azcomputerguru/claudetools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

sync: auto-sync from GURU-5070 at 2026-06-15 09:41:53

Browse Source 
Author: Mike Swanson
Machine: GURU-5070
Timestamp: 2026-06-15 09:41:53
This commit is contained in:
Mike Swanson
2026-06-15 09:42:15 -07:00
parent 153be4abec
commit dc5c09b40b
26 changed files with 537 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.claude/memory/MEMORY.md
View File

@@ -38,6 +38,8 @@
- [Mac RMM authentication fixed](feedback_mac_rmm_auth_fixed.md) — Use `.claude/scripts/rmm-auth.sh` helper instead of heredoc pattern. Heredoc with `--data-binary @-` fails on macOS. Helper uses `jq -n --arg` to build JSON safely. Usage: `eval "$(bash .claude/scripts/rmm-auth.sh)"` sets $TOKEN, $RMM, $REPO_ROOT. Updated in /rmm Phase 0.
- [Verify committed state before push](feedback_verify_committed_state_before_push.md) — webhook builds from origin/main: verify the COMMITTED build (git stash + build), not the working tree; bad git-add pathspec silently aborts staging. Stage by directory.
- [Scheduling = coord todo, not schedulers](feedback_scheduling_via_coord_todo.md) — Defer future work as a coord todo (POST /api/coord/todos; needs text + created_by_user + created_by_machine) for a later session to pick up. NOT /schedule remote CCR agents (no vault/creds there) or local scheduled tasks.
- [DMARC rua INKY only when onboarded](feedback_dmarc_rua_inky_onboarded_only.md) — Don't point a client's DMARC rua at reports-sg.inkydmarc.com unless that client is onboarded to INKY (most aren't). Use plain `p=none` with no rua otherwise.
- [DM wrapped command lines to Mike](feedback_dm_wrapped_command_lines.md) — Long single-line output (consent links, URLs, one-liners) gets DM'd to Mike via the `discord-dm` skill so it's copy-pasteable, not terminal-wrapped. `discord-dm.sh mike "<link>"`.
- [Attribution is read, never inferred](feedback_attribution_from_identity.md) — Who-did-what (user+machine) comes ONLY from identity.json + users.json + git authorship. Never infer from hostname patterns, the userEmail hint, or memory. The "5070" box is Mike's. sync.sh reconciles git config to identity.json; /save renders the User block via whoami-block.sh.
- [D2TESTNAS SSH Access](feedback_d2testnas_ssh.md) — Use root@192.168.0.9 with Paper123!@#, not sysadmin.
- [Bypass Permissions Setting](feedback_bypass_permissions_setting.md) — Set permissions.defaultMode to bypassPermissions in settings.json on all machines.

12
.claude/memory/feedback_dm_wrapped_command_lines.md Normal file
View File

@@ -0,0 +1,12 @@
---
name: feedback-dm-wrapped-command-lines
description: DM any wrapped/long single-line output (consent links, long one-liners, URLs) to Mike in Discord so it's copy-pasteable
metadata:
type: feedback
---
Any wrapped command line or long single-line output meant for the user to copy — M365 admin-consent links, long CLI one-liners, URLs with query strings, enrollment/installer URLs — should be **sent to Mike as a Discord DM**, not left only in the terminal.
**Why:** Terminal wrapping breaks long single-line items across lines, so copy-paste picks up line breaks/spaces and corrupts the link or command. A Discord DM preserves it as one clean line. (Mike, 2026-06-15.)
**How to apply:** Use the `discord-dm` skill — `bash .claude/scripts/discord-dm.sh mike "<the link/command>"` (or `echo "$X" | ... mike`). Still show it inline in the response too, but the DM is the canonical copy-paste source. The skill is prepopulated with all org user IDs (mike/howard/rob/winter) and channel IDs (#bot-alerts/#dev-alerts); keep its directory in sync with `.claude/users.json`. Build payloads with `jq -nc --arg` + `printf | curl --data-binary @-` (direct `-d` mangles multiline → Discord 50109).

12
.claude/memory/feedback_dmarc_rua_inky_onboarded_only.md Normal file
View File

@@ -0,0 +1,12 @@
---
name: feedback-dmarc-rua-inky-onboarded-only
description: Only point a client's DMARC rua at INKY (reports-sg.inkydmarc.com) if that client is onboarded to INKY
metadata:
type: feedback
---
When adding a DMARC record for a client, do NOT copy ACG's own convention of `rua=mailto:reports@reports-sg.inkydmarc.com` unless that specific client is onboarded to INKY DMARC. azcomputerguru.com uses INKY, but most clients are not on it.
**Why:** INKY only processes aggregate reports for domains provisioned in the INKY account. Pointing an un-onboarded client's `rua` there sends reports to an aggregator that ignores them — no monitoring value, just misdirected traffic. (Mike, 2026-06-15, CryoWeave.)
**How to apply:** For a client not on INKY, use `v=DMARC1; p=none;` with no `rua` (valid policy, improves deliverability posture, no report destination), or a same-domain mailbox if they want reports. Reserve the INKY rua for INKY-onboarded domains. See [[reference_ix_server_access]] for the DNS host (ns1/ns2.acghosting.com = cPanel on IX).