PROJECT_STATE.md

Project

OTB Cloud

Current version

v0.2.1

Build date

2026-04-12

Host

vault3

App path

/opt/otb_cloud

Purpose

Portal-authenticated secure backup and storage platform for customer files, including images, videos, documents, and other uploaded data.

Core requirements locked in

Shared OTB branding, nav, footer, favicon
Portal login / auth handoff through OTB Billing
No unauthenticated file/account access
MariaDB backend
Vault3 storage root at /tank/backups/otb-cloud
Tenant-isolated storage
User-created devices
Immutable originals
Derived-file processing workflow
Search by filename and date
Bulk zip export
Audit logging
Owner-approved admin support access using one-time token

Current implemented scaffold

Flask app factory
Main blueprint
Auth blueprint
MariaDB connection helper
Signed handoff endpoint
Auth-protected dashboard
Branded OTB portal shell styling
SQL schema file
DB bootstrap script
Storage bootstrap scripts
Gunicorn systemd service on vault3
Mintme reverse proxy in place
OTB Billing signed handoff working
Add Device flow
Remove Device flow for empty devices
Browser upload flow to device originals
Device file browser page

Immediate next tasks

Add single-file download
Add searchable file listing
Add rename basename-only flow
Add zip export flow
Add media processing jobs
Add derived/original filtering

Notes

Original uploaded files should remain preserved and effectively read-only. Any user-facing edits or processing outputs should create derivative files. Admin access should require owner-issued one-time support authorization. New tenants no longer receive default devices automatically; devices are now user-created. Devices can only be removed when no files are associated with them. Browser uploads write original files into device-specific originals directories and create DB records. The device browser is DB-backed and tenant-scoped.

2.0 KiB Raw Blame History