azcomputerguru/claudetools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

sync: auto-sync from GURU-5070 at 2026-06-12 15:53:59

Browse Source 
Author: Mike Swanson
Machine: GURU-5070
Timestamp: 2026-06-12 15:53:59
This commit is contained in:
Mike Swanson
2026-06-12 15:54:17 -07:00
parent af529f953d
commit e34d4268bc
4 changed files with 183 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
wiki/systems/ix-server.md
View File

@@ -53,6 +53,29 @@ community forum, Matomo analytics, and ~72 client cPanel accounts (185 domains,
| WHM API | `whmapi1 <fn>` over SSH (e.g. `whmapi1 listaccts`) |
| RMM | `gururmm-agent.service` is enrolled and running — drive via `/rmm` when SSH isn't handy |
### WHM / cPanel API access
Programmatic WHM/cPanel API access to `ix.azcomputerguru.com:2087` uses the **full-access
root WHM API token "ClaudeTools"**, stored at vault `infrastructure/ix-server` field
`credentials.whm-api-token`. Authenticate with header `Authorization: whm root:<token>`
and force IPv4 (`curl -4`).
- **Password basic-auth on the legacy `/json-api/` now returns 403 pre-auth** — do NOT use
the root password for API calls. (The password remains valid for SSH / console only;
vault `infrastructure/ix-server.sops.yaml`.)
- The box is gated by **Imunify360** (cPHulk is disabled). If API calls fail with 403 +
HTTP 000 / connection-reset symptoms, check the Imunify allow-list. Our egress IPs were
whitelisted 2026-06-12: IPv4 `98.97.118.217`, IPv6 `2605:59c0:43a6:9710::/64`.
### DNS (BIND) notes
- Public nameservers for IX-hosted zones are `ns1`/`ns2.acghosting.com` (`52.52.94.202`);
the cluster auto-syncs zone edits.
- **2026-06-12** — the `jparkinsonaz.com` zone (hosted here) was cleaned to an **O365-only**
record set during Jim Parkinson's mail migration: removed the root A (was Neptune
`67.206.163.124`), the `mail` CNAME, all CalDAV/CardDAV SRV records, and cPanel DCV/ACME
records; left M365 MX / SPF / autodiscover / DKIM only. See [[clients/lamaddux]].
### Edge / routing
Cloudflare tunnel **`acg-origin`** (UUID `78d3e58f-1979-4f0e-a28b-98d6b3c3d867`,
@@ -230,4 +253,5 @@ account data), `/etc/trueuserdomains` (primary domain → account), `/etc/userdo
- [`wiki/clients/internal-infrastructure.md`](../clients/internal-infrastructure.md) — IX operational record (cPanel/WordPress hygiene, mail, Cox/Cloudflare tunnel)
- [`wiki/projects/radio-show.md`](../projects/radio-show.md) — radio show project (audio pipeline + post-show workflow)
- [`wiki/systems/jupiter.md`](jupiter.md) — runs the `cloudflared` tunnel container fronting IX
- [[clients/lamaddux]] — `lamaddux.com` + `jparkinsonaz.com` DNS zones hosted here (jparkinsonaz cleaned to O365-only 2026-06-12)
- Memory: `reference_radio_website.md`, `reference_ix_server_access.md`, `reference_resource_map.md`