--- name: project-jarvis-migration description: JARVIS migration from DO to PVE1 VM 211 — in progress as of 2026-06-17 metadata: node_type: memory type: project originSessionId: 16664adb-5228-4a2a-bffb-7e783ad13af1 --- # JARVIS Migration: DO → PVE1 **Why:** DO server is single-core, Cloudflare SSL hammers it with 22+ connections. PVE1 has 377GB RAM, many cores, direct LAN access to all home network resources. **Architecture:** JARVIS on PVE1 LAN → FortiGate port-forwards a dedicated port externally → no Cloudflare SSL overhead on origin. NPM VM handles 80/443 for other future internal sites. ## New VMs (all on PVE1, created 2026-06-17) | VMID | Name | IP | Specs | Status | |------|------|----|-------|--------| | 210 | Ollama-95 | 10.48.200.95 | 4c/8GB/30GB | Running, SSH not yet ready (still upgrading packages) | | 200 | NPM-200 | 10.48.200.200 | 2c/2GB/20GB | ✅ SSH ready (root@10.48.200.200, PVE1 key) | | 211 | JARVIS-211 | 10.48.200.211 | 8c/16GB/50GB | ✅ SSH ready (root@10.48.200.211, PVE1 key) | **SSH access:** From PVE1 (`ssh -i /root/.ssh/id_rsa root@`) OR `sshpass -p 'Joker1974!!!' ssh -o StrictHostKeyChecking=no root@` once password auth confirmed working. **PVE1 SSH key path:** `/root/.ssh/id_rsa` (added to all VMs via cloud-init sshkeys) ## Current State (2026-06-18) All 3 VMs running on PVE1, all on Tailscale: - **JARVIS VM 211** (100.77.178.42 / 10.48.200.211): nginx + PHP 8.3 + MariaDB + Redis + Arc Reactor running. API live at http://10.48.200.211/api/ping. jarvis_db imported. All DO references updated in code. Git pushed to GitHub main. - **NPM VM 200** (100.110.239.71 / 10.48.200.200): Docker + NPM container running. Admin UI at http://10.48.200.200:81 (admin@example.com / changeme — change on first login) - **Ollama VM 210** (100.96.100.113 / 10.48.200.95): Ollama installed, models pulling (llama3.2 + llama3.1:8b). DNS via systemd-resolved + Tailscale. **nginx vhost on JARVIS VM:** - Root: `/var/www/jarvis/public_html` - `/api` → fastcgi directly to api.php preserving REQUEST_URI - Port: 80 internally; FortiGate will forward external 1972 → 10.48.200.211:80 **Arc Reactor:** Running at /opt/jarvis-arc/reactor.py, port 7474, systemd service `jarvis-arc` **Crons on JARVIS VM (all using php8.3 not lsphp):** - `*/3` facts_collector, `*/5` stats_cache, `*/15` calendar_sync → `/var/www/jarvis/logs/cron.log` **DNS fix on all VMs:** `ln -sf /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf && tailscale set --accept-dns=true` **Key config changes from DO migration:** - JARVIS_IP: 10.48.200.211 (was 165.22.1.228) - HA_URL: http://10.48.200.97:8123 (direct LAN, was orbisne DDNS) - Proxmox API: https://10.48.200.90:8006 (direct LAN, was orbisne DDNS) - DO_SERVER_IP: 165.22.1.228 (kept — DO still hosts 6 websites) - Ollama model: llama3.2 / llama3.1:8b (not 1b/70b) ## Todo List (as of 2026-06-18) 1. **Remaining agents offline** — NovaCPX, PVE2, MediaStack, HomeBridge, WireGuard (API key mismatch — need force re-register) 2. **HA missing entities** — update HA custom component URL → http://10.48.200.211 (HA web terminal only) 3. **Gmail triage** — verify Arc Reactor email credentials on new VM 4. **GitHub auto-deploy webhook** — point to new JARVIS VM (currently still deploys to DO) 5. **NPM SSL certs** — Let's Encrypt for hoa.orbishosting.com + novacpx.orbishosting.com via http://10.48.200.200:81 6. **Ollama models** — confirm llama3.2 + llama3.1:8b finished pulling (VM 210 at 10.48.200.210) 7. **DO server cleanup** — remove JARVIS files from DO once stable (6 websites stay) 8. **Vision Protocol AI** — test screenshot + AI analysis on new VM 9. **Memory Core** — will populate naturally as chat is used ## Completed Items (2026-06-18) - ✅ JARVIS VM API live at https://jarvis.orbishosting.com - ✅ Admin at https://jarvis.orbishosting.com/admin/ - ✅ nginx absolute_redirect off (port preserved in redirects) - ✅ Service monitor updated (nginx/php-fpm/mariadb/redis/arc/agent) - ✅ DO server WEB HOST block added to front page (agent metrics via Tailscale) - ✅ DO server agent (jarvis-do) pointing to new JARVIS via Tailscale (100.77.178.42) - ✅ JARVIS agent installed on JARVIS VM (jarvis-vm_JARVIS-2, online) - ✅ PVE1 (claude), NetworkBackup agents online - ✅ Ollama IP changed from 10.48.200.95 → 10.48.200.210 (Reolink owns .95) - ✅ All FortiGate VIPs updated to 97.247.237.97 - ✅ JARVIS-1972 and HOA-8123 VIPs + policies created in FortiGate - ✅ NPM running at http://10.48.200.200:81 - ✅ Facts collector fixed for external site checks (JARVIS not web host anymore) - ✅ All code committed to GitHub (commit b7aea13) ## Next Steps (pick up here next session) ### ✅ DONE: Install JARVIS stack on VM 211 ```bash # From PVE1 hop: ssh -i /root/.ssh/id_rsa root@10.48.200.211 apt-get update && apt-get install -y nginx php8.3 php8.3-fpm php8.3-mysql php8.3-curl \ php8.3-json php8.3-mbstring php8.3-xml php8.3-zip php8.3-redis \ mariadb-server redis-server python3 python3-pip python3-venv git curl ``` ### 2. Clone JARVIS repo ```bash cd /var/www git clone https://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@github.com/myronblair/jarvis.git jarvis ``` ### 3. Migrate jarvis_db from DO ```bash # On DO: dump DB sshpass -p 'Gonewalk1974!@#' ssh root@165.22.1.228 \ 'mysqldump -u jarvis_user -pJ4rv1s_Pr0t0c0l_2026! jarvis_db | gzip' > /tmp/jarvis_db.sql.gz # Copy to PVE1 then into VM 211 scp /tmp/jarvis_db.sql.gz root@10.48.200.211:/tmp/ # On VM 211: import mysql -u root < /tmp/jarvis_db.sql.gz ``` ### 4. Configure nginx + PHP-FPM on VM 211 - nginx vhost for jarvis.orbishosting.com on port 80 (or 443 with self-signed cert) - php8.3-fpm as FastCGI backend - Copy api/config.php from DO (credentials file, gitignored) ### 5. Install Python deps for Arc Reactor on VM 211 ```bash mkdir -p /opt/jarvis-arc && cd /opt/jarvis-arc python3 -m venv venv venv/bin/pip install aiohttp aiomysql anthropic duckduckgo-search trafilatura python-dateutil pytz cp /var/www/jarvis/deploy/reactor.py /opt/jarvis-arc/ # Create systemd service ``` ### 6. Install Docker + NPM on VM 200 ```bash ssh -i /root/.ssh/id_rsa root@10.48.200.200 curl -fsSL https://get.docker.com | sh docker run -d -p 80:80 -p 443:443 -p 81:81 \ -v npm_data:/data -v npm_letsencrypt:/etc/letsencrypt \ --restart unless-stopped jc21/nginx-proxy-manager:latest # NPM admin: port 81, default admin@example.com / changeme ``` ### 7. Install Ollama on VM 210 ```bash ssh -i /root/.ssh/id_rsa root@10.48.200.95 # once SSH ready curl -fsSL https://ollama.ai/install.sh | sh systemctl enable --now ollama ollama pull llama3.2 # JARVIS config: OLLAMA_HOST = http://10.48.200.95:11434 ``` ### 8. FortiGate port forward - Add VIP: external port XXXX → 10.48.200.211:80 (or 443) - User does this in FortiGate UI ### 9. Update JARVIS config - OLLAMA_HOST: `http://10.48.200.95:11434` (same as before, no change needed) - DB host: `localhost` (MariaDB on same VM) - PROXMOX_HOST: `10.48.200.90` (direct LAN, no DDNS needed) - HA_URL: `http://10.48.200.97:8123` (direct LAN) ### 10. Update DO after cutover - Update jarvis GitHub webhook URL to point to new VM - Grey-cloud jarvis.orbishosting.com in Cloudflare (DNS only) - All agents already bypass Cloudflare (use direct IP) → update their jarvis_url to new LAN IP ## DO Server Issues (ongoing, separate from migration) - OLS single-core saturates from Cloudflare SSL connections (22+ persistent) - Fixed: crons switched from lsphp85 → php8.3 (no LSAPI worker overhead) - Fixed: facts_collector pings removed (was pinging unreachable LAN IPs) - facts_collector Ollama check still hits 10.48.200.95 (will resolve once Ollama VM is up) - LSAPI children raised 10→25 (configs in myronblair/do-server-config)