diff --git a/CLAUDE.md b/CLAUDE.md index 4aeabb2..a7e87f6 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -37,12 +37,13 @@ All key hosts are on Tailscale (myronblair@gmail.com). Use Tailscale IPs for SSH | PVE1 (Proxmox) | orbisne.fortiddns.com (10.48.200.90) | `root / Joker1974!!!` (via Tailscale 100.80.188.8) | Primary hypervisor | | PVE2 (Proxmox) | 10.48.200.91 | `root / Joker1974!!!` | Secondary hypervisor | | JARVIS VM | 10.48.200.211 | `root / Joker1974!!!` (via Tailscale 100.77.178.42) | JARVIS dashboard — PVE1 VM 211, 8c/16GB | -| NPM VM | 10.48.200.201 | `root / Joker1974!!!` (via Tailscale 100.110.239.71) | Nginx Proxy Manager — PVE1 VM 201 | +| NPM VM | 10.48.200.201 | `root / Joker1974!!!` (via Tailscale 100.110.239.71) | Nginx Proxy Manager — PVE1 VM 200 (LAN IP .201 despite VM ID 200) | | Ollama VM | 10.48.200.210 | `root / Joker1974!!!` (via Tailscale 100.96.100.113) | Local LLM — PVE1 VM 210, 4c/8GB | | Home Assistant | 10.48.200.97 | `myron → sudo` | HA VM 101 | | NetworkBackup | 10.48.200.99 | `myron → sudo` | Backup VM (PVE2 VM 302) | | MediaStack | 10.48.200.35 | `root via PVE1 key` | Sonarr/Radarr/Prowlarr/qBittorrent (PVE1 VM 113) | -| NovaCPX | 10.48.200.110 | `root / Joker1974!!!` (direct SSH works) | Custom hosting control panel (PVE1 VM 120) | +| NovaCPX | 10.48.200.110 | `root / Joker1974!!!` (direct SSH — Tailscale 100.86.51.18 needs re-auth) | Custom hosting control panel (PVE1 VM 120) | +| NPM | 10.48.200.201 | `root / Joker1974!!!` (via Tailscale 100.110.239.71) | Nginx Proxy Manager — PVE1 VM 200 · NPM API: `POST http://localhost:81/api/tokens` identity=myronblair@outlook.com | **SSH password order** (try in sequence if first fails): `Joker1974!@#` → `Joker1974!!!` → `Joker1974!` @@ -215,17 +216,28 @@ Automated media server on PVE1 VM 113. All traffic routes through WireGuard VPN ## NovaCPX Panel -Custom web hosting control panel at `https://10.48.200.110` (PVE1 VM 120). Admin: `admin / Admin2026!`. Root SSH: `sshpass -p 'Joker1974!!!' ssh -o StrictHostKeyChecking=no root@10.48.200.110` (direct, no hop needed — PVE1 SSH currently broken). +Custom web hosting control panel (PVE1 VM 120, 10.48.200.110). Root SSH: `sshpass -p 'Joker1974!!!' ssh -o StrictHostKeyChecking=no root@10.48.200.110` (direct LAN — use this, Tailscale 100.86.51.18 requires re-auth periodically). + +**Public URLs (via NPM → FortiGate VIP port 443 → 10.48.200.201):** +- Admin: `https://admin.novacpx.orbishosting.com` (→ port 8882) · `admin / Admin2026!` or `myron / Joker1974!!!` +- Reseller: `https://reseller.novacpx.orbishosting.com` (→ port 8881) +- User: `https://panel.novacpx.orbishosting.com` or `https://novacpx.orbishosting.com` (→ port 8880) +- Webmail: port 8883 (Roundcube) — no public NPM proxy yet +- `https://web.orbishosting.com` → port 80 (placeholder for a new hosted website) **Ports:** 8880 (user) · 8881 (reseller) · 8882 (admin) · 8883 (Roundcube webmail) **Paths:** Panel web root `/srv/novacpx/public/` · Git repo `/opt/novacpx-src/` · DB `/var/lib/novacpx/panel.db` (SQLite) · Config `/etc/novacpx/config.ini` -**GitHub:** `myronblair/novacpx` (private). Auto-deploy active: push to `main` (stable) or `beta` → webhook → VM pulls. GitHub Actions auto-bumps VERSION: main→PATCH, beta→-beta.N suffix. Current version: 1.0.27. +**Config notes:** `/etc/novacpx/config.ini` must have `server = nginx` (not apache) — VhostManager checks this to write the correct vhost format. + +**GitHub:** `myronblair/novacpx` (private). Auto-deploy active: push to `main` (stable) or `beta` → webhook → VM pulls. GitHub Actions auto-bumps VERSION: main→PATCH, beta→-beta.N suffix. Current version: 1.0.40. **Update channels:** `stable` tracks `origin/main`, `beta` tracks `origin/beta`. Set in Admin → Settings → Update Channel. -**Local clone:** `/tmp/novacpx/` on this machine. All edits go here first, then `git push origin main`. +**Local clone:** `/tmp/novacpx/` on this machine. All edits go here first, then `git push origin main`. The deploy runner syncs `panel/` → `/srv/novacpx/public/` and `panel/lib/` → `/srv/novacpx/public/lib/`. For immediate changes use SCP to `root@10.48.200.110:/srv/novacpx/public/`. + +**PHP-FPM:** Per-account pools in `/etc/php/8.3/fpm/pool.d/`. If php8.3-fpm fails to start, check for orphaned pool configs referencing deleted Linux users — remove them and `systemctl start php8.3-fpm`. **JARVIS agent:** Installed, online. Agent ID: `novacpx_e3b07264`. @@ -300,7 +312,7 @@ A SyntaxError in any panels/ file breaks only that group — other panels stay f | myronblair/mediastack | MediaStack VM 113 | config/, systemd units, wg0.conf, README | | myronblair/do-server-config | DO server backup | scripts, systemd, WG, OLS vhosts, restore.sh | | myronblair/proxmox-config | PVE1+PVE2 backup | shared cluster configs + per-node, restore.sh | -| myronblair/novacpx | 10.48.200.110:8882 | db/schema.sql (SQLite, 19+ tables) | +| myronblair/novacpx | admin.novacpx.orbishosting.com | db/schema.sql (SQLite, 19+ tables) | | myronblair/fusionpbx-config | FusionPBX backup | PostgreSQL dump (gzip) + FS configs, restore.sh | All repos are private. Each has `config/vhost/` with OLS vhost config. The jarvis repo also has `deploy/` (watchdog, deploy runner, systemd units) and `agent/jarvis-agent.py`.