PROJECT_STATE.md

Project

OTB Cloud

Current version

v0.1.2

Build date

2026-04-12

Host

vault3

App path

/opt/otb_cloud

Purpose

Portal-authenticated secure backup and storage platform for customer files, including images, videos, documents, and other uploaded data.

Core requirements locked in

Shared OTB branding, nav, footer, favicon
Portal login / auth handoff through OTB Billing
No unauthenticated file/account access
MariaDB backend
Vault3 storage root at /tank/backups/otb-cloud
Tenant-isolated storage
Device-defined source directories
Immutable originals
Derived-file processing workflow
Search by filename and date
Bulk zip export
Audit logging
Owner-approved admin support access using one-time token

Device organization model

Per-tenant storage will be organized by named devices, for example:

laptop
phone
tablet
workpc
homepc

Each device should have:

originals/
derived/
exports/
deleted/
tmp/

Current implemented scaffold

Flask app factory
Main blueprint
Auth blueprint
MariaDB connection helper
Signed handoff endpoint
Auth-protected dashboard
Temporary portal base template
SQL schema file
DB bootstrap script
Storage bootstrap scripts
Gunicorn systemd service on vault3
Mintme reverse proxy in place

Immediate next tasks

Patch OTB Billing to add OTB Cloud services card
Add signed handoff redirect route in OTB Billing
Replace temporary portal base with shared portal template structure
Build file library and upload endpoints
Add upload audit logging
Add first real storage browsing page

Notes

Original uploaded files should remain preserved and effectively read-only. Any user-facing edits or processing outputs should create derivative files. Admin access should require owner-issued one-time support authorization. This version cleans up the temporary UI while keeping the same signed handoff endpoint for OTB Billing integration.

1.9 KiB Raw Blame History