CLAUDE.md

@@ -47,18 +47,19 @@ then restart.
 
 ## Current Project State
 
-* **Phase**: live in production on home-ctr-onyx at
+* **Phase**: shipped MVP + posting ledger + template-entry edit +
-  `https://quartermaster.unbiasedgeek.com/`. Every merge to `main`
+  platform-deploy prep (`/healthz`, structured JSON logs). Working
-  rolls out automatically via `.forgejo/workflows/deploy.yml`.
+  daily-use tool; first production deploy to home-ctr-onyx pending.
 * **Last worked on**: 2026-04-19
-* **Last commit on main**: `ee6eaae` — fix(docker): enable uvicorn
+* **Last commit on main**: `1296258` — chore: silence jsonlogger
-  proxy-headers so url_for works behind Traefik
+  deprecation, fix LogQL example (#26, #27)
 * **Open PRs**: none
-* **Open issues**: #23 MCP proposal; #31 small cleanups (non-blocking
+* **Open issues**: #28 Dockerfile, #29 compose.yml, #30 Forgejo
-  polish); #26 and #27 are landed but weren't closed when their work
+  Actions deploy workflow (dependency-chained); #31 small cleanups
-  merged — safe to close.
+  (non-blocking polish)
 * **Test count**: 148 / 148 passing
-* **Migrations**: 5 applied; latest `cc60e7f73a1c`
+* **Migrations**: 5 applied; latest `cc60e7f73a1c` (no schema change
+  in #26 or #27)
 * **Blocking issues**: none
 
 After pulling new work, always:
@@ -74,47 +75,6 @@ the live DB.
 
 Most recent 3 sessions (full history in the [wiki](https://forgejo.labbity.unbiasedgeek.com/archeious/quartermaster/wiki)).
 
-### Session 3 — 2026-04-19
-
-Deploy-pipeline arc: four PRs (#32 Dockerfile, #33 compose.yml,
-#34 Forgejo Actions workflow, #35 post-deploy proxy-headers fix)
-took Quartermaster from "deploy prep merged" to live on
-`https://quartermaster.unbiasedgeek.com/`. All three dependency-chained
-issues (#28/#29/#30) closed.
-
-Key decision, locked mid-flight: the deploy workflow has **no SSH
-step**. Initial draft used an SSH-from-runner-to-host pattern with
-`DEPLOY_SSH_KEY` + `DEPLOY_KNOWN_HOSTS` secrets. Jeff pushed back —
-the `homelab` runner lives on home-ctr-onyx itself with the host's
-Docker socket mounted, so `docker compose pull && up -d` runs
-directly against the same daemon that hosts production. Dropped
-two secrets and the private-key risk surface. Remaining Actions
-secrets: `REGISTRY_TOKEN` (archeious PAT, `read:package` +
-`write:package`, minted via the Forgejo API using the admin
-password exposed by `homelab-IaC/bin/load-ops-secrets`) and
-`QUARTERMASTER_SMOKE_PASSWORD` (plaintext basic-auth for the
-post-deploy `/healthz` probe).
-
-Other design points: image tag parameterised via
-`QUARTERMASTER_TAG` (workflow writes a per-deploy `.env`),
-`COMPOSE_PROJECT_NAME=quartermaster` pinned so the runner's
-ephemeral workspace path doesn't confuse compose, smoke step does
-`curl -u admin:… https://quartermaster.unbiasedgeek.com/healthz`
-to catch TLS + routing + basic-auth regressions in one probe.
-
-One post-deploy bug: the first rolled image rendered unstyled
-because uvicorn was started without `--proxy-headers`, so
-Starlette ignored `X-Forwarded-Proto` from Traefik and `url_for()`
-generated `http://<internal>/static/…` hrefs, which browsers
-blocked as mixed content on the `https://` page. Reproduced
-locally by curling the pre-fix image with Traefik-style headers;
-added `--proxy-headers --forwarded-allow-ips='*'` to
-`docker/entrypoint.sh` in #35. Safe to trust all forwarded IPs
-because `compose.yml` publishes no host port — only Traefik on
-`proxy-net` can reach port 8000.
-
-Full retro: [Session3](https://forgejo.labbity.unbiasedgeek.com/archeious/quartermaster/wiki/Session3).
-
 ### Session 2 — 2026-04-19
 
 Platform contract intake (#25) filled out and accepted; platform team
@@ -145,3 +105,25 @@ Deploy-pipeline work queued as #28 (Dockerfile), #29 (compose.yml),
 
 Full retro: [Session2](https://forgejo.labbity.unbiasedgeek.com/archeious/quartermaster/wiki/Session2).
 
+### Session 1 — 2026-04-17
+
+Greenfield to working ledger. 10 PRs merged in one sitting:
+scaffold (#2) → monthly view with snapshot + deviation (#4) →
+backups + CLAUDE.md safety rule (#6) → zero amount header (#8) →
+gitignore wiki (#10) → section groups + sinking funds (#12) →
+notes field (#14) → month lifecycle Planning / Active / Closed
+(#16) → UI redesign in Barlow Condensed with logo (#18) →
+posting transaction ledger (#20).
+
+Key architectural decisions: snapshot-over-mirror for months;
+Primary Debt Target is a pointer, not a pre-allocated amount;
+nothing auto-sweeps — close requires applied zero at $0; `applied`
+is derived from postings only, no column. UI went through three
+mockups before settling on Barlow Condensed + cream paper +
+burgundy accent sampled from the logo shield.
+
+One incident: I wiped the live DB several times during early dev
+churn before the backup script existed. The script + alembic hook
++ repo-level CLAUDE.md safety rule are the fix.
+
+Full retro: [Session1](https://forgejo.labbity.unbiasedgeek.com/archeious/quartermaster/wiki/Session1).