Operator Tools

Protected Vorliq Operator Dashboard

The operator dashboard is a private production control surface for monitoring chain health, reviewing security posture, running backup checks, creating incidents, and pinning or featuring forum posts without deleting community history.

Token Safety

The dashboard is protected by the server-side ADMIN_TOKEN. Never commit this token, paste it into public chat, include it in screenshots, or store it in the frontend bundle. The web app stores the token only in sessionStorage for the current browser session.

Set ADMIN_TOKEN On Production

The backend systemd service should load the token from a root-owned environment file or an Environment line. Use a generated value, not the example text below.

sudo install -d -m 700 /etc/vorliq
sudo sh -c 'umask 077 && printf "ADMIN_TOKEN=%s\n" "$(openssl rand -hex 32)" > /etc/vorliq/backend.env'
sudo systemctl daemon-reload
sudo systemctl restart vorliq-backend.service

The backend service can load it with:

EnvironmentFile=-/etc/vorliq/backend.env

Use The Dashboard Safely

Use Overview to verify deployment, block height, chain validity, pending transactions, incidents, backups, and service state.
Use Security to confirm rate limits, CORS, Helmet, CSP, public write protection, and admin route protection.
Use Backups to run a backup and verify the latest archive. Verification never restores production data.
Use Incidents to create and resolve public incident records when users need visibility.
Use Forum Moderation only to pin or feature posts. This pass intentionally does not add delete tools.

Post-Deploy Checks

After deployment, verify the public app, /api/health, /api/deployment, /api/system/self-check, the registry summary, and the status page. CI also runs read-only Playwright browser tests against production so route loading, mobile navigation, layout overflow, safe API responses, and non-destructive user journeys are checked before the deploy workflow runs.

Controlled Public Node Miner

The optional public miner service is disabled by default. It does not hold private keys and it does not bypass proof of work. When enabled, it checks /api/mining/status and only attempts a block when the chain is valid and the block-time rules allow mining.

sudo systemctl edit vorliq-miner.service

[Service]
Environment=VORLIQ_PUBLIC_MINER_ENABLED=true
Environment=VORLIQ_PUBLIC_MINER_ADDRESS=VLQ_PUBLIC_MINER_ADDRESS
Environment=PUBLIC_MINER_API_URL=http://127.0.0.1:5000

sudo systemctl daemon-reload
sudo systemctl enable --now vorliq-miner.service

To disable it, run sudo systemctl disable --now vorliq-miner.service. Never add private keys, admin tokens, SSH keys, or wallet passwords to the miner service.