Dev Wiki
Dashboard
Changelog
Documentation
Toggle dark mode
Settings
Home
A - Z
Page Index
Archive
AWS Design
Async Embedding Pipeline
Auth
CDN Read Path
E-1 Cold Start Benchmarks
Implementation Phases
Lambda Library Mode
Operations
Phase 0 EFS Benchmarks
Phase Gates
Platform Overview
Semantic Search
AWS Tasks
E-2 CDN Read Path
E-2 CDN Read Path ClientSide
Launch Checklist
P1-9 MCP OAuth Discovery Routing
P1-9 MCP OAuth Routing
Phase 0
Phase 1
Phase 2
Phase 3
Phase 4
Prerequisites
Bugs
Semantic Search Background Sync
Design
Admin Panel Reenablement
Auth
Custom Domains
Dashboard Visibility Toggle
Data Model
E-3 Encryption Spike
E2E Testing
Frontend
Git HTTP Access
Implementation Workflow
Landing Page
MCP Server
Note Schema
Operations
P2-Username Summary
Per Wiki Database
Platform Overview
REST API
Research Wiki
Resolver
Semantic Search V2
Server Consolidation
VPS Architecture
Wiki Stats Plugin
did web Identity
Dev
2026-03-16 Beta User TLS Fix
Claude Code Memory Backup
Memory Bootstrap Guide
P1-8 E2E Test
P2-10 Summary
P2-1 Summary
P2-2 Summary
P2-3 Summary
P2-4 Summary
P2-5a Summary
P2-5b-7 Summary
P2-6 Summary
P2-8 Summary
P2-9 Summary
Phase 1 Deployment
Phase 1 Gate Results
Phase 1 Progress
Proxmox CPU Type
Underscore Filenames
V1-3 Deployment Summary
V1 SQLite Port Summary
V3 ATProto Auth Summary
V3 V5 Risk Research
V6-1 Landing Page Summary
V7 Ops Hardening
VPS Deployment Progress
VS-1 ATProto Spike
VS-2 MCP OAuth Summary
DiagTestPage
E2ETestPage
Home
Meta
Wiki Usage Guide
Minsky
Agent IRC Architecture
Directed Message Routing
IRC MCP Bridge
Plans
CI CD Pipeline
Disk Usage Caps
Login Page UX
Monitoring Dashboard
Permissions Panel Implementation
Rate Limiting And Security Headers
Security Logging
Wiki To Dashboard Navigation
Security
OWASP 2025 Audit
Tasks
Disk Usage Cap
Emergent
MCP Wiki Routing
Semantic Search Architecture
Semantic Search Multi Tenant
VPS Phases
To-Do
UserBPage
irc-plugin-design-review
An Otter Wiki
Archive
Page Index
Toggle page headings
A
AWS Design/
AWS Design/Async Embedding Pipeline
Design goals
Why not Bedrock
Architecture
Key properties
Search path
Trigger mechanism: why DynamoDB Streams over SQS
Reindex queue table
Cost model
Migration from current deployment
Open questions
AWS Design/Auth
User registration and login
Auth provider: WorkOS AuthKit
Wiki-level auth
MCP auth
ACL model
AAA Model (Authentication, Authorization, Accounting)
Authentication (who are you?)
Authorization (what can you do?)
Public wiki access
Per-wiki Otterwiki configuration
Otterwiki Admin Panel — Section Disposition
Accounting (resource tracking and tier enforcement)
AWS Design/CDN Read Path
Problem
Constraints
Fragment Model (common to all options below)
Open question for Claude Code
Option A: Thin Assembly Lambda (Recommended)
Architecture
Auth
Performance
Advantages
Disadvantages
Variant: S3 as direct CloudFront origin
Option B: Hybrid Static Content + Async Sidebar
Architecture
Auth
Performance
Advantages
Disadvantages
Open question for Claude Code
Option C: Pre-Rendered Full Pages (Static Site Generator)
Architecture
Auth
Performance
Scaling problem
Advantages
Disadvantages
Option D: Client-Side SPA Assembly
Architecture
Advantages
Disadvantages
Comparison
Recommendation
Cost Impact
AWS Design/E-1 Cold Start Benchmarks
Summary
Detailed Init Breakdown (otterwiki @ 512MB)
Detailed Init Breakdown (otterwiki @ 1024MB)
Analysis
What's slow
What's NOT slow
Key insight
Comparison to Phase 0
Recommendations
Raw Log Excerpts
512MB
1024MB
AWS Design/Implementation Phases
Phase 0: EFS + Lambda + Auth proof of concept
FREE TIER (Phases 1–4)
Phase 1: Single-user serverless wiki
Phase 2: Multi-tenancy and auth
Phase 3: Frontend
Phase 4: Git remote access and launch prep
PREMIUM TIER (Phases 5+)
Phase 5: Stripe integration and premium gating
Phase 6: Semantic search
Phase 7: Deferred features (build when there's demand)
Frontend
Technology
Screens
MVP scope
API Surface
Management API (new)
Wiki API (existing, adapted)
MCP endpoint (existing, adapted)
Freemium Tiers
Deferred features (build when there's demand)
Pricing (undecided — two options)
Paid wiki perks
Lapse policy
Enforcement
AWS Design/Lambda Library Mode
Problem
Key Insight
Architecture: sys.modules Injection
The Replacement Module
Export Surface
Upstream Contributions
1. Lazy imports in views.py (highest value)
2. Lazy imports in wiki.py
3. Extract plugin entrypoint scan
4. Remove duplicate renderer instance
5. App factory pattern (longer-term)
Estimated Init Timeline
Current
With library mode + upstream lazy imports (PRs 1-4)
With library mode only (no upstream changes)
Breakdown of savings
Tracking Upstream Compatibility
Relationship to CDN Read Path
Open Questions
AWS Design/Operations
Wiki Bootstrap Template
Initial pages
Customization
Custom template repos (premium)
Implementation
Attachment Storage
MVP approach
Future optimization: S3-backed attachment serving
Git Remote Access
Hosted Git remote
Implementation
External Git sync (premium, future)
Platform: AWS Lambda + EFS
Why AWS + EFS
Key properties
VPC networking
Known trade-offs
S3 fallback
Alternatives considered
Phase 0 validates this decision
Infrastructure as Code
Tool: Pulumi (Python)
What's managed by IaC
What's NOT managed by IaC
Repository structure
Otterwiki Fork Management
Merge strategy
Upstream relationship
Backup and Disaster Recovery
What we're protecting
Backup strategy
Recovery scenarios
Design principle
CI/CD
Pipeline
Environment strategy
Account Lifecycle
Data retention
Account deletion
GDPR
MCP Discoverability
Rate Limiting and Abuse Prevention
Open Questions
AWS Design/Phase 0 EFS Benchmarks
Summary
Environment
Results
Cold Start (5 invocations, forced via env var update)
Warm Read (25 invocations)
Warm Write (25 invocations)
Concurrent Reads (3 simultaneous, 5 rounds)
Concurrent Writes (5 simultaneous, 3 rounds)
Git Library Decision
Implications for Phase 1
AWS Design/Phase Gates
How phase gates work
Phase 0 Gate: Proof of Concept
Exit criteria
Validation steps
Known risks to evaluate
Go/no-go decision
Phase 1 Gate: Single-User Serverless Wiki
Exit criteria
Validation steps
Known risks to evaluate
Go/no-go decision
Phase 2 Gate: Multi-Tenancy and Auth
Exit criteria
Validation steps
Known risks to evaluate
Go/no-go decision
Phase 3 Gate: Frontend
Exit criteria
Validation steps
Known risks to evaluate
Go/no-go decision
Phase 4 Gate: Launch Readiness
Exit criteria
Validation steps
Final checklist before launch
Go/no-go decision
AWS Design/Platform Overview
Overview
Context
Why this exists
Key users
Prior art
Architecture
Component inventory
AWS Design/Semantic Search
Component 2: Chroma Semantic Search Plugin
Goal
Implementation approach
ChromaDB configuration
Chunking strategy
Search result deduplication
API endpoints (added to the REST API)
Index maintenance
Fallback: periodic sync
AWS Tasks/
AWS Tasks/E-2 CDN Read Path
Problem
Solution: Option A — Thin Assembly Lambda
Benchmarked Performance
Technical Feasibility (Validated)
Content fragment rendering
Sidebar fragment rendering
Shell template
Plugin injection points
Implementation Plan
Wave 1: Fragment Generation
Wave 2: Assembly Lambda + Infrastructure
Wave 3: Auth (Private Wikis)
Wave 4: Migration + Cutover
Open Questions
Cost
Estimated Effort
AWS Tasks/E-2 CDN Read Path ClientSide
Premise
Architecture
How It Works
1. Shell HTML (static, cached indefinitely)
2. Content fragment (per page, cached at CDN)
3. Sidebar fragment (per wiki, cached at CDN)
Content flash mitigation
Implementation Plan
Wave 1: Fragment Generation (same as Option A)
Wave 2: Infrastructure
Wave 3: Auth (Private Wikis)
Wave 4: Migration + Cutover
Comparison with Assembly Lambda Plan
When to prefer Assembly Lambda
When to prefer Client-Side Assembly
SEO Strategy (Future: Public Wikis)
1. Page-specific meta tags (low effort, high value)
2. Dynamic rendering for bots (medium effort, full coverage)
3. Sitemap generation (low effort, aids discovery)
Phasing
Recommendation
AWS Tasks/Launch Checklist
Branding
OAuth Providers (WorkOS)
Google
Apple
GitHub
WorkOS
DNS / Domain
Legal
Accounts / Billing
Pre-Launch Smoke Test
Security Review
Auth and access control
Input validation
Infrastructure
Data exposure
AWS Tasks/P1-9 MCP OAuth Discovery Routing
Problem
Solution
Verification
Files Changed
How It Works
Commit
AWS Tasks/P1-9 MCP OAuth Routing
Problem
Root Cause
Fix
Verification
AWS Tasks/Phase 0
P0-1: Pulumi Scaffold
P0-2: EFS + Lambda Basic
P0-3: Git on EFS
P0-4: X-Ray Tracing
P0-5: Performance Benchmarks
P0-6: WorkOS AuthKit Setup
P0-7: FastMCP + WorkOS on Lambda
P0-8: Claude.ai MCP End-to-End
P0-9: Billing Alarm
AWS Tasks/Phase 1
P1-1: Mangum Adapter for Otterwiki
P1-2: FAISS Backend for Semantic Search
P1-3: Otterwiki on Lambda
P1-4: REST API on Lambda
P1-5: MCP Server on Lambda
P1-6: Semantic Search on Lambda
P1-7: Routing and TLS
P1-8: Phase 1 E2E Test
P1-9: Self Hosting
AWS Tasks/Phase 2
P2-1: DynamoDB Tables
P2-2: Auth Middleware
P2-3: ACL Enforcement Middleware
P2-4: Management API
P2-5: Per-Wiki Routing
P2-6: Wiki Bootstrap Template
P2-7: Otterwiki PROXY_HEADER Integration
P2-8: Admin Panel Hiding
P2-9: CLI Tool
P2-10: Phase 2 E2E Test
AWS Tasks/Phase 3
P3-1: SPA Scaffold
P3-2: Auth Flow
P3-3: Dashboard
P3-4: Wiki Settings
P3-5: MCP Connection Instructions
P3-6: Public Wiki Toggle
P3-7: Static Hosting
P3-8: Phase 3 E2E Test
AWS Tasks/Phase 4
P4-1: Git Smart HTTP
P4-2: Git Auth
P4-3: WAF Setup
P4-4: Monitoring and Alerting
P4-5: Backup Strategy
P4-6: Landing Page and Docs
P4-7: Phase 4 E2E Test
P4-8: Pre-Launch Security Review
AWS Tasks/Prerequisites
AWS
Pulumi
WorkOS (deferred — only needed for P0 Track B, P0-6 onward)
DNS
Repositories
Local Dev Environment
Agent Container (packnplay)
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9
