- Rewrote get-token.sh: tiered app system (investigator/exchange-op/user-manager/tenant-admin/defender)
- Updated SKILL.md, command, gotchas, checklist, graph-endpoints for new app suite
- Cascades breach check: mailbox clean, inbound phishing received by John, DMARC gap noted
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Created comprehensive show prep using breaking news from April 9-18, 2026:
- Artemis II post-flight news conference (April 16)
- IonQ quantum 'Holy Grail' breakthrough (April 14)
- 90% cancer detection from stool samples via AI (April 9)
- Stanford AI Index 2026 findings
- RAM shortage hitting consumers today
Replaced recycled CES content with current, timely stories.
File: projects/radio-show/episodes/2026-04-18-tech-that-makes-life-fun/show-prep-fresh.html
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Fixed Cascades pfSense password in vault (a6A6c6fe→Th1nk3r^99, moved from
dataforth to cascades-tucson). Ollama exposed via Tailscale for Howard
(100.92.127.64:11434, firewall restricted to 100.0.0.0/8). Reviewed
Howard's first full day of work on shared system.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
589G OwnCloud data moved from cache SSD to disk7 array (2h49m rsync).
Cache dropped from 82% to 34%. MariaDB + Discourse recovered and running
7h+ healthy. Share config changed to no-cache permanently.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Jupiter cache drive at 99% BTRFS data allocation — MariaDB + Discourse
crash-looping. Root cause: 589G OwnCloud data stuck on cache (mover
blocked by active SMB session from OwnCloud VM). Migration in progress
(rsync cache->array disk7, ~90% at time of commit). Also fixed /mode
command to acknowledge /color is user-invokable only.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Appended afternoon work: MSI installer MVP, Len's Auto Brokerage test
client, Uranus server docs, multi-user identity system, onboarding guide,
bootstrap package, audit gap fixes (GrepAI/Ollama/MCP/settings), and
generic /import command for folder ingestion.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Enhance /save and /sync slash commands to attribute commits by author
so Mike and Howard can see at a glance what the other person did.
- sync.sh: loads identity.json, shows incoming/outgoing commits with
author + age before pull/push, groups by author in final summary
- sync.md: describes the new output format + conflict attribution
- save.md: pre-commit Change Summary block + post-commit Summary
Motivation: repo is now shared across team, `git log` alone made it
hard to see "when did Howard change that?" without hunting.
Diagnosed azcomputerguru.com 521 errors: Cox's BGP route to specific
Cloudflare origin-pull prefixes (162.158.0.0/16, 172.64.0.0/13,
173.245.48.0/20, 141.101.64.0/18) is broken from 72.194.62.0/29.
Confirmed by TCP probe matrix from pfSense WAN, traceroute latency
comparison, and state-table showing 0 inbound CF connections while
direct-internet traffic still reached origin.
Deployed Cloudflare Tunnel 'acg-origin' on Jupiter Unraid as a
Docker container. Routes 4 proxied hostnames (azcomputerguru.com,
analytics., community., radio.) through the tunnel with HTTPS
backend to IX 172.16.3.10:443 with per-ingress SNI matching. All
4 hostnames return 200 OK through CF edge after the cutover.
Repo hygiene:
- Merged clients/ix-server/ into clients/internal-infrastructure/
(IX is internal infra, not a paying-client account). Git detected
the session-log files as renames so history is preserved. Updated
4 stale path references in 2 files.
- Moved cox-bgp ticket draft out of projects/dataforth-dos/ (wrong
project) to clients/internal-infrastructure/vendor-tickets/.
- Relocated tunnel-setup helper scripts from
projects/dataforth-dos/datasheet-pipeline/implementation/ to
clients/internal-infrastructure/scripts/cloudflared-tunnel-setup/.
Deleted superseded/abandoned login attempts. Sanitized hardcoded
Jupiter/pfSense SSH passwords to pull from SOPS vault at runtime;
Cloudflare token reads from env var (tokens still in 1Password,
vault entry is metadata-only).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Created show prep for April 5, 11, and 18, 2026
- HTML versions with clickable links for April 11 and 18
- IX server WordPress security scan (87 sites, 0 compromised)
- Local network scanning for Yealink devices
- Domain controller batch logon rights guidance
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
New integration with TickTick API for project/task management:
- OAuth 2.0 auth flow (mcp-servers/ticktick/ticktick_auth.py)
- MCP server with 9 tools for Claude Code (ticktick_mcp.py)
- FastAPI service with SOPS vault credentials (api/services/ticktick_service.py)
- JWT-protected REST router at /api/ticktick/ (api/routers/ticktick.py)
- Credentials stored in SOPS vault (services/ticktick.sops.yaml)
Dev project tracking (hybrid TickTick + DB):
- New dev_projects table migration (14 columns, status index)
- TickTick "Dev Projects" list for mobile visibility
- First project seeded: TickTick Integration (linked both sides)
Security: .tokens.json gitignored, token file permissions restricted,
HTML-escaped OAuth callback, SOPS vault (not env vars) for secrets.
Also: Installed Tailscale on ACG-5070 for office network access.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Built exact-match TXT formatter from QuickBASIC source (SCM5B, 8B, DSCA, DSCT, SCM7B)
- Spec parser for 10 binary DAT files (1470+ models)
- Work order report importer (33K WOs, 63K test lines)
- On-demand PDF generation, styled HTML view
- Archived 500K pre-2026 For_Web files into year subfolders
- Created domain service account (INTRANET\svc_testdatadb)
- Generated 73/73 Quatronix customer datasheets
- Added STAGE + Reports auto-import to sync script
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Created 4 new vaults: Infrastructure (16), Clients (27), Projects (10), MSP Tools (5)
- Replaced credentials.md with op:// reference version (no plaintext secrets)
- Updated CLAUDE.md with 1Password access instructions for all workstations
- Service account (Agentic_Cli) for non-interactive CLI access
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Activated 1Password skill for Claude Code (extracted from .skill ZIP)
- Resolved Lonestar Electrical MDM issue: ManageEngine was configured as
third-party EMM in Google Workspace, causing persistent enrollment prompts
on joser's personal phone
- Scoped credentials.md migration to 1Password (op:// refs + MSP vaults)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Sorensen/RieussetCorp email routing fixed (MailProtector IP auth)
- Neptune SBR routing chain fully documented
- MVAN ScreenConnect deployed via Intune to JUNE and MODERN_STILE_20
- Lonestar MDM self-enrollment identified as cause of personal phone issue
- Dataforth AD1 disk analysis: C:\Engineering 787 GB on DC
- Tailscale routing, SSH keys, brightness fix, memory system to repo
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Deep diagnosis of RTX 5070 Ti GSP firmware crash (NVIDIA bug #5953411)
- Power management workarounds ineffective, confirmed known Blackwell issue
- Created MAC_BUILD_TASK.md handoff for M4 to do transcription
- Fixed critical CLAUDE.md case sensitivity bug (lowercase never loaded on Linux)
- Created Linux workstation machine spec
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Diagnosed terrible speaker quality on CachyOS - kernel using legacy HDA
driver instead of SOF, leaving AW88399 smart amp without DSP processing.
Fixed EasyEffects routing, created aggressive EQ preset, forced SOF via
modprobe config. Reboot pending to test.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Installed Ollama with GPU support (qwen3:14b, codestral:22b, nomic-embed-text),
configured GrepAI semantic code search with optimized 256-token chunks and
context file boosting, added MCP server integration and deep-explore agent.
Updated claude.md with local AI usage guidelines and 4-tier output review policy.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Redesigned community forum CSS for readability (GitHub Dark inspired)
- Installed Matomo 5.8.0 at analytics.azcomputerguru.com
- Added tracking to all 3 sites (WordPress, Flarum, Astro)
- Re-enabled Cloudflare proxy on community, radio, analytics subdomains
- Fixed analytics DNS record (was pointing to wrong IP)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
