myron/do-server-config

Fork 0

mirror of https://github.com/myronblair/do-server-config synced 2026-06-30 17:50:59 -05:00

Files

T

DO Server Backup 3498da51b2 [orbis] Weekly backup 2026-06-15 — 2 files changed, 742 insertions(+), 4 deletions(-)

2026-06-15 20:00:15 +00:00

28 KiB

Raw Permalink Blame History

INFRASTRUCTURE REFERENCE — COMPLETE SYSTEM MAP

Last Updated: 2026-06-14
Owner: Myron Blair — myronblair@outlook.com

Network Overview
Cloud Servers
On-Premise — Proxmox Hypervisors
On-Premise — Virtual Machines
NAS Storage
Websites (all on DO)
JARVIS AI System
Phone System (FusionPBX)
Networking & VPN
Backup Systems
SSH Quick Reference
Critical Credentials Master List

1. NETWORK OVERVIEW

INTERNET
    │
    ▼
[Cloudflare CDN] ──────────────────────────────────────────────────────────────
    │ (proxied DNS for public sites)
    │
    ├─► [DigitalOcean 165.22.1.228] — CyberPanel/OLS — All websites + JARVIS
    │
    └─► [FusionPBX 134.209.72.226] — FreeSWITCH PBX (SSH via DO relay)

HOME NETWORK (FortiGate router at 10.48.200.1)
    WAN: 97.154.109.245 (dynamic, DDNS: orbisne.fortiddns.com)
    │
    ├─► PVE1 Proxmox    10.48.200.90  (primary hypervisor)
    │     ├── VM 101    10.48.200.97  Home Assistant
    │     ├── VM 112    10.48.200.33  Jellyfin
    │     ├── VM 113    10.48.200.35  MediaStack (Sonarr/Radarr/qBT/Prowlarr)
    │     ├── VM 118    10.48.200.18  Homebridge
    │     ├── VM 120    10.48.200.110 NovaCPX hosting panel
    │     ├── VM 210    10.48.200.95  Ollama (local LLM)
    │     └── CT110     10.48.200.19  WireGuard exit container
    │
    ├─► PVE2 Proxmox    10.48.200.91  (secondary hypervisor)
    │     └── VM 302    10.48.200.99  NetworkBackup
    │
    ├─► Synology NAS    10.48.200.249 — Media & backup storage
    ├─► Yealink T48S    10.48.200.2   — Ext 1000 (Myron Blair, Desk)
    ├─► Yealink T48S    10.48.200.43  — Ext 1001 (Tommy Ivy, Desk)
    ├─► Yealink AX86R   10.48.200.65  — Ext 1002 (Myron Blair, WiFi Work)
    ├─► Yealink T57W    10.48.200.3   — External SIP (United Mirror & Glass)
    ├─► Yealink T57W    10.48.200.83  — Ext 1003 (Kitchen)
    └─► Yealink T57W    10.48.200.85  — Ext 1004 (Master Bedroom)

FortiGate Port Forwards:
  orbisne.fortiddns.com:8006  → PVE1:8006    (Proxmox web UI)
  orbisne.fortiddns.com:8123  → HA:8123      (Home Assistant)
  orbisne.fortiddns.com:22    → HA VM:22     (SSH — key only, unreliable)

2. CLOUD SERVERS

2A. DigitalOcean — Main Server

Field	Value
IP	165.22.1.228
OS	Ubuntu 22.04 LTS
Panel	CyberPanel (OpenLiteSpeed)
SSH	`ssh root@165.22.1.228` — password: `Gonewalk1974!@#`
Purpose	All public websites + JARVIS AI + webhook deploy system

Key Paths:

All sites: /home/<domain>/public_html/
JARVIS: /home/jarvis.orbishosting.com/
Deploy log: /home/jarvis.orbishosting.com/logs/deploy.log
Watchdog log: /home/jarvis.orbishosting.com/logs/watchdog.log
Infra repo: /opt/infra

Services running:

OpenLiteSpeed web server (lsws) — serves all 7 sites
MySQL 8 — all site databases on localhost
Redis — session/cache
PHP 8.5 (lsphp85) — runtime for all sites
Cron jobs: JARVIS deploy runner (every 1 min), facts collector (every 3 min), stats cache (every 5 min), watchdog (every 5 min)

CyberPanel Web UI: https://165.22.1.228:8090
Login: myron / Joker1974!!!

phpMyAdmin: https://165.22.1.228/phpmyadmin
Login: myron / Joker1974!!!

2B. FusionPBX / FreeSWITCH — PBX Server

Field	Value
IP	134.209.72.226
OS	Debian (DigitalOcean droplet)
SSH	Must relay via DO: `ssh root@165.22.1.228` → `ssh root@134.209.72.226` — password: `Joker1974!@#`
Direct SSH	Only from: 107.178.2.130 / 97.154.109.245
Purpose	VoIP phone system — handles all inbound/outbound calls

Web UI: https://fusion.orbishosting.com
Login: admin / fY7XP5swgtpbzrYLhkeVYkA4744

Database: PostgreSQL
User: fusionpbx / Password: pSJaF9mUJqPr4Sj5mwJyRqvCCpc / Host: 127.0.0.1

SIP Trunk: SignalWire
DID: +1 (817) 764-5007
Gateway: signalwire on external profile (port 5080, UDP)

How calls flow:

Caller → SignalWire SIP → FusionPBX:5080 → IVR (ext 900) → Ring extensions
Outbound: Phone → FusionPBX:5080 → SignalWire → PSTN

SSH Relay Command:

sshpass -p 'Gonewalk1974!@#' ssh -o StrictHostKeyChecking=no root@165.22.1.228 \
  'sshpass -p "Joker1974!@#" ssh -o StrictHostKeyChecking=no root@134.209.72.226 "COMMAND"'

3. ON-PREMISE — PROXMOX HYPERVISORS

PVE1 — Primary Hypervisor

Field	Value
Local IP	10.48.200.90
External	orbisne.fortiddns.com (FortiGate DDNS — auto-updates on WAN IP change)
OS	Proxmox VE 8.x
SSH	`ssh root@orbisne.fortiddns.com` OR `ssh root@10.48.200.90` — password: `Joker1974!!!`
Web UI	`https://orbisne.fortiddns.com:8006` — `root / Joker1974!!!`
Purpose	Runs VMs 101, 112, 113, 118, 120, 210, CT110

Useful commands:

qm list                          # list all VMs
qm start/stop/restart <VMID>     # control VMs
qm guest exec <VMID> -- bash -c "cmd"  # run command inside VM (requires QEMU agent)

JARVIS API Token: root@pam!jarvis=c45b5feb-f9a9-445d-a626-14fbb959f78b

PVE2 — Secondary Hypervisor

Field	Value
Local IP	10.48.200.91
OS	Proxmox VE 8.x
SSH	`ssh root@10.48.200.91` — password: `Joker1974!!!`
Web UI	`https://10.48.200.91:8006` — `root / Joker1974!!!`
Purpose	Runs VM 302 (NetworkBackup); part of shared Proxmox cluster with PVE1

4. ON-PREMISE — VIRTUAL MACHINES

VM 101 — Home Assistant (PVE1)

Field	Value
IP	10.48.200.97
OS	Ubuntu + Home Assistant OS/Supervised
Web UI	`http://orbisne.fortiddns.com:8123` — `myron / [HA password]`
SSH	Via HA web terminal only (Settings → Add-ons → Advanced SSH & Web Terminal)
Purpose	Smart home automation — 212 entities (lights, switches, scenes, sensors)
JARVIS Agent	ID: `homeassistant_ha` — pushes entity states to JARVIS every 10s

JARVIS ↔ HA Integration:

HA custom component at /config/custom_components/jarvis_agent/
Pushes all entity state changes to JARVIS /api/agent/ha_state (debounced 2s)
JARVIS admin toggles → queued in agent_commands table → HA executes natively
HA Long-lived Token (Jarvis2): eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiIzNmI0N2I1Njk5ZGQ0MTQ2ODMwZWFmYjZiYTQ1MjJkMSIsImlhdCI6MTc4MDIwMzU5NCwiZXhwIjoyMDk1NTYzNTk0fQ.sYRok-jRDlA4lFgWxLQELcEjkJNGQdprk6ZziLwLtXE

VM 112 — Jellyfin Media Server (PVE1)

Field	Value
IP	10.48.200.33
OS	Ubuntu 22.04 LTS
SSH	`ssh root@10.48.200.33` — password: `Joker1974!!!` (enabled 2026-06-14)
Web UI	`http://10.48.200.33:8096`
Purpose	Media streaming server — Movies and TV shows
JARVIS Agent	Not yet installed

Media Libraries:

Movies: /mnt/mediastack/movies — NFS from MediaStack (10.48.200.35:/media/movies)
TV: /mnt/mediastack/tv — NFS from MediaStack (10.48.200.35:/media/tv)

NFS chain: Jellyfin → MediaStack → Synology NAS (/volume1/video/movies and /volume1/video/tv)

Admin token: 7c0ccf78b91d4b5bafa607f585f24f2d

If library scan needed:

curl -X POST "http://10.48.200.33:8096/Library/Refresh" \
  -H "X-Emby-Token: 7c0ccf78b91d4b5bafa607f585f24f2d"

If NFS stale after MediaStack changes:

umount -l /mnt/mediastack/movies && umount -l /mnt/mediastack/tv
mount /mnt/mediastack/movies && mount /mnt/mediastack/tv

VM 113 — MediaStack (PVE1)

Field	Value
IP	10.48.200.35
OS	Ubuntu 24.04 LTS
SSH	Via PVE1: `ssh -i /root/.ssh/id_rsa root@10.48.200.35` (no direct access from DO)
Purpose	Automated media download pipeline + NFS server to Jellyfin
JARVIS Agent	ID: `MediaStack_2c00b1b8`

Services:

Service	Port	Login	API Key
qBittorrent	:8080	`admin / Joker1974!!!`	—
Sonarr	:8989	`admin / Joker1974!!!`	`b43e04350a594846b4ee95261c29e9e0`
Radarr	:7878	`admin / Joker1974!!!`	`53c4268360444feeae5f98c0cc24e0e3`
Prowlarr	:9696	`admin / Joker1974!!!`	`9d0ce6c5660743b5bf1c7951efc62252`

All services run as root — required by Synology NFS ACL (only root can write).

VPN: NordVPN — nordlynx WireGuard interface — exit IP 181.214.226.188 (US Dallas)
All download traffic exits via NordVPN. If downloads stall, check: ip rule show for rules 32764/32765.

Media Flow:

IPTorrents (Prowlarr) → Sonarr/Radarr search → qBittorrent download
→ /mnt/nas/video/downloads (NAS)
→ Sonarr/Radarr import → /mnt/nas/video/tv or /mnt/nas/video/movies (NAS)
→ NFS → Jellyfin /mnt/mediastack/movies or /mnt/mediastack/tv

Indexer: IPTorrents via Prowlarr cookie auth
Cookie: uid=2237410; pass=JzLP2niTWxBJAZIU3yvtLbJzD55kdLeB
(Expires — if search fails, log into iptorrents.com, copy uid+pass cookies)

If Radarr/Sonarr shows "0 active indexers":

systemctl stop radarr
sqlite3 /var/lib/radarr/radarr.db "DELETE FROM IndexerStatus WHERE ProviderId=1;"
systemctl start radarr

SSH from DO:

sshpass -p 'Joker1974!!!' ssh -o StrictHostKeyChecking=no root@10.48.200.90 \
  'ssh -o StrictHostKeyChecking=no -i /root/.ssh/id_rsa root@10.48.200.35 "COMMAND"'

VM 118 — Homebridge (PVE1)

Field	Value
IP	10.48.200.18
OS	Linux
SSH	`ssh myron@10.48.200.18` — password: `Joker1974!`
Purpose	Apple HomeKit bridge — exposes non-HomeKit devices to Apple Home app
JARVIS Agent	ID: `homebridge_b57cbaea`

VM 120 — NovaCPX Hosting Panel (PVE1)

Field	Value
IP	10.48.200.110
OS	Ubuntu 24.04 LTS
SSH	`ssh root@10.48.200.110` — password: `Joker1974!!!` (direct, no PVE hop)
Purpose	Custom web hosting control panel (cPanel alternative), v1.0.27
JARVIS Agent	ID: `novacpx_e3b07264`

Ports:

Port	Panel
:8880	User panel
:8881	Reseller panel
:8882	Admin panel
:8883	Roundcube webmail

Admin: https://10.48.200.110:8882 — admin / Admin2026!
phpMyAdmin: http://10.48.200.110/phpmyadmin

File Paths:

Web root: /srv/novacpx/public/
DB (SQLite): /var/lib/novacpx/panel.db
Config: /etc/novacpx/config.ini
Git repo: /opt/novacpx-src/
GitHub: myronblair/novacpx (auto-deploy on push to main)

VM 210 — Ollama Local LLM (PVE1)

Field	Value
IP	10.48.200.95
OS	Ubuntu (cloud image)
SSH	`ssh myron@10.48.200.95` — password: `Joker1974!` (then `sudo`)
Purpose	Local AI inference — runs llama3.2 model for JARVIS Tier 1 chat
API	`http://10.48.200.95:11434` (Ollama REST API)
JARVIS Agent	ID: `ollama-ai_ubuntu`

JARVIS uses this as Tier 1 AI — if Ollama is down, falls back to Groq (cloud).

VM 302 — NetworkBackup (PVE2)

Field	Value
IP	10.48.200.99
OS	Ubuntu/Linux
SSH	`ssh myron@10.48.200.99` — password: `Joker1974!` (then `sudo`)
Purpose	Network backup storage / backup operations
JARVIS Agent	ID: `networkbackup_NetworkB`

CT110 — WireGuard Exit Container (PVE1)

Field	Value
IP	10.48.200.19 / 10.48.200.67
Purpose	Legacy WireGuard exit tunnel to DO (10.200.0.4 via wg-exit) — currently NOT used by MediaStack/Jellyfin
Note	MediaStack uses NordVPN directly; Jellyfin uses wg1 peer on MediaStack for NFS only

5. NAS STORAGE

Synology NAS

Field	Value
IP	10.48.200.249
Login	`nas / Joker1974!!!`
DSM Web UI	`http://10.48.200.249:5000`
Purpose	Primary media and download storage

NFS Share: /volume1/video (exported to MediaStack only)

Directory structure:

/volume1/video/
  movies/       ← Radarr imports here; NFS-exported to Jellyfin via MediaStack
  tv/           ← Sonarr imports here; NFS-exported to Jellyfin via MediaStack
  downloads/    ← qBittorrent downloads here (temp)
    incomplete/ ← in-progress torrents

Important: Synology NFS ACL only allows root to write. All services on MediaStack run as root.

6. WEBSITES (ALL ON DO)

All sites are at /home/<domain>/public_html/ on DO (165.22.1.228).
Auto-deploy: Push to main on GitHub → webhook → server pulls in ~1 min.
GitHub PAT: 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 (expires ~2026-08-20)

jarvis.orbishosting.com — JARVIS AI Dashboard

Field	Value
URL	https://jarvis.orbishosting.com
Path	`/home/jarvis.orbishosting.com/`
GitHub	`myronblair/jarvis`
Login	`myron / Joker1974!!!`
Purpose	Iron Man-style AI home dashboard with voice control, smart home, media, planner

See Section 7 for full JARVIS details.

tomsjavajive.com — Tom's Java Jive

Field	Value
URL	https://tomsjavajive.com
Path	`/home/tomsjavajive.com/public_html/`
GitHub	`myronblair/tomsjavajive`
Purpose	Coffee shop e-commerce — products, orders, loyalty, wallet, reviews
Admin URL	`https://tomsjavajive.com/admin/`
Admin Login	`admin@tomsjavajive.com / Joker1974!!!` OR `myronblair@outlook.com / Joker1974!!!`
DB	`toms_tjj_db / toms_tjj_user / +60wlPc+55e@gFq4`
Email	CyberMail API key: `sk_live_7f9b0f9a29f6de31a0d229d4af75d56b094ad724fc58a57d`
Email From	`noreply@tomsjavajive.com` / `Toms Java Jive` (set in DB settings table)

epictravelexpeditions.com — Epic Travel Expeditions

Field	Value
URL	https://epictravelexpeditions.com
Path	`/home/epictravelexpeditions.com/public_html/`
GitHub	`myronblair/epictravelexpeditions`
Purpose	Travel booking / expeditions website
DB	`epic_travel_db` (see `api/config.php`)

parkerslingshot.epictravelexpeditions.com — Parker Slingshot (OLD)

Field	Value
URL	https://parkerslingshot.epictravelexpeditions.com
Path	`/home/epictravelexpeditions.com/parkerslingshot/`
GitHub	`myronblair/parkerslingshot`
Purpose	Old slingshot rental site (superseded by parkerslingshotrentals.com)

parkerslingshotrentals.com — Parker Slingshot Rentals (LIVE)

Field	Value
URL	https://www.parkerslingshotrentals.com
Path	`/home/parkerslingshotrentals.com/public_html/`
GitHub	`myronblair/parkerslingshotrentals`
Purpose	Polaris Slingshot rental — bookings, e-signature waiver, admin management
Admin	`/admin/index.php` — `admin / Parker2026!`
DB	`park_slingshot / park_slingshotuser / 4@rxg*8kovxCr7w6`
Square	Production token: `EAAAl3FsAu_2ri8kZE_ENEyi2T_C8HXXm5XQFY6Lbnd8SX6FqYp8J_upUeXNYh7v`

orbishosting.com — Orbis Hosting (Landing Page)

Field	Value
URL	https://orbishosting.com
Path	`/home/orbishosting.com/public_html/`
GitHub	`myronblair/orbishosting`
Purpose	Public landing page for Orbis Hosting brand

orbis.orbishosting.com — Orbis Hosting Portal

Field	Value
URL	https://orbis.orbishosting.com
Path	`/home/orbis.orbishosting.com/public_html/`
GitHub	`myronblair/orbis-hosting-portal`
Purpose	Customer-facing hosting portal

tomtomgames.com — TomTom Games

Field	Value
URL	https://tomtomgames.com
Path	`/home/tomtomgames.com/public_html/`
GitHub	`myronblair/tomtomgames`
Purpose	Gaming website
DB	`tomtom_games_db` (see config)
Email	CyberMail API key: `sk_live_7f9b...`

7. JARVIS AI SYSTEM

URL: https://jarvis.orbishosting.com
Files: /home/jarvis.orbishosting.com/ on DO
DB: jarvis_db — jarvis_user / J4rv1s_Pr0t0c0l_2026!
Login: myron / Joker1974!!!
Admin portal: https://jarvis.orbishosting.com/admin

Architecture (end-to-end)

Voice (browser mic)
  → SpeechRecognition API
  → Wake phrase: "wake up JARVIS" / "daddy's home"
  → "JARVIS [command]" triggers action
  → /api/chat.php (4-tier AI)
       Tier 0.7: KB intents / planner (tasks, appointments)
       Tier 1:   Knowledge Base (MySQL)
       Tier 1.5: Ollama (10.48.200.95:11434, llama3.2) — local LLM
       Tier 2:   Groq (cloud, model: compound-beta-mini)
       Tier 3:   Claude API (Anthropic, fallback)
  → ElevenLabs TTS → browser speaker

Deploy Pipeline

Code edit → git push → GitHub webhook → /webhook.php (HMAC verified)
→ /tmp/jarvis-deploy-queue.txt → /usr/local/bin/jarvis-deploy.sh (cron 1min)
→ git pull + PHP syntax check → deploy or auto-revert

Webhook secret: 4c8805f0285214ff0a0602b5880270b935f36a896946c7f1

Agent System

Agents installed on all servers — phone home every 10s (heartbeat) / 30s (metrics).
Registration key: f846a9aaf7ce9a61742c63c87c4186052a71d2a580c65518
Install command: curl -sk https://jarvis.orbishosting.com/install-agent.sh | bash -s <hostname> <linux|proxmox>

Self-Healing Watchdog

/usr/local/bin/jarvis-watchdog.sh — runs every 5 min (root cron on DO)
Restarts: lsws, mysql, redis if down
Restarts offline Proxmox VM agents via qm guest exec

Cron Jobs (DO server)

Schedule	Script	Purpose
Every 1 min	`jarvis-deploy.sh`	Process GitHub deploy queue
Every 3 min	`facts_collector.php`	Collect agent metrics, KB facts, site health
Every 5 min	`stats_cache.php`	Weather, news, Proxmox stats refresh
Every 5 min	`jarvis-watchdog.sh`	Self-healing: restart dead services

8. PHONE SYSTEM (FUSIONPBX)

Extensions

Ext	Name	Phone	IP	SIP Password
1000	Myron Blair — Desk	Yealink T48S	10.48.200.2	`Xk9mPw3nQv7rLs2t`
1001	Tommy Ivy — Desk	Yealink T48S	10.48.200.43	`Tv8xNm4pWq6rZs3k`
1002	Myron Blair — WiFi Work	Yealink AX86R	10.48.200.65	`yXHaJTwa8rj?$GkrVFQB`
1003	Kitchen	Yealink T57W	10.48.200.83	—
1004	Master Bedroom	Yealink T57W	10.48.200.85	—
1010	Parker County Slingshot	Virtual (voicemail only)	—	—
1011	Epic Travel Expeditions	Virtual (voicemail only)	—	—
1012	Tom's Java Jive	Virtual (voicemail only)	—	—
900	IVR	—	—	(auto-attendant)

Phone SIP Settings (all phones):

Server: 134.209.72.226
Port: 5080
Transport: UDP

Provisioning URL: https://fusion.orbishosting.com/app/provision/
(Username: provision-master, Password: Joker1974!!!)

Call Flow

Inbound (+18177645007)
→ SignalWire → FusionPBX:5080 (UDP)
→ signalwire-inbound dialplan (catch-all ^.*$)
→ IVR ext 900 (ivr_menu_16k.wav)
→ Routes to extensions 1000/1001/1002/1003/1004

Outbound
→ Phone → FusionPBX:5080
→ signalwire gateway → SignalWire → PSTN

FreeSWITCH CLI Commands

fs_cli -x "sofia status profile external reg"   # check registrations
fs_cli -x "sofia xmlstatus gateway"             # check SignalWire gateway
fs_cli -x "reloadxml"                           # reload config (safe)
fs_cli -x "reloadacl"                           # reload ACL (safe)
# AVOID: sofia profile external restart (drops all phone registrations)

9. NETWORKING & VPN

FortiGate Firewall

WAN IP: 97.154.109.245 (dynamic)
DDNS: orbisne.fortiddns.com (FortiGate auto-updates on IP change)
Blocks: outbound port 53 (DNS) — MediaStack uses PVE1 dnsmasq (10.48.200.90) as resolver → 100.100.100.100

Port Forwards:

External Port	Internal Destination	Purpose
:8006	PVE1:8006	Proxmox web UI
:8123	HA VM:8123	Home Assistant
:22	HA VM:22	HA SSH (unreliable)

WireGuard — Jellyfin ↔ MediaStack

MediaStack runs WireGuard server on wg1 (port 51820, subnet 10.200.0.1/24)
Jellyfin peer: 10.200.0.3 (active handshake)
Used for NFS media file access ONLY — not internet VPN

NordVPN — MediaStack Internet Traffic

Interface: nordlynx on MediaStack
Exit IP: 181.214.226.188 (US Dallas)
Policy routing: table 205 (all traffic via nordlynx), managed by nordvpn-routing.service
Required for IPTorrents access (blocks non-VPN IPs)

10. BACKUP SYSTEMS

DO Server Backup

Repo: myronblair/do-server-config
Schedule: Weekly, Sunday 4am
Launcher: /usr/local/bin/do-server-backup on DO
Covers: Scripts, systemd units, WireGuard, OLS vhosts, cron, MySQL credentials
Restore: 8-phase wizard in restore.sh
DB backups: jarvis-backup.sh runs daily (separate)

Proxmox Config Backup

Repo: myronblair/proxmox-config
Schedule: Weekly, Sunday 3am (both PVE1 and PVE2)
Launcher: /usr/local/bin/proxmox-backup on each node
Covers: VM .conf files, network, cron, systemd, scripts
VM disks: Covered by Proxmox Backup Server (PBS)

FusionPBX Backup

Repo: myronblair/fusionpbx-config
Schedule: Weekly, Sunday 5am
Launcher: /usr/local/bin/fusionpbx-backup
Covers: PostgreSQL dump (gzip, ~29MB) + FreeSWITCH configs
Restore: 10-phase wizard in restore.sh

11. SSH QUICK REFERENCE

# DO (main web server)
sshpass -p 'Gonewalk1974!@#' ssh -o StrictHostKeyChecking=no root@165.22.1.228

# FusionPBX (must relay via DO)
sshpass -p 'Gonewalk1974!@#' ssh root@165.22.1.228 \
  'sshpass -p "Joker1974!@#" ssh root@134.209.72.226 "CMD"'

# PVE1 (direct or via DDNS)
sshpass -p 'Joker1974!!!' ssh -o StrictHostKeyChecking=no root@orbisne.fortiddns.com
sshpass -p 'Joker1974!!!' ssh -o StrictHostKeyChecking=no root@10.48.200.90

# PVE2
sshpass -p 'Joker1974!!!' ssh -o StrictHostKeyChecking=no root@10.48.200.91

# MediaStack (via PVE1)
sshpass -p 'Joker1974!!!' ssh root@10.48.200.90 \
  'ssh -i /root/.ssh/id_rsa root@10.48.200.35 "CMD"'

# Jellyfin (direct, password enabled 2026-06-14)
sshpass -p 'Joker1974!!!' ssh -o StrictHostKeyChecking=no root@10.48.200.33

# NovaCPX (direct)
sshpass -p 'Joker1974!!!' ssh -o StrictHostKeyChecking=no root@10.48.200.110

# Ollama / Homebridge / NetworkBackup (myron user, then sudo)
sshpass -p 'Joker1974!' ssh myron@10.48.200.95   # Ollama
sshpass -p 'Joker1974!' ssh myron@10.48.200.18   # Homebridge
sshpass -p 'Joker1974!' ssh myron@10.48.200.99   # NetworkBackup

# Run command inside VM via Proxmox (requires QEMU agent installed)
sshpass -p 'Joker1974!!!' ssh root@10.48.200.90 \
  'qm guest exec 210 -- bash -c "CMD"'

Password fallback order: Joker1974!@# → Joker1974!!! → Joker1974!

12. CRITICAL CREDENTIALS MASTER LIST

SSH / Root Access

System	User	Password	Notes
DO (165.22.1.228)	root	`Gonewalk1974!@#`	Main web server
FusionPBX (134.209.72.226)	root	`Joker1974!@#`	Via DO relay
PVE1 (10.48.200.90)	root	`Joker1974!!!`	Also via DDNS
PVE2 (10.48.200.91)	root	`Joker1974!!!`
MediaStack (10.48.200.35)	root	key only	Via PVE1 (`/root/.ssh/id_rsa`)
Jellyfin (10.48.200.33)	root	`Joker1974!!!`	Enabled 2026-06-14
NovaCPX (10.48.200.110)	root	`Joker1974!!!`	Direct SSH works
Ollama / Homebridge / Backup VMs	myron	`Joker1974!`	Then sudo

Web Panels & Admin

System	URL	User	Password
CyberPanel	https://165.22.1.228:8090	myron	`Joker1974!!!`
phpMyAdmin (DO)	https://165.22.1.228/phpmyadmin	myron	`Joker1974!!!`
Proxmox PVE1	https://orbisne.fortiddns.com:8006	root	`Joker1974!!!`
Proxmox PVE2	https://10.48.200.91:8006	root	`Joker1974!!!`
JARVIS	https://jarvis.orbishosting.com	myron	`Joker1974!!!`
JARVIS Admin	https://jarvis.orbishosting.com/admin	myron	`Joker1974!!!`
FusionPBX	https://fusion.orbishosting.com	admin	`fY7XP5swgtpbzrYLhkeVYkA4744`
Home Assistant	http://orbisne.fortiddns.com:8123	myron	(HA password)
NovaCPX Admin	https://10.48.200.110:8882	admin	`Admin2026!`
Jellyfin	http://10.48.200.33:8096	—	token: `7c0ccf78b91d4b5bafa607f585f24f2d`
qBittorrent	http://10.48.200.35:8080	admin	`Joker1974!!!`
Sonarr	http://10.48.200.35:8989	admin	`Joker1974!!!`
Radarr	http://10.48.200.35:7878	admin	`Joker1974!!!`
Prowlarr	http://10.48.200.35:9696	admin	`Joker1974!!!`
Synology NAS	http://10.48.200.249:5000	nas	`Joker1974!!!`
Parker Slingshot Admin	https://parkerslingshotrentals.com/admin	admin	`Parker2026!`
TJJ Admin	https://tomsjavajive.com/admin	`admin@tomsjavajive.com` OR `myronblair@outlook.com`	`Joker1974!!!`

Databases

Site	DB Name	DB User	DB Password
JARVIS	`jarvis_db`	`jarvis_user`	`J4rv1s_Pr0t0c0l_2026!`
Tom's Java Jive	`toms_tjj_db`	`toms_tjj_user`	`+60wlPc+55e@gFq4`
Parker Slingshot Rentals	`park_slingshot`	`park_slingshotuser`	`4@rxg*8kovxCr7w6`
Epic Travel	`epic_travel_db`	(see config.php)	(see config.php)
Epic/Parker Slingshot	`epic_parkersling`	`epic_parkersling`	`Joker1974!!!`
NovaCPX	SQLite: `/var/lib/novacpx/panel.db`	—	—
FusionPBX	PostgreSQL	`fusionpbx`	`pSJaF9mUJqPr4Sj5mwJyRqvCCpc`
MySQL root (DO)	—	root	`b71e5c1a8c7457541b9c1db822de37adfa271926a38b6c20`

API Keys

Service	Key
GitHub PAT	`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` (exp ~2026-08-20)
JARVIS Agent Registration	`f846a9aaf7ce9a61742c63c87c4186052a71d2a580c65518`
Proxmox API Token	`root@pam!jarvis=c45b5feb-f9a9-445d-a626-14fbb959f78b`
HA Long-lived Token	`eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiIzNmI0N2I1Njk5ZGQ0MTQ2ODMwZWFmYjZiYTQ1MjJkMSIsImlhdCI6MTc4MDIwMzU5NCwiZXhwIjoyMDk1NTYzNTk0fQ.sYRok-jRDlA4lFgWxLQELcEjkJNGQdprk6ZziLwLtXE`
Sonarr API	`b43e04350a594846b4ee95261c29e9e0`
Radarr API	`53c4268360444feeae5f98c0cc24e0e3`
Prowlarr API	`9d0ce6c5660743b5bf1c7951efc62252`
Jellyfin Admin Token	`7c0ccf78b91d4b5bafa607f585f24f2d`
Square (Parker) Production	`EAAAl3FsAu_2ri8kZE_ENEyi2T_C8HXXm5XQFY6Lbnd8SX6FqYp8J_upUeXNYh7v`
Square App ID (Parker)	`sq0idp-YSM7BU9IVyOWSzpeP-0nzQ`
Webhook HMAC Secret	`4c8805f0285214ff0a0602b5880270b935f36a896946c7f1`

SIP / Phone

Extension	Name	SIP Password
1000	Myron Blair — Desk (10.48.200.2)	`Xk9mPw3nQv7rLs2t`
1001	Tommy Ivy — Desk (10.48.200.43)	`Tv8xNm4pWq6rZs3k`
1002	Myron Blair — WiFi Work (10.48.200.65)	`yXHaJTwa8rj?$GkrVFQB`
1003	Kitchen (10.48.200.83)	—
1004	Master Bedroom (10.48.200.85)	—
1010	Parker County Slingshot (voicemail only)	—
1011	Epic Travel Expeditions (voicemail only)	—
1012	Tom's Java Jive (voicemail only)	—

This document contains sensitive credentials. Store securely and do not share.

28 KiB Raw Permalink Blame History