# Machine: GURU-KALI **Hostname:** GURU-KALI **Last Updated:** 2026-05-25 --- ## Hardware Specs | Spec | Value | |------|-------| | Model | Lenovo Legion Pro 5 16IRX9 (laptop) | | CPU | Intel Core i9-14900HX (24 cores / 32 threads) | | Memory | 31 GiB + 31 GiB swap | | GPU | NVIDIA RTX 4070 Mobile/Max-Q (8 GB VRAM) + Intel UHD iGPU | | Storage | 906 GB NVMe (~831 GB free) | --- ## Software | Spec | Value | |------|-------| | OS | Kali GNU/Linux Rolling, kernel 6.19.14+kali-amd64 | | Python | 3.13.12 | | Node.js | v24.15.0 / npm 11.12.1 | | Go | installed | | Rust | 1.95.0 (rustc + cargo via rustup, `~/.cargo`) — added 2026-05-24 | | Git | 2.53.0 | | sops | 3.13.1 (`~/.local/bin/sops`) | | psql | 18.3 | | mysql/mariadb client | 11.8.6 | | nmap | 7.99 (Kali security tooling) | | GuruRMM build dev libs | libgtk-3-dev, libayatana-appindicator3-dev, libxdo-dev, libssl-dev, pkg-config (for agent + tray builds) — added 2026-05-24 | | NVIDIA driver | nvidia-open 595.71.05 (open kernel modules + CUDA, DKMS) — built/signed for kernel 6.19 via the NVIDIA CUDA debian13 repo; nouveau blacklisted; **ACTIVE AFTER REBOOT**. Added 2026-05-25. | | jq | 1.8.1 (added 2026-05-24, needed by hooks) | | gh / docker / age / op / grepai / ollama | NOT installed | --- ## Ollama Models None — Ollama not installed. If installed, `qwen3:8b` (5.2 GB) fits the 8 GB VRAM fully (mirrors DESKTOP-0O8A1RL prose model); qwen3.6 / codestral / qwen3:14b would split to CPU. GPU acceleration is available via nvidia-open 595.71.05 (CUDA) once the pending reboot activates the driver. See `.claude/OLLAMA.md`. --- ## Claude Code Environment - **Working Directory:** /home/guru/claudetools - **User:** guru - **Shell:** zsh (interactive); bash for scripts - **Git:** Configured for Gitea (git.azcomputerguru.com) - **Identity:** mike (identity.json configured) - **Vault:** /home/guru/vault (SOPS + age, decryption verified working) - **Age key:** `~/.config/sops/age/keys.txt` (mode 600), recipient #1 `age1qz7ct84m50u06h97artqddkj3c8se2yu4nxu59clq8rhj945jc0s5excpr` - **Privileges:** guru in `sudo` group; **passwordless sudo enabled** (`/etc/sudoers.d/guru-nopasswd`, 2026-05-24) — Claude can run privileged ops. - **GuruRMM clone:** `/home/guru/gururmm` (canonical server-side path) — builds agent + tray locally with cargo; also an enrolled managed agent (id `a73ba38e`, systemd `gururmm-agent.service`). --- ## Network | Interface | Address | |-----------|---------| | Wi-Fi (wlan0) | 10.2.209.225/16 (gw 10.2.0.1) — NOT company LAN | | Tailscale | 100.75.148.91 (joined 2026-05-24, mike@) | Field/mobile laptop on wifi; Tailscale now bridges to internal services. pfSense-2 advertises subnet `172.16.0.0/22` into the tailnet and this node runs with `--accept-routes`, so company LAN host `172.16.3.30` is reachable via `tailscale0`. Verified 2026-05-24: coord API `172.16.3.30:8001` -> HTTP 200, remote Ollama `100.92.127.64:11434` -> HTTP 200 (5 models). (D2TESTNAS also advertises 192.168.0.0/24 + 192.168.100.0/24.) --- ## Capabilities - [x] Git operations (over public internet) - [x] SOPS vault decryption (verified) - [x] Claude Code CLI - [x] Security tooling (Kali — nmap, etc.) - [x] DB clients present (psql, mariadb) — usable only when on-LAN - [x] coord API / DB reachable (via Tailscale subnet route 172.16.0.0/22) - [x] Tailscale (100.75.148.91) - [x] Tier 0 remote Ollama reachable over Tailscale (100.92.127.64) - [x] Rust toolchain (1.95.0) + GuruRMM agent/tray build deps (GTK/appindicator/openssl) - [x] Passwordless sudo (guru) - [x] Enrolled GuruRMM managed agent (id a73ba38e, systemd service) - [ ] Ollama LOCAL (not installed — would add offline Tier 0) - [ ] GrepAI semantic search (not installed) - [ ] 1Password CLI (op not installed) - [~] NVIDIA CUDA compute — nvidia-open 595.71.05 installed (DKMS built on kernel 6.19); ACTIVE after reboot - [ ] Docker --- ## Notes - **Strongest raw hardware in the fleet** for AI inference (i9-14900HX, 31 GB RAM, RTX 4070 8 GB). NVIDIA driver now installed (see 2026-05-25 note) — GPU/CUDA compute available after the pending reboot. - **Field/mobile laptop.** On wifi off the company LAN, but Tailscale (added 2026-05-24) bridges to internal services, so coord API/DB and remote Ollama work. A local Ollama would still add value for *offline* use (away from any network). - Onboarding (`LINUX_PC_ONBOARDING.md`) status: /sync OK, vault OK, identity OK, Tailscale OK; PENDING — local Ollama (optional), GrepAI, 1Password CLI. - 2026-05-24: chose Tailscale-only for now; local Ollama + NVIDIA driver deferred. - 2026-05-24: set up as the **GuruRMM Linux dev/test box** — Rust + GTK build env, `gururmm` cloned, enrolled agent runs the new Linux tray (Unix-socket IPC + GTK) build. See gururmm PR #13 (`feat/linux-tray-ipc`). The systemd unit was patched locally with `RuntimeDirectory=gururmm`; service runs an unsigned local build until the PR merges and the pipeline ships a signed agent. - **2026-05-24: screen lock on timeout INTENTIONALLY DISABLED (user request).** xfce4-screensaver `/lock/enabled=false` + `/lock/saver-activation/enabled=false` (+ `/lock/sleep-activation=false`); xfce4-power-manager `lock-screen-suspend-hibernate=false`. Screen may still blank/screensave on idle but does NOT prompt for a password. Do NOT re-enable. Persisted in `~/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-screensaver.xml` (machine-local, not in the repo). - **2026-05-24: idle-suspend (sleep) DISABLED on AC *and* battery (user request).** xfce4-power-manager `inactivity-on-ac=0`, `inactivity-on-battery=0` (+ sleep-mode actions 0). Why both: it was sleeping while plugged in because the ACPI AC-adapter state goes **stale** on this Legion + kernel 6.19 (the EC doesn't reliably send AC plug/unplug events, esp. across S3 resume), so the OS intermittently thought it was on battery and applied the 10-min battery suspend. `udevadm trigger --action=change /sys/class/power_supply/ADP0` forces a re-read (online flips back to 1). Disabling idle-suspend on both states makes the flaky detection harmless. Do NOT re-enable. Persisted in `xfce4-power-manager.xml` (machine-local). Proper upstream fix = Lenovo BIOS/EC update. - **2026-05-25: NVIDIA driver installed — nvidia-open 595.71.05** (open kernel modules + CUDA), via the NVIDIA CUDA `debian13` repo (cuda-keyring) since Kali only packages 550 (too old for kernel 6.19). DKMS module built + signed for `6.19.14+kali-amd64`; nouveau blacklisted (`/etc/modprobe.d/nvidia.conf`) + initramfs rebuilt. **Requires one reboot to activate** (swap the dGPU off nouveau). Hybrid graphics: Intel i915 stays the display, NVIDIA dGPU for CUDA/offload. Secure Boot off. Verify post-reboot: `nvidia-smi` (expect RTX 4070 Mobile, driver 595.71.05). Unblocks the local-Ollama-on-GPU option.