--- type: system name: gururmm-build display_name: GuruRMM VM (gururmm-build) last_compiled: 2026-05-24 compiled_by: DESKTOP-0O8A1RL/claude-main sources: - credentials.md - .claude/memory/infra_office_network.md - .claude/machines/pluto.md - wiki/projects/gururmm.md backlinks: - projects/gururmm - systems/jupiter - systems/pluto --- # GuruRMM VM (gururmm-build) ## Identity - **Hostname:** gururmm / gururmm-build - **IP:** 172.16.3.30 - **Role:** Production server — GuruRMM API, ClaudeTools API, Coord API, MariaDB, PostgreSQL, build pipeline - **Location:** Linux VM on Jupiter (172.16.3.20), virsh domain "GuruRMM" - **OS:** Ubuntu 22.04 LTS - **History:** Originally ran as a Docker container on Jupiter; migrated to its own VM at 172.16.3.30 ## Specs Linux VM — resource allocation managed via virsh on Jupiter (172.16.3.20). Exact vCPU/vRAM allocation not documented. ## Services | Service | Port | Notes | |---|---|---| | GuruRMM API | 3001 | Rust/Axum; systemd `gururmm-server`; binary `/usr/local/bin/gururmm-server` | | ClaudeTools API | 8001 | FastAPI/Python; includes Coord API at `/api/coord` | | Nginx | 80/443 | Reverse proxy + static file serving | | MariaDB | 3306 | Database `claudetools`; version 10.6.22 | | PostgreSQL | 5432 | Database `gururmm`; version 14 | | Build webhook | 9000 | `webhook-handler.py`; systemd `gururmm-webhook`; receives Gitea push events | | Gitea (forwarded) | 3000 | SSH port forward from here → Gitea Docker container on Jupiter (.20:3000) | ## Access - **SSH:** `ssh guru@172.16.3.30` (ed25519 keys: guru@wsl, guru@gururmm-build) - **Sudo password:** vault `infrastructure/gururmm-server.sops.yaml` (same as SSH) - **1Password:** `op://Infrastructure/GuruRMM Server/password` - **Vault path:** `infrastructure/gururmm-server.sops.yaml` ## Key Paths ### GuruRMM | Path | Purpose | |---|---| | `/usr/local/bin/gururmm-server` | Server binary | | `/usr/local/bin/gururmm-agent` | Local agent binary | | `/home/guru/gururmm/` | Gitea repo clone | | `/var/www/gururmm/dashboard/` | Built React dashboard (served by nginx) | | `/var/www/gururmm/downloads/` | Agent artifact distribution directory | | `/var/www/gururmm/downloads/windows/amd64/` | Windows x64 MSI + EXE | | `/var/www/gururmm/downloads/windows/x86/` | Windows x86 EXE | | `/opt/gururmm/` | Build pipeline scripts and state | | `/opt/gururmm/webhook-handler.py` | Gitea webhook receiver (port 9000) | | `/opt/gururmm/build-shared.sh` | Version bump + git sync (runs once per trigger) | | `/opt/gururmm/build-linux.sh` | Linux cargo build | | `/opt/gururmm/build-windows.sh` | SSH to Pluto + artifact copy | | `/opt/gururmm/build-mac.sh` | Stub (no Mac build machine) | | `/opt/gururmm/build-server.sh` | Server binary rebuild (separate, manual trigger) | | `/opt/gururmm/.env` | DB URL + secrets (GuruRMM build context) | | `/opt/gururmm/pluto_known_hosts` | Pinned SSH keys for Pluto (172.16.3.36) | | `/opt/gururmm/last-built-commit-linux` | SHA tracking for Linux build gate | | `/opt/gururmm/last-built-commit-windows` | SHA tracking for Windows build gate | | `/opt/gururmm/last-built-commit-mac` | SHA tracking for Mac build gate (stub) | | `/var/log/gururmm-build-linux.log` | Linux build log | | `/var/log/gururmm-build-windows.log` | Windows build log (includes [PLUTO] prefixed SSH output) | **[WARNING] Do NOT use `/opt/gururmm/updates/` for freshness checks** — legacy path from before the pipeline split (~Feb 2026). Active distribution is `/var/www/gururmm/downloads/`. ### ClaudeTools | Path | Purpose | |---|---| | `/home/guru/claudetools/` | ClaudeTools repo clone (if present) | | ClaudeTools API port 8001 | Docs at http://172.16.3.30:8001/api/docs | ## Databases ### MariaDB (claudetools) - **DB:** claudetools - **User:** `op://Infrastructure/GuruRMM Server/Databases.MariaDB User` - **Password:** `op://Infrastructure/GuruRMM Server/Databases.MariaDB Password` - **Vault:** `bash D:/vault/scripts/vault.sh get-field projects/claudetools/database.sops.yaml credentials.password` ### PostgreSQL (gururmm) - **DB:** gururmm - **User:** `op://Infrastructure/GuruRMM Server/Databases.PostgreSQL User` - **Password:** `op://Infrastructure/GuruRMM Server/Databases.PostgreSQL Password` - **Connection string:** `postgres://gururmm:43617ebf7eb242e814ca9988cc4df5ad@localhost:5432/gururmm` - **DB URL also in:** `/opt/gururmm/.env` and `/home/guru/.cargo/env` ## systemd Services | Unit | Binary | Purpose | |---|---|---| | `gururmm-server` | `/usr/local/bin/gururmm-server` | GuruRMM Rust/Axum API | | `gururmm-agent` | `/usr/local/bin/gururmm-agent` | Local GuruRMM agent (enrolled as ACG internal) | | `gururmm-webhook` | `/opt/gururmm/webhook-handler.py` | Build pipeline webhook receiver | ## Build Pipeline Role This machine is the **build orchestrator** for GuruRMM. It receives Gitea webhooks, runs the Linux build directly, and SSHes to Pluto for Windows builds. ``` Gitea push to main → webhook-handler.py (port 9000) → build-shared.sh (version bump, one-shot) → build-linux.sh (cargo build on this machine) → build-windows.sh (SSH → Pluto at 172.16.3.36) → build-mac.sh (stub) → artifacts → /var/www/gururmm/downloads/ → systemctl restart gururmm-agent ``` Server and dashboard are NOT rebuilt by the agent pipeline — separate manual steps: ```bash sudo /opt/gururmm/build-server.sh # Rebuild server binary cd /home/guru/gururmm/dashboard && sudo -u guru npm run build sudo rsync -av --delete /home/guru/gururmm/dashboard/dist/ /var/www/gururmm/dashboard/ ``` SSH to Pluto from this machine: ```bash ssh -o StrictHostKeyChecking=yes \ -o UserKnownHostsFile=/opt/gururmm/pluto_known_hosts \ Administrator@172.16.3.36 ``` ## Known Issues & Quirks - **DATABASE_URL required at build time** — sqlx compile-time macros need it. Located in `/home/guru/.cargo/env`. Builds fail silently if not sourced. - **Pre-commit hook lacks execute bit** (noted 2026-05-23) — likely still unfixed. - **`sudo -u guru git` required in systemd build context** — git rejects the repo as dubious ownership when running as root against guru-owned `/home/guru/gururmm`. Use `git config --system --add safe.directory /home/guru/gururmm` or always prefix with `sudo -u guru`. - **NPM proxy stale entry** — credentials.md and Jupiter NPM still proxy `rmm-api.azcomputerguru.com → 172.16.3.20:3001`. Should be `172.16.3.30:3001`. Fix in NPM admin at http://172.16.3.20:7818. - **Gitea at :3000** — accessible via SSH port forward from this machine; authoritative Gitea container is on Jupiter (.20). Internal direct URL: http://172.16.3.20:3000. ## Backlinks - [[projects/gururmm]] — GuruRMM API, build pipeline, ClaudeTools API all run here - [[systems/jupiter]] — this machine is a virsh VM hosted on Jupiter - [[systems/pluto]] — Windows builds SSH from here to Pluto