diff --git a/index.md b/index.md index d7e77ee..bd707e5 100644 --- a/index.md +++ b/index.md @@ -17,19 +17,22 @@ No local codebase. Work happens via SSH to remote servers and git push to GitHub (auto-deploy active). ### Infrastructure -- **DO (165.22.1.228)** — DigitalOcean VPS. CyberPanel/OpenLiteSpeed. Hosts all websites + JARVIS AI. -- **PVE1 (orbisne.fortiddns.com / 10.48.200.90)** — Proxmox primary hypervisor. 9 VMs. +- **DO (165.22.1.228)** — DigitalOcean VPS. CyberPanel/OpenLiteSpeed. Hosts all websites (NOT JARVIS anymore). +- **JARVIS VM (10.48.200.211)** — PVE1 VM 211. nginx/PHP8.3/MariaDB/Redis/Arc Reactor. JARVIS AI lives here. +- **NPM (10.48.200.200)** — Nginx Proxy Manager. Routes jarvis.orbishosting.com + hoa.orbishosting.com → local VMs. +- **PVE1 (orbisne.fortiddns.com / 10.48.200.90)** — Proxmox primary hypervisor. 10+ VMs. - **PVE2 (10.48.200.91)** — Proxmox secondary hypervisor. 2 VMs. - **FusionPBX (134.209.72.226)** — FreeSWITCH PBX server. -- **Local VMs** — HA (10.48.200.97), Ollama (10.48.200.95), Homebridge (10.48.200.18), Jellyfin (10.48.200.33), alien-pc (10.48.200.66, Windows). +- **Local VMs** — HA (10.48.200.97), Ollama (10.48.200.210), Homebridge (10.48.200.18), Jellyfin (10.48.200.33), NovaCPX (10.48.200.110), MediaStack (10.48.200.35). ### Key Systems - **JARVIS** — Iron Man AI dashboard at `https://jarvis.orbishosting.com` — agent monitoring, chat, network scan, admin portal -- **Admin portal** — `https://jarvis.orbishosting.com/admin` — full CRUD for all JARVIS data +- **Admin portal** — `https://jarvis.orbishosting.com/admin/` — full CRUD for all JARVIS data - **Auto-deploy** — push to GitHub `main` → webhook → server pulls within 1 minute -### Current Status (as of 2026-05-31) -- JARVIS agents online: DO, PVE1, PVE2, NetworkBackup, HA, Homebridge, alien-pc (Windows) -- Agents still needed: jellyfin (10.48.200.33), ollama-ai (10.48.200.95) -- Daily backups running at 2AM to `/var/backups/jarvis/`, downloadable from admin panel +### Current Status (as of 2026-06-26) +- JARVIS fully migrated to PVE1 VM 211 (10.48.200.211) — not on DO anymore +- JARVIS agents online: DO, PVE1, PVE2, NetworkBackup, HA, Homebridge, Jellyfin, MediaStack, NovaCPX, FortiGate, Yealink T48S +- Daily backups running at 7am UTC to `/var/backups/jarvis/`, downloadable from admin panel - Network auto-scan: PVE1 cron every 3 min → pushes to `/api/netscan` +- Ollama at 10.48.200.210:11434 (listening on 0.0.0.0 — fixed 2026-06-24) diff --git a/jarvis.md b/jarvis.md index e0144de..cb324f4 100644 --- a/jarvis.md +++ b/jarvis.md @@ -2,12 +2,19 @@ ## Access - **Dashboard:** https://jarvis.orbishosting.com (login: myron / Joker1974!!!) -- **Admin portal:** https://jarvis.orbishosting.com/admin (same login) -- **DB:** `jarvis_db` on DO localhost — user: `jarvis_user` / `J4rv1s_Pr0t0c0l_2026!` +- **Admin portal:** https://jarvis.orbishosting.com/admin/ (same login) +- **DB:** `jarvis_db` on VM 211 localhost — user: `jarvis_user` / `J4rv1s_Pr0t0c0l_2026!` - **phpMyAdmin:** https://jarvis.orbishosting.com/phpmyadmin (myron / Joker1974!!!) - **GitHub repo:** myronblair/jarvis (auto-deploy on push to main) -## File Structure (on DO at /home/jarvis.orbishosting.com/) +## Server Location +JARVIS runs on **PVE1 VM 211** at `10.48.200.211` (migrated from DO 2026-06-18). +- **SSH:** `sshpass -p 'Joker1974!!!' ssh -o StrictHostKeyChecking=no root@10.48.200.211` +- **Stack:** nginx / PHP 8.3 / MariaDB / Redis / Arc Reactor +- **Web root:** `/var/www/jarvis/` +- Traffic routed via NPM (10.48.200.200) → VM 211 + +## File Structure (on VM 211 at /var/www/jarvis/) ``` public_html/ index.html — main Iron Man HUD (all UI) @@ -26,75 +33,88 @@ api/ do_server.php — reads /proc directly (no SSH loopback) stats_cache.php — every 5min cron: Proxmox cluster API, HA, weather, news facts_collector.php — every 3min cron: system stats, site health - system.php — local system metrics (services: lshttpd,mysql,redis,memcached,postfix,dovecot,jarvis-agent) + system.php — local system metrics alerts.php — alert CRUD + auto-generate news.php — serves api_cache['news'] + custom kb_facts(category='custom_news') +deploy/ + reactor.py — Arc Reactor source (copy to /opt/jarvis-arc/reactor.py + restart) ``` +## Arc Reactor (AI Routing Daemon) +- **Daemon:** `/opt/jarvis-arc/reactor.py` (Python, port 7474), service: `jarvis-arc` +- **Deploy:** copy `deploy/reactor.py` → `/opt/jarvis-arc/reactor.py` + `systemctl restart jarvis-arc` +- Vision with actual screenshot → Claude `claude-opus-4-8-20251101` +- Guardian/SITREP/Vision text-only → Groq `llama-3.3-70b-versatile` +- Email drafting / research → Claude + ## Agent System - **Registration key:** `f846a9aaf7ce9a61742c63c87c4186052a71d2a580c65518` - **Install one-liner (Linux):** `curl -sk https://jarvis.orbishosting.com/install-agent.sh | bash -s ` -- **For VMs (need sudo):** `curl -sk https://jarvis.orbishosting.com/install-agent.sh > /tmp/i.sh && echo "Joker1974!" | sudo -S bash /tmp/i.sh linux` -- **Agent config:** `/etc/jarvis-agent/config.json` — runtime state at `/var/lib/jarvis-agent/state.json` +- **Agent config:** `/etc/jarvis-agent/config.json` (key: `jarvis_url`) — runtime state at `/var/lib/jarvis-agent/state.json` - **If agent gets 401 "Invalid agent key":** state.json has stale key — overwrite with correct agent_id + api_key from DB -- **Heartbeat:** every 10s | **Metrics:** every 30s | **Commands:** polled on heartbeat -- **Shell commands:** send via agent_commands table with `{"command":"/path/to/script","allowed":true}` +- **Heartbeat:** every 10s | **Metrics:** every 30s ## Currently Online Agents | agent_id | hostname | IP | type | |----------|----------|----|------| | jarvis-do_orbis.or | jarvis-do | 165.22.1.228 | linux | -| claude_pve | claude | 10.48.200.90 | proxmox | -| pve2_e147a8bc | pve2 | 10.48.200.91 | proxmox | +| claude_pve | pve1 | 10.48.200.90 | proxmox | +| pve2_pve2 | pve2 | 10.48.200.91 | proxmox | | networkbackup_NetworkB | networkbackup | 10.48.200.99 | linux | | homeassistant_ha | homeassistant | 10.48.200.97 | homeassistant | | homebridge_b57cbaea | homebridge | 10.48.200.18 | linux | -| alien-pc_windows | alien-pc | 10.48.200.66 | linux | - -**Pending:** jellyfin (10.48.200.33), ollama-ai (10.48.200.95) +| novacpx_e3b07264 | novacpx | 10.48.200.110 | linux | +| jellyfin_7e386833 | jellyfin | 10.48.200.33 | linux | +| MediaStack_2c00b1b8 | mediastack | 10.48.200.35 | linux | +| fortigate_gw | fortigate | 10.48.200.1 | linux | +| yealink_t48s | yealink | 10.48.200.43 | linux | ## Network Scanning - PVE1 cron: `*/3 * * * * /usr/local/bin/jarvis-netscan.sh` -- Script runs nmap, parses output, POSTs JSON to `https://165.22.1.228/api/netscan` with `X-Registration-Key` header -- Scan Now button in admin queues shell command to PVE1 agent (picks up within 10s) +- Script runs nmap, parses output, POSTs JSON to `https://jarvis.orbishosting.com/api/netscan` with `X-Registration-Key` header +- Scan Now button queues shell command to PVE1 agent (picks up within 10s) ## Chat Architecture ``` Tier 0: HA entity control (fuzzy match → call HA API) Tier 0.5: Network device management +Tier 0.7: Planner intents (add task, my tasks, schedule, daily briefing) Tier 1: KB intent engine (response type → instant reply) Tier 1b: Action intents (network_scan → DB data + queue PVE1 scan) -Tier 2: Ollama llama3.2 at http://10.48.200.95:11434 (5s timeout) +Tier 2: Ollama llama3.2 at http://10.48.200.210:11434 (5s timeout) Tier 3: Groq compound-beta-mini (cloud, fast) Tier 4: Claude API fallback ``` - Groq model name: `compound-beta-mini` (NOT `groq/compound-beta-mini`) -- network_scan intent: action type — must be handled in Tier 1b or Groq will fabricate +- HA_URL = `http://orbisne.fortiddns.com:8123` ## DB Key Tables ```sql -registered_agents — agent_id, hostname, agent_type, ip_address, api_key, status, last_seen +registered_agents — agent_id, hostname, agent_type, ip_address, api_key, status, last_seen, version agent_metrics — agent_id, metric_type, metric_data(JSON), recorded_at -- Extract: JSON_EXTRACT(metric_data,'$.cpu_percent'), JSON_EXTRACT(metric_data,'$.memory.percent') -- NO cpu_pct/mem_pct columns — always use JSON_EXTRACT agent_commands — agent_id, command_type, command_data(JSON), status(pending/delivered) network_devices — ip, mac, hostname, alias, device_type, status, last_seen alerts — alert_type, title, message, severity, resolved -kb_facts — category, fact_key, fact_value (custom_news category for pinned news) +kb_facts — category, fact_key, fact_value kb_intents — intent_name, pattern(regex), response_template, action_type, priority, active api_cache — cache_key(proxmox/news/weather/ha_entities), data(JSON), updated_at +tasks — title, notes, category, priority, status, due_date, due_time, completed_at +appointments — title, description, category, start_at, end_at, location, all_day, reminder_min +ha_entities — real-time HA entity states (updated by HA custom component) ``` -## Proxmox Cache -- `stats_cache.php` uses cluster API at `orbisne.fortiddns.com:8006` (NOT PROXMOX_HOST local IP) +## Proxmox API +- `stats_cache.php` uses cluster API at `orbisne.fortiddns.com:8006` - Returns all VMs from both PVE1 and PVE2 via `/cluster/resources?type=vm` -- Cache key: `proxmox` in api_cache table +- Token: `root@pam!jarvis=c45b5feb-f9a9-445d-a626-14fbb959f78b` -## Cron Jobs (on DO) +## Cron Jobs (on VM 211) ``` -*/3 * * * * /usr/local/lsws/lsphp85/bin/lsphp .../facts_collector.php -*/5 * * * * /usr/local/lsws/lsphp85/bin/lsphp .../stats_cache.php -0 2 * * * /usr/local/bin/jarvis-backup.sh +*/3 * * * * php /var/www/jarvis/api/endpoints/facts_collector.php +*/5 * * * * php /var/www/jarvis/api/endpoints/stats_cache.php +0 7 * * * /usr/local/bin/jarvis-backup.sh ``` **Cron on PVE1:** ``` @@ -104,9 +124,8 @@ api_cache — cache_key(proxmox/news/weather/ha_entities), data(JSON) ## Backups - Script: `/usr/local/bin/jarvis-backup.sh` - Output: `/var/backups/jarvis/jarvis_backup_YYYY-MM-DD_HH-MM-SS.tar.gz` -- Contains: all public_html dirs + SQL dumps of 6 DBs -- Downloadable from: admin portal → BACKUPS tab -- Retention: 7 days +- Daily at 7am UTC (2am CDT), 7-day retention +- Downloadable from admin portal → BACKUPS tab ## API Auth - Main JARVIS API: session token via `X-Session-Token` header (or PHP session) diff --git a/servers.md b/servers.md index 0edf99e..ff2d983 100644 --- a/servers.md +++ b/servers.md @@ -3,9 +3,12 @@ ## SSH Patterns ```bash -# DigitalOcean (all websites + JARVIS) +# DigitalOcean (websites only — JARVIS no longer here) sshpass -p 'Gonewalk1974!@#' ssh -o StrictHostKeyChecking=no root@165.22.1.228 'cmd' +# JARVIS VM (PVE1 VM 211) +sshpass -p 'Joker1974!!!' ssh -o StrictHostKeyChecking=no root@10.48.200.211 'cmd' + # PVE1 via FortiGate DDNS (survives IP changes) sshpass -p 'Joker1974!!!' ssh -o StrictHostKeyChecking=no root@orbisne.fortiddns.com 'cmd' @@ -15,8 +18,15 @@ sshpass -p 'Joker1974!!!' ssh -o StrictHostKeyChecking=no root@10.48.200.90 'cmd # PVE2 (local only) sshpass -p 'Joker1974!!!' ssh -o StrictHostKeyChecking=no root@10.48.200.91 'cmd' -# FusionPBX -sshpass -p 'Joker1974!@#' ssh -o StrictHostKeyChecking=no root@134.209.72.226 'cmd' +# FusionPBX (must relay via DO — port 22 firewalled from internet) +sshpass -p 'Gonewalk1974!@#' ssh -o StrictHostKeyChecking=no root@165.22.1.228 \ + 'sshpass -p "Joker1974!@#" ssh -o StrictHostKeyChecking=no root@134.209.72.226 "cmd"' + +# NovaCPX (direct — PVE1 hop broken) +sshpass -p 'Joker1974!!!' ssh -o StrictHostKeyChecking=no root@10.48.200.110 'cmd' + +# MediaStack (SSH key auth) +ssh -o StrictHostKeyChecking=no -i /root/.ssh/id_rsa root@10.48.200.35 'cmd' # Local VMs (myron user + sudo, password Joker1974!) sshpass -p 'Joker1974!' ssh -o StrictHostKeyChecking=no myron@10.48.200.18 'sudo cmd' @@ -32,20 +42,24 @@ sshpass -p 'Joker1974!!!' ssh -o StrictHostKeyChecking=no root@10.48.200.90 \ | Host | IP | User | Password | Purpose | |------|----|------|----------|---------| -| DO | 165.22.1.228 | root | Gonewalk1974!@# | Websites + JARVIS | +| DO | 165.22.1.228 | root | Gonewalk1974!@# | Websites (CyberPanel/OLS) | +| JARVIS VM | 10.48.200.211 | root | Joker1974!!! | JARVIS AI — PVE1 VM 211 | +| NPM | 10.48.200.200 | — | — | Nginx Proxy Manager (Docker) | | PVE1 | orbisne.fortiddns.com (10.48.200.90) | root | Joker1974!!! | Primary hypervisor | | PVE2 | 10.48.200.91 | root | Joker1974!!! | Secondary hypervisor | | FusionPBX | 134.209.72.226 | root | Joker1974!@# | FreeSWITCH PBX | -| HomeAssistant | 10.48.200.97 | myron | Joker1974!!! | HA VM (PVE1 VM 101) | -| Homebridge | 10.48.200.18 | myron | Joker1974! | Homebridge VM (PVE1 VM 118) | -| Jellyfin | 10.48.200.33 | myron | Joker1974! | Jellyfin VM (PVE1 VM 112) | -| Ollama | 10.48.200.95 | myron | Joker1974! | LLM VM (PVE1 VM 210) | -| alien-pc | 10.48.200.66 | — | — | Windows PC (JARVIS agent only) | -| NetworkBackup | 10.48.200.99 | myron | Joker1974! | Backup VM (PVE2 VM 302) | +| NovaCPX | 10.48.200.110 | root | Joker1974!!! | Hosting panel — PVE1 VM 120 | +| MediaStack | 10.48.200.35 | root | (SSH key) | Sonarr/Radarr/qBit — PVE1 VM 103 | +| HomeAssistant | 10.48.200.97 | — | — | HA VM 109 (web terminal only) | +| Homebridge | 10.48.200.18 | myron | Joker1974! | PVE1 VM 118 | +| Jellyfin | 10.48.200.33 | myron | Joker1974! | PVE1 VM 112 | +| Ollama | 10.48.200.210 | myron | Joker1974! | LLM VM 106, port 11434 | +| NetworkBackup | 10.48.200.99 | myron | Joker1974! | PVE2 VM 302 | +| WireGuard CT110 | 10.48.200.67 | — | — | VPN kill-switch for MediaStack | ## Proxmox API ```bash -# Accessible from DO via FortiGate DDNS (port 8006 forwarded) +# Accessible from anywhere via FortiGate DDNS (port 8006 forwarded) curl -sk "https://orbisne.fortiddns.com:8006/api2/json/..." \ -H "Authorization: PVEAPIToken=root@pam!jarvis=c45b5feb-f9a9-445d-a626-14fbb959f78b" @@ -53,17 +67,28 @@ curl -sk "https://orbisne.fortiddns.com:8006/api2/json/..." \ GET /api2/json/cluster/resources?type=vm ``` -## Key DO Server Paths +## Key Paths on JARVIS VM (10.48.200.211) ``` -/home/jarvis.orbishosting.com/ — JARVIS app root -/home/jarvis.orbishosting.com/public_html/ — web root (index.html, api.php, admin/) -/home/jarvis.orbishosting.com/api/ — backend (config.php, endpoints/, lib/) -/var/backups/jarvis/ — daily backups (tar.gz, up to 7 days) -/usr/local/bin/jarvis-backup.sh — backup script -/usr/local/lsws/lsphp85/bin/lsphp — PHP runtime for CLI scripts +/var/www/jarvis/ — JARVIS app root +/var/www/jarvis/public_html/ — web root (index.html, api.php, admin/) +/var/www/jarvis/api/ — backend (config.php, endpoints/, lib/) +/var/www/jarvis/deploy/ — Arc Reactor source (reactor.py) +/opt/jarvis-arc/reactor.py — Arc Reactor daemon +/var/backups/jarvis/ — daily backups (tar.gz, 7-day retention) +/usr/local/bin/jarvis-backup.sh — backup script ``` -## PHP / OLS Notes +## Key Paths on DO (165.22.1.228) +``` +/home/tomsjavajive.com/public_html/ — Tom's Java Jive +/home/epictravelexpeditions.com/public_html/ — Epic Travel +/home/parkerslingshotrentals.com/public_html/ — Parker Slingshot +/home/orbishosting.com/public_html/ — Orbis Hosting +/home/orbis.orbishosting.com/public_html/ — Orbis Portal +/home/tomtomgames.com/public_html/ — TomTom Games +``` + +## PHP / OLS Notes (DO server) - Run scripts: `/usr/local/lsws/lsphp85/bin/lsphp /path/to/script.php` - Syntax check: `php8.3 -l file.php` (lsphp segfaults on -l) - Web server: OpenLiteSpeed (`lshttpd`), NOT apache/nginx diff --git a/sites.md b/sites.md index 11b935b..7be9a6a 100644 --- a/sites.md +++ b/sites.md @@ -4,7 +4,6 @@ | Site | Path | GitHub Repo | DB | |------|------|-------------|-----| -| jarvis.orbishosting.com | /home/jarvis.orbishosting.com/ | myronblair/jarvis | jarvis_db | | tomsjavajive.com | /home/tomsjavajive.com/public_html/ | myronblair/tomsjavajive | toms_tjj_db | | epictravelexpeditions.com | /home/epictravelexpeditions.com/public_html/ | myronblair/epictravelexpeditions | epic_epic_db | | parkerslingshot (subdomain) | /home/epictravelexpeditions.com/parkerslingshot/ | myronblair/parkerslingshot | epic_parkersling | @@ -13,6 +12,11 @@ | orbis.orbishosting.com | /home/orbis.orbishosting.com/public_html/ | myronblair/orbis-hosting-portal | — | | tomtomgames.com | /home/tomtomgames.com/public_html/ | myronblair/tomtomgames | tomt_ttg_db | +## JARVIS (on PVE1 VM 211, NOT DO) +| Site | Path | GitHub Repo | DB | +|------|------|-------------|-----| +| jarvis.orbishosting.com | /var/www/jarvis/ on 10.48.200.211 | myronblair/jarvis | jarvis_db | + ## Deploy Workflow ```bash # 1. Edit files on server via SSH (for quick hotfixes) @@ -23,8 +27,8 @@ sshpass -p 'Gonewalk1974!@#' ssh -o StrictHostKeyChecking=no root@165.22.1.228 \ cd /home/site.com && git add -A && git commit -m "message" && git push # Auto-deploy triggers within 1 minute via webhook -# Webhook: https://jarvis.orbishosting.com/webhook.php -# Deploy log: /home/jarvis.orbishosting.com/logs/deploy.log +# Webhook handler: tomtomgames.com/webhook.php (DO sites) +# JARVIS webhook: port 1972 on VM 211 # For immediate deploy (skip 1-min wait): sshpass -p 'Gonewalk1974!@#' scp -o StrictHostKeyChecking=no \ @@ -43,11 +47,15 @@ sshpass -p 'Gonewalk1974!@#' scp -o StrictHostKeyChecking=no \ | epic_epic_db | epic_epic | (check config.php) | | epic_parkersling | epic_parkersling | Joker1974!!! | | parker_db | parker_db | (check config.php) | -| MySQL root | root | b71e5c1a8c7457541b9c1db822de37adfa271926a38b6c20 | +| MySQL root (DO) | root | b71e5c1a8c7457541b9c1db822de37adfa271926a38b6c20 | ```bash -# Quick DB access +# Quick DB access on DO sshpass -p 'Gonewalk1974!@#' ssh -o StrictHostKeyChecking=no root@165.22.1.228 \ + 'mysql -u toms_tjj_user -p"+60wlPc+55e@gFq4" toms_tjj_db -e "SELECT ..."' + +# Quick DB access on JARVIS VM +sshpass -p 'Joker1974!!!' ssh -o StrictHostKeyChecking=no root@10.48.200.211 \ 'mysql -u jarvis_user -pJ4rv1s_Pr0t0c0l_2026! jarvis_db -e "SELECT ..."' ``` @@ -60,6 +68,7 @@ sshpass -p 'Gonewalk1974!@#' ssh -o StrictHostKeyChecking=no root@165.22.1.228 \ - No `slug` column on products — URLs use `?id=product_id` - All tables must be `utf8mb4_unicode_ci` — mixed collation breaks JOINs (error 1267) - `wallet_transactions.type` and `loyalty_transactions.type` have strict enums +- Admin login: `admin@tomsjavajive.com / Joker1974!!!` ## Parker Slingshot Admin - URL: `/admin/index.php` @@ -67,14 +76,14 @@ sshpass -p 'Gonewalk1974!@#' ssh -o StrictHostKeyChecking=no root@165.22.1.228 \ - Login: `admin / Parker2026!` ## Email / SMTP -- TJJ + TomTomGames: CyberMail (CyberPersons) — API key in config.php as `CYBERMAIL_API_KEY` +- All sites: CyberMail (CyberPersons) — API key `sk_live_7f9b0f9a29f6de31a0d229d4af75d56b094ad724fc58a57d` - Manage at: platform.cyberpersons.com -- Other sites: not yet configured (see myronblair/smtp-for-websites) +- DO blocks SMTP port 587 — use CyberMail API over HTTPS (port 443) ## FusionPBX - URL: https://fusion.orbishosting.com (admin / fY7XP5swgtpbzrYLhkeVYkA4744) -- Server: 134.209.72.226 (SSH: root / Joker1974!@#) +- Server: 134.209.72.226 (SSH: relay via DO → root / Joker1974!@#) - Timezone: America/Chicago - SIP profiles via Lua XML handler — config changes need cache delete: `rm /var/cache/fusionpbx/FusionPBX.configuration.sofia.conf` -- Ext 1000 (Yealink T48S at 10.48.200.43), Ext 1001 (Tommy at 10.48.200.2) +- Ext 1000 (Myron T48S), Ext 1001 (Tommy T48S), Ext 1002 (Myron AX86R), Ext 1003 (Kitchen T57W), Ext 1004 (Bedroom T57W)