Add docs and project files - force for Culurien

docs/4_LOG/December_2025/2025-12-16_Resume_State.md

@@ -0,0 +1,136 @@
+# RedFlag Investigation - Resume State
+
+**Date:** 2025-12-15  
+**Time:** 22:23 EST  
+**Status:** Ready for reboot to fix Docker permissions
+
+## What We Fixed Today
+
+### 1. Agent Installation Command Generation (✅ FIXED)
+- **Problem:** Commands were generated with wrong format
+- **Files changed:**
+  - `aggregator-server/internal/api/handlers/registration_tokens.go` - Added `fmt` import, fixed command generation
+  - `aggregator-web/src/pages/TokenManagement.tsx` - Fixed Linux/Windows commands
+  - `aggregator-web/src/pages/settings/AgentManagement.tsx` - Fixed command generation
+  - `aggregator-server/internal/services/install_template_service.go` - Added missing template variables
+- **Result:** Installation commands now work correctly
+
+### 2. Docker Build Error (✅ FIXED)
+- **Problem:** Missing `fmt` import in `registration_tokens.go`
+- **Fix:** Added `"fmt"` to imports
+- **Result:** Docker build now succeeds
+
+## Current State
+
+### Server Status
+- **Running:** Yes (Docker container active)
+- **API:** Fully functional (tested with curl)
+- **Logs:** Show agent check-ins being processed
+- **Issue:** Cannot run Docker commands due to permissions (user not in docker group)
+
+### Agent Status
+- **Binary:** Installed at `/usr/local/bin/redflag-agent`
+- **Service:** Created and enabled (systemd)
+- **User:** `redflag-agent` system user created
+- **Config:** `/etc/redflag/config.json` exists
+- **Logs:** Show repeated migration failures
+
+### Database Status
+- **Agents table:** Empty (0 records)
+- **API response:** `{"agents":null,"total":0}`
+- **Issue:** Agent cannot register due to migration failure
+
+## Critical Bug Found: Migration Failure
+
+**Agent logs show:**
+```
+Dec 15 17:16:12 fedora redflag-agent[2498614]: [MIGRATION] ❌ Migration failed after 19.637µs
+Dec 15 17:16:12 fedora redflag-agent[2498614]: [MIGRATION] Error: backup creation failed: failed to create backup directory: mkdir /var/lib/redflag/migration_backups: read-only file system
+Dec 15 17:16:12 fedora redflag-agent[2498614]: 2025/12/15 17:16:12 Agent not registered. Run with -register flag first.
+```
+
+**Root cause:** Systemd service has `ProtectSystem=strict` which makes filesystem read-only. Agent cannot create `/var/lib/redflag/migration_backups` directory.
+
+**Systemd restart loop:** Counter at 45 (agent keeps crashing and restarting)
+
+## Next Steps After Reboot
+
+### 1. Fix Docker Permissions
+- [ ] Run: `docker compose logs server --tail=20`
+- [ ] Run: `docker compose exec postgres psql -U redflag -d redflag -c "SELECT * FROM agents;"`
+- [ ] Verify we can now run Docker commands without permission errors
+
+### 2. Fix Agent Migration Issue
+- [ ] Edit: `/etc/systemd/system/redflag-agent.service`
+- [ ] Add under `[Service]`:
+  ```ini
+  ReadWritePaths=/var/lib/redflag /etc/redflag /var/log/redflag
+  ```
+- [ ] Run: `sudo systemctl daemon-reload`
+- [ ] Run: `sudo systemctl restart redflag-agent`
+- [ ] Check logs: `sudo journalctl -u redflag-agent -n 20`
+
+### 3. Test Agent Registration
+- [ ] Stop service: `sudo systemctl stop redflag-agent`
+- [ ] Run manual registration: `sudo -u redflag-agent /usr/local/bin/redflag-agent -register`
+- [ ] Check if agent appears in database
+- [ ] Restart service: `sudo systemctl start redflag-agent`
+- [ ] Verify agent shows in UI at `http://localhost:3000/agents`
+
+### 4. Commit Fixes
+- [ ] `git add -A`
+- [ ] `git commit -m "fix: agent installation commands and docker build"`
+- [ ] `git push origin feature/agent-subsystems-logging`
+
+## Files Modified Today
+
+1. `aggregator-server/internal/api/handlers/registration_tokens.go` - Added fmt import, fixed command generation
+2. `aggregator-web/src/pages/TokenManagement.tsx` - Fixed command generation
+3. `aggregator-web/src/pages/settings/AgentManagement.tsx` - Fixed command generation  
+4. `aggregator-server/internal/services/install_template_service.go` - Added template variables
+5. `test_install_commands.sh` - Created verification script
+
+## API Endpoints Tested
+
+- ✅ `POST /api/v1/auth/login` - Working
+- ✅ `GET /api/v1/agents` - Working (returns empty as expected)
+- ❌ `POST /api/v1/agents/register` - Not yet tested (blocked by migration)
+
+## Known Issues
+
+1. **Docker permissions** - User not in docker group (fix: reboot)
+2. **Agent migration** - Read-only filesystem prevents backup creation
+3. **Empty agents table** - Agent not registering due to migration failure
+4. **Systemd restart loop** - Agent keeps crashing (counter: 45)
+
+## What Works
+
+- Agent installation script (fixed)
+- Docker build (fixed)
+- Server API (tested with curl)
+- Agent binary (installed and running)
+- Systemd service (created and enabled)
+
+## What Doesn't Work
+
+- Agent registration (blocked by migration failure)
+- UI showing agents (no data in database)
+- Docker commands from current terminal session (permissions)
+
+## Priority After Reboot
+
+1. **Fix Docker permissions** (reboot)
+2. **Fix agent migration** (systemd service edit)
+3. **Test agent registration** (manual or automatic)
+4. **Verify UI shows agents** (end-to-end test)
+5. **Commit and push** (save the work)
+
+## Notes
+
+- The agent installation fix is solid and working
+- The Docker build fix is solid and working  
+- The remaining issue is agent registration (migration blocking it)
+- Once migration is fixed, agent should register and appear in UI
+- This is the last major bug before RedFlag is fully functional
+
+**Reboot now. Then we'll fix the migration and verify everything works.**