# FlowerCore.WorldBuilder

ArgoCD-managed manifest for FlowerCore.WorldBuilder.Web — comic / storyboard
authoring service that drives ComfyUI for panel image generation and
QuestPDF for letter / A4 export.

Source: `D:\git\FlowerCore\FlowerCore.WorldBuilder` (master)

## Deployment order

1. **DNS preflight** — `worldbuilder.iamworkin.lan -> 10.0.56.200` MUST exist
   in pfSense Unbound before this manifest is applied, or cert-manager
   HTTP-01 silently exponential-backs-off ~2h.
   Memory: `feedback_pfsense_dns_required_for_acme`.
2. **Image import to ALL Ready RKE2 nodes** — pod can currently schedule to
   `rke2-server` (10.0.56.11) and `rke2-agent1` (10.0.56.12). Build with:
   ```bash
   bash deploy/build.sh   # in FlowerCore.WorldBuilder repo
   mkdir -p artifacts/deploy
   podman save localhost/fc-worldbuilder:v<TAG> -o artifacts/deploy/fc-worldbuilder-v<TAG>.tar
   for h in 10.0.56.11 10.0.56.12; do
     ssh fcadmin@$h "mkdir -p /home/fcadmin/.fcv"
     scp artifacts/deploy/fc-worldbuilder-v<TAG>.tar fcadmin@$h:/home/fcadmin/.fcv/
     ssh fcadmin@$h \
       "sudo /var/lib/rancher/rke2/bin/ctr -a /run/k3s/containerd/containerd.sock \
         -n k8s.io images import /home/fcadmin/.fcv/fc-worldbuilder-v<TAG>.tar"
   done
   ```
   Memory: `feedback_rke2_image_import_per_node_scp`.
3. **Bump image tag** in `worldbuilder.yaml` and git push.
   ArgoCD ApplicationSet picks up within ~3 minutes.
4. **First production render** — verify
   `https://worldbuilder.iamworkin.lan/healthz`, open
   `https://worldbuilder.iamworkin.lan/settings`, and confirm the image backend
   reports ComfyUI before running an operator-owned render lane.

## Health probes

- `startupProbe` + `readinessProbe`: `httpGet /healthz` (registered explicitly
  in Program.cs — anonymous, no DB or OpenAPI dependency).
- `livenessProbe`: `tcpSocket` as a cheap fallback.
  Memory: `feedback_k8s_probes_must_not_hit_openapi`,
  `feedback_k8s_probes_behind_auth_middleware`.

## Storage

- Longhorn RWO PVC `worldbuilder-data` (5Gi) mounted at `/data`. SQLite DB
  lives at `/data/worldbuilder.db`, generated images under `/data/gallery/`,
  PDF/PNG exports under `/data/exports/`.
- DataProtection keys persist to the same SQLite via
  `AddFlowerCoreDataProtection<WorldBuilderDbContext>` — explicit migration
  `20260429133417_Initial` already creates `fc_dp_keys`.
  Memory: `feedback_dataprotection_keys_persist_to_app_dbcontext`,
  `feedback_intranet_dataprotection_table_must_have_explicit_migration`.

## Image generation backend

The live internal profile now uses
`FlowerCore:WorldBuilder:ImageGeneration:ClientMode=comfyui` with
`BaseUrl=http://10.0.56.20:8188` on BLUEJAY-WS (R9700 / gfx1201 / ROCm 7.2).
Keep the public host pre-staging disabled unless the five safe-to-expose gates
are rechecked; the live GPU lane is operator-owned and internal-only.