Systems > Fleet Dashboard
P1 | SYS-007 | 1 instance | 70% (1 drift)
API
System Info
NameFleet Dashboard
Slugfleet-dashboard
Statusactive
Ownerplatform
Resources
Repositorycichocki/fleet-dashboard
RunbookView
Readiness70%
Notes for AI
First fleet-conformant system. Tailscale-only access (no public auth needed). Reads from fleet_control_db. Located on H-001.
Deploy Targets (1)
production
Instance Domain Env Host Conformance
INST-007
Fleet Dashboard - Warden
 fleet.threadsync.io production infra-warden-control-01 Legacy
Clusters (Blast Radius)
Cluster Type Tier Members
Infrastructure Services
CLU-004
 platform P1 INST-018, INST-012, INST-007
Guardrails & Rules (14)
security
XSS Protection Required must
All user-facing data must be escaped with escapeHtml() before rendering in HTML templates
No Internal Errors in Responses must
Health endpoint and error responses must NOT expose internal error messages or stack traces
Environment File Protection must
.env file must NEVER be copied to local workspace or included in backups/tarballs
Input Validation with Allow-lists must
All filter parameters (env, tier, conformance_status, lifecycle_status) must be validated against allow-lists
deployment
Local Edit then Deploy Workflow must
Edit files in /home/runner/workspace/ first, then deploy via scp to Warden
Rebuild Container After Code Changes must
After deploying new server.js or Dockerfile, always run: docker compose down && docker compose up -d --build
Backup Before Major Changes must
Create a timestamped backup to /opt/backups/ before any significant changes
coding
Strict npm ci in Dockerfile must
Dockerfile must use npm ci --only=production without fallback to npm install
Request Correlation IDs must
Every request must get a unique request_id logged with all related log entries
API Version in All Responses should
All JSON API responses should include api_version field
operational
Read-Only Database Role must
Dashboard uses fleet_dashboard_ro role - only SELECT plus limited INSERT on operations_log and instance_context
Log Operations After Significant Work should
After completing significant work, POST to /api/operations to create audit trail
forbidden
Never Expose Database Credentials must_not
DATABASE_URL and other credentials must never appear in logs, error messages, or API responses
Never Run as Root in Container must_not
Container must always run as non-root user (appuser:1001)
AI/LLM Policy 
{
  "scope": {
    "host_refs": [
      "H-001"
    ],
    "system_ref": "SYS-007",
    "instance_refs": [
      "INST-007"
    ]
  },
  "context_notes": [
    "This system is an internal Docker fleet dashboard.",
    "Database credentials use read-only role fleet_dashboard_ro.",
    "Access is restricted via Tailscale and Caddy reverse proxy.",
    "Container runs as non-root user (appuser:1001).",
    "Primary host is infra-warden-control-01 (H-001)."
  ],
  "allowed_operations": [
    "Propose edits to Dockerfile for SYS-007 / INST-007",
    "Propose edits to docker-compose.yml for host H-001 involving SYS-007",
    "Propose read-only SQL (views, SELECTs) on fleet_control_db",
    "Suggest server.js improvements for fleet-dashboard",
    "Review and analyze container logs"
  ],
  "forbidden_operations": [
    "Dropping tables or altering schemas outside fleet schema",
    "Acting on hosts or systems not listed in scope",
    "Proposing destructive Docker commands (rm -f, network deletes) without explicit user request",
    "Modifying production database credentials",
    "Accessing systems outside INST-007 scope"
  ]
}