index 00000000..88abf228 --- /dev/null +++ b/backlog/tasks/task-low.3 - Sablier-scale-to-zero-for-encryptid-original-TASK-MEDIUM.7-scope.md @@ -0,0 +1,22 @@ +--- +id: TASK-LOW.3 +title: Sablier scale-to-zero for encryptid (original TASK-MEDIUM.7 scope) +status: To Do +assignee: [] +created_date: '2026-04-16 23:18' +labels: [] +dependencies: [] +parent_task_id: TASK-LOW +--- + +## Description + + +Retargeted tonight to sidecars (TASK-MEDIUM.7 Done). Original idea was to put encryptid + encryptid-db behind Sablier for 256MB RAM savings when auth is idle. Tradeoff: cold-start latency (few seconds) on first login after idle — user-facing annoyance. Probably not worth it for auth, but documenting for future consideration. If pursued: add Sablier labels to encryptid services, configure Traefik dynamic config to route auth.rspace.online / auth.ridentity.online / encryptid.jeffemmett.com through Sablier middleware (see dev-ops/netcup/traefik/config/sablier-voice.yml for the pattern). + + +## Acceptance Criteria + +- [ ] #1 Decision: pursue or permanently close +- [ ] #2 If pursued: labels + Traefik route + verified cold-start acceptable + diff --git a/backlog/tasks/task-medium.10 - Roll-out-canvas-with-widgets-UX-pattern-to-remaining-rApps.md b/backlog/tasks/task-medium.10 - Roll-out-canvas-with-widgets-UX-pattern-to-remaining-rApps.md new file mode 100644 index 00000000..5552cb8b --- /dev/null +++ b/backlog/tasks/task-medium.10 - Roll-out-canvas-with-widgets-UX-pattern-to-remaining-rApps.md @@ -0,0 +1,24 @@ +--- +id: TASK-MEDIUM.10 +title: Roll out canvas-with-widgets UX pattern to remaining rApps +status: To Do +assignee: [] +created_date: '2026-04-16 23:17' +labels: [] +dependencies: [] +parent_task_id: TASK-MEDIUM +--- + +## Description + + +Prototype landed tonight at demo.rspace.online/rtasks/canvas: folk-app-canvas + folk-widget + 3 rTasks widgets (Board/Backlog/Activity). Each rApp's root view becomes an integrated canvas of togglable widgets instead of siloed tab pages. 24 single-view rApps are candidates — feature inventory already done (see conversation log). Pending user review of rTasks prototype before rolling out. Planned tab groupings per rApp: rMeets, rcal, rmaps, rinbox, rtrips, rtime, rfiles, rdocs, rnotes, rfeeds, rchoices, rvote, rbnb, rvnb, rbooks, rdata, rphotos, rforum. Skip: rcred, rgov, rpast, rsplat, rtube, rchats (genuinely single-purpose). + + +## Acceptance Criteria + +- [ ] #1 User approves rTasks prototype after visual review +- [ ] #2 Widget registry pattern documented for new rApp authors +- [ ] #3 Each approved rApp has a /canvas route alongside existing root +- [ ] #4 Mobile fallback (stacked cards) tested on real device + diff --git a/backlog/tasks/task-medium.8 - Create-on-demand-sidecar-containers-kicad-freecad-blender-scribus-open-notebook.md b/backlog/tasks/task-medium.8 - Create-on-demand-sidecar-containers-kicad-freecad-blender-scribus-open-notebook.md new file mode 100644 index 00000000..3a0c7fc3 --- /dev/null +++ b/backlog/tasks/task-medium.8 - Create-on-demand-sidecar-containers-kicad-freecad-blender-scribus-open-notebook.md @@ -0,0 +1,26 @@ +--- +id: TASK-MEDIUM.8 +title: >- + Create on-demand sidecar containers + (kicad/freecad/blender/scribus/open-notebook) +status: To Do +assignee: [] +created_date: '2026-04-16 23:17' +labels: [] +dependencies: [] +parent_task_id: TASK-MEDIUM +--- + +## Description + + +The 5 sidecar containers defined in /opt/rspace-online/docker-compose.yml under profiles:[sidecar] don't exist on Netcup. Sablier can't wake what doesn't exist. Run `cd /opt/rspace-online && docker compose --profile sidecar create` when server load is low — this triggers heavy Docker builds (KiCad/FreeCAD/Blender pull hundreds of MB + compile). Wait for load avg < 8 and free mem > 4GB before running. + + +## Acceptance Criteria + +- [ ] #1 All 5 sidecar images built on Netcup +- [ ] #2 Containers in 'created' state (not started) +- [ ] #3 Sablier can wake each one via /api/strategies/blocking +- [ ] #4 ensureSidecar(name) from rspace server triggers actual container start + diff --git a/backlog/tasks/task-medium.9 - Wire-ollama-into-rspace-sidecar-lifecycle.md b/backlog/tasks/task-medium.9 - Wire-ollama-into-rspace-sidecar-lifecycle.md new file mode 100644 index 00000000..1677a282 --- /dev/null +++ b/backlog/tasks/task-medium.9 - Wire-ollama-into-rspace-sidecar-lifecycle.md @@ -0,0 +1,23 @@ +--- +id: TASK-MEDIUM.9 +title: Wire ollama into rspace sidecar lifecycle +status: To Do +assignee: [] +created_date: '2026-04-16 23:17' +labels: [] +dependencies: [] +parent_task_id: TASK-MEDIUM +--- + +## Description + + +server/sidecar-manager.ts lists ollama in SIDECARS but there's no ollama service in /opt/rspace-online/docker-compose.yml. ensureSidecar('ollama') calls from server/index.ts:2853 silently no-op. Either: (a) add an ollama service to the compose under profiles:[sidecar] so Sablier can wake it, or (b) drop ollama from sidecar-manager and adjust callers. Memory doc (2026-03-31 entry) suggests ollama was intended as a sidecar — option (a) is more likely correct. + + +## Acceptance Criteria + +- [ ] #1 ollama container exists on rspace-internal network at host 'ollama' port 11434 +- [ ] #2 Sablier can wake it via blocking API +- [ ] #3 fetch('http://ollama:11434/') from rspace returns 200 after ensureSidecar('ollama') +