Devlog — Jamverse

Session 1

Infrastructure Setup and Scaffolding

2026-06-02 · afternoon PT · @vgururao infrastructureoperations deployed

Repo and local clone: Created Protocol-Institute/jamverse as a private GitHub repository. Cloned locally to protocol-institute/jamverse/. Initial scaffold: README.md, CLAUDE.md, status.md, .gitignore.
Cloudflare Pages project: Created CF Pages project jamverse on the PI org account (7e8c7969b2464d23795c555bc6a32af8) via CF API, then deployed stub index.html via wrangler — dark holding page with Protocolized wordmark and PI mark. Live at jamverse.pages.dev.
Custom subdomain: Added jamverse.protocolized.io as a custom domain via CF Pages API. CF recognized the zone (protocolized.io) is in the same account but could not auto-create the CNAME because the org token lacks Zone DNS:Edit scope — a known gap to address. Subdomain added through CF Pages dashboard UI as a workaround; DNS propagation and TLS provisioning pending at session close. Workers custom domains (e.g. c3po) handle DNS automatically via wrangler; Pages custom domains require a separate verification flow.
D1 database: Created jamverse-db (ID: 6826920c-3f30-438a-ab66-e34a26cda7d3) in region WNAM on PI org CF account. Single database for the full project: users, roles, content, submission metadata. Binding name: DB. D1/R2 creation is account-level and outside the dev token scope — org admin creates, dev operates.
R2 media bucket: Created jamverse-media on PI org CF account. Key convention: submissions/{id}/ for content media, avatars/{user_id}/ for profile images, assets/ for shared static assets. Binding name: MEDIA. PI mark (protocolized_mark.png) uploaded to assets/ as first R2 object.
PI mark on stub page: Copied protocolized_mark.png from protocolized-website/public/, uploaded to jamverse-media/assets/protocolized_mark.png via wrangler (--remote flag required — wrangler 4.x defaults to local miniflare when wrangler.toml is present). Also placed in public/assets/ for Pages static serving, since there is no Worker yet to proxy R2 objects. Wired into index.html inverted and at 25% opacity for the dark background.
Dev API token: Created a scoped Account API Token (jamverse-dev) for the lead developer via CF dashboard — Account API Tokens rather than user-profile tokens so the credential is owned by the org, not an individual. Scopes: Pages:Edit (jamverse project), D1:Edit (jamverse-db), Workers R2 Storage:Edit (jamverse-media bucket only), Workers Scripts:Edit (account-level, required for wrangler secret put). Initial token value was captured before creation was finalized and failed validation; rolled to get the live value. Developer does not need a CF account or dashboard access.
Session rituals and devlog: Established mandatory startup/wrapup ritual in CLAUDE.md: startup requires running date for accurate timestamps; wrapup requires a devlog entry, devlog re-render, status update, and wrapup checklist post before the session is considered closed. data/devlog.json is the source of truth; scripts/devlog_render.py renders it to public/devlog.html, served at /devlog. Renderer outputs newest-first, dark aesthetic matching index.html. Pattern copied from protocolized-website and PI website projects.
Developer documentation: orientation.md — full onboarding guide covering CF stack, wrangler auth (no CF account needed), D1/R2/Worker usage, session rituals, and Zero Trust request flow. zero-trust-requests.md — template for requesting CF Access policies; org admin acts on these, no code changes required on dev side. SECURITY.md — .env creation, Dropbox exclusion via xattr, no secrets in tracked files, accidental-commit response (roll immediately, treat as compromised). Access model: dev is fully self-sufficient for all day-to-day ops; org admin handles D1/R2 creation, DNS, and Zero Trust.