# Project Aegis
## Protect the Cluster. Empower the Admin.

| Property | Value |
|---|---|
| Project | Project Aegis |
| Product | Nowhere Nation Command Center |
| Document | Project Roadmap |
| Version | 0.1.0 |
| Status | Active |
| Last Updated | July 11, 2026 |
| Owner | Archangel |

---

# Nowhere Nation Command Center

**Product Name:** Nowhere Nation Command Center  
**Project Codename:** Project Aegis  
**Tagline:** Cluster Operations Console

## Mission Statement

Project Aegis exists to centralize the management, auditing, and publishing of ARK: Survival Ascended cluster administration while eliminating manual processes, providing complete accountability, and becoming the single source of truth for all administrative operations.

---

# Project Objectives

Project Aegis is being developed to achieve the following goals:

- Eliminate manual editing of ARK administration files.
- Maintain a single authoritative source of truth.
- Provide complete accountability for every administrative action.
- Simplify administration for trusted staff.
- Produce reliable, repeatable, and recoverable publishing workflows.
- Build a scalable operations platform capable of supporting future cluster-management modules.

---

# Current Sprint

## Sprint 2 - Operation Gatekeeper

**Status:** Complete

### Mission Brief

Secure Project Aegis so only active, authorized operators can enter the Command Center and temporary credentials cannot bypass account-hardening requirements.

### Completed Deliverables

- [x] Username-based Operator ID login
- [x] Public registration disabled
- [x] Mandatory password change support
- [x] Temporary-password account state
- [x] Active and disabled account enforcement
- [x] Owner and user role foundation
- [x] Initial owner migration
- [x] Five-attempt login throttling
- [x] Password confirmation for sensitive settings
- [x] Successful login timestamp and IP tracking
- [x] Immediate session termination for disabled operators

### After Action Review

#### Objective

Replace email-first starter authentication with a controlled operator-access system suitable for Project Aegis.

#### Outcome

Mission successful. Project Aegis now authenticates by Operator ID, enforces active account status throughout each session, and prevents temporary-password users from entering protected modules.

#### Completed Work

- Added unique, case-insensitive usernames and account-state fields.
- Migrated the initial Archangel account to owner role.
- Preserved email addresses for password recovery.
- Added a dedicated forced password-change workflow.
- Recorded successful login time and IP address.
- Terminated sessions when an operator is disabled after login.
- Confirmed public registration remains unavailable.
- Verified five-attempt-per-minute login throttling.
- Expanded authentication and session-security test coverage.

#### Lessons Learned

- Authentication behavior must be explicit across different database collations.
- Active-account enforcement belongs on every protected request, not only at login.
- Temporary-password enforcement is clearer as a dedicated workflow than as a normal settings page.
- Direct limiter-policy assertions are more deterministic than repeated simulated session failures.

#### Issues Encountered

- SQLite and MySQL differ in default username case sensitivity.
- Routed Livewire components require a single root with their layout declared separately.
- Session regeneration was unnecessary inside the password-change Livewire action.

#### Recommendations

- Use the Gatekeeper account fields as the foundation for administrator-managed user creation.
- Set new and reset accounts to require a password change by default.
- Centralize role checks before exposing Website User Management actions.
- Add audit events for account changes during Operation Identity and Operation Lincoln.

#### Next Operation

Sprint 3 - Operation Identity

---

# Design Principles

Every feature developed for Project Aegis must follow these principles.

## 1. One Source of Truth

The MySQL database is the authoritative source for all application data.

Generated files such as `AllowedCheaters.txt` and `BanList.txt` are outputsÃƒÂ¢Ã¢â€šÂ¬Ã¢â‚¬Ânot editable data sources.

---

## 2. Every Action Is Accountable

Every meaningful action must generate an audit record that captures:

- Who performed the action
- What was changed
- When it occurred
- The previous value
- The new value
- Whether the action succeeded or failed

Nothing important happens silently.

---

## 3. Automate the Repetitive

If the software can safely perform a task automatically, the administrator should not have to.

Examples include:

- Publishing `AllowedCheaters.txt`
- Sending Discord notifications
- Polling Atlas server health and recording operational transitions
- Creating version-history records
- Verifying published-file synchronization

---

## 4. Recovery Before Regret

Every published file must support version history and rollback.

Mistakes should never require manual reconstruction.

---

## 5. Manage the Cluster, Not the Files

Administrators manage:

- People
- Permissions
- Bans
- Website users
- Operational settings

Project Aegis manages the underlying files and technical processes behind the scenes.

---

## 6. Professional Over Flashy

Every animation, color, and interaction must improve usability.

The interface should feel like a professional operations console rather than a game UI.

---

# Visual Identity

## Theme

Genesis-inspired operations console.

## Style

- Dark
- Modern
- Minimal
- Hexagonal design language
- Clean typography
- Subtle animations
- Professional dashboard
- Restrained ARK-inspired visual cues without copying game assets

## Primary Colors

- Nowhere Nation Red
- Tek Cyan
- Charcoal Background
- Gunmetal Panels
- Green for healthy status
- Amber for warnings
- Red for failures or destructive actions

## Logo

Outlined hexagon with:

```text
NWN
```

centered inside.

## Application Name

```text
NOWHERE NATION
COMMAND CENTER
```

## Product Tagline

```text
Cluster Operations Console
```

## Internal Build Signature

```text
Project Aegis
Protect the Cluster. Empower the Admin.
```

---

# Version Roadmap

## Version 0.1 ÃƒÂ¢Ã¢â€šÂ¬Ã¢â‚¬Â Foundation

**Status:** Completed

- [x] Laravel installed
- [x] Livewire installed
- [x] MySQL connected
- [x] Storage linked
- [x] Git repository created
- [x] GitHub connected
- [x] Initial commit created
- [x] Project roadmap established
- [x] Project codename selected

---

## Sprint 1 ÃƒÂ¢Ã¢â€šÂ¬Ã¢â‚¬Â Operation Genesis

### Project Identity

### Mission Brief

Establish the visual and structural identity of Project Aegis.

### Goal

Replace Laravel's default interface with the Nowhere Nation Command Center identity.

### Deliverables

- NWN branding
- NWN hexagon logo
- Login screen
- Dashboard shell
- Sidebar
- Navigation
- Dark theme
- Responsive layout
- Dashboard cards
- Header
- Footer
- Placeholder pages for future modules

---

## Sprint 2 ÃƒÂ¢Ã¢â€šÂ¬Ã¢â‚¬Â Operation Gatekeeper

### Authentication

### Mission Brief

Secure access to Project Aegis and ensure only authorized users can enter the Command Center.

### Deliverables

- Username-based login
- Public registration removed
- Mandatory password change on first login
- Administrator-assigned temporary passwords
- Active and disabled account states
- Website roles
- Initial Owner account
- Login throttling
- Password confirmation for sensitive actions

---

## Sprint 3 ÃƒÂ¢Ã¢â€šÂ¬Ã¢â‚¬Â Operation Identity

### Website User Management

### Mission Brief

Create the identity-management capabilities required to control who can access Project Aegis and what actions they are authorized to perform.

### Deliverables

- Website user CRUD
- Administrator and User roles
- User creation by Administrators only
- Temporary password issuance
- Password reset workflow
- Account activation and deactivation
- Role assignment
- User activity visibility
- Audit logging

---

## Sprint 4 ÃƒÂ¢Ã¢â€šÂ¬Ã¢â‚¬Â Operation Aegis

### Admin Management

### Mission Brief

Establish the core administrative registry of Project Aegis by centralizing all Nowhere Nation ARK administrators, EOS identities, operational status, and historical records.

### Deliverables

- Admin profiles
- Multiple EOS IDs per admin
- Unique EOS-ID validation
- Active and archived admins
- Individual EOS-ID activation and deactivation
- Discord information
- Platform information
- Rank and notes
- Search
- Filters
- Admin timeline
- Manual-detail entry

---

## Sprint 5 ÃƒÂ¢Ã¢â€šÂ¬Ã¢â‚¬Â Operation Synchronize

### AllowedCheaters Publishing

### Mission Brief

Create a reliable publishing engine that synchronizes active administrator EOS IDs from MySQL to the public `AllowedCheaters.txt` file used by the Nowhere Nation ARK cluster.

### Deliverables

- Publish engine
- Automatic file regeneration
- Atomic file replacement
- Synchronization status
- Version history
- Rollback
- Download
- View current file
- Publish history
- File checksum
- Entry-count verification
- Manual republish for Administrators
- Public URL health check

---

## Sprint 6 ÃƒÂ¢Ã¢â€šÂ¬Ã¢â‚¬Â Operation Awareness

### Discord Integration

### Mission Brief

Provide real-time operational awareness by reporting meaningful Project Aegis actions to the designated Nowhere Nation Discord channel.

### Deliverables

- Discord webhook configuration
- Admin-added notifications
- Admin-updated notifications
- Admin-removed or deactivated notifications
- EOS-ID activation and deactivation notifications
- Publish-success notifications
- Publish-failure notifications
- Website-user management notifications
- Delivery history
- Failure logging

---

## Sprint 7 — Operation Atlas

### Cluster Management and Native RCON

### Mission Brief

Establish a MySQL-backed cluster and server registry, coverage responsibilities, secure native RCON foundations, and module-driven cluster health for Nowhere Nation operations.

### Deliverables

- Cluster and game-server registry
- Production, test, admin, and event environments
- Server coverage assignments
- Database-encrypted RCON credentials
- Owner and Head Admin credential management
- Role-aware RCON authorization
- Native RCON execution with allowlisted commands
- Server health polling and operational transitions
- Lincoln audit history and Awareness notifications
- APP_KEY deployment and recovery safeguards
---

## Sprint 8 ÃƒÂ¢Ã¢â€šÂ¬Ã¢â‚¬Â Operation Lincoln

### Audit and History System

### Mission Brief

Preserve the complete operational history of Project Aegis and the Nowhere Nation admin registry, honoring the principle that trustworthy administration requires a permanent, searchable historical record.

Operation Lincoln is named in recognition of Abraham Lincoln's defining place in United States history and the importance of preserving an accurate record of actions and change.

### Deliverables

- Complete activity history
- Old-value and new-value recording
- User attribution
- Success and failure status
- IP-address logging
- Browser and user-agent logging
- Request identifiers
- Record timelines
- Search
- Filtering
- Date-range filtering
- Export
- Administrator-only system-log access
- User-visible history on relevant admin records
- Sensitive-value redaction

---

# Version 1.0 ÃƒÂ¢Ã¢â€šÂ¬Ã¢â‚¬Â Production Release

## Mission

Deploy Project Aegis as the operational command center for the Nowhere Nation ARK cluster.

## Release Criteria

- All Version 1.0 operations are complete.
- Authentication and authorization have been tested.
- Admin Management has been validated with real EOS IDs.
- `AllowedCheaters.txt` publishing and rollback have been tested.
- Discord notifications have been verified.
- Atlas registry, encrypted RCON credentials, health monitoring, and approved command workflows have been tested.
- Audit history is complete and searchable.
- Mobile and desktop layouts have been validated.
- Production deployment documentation is complete.
- Backup and recovery procedures have been demonstrated.
- Security review is complete.
- Final After Action Review is approved.

---

# Version 2.0 ÃƒÂ¢Ã¢â€šÂ¬Ã¢â‚¬Â Expansion

## Objective

Expand Project Aegis from an administrator-management platform into a broader ARK Cluster Operations Platform.

## Planned Modules

### Ban Management

- Active bans
- Archived bans
- `BanList.txt` publishing
- Version history
- Rollback
- Ban reasons
- Evidence and notes
- Discord notifications

### Server Health

- Server monitoring
- Availability checks
- Public endpoint checks
- Health history
- Operational alerts

### Player Lookup

- Cluster-wide player search
- EOS-ID search
- Platform identity search
- Native RCON player and server-state correlation

### Tribe Lookup

- Tribe records
- Member information
- Tribe history
- Notes and administrative flags

### Cluster Analytics

- Operational statistics
- Administrator activity
- Publishing history
- Trend reporting

### Ticket Integration

- Administrative workflow integration
- Ticket references in admin actions
- Required justification for privileged actions
- Historical ticket linkage

---

# Navigation Model

## Version 1.0 Navigation

- Dashboard
- Admin Management
- Website Users
- Audit Log
- Settings

Publishing, version history, and `AllowedCheaters.txt` health are owned by Admin Management rather than exposed as a separate technical module.

## Future Navigation

- Dashboard
- Admin Management
- Ban Management
- Player Lookup
- Tribe Lookup
- Server Health
- Cluster Analytics
- Website Users
- Audit Log
- Settings

---

# Authorization Model

## Administrator

Administrators can:

- Manage ARK administrator profiles and EOS IDs
- Manage website users
- Assign roles
- Reset passwords
- Configure Discord
- Configure Atlas clusters, servers, and protected RCON credentials
- Configure publishing settings
- View complete audit logs
- Republish files
- Restore previous file versions
- Access system health and delivery logs

## User

Users can:

- View active and archived ARK administrators
- Add administrator profiles
- Update administrator profiles
- Add and update EOS IDs
- Activate and deactivate administrator records
- Execute approved Atlas RCON operations
- View relevant record history

Users cannot:

- Manage website accounts
- Assign website roles
- Change application settings
- View complete system logs
- Restore file versions
- Permanently purge records

---

# Operation Lifecycle

Every operation follows the same command structure:

```text
Mission Brief
ÃƒÂ¢Ã¢â‚¬Â Ã¢â‚¬Å“
Planning
ÃƒÂ¢Ã¢â‚¬Â Ã¢â‚¬Å“
Design
ÃƒÂ¢Ã¢â‚¬Â Ã¢â‚¬Å“
Development
ÃƒÂ¢Ã¢â‚¬Â Ã¢â‚¬Å“
Testing
ÃƒÂ¢Ã¢â‚¬Â Ã¢â‚¬Å“
Verification
ÃƒÂ¢Ã¢â‚¬Â Ã¢â‚¬Å“
Documentation
ÃƒÂ¢Ã¢â‚¬Â Ã¢â‚¬Å“
Deployment
ÃƒÂ¢Ã¢â‚¬Â Ã¢â‚¬Å“
After Action Review
```

---

# Development Workflow

Every feature follows this lifecycle:

```text
Plan
ÃƒÂ¢Ã¢â‚¬Â Ã¢â‚¬Å“
Explain
ÃƒÂ¢Ã¢â‚¬Â Ã¢â‚¬Å“
Create a Git save point
ÃƒÂ¢Ã¢â‚¬Â Ã¢â‚¬Å“
Develop
ÃƒÂ¢Ã¢â‚¬Â Ã¢â‚¬Å“
Test
ÃƒÂ¢Ã¢â‚¬Â Ã¢â‚¬Å“
Verify
ÃƒÂ¢Ã¢â‚¬Â Ã¢â‚¬Å“
Document
ÃƒÂ¢Ã¢â‚¬Â Ã¢â‚¬Å“
Commit
ÃƒÂ¢Ã¢â‚¬Â Ã¢â‚¬Å“
Push
```

Development will proceed one deliberate action and one verification at a time.

---

# Git Commit Standard

Meaningful commits should follow this structure:

```text
Project Aegis | Operation Name | Phase or Feature | Description
```

Examples:

```text
Project Aegis | Operation Genesis | Initial Branding
Project Aegis | Operation Gatekeeper | Username Login
Project Aegis | Operation Synchronize | Publish Engine Complete
Project Aegis | Operation Lincoln | Audit Search and Filtering
```

---

# After Action Reviews

Every completed operation must include an After Action Review.

## Required Sections

### Objective

What the operation was intended to accomplish.

### Outcome

Whether the mission was successful, partially successful, or unsuccessful.

### Completed Work

What was delivered.

### Lessons Learned

What the project team learned during development.

### Issues Encountered

Any technical, process, or design problems discovered.

### Recommendations

Improvements or decisions that should carry into the next operation.

### Next Operation

The operation that follows.

---

# Project Standards

Every feature developed under Project Aegis must satisfy the following standards.

## Purpose Driven

Every feature solves a real operational problem.

## Recoverable

Destructive or publishing actions must have a defined recovery path.

## Auditable

Every significant action must be logged.

## Expandable

New modules should integrate without requiring the platform to be redesigned.

## Consistent

Every page should follow the same visual language and interaction patterns.

## Secure

Authentication, authorization, sensitive settings, and audit records must follow secure development practices.

## Responsive

Core functions must remain usable on desktop and mobile devices.

## Maintainable

Business logic should remain separated from presentation logic and documented clearly enough for future development.

---

# Project Philosophy

Project Aegis is not merely a website.

Project Aegis is an operations platform built by administrators, for administrators.

Every decision should reduce manual work, improve accountability, simplify cluster management, and protect the integrity of Nowhere Nation.

---

# Legacy

Project Aegis began as a request for a secure Laravel page that could manage a public `AllowedCheaters.txt` file without requiring administrators to edit text files manually.

It evolved into a complete operations platform designed to simplify administration, improve accountability, preserve history, and centralize the management of the Nowhere Nation ARK cluster.

**Protect the Cluster.**

**Empower the Admin.**
