diff --git a/.claude/POWER_FAILURE_RUNBOOK.md b/.claude/POWER_FAILURE_RUNBOOK.md
index b6b8ccc..c5477f3 100644
--- a/.claude/POWER_FAILURE_RUNBOOK.md
+++ b/.claude/POWER_FAILURE_RUNBOOK.md
@@ -164,7 +164,7 @@ Run all of these. Any False or non-2xx is a problem.
 $checks = @(
     @{host="172.16.3.20"; port=22;   label="Jupiter SSH"},
     @{host="172.16.3.20"; port=3000; label="Gitea"},
-    @{host="172.16.3.30"; port=22;   label="GuruRMM VM SSH"},
+    @{host="172.16.3.30"; port=22;   label="GuruRMM SSH (physical box)"},
     @{host="172.16.3.30"; port=3001; label="GuruRMM server"},
     @{host="172.16.3.30"; port=8001; label="Coord API"},
     @{host="172.16.3.20"; port=443;  label="NPM HTTPS (via iptables)"},
@@ -196,7 +196,7 @@ Write-Host "$(if ($resp.StatusCode -eq 200) {'[OK]'} else {'[FAIL]'}) sync.azcom
 | pfSense | 172.16.0.1 (SSH port 2248) | Router, DNS, Tailscale subnet router |
 | Jupiter | 172.16.3.20 | Unraid NAS — hosts all VMs + Docker |
 | Uranus | 172.16.3.21 | OwnCloud additional storage (not a proxy) |
-| GuruRMM VM | 172.16.3.30 | Linux VM on Jupiter — GuruRMM server, Coord API, MariaDB |
+| GuruRMM | 172.16.3.30 | **Physical box** (Lenovo ThinkCentre M83, Ubuntu 26.04), NOT a Jupiter VM — GuruRMM server, Coord API, MariaDB/PostgreSQL. Boots independently of Jupiter. |
 | Pluto | 172.16.3.36 | Windows Server 2019 VM on Jupiter — build server |
 | Tailscale range | 172.16.0.0/22 | Advertised via pfSense pfsense-2 node |
 
diff --git a/.claude/memory/reference_pluto_build_server.md b/.claude/memory/reference_pluto_build_server.md
index ecbe24f..c9880fa 100644
--- a/.claude/memory/reference_pluto_build_server.md
+++ b/.claude/memory/reference_pluto_build_server.md
@@ -43,7 +43,7 @@ Native Windows MSVC builds — produces `.exe` with no MinGW runtime dependency.
 - GuruRMM Windows agent variants (amd64, x86, legacy, debug) and MSI packaging
 - Anything using Windows-only APIs or needing `signtool` signing
 
-**Note:** Routine GuruRMM agent builds are automated on the Linux server (172.16.3.30) via MinGW + jsign. Use Pluto for MSVC-specific builds or one-off tooling.
+**Note:** Routine GuruRMM Windows agent builds run via `build-windows.sh` (MSVC + WiX + jsign) with **Beast (GURU-BEAST-ROG, tailnet 100.101.122.4) PRIMARY and Pluto the FALLBACK** — `attempt_build beast || attempt_build pluto`. Pluto is **no longer the primary GuruRMM build host**; it's the fallback path, plus GuruConnect's Gitea-runner builds, MSVC-specific builds, and one-off tooling. See [[gururmm-beast-windows-build-host]].
 
 ## Directory Layout
 
diff --git a/projects/msp-tools/guru-rmm b/projects/msp-tools/guru-rmm
index 8b301bf..a794a7f 160000
--- a/projects/msp-tools/guru-rmm
+++ b/projects/msp-tools/guru-rmm
@@ -1 +1 @@
-Subproject commit 8b301bfb4dc55864c005054dc44291a1f3a7336d
+Subproject commit a794a7ff8ea732b6a81fd7da55384d16b9f73702
diff --git a/wiki/index.md b/wiki/index.md
index bfac308..e10d233 100644
--- a/wiki/index.md
+++ b/wiki/index.md
@@ -71,9 +71,9 @@ Run `/wiki-lint` to check for stale entries and broken backlinks.
 
 | Article | Summary | Last Compiled |
 |---|---|---|
-| [GuruRMM VM (gururmm-build)](systems/gururmm-build.md) | 172.16.3.30 — Ubuntu 22.04 VM on Jupiter; GuruRMM API :3001, ClaudeTools API :8001, Coord API, MariaDB, PostgreSQL, build pipeline | 2026-05-24 |
+| [GuruRMM server (gururmm-build)](systems/gururmm-build.md) | 172.16.3.30 — **physical box** (Lenovo ThinkCentre M83, Ubuntu 26.04); GuruRMM API :3001, ClaudeTools API :8001, Coord API, MariaDB, PostgreSQL 18, build pipeline. Replaced the Jupiter VM at this IP 2026-06-11 | 2026-06-12 |
 | [Jupiter](systems/jupiter.md) | 172.16.3.20 — Unraid primary NAS; virsh host for all VMs; Docker: NPM, Gitea, Seafile; iDRAC at 172.16.1.73 | 2026-05-24 |
-| [Pluto (Claude-Builder)](systems/pluto.md) | 172.16.3.36 — Windows Server 2019 virsh VM on Jupiter; exclusive Windows MSI + cargo build server for GuruRMM | 2026-05-24 |
+| [Pluto (Claude-Builder)](systems/pluto.md) | 172.16.3.36 — Windows Server 2019 virsh VM on Jupiter; **fallback** Windows MSI + cargo build host for GuruRMM (Beast/GURU-BEAST-ROG is primary) | 2026-06-12 |
 | [Uranus](systems/uranus.md) | 172.16.3.21 — Unraid secondary (Dell R730xd); OwnCloud archive storage only; formerly Saturn's IP (reused Apr 2026); RAM too low for VMs | 2026-05-24 |
 | [IX Web Hosting Server](systems/ix-server.md) | 172.16.3.10 / 72.194.62.5 — cPanel/WHM 134 on CloudLinux 9.7 (64-core Xeon, 4.4 T /home); **72 cPanel accounts / 185 domains / 101 WordPress** + ACG sites (radio Astro, Flarum community, Matomo analytics); GuruRMM-enrolled; SSH key auth from GURU-5070; behind Cloudflare tunnel `acg-origin`; **backups look unconfigured (gap)**. Live SSH inventory 2026-06-05 — full account→domain map in the article | 2026-06-05 |
 
@@ -90,7 +90,7 @@ Run `/wiki-lint` to check for stale entries and broken backlinks.
 | Client | Systems | Projects |
 |---|---|---|
 | Cascades of Tucson | CS-SERVER (192.168.2.254), pfSense (192.168.0.1), cascadesDS (192.168.0.120) | GuruRMM (RECEPTIONIST-PC + CS-SERVER enrolled) |
-| ACG Internal | gururmm-build (172.16.3.30), Jupiter (172.16.3.20), Pluto (172.16.3.36), Uranus (172.16.3.21) | GuruRMM server + ClaudeTools API on gururmm-build; Windows MSI builds on Pluto; Gitea/NPM/Seafile on Jupiter. Saturn DECOMMISSIONED. |
+| ACG Internal | gururmm-build (172.16.3.30, physical), Jupiter (172.16.3.20), Beast/GURU-BEAST-ROG (100.101.122.4, tailnet), Pluto (172.16.3.36), Uranus (172.16.3.21) | GuruRMM server + ClaudeTools API on gururmm-build; Windows MSI builds on **Beast (primary) / Pluto (fallback)**; Gitea/NPM/Seafile on Jupiter. Saturn DECOMMISSIONED. |
 | Dataforth Corporation | AD1 (192.168.0.27), AD2 (192.168.0.6), D2TESTNAS (192.168.0.9), SAGE-SQL (192.168.0.153), FILES-D1, DF-HYPERV-B, UDM (192.168.0.254); Neptune Exchange physically at Dataforth D2 (172.16.3.11 / 67.206.163.124) | Dataforth DOS — Test Datasheet Pipeline; GuruRMM (45 agents enrolled as of 2026-06-04: DF-GAGETRAK, HGHAUBNER, AD1, AD2, FILES-D1, SAGE-SQL, DF-HYPERV-B, DF-SVR-D2-Sync, eng-dev-server + workstations) |
 | Instrumental Music Center | IMC1 (192.168.0.2), phantom DC ServerIMC (192.168.0.63 — DNS-only, do not use) | GuruRMM (IMC1 enrolled) |
 | Valley Wide Plastering | VWP_ADSRVR (192.168.0.25), VWP-QBS (172.16.9.169), HP DL360 iLO (172.16.9.125), UDM (172.16.9.1) | — |
diff --git a/wiki/overview.md b/wiki/overview.md
index da014b1..a80b260 100644
--- a/wiki/overview.md
+++ b/wiki/overview.md
@@ -160,9 +160,10 @@ See [[projects/wrightstown-smarthome]] and [[projects/wrightstown-solar]].
 
 | System | IP | Role | OS | Notes |
 |---|---|---|---|---|
-| Jupiter | 172.16.3.20 | Unraid primary NAS — virsh VM host + Docker | Unraid | iDRAC at 172.16.1.73 (DHCP). Hosts: GuruRMM VM, Pluto VM, OwnCloud VM, UniFi controller, Gitea:3000, NPM:18443, Seafile:8082. |
-| gururmm-build | 172.16.3.30 | Ubuntu 22.04 VM on Jupiter | Ubuntu 22.04 | GuruRMM API :3001, ClaudeTools API + Coord :8001, MariaDB 10.6.22, PostgreSQL 14, build webhook :9000. |
-| Pluto (Claude-Builder) | 172.16.3.36 | WS2019 VM on Jupiter — Windows MSI/cargo build | Windows Server 2019 | Sole Windows build machine for GuruRMM. Rust 1.95 + 1.77 pinned, WiX v4, sccache. |
+| Jupiter | 172.16.3.20 | Unraid primary NAS — virsh VM host + Docker | Unraid | iDRAC at 172.16.1.73 (DHCP). Hosts: Pluto VM, OwnCloud VM, UniFi controller, Gitea:3000, NPM:18443, Seafile:8082. (GuruRMM VM decommissioned 2026-06-12 — now a physical box at .30.) |
+| gururmm | 172.16.3.30 | **Physical box** (Lenovo ThinkCentre M83) — GuruRMM/build host | Ubuntu 26.04 | GuruRMM API :3001, ClaudeTools API + Coord :8001, MariaDB, PostgreSQL 18, build webhook :9000. Physical server replaced the Jupiter VM at this IP on 2026-06-11. |
+| Beast (GURU-BEAST-ROG) | 100.101.122.4 (tailnet) | **PRIMARY** Windows build host — i9-14900K 24c/32t, RTX 4090 | Windows 11 | Reached from .30 over Tailscale as `guru`. Rust MSVC, WiX 4.x. `build-windows.sh` tries Beast first. |
+| Pluto (Claude-Builder) | 172.16.3.36 | WS2019 VM on Jupiter — **FALLBACK** Windows MSI/cargo build | Windows Server 2019 | Fallback only (used if Beast is down/unreachable or its build fails). Rust 1.95 + 1.77 pinned, WiX v4, sccache. |
 | Uranus | 172.16.3.21 | Dell R730xd — secondary Unraid storage | Unraid 7.2.4 | OwnCloud /Archive (Pavon) SMB backend. 7.7 GiB RAM — too low for VMs. |
 | Neptune Exchange | 172.16.3.11 (internal) / 67.206.163.124 (external) | Exchange Server 2016 — ACG-hosted mail | WS2022 [WARNING: unsupported] | Physically at Dataforth D2. 56 mailboxes, 19 accepted domains. DkimSigner disabled. Cert expires 2026-05-31 [URGENT]. |
 | IX Web Server | 172.16.3.10 / 72.194.62.5 (external) | cPanel/WHM shared hosting | CloudLinux 9.7 | 87 WordPress sites, 82 cPanel accounts. ACG client websites + mail hosting. |
diff --git a/wiki/projects/gururmm.md b/wiki/projects/gururmm.md
index 2eb1711..6177f82 100644
--- a/wiki/projects/gururmm.md
+++ b/wiki/projects/gururmm.md
@@ -308,8 +308,9 @@ The `enrolled_agents` table is the authoritative enrollment history log:
 | PostgreSQL DB | localhost:5432 on 172.16.3.30, database `gururmm` | PostgreSQL 18 | deployed (migrated from PG VM, backfilled 2026-06-11) |
 | Coord API | 172.16.3.30:8001/api/coord | FastAPI (part of ClaudeTools API) | deployed |
 | Build pipeline | 172.16.3.30:9000 webhook + `/opt/gururmm/` scripts | Python (webhook-handler.py), Bash | deployed; builds agents AND server (server auto-deploy wired 2026-06-02) |
-| Pluto (Windows build VM) | 172.16.3.36, Windows Server 2019 VM on Jupiter (Unraid) | Rust MSVC, WiX v4 | operational; Xeon E5-2695 v3 8c/16t, sequential build ~23min (parallel prototype 3.51x speedup, deferred integration) |
-| Old VM (rollback anchor) | 172.16.3.46, powered on, data pristine | Ubuntu (original) | parked; do NOT delete until soak completes |
+| Windows build — **Beast (PRIMARY)** | GURU-BEAST-ROG, i9-14900K (24c/32t), RTX 4090; reached over Tailscale at tailnet IP 100.101.122.4 as user `guru` | Rust MSVC, WiX 4.x | **primary** Windows build host — `build-windows.sh` tries Beast first |
+| Windows build — Pluto (FALLBACK) | 172.16.3.36, Windows Server 2019 VM on Jupiter (Unraid), Xeon E5-2695 v3 8c/16t | Rust MSVC, WiX v4 | **fallback only** — used if Beast is unreachable/down OR its build fails (`attempt_build beast \|\| attempt_build pluto`) |
+| Old VM (decommissioned) | was 172.16.3.46 | Ubuntu (original) | DELETED 2026-06-12 after stability soak — virsh domain + disk removed; no longer exists |
 
 ### Key Files & Repos
 
@@ -455,7 +456,9 @@ Gitea push to main
   -> webhook-handler.py (172.16.3.30:9000 via nginx :80 /webhook/, parallel threads per platform)
     -> build-shared.sh   (auto-version bump, git sync — runs once)
     -> build-linux.sh    (cargo build on .30; log: /var/log/gururmm-build-linux.log)
-    -> build-windows.sh  (SSH -> Pluto 172.16.3.36 via pinned known-hosts
+    -> build-windows.sh  (SSH -> Beast PRIMARY (guru@100.101.122.4 over Tailscale)
+                          || fall back to Pluto Administrator@172.16.3.36;
+                          each via its own pinned known-hosts
                           cargo build --release x64 MSVC + i686 MSVC
                           +1.77 legacy builds with --ignore-rust-version
                           WiX MSI build for site-specific base
@@ -490,7 +493,19 @@ Do NOT hand-rsync into the prod web root. One artifact serves both channels —
 
 **DB migrations** — manual; must insert SHA-384 checksum into `_sqlx_migrations` or server crashes on start. Migrations run automatically on server restart (sqlx), but the checksum must be correct.
 
-**Pluto (172.16.3.36):**
+**Windows build hosts — Beast PRIMARY, Pluto FALLBACK.** `build-windows.sh` runs
+`attempt_build beast || attempt_build pluto`: Beast is tried first; Pluto is used only if Beast
+is unreachable/down or its build fails. Both build the same `C:\gururmm` checkout; host keys at
+`/opt/gururmm/{beast,pluto}_known_hosts`.
+
+**Beast (GURU-BEAST-ROG) — PRIMARY:**
+- Physical workstation, **i9-14900K (24c/32t)**, RTX 4090. Much faster per-core than Pluto.
+- Reached from `.30` over **Tailscale** (installed on `.30`) at tailnet IP **100.101.122.4**, user `guru`.
+- SSH: `ssh -o UserKnownHostsFile=/opt/gururmm/beast_known_hosts guru@100.101.122.4`
+- Rust MSVC toolchain, **WiX 4.x** (WiX v6+ pulls OSMF and breaks the build), Gitea clone at `C:\gururmm\`.
+- On a different LAN (Wi-Fi `10.2.51.228`) + tailnet — reachability depends on Beast being up on the tailnet.
+
+**Pluto (172.16.3.36) — FALLBACK:**
 - Windows Server 2019 VM on Jupiter (Unraid)
 - SSH: `ssh -o UserKnownHostsFile=/opt/gururmm/pluto_known_hosts Administrator@172.16.3.36`
 - Rust stable 1.95.0 + 1.77 pinned for legacy builds
diff --git a/wiki/systems/gururmm-build.md b/wiki/systems/gururmm-build.md
index 0fccfe7..1d07db4 100644
--- a/wiki/systems/gururmm-build.md
+++ b/wiki/systems/gururmm-build.md
@@ -1,7 +1,7 @@
 ---
 type: system
 name: gururmm-build
-display_name: GuruRMM VM (gururmm-build)
+display_name: GuruRMM server (gururmm-build, physical)
 last_compiled: 2026-05-24
 compiled_by: DESKTOP-0O8A1RL/claude-main
 sources:
@@ -15,19 +15,19 @@ backlinks:
   - systems/pluto
 ---
 
-# GuruRMM VM (gururmm-build)
+# GuruRMM server (gururmm-build, physical)
 
 ## Identity
 - **Hostname:** gururmm / gururmm-build
 - **IP:** 172.16.3.30
 - **Role:** Production server — GuruRMM API, ClaudeTools API, Coord API, MariaDB, PostgreSQL, build pipeline
-- **Location:** Linux VM on Jupiter (172.16.3.20), virsh domain "GuruRMM"
-- **OS:** Ubuntu 22.04 LTS
-- **History:** Originally ran as a Docker container on Jupiter; migrated to its own VM at 172.16.3.30
+- **Location:** **Physical box** (Lenovo ThinkCentre M83) on the office LAN — NOT a Jupiter VM.
+- **OS:** Ubuntu 26.04 LTS (PostgreSQL 18, MariaDB)
+- **History:** Originally a Docker container on Jupiter → Ubuntu VM on Jupiter at 172.16.3.30 → **physical box took the same .30 IP on 2026-06-11** (rotational-disk WAL-fsync timeouts drove the move). Old VM decommissioned 2026-06-12.
 
 ## Specs
 
-Linux VM — resource allocation managed via virsh on Jupiter (172.16.3.20). Exact vCPU/vRAM allocation not documented.
+Physical: **Lenovo ThinkCentre M83** (desktop chassis). Storage: SSD ~915 GB (hot tier — OS, live PG, WAL, cargo targets, /opt/gururmm) + HDD 1 TB mounted `/data` (cold tier — aged partitions, downloads, backups).
 
 ## Services
 
diff --git a/wiki/systems/jupiter.md b/wiki/systems/jupiter.md
index 670b38a..019a26b 100644
--- a/wiki/systems/jupiter.md
+++ b/wiki/systems/jupiter.md
@@ -43,7 +43,7 @@ Not documented. iDRAC available at 172.16.1.73 (DHCP) for OOB management.
 
 | VM | IP | State | Role |
 |---|---|---|---|
-| GuruRMM | 172.16.3.30 | running | Linux VM — GuruRMM API, ClaudeTools API, MariaDB, PostgreSQL, build pipeline |
+| ~~GuruRMM~~ | ~~172.16.3.30~~ | **decommissioned 2026-06-12** | Former GuruRMM VM — migrated to a physical box that took the .30 IP (2026-06-11); virsh domain destroyed + disk deleted 2026-06-12. No longer on Jupiter. |
 | Claude-Builder (Pluto) | 172.16.3.36 | running | Windows Server 2019 — MSI + cargo builds |
 | OwnCloud | 172.16.3.22 | running | OwnCloud file sync VM (cloud.acghosting.com) |
 | Unifi | (IP not documented) | running | UniFi Network controller |
@@ -93,6 +93,6 @@ Not documented. iDRAC available at 172.16.1.73 (DHCP) for OOB management.
 
 ## Backlinks
 
-- [[systems/gururmm-build]] — GuruRMM VM hosted here (virsh domain "GuruRMM")
+- [[systems/gururmm-build]] — GuruRMM **was** a VM here (virsh domain "GuruRMM"); decommissioned 2026-06-12, now a physical box at 172.16.3.30
 - [[systems/pluto]] — Claude-Builder VM hosted here (virsh domain "Claude-Builder")
 - [[systems/uranus]] — secondary storage Unraid node (separate machine, not hosted here)
diff --git a/wiki/systems/pluto.md b/wiki/systems/pluto.md
index 87aa163..78198d9 100644
--- a/wiki/systems/pluto.md
+++ b/wiki/systems/pluto.md
@@ -19,7 +19,7 @@ backlinks:
 ## Identity
 - **Hostname:** Pluto / Claude-Builder
 - **IP:** 172.16.3.36
-- **Role:** Windows MSVC build server — produces GuruRMM Windows agent binaries + WiX MSI, and (2026-05-29) the **GuruConnect** Windows agent. Hosts a Gitea Actions runner for guru-connect's native MSVC builds.
+- **Role:** Windows MSVC build server. For **GuruRMM** Windows agent + WiX MSI builds it is now the **FALLBACK** — Beast (GURU-BEAST-ROG, tailnet 100.101.122.4) is PRIMARY, and `build-windows.sh` only falls through to Pluto if Beast is unreachable/down or its build fails. Still produces the (2026-05-29) **GuruConnect** Windows agent and hosts a Gitea Actions runner for guru-connect's native MSVC builds.
 - **RMM agent identity:** enrolled in GuruRMM as hostname **PLUTO** (client "AZ Computer Guru"). Drive it via `/rmm` (resolve PLUTO → agent id at runtime) when a workstation SSH key isn't authorized. There is **no dedicated `pluto` vault entry** — don't search for one.
 - **Location:** VM on Jupiter (172.16.3.20), Unraid/virsh **VM name "Claude-Builder"** (= PLUTO = 172.16.3.36, same machine)
 - **OS:** Windows Server 2019 Standard