diff --git a/docs/devops/single_azure_vm/docker/DEPLOYMENT_STATUS_2026-03-29.md b/docs/devops/single_azure_vm/docker/DEPLOYMENT_STATUS_2026-03-29.md index e8f5f5b7..b6fab215 100644 --- a/docs/devops/single_azure_vm/docker/DEPLOYMENT_STATUS_2026-03-29.md +++ b/docs/devops/single_azure_vm/docker/DEPLOYMENT_STATUS_2026-03-29.md @@ -17,6 +17,7 @@ The VM moved forward after the original snapshot: - `admin-web` and `tracker-web` are healthy again - `extraction-service` product rate limiting now uses Valkey-backed shared counters - the admin ops page now includes VM inventory and Valkey inspection panels +- the admin ops page now includes allowlisted container restart actions and guarded Valkey delete actions - live verification confirmed a request for `productId=valkey-check-2` created the key `extraction:product-rate-limit:29582406:valkey-check-2` in Valkey with value `1` ### What is working diff --git a/docs/devops/single_azure_vm/docker/README.md b/docs/devops/single_azure_vm/docker/README.md index 60d56cdf..8be6c625 100644 --- a/docs/devops/single_azure_vm/docker/README.md +++ b/docs/devops/single_azure_vm/docker/README.md @@ -207,9 +207,16 @@ The internal admin dashboard at `http://:3001/ops` now exposes: - Mission Control health for the internal stack - a VM inventory view of Docker-managed services and host tooling - a read-only Valkey inspector for key pattern scans, TTLs, and small previews +- restart buttons for allowlisted internal containers +- guarded Valkey delete actions for exact keys and concrete prefix patterns These views are protected by the admin dashboard auth layer. +Note: + +- restart actions require the Docker socket to be mounted into `admin-web` +- the current implementation mounts `/var/run/docker.sock` into the admin container, so this route should remain internal-only and admin-only + ## Environment Variables All optional — defaults work for most setups: