# RedFlag Investigation - Resume State

**Date:** 2025-12-15  
**Time:** 22:23 EST  
**Status:** Ready for reboot to fix Docker permissions

## What We Fixed Today

### 1. Agent Installation Command Generation (✅ FIXED)
- **Problem:** Commands were generated with wrong format
- **Files changed:**
  - `aggregator-server/internal/api/handlers/registration_tokens.go` - Added `fmt` import, fixed command generation
  - `aggregator-web/src/pages/TokenManagement.tsx` - Fixed Linux/Windows commands
  - `aggregator-web/src/pages/settings/AgentManagement.tsx` - Fixed command generation
  - `aggregator-server/internal/services/install_template_service.go` - Added missing template variables
- **Result:** Installation commands now work correctly

### 2. Docker Build Error (✅ FIXED)
- **Problem:** Missing `fmt` import in `registration_tokens.go`
- **Fix:** Added `"fmt"` to imports
- **Result:** Docker build now succeeds

## Current State

### Server Status
- **Running:** Yes (Docker container active)
- **API:** Fully functional (tested with curl)
- **Logs:** Show agent check-ins being processed
- **Issue:** Cannot run Docker commands due to permissions (user not in docker group)

### Agent Status
- **Binary:** Installed at `/usr/local/bin/redflag-agent`
- **Service:** Created and enabled (systemd)
- **User:** `redflag-agent` system user created
- **Config:** `/etc/redflag/config.json` exists
- **Logs:** Show repeated migration failures

### Database Status
- **Agents table:** Empty (0 records)
- **API response:** `{"agents":null,"total":0}`
- **Issue:** Agent cannot register due to migration failure

## Critical Bug Found: Migration Failure

**Agent logs show:**
```
Dec 15 17:16:12 fedora redflag-agent[2498614]: [MIGRATION] ❌ Migration failed after 19.637µs
Dec 15 17:16:12 fedora redflag-agent[2498614]: [MIGRATION] Error: backup creation failed: failed to create backup directory: mkdir /var/lib/redflag/migration_backups: read-only file system
Dec 15 17:16:12 fedora redflag-agent[2498614]: 2025/12/15 17:16:12 Agent not registered. Run with -register flag first.
```

**Root cause:** Systemd service has `ProtectSystem=strict` which makes filesystem read-only. Agent cannot create `/var/lib/redflag/migration_backups` directory.

**Systemd restart loop:** Counter at 45 (agent keeps crashing and restarting)

## Next Steps After Reboot

### 1. Fix Docker Permissions
- [ ] Run: `docker compose logs server --tail=20`
- [ ] Run: `docker compose exec postgres psql -U redflag -d redflag -c "SELECT * FROM agents;"`
- [ ] Verify we can now run Docker commands without permission errors

### 2. Fix Agent Migration Issue
- [ ] Edit: `/etc/systemd/system/redflag-agent.service`
- [ ] Add under `[Service]`:
  ```ini
  ReadWritePaths=/var/lib/redflag /etc/redflag /var/log/redflag
  ```
- [ ] Run: `sudo systemctl daemon-reload`
- [ ] Run: `sudo systemctl restart redflag-agent`
- [ ] Check logs: `sudo journalctl -u redflag-agent -n 20`

### 3. Test Agent Registration
- [ ] Stop service: `sudo systemctl stop redflag-agent`
- [ ] Run manual registration: `sudo -u redflag-agent /usr/local/bin/redflag-agent -register`
- [ ] Check if agent appears in database
- [ ] Restart service: `sudo systemctl start redflag-agent`
- [ ] Verify agent shows in UI at `http://localhost:3000/agents`

### 4. Commit Fixes
- [ ] `git add -A`
- [ ] `git commit -m "fix: agent installation commands and docker build"`
- [ ] `git push origin feature/agent-subsystems-logging`

## Files Modified Today

1. `aggregator-server/internal/api/handlers/registration_tokens.go` - Added fmt import, fixed command generation
2. `aggregator-web/src/pages/TokenManagement.tsx` - Fixed command generation
3. `aggregator-web/src/pages/settings/AgentManagement.tsx` - Fixed command generation  
4. `aggregator-server/internal/services/install_template_service.go` - Added template variables
5. `test_install_commands.sh` - Created verification script

## API Endpoints Tested

- ✅ `POST /api/v1/auth/login` - Working
- ✅ `GET /api/v1/agents` - Working (returns empty as expected)
- ❌ `POST /api/v1/agents/register` - Not yet tested (blocked by migration)

## Known Issues

1. **Docker permissions** - User not in docker group (fix: reboot)
2. **Agent migration** - Read-only filesystem prevents backup creation
3. **Empty agents table** - Agent not registering due to migration failure
4. **Systemd restart loop** - Agent keeps crashing (counter: 45)

## What Works

- Agent installation script (fixed)
- Docker build (fixed)
- Server API (tested with curl)
- Agent binary (installed and running)
- Systemd service (created and enabled)

## What Doesn't Work

- Agent registration (blocked by migration failure)
- UI showing agents (no data in database)
- Docker commands from current terminal session (permissions)

## Priority After Reboot

1. **Fix Docker permissions** (reboot)
2. **Fix agent migration** (systemd service edit)
3. **Test agent registration** (manual or automatic)
4. **Verify UI shows agents** (end-to-end test)
5. **Commit and push** (save the work)

## Notes

- The agent installation fix is solid and working
- The Docker build fix is solid and working  
- The remaining issue is agent registration (migration blocking it)
- Once migration is fixed, agent should register and appear in UI
- This is the last major bug before RedFlag is fully functional

**Reboot now. Then we'll fix the migration and verify everything works.**