From 225259f1f4a20128a5414446f1aeb0da8d4c84f0 Mon Sep 17 00:00:00 2001 From: Myron Blair Date: Mon, 29 Jun 2026 12:01:12 -0500 Subject: [PATCH] Mark Gitea NAS mirror as complete; remove stale project_claude_vm.md --- ai-memory/project_claude_vm.md | 18 ----------------- ai-memory/project_infra_todo.md | 36 ++++++++++++++++++++++++++++++++- 2 files changed, 35 insertions(+), 19 deletions(-) delete mode 100644 ai-memory/project_claude_vm.md diff --git a/ai-memory/project_claude_vm.md b/ai-memory/project_claude_vm.md deleted file mode 100644 index ef08ba0..0000000 --- a/ai-memory/project_claude_vm.md +++ /dev/null @@ -1,18 +0,0 @@ ---- -name: project-claude-vm -description: Claude Code runs on PVE1 VM 107 (Claude-DHCP) at 10.48.200.29 — the local environment for all Claude Code sessions -metadata: - node_type: memory - type: project - originSessionId: 16664adb-5228-4a2a-bffb-7e783ad13af1 ---- - -Claude Code sessions run inside **PVE1 VM 107** named "Claude-DHCP". - -- **IP**: 10.48.200.29 (DHCP — may change on reboot) -- **Hostname**: claude -- **Hypervisor**: PVE1 (10.48.200.90 / orbisne.fortiddns.com) -- **No JARVIS agent installed** on this VM - -**Why:** This explains why SSH to local IPs works directly, and why the working directory is /home/myron on a Linux VM rather than a remote machine. -**How to apply:** When commands run "locally," they run inside this VM on the 10.48.200.0/24 LAN. Direct SSH to other LAN machines works without relaying through DO. diff --git a/ai-memory/project_infra_todo.md b/ai-memory/project_infra_todo.md index 5c36398..d6f5119 100644 --- a/ai-memory/project_infra_todo.md +++ b/ai-memory/project_infra_todo.md @@ -9,12 +9,42 @@ metadata: # Infrastructure TODO -Last updated: 2026-06-24 +Last updated: 2026-06-28 --- ## 🔴 OPEN +- [x] **Synology iSCSI → Proxmox storage** — COMPLETE 2026-06-27. SynologyLVM (lvmthin, 1.86TB) active. SynologyiSCSI raw device also added. NAS at 10.48.200.249, IQN: iqn.2000-01.com.synology:NAS.Target-1.6296e09c4cb. Set as default Proxmox storage. NAS hostname fixed in /etc/hosts (was resolving to Tailscale IP — root cause of past VM corruptions). SynologyProx CIFS stays for backups/ISOs. + +- [ ] **FortiGate DNS + Synology Reverse Proxy for all VMs** — Use Synology's built-in Reverse Proxy (DSM → Control Panel → Application Portal → Reverse Proxy) instead of NPM. FortiGate DNS overrides point all .lan domains → 10.48.200.249 (Synology). NPM kept but no longer primary. + - **Step 1 — FortiGate DNS**: https://192.168.20.1 (admin / Joker1974!!!) → Network → DNS → Local DNS Records. Each .lan entry → 10.48.200.249 + - **Step 2 — Synology Reverse Proxy rules** (DSM → Control Panel → Application Portal → Reverse Proxy): + | Source FQDN | Destination IP | Port | Notes | + |------------|----------------|------|-------| + | proxmox.lan | 10.48.200.90 | 8006 | HTTPS backend, enable WebSocket | + | jarvis.lan | 10.48.200.211 | 80 | HTTP | + | hoa.lan | 10.48.200.97 | 8123 | HTTP, **enable WebSocket** (HA requires it) | + | homebridge.lan | 10.48.200.18 | 8581 | HTTP | + | jellyfin.lan | 10.48.200.33 | 8096 | HTTP, enable WebSocket | + | novacpx.lan | 10.48.200.110 | 8882 | HTTPS backend | + | sonarr.lan | 10.48.200.35 | 8989 | HTTP | + | radarr.lan | 10.48.200.35 | 7878 | HTTP | + | qbit.lan | 10.48.200.35 | 8080 | HTTP | + | ollama.lan | 10.48.200.210 | 11434 | HTTP | + | npm.lan | 10.48.200.200 | 81 | HTTP | + | nas.lan | 10.48.200.249 | 5001 | HTTPS (DSM itself) | + - **Step 3 — Client DNS**: Set Windows DNS to FortiGate (192.168.20.1) or PVE1 (10.48.200.90) so .lan resolves + - **WebSocket**: Must be enabled on proxmox.lan, hoa.lan, jellyfin.lan rules or those UIs will break + +- [ ] **Home Assistant VM109 post-boot setup** — HA is booting (supervisor starting). Once port 8123 is up: + 1. Restore Google Drive backup (file ID: `1mLE1S9dSvxl0RYQnCt020WT-UZnQuxqP`) + 2. Install Tailscale addon (go to Supervisor > Add-on Store) + 3. Re-integrate JARVIS ↔ HA (212 entities) + 4. Resize disk from 32GB → 150GB (`qm resize 109 sata0 +118G` while VM stopped, then resize partition inside HA) + + + - [x] **CT110 WireGuard filesystem read-only** — fsck run, filesystem clean and rw. wg-clients.conf updated with new MediaStack pubkey. 2026-06-24. - [x] **CT110 wg-clients auto-start** — added `/etc/local.d/wg-clients.start` (OpenRC local service). wg-clients comes up on boot. 2026-06-24. @@ -29,6 +59,10 @@ Last updated: 2026-06-24 - [x] **MediaStack backup to new storage** — VM 103 disk now on GoFlex storage. Backup job runs nightly at 21:00 to SynologyProx and backs up VM regardless of disk location. Verified 2026-06-24. +- [x] **NAS Git Server — Hybrid Mirror Setup** — COMPLETE 2026-06-29. Gitea 1.26.4 (ARM64) on Synology NAS at 10.48.200.249:3000, HTTPS at gitea.orbishosting.com. All 25 GitHub repos mirrored (every 8h). 4 private NAS-only repos: infra-private, fortigate-config, proxmox-secrets, jarvis-secrets. Auto-starts on boot via /usr/local/etc/rc.d/gitea.sh. Added to web.orbishosting.com dashboard. + +- [x] **Synology NAS → FortiSwitch** — COMPLETE 2026-06-28. NAS LAN2 → FortiSwitch Port 6, NAS LAN1 → FortiSwitch Port 7. Bonding configured as **Adaptive Load Balancing (ALB)** in Synology DSM (802.3ad LACP not available on FortiGate 60F FortiOS for managed FortiSwitch via CLI or GUI). ALB provides outbound load balancing + redundancy without switch LACP support. NAS remains at 10.48.200.249. + --- ## ✅ COMPLETED (2026-06-24 session)