# Session Log: 2026-03-14

## Session Summary

Multi-project session covering Dataforth pipeline verification, radio show project organization, and client MFA reset.

### Key Accomplishments

1. **Dataforth TestDataDB Pipeline - Verified & Operational**
   - Confirmed full catch-up import completed: 2,243,681 records (up from 1,636,575)
   - HISTLOGS: 576,580 records imported, test stations: 546,610 records imported
   - Newest test_date: 2026-03-12, date range spans 1990 to present
   - 607K net new records confirmed accurate - mostly HISTLOGS backfill that was never previously imported
   - Deployed updated Sync-FromNAS-rsync.ps1 to AD2 with regex fix + log rotation
   - Rotated 1GB sync log (renamed to archive, fresh 66-byte log in place)
   - Killed stale PowerShell session consuming 14.4GB RAM on AD2
   - Sync-FromNAS scheduled task restarted with new script - confirmed pulling files and triggering imports
   - First run with new script: 320 files pulled, 129 .DAT files detected by fixed regex, import triggered

2. **Radio Show Project - Created & Organized**
   - Created `projects/radio-show/` project structure with `episodes/` and `session-logs/`
   - Consolidated all radio content into `episodes/2026-03-14-ai-misconceptions/`
   - Merged original 11 segments + Mac's updates (updated Seg 3 & 8, new Seg 12 & 13) into `final-script.md`
   - Mac pushed curated 9-segment show with intro "Five Years Later" (`show-final-mac.md`)
   - Created `talking-points.md` - bullet-point format for on-air reference (not full scripts)
   - Created HTML versions of both final script and talking points for browser viewing
   - Pushed everything to Gitea for Mac to pull for the show

3. **BG Builders - MFA Reset for operations@bgbuildersllc.com**
   - Used Graph API (Claude-MSP-Access) to reset MFA
   - Listed auth methods: Password, Windows Hello (DESKTOP-4KFLGQD), Microsoft Authenticator (iPhone 14 Pro)
   - Deleted Microsoft Authenticator method via DELETE to microsoftAuthenticatorMethods endpoint
   - HTTP 204 success - user will be prompted to re-register MFA on next sign-in

---

## Infrastructure Details

### Dataforth - AD2 (192.168.0.6)
- **SSH User:** sysadmin (not admin)
- **Access:** Via Tailscale subnet route through D2TESTNAS (100.85.152.90)
- **Sync Script:** `C:\Shares\test\scripts\Sync-FromNAS-rsync.ps1`
  - Line 189: Log rotation `$LOG_MAX_BYTES = 10 * 1024 * 1024` (10MB cap, 5 archives)
  - Line 309: Fixed regex `(?i)^>f[\S.+]+\s+(\S+\.DAT)$` (case-insensitive)
- **Sync Log:** `C:\Shares\test\scripts\sync-from-nas.log` (fresh, 66 bytes)
- **Archive Log:** `C:\Shares\test\scripts\sync-from-nas-2026-03-13-archive.log` (~1GB)
- **Database:** `C:\Shares\TestDataDB\database\testdata.db` (~2GB, 2,243,681 records)
- **TestDataDB Server:** PID 4268, port 3000
- **Scheduled Task:** Sync-FromNAS runs every 10 minutes
- **NODE_PATH trick:** Must set `NODE_PATH=C:\Shares\TestDataDB\node_modules` for ad-hoc node commands via SSH

### Dataforth - D2TESTNAS (192.168.0.9)
- **Tailscale IP:** 100.85.152.90
- **Status:** Active, subnet router for 192.168.0.0/24
- **Pending:** DNS persistence (resolv.conf may be overwritten by NetworkManager)
- **Pending:** Disable Tailscale key expiry in admin console

### Tailscale Status
- D2TESTNAS: active, direct connection 67.206.163.122:41641
- Subnet route: 192.168.0.0/24 advertised and approved
- DNS health warning: can't reach configured DNS servers (non-critical)

---

## Credentials Used

### BG Builders LLC - M365
- **Tenant:** bgbuildersllc.com
- **Tenant ID:** ededa4fb-f6eb-4398-851d-5eb3e11fab27
- **CIPP Name:** sonorangreenllc.com
- **Admin:** sysadmin@bgbuildersllc.com / Window123!@#-bgb
- **MFA Reset User:** operations@bgbuildersllc.com (Site Operations)
  - User ID: 58e6eefe-2b3f-4399-ad17-3e186499b068
  - Authenticator removed: 8e6cb810-e5e4-4c03-be58-5cd13e2bdfcf (iPhone 14 Pro)

### Graph API - Claude-MSP-Access
- **App ID:** fabb3421-8b34-484b-bc17-e46de9703418
- **Client Secret:** ~QJ8Q~NyQSs4OcGqHZyPrA2CVnq9KBfKiimntbMO
- **Tenant ID (home):** ce61461e-81a0-4c84-bb4a-7b354a9a356d
- **Used for:** MFA reset on BG Builders tenant (multi-tenant app)
- **Permission used:** UserAuthenticationMethod.ReadWrite.All

### CIPP API
- **URL:** https://cippcanvb.azurewebsites.net
- **Note:** ListUsers endpoint returned 403 - API client lacks permission for that endpoint
- **Working endpoints unknown** - Graph API used as fallback

---

## Commands Reference

### MFA Reset via Graph API
```bash
# Get token for target tenant
ACCESS_TOKEN=$(curl -s -X POST "https://login.microsoftonline.com/{tenant-id}/oauth2/v2.0/token" \
  -d "client_id=fabb3421-8b34-484b-bc17-e46de9703418" \
  -d "client_secret=~QJ8Q~NyQSs4OcGqHZyPrA2CVnq9KBfKiimntbMO" \
  -d "scope=https://graph.microsoft.com/.default" \
  -d "grant_type=client_credentials" | python -c "import sys, json; print(json.load(sys.stdin).get('access_token', ''))")

# List auth methods
curl -s "https://graph.microsoft.com/v1.0/users/{upn}/authentication/methods" \
  -H "Authorization: Bearer ${ACCESS_TOKEN}"

# Delete specific authenticator method
curl -s -X DELETE "https://graph.microsoft.com/v1.0/users/{upn}/authentication/microsoftAuthenticatorMethods/{method-id}" \
  -H "Authorization: Bearer ${ACCESS_TOKEN}"
```

### AD2 SSH with NODE_PATH
```bash
C:/Windows/System32/OpenSSH/ssh.exe -o ConnectTimeout=15 -o StrictHostKeyChecking=no sysadmin@192.168.0.6 \
  "cmd /c set NODE_PATH=C:\Shares\TestDataDB\node_modules&& cd /d C:\Shares\TestDataDB\database && node -e \"...\""
```

### Disable Local Windows Password Expiry
```powershell
Set-LocalUser -Name "username" -PasswordNeverExpires $true
```

---

## Files Created/Modified

### Radio Show Project
- `projects/radio-show/episodes/2026-03-14-ai-misconceptions/final-script.md` - merged 13-segment script
- `projects/radio-show/episodes/2026-03-14-ai-misconceptions/final-script.html` - HTML viewer
- `projects/radio-show/episodes/2026-03-14-ai-misconceptions/talking-points.md` - bullet-point on-air reference
- `projects/radio-show/episodes/2026-03-14-ai-misconceptions/talking-points.html` - HTML viewer
- `projects/radio-show/episodes/2026-03-14-ai-misconceptions/show-final-mac.md` - Mac's curated 9-segment show
- `projects/radio-show/episodes/2026-03-14-ai-misconceptions/segments-original.md` - original 11 segments
- `projects/radio-show/episodes/2026-03-14-ai-misconceptions/segments-updates.md` - March 2026 updates

### Dataforth (deployed to AD2)
- `C:\Shares\test\scripts\Sync-FromNAS-rsync.ps1` - regex fix + log rotation
- Local copy: `projects/dataforth-dos/sync-fixes/Sync-FromNAS-rsync.ps1`

---

## Pending Tasks

1. **D2TESTNAS DNS persistence** - `/etc/resolv.conf` set to 8.8.8.8 manually, NetworkManager may overwrite
2. **Tailscale key expiry** - Disable in admin console for D2TESTNAS node
3. **Consider disconnecting OpenVPN** - Tailscale now provides access to 192.168.0.x, OpenVPN TCP-over-TCP was problematic
4. **CIPP API permissions** - ListUsers returns 403, may need to update API client permissions
5. **Sync script bug** - sync.sh reports pull success but git HEAD doesn't update (had to run `git pull` manually twice this session)
6. **AD2 archive log cleanup** - `sync-from-nas-2026-03-13-archive.log` is ~1GB, consider compressing or deleting

---

## Database Stats (as of end of session)

| Metric | Value |
|--------|-------|
| Total Records | 2,243,681 |
| Date Range | 1990-01-01 to 2026-03-12 |
| Pass/Fail | 2,236,941 PASS / 6,728 FAIL / 12 UNKNOWN |
| Log Types | 5BLOG (938K), 7BLOG (572K), DSCLOG (380K), 8BLOG (299K) |
| Stations | 59 active (TS-1 through TS-30, L/R variants) |
| DB Size | ~2GB |

---

## Key Decisions

1. **Radio show talking points vs scripts** - User prefers bullet-point talking points with key data, not full prose scripts
2. **Radio show structure** - Mac's curated 9-segment order is primary, remaining 4 segments as filler
3. **Graph API over CIPP** - CIPP API lacked permissions for user operations; Graph API (Claude-MSP-Access) worked for MFA reset
4. **607K record increase validated** - Confirmed accurate through monthly distribution analysis; mostly HISTLOGS backfill

---

## Update: 20:43 - Radio Show Website Build (radio.azcomputerguru.com)

### Summary

Built a complete premium radio show website for "The Computer Guru Show" using Astro 6.0.4 (static site generator with React islands). Site will live at radio.azcomputerguru.com, deployed to IX server (cPanel).

### Key Accomplishments

1. **Research Phase (parallel agents)**
   - Analyzed gurushow.com: WordPress 6.6.5, PowerPress/Blubrry, 230 posts, 194 podcast episodes (S6-S10, 2014-2018)
   - Researched IX server hosting environment: Rocky Linux, WHM/cPanel, root access
   - Studied 10+ competitor sites: TWiT.tv, Darknet Diaries, ATP, Lex Fridman, Changelog, Security Now, etc.
   - Researched Discord integration (WidgetBot), Discourse forums, RSS feed specs, live streaming options

2. **Architecture & Tech Stack Decision**
   - **Astro 6.0.4** - static site generator, outputs pure HTML/CSS/JS (no Node runtime needed on cPanel)
   - React islands for interactive components (player, search, Discord widget)
   - HSL-based CSS custom property design system with dark/light mode
   - Content collections for episodes (markdown with frontmatter)

3. **Episode Import**
   - Created `scripts/import-episodes.mjs` - fetches RSS feed from gurushow.com/feed/podcast
   - **194 episodes imported** as markdown files with frontmatter (title, season, episode, audio URL, duration, tags)
   - Audio stays on Blubrry CDN (URLs normalized to HTTPS)
   - Auto-tagging based on keyword extraction from titles/descriptions
   - 7 warnings: 5 empty descriptions, 1 unparseable title ("Guest appearance on Liberty Watch")

4. **Full Website Built - 204 pages, zero build errors**
   - **Home page**: Animated hero with gradient text, pulsing glow rings, latest episodes grid, featured classics carousel, stats section, blog highlights, about preview, subscribe CTA
   - **Episodes archive**: Search + season filter tabs, responsive card grid, 194 episode detail pages
   - **Episode detail pages**: Breadcrumbs, metadata, HTML5 audio player, rendered show notes, related episodes
   - **Blog**: Listing + individual post pages (1 welcome-back post)
   - **About**: Host bio, show history timeline (2014-2026), topic coverage grid
   - **Subscribe**: Platform cards, RSS feed URL with copy button
   - **Community**: Discord (WidgetBot placeholder), Discourse (placeholder), newsletter signup
   - **Live**: Off-air status indicator, schedule placeholder, stream placeholder
   - **Contact**: Form with subject dropdown, sponsorship section
   - **404**: Styled error page
   - **RSS feed**: Podcast-compatible with iTunes namespace

5. **Persistent Audio Player (signature feature)**
   - Glassmorphism bottom bar with backdrop-filter blur
   - Play/pause, 15s skip, clickable progress bar, volume, playback speed (0.75x-2x)
   - Session persistence via sessionStorage (resumes on page load)
   - Keyboard shortcuts (Space, arrow keys)
   - Responsive (compact on mobile)
   - Slide-up animation, custom events for cross-component communication
   - Integrated with episode cards and detail pages

### Architecture Decisions

1. **Astro over WordPress/Next.js** - Static output deploys to cPanel as files, no Node runtime needed, full design control
2. **Content collections** - 194 episodes as markdown with Zod-validated frontmatter, type-safe queries
3. **React islands only for interactivity** - Persistent player, search, Discord widget; everything else is static Astro
4. **Audio stays on Blubrry CDN** - No re-hosting, preserves existing analytics and avoids storage costs
5. **Vanilla JS for filtering** - Episode archive search/filter doesn't need React, keeps bundle small
6. **Dark mode first** - Tech audience preference, HSL-based tokens for easy theming
7. **Self-hosted Discourse** - Will deploy to IX server for community forum
8. **WidgetBot for Discord** - Embeds Discord chat directly on website

### Files Created

```
projects/radio-show/website/
  astro.config.mjs
  package.json
  tsconfig.json
  scripts/import-episodes.mjs              # RSS feed importer (194 episodes)
  src/
    content.config.ts                       # Content collection schemas (Astro v6 glob loader)
    styles/tokens.css                       # HSL design system tokens
    styles/global.css                       # Reset, typography, utilities
    layouts/BaseLayout.astro                # HTML shell, nav, footer, theme toggle, persistent player
    components/
      global/PersistentPlayer.tsx           # React island - sticky audio player
      home/HeroSection.astro                # Animated hero with gradient text
      home/LatestEpisodes.astro             # 6 latest episode cards
      home/FeaturedClassics.astro           # Scrollable classics row
      home/StatsSection.astro               # Stats grid (194 episodes, 10 seasons, etc.)
      home/BlogHighlights.astro             # Latest blog posts
      home/AboutPreview.astro               # Bio preview with CTA
      home/SubscribeCTA.astro               # Platform subscribe buttons
      episodes/EpisodeCard.astro            # Reusable episode card
      episodes/SeasonFilter.astro           # Season tab filter bar
    pages/
      index.astro                           # Home page (7 sections)
      about.astro                           # Host bio, timeline, topics
      subscribe.astro                       # Platform cards, RSS
      community.astro                       # Discord, Discourse, newsletter
      live.astro                            # Live show page (off-air)
      contact.astro                         # Contact form, sponsorship
      404.astro                             # Error page
      feed.xml.ts                           # Podcast RSS feed
      episodes/index.astro                  # Episode archive with search/filter
      episodes/[...slug].astro              # Episode detail pages (194)
      blog/index.astro                      # Blog listing
      blog/[...slug].astro                  # Blog post pages
    utils/formatDate.ts, formatDuration.ts, episodeSlug.ts
    data/navigation.ts, platforms.ts
    content/episodes/*.md                   # 194 episode markdown files
    content/blog/welcome-back.md            # Initial blog post
```

### Deployment Plan (for Mac/later)

1. cPanel on IX server (ix.azcomputerguru.com)
2. Create subdomain radio.azcomputerguru.com in WHM
3. `npm run build` -> `dist/` folder
4. rsync/SCP dist/ to document root
5. AutoSSL for HTTPS
6. .htaccess for caching, compression, HTTPS redirect

### Pending / Next Steps

1. **Waveform visualization** - WaveSurfer.js integration for the persistent player (dependency installed, not wired up yet)
2. **Hero background images** - Need actual images in `public/images/heroes/`
3. **Discord integration** - Configure WidgetBot with actual Discord server ID/channel
4. **Discourse setup** - Install Discourse on IX server, configure community page links
5. **Episode curation** - Mark selected episodes as `classic: true` and `featured: true` in frontmatter
6. **Host photo** - Add Mike's photo for about page
7. **OG image** - Create proper Open Graph image for social sharing
8. **Deploy to cPanel** - Create subdomain, upload build, configure SSL
9. **Podcast directory submission** - Submit new RSS feed URL to Apple Podcasts, Spotify
10. **Contact form backend** - Set up Formspree or similar for the contact form
11. **Newsletter integration** - Connect signup form to email service

### Dev Server

- Local: http://localhost:4321/
- Build command: `cd projects/radio-show/website && npm run build`
- Dev command: `cd projects/radio-show/website && npx astro dev --port 4321`