docs(wiki): fill Robert Wolkin stub from GuruRMM scan + scope Tailscale
GuruRMM client Wolkin, Robert / site Main has 3 online Win11 Home agents (DESKTOP-V1JT1SE, RSW-Laptop, front; agent v0.6.57, IDs recorded). Tailscale scope is RSW-Laptop -> front only; DESKTOP-V1JT1SE is Bob's personal machine, intentionally out of scope. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -21,16 +21,21 @@ backlinks:
|
||||
- **Company type:** [unverified]
|
||||
- **Contract type:** [unverified]
|
||||
- **Key contacts:** Robert Wolkin — [contact details unverified]
|
||||
- **Environment:** Very small office — **two Windows machines**. Users are non-technical
|
||||
(enroll/manage everything for them; no self-service login expected).
|
||||
- **Environment:** Very small office, non-technical users (enroll/manage everything for
|
||||
them; no self-service login expected). GuruRMM shows 3 Windows 11 Home agents, but only
|
||||
**two are in the Tailscale scope: RSW-Laptop and front**. `DESKTOP-V1JT1SE` is Bob's
|
||||
personal machine and is intentionally **not** part of the Tailscale setup.
|
||||
- **Syncro customer ID:** [unverified]
|
||||
- **GuruRMM client name:** `Wolkin, Robert` (Last, First) — note the form differs from
|
||||
this article's display name.
|
||||
|
||||
## Infrastructure
|
||||
|
||||
### Tailscale (active rollout)
|
||||
|
||||
Per [[patterns/tailscale-client-management]] — **dedicated client-owned tailnet, ACG holds
|
||||
Admin**. Minimum goal: the two machines reach each other.
|
||||
Admin**. **Goal: RSW-Laptop reaches `front` (the front-desk PC).** Only those two nodes are
|
||||
enrolled; Bob's personal `DESKTOP-V1JT1SE` is out of scope.
|
||||
|
||||
| Field | Value |
|
||||
|---|---|
|
||||
@@ -42,10 +47,11 @@ Admin**. Minimum goal: the two machines reach each other.
|
||||
| Auth key (reusable, pre-approved, tagged) | store in vault: `clients/robert-wolkin/tailscale-authkey.sops.yaml` |
|
||||
| Key rotation due | [to fill — ~90 days from issue] |
|
||||
|
||||
| Machine | Hostname | Tailscale 100.x | Notes |
|
||||
| Scope | Hostname | Tailscale 100.x | Notes |
|
||||
|---|---|---|---|
|
||||
| 1 | [to fill] | [to fill] | [to fill] |
|
||||
| 2 | [to fill] | [to fill] | [to fill] |
|
||||
| **In scope** | RSW-Laptop | [after enroll] | Robert's laptop — connects out to `front` |
|
||||
| **In scope** | front | [after enroll] | Front-desk PC — the target the laptop reaches |
|
||||
| Out of scope | DESKTOP-V1JT1SE | — | Bob's personal machine; NOT enrolled in Tailscale |
|
||||
|
||||
Enrollment: push [`patterns/tailscale-client-enroll.ps1`](../patterns/tailscale-client-enroll.ps1)
|
||||
from GuruRMM with the auth key as a masked parameter.
|
||||
@@ -56,7 +62,18 @@ Not yet documented. [unverified]
|
||||
|
||||
## GuruRMM
|
||||
|
||||
- **Client / site:** [unverified — create if/when agents are enrolled]
|
||||
- **Client name:** `Wolkin, Robert`
|
||||
- **Site name:** `Main`
|
||||
- **Site ID:** `2bb05f85-9fc8-4a7e-a5e5-ffe0c46431ac`
|
||||
- **Enrolled agents (3, all online as of 2026-06-06, Windows 11 Home 25H2 build 26200, agent v0.6.57):**
|
||||
|
||||
| Hostname | Agent ID | Notes |
|
||||
|---|---|---|
|
||||
| DESKTOP-V1JT1SE | `30f6af79-ab19-4ed3-9ebc-71b2bffc2d27` | **Bob's personal machine — NOT in Tailscale scope** |
|
||||
| RSW-Laptop | `043fd673-35a2-4d3d-8f91-ed73ce70cc1e` | Robert's laptop — Tailscale node |
|
||||
| front | `877d311a-4b24-462c-97b1-d2a0f7730a71` | Front-desk PC — Tailscale node (laptop connects here) |
|
||||
|
||||
- **Enrollment key:** [unverified — not located in vault during this pass; check `clients/robert-wolkin/` or regenerate]
|
||||
|
||||
## Access
|
||||
|
||||
@@ -67,14 +84,16 @@ Not yet documented. [unverified]
|
||||
|
||||
- **Tailscale rollout (2026-06-06):** Stand up Robert's tailnet, assign ACG as Admin, set
|
||||
the `tag:wolkin` ACL + MagicDNS, generate a reusable/pre-approved tagged auth key, and
|
||||
enroll both machines via the GuruRMM script. Goal: the two machines see each other.
|
||||
Runbook in [[patterns/tailscale-client-management]].
|
||||
enroll **RSW-Laptop + front** via the GuruRMM script (agent IDs above). Goal: RSW-Laptop
|
||||
reaches `front`. Do NOT enroll DESKTOP-V1JT1SE (Bob's personal machine). Runbook in
|
||||
[[patterns/tailscale-client-management]].
|
||||
|
||||
## History Highlights
|
||||
|
||||
| Date | Event |
|
||||
|---|---|
|
||||
| 2026-06-06 | Tailscale client management pattern + enroll script authored; this client stub created to track the rollout. |
|
||||
| 2026-06-06 | GuruRMM scan: client `Wolkin, Robert` / site `Main` has 3 online Windows 11 Home agents (DESKTOP-V1JT1SE, RSW-Laptop, front), agent v0.6.57. Discrepancy flagged: expected 2 machines, found 3. |
|
||||
|
||||
## Backlinks
|
||||
|
||||
|
||||
@@ -37,7 +37,7 @@ Run `/wiki-lint` to check for stale entries and broken backlinks.
|
||||
| [Furrier / Desert Rat](clients/furrier.md) | Mike Furrier owner; desertrat.com on websvr/cPanel; DMARC p=reject + Mailprotector SBR fix applied 2026-04-21; tim@ is a forwarder (not a mailbox); Syncro ID 391491 | 2026-05-24 |
|
||||
| [Horseshoe Management](clients/horseshoe-management.md) | Property management; prepaid block 31.75 hrs remaining at $175/hr; APC Smart-UPS P.17 bypass relay fault cleared; repeat UPS failures suggest electrical issue; plaintext creds in Syncro notes — needs vault migration | 2026-05-24 |
|
||||
| [Kittle Design & Construction](clients/kittle-design.md) | Design & construction; M365 kittlearizona.com; breach confirmed (Alexis hidden inbox rule + duplicate Authenticator); broad OAuth consent revoked; Ken inbox rule unresolved; no Entra P1/P2 | 2026-05-24 |
|
||||
| [Robert Wolkin](clients/robert-wolkin.md) | STUB — very small office, 2 Windows machines, non-technical users; Tailscale rollout in progress (dedicated client tailnet, ACG holds Admin, `tag:wolkin`, goal = the two machines see each other); profile/Syncro unverified | 2026-06-06 |
|
||||
| [Robert Wolkin](clients/robert-wolkin.md) | STUB — small office, non-technical; GuruRMM client `Wolkin, Robert`/Main, 3 Win11 agents. Tailscale rollout (dedicated tailnet, ACG Admin, `tag:wolkin`): connect RSW-Laptop -> front; DESKTOP-V1JT1SE is Bob's personal machine, out of scope. Profile/Syncro unverified | 2026-06-06 |
|
||||
| [The Law Offices of Chris Scileppi](clients/scileppi-law.md) | Law firm; Syncro ID 9601863; Sylvia Mac mini (M2 8 GB) mail memory exhaustion; Mail disabled; on webmail; replacement Mac mini (M4 16/24 GB) pending order; GuruRMM enrollment blocked | 2026-05-24 |
|
||||
| [Western Tire](clients/western-tire.md) | Tire retail (jackfurriers.com brand); Mike Furrier owner (Syncro ID 391491); email migrated from websvr to IX 2026-04-22; 30 mailboxes; SSL cert expires 2026-05-30 | 2026-05-24 |
|
||||
| [Kittle (general contractor)](clients/kittle.md) | General contractor Tucson AZ; Syncro 32460233; HPE MicroServer Gen11 WS2025 EVAL at 10.0.0.5; no backups, no firewall; DKIM/DMARC missing; 3 plaintext creds in Syncro notes; GuruRMM onboarding 2026-05-08 | 2026-05-24 |
|
||||
|
||||
Reference in New Issue
Block a user