From 92102ea7591d077237bec60530ebde061bb38756 Mon Sep 17 00:00:00 2001 From: Howard Enos Date: Tue, 2 Jun 2026 18:26:35 -0700 Subject: [PATCH] sync: auto-sync from HOWARD-HOME at 2026-06-02 18:26:27 Author: Howard Enos Machine: HOWARD-HOME Timestamp: 2026-06-02 18:26:27 --- .../session-logs/2026-06-02-session.md | 7 +++++++ wiki/clients/lonestar-electrical.md | 21 ++++++++++--------- 2 files changed, 18 insertions(+), 10 deletions(-) diff --git a/clients/lonestar-electrical/session-logs/2026-06-02-session.md b/clients/lonestar-electrical/session-logs/2026-06-02-session.md index 3883e1a..4b0940a 100644 --- a/clients/lonestar-electrical/session-logs/2026-06-02-session.md +++ b/clients/lonestar-electrical/session-logs/2026-06-02-session.md @@ -188,3 +188,10 @@ Billing: created/closed two Syncro tickets against the Lone Star prepaid block ( - RMM API base `http://172.16.3.30:3001`. - PE removal script: `clients/lonestar-electrical/scripts/Remove-Sophos-Offline-PE.ps1`. - Offline procedure reference: `clients/lonestar-electrical/session-logs/2026-05-29-sophos-removal.md`. + +### Update: 18:10 PT — open-item disposition + +- **Old Unraid USB stick retired** — new stick confirmed registered and stable; old one pulled. +- **Remaining Unraid items handed to Mike** (coord todo `de75eec6`): set + vault the root password (`clients/lonestar-electrical/unraid-server.sops.yaml`), document hostname/IP/license type, verify array integrity, and investigate a **LimeTech/Unraid API skill** (Unraid 7.x GraphQL API via the `unraid-api`/Connect plugin) if those functions exist. Deferred until Mike posts a note on what he did with the machine — not to be chased before then. +- **LS-1 / LS-2 location:** both desktops are at the Computer Guru office for repair (confirmed via LS-2 being on the ACG `172.16.0.0/22` network — ARP showed 172.16.3.20/.21/.30). Returning onsite to Norris and reconnected the week of 2026-06-08. +- LAN discovery attempt: LS-2 had no SMB mounts / mapped drives to the Lonestar Unraid box, so its IP/hostname were not auto-discoverable; left for Mike's follow-up. diff --git a/wiki/clients/lonestar-electrical.md b/wiki/clients/lonestar-electrical.md index ffc0ea8..f03fcdd 100644 --- a/wiki/clients/lonestar-electrical.md +++ b/wiki/clients/lonestar-electrical.md @@ -67,6 +67,7 @@ Electrical contractor in Tucson, AZ. ACG-managed client. Distinctive in the flee - **LS-1 GuruRMM agent:** `6b9617fa-5c77-40e1-8b64-a1545e730895` - **LS-2 GuruRMM agent:** `97fe5582-aa3d-4132-94a6-f4c8582bca31` - **Windows Defender:** active and real-time protection enabled on both as of 2026-06-02. + - **Current location (2026-06-02):** both desktops are physically at the **Computer Guru office** for repair (hence they appear on the ACG `172.16.0.0/22` network). To be taken back **onsite to Norris and reconnected the week of 2026-06-08**. ### Unraid Server @@ -74,12 +75,11 @@ Electrical contractor in Tucson, AZ. ACG-managed client. Distinctive in the flee - **Hostname:** [verify] - **LAN IP:** [verify] - **License type:** [verify — Basic / Plus / Pro] -- **Boot device:** New USB flash drive (written via Unraid USB Creator, 7.1.4). Original failed stick: label `UNRAID`, `/dev/sda1`, Generic Flash Disk 8GB — retired but kept as temporary backup until new stick confirmed stable. +- **Boot device:** New USB flash drive (written via Unraid USB Creator, 7.1.4), **registered and confirmed stable**. The original failed stick (label `UNRAID`, `/dev/sda1`, Generic Flash Disk 8GB) has been **RETIRED** as of 2026-06-02. - **Config:** Old `config/` folder (array assignments `super.dat`, shares, network settings, license `.key`) copied from the failing stick onto the new one. Disk layout and array configuration preserved; only the OS files are fresh. - **License:** Re-registered to the new USB GUID via Unraid webGUI Tools > Registration > Replace Key on 2026-06-02. -- **Root credentials:** Carried over from the old `config/shadow`; root password is NOT yet vaulted for this client. Only ACG's own Unraid boxes are vaulted (`infrastructure/jupiter-unraid-primary.sops.yaml`, `infrastructure/uranus-unraid.sops.yaml`). [verify and vault] -- **Array/disk layout:** [verify — confirm all disks landed in correct slots from copied `super.dat`] -- **Health check:** Mike's Claude session was running a check on 2026-06-02 post-migration — results pending. +- **Root credentials / API / documentation — HANDED TO MIKE (todo `de75eec6`, 2026-06-02).** Root password is NOT yet vaulted (only the carried-over hash exists in `config/shadow`). Per Howard's handoff: Mike will set the root password, vault it (`clients/lonestar-electrical/unraid-server.sops.yaml`), document hostname/IP/license type, and investigate a **LimeTech/Unraid API skill** (Unraid 7.x ships a GraphQL API via the `unraid-api`/Connect plugin) if those functions exist. **Remaining Unraid documentation is deferred until Mike posts a note on what he has done with this machine.** +- **Array/disk layout:** [verify — deferred to Mike's follow-up] --- @@ -89,7 +89,7 @@ Electrical contractor in Tucson, AZ. ACG-managed client. Distinctive in the flee - **ManageEngine MDM:** mike@azcomputerguru.com (Zoho Super Admin) — https://mdm.manageengine.com/webclient - **GWS service account (programmatic):** `ACG-MSP-Access (Google Workspace)` (vault: MSP Tools); key file `temp/acg-msp-access-8f72339997e5.json` - **Vault root:** `clients/lonestar-electrical/` in vault repo -- **Unraid server:** root credentials not yet vaulted [verify and vault] +- **Unraid server:** root credentials not yet vaulted — Mike to set + vault (todo `de75eec6`); planned path `clients/lonestar-electrical/unraid-server.sops.yaml` --- @@ -135,11 +135,10 @@ No open Syncro tickets as of 2026-06-02. - **Sophos removal on LS-1 / LS-2 — COMPLETE (2026-06-02).** Both machines are fully clean: no Sophos services, drivers, folders, or Add/Remove entries; Windows Defender real-time protection active on both. Billed and closed on Syncro #32347 (2.0h in-shop, prepaid). See Patterns for the full reusable procedure including the critical SophosEL ELAM boot-driver lesson. -- **Unraid server USB replacement — COMPLETE (2026-06-02).** New stick running Unraid 7.1.4, config/ preserved, license re-registered. Documented and billed on Syncro #32372 (1.5h in-shop, prepaid, Closed). **Still open:** - - Vault the Lonestar Unraid root password and document the server (hostname, IP, Unraid 7.1.4, license type) in the wiki. - - Capture and fold in the results of Mike's server health check (array start state, disk assignments, parity validity, registration status). - - Verify array integrity: confirm all disks landed in correct slots from the copied `super.dat`; ensure no unwanted parity rebuild was triggered. - - Retire the old failing USB stick once the new stick is confirmed stable. +- **Unraid server USB replacement — COMPLETE (2026-06-02).** New stick running Unraid 7.1.4, config/ preserved, license re-registered to the new GUID, **old stick retired**. Documented and billed on Syncro #32372 (1.5h in-shop, prepaid, Closed). + - **Remaining Unraid items handed to Mike** (todo `de75eec6`): set + vault the root password, document hostname/IP/license type, verify array integrity, and investigate a LimeTech/Unraid API skill. **Deferred until Mike posts a note** on what he has done with the machine — do not chase these until then. + +- **LS-1 / LS-2 logistics:** both desktops are at the **Computer Guru office** for repair as of 2026-06-02; to be returned **onsite to Norris and reconnected the week of 2026-06-08**. --- @@ -160,11 +159,13 @@ No open Syncro tickets as of 2026-06-02. | 2026-06-02 | LS-1 Sophos offline-PE prep: BitLocker confirmed off, SophosZap staged, drive-letter check run; SED service Start=4 + SEDEnabled=0 set offline | | 2026-06-02 | Sophos removal COMPLETED on LS-1 and LS-2 — offline tamper-disable (SED Start=4 + SEDEnabled=0) + SophosZap two-pass via GuruRMM; LS-2 hit Automatic Repair after boot-critical SophosEL.sys was renamed (recovered by restoring the file from PE, then relying on already-correct offline edits + SophosZap to remove it safely); Windows Defender active on both | | 2026-06-02 | Syncro #32347 (Sophos removal, 2.0h in-shop) and #32372 (Unraid USB replacement, 1.5h in-shop) created, billed, and closed against prepaid block — 17.0 -> 13.5 hrs remaining | +| 2026-06-02 | Old failed Unraid USB stick retired (new one registered/stable). Remaining Unraid items (root pw vault, server docs, array verify, LimeTech/Unraid API skill) handed to Mike (todo `de75eec6`), deferred until he posts a note. LS-1/LS-2 are at the ACG office for repair; returning onsite week of 2026-06-08 | --- ## Compilation Notes +- Surgical update 2026-06-02 ~18:10 PT (Howard-Home/claude-main): retired the old Unraid USB (new registered/stable); handed remaining Unraid items (root pw vault, server docs, array verify, LimeTech/Unraid API skill) to Mike via todo `de75eec6`, deferred until Mike posts a note; recorded that LS-1/LS-2 are at the ACG office for repair (explains the 172.16.0.0/22 ARP entries) and return onsite week of 2026-06-08. - Refreshed 2026-06-02 ~17:45 PT (recompile by Howard-Home/claude-main) to absorb the "17:39 PT — Sophos removal COMPLETE" update section of the 2026-06-02 session log: marked Sophos removal COMPLETE on both LS-1/LS-2 in Active Work and Infrastructure; updated hours remaining to 13.5 (Syncro #32347 2.0h + #32372 1.5h billed/closed); expanded Patterns with the proven full procedure including the critical two-driver distinction (SophosEL ELAM boot-critical — never rename/delete; SophosED tamper driver — disable via Start=4+SEDEnabled=0); added LS-1/LS-2 GuruRMM agent IDs; added two new History Highlights rows (PE+SophosZap completion, billing). - Refreshed 2026-06-02 22:10 PT (recompile by HOWARD-HOME/claude-main) to absorb the 22:10 PT update section of the 2026-06-02 session log: updated Active Work Sophos bullet to reflect execution-in-progress on LS-1 (BitLocker confirmed off, SophosZap staged, awaiting drive-letter check before PE delete); updated Patterns wording from "in progress 2026-05-28/29" to "execution started 2026-06-02"; added History Highlights row for the LS-1 PE execution start. - Refreshed 2026-06-02 (recompile by HOWARD-HOME/claude-main) to absorb the 2026-06-02 session log: added Unraid server infrastructure subsection, new `bzfirmware` checksum pattern, history row, and pending Active Work items.