enhance(README, Makefile, SSL.md): improve SSL management documentation and add new commands

This commit updates the README.md and SSL.md files to enhance the clarity and usability of SSL management instructions. It introduces new commands in the Makefile for stopping and cleaning SSL monitoring, along with safety prompts for critical operations. The documentation now includes advanced usage, debugging options, and a comprehensive command reference, ensuring users have clear guidance on managing SSL certificates effectively within the IRC infrastructure.

Author: kzndotsh

Makefile

@@ -31,7 +31,10 @@ help:
 	@echo "SSL MANAGEMENT:"
 	@echo "  make ssl-setup      - One-command SSL setup"
 	@echo "  make ssl-status     - Check SSL status"
+	@echo "  make ssl-renew      - Force certificate renewal"
 	@echo "  make ssl-logs       - View SSL logs"
+	@echo "  make ssl-stop       - Stop SSL monitoring"
+	@echo "  make ssl-clean      - Remove SSL certificates (CAUTION!)"
 	@echo ""
 	@echo "MAINTENANCE:"
 	@echo "  make clean          - Clean containers and images"
@@ -229,7 +232,7 @@ info: ## Show system information
 ssl-setup: ## One-command SSL setup - sets up everything automatically
 	@echo -e "$(PURPLE)=== SSL Setup - One Command to Rule Them All ===$(NC)"
 	@echo -e "$(BLUE)[INFO]$(NC) This will:"
-	@echo -e "$(BLUE)[INFO]$(NC)   1. Issue SSL certificates for $(IRC_ROOT_DOMAIN)"
+	@echo -e "$(BLUE)[INFO]$(NC)   1. Issue SSL certificates for your domain"
 	@echo -e "$(BLUE)[INFO]$(NC)   2. Start automatic Docker monitoring"
 	@echo -e "$(BLUE)[INFO]$(NC)   3. Configure daily renewal at 2 AM"
 	@echo ""
@@ -252,12 +255,35 @@ ssl-status: ## Check SSL certificate status
 
 ssl-renew: ## Force certificate renewal
 	@echo -e "$(PURPLE)=== Forcing SSL Certificate Renewal ===$(NC)"
-	@./scripts/ssl-manager.sh renew
+	@if [[ -f "unrealircd/conf/tls/server.cert.pem" ]]; then \
+		./scripts/ssl-manager.sh renew; \
+	else \
+		echo -e "$(YELLOW)[WARNING]$(NC) No SSL certificates found. Run 'make ssl-setup' first."; \
+	fi
 
 ssl-logs: ## View SSL monitoring logs
 	@echo -e "$(PURPLE)=== SSL Monitoring Logs ===$(NC)"
 	@docker compose logs -f ssl-monitor --tail=50
 
+ssl-stop: ## Stop SSL monitoring
+	@echo -e "$(PURPLE)=== Stopping SSL Monitoring ===$(NC)"
+	@docker compose down ssl-monitor
+	@echo -e "$(GREEN)[SUCCESS]$(NC) SSL monitoring stopped"
+
+ssl-clean: ## Remove SSL certificates and monitoring (CAUTION: destroys certificates!)
+	@echo -e "$(RED)=== WARNING: This will DELETE your SSL certificates! ===$(NC)"
+	@echo -e "$(YELLOW)This action cannot be undone.$(NC)"
+	@echo ""
+	@read -p "Are you sure you want to continue? (type 'yes' to confirm): " confirm && \
+	if [[ "$$confirm" == "yes" ]]; then \
+		echo -e "$(BLUE)[INFO]$(NC) Removing SSL certificates..."; \
+		rm -rf data/letsencrypt unrealircd/conf/tls; \
+		docker compose down ssl-monitor; \
+		echo -e "$(GREEN)[SUCCESS]$(NC) SSL certificates and monitoring removed."; \
+	else \
+		echo -e "$(YELLOW)[CANCELLED]$(NC) SSL cleanup cancelled."; \
+	fi
+
 # ============================================================================
 # UTILITIES
 # ============================================================================

README.md

@@ -1,8 +1,8 @@
 # IRC.atl.chat - Complete IRC Infrastructure
 
-A **production-ready IRC server ecosystem** featuring UnrealIRCd with Atheme Services, automated SSL/TLS, and modern containerization.
+A **production-ready IRC server ecosystem** with UnrealIRCd, Atheme Services, automated SSL certificates, and containerized deployment.
 
-## 🏗️ **Core Components**
+## Core Components
 
 | Component | Technology | Purpose |
 |-----------|------------|---------|
@@ -12,15 +12,15 @@ A **production-ready IRC server ecosystem** featuring UnrealIRCd with Atheme Ser
 | **SSL/TLS** | Let's Encrypt + Cloudflare | Automated certificate management |
 | **Container** | Docker + Compose | Deployment and orchestration |
 
-### 🔄 **Services Integration**
+### Services Integration
 
-The setup includes **full IRC services integration**:
+The setup includes **complete IRC services integration**:
 - **NickServ**: Nickname registration and authentication
 - **ChanServ**: Channel management and protection
 - **OperServ**: Administrative services
 - **Server linking**: Seamless integration between IRCd and Services
 
-## 🚀 **Quick Start**
+## Quick Start
 
 ### **4-Step Setup**
 ```bash
@@ -39,15 +39,15 @@ vim .env
 make build && make up
 ```
 
-### **What's Included**
-✅ **UnrealIRCd IRC Server** - Modern IRC daemon
-✅ **Atheme Services** - NickServ, ChanServ, OperServ
-✅ **WebPanel Admin Interface** - Browser-based management
-✅ **Automated SSL/TLS** - Let's Encrypt with Docker monitoring
-✅ **Health Monitoring** - Automated service checks
-✅ **Persistent Storage** - Data survives container restarts
+### What's Included
+- **UnrealIRCd IRC Server** - Modern IRC daemon
+- **Atheme Services** - NickServ, ChanServ, OperServ
+- **WebPanel Admin Interface** - Browser-based management
+- **Automated SSL certificates** - Let's Encrypt with monitoring
+- **Health monitoring** - Automated service checks
+- **Persistent storage** - Data survives container restarts
 
-## ⚙️ **Configuration**
+## Configuration
 
 ### **Environment Variables**
 
@@ -113,7 +113,7 @@ ATHEME_SEND_PASSWORD=your-services-password
 ATHEME_RECEIVE_PASSWORD=your-services-password
 ```
 
-## 🔧 **Management Commands**
+## Management Commands
 
 ### **Core Commands**
 ```bash
@@ -136,9 +136,12 @@ make logs-atheme    # Services logs
 make logs-webpanel  # WebPanel logs
 
 # SSL management
-make ssl-setup     # Setup SSL certificates
-make ssl-status    # Check SSL status
+make ssl-setup     # Complete SSL setup with monitoring
+make ssl-status    # Check SSL certificate status
+make ssl-renew     # Force certificate renewal (with safety checks)
 make ssl-logs      # View SSL monitoring logs
+make ssl-stop      # Stop SSL monitoring container
+make ssl-clean     # Remove certificates and monitoring (CAUTION!)
 
 # Maintenance
 make clean         # Clean containers and images
@@ -154,36 +157,64 @@ make generate-password
 ./scripts/prepare-config.sh
 ```
 
-## 🔐 **SSL/TLS Setup**
+## SSL/TLS Setup
 
 ### **Automated SSL with Let's Encrypt**
 
-The setup includes **completely automated SSL certificate management**:
+The setup includes **robust SSL certificate management** with comprehensive features:
 
 ```bash
 # One-command SSL setup
 make ssl-setup
+
+# Advanced troubleshooting and debugging
+./scripts/ssl-manager.sh --verbose check    # Detailed status
+./scripts/ssl-manager.sh --debug issue      # Maximum debugging
+./scripts/ssl-manager.sh --help             # Complete help
 ```
 
-### **What Happens Automatically**
-✅ **Certificate Issuance**: Let's Encrypt with Cloudflare DNS challenges
-✅ **Automatic Renewal**: Every day at 2 AM (no manual intervention)
-✅ **Docker Monitoring**: 24/7 certificate health monitoring
-✅ **Service Restart**: Automatic restart after certificate renewal
+### What Happens Automatically
+- **Certificate Issuance**: Let's Encrypt with Cloudflare DNS challenges
+- **Automatic Renewal**: Every day at 2 AM (no manual intervention)
+- **Docker Monitoring**: 24/7 certificate health monitoring
+- **Comprehensive Logging**: 5-level logging (INFO/WARN/ERROR/DEBUG/VERBOSE)
+- **Safety Features**: Confirmation prompts for dangerous operations
+- **Input Validation**: Domain and email format checking
+- **Service Restart**: Automatic restart after certificate renewal
 
 ### **Prerequisites**
 1. **Cloudflare Account** with DNS hosting for your domain
 2. **API Token** from https://dash.cloudflare.com/profile/api-tokens
    - Create token with **Zone:DNS:Edit** permissions for your domain
 3. **Domain Configuration** pointing to your server
 
-### **SSL Status & Monitoring**
+### SSL Status & Monitoring
 ```bash
 # Check SSL certificate status
 make ssl-status
 
 # View SSL monitoring logs
 make ssl-logs
+
+# Advanced SSL operations
+make ssl-renew     # Force renewal (with safety checks)
+make ssl-stop      # Stop monitoring container
+make ssl-clean     # Remove certificates (CAUTION!)
+```
+
+### SSL Debugging & Troubleshooting
+```bash
+# Get comprehensive help
+./scripts/ssl-manager.sh --help
+
+# Verbose output for detailed information
+./scripts/ssl-manager.sh --verbose check
+
+# Maximum debugging for troubleshooting
+./scripts/ssl-manager.sh --debug issue
+
+# Manual certificate verification
+openssl x509 -in unrealircd/conf/tls/server.cert.pem -noout -enddate
 ```
 
 ### **Security Features**
@@ -195,7 +226,7 @@ make ssl-logs
 - **Secrets management** via environment variables
 - **Production-optimized Atheme build** following official documentation recommendations
 
-## 📊 **Ports and Services**
+## Ports and Services
 
 | Port | Protocol | Service | Purpose |
 |------|----------|---------|---------|
@@ -204,28 +235,28 @@ make ssl-logs
 | **6900** | IRC+TLS | UnrealIRCd | Server-to-server links |
 | **8080** | HTTP | WebPanel | Admin interface |
 
-## 📁 **Project Structure**
+## Project Structure
 
 ```
 irc.atl.chat/
-├── 📄 compose.yaml              # Docker Compose configuration
-├── 🐳 Containerfile             # Docker build instructions
-├── ⚙️ .env                      # Environment variables (gitignored)
-├── 🔐 cloudflare-credentials.ini # Cloudflare API credentials
-├── 📜 scripts/                  # Management scripts
-│   ├── ssl-manager.sh          # SSL certificate management
-│   ├── prepare-config.sh       # Configuration preparation
-│   └── health-check.sh         # Health monitoring
-├── 📁 unrealircd/              # IRC server configuration
-│   └── conf/                   # Configuration files
-├── 🎭 services/atheme/         # Services configuration
-├── 🌐 web/webpanel/            # WebPanel container
-├── 📊 logs/                    # Service logs
-├── 📁 data/                    # Persistent data
-└── 📝 Makefile                 # Management commands
+├── compose.yaml              # Docker Compose configuration
+├── Containerfile             # Docker build instructions
+├── .env                      # Environment variables (gitignored)
+├── cloudflare-credentials.ini # Cloudflare API credentials
+├── scripts/                  # Management scripts
+│   ├── ssl-manager.sh        # SSL management (--help, --debug, --verbose)
+│   ├── prepare-config.sh     # Configuration preparation
+│   └── health-check.sh       # Health monitoring
+├── unrealircd/               # IRC server configuration
+│   └── conf/                 # Configuration files
+├── services/atheme/          # Services configuration
+├── web/webpanel/             # WebPanel container
+├── logs/                     # Service logs
+├── data/                     # Persistent data
+└── Makefile                  # Management commands
 ```
 
-## 🎯 **Using Your IRC Server**
+## Using Your IRC Server
 
 ### **Connect to IRC**
 ```bash
@@ -247,7 +278,7 @@ Once connected, you have access to:
 - **ChanServ**: `/msg ChanServ REGISTER #channel`
 - **OperServ**: Administrative services (for IRC operators)
 
-## 🐛 **Troubleshooting**
+## Troubleshooting
 
 ### **Services Not Starting**
 ```bash
@@ -265,6 +296,16 @@ make ssl-status
 
 # View SSL monitoring logs
 make ssl-logs
+
+# Advanced SSL debugging
+./scripts/ssl-manager.sh --verbose check    # Detailed status
+./scripts/ssl-manager.sh --debug issue      # Maximum debugging
+
+# Manual certificate verification
+openssl x509 -in unrealircd/conf/tls/server.cert.pem -noout -enddate
+
+# Check SSL monitoring container
+docker compose ps ssl-monitor
 ```
 
 ### **Configuration Issues**
@@ -276,23 +317,25 @@ make ssl-logs
 make restart
 ```
 
-## 📚 **Additional Resources**
+## Additional Resources
 
+- [SSL Setup Documentation](./docs/SSL.md) - Complete SSL management guide
 - [UnrealIRCd Documentation](https://www.unrealircd.org/docs/)
 - [Atheme Services Documentation](https://atheme.dev/docs/)
 - [Docker Compose Documentation](https://docs.docker.com/compose/)
 
 ---
 
-## 🚀 **Ready to Get Started?**
+## Ready to Get Started?
 
 Your **production-ready IRC infrastructure** is now fully configured with:
 
-✅ **Complete IRC ecosystem** - Server + Services + Web interface
-✅ **Automated SSL/TLS** - Let's Encrypt with Docker monitoring
-✅ **Simple management** - One-command operations
-✅ **Production security** - Argon2id password hashing
-✅ **Containerized deployment** - Easy scaling and updates
+- **Complete IRC ecosystem** - Server + Services + Web interface
+- **SSL/TLS certificates** - Let's Encrypt with monitoring & debugging
+- **Full management** - Complete set of make targets for control
+- **Production security** - Argon2id password hashing, secure secrets management
+- **Containerized deployment** - Easy scaling and updates
+- **Troubleshooting tools** - Debug/verbose modes, comprehensive logging
 
 **Start your IRC network:**
 ```bash
@@ -303,7 +346,3 @@ make build && make up
 - **IRC Server**: `irc.atl.chat:6667` (standard) or `:6697` (SSL)
 - **WebPanel**: `http://your-server:8080`
 - **Services**: Available once connected to IRC
-
----
-
-*Happy IRCing! 🎉*