Phillip Tarrant
df26abd207
Add YAML-driven quest system with context-aware offering:
Core Implementation:
- Quest data models (Quest, QuestObjective, QuestReward, QuestTriggers)
- QuestService for YAML loading and caching
- QuestEligibilityService with level, location, and probability filtering
- LoreService stub (MockLoreService) ready for Phase 6 Weaviate integration
Quest Content:
- 5 example quests across difficulty tiers (2 easy, 2 medium, 1 hard)
- Quest-centric design: quests define their NPC givers
- Location-based probability weights for natural quest offering
AI Integration:
- Quest offering section in npc_dialogue.j2 template
- Response parser extracts [QUEST_OFFER:quest_id] markers
- AI naturally weaves quest offers into NPC conversations
API Endpoints:
- POST /api/v1/quests/accept - Accept quest offer
- POST /api/v1/quests/decline - Decline quest offer
- POST /api/v1/quests/progress - Update objective progress
- POST /api/v1/quests/complete - Complete quest, claim rewards
- POST /api/v1/quests/abandon - Abandon active quest
- GET /api/v1/characters/{id}/quests - List character quests
- GET /api/v1/quests/{quest_id} - Get quest details
Frontend:
- Quest tracker sidebar with HTMX integration
- Quest offer modal for accept/decline flow
- Quest detail modal for viewing progress
- Combat service integration for kill objective tracking
Testing:
- Unit tests for Quest models and serialization
- Integration tests for full quest lifecycle
- Comprehensive test coverage for eligibility service
Documentation:
- Reorganized docs into /docs/phases/ structure
- Added Phase 5-12 planning documents
- Updated ROADMAP.md with new structure
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
7.4 KiB
7.4 KiB
Phase 10: PWA & Deployment
Goal: Deploy to production as Progressive Web App Priority: High Status: Not Started Last Updated: November 29, 2025
Overview
Prepare the application for production deployment as a Progressive Web App (PWA) with offline support, proper infrastructure, monitoring, and security hardening.
Key Goals:
- PWA with installability and offline support
- Production server setup (Nginx + Gunicorn)
- Monitoring and alerting (Sentry, uptime)
- Backup and disaster recovery
- Security audit and hardening
Task Groups
PWA Setup (4 tasks)
| Task ID | Task | Status | Notes |
|---|---|---|---|
| 10.1 | Create PWA manifest | ⬜ | static/manifest.json - name, icons, theme |
| 10.2 | Create service worker | ⬜ | static/sw.js - caching strategy, offline support |
| 10.3 | Create PWA icons | ⬜ | Various sizes: 72, 96, 128, 144, 152, 192, 384, 512 |
| 10.4 | Checkpoint: Test PWA installation | ⬜ | Install on mobile, verify offline behavior |
Manifest Example:
{
"name": "Code of Conquest",
"short_name": "CoC",
"description": "AI-powered D&D adventure game",
"start_url": "/",
"display": "standalone",
"background_color": "#1a1a2e",
"theme_color": "#c9a227",
"icons": [
{ "src": "/static/icons/icon-192.png", "sizes": "192x192", "type": "image/png" },
{ "src": "/static/icons/icon-512.png", "sizes": "512x512", "type": "image/png" }
]
}
Deliverable: Installable PWA
Production Environment (4 tasks)
| Task ID | Task | Status | Notes |
|---|---|---|---|
| 10.5 | Set up production server | ⬜ | VPS/cloud instance, domain, SSL |
| 10.6 | Configure Nginx reverse proxy | ⬜ | SSL termination, static file serving |
| 10.7 | Configure Gunicorn | ⬜ | 4+ workers, production settings |
| 10.8 | Set up production Redis | ⬜ | Persistent storage, proper auth |
Nginx Configuration (Example):
server {
listen 443 ssl http2;
server_name codeofconquest.com;
ssl_certificate /etc/letsencrypt/live/codeofconquest.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/codeofconquest.com/privkey.pem;
location /static {
alias /var/www/coc/public_web/static;
expires 1y;
}
location /api {
proxy_pass http://127.0.0.1:5000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
location / {
proxy_pass http://127.0.0.1:5001;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
}
Deliverable: Production server running
Background Workers (3 tasks)
| Task ID | Task | Status | Notes |
|---|---|---|---|
| 10.9 | Set up RQ workers (production) | ⬜ | Systemd services, auto-restart |
| 10.10 | Configure worker monitoring | ⬜ | RQ dashboard or custom monitoring |
| 10.11 | Test job processing under load | ⬜ | Verify workers handle concurrent AI tasks |
Systemd Service (Example):
[Unit]
Description=RQ Worker for Code of Conquest
After=redis.service
[Service]
User=www-data
WorkingDirectory=/var/www/coc/api
ExecStart=/var/www/coc/api/venv/bin/rq worker ai_tasks combat_tasks
Restart=always
[Install]
WantedBy=multi-user.target
Deliverable: Reliable background job processing
Monitoring & Alerting (4 tasks)
| Task ID | Task | Status | Notes |
|---|---|---|---|
| 10.12 | Set up Sentry for error tracking | ⬜ | API and web frontend integration |
| 10.13 | Set up uptime monitoring | ⬜ | External service (UptimeRobot, Better Uptime) |
| 10.14 | Configure AI cost monitoring | ⬜ | Daily spend alerts, tier limit tracking |
| 10.15 | Checkpoint: Verify alerting works | ⬜ | Trigger test alert, verify notification |
Deliverable: Comprehensive monitoring
Backup & Security (4 tasks)
| Task ID | Task | Status | Notes |
|---|---|---|---|
| 10.16 | Set up daily Appwrite backups | ⬜ | Automated backup to cloud storage |
| 10.17 | Perform security audit | ⬜ | OWASP checklist, endpoint review |
| 10.18 | Configure rate limiting (production) | ⬜ | Flask-Limiter with production limits |
| 10.19 | Harden server security | ⬜ | Firewall, SSH keys, fail2ban |
Security Checklist:
- All endpoints require authentication where needed
- Input validation on all user inputs
- SQL/NoSQL injection prevention
- XSS prevention (output encoding)
- CSRF protection
- Rate limiting on AI endpoints
- Secrets in environment variables (not code)
- HTTPS enforced everywhere
- Security headers (CSP, HSTS, etc.)
Deliverable: Secured production environment
Deployment Automation (3 tasks)
| Task ID | Task | Status | Notes |
|---|---|---|---|
| 10.20 | Create deployment script | ⬜ | scripts/deploy.sh - pull, build, restart |
| 10.21 | Write deployment documentation | ⬜ | Update /docs/DEPLOYMENT.md |
| 10.22 | Final Checkpoint: Deploy to production | ⬜ | Go live! |
Deployment Script (Example):
#!/bin/bash
set -e
echo "Pulling latest code..."
git pull origin master
echo "Updating API..."
cd /var/www/coc/api
source venv/bin/activate
pip install -r requirements.txt
sudo systemctl restart coc-api
sudo systemctl restart coc-worker
echo "Updating Web..."
cd /var/www/coc/public_web
source venv/bin/activate
pip install -r requirements.txt
sudo systemctl restart coc-web
echo "Deployment complete!"
Deliverable: Automated deployment process
Files to Create/Modify
New Files:
/public_web/static/manifest.json/public_web/static/sw.js/public_web/static/icons/*.png(various sizes)/scripts/deploy.sh/scripts/backup.sh/config/nginx/coc.conf(example Nginx config)/config/systemd/coc-api.service/config/systemd/coc-web.service/config/systemd/coc-worker.service
Modified Files:
/public_web/templates/base.html- PWA meta tags, manifest link/docs/DEPLOYMENT.md- Production deployment guide/api/app/__init__.py- Sentry integration/public_web/app/__init__.py- Sentry integration
Testing Criteria
PWA Testing
- Manifest loads correctly
- Service worker registers
- App installable on mobile
- Offline page displays when disconnected
- PWA icons display correctly
Production Testing
- HTTPS works correctly
- API accessible via domain
- Web frontend accessible via domain
- Static files served correctly
- Background workers processing jobs
Security Testing
- Unauthorized access blocked
- Rate limiting working
- No sensitive data in responses
- Security headers present
Monitoring Testing
- Sentry capturing errors
- Uptime monitoring active
- Alerts trigger correctly
Success Criteria
- PWA installable and functional
- Production server running with SSL
- Background workers processing reliably
- Monitoring and alerting active
- Daily backups running
- Security audit passed
- Deployment automated
Dependencies
Requires (from earlier phases):
- All core features complete
- Frontend polish complete
Task Summary
| Group | Tasks | Checkpoints |
|---|---|---|
| PWA Setup | 3 | 1 |
| Production Environment | 4 | 0 |
| Background Workers | 3 | 0 |
| Monitoring & Alerting | 3 | 1 |
| Backup & Security | 4 | 0 |
| Deployment Automation | 2 | 1 |
| Total | 19 | 3 |