Session log: Cascades vault fix, Ollama Tailscale sharing, Howard review
Fixed Cascades pfSense password in vault (a6A6c6fe→Th1nk3r^99, moved from dataforth to cascades-tucson). Ollama exposed via Tailscale for Howard (100.92.127.64:11434, firewall restricted to 100.0.0.0/8). Reviewed Howard's first full day of work on shared system. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -173,3 +173,45 @@ Built `/syncro` slash command for ticket management via Syncro REST API.
|
||||
6. **MVAN other domains** — only mvaninc.com has DMARC; client has other domains needing protection
|
||||
7. **GoDaddy delegate API limitation** — can't manage delegate domains via API; need client's own API key for programmatic DNS
|
||||
8. **All carry-over items from 2026-04-16** (Howard onboarding, GuruRMM migration drift, Len's deployment, etc.)
|
||||
|
||||
---
|
||||
|
||||
## Update: 13:00 — vault fix, Ollama Tailscale, Howard review
|
||||
|
||||
### Cascades pfSense vault fix
|
||||
- Deleted stale `clients/dataforth/cascades-router.sops.yaml` (wrong password `a6A6c6fe`, misfiled under dataforth)
|
||||
- Created `clients/cascades-tucson/pfsense-firewall.sops.yaml` with correct password `Th1nk3r^99`
|
||||
- Howard caught the discrepancy during Cascades onsite work
|
||||
|
||||
### Ollama shared via Tailscale
|
||||
- Set `OLLAMA_HOST=0.0.0.0:11434` (User env var, persists)
|
||||
- Added Windows Firewall rule: port 11434 inbound, restricted to 100.0.0.0/8 (Tailscale subnet only)
|
||||
- Verified: `http://100.92.127.64:11434/` → "Ollama is running" via Tailscale IP
|
||||
- All 3 models accessible remotely (qwen3:14b, codestral:22b, nomic-embed-text)
|
||||
- CLAUDE.md updated: per-machine URL detection (localhost for DESKTOP-0O8A1RL, Tailscale IP for all others)
|
||||
- ONBOARDING.md updated: Howard doesn't need local Ollama install
|
||||
|
||||
### Howard's session reviewed
|
||||
- Cascades: folder redirection (primary computer GPO issue) + WiFi (TP-Link USB driver + UniFi roaming)
|
||||
- EVS: Win11 right-click menu fix (was actually Mike's session, miscategorized)
|
||||
- Vault hygiene: caught wrong Cascades pfSense password — fixed above
|
||||
- Ollama: his ARM64 laptop can't run models locally — resolved via Tailscale sharing
|
||||
|
||||
### jparkinsonaz.com DNS (continued)
|
||||
- IX DNS cluster sync required after zone edits: `/usr/local/cpanel/scripts/dnscluster synczone jparkinsonaz.com`
|
||||
- `pdns_control reload` needed on top of PowerDNS restart for zone changes to take effect
|
||||
- Certbot for autodiscover should work once root A record TTL (14400s) expires and propagates to 67.206.163.124
|
||||
|
||||
### Credentials (this update)
|
||||
|
||||
#### Cascades pfSense
|
||||
- Host: 192.168.0.1
|
||||
- Username: admin
|
||||
- Password: `Th1nk3r^99`
|
||||
- Vault: `clients/cascades-tucson/pfsense-firewall.sops.yaml`
|
||||
|
||||
#### Ollama Tailscale access
|
||||
- Mike's Tailscale IP: 100.92.127.64
|
||||
- Ollama URL: `http://100.92.127.64:11434`
|
||||
- Firewall: inbound TCP 11434 from 100.0.0.0/8 only
|
||||
- Env var: `OLLAMA_HOST=0.0.0.0:11434` (User scope on DESKTOP-0O8A1RL)
|
||||
|
||||
Reference in New Issue
Block a user