diff --git a/.claude/memory/MEMORY.md b/.claude/memory/MEMORY.md index 57704d8..719c55b 100644 --- a/.claude/memory/MEMORY.md +++ b/.claude/memory/MEMORY.md @@ -131,3 +131,4 @@ - [Broken [[backlinks]] = write-me-later markers](feedback_broken_backlinks_are_writeme_markers.md) — A [[name]] with no matching file is an intentional "worth writing" marker, not breakage. Flesh the missing memory out from session history/logs and index it; never strip the link to silence the warning. memory-dream reports these as INFO candidates, not errors. - [gururmm session-logs are in a submodule](gururmm-session-logs-submodule-save.md) — commit in the submodule + `git push origin HEAD:main` (GURU-5070 CAN push over HTTP now); then advance the parent gitlink - [Use `python` not `python3` on GURU-5070](python3-shim-use-python.md) — `python3` in Git bash hits the flaky MS Store shim; real interpreters are `python` (3.12) / `py` (3.14). coord.py + wiki-compile work via `python`; the coord lock IS claimable here +- [Beast = primary GuruRMM Windows build host](gururmm-beast-windows-build-host.md) — GURU-BEAST-ROG (i9), reached from .30 via Tailscale-on-.30 at 100.101.122.4 as guru; Pluto is the fallback (`attempt_build beast || attempt_build pluto`). WiX must be 4.x (v6+ = OSMF); Beast NuGet needed nuget.org added diff --git a/.claude/memory/gururmm-beast-windows-build-host.md b/.claude/memory/gururmm-beast-windows-build-host.md new file mode 100644 index 0000000..c2c795e --- /dev/null +++ b/.claude/memory/gururmm-beast-windows-build-host.md @@ -0,0 +1,47 @@ +--- +name: gururmm-beast-windows-build-host +description: GURU-BEAST-ROG (i9-14900K) is the PRIMARY GuruRMM Windows build host (Pluto 172.16.3.36 = fallback). Reached from .30 via Tailscale-on-.30 at Beast's tailnet IP 100.101.122.4 as user guru. build-windows.sh does `attempt_build beast || attempt_build pluto`. +metadata: + type: reference +--- + +Set up 2026-06-12. **GURU-BEAST-ROG = PRIMARY Windows build host; Pluto (Administrator@172.16.3.36) += FALLBACK.** `deploy/build-pipeline/build-windows.sh` selects via +`attempt_build beast || attempt_build pluto` — falls back if Beast is **unreachable/down OR its +build fails**. Beast is ~10x faster than Pluto (full set ~12-15 min vs ~21). + +## How .30 reaches Beast +- Beast is on Wi-Fi `10.2.51.228` (a DIFFERENT LAN than the .30 office 172.16.3.x) + tailnet + `100.101.122.4`. .30 (office) could NOT reach it via the pfSense subnet route — the pfSense + Tailscale **SNAT-subnet-routes is deliberately OFF** (so remotes see real LAN IPs), and the raw + 172.16.x source didn't complete to Beast. **Fix: installed Tailscale ON .30** (node + `gururmm-server`/`100.86.12.15`, `tailscale up --accept-routes=false`) → reaches Beast + `100.101.122.4` peer-to-peer (DERP-relayed, ~50ms — fine for SSH-driven builds). No pfSense/ACL + changes. (Don't chase the subnet route again — Tailscale-on-.30 is the working path.) +- Build SSH user = **guru** (an admin; built-in Administrator is disabled). Pipeline path verified: + `root@.30 (/root/.ssh/id_ed25519) -> guru@100.101.122.4`. Host key pinned in + `/opt/gururmm/beast_known_hosts`. Both root's build key AND GURU-5070's key are in Beast's + `C:\ProgramData\ssh\administrators_authorized_keys` (ACL: Administrators+SYSTEM only). + +## Beast build toolchain (under C:\Users\guru) +- Rust: stable + **1.77** toolchains, **i686-pc-windows-msvc** target for both; cargo/rustup in + `C:\Users\guru\.cargo\bin`. sccache 0.8.2 (`RUSTC_WRAPPER`, `SCCACHE_DIR=C:\sccache`). +- **MSVC 2022 Build Tools** (was already installed). dotnet, git present. +- **WiX 4.0.6** (`dotnet tool`, `C:\Users\guru\.dotnet\tools\wix.exe`) + extensions + `WixToolset.Util.wixext` + `WixToolset.UI.wixext` @ 4.0.6 (matches Pluto). Repo clone at + `C:\gururmm` (origin URL has the Gitea api-token embedded; credential.helper scrubbed local). + +## Gotchas (these bit during setup) +- **WiX must be 4.x.** v6/v7 require accepting a paid OSMF EULA (`WIX7015`). Install pinned: + `dotnet tool install --global wix --version 4.0.6 --add-source https://api.nuget.org/v3/index.json`. +- **Beast NuGet had only the VS offline feed** — `dotnet tool install wix` AND `wix extension add` + failed until `dotnet nuget add source https://api.nuget.org/v3/index.json --name nuget.org`. +- **Wi-Fi is "Public" profile** so the stock sshd firewall rule (Private-only) blocked LAN SSH; + added rule `ACG-Build-SSH-22` (inbound 22, scoped LocalSubnet+172.16.0.0/12+100.64.0.0/10). +- **rustup hangs in a detached/no-console context** (Start-Process). The pipeline runs builds via + an SSH command (has a console) so it's fine; only background-launch validation stalled. + +## Build user / RMM +- Beast agent id `5233d75b-f589-43c4-b96e-cfa75365a78d` (RMM). I bootstrapped SSH/firewall/toolchain + via `/rmm` (agent runs as SYSTEM = elevated) then over SSH (`guru@10.2.51.228` same-LAN from + GURU-5070, or `guru@100.101.122.4` over tailnet). Pluto build wiring unchanged. [[reference_pluto_build_server]]