cronekorkn/left4me
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
No description
375 commits 2 branches 0 tags 4.8 MiB
Python 79.9%
JavaScript 9.8%
HTML 6.2%
CSS 3.2%
Shell 0.8%
Find a file
mwiegand f030395a57
fix(e2e): force SESSION_COOKIE_SECURE=0 + document init_db duplication 
Two follow-ups from the Task 11 code review.

Important — without SESSION_COOKIE_SECURE=0, Task 12's Playwright
login would silently fail. app.py:57 sets SESSION_COOKIE_SECURE = not
TESTING, so with our TESTING=False conftest the cookie is marked
Secure; the browser drops it over http://127.0.0.1 and the
session never establishes. The env-var override (app.py:53-55) is the
least invasive fix and preserves the SECRET_KEY guard.

Minor — the second init_db() looked redundant but is actually load-
bearing: create_app's init_db runs inside the app context (binds to
the in-app engine), while the seed work uses session_scope() outside
the app context (binds to an env-derived engine). The second
init_db() creates tables on THAT engine. Added a clarifying comment
so a future reader doesn't drop the line and silently break the seed.

Addresses Important #1 + Minor #1 from the Task 11 code review.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-16 21:07:15 +02:00
deploy deploy/journalctl: anchor server log to current unit start 2026-05-15 23:04:53 +02:00
docs fix(editor): capture-phase keydown + popup leak + cache warmup 2026-05-16 20:49:23 +02:00
examples/script-overlays feat(l4d2-web): seed example script overlays from examples/script-overlays/ 2026-05-08 18:41:08 +02:00
l4d2host refactor(repo): uv workspace + hatchling + layout restructure 2026-05-15 22:04:29 +02:00
l4d2web fix(e2e): force SESSION_COOKIE_SECURE=0 + document init_db duplication 2026-05-16 21:07:15 +02:00
.envrc chore(envrc): switch direnv from use uv to layout uv 2026-05-16 13:20:16 +02:00
.gitignore chore(gitignore): ignore .tmp/ scratch directory 2026-05-16 11:53:14 +02:00
.python-version refactor(repo): uv workspace + hatchling + layout restructure 2026-05-15 22:04:29 +02:00
AGENTS.md test(e2e): scaffold Playwright + live-server fixture 2026-05-16 21:00:45 +02:00
pyproject.toml test(e2e): scaffold Playwright + live-server fixture 2026-05-16 21:00:45 +02:00
README.md refactor(repo): uv workspace + hatchling + layout restructure 2026-05-15 22:04:29 +02:00
uv.lock test(e2e): scaffold Playwright + live-server fixture 2026-05-16 21:00:45 +02:00

README.md

left4me

left4me is a local L4D2 server management platform with two planned components:

  1. l4d2host + l4d2ctl (host library + CLI)
  2. l4d2-web-app (Flask web app for users, blueprints, servers, jobs, and logs)

Status

Implementation plans remain the source of truth for architecture and task sequencing:

  • docs/superpowers/plans/2026-04-22-l4d2-host-lib-v1.md
  • docs/superpowers/plans/2026-04-23-l4d2-web-app-v1.md

Locked v1 Decisions

  • Naming is strictly l4d2 (not l4d).
  • Host library and web app are separate components.
  • Host CLI write commands are fixed to:
    • install
    • initialize <name> -f <spec.yaml>
    • start <name>
    • stop <name>
    • delete <name>
  • Host CLI read commands are available for the web/host boundary:
    • status <name> --json
    • logs <name> --lines <n> --follow/--no-follow
  • The web app calls host operations through l4d2ctl, not direct l4d2host imports.
  • Deployment uses /var/lib/left4me for runtime state, /opt/left4me for repository contents and the virtualenv, /etc/left4me for environment files, and global units under /usr/local/lib/systemd/system.
  • Overlay handling is directory-based; the web app populates each overlay (workshop downloads, managed-global refresh).
  • No lock manager, no rollback, no preflight checks in host library.
  • CLI propagates subprocess failures via stderr and return code.
  • delete on missing instance is no-op success.
  • Blueprint model (web app):
    • user-private in v1
    • servers are live-linked to blueprint
    • no per-server overrides
    • delete blueprint blocked when linked servers exist
    • blueprint changes apply on next action
    • server can reassign blueprint anytime

Planned Repository Layout

  • l4d2host/
  • l4d2web/
  • deploy/
  • docs/superpowers/plans/

Deployment

See deploy/README.md for the Linux test deployment contract, including the runtime user, target filesystem layout, systemd units, privileged helpers, sudoers rules, admin bootstrap, and overlay reference rules.

Local development

This repo is a uv workspace (l4d2host + l4d2web as members) with a committed uv.lock and a .python-version pinning Python 3.13 (matching the Debian Trixie production target).

One-time prereq: install uv (macOS: brew install uv; Linux: curl -LsSf https://astral.sh/uv/install.sh | shuv is not yet in Debian stable's apt).

  1. direnv allow once per fresh checkout (and after any .envrc change). .envrc uses use uv, which runs uv sync and activates .venv/ on cd.
  2. Without direnv: uv sync at the repo root creates .venv/, installs both workspace members editable, and pulls in dev deps (pytest) from the lockfile.
  3. Tests: uv run pytest (or just pytest once the venv is on PATH).

Tech Stack (planned)

  • Python 3.13+ (workspace uses uv + hatchling)
  • Typer, PyYAML, pytest
  • Flask, SQLAlchemy, Alembic
  • HTMX (vendored locally), custom CSS, SSE
  • systemd units, kernel overlayfs (mounted via the left4me-overlay privileged helper), steamcmd

Recommended Implementation Order

  1. Implement l4d2host plan first.
  2. Implement l4d2web plan second.
  3. Keep tests green task-by-task (TDD flow from plans).
  4. Keep commits small and aligned with plan tasks.

Contributing Notes

  • Follow plan task order unless explicitly re-planned.
  • Keep contracts above unchanged unless the user asks to change them.
  • Update plan docs when scope or behavior changes.