complete codex docs

docs/features/COMPANION_PROGRAMS.md

@@ -0,0 +1,39 @@
+# Companion Programs
+
+## Current State
+
+Companion programs are not yet a first-class managed system. Current behavior is mostly script-driven and game-specific.
+
+Important references:
+
+- `docs/decisions/0003-companion-programs.md`
+- `Agent_Linux/ogp_agent.pl`
+- `Agent-Windows/ogp_agent.pl`
+- `Panel/modules/config_games/schema_server_config.xml`
+
+## What The System Needs To Do
+
+- start companion apps with the server
+- stop companion apps when the server stops
+- restart companion apps when the server restarts
+- track PIDs or handles
+- log stdout/stderr
+- avoid customer-editable privileged startup scripts
+
+## Good Companion Examples
+
+- BEC for Arma/DayZ
+- B3
+- Discord bots or bridges
+- log watchers
+- stats collectors
+- anti-cheat helpers
+
+## Recommended Shape
+
+The system should be XML/admin-defined and agent-managed.
+
+## Recommendation
+
+Keep the design centralized and game-aware. Do not rely on one-off helper files as the source of truth.
+

docs/features/COMPETITOR_COMPARISON.md

@@ -0,0 +1,34 @@
+# Competitor Comparison
+
+## Reviewed Hosts / Panels
+
+- Open Game Panel
+- TCAdmin
+- Pterodactyl
+- GameServers.com
+- Nitrado
+
+## Comparison Themes
+
+| Area | Common Market Pattern | GSP Opportunity |
+|---|---|---|
+| Workshop / mods | Often present in a game-specific or host-specific way | Build a structured, game-capability-driven server content system. |
+| Backups | Usually manual plus scheduled | Make backups easy, visible, restorable, and tied to retention policy. |
+| Scheduling | Restarts, warnings, backups, updates | Support safer typed actions with task logs and conflict handling. |
+| Status | Basic power state plus query metadata | Use agent-truth status and honest fallback messaging. |
+| File management | Built-in file manager and FTP | Keep advanced file control but make it safer and clearer. |
+| RCON | Often available in host tools | Make RCON presets, warnings, and logs clean and secure. |
+| Permissions | Subusers/roles | Continue improving granular permissions and support workflows. |
+| Provisioning | One-click create/install | Make provisioning audit-friendly and reliable. |
+| Monitoring | State, logs, alerts | Surface startup failures, unresponsive servers, and maintenance notes clearly. |
+
+## Opportunities For GSP To Be Better
+
+- better documentation
+- better agent-truth state
+- clearer status transitions
+- safer advanced control for power users
+- more honest error reporting
+- cleaner Server Content / Workshop handling
+- tighter task history and logs
+

docs/features/FILE_EDITOR.md

@@ -0,0 +1,26 @@
+# File Editor
+
+## Current State
+
+File editing is split across LiteFM, FTP, edit-config helpers, and agent remote read/write methods.
+
+Important references:
+
+- `Panel/modules/litefm/`
+- `Panel/modules/ftp/`
+- `Panel/modules/editconfigfiles/`
+- `Panel/includes/lib_remote.php`
+
+## What It Should Provide
+
+- safe browsing inside server home roots
+- text editing with syntax highlighting
+- backups before save
+- restore last saved version
+- read-only protected paths
+- large-file warnings
+
+## Main Risk
+
+Customer access must never extend into agent control files, shared secrets, or other users' server homes.
+

docs/features/FTP_SYSTEM.md

@@ -0,0 +1,25 @@
+# FTP System
+
+## Current State
+
+GSP includes an FTP module and FTP-related provisioning fields.
+
+Important references:
+
+- `Panel/modules/ftp/module.php`
+- `Panel/modules/user_games/module.php`
+- `Panel/modules/server/module.php`
+
+## Current Notes
+
+- FTP remains useful for advanced users.
+- The embedded FTP UI is legacy-heavy and should be treated carefully.
+- FTP credentials need to be protected and easy to reset.
+
+## Recommended Direction
+
+- keep FTP as an advanced access method
+- document it clearly
+- avoid exposing control paths
+- audit the legacy embedded file manager code
+

docs/features/INSTALLERS.md

@@ -0,0 +1,27 @@
+# Installers
+
+## Current State
+
+Installer behavior is split across game XML, gamemanager startup, addonsmanager, SteamCMD helpers, and agent scripts.
+
+Important references:
+
+- `Panel/modules/config_games/schema_server_config.xml`
+- `Panel/modules/gamemanager/home_handling_functions.php`
+- `Panel/modules/addonsmanager/module.php`
+- `Panel/modules/steam_workshop/module.php`
+- `Agent_Linux/ogp_agent.pl`
+- `Agent-Windows/ogp_agent.pl`
+
+## Installer Types Seen In The Codebase
+
+- SteamCMD-based installs
+- download/extract installs
+- script-driven installs
+- Workshop/content installs
+- profile/content copy workflows
+
+## Recommended Model
+
+Installer strategy should come from game capability metadata. The agent should execute trusted strategies, not arbitrary customer commands.
+

docs/features/LOGGING_SYSTEM.md

@@ -0,0 +1,33 @@
+# Logging System
+
+## Current State
+
+Logging comes from multiple places:
+
+- agent screen logs
+- console logs
+- update logs
+- scheduler logs
+- admin/logger history
+
+Important references:
+
+- `Panel/modules/gamemanager/log.php`
+- `Panel/modules/gamemanager/view_server_log.php`
+- `Panel/modules/gamemanager/get_server_log.php`
+- `Agent_Linux/ogp_agent.pl`
+- `Agent-Windows/ogp_agent.pl`
+
+## What Works
+
+- live log retrieval exists
+- logs can be fetched through the Panel
+- the viewer can update via AJAX
+
+## What Still Needs Cleanup
+
+- better startup failure diagnostics
+- clearer newest-log-file selection
+- better error highlighting
+- better downloadable log history
+

docs/features/PROVISIONING.md

@@ -0,0 +1,38 @@
+# Provisioning
+
+## Current State
+
+Server provisioning flows are centered in `user_games` and supported by billing and server manager modules.
+
+Important references:
+
+- `Panel/modules/user_games/module.php`
+- `Panel/modules/user_games/add_home.php`
+- `Panel/modules/user_games/edit_home.php`
+- `Panel/modules/user_games/assign_home.php`
+- `Panel/modules/user_games/clone_home.php`
+- `Panel/modules/user_games/check_expire.php`
+- `Panel/includes/api_functions.php`
+- `Panel/modules/billing/module.php`
+- `Panel/modules/server/module.php`
+
+## What Provisioning Must Handle
+
+- server home creation
+- port assignment
+- passwords
+- FTP access
+- expiration and suspension
+- clone/migrate behavior
+- game XML and mod selection
+
+## Recommended Direction
+
+Provisioning should be validated and logged more like a commercial hosting platform:
+
+- clear create/install status
+- no port collisions
+- secure default passwords
+- clear billing lifecycle behavior
+- post-create status verification
+

docs/features/RCON_SYSTEM.md

@@ -0,0 +1,27 @@
+# RCON System
+
+## Current State
+
+RCON support is part of the gamemanager and a dedicated admin RCON module.
+
+Important references:
+
+- `Panel/modules/gamemanager/module.php`
+- `Panel/modules/gamemanager/home_handling_functions.php`
+- `Panel/modules/gamemanager/rcon.php`
+- `Panel/modules/rcon/module.php`
+
+## Current Uses
+
+- admin console commands
+- warning messages before restart
+- diagnostic control for supported games
+- scheduler-friendly command execution
+
+## Recommended Direction
+
+- keep presets
+- validate commands where possible
+- do not expose arbitrary commands to customers by default
+- log every command with user and server context
+

docs/features/SCHEDULER_SYSTEM.md

@@ -0,0 +1,35 @@
+# Scheduler System
+
+## Current State
+
+The scheduler is implemented through the `cron` Panel module and agent-side `Schedule::Cron` execution.
+
+Important references:
+
+- `docs/modules/SCHEDULER.md`
+- `Panel/modules/cron/cron.php`
+- `Panel/modules/cron/shared_cron_functions.php`
+- `Agent_Linux/ogp_agent.pl`
+- `Agent-Windows/ogp_agent.pl`
+
+## Current Strengths
+
+- It can schedule server actions.
+- It can schedule Steam updates and server content actions.
+- It already has a visible UI and agent execution path.
+
+## Current Weaknesses
+
+- It is too command-string oriented.
+- Customer-safe and admin-only actions are not separated cleanly enough.
+- Task run history is not rich enough.
+- Error reporting and conflict handling need work.
+
+## Recommended Direction
+
+- typed actions
+- explicit permissions
+- stored task history
+- clear logs and results
+- no customer raw shell commands by default
+