sync: auto-sync from GURU-5070 at 2026-05-31 19:38:00
Author: Mike Swanson Machine: GURU-5070 Timestamp: 2026-05-31 19:38:00
This commit is contained in:
@@ -136,3 +136,61 @@ reports/2026-05-31-gc-audit.md (commit 1601745). Roadmap banner updated to mark
|
||||
A1-A4 done+deployed (ghosts purged 19->8); B1/B2 done (v0.3.0 signed); C1 done (Phase-1 exit); D1 done
|
||||
(v0.3.0 published). ONLY C2 (#4) remains: live HW-H.264 cross-GPU validation (beast agent -> 5070 viewer),
|
||||
then decide DEFAULT_PREFER_H264 (stays false until validated). Not a Phase-1 blocker.
|
||||
|
||||
## Update: 19:37 PT — C2 H.264 test staging, dashboard creds vaulted, coord handling, migrate-fleet descope
|
||||
|
||||
Staged the C2 beast->5070 H.264 cross-GPU test. Confirmed both GURU-5070 and GURU-BEAST-ROG are
|
||||
GuruRMM-enrolled (v0.6.50). Beast recon via RMM (user_session context): active interactive console
|
||||
session (user guru), relay 172.16.3.30:3002 reachable, v0.3.0 download reachable (200), no GC agent
|
||||
running. Staged beast via RMM user_session: downloaded the signed v0.3.0 guruconnect.exe (hash verified
|
||||
bc4767f4...), wrote a tagged config (agent_id=h264test-beast, tags=["h264-test"]), launched it
|
||||
--verbose detached. The RMM command "timed out" (90s server reaper) on the foreground download+sleeps,
|
||||
but the detached agent launched and connected: relay shows "Agent connected: GURU-BEAST-ROG
|
||||
(h264test-beast)" version 0.3.0-e967cce1-dirty, idle, session bf6f1439-1733-4dfa-ab06-6e549f0d6747.
|
||||
The actual stream test (connect 5070 viewer + drive beast activity, or watch via the dashboard web
|
||||
viewer) is PARKED awaiting Mike's go (touches beast's active desktop). Beast agent left running/idle.
|
||||
|
||||
Found + vaulted the GuruConnect dashboard admin creds. Earlier (during the ghost purge) I wrongly
|
||||
concluded no GC dashboard creds existed; a thorough session-log search found them captured in
|
||||
2026-05-30-session.md (portal reset 2026-05-30, change-on-first-login). Created vault entry
|
||||
projects/guruconnect/portal.sops.yaml (sops age-encrypted, round-trip verified), committed+pushed the
|
||||
vault repo (5dbb76c..d8949a1).
|
||||
|
||||
Coord: Howard's session sent a "Deploy needed: gururmm dashboard (PR #29 merged)" message routed to
|
||||
GURU-5070 on the false premise that the deploy "runs from your machine." Mike (Discord) corrected: it
|
||||
does NOT run from his machine. Read guru-rmm/build-server.sh — it runs ON the gururmm server
|
||||
(172.16.3.30) via sudo/systemctl + /opt/gururmm/ paths + a flock, auto-triggered by the push-to-main
|
||||
webhook; NOT pinned to a workstation. Also: build-server.sh builds the Rust SERVER, but PR #29 is
|
||||
DASHBOARD/frontend (static files at /var/www/gururmm/dashboard/) — a server rebuild won't deploy it,
|
||||
which is the likely reason it's still v0.2.32 despite the 529b0b2 merge. Bounced this back to
|
||||
Howard-Home/claude-main via coord (msg 553777c3) with that correction; marked the request read. Did
|
||||
NOT run the deploy.
|
||||
|
||||
Descoped the "migrate fleet" tasks per Mike (no legacy clients). #7 (migrate fleet to cak_ keys) closed
|
||||
as moot — no production fleet exists. #5 (retire shared AGENT_API_KEY) reframed: not a migration;
|
||||
real prerequisite is a cak_-provisioning path for PERSISTENT agents (the managed-agent installer
|
||||
SPEC-007, or a manual mint) — attended/support-code agents already bind cak_. Low priority (shared-key
|
||||
path is fail-closed + WARN-logged, audit-confirmed safe; only the h264-test test agents use it now).
|
||||
|
||||
### Credentials & Secrets (this update)
|
||||
- GuruConnect portal (connect.azcomputerguru.com) admin logins — now vaulted at
|
||||
projects/guruconnect/portal.sops.yaml. admin: WNwKn-qp4eW-jkXAs ; howard: iWACa-Ks5PP-nrP6x.
|
||||
Reset 2026-05-30 change-on-first-login (may be stale if logged in since). Access:
|
||||
bash .claude/scripts/vault.sh get-field projects/guruconnect/portal.sops.yaml credentials.admin.password
|
||||
- GC shared agent test key (h264 test agents): x7m9p2k8v4n1q5w3r6t0y2u8i5o3l7m9p2k8 (deprecated shared AGENT_API_KEY fallback).
|
||||
|
||||
### Pending / next
|
||||
- C2 (#4): run the beast->5070 H.264 stream test (3 options: dashboard web viewer w/ admin login [best
|
||||
visual proof] / native 5070 viewer + RMM-driven beast activity + decode-error logs / hybrid). Beast
|
||||
agent h264test-beast idle on session bf6f1439. Then decide DEFAULT_PREFER_H264. CLEANUP owed: stop
|
||||
h264test-beast on beast + remove its temp dir; stop/clean the leftover GURU-5070 test session.
|
||||
- #5 retire shared key (low pri, gated on SPEC-007 installer). #10 agent verifies update-binary
|
||||
signature (defense-in-depth; agent is signed via B2 but doesn't verify on auto-update yet).
|
||||
- guru-rmm dashboard deploy (PR #29) is Howard's session's to retry — frontend build to
|
||||
/var/www/gururmm/dashboard/, not a GURU-5070 task.
|
||||
|
||||
### Reference (this update)
|
||||
- beast GC agent: h264test-beast, session bf6f1439-1733-4dfa-ab06-6e549f0d6747, v0.3.0-e967cce1-dirty.
|
||||
- RMM agent ids: GURU-5070 c043d9ac..., GURU-BEAST-ROG 5233d75b-f589-43c4-b96e-cfa75365a78d.
|
||||
- coord: reply msg 553777c3 to Howard-Home/claude-main; their request 9b247556 marked read.
|
||||
- guru-rmm build-server.sh: runs on 172.16.3.30, deploys /opt/gururmm/gururmm-server, webhook-driven.
|
||||
|
||||
Reference in New Issue
Block a user