metin-server/m2dev-server
3
0
Fork 1
Code Issues 1 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

docs: add server runtime audit #1

Open
jann wants to merge 2 commits from jann/m2dev-server:claude/server-runtime-audit into main
pull from: jann/m2dev-server:claude/server-runtime-audit
merge into: metin-server:main
Conversation 0 Commits 2 Files Changed 2 +513
jann commented 2026-04-14 13:37:19 +02:00
Member
Copy Link

Ground-truth snapshot of what the VPS is actually running, versus what the existing docs/debian-runtime.md says it should be running. Source is a read-only recon session today (2026-04-14).

Main findings

  • Only db (PID 1788997, port 9000) is alive. None of game_auth, channel1_core1..3, channel99_core1 are running — and more importantly their binaries are not present in share/bin/ on the VPS at all. Deploy pipeline that drops per-instance binaries into channels/<ch>/<core>/<instance> has not been run.
  • metin-db.service is currently flapping (deactivating (stop-sigterm) in systemctl). Two fresh 97 MB core dumps in channels/db/ from 13:24 and 13:25 today. syserr.log full of CPeerBase::Recv() Connection reset by peer even though nothing should be connecting.
  • channels/db/VERSION.txt reports db revision: b2b037f-dirty — build was from a dirty tree.
  • db binds 0.0.0.0:9000, not 127.0.0.1. Should probably be locked down to loopback unless Contabo firewall rules already block it.
  • Secrets contract: share/conf/db.txt / game.txt contain bootstrap / change-me placeholders; real values come from /etc/metin/metin.env (root:root 600). Which env var names the source actually reads is still unverified.
  • Systemd orchestration is confirmed clean: metin-server umbrella → metin-dbmetin-db-ready (wait-port helper) → metin-auth + metin-game@*. The old start.py / stop.py in the repo are FreeBSD-legacy, not wired in.

What the PR adds

  • docs/server-runtime.md — full engineer-to-engineer writeup: processes, systemd units, config files, DB, logging, ports, data layout, disk usage, "how to restart channel1_core2 cleanly", and an open-questions list.
  • docs/server-topology.md — ASCII diagram of the intended architecture plus a table of every process, its unit, ports, role and config file.

Notes

  • Read-only audit: no services restarted, no files changed on the VPS, no SQL executed.
  • Complements the existing docs/debian-runtime.md / docs/database-bootstrap.md / docs/config-and-secrets.md rather than duplicating them.
Ground-truth snapshot of what the VPS is actually running, versus what the existing `docs/debian-runtime.md` says it should be running. Source is a read-only recon session today (2026-04-14). ## Main findings - Only `db` (PID 1788997, port 9000) is alive. None of `game_auth`, `channel1_core1..3`, `channel99_core1` are running — and more importantly **their binaries are not present in `share/bin/` on the VPS at all**. Deploy pipeline that drops per-instance binaries into `channels/<ch>/<core>/<instance>` has not been run. - `metin-db.service` is currently flapping (`deactivating (stop-sigterm)` in systemctl). Two fresh 97 MB core dumps in `channels/db/` from 13:24 and 13:25 today. `syserr.log` full of `CPeerBase::Recv() Connection reset by peer` even though nothing should be connecting. - `channels/db/VERSION.txt` reports `db revision: b2b037f-dirty` — build was from a dirty tree. - `db` binds `0.0.0.0:9000`, not `127.0.0.1`. Should probably be locked down to loopback unless Contabo firewall rules already block it. - Secrets contract: `share/conf/db.txt` / `game.txt` contain `bootstrap` / `change-me` placeholders; real values come from `/etc/metin/metin.env` (root:root 600). Which env var names the source actually reads is still unverified. - Systemd orchestration is confirmed clean: `metin-server` umbrella → `metin-db` → `metin-db-ready` (wait-port helper) → `metin-auth` + `metin-game@*`. The old `start.py` / `stop.py` in the repo are FreeBSD-legacy, not wired in. ## What the PR adds - `docs/server-runtime.md` — full engineer-to-engineer writeup: processes, systemd units, config files, DB, logging, ports, data layout, disk usage, "how to restart channel1_core2 cleanly", and an open-questions list. - `docs/server-topology.md` — ASCII diagram of the intended architecture plus a table of every process, its unit, ports, role and config file. ## Notes - Read-only audit: no services restarted, no files changed on the VPS, no SQL executed. - Complements the existing `docs/debian-runtime.md` / `docs/database-bootstrap.md` / `docs/config-and-secrets.md` rather than duplicating them.
jann added 2 commits 2026-04-14 13:37:20 +02:00
docs: add live server runtime audit 5b65928007
docs: add server topology diagram and port table f2b55949de
This pull request can be merged automatically.
This branch is out-of-date with the base branch
You are not authorized to merge this pull request.
View command line instructions

Checkout

From your project repository, check out a new branch and test the changes.
git fetch -u claude/server-runtime-audit:jann-claude/server-runtime-audit
git checkout jann-claude/server-runtime-audit
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
jakub jann jant
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: metin-server/m2dev-server#1
Delete Branch "jann/m2dev-server:claude/server-runtime-audit"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?