claudetools/session-logs/2026-05-10-session.md

2026-05-10 — Radio-show Jupiter deploy + audio rsync, Discord bot service, Apple Developer enrollment kickoff

User

• User: Mike Swanson (mike)
• Machine: GURU-BEAST-ROG
• Role: admin
• Session span: 2026-05-08 ~07:00 PT (radio-show deploy) → 2026-05-10 ~18:40 PT (Apple Dev enrollment vault entry). Date rolled mid-session.

---

Session Summary

The session began with the deployment of the redesigned FastAPI backend for the radio-show application to Jupiter (Unraid Docker host, 172.16.3.20). Local main.py at HEAD already contained the d7ce9cb visual redesign and the May 1 intro/QA sorted() tie-break fix; verified clean working tree and parity with origin/main. scp'd main.py to root@172.16.3.20:/mnt/user/appdata/radio-archive/app/main.py via PuTTY pscp, then rebuilt the radio-archive container via docker compose up -d --build over plink. Smoke-tested new UI markers (--accent #c39733, browse-toggle, loading::after on /; now-playing, preload="metadata", qaBlocks, sticky audio player on /episode/139).

Mike then noted the deployed Jupiter instance still couldn't play audio — /api/audio/{id} returned 404 because the MP3 tree was never deployed. He pointed out that IX (the archive source, 172.16.3.10) and Jupiter (172.16.3.20) are on the same office LAN, so Jupiter should pull from IX directly rather than push from this desktop. Probed IX via plink: the archive lives at /home/gurushow/public_html/archive/{YYYY}/{N - Month}/*.mp3, the layout matches the DB rel_path exactly, and total size is 7.8 GB — the May 1 session log's "30–40 GB" estimate was wrong by a factor of 4. Installed Jupiter root's pubkey into IX root's authorized_keys for passwordless server-to-server rsync. Dry-run showed 590 MP3s / 8.09 GB. Real rsync IX → Jupiter completed in ~75 seconds at ~108 MB/s sustained over LAN. Verified /api/audio/139 and /api/audio/479 now return HTTP 206 audio/mpeg with range support.

The first /sync of the session pulled 25 commits and surfaced six ## Note for Mike blocks from Howard's recent Cascades / IMC1 / Sombra / Stamback work. Addressed each: Britney Thompson litigation hold (already in flight via the MacBook Air's follow-up commits), John Trozzi inbox cleanup (FYI only), SDM phone activation root-caused (pilot.test lacked Cloud Device Administrator role; new devices@cascadestucson.com account built specifically for this and vaulted), IMC1 AIM SQL diagnosis correction (SQLEXPRESS is the production instance not the orphan — MSSQL$AIMSQL is the consolidation candidate; memory caps and consolidation pending Mike's call), and three patterns to internalize (post-Transwiz Office identity sweep on new-PC checklist, GuruRMM agent's nt authority\system context for per-user probes, Syncro billable: false on timer_entry silently ignored).

The next morning (2026-05-10 — date rolled mid-session), Mike reported the Discord bot wasn't responding. Found it dead since 2026-05-06 12:22 PT — no error in bot.log, just stopped; no NSSM service installed, no scheduled task, no service wrapper at all. The bot had been running interactively, so a reboot or terminal close that day killed it silently. Restarted temporarily via pythonw.exe (PID 62720) as a stopgap and confirmed it reconnected, then Mike asked to install it as a proper Windows service for durability. Installed NSSM 2.24-101 via winget, stopped the temporary process, and created ClaudeToolsDiscordBot pointing at the venv's python.exe -m bot.main with AppDirectory, stdout/stderr logging with 10 MB rotation, auto-start, and auto-restart-on-exit with a 5 s delay. Service started; bot reconnected with full channel access. Account is LocalSystem — flagged as a potential issue if vault/identity paths fail under SYSTEM context.

The second /sync hit a conflict on .claude/memory/MEMORY.md. The local commit had added a redundant memory entry (feedback_appointment_owner_first.md, "appointment owner FIRST") that covered the same rule as Howard's incoming feedback_syncro_appointment_owner.md from Kittle ticket #32263 — but with substantially less detail. Resolved by aborting the rebase, doing git reset --hard HEAD~1 to drop the redundant local commit entirely, then re-running sync — fast-forwarded 3 commits cleanly. Vault sync pulled Howard's Cascades ALIS SSO inbound creds and Kittle GuruRMM site enrollment key. Surfaced and addressed Howard's two GuruRMM items: (a) the macOS agent + installer route is blocking Sylvia at Kittle Main Office (Mac mini) and needs Apple Developer signing + notarization, and (b) Cloudflare's bot challenge is breaking the documented install one-liners on Linux/Windows — Howard recommends a WAF skip on ^/install/.

The session closed with the Apple Developer Program enrollment kickoff. Walked Mike through the prerequisites (cost, Developer ID Application + Developer ID Installer certs, notarytool flow requiring a real Mac in the build path, v1 shell-installer with right-click→Open as the no-cert fallback) and recommended enrolling now since the cert unblocks the no-friction install path long-term. Mike pulled the DUNS lookup and got 005661506 — but the D&B record is registered under "COMPUTER GURU", not "Arizona Computer Guru LLC". Mike kicked off enrollment (ID HH5UA87LAH) and Apple immediately requested a verification packet. Identified the D&B name mismatch as the real blocker — Apple compares enrollment name against DUNS record against Articles of Organization, and all three must match. Recommended sequence: D&B name correction via iUpdate first (free, 5–15 business days), gather the three verification documents in parallel, then upload to Apple once D&B confirms. Vaulted everything at infrastructure/apple-developer-program.sops.yaml.

---

Key Decisions

• Pull MP3s server-to-server from IX, not push from desktop. Mike caught that IX (172.16.3.10) and Jupiter (172.16.3.20) are physically on the same office LAN. Pulling IX→Jupiter directly hits ~108 MB/s sustained gigabit, eliminates the desktop as an intermediary, and uses the local copy already cached at the actual source. Far faster than re-uploading from GURU-BEAST-ROG.
• rsync the year directories only, excluding Radio/ and index.html. IX has unrelated content under archive/Radio/Elements/ (203 MB of misc music) and HTML index files at archive root. The --exclude=Radio --exclude='index.html*' filter kept the transfer scoped to what matches the DB rel_path layout. Each year directory carries a duplicate set (loose MP3s at year root + month-subdir versions); accepted the ~4 GB of duplicate overhead rather than crafting per-year include patterns because Jupiter has plenty of array space.
• Install Jupiter's pubkey on IX root (not gurushow). root has unconditional access to the entire archive tree; using gurushow would have worked but required either password auth or installing the key under a non-admin account. The pubkey install is durable infrastructure setup that future syncs can reuse without re-prompting.
• Drop the redundant local memory entry rather than merge. Local feedback_appointment_owner_first.md was a thinner, generic restatement of Howard's feedback_syncro_appointment_owner.md (which has Syncro-specific detail, the exact ticket trigger #32263, owner-vs-attendees nuance, the preview format, and the what-NOT-to-do section). git reset --hard HEAD~1 cleanly dropped the local commit; the rebase then fast-forwarded with no conflict on the second attempt.
• NSSM service runs as LocalSystem (NSSM default), not as a user account. Avoids needing to store Mike's Windows password and matches how GuruRMM-style services typically run. Trade-off: SYSTEM context can hit user-profile path issues — flagged as a known watch item. If vault or identity paths fail under SYSTEM, fall back to running the service under .\guru with a vaulted password.
• Enroll in Apple Developer Program now even though shipping unsigned v1 is possible. $99/year and 1-week enrollment clock is small overhead; the cert investment unlocks the long-term no-friction install path. Without enrollment, every macOS install for Sylvia and future clients requires a right-click→Open dance, which doesn't scale past a handful of installs.
• Fix D&B record before resubmitting Apple verification, not the other way. Apple compares enrollment name / DUNS record / Articles of Organization in a single review pass; mismatches bounce. Submitting the verification packet now with a mismatched D&B record would just get rejected and force a redo, costing more wall-clock time than waiting for iUpdate to propagate the correction first.
• Recommend iUpdate (free, 5–15 days) over expedited D&B Customer Service ($50–$200, 24–72 h). Apple won't cancel the enrollment for a slow D&B turn — there's no time pressure that justifies paying for expedited correction. Pending Mike's preference if he wants to spend the money to compress the timeline.

---

Problems Encountered

• Jupiter /api/audio/{id} returned 404 after UI deploy. Pre-existing deployment gap — the FastAPI app was deployed but the /data/episodes/ MP3 tree was never populated. Resolved by rsyncing IX → Jupiter (8.09 GB, ~75 s over LAN). FastAPI volume mount /mnt/user/appdata/radio-archive/data:/data:ro picked up the new files immediately; no container restart needed.
• plink batch-mode SSH refused unknown host key on first IX probe. Default -batch fails closed if the target's host key isn't in the PuTTY registry. Worked around by passing -hostkey 'ssh-ed25519 255 SHA256:GZYP/o5XUoRtFRCv1iGjxmqGfQoEsMuiNQBJucoJUh8' explicitly. After that probe, Jupiter→IX passwordless SSH worked because the key install succeeded.
• Jupiter→IX ssh emitted hostfile_replace_entries: Operation not permitted for /root/.ssh/known_hosts. Cosmetic — Unraid's filesystem doesn't permit the rename-based atomic update OpenSSH wants. The new known_hosts entry was still added to the in-memory state and the session worked. Did not block.
• Discord bot dead since 2026-05-06 12:22 PT, no error logged. Bot had been running interactively; some reboot/terminal close on the 6th killed it silently. No watchdog, no service wrapper, no auto-restart. Resolved by installing it as an NSSM service with auto-start, auto-restart (5 s delay), and rotating logs — so future reboots can't take it down silently again.
• NSSM not installed on GURU-BEAST-ROG. Resolved by winget install NSSM.NSSM (2.24-101, 405 KB). Required PowerShell Path refresh from machine+user scope to make nssm available in the current session before the install/config commands could run.
• /sync rebase conflict on .claude/memory/MEMORY.md. Local commit added feedback_appointment_owner_first.md (which I had drafted earlier in the session) covering the same rule as Howard's incoming feedback_syncro_appointment_owner.md. Resolved by aborting the rebase, git reset --hard HEAD~1 to drop the local commit entirely, then re-running sync to fast-forward 3 commits cleanly.
• Apple verification request bounced enrollment immediately. Apple flagged that "COMPUTER GURU" (the D&B record name) needs to be a legal entity. Real cause: the D&B record name (COMPUTER GURU) doesn't match the AZ Corporation Commission filing (Arizona Computer Guru LLC) — three-way name match across enrollment / DUNS / Articles will fail. Resolution path: update D&B name first via iUpdate (free, 5–15 business days) or pay D&B Customer Service ($50–$200, 24–72 h) for expedited update, then submit verification packet. Vaulted the blocker, document list, and full sequence at infrastructure/apple-developer-program.sops.yaml.

---

Credentials & Secrets

Servers used

Server	User	Auth	Value
Jupiter (172.16.3.20)	root	password	Th1nk3r^99##
IX (172.16.3.10)	root	password	t4qygLl7{1zJcUj#022W^FBQ>}qYp-Od
IX (172.16.3.10)	root	pubkey	Jupiter root's id_ed25519 added to /root/.ssh/authorized_keys this session

SSH keys installed

• Jupiter root pubkey (now authorized on IX root):

  ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOS3AQMPhMl5c3r9hY0dT3w24NkEU5gshN43PwPn2Jvq root@Jupiter
  

Apple Developer Program (pending verification)

• Enrollment ID: HH5UA87LAH
• DUNS (registered to "COMPUTER GURU"): 005661506
• Target legal name: Arizona Computer Guru LLC
• Verification upload URL: https://developer.apple.com/contact/file-upload/
• D&B update portal: https://iupdate.dnb.com
• D&B Customer Service: 1-800-234-3867 (expedited update, paid)
• Apple ID, Team ID, certs, App Store Connect API key: pending (will populate at vault entry infrastructure/apple-developer-program.sops.yaml as they come in)

Discord bot service

• Service name: ClaudeToolsDiscordBot
• Display name: ClaudeTools Discord Bot
• Binary: C:\Users\guru\ClaudeTools\projects\discord-bot\.venv\Scripts\python.exe
• Args: -m bot.main
• AppDirectory: C:\Users\guru\ClaudeTools\projects\discord-bot
• Account: LocalSystem (NSSM default)
• Discord token, Anthropic API key, etc. unchanged in .env (gitignored)
• Bot user ID: 1499868551601983652 (per logs)

---

Infrastructure & Servers

Jupiter — 172.16.3.20 (Unraid Docker host, primary)

• Vault path: infrastructure/jupiter-unraid-primary.sops.yaml
• Hostname: jupiter
• OS / Docker: Linux Jupiter 6.12.54-Unraid; Docker 27.5.1
• Container modified this session: radio-archive
  • Image: radio-archive:latest (rebuilt, sha256:0ba76547…)
  • Bind: 172.16.3.20:8765 -> 8765/tcp
  • Mount: /mnt/user/appdata/radio-archive/data:/data:ro
  • Restart policy: unless-stopped
• Paths:
  • App source: /mnt/user/appdata/radio-archive/app/main.py
  • DB: /mnt/user/appdata/radio-archive/data/archive.db
  • NEW: MP3 tree /mnt/user/appdata/radio-archive/data/episodes/{YYYY}/{N - Month}/*.mp3 (590 files, 8.09 GB)
• Auth: root + Th1nk3r^99## for plink/pscp; ed25519 keypair at /root/.ssh/id_ed25519 (now authorized on IX root)

IX — 172.16.3.10 (Rocky Linux, cPanel/WHM)

• Vault path: infrastructure/ix-server.sops.yaml
• Hostname: ix.azcomputerguru.com
• Archive source: /home/gurushow/public_html/archive/
  • Year dirs: 2010/ 2011/ 2012/ 2014/ 2015/ 2016/ 2017/ 2018/ (no 2013 season)
  • Layout: {YYYY}/{N - Month}/*.mp3 (loose duplicates also exist at year root)
  • Excluded from rsync: Radio/Elements/ (unrelated, 203 MB), index.html*
• Total size on disk: 7.8 GB (the May 1 estimate of 30–40 GB was wrong)
• Host key fingerprint (ssh-ed25519, SHA256): GZYP/o5XUoRtFRCv1iGjxmqGfQoEsMuiNQBJucoJUh8
• Jupiter root pubkey added to /root/.ssh/authorized_keys on 2026-05-08

Discord bot host (GURU-BEAST-ROG)

• Service: ClaudeToolsDiscordBot (NSSM)
• NSSM 2.24-101 installed via winget at C:\Users\guru\AppData\Local\Microsoft\WinGet\Links\nssm.exe
• Bot connects to Arizona Computer Guru Discord guild (ID 624663750603046913)

---

Commands & Outputs

Radio-show deploy

# 1. Push main.py to Jupiter
echo y | "/c/Program Files/PuTTY/pscp.exe" -batch -pw 'Th1nk3r^99##' -scp \
    /c/Users/guru/ClaudeTools/projects/radio-show/audio-processor/server/main.py \
    root@172.16.3.20:/mnt/user/appdata/radio-archive/app/main.py
# main.py | 55 kB | 100%

# 2. Rebuild container on Jupiter
"/c/Program Files/PuTTY/plink.exe" -batch -ssh -pw 'Th1nk3r^99##' root@172.16.3.20 \
  "cd /mnt/user/appdata/radio-archive/app && docker compose up -d --build"
# Container radio-archive Recreated, Started

# 3. Smoke test
curl -s http://172.16.3.20:8765/ -o ix.html -w "index: %{http_code} %{size_download}B\n"
# index: 200 21229B
curl -s http://172.16.3.20:8765/episode/139 -o ep.html -w "ep139: %{http_code} %{size_download}B\n"
# ep139: 200 74365B
# Markers present: --accent, c39733, browse-toggle, loading::after, now-playing,
# preload="metadata", qaBlocks, sticky

Jupiter→IX SSH key install + rsync

# 1. Probe IX archive structure + install Jupiter pubkey via plink (one shot)
"/c/Program Files/PuTTY/plink.exe" -batch -ssh -pw 't4qygLl7{1zJcUj#022W^FBQ>}qYp-Od' \
  -hostkey 'ssh-ed25519 255 SHA256:GZYP/o5XUoRtFRCv1iGjxmqGfQoEsMuiNQBJucoJUh8' \
  root@172.16.3.10 \
  "echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOS3AQMPhMl5c3r9hY0dT3w24NkEU5gshN43PwPn2Jvq root@Jupiter' >> /root/.ssh/authorized_keys"

# 2. Verify passwordless SSH Jupiter -> IX
"/c/Program Files/PuTTY/plink.exe" -batch -ssh -pw 'Th1nk3r^99##' root@172.16.3.20 \
  "ssh -o BatchMode=yes -o StrictHostKeyChecking=accept-new root@172.16.3.10 'echo ok; hostname'"
# ok-from-jupiter
# ix.azcomputerguru.com

# 3. Dry-run rsync (count + size estimate)
"/c/Program Files/PuTTY/plink.exe" -batch -ssh -pw 'Th1nk3r^99##' root@172.16.3.20 \
  "mkdir -p /mnt/user/appdata/radio-archive/data/episodes && \
   rsync -ahn --info=stats2 --exclude=Radio --exclude='index.html*' \
     root@172.16.3.10:/home/gurushow/public_html/archive/ \
     /mnt/user/appdata/radio-archive/data/episodes/"
# Number of files: 675 (reg: 590, dir: 85)
# Total file size: 8.09G bytes

# 4. Real rsync (background, ~75 s)
"/c/Program Files/PuTTY/plink.exe" -batch -ssh -pw 'Th1nk3r^99##' root@172.16.3.20 \
  "rsync -ah --info=progress2 --exclude=Radio --exclude='index.html*' \
     root@172.16.3.10:/home/gurushow/public_html/archive/ \
     /mnt/user/appdata/radio-archive/data/episodes/"
# Peak 109.93 MB/s, completed exit 0

# 5. Confirm audio endpoint works
curl -s --max-time 8 -r 0-127 -o /dev/null \
  -w "ep139 audio: HTTP %{http_code} ct=%{content_type} len=%{size_download}B\n" \
  http://172.16.3.20:8765/api/audio/139
# ep139 audio: HTTP 206 ct=audio/mpeg len=128B
# ep479 audio: HTTP 206 ct=audio/mpeg len=128B

Discord bot NSSM service install

winget install --id NSSM.NSSM --accept-source-agreements --accept-package-agreements --silent
# Successfully installed (2.24-101 at C:\Users\guru\AppData\Local\Microsoft\WinGet\Links\nssm.exe)

# Stop the temporary pythonw process started earlier
Stop-Process -Id 62720 -Force

# Install + configure the service
$svc = 'ClaudeToolsDiscordBot'
$wd  = 'C:\Users\guru\ClaudeTools\projects\discord-bot'
$py  = "$wd\.venv\Scripts\python.exe"
$logs = "$wd\logs"

nssm install $svc $py '-m' 'bot.main'
nssm set $svc AppDirectory $wd
nssm set $svc DisplayName 'ClaudeTools Discord Bot'
nssm set $svc Description 'Discord bot bridging the MSP team to ClaudeTools (Claude Agent SDK in a Discord channel)'
nssm set $svc Start SERVICE_AUTO_START
nssm set $svc AppStdout "$logs\stdout.log"
nssm set $svc AppStderr "$logs\stderr.log"
nssm set $svc AppRotateFiles 1
nssm set $svc AppRotateOnline 1
nssm set $svc AppRotateBytes 10485760
nssm set $svc AppExit Default Restart
nssm set $svc AppRestartDelay 5000

Start-Service ClaudeToolsDiscordBot
# Status: Running, StartType: Automatic
# Bot reconnected: [OK] Bot connected as ClaudeTools (ID: 1499868551601983652)

Conflict resolution on /sync

# After conflict on .claude/memory/MEMORY.md (local + Howard both edited)
git rebase --abort
git reset --hard HEAD~1
# HEAD now at 56ada4b (pre-redundant-commit state)

# Re-run sync, clean fast-forward
bash /c/Users/guru/ClaudeTools/.claude/scripts/sync.sh
# Fast-forward 3 commits, nothing to push

Apple Dev vault entry

bash /c/Users/guru/ClaudeTools/.claude/scripts/vault.sh add infrastructure/apple-developer-program.sops.yaml
# Wrote plaintext file with full structure
cd /c/Users/guru/vault && sops --encrypt --in-place infrastructure/apple-developer-program.sops.yaml
git add infrastructure/apple-developer-program.sops.yaml
git -c user.name="Mike Swanson" -c user.email="mike@azcomputerguru.com" \
  commit -m "infrastructure/apple-developer-program: DUNS 005661506 + Apple verification packet pending"

---

Configuration Changes

Files modified (committed to ClaudeTools / origin already at HEAD)

• None this session — the radio-show main.py already on origin/main at b008b61.

Files modified (committed to ClaudeTools, awaiting push via /sync)

• None pending in ClaudeTools at end of session.

Files modified (vault repo, committed locally; next /sync will push)

• infrastructure/apple-developer-program.sops.yaml — NEW. Two commits:
  • 4f8f5f7 — initial entry with enrollment ID + status pending-activation + structure.
  • 78706ca — added DUNS 005661506, set status: pending-verification, captured Apple verification request, documented D&B mismatch + iUpdate path + recommended sequence.

Server-side changes

• Jupiter — /mnt/user/appdata/radio-archive/app/main.py replaced (redesign + sort fix); radio-archive Docker image rebuilt; /mnt/user/appdata/radio-archive/data/episodes/ populated with 590 MP3s (8.09 GB).
• IX — /root/.ssh/authorized_keys appended with Jupiter root's ed25519 pubkey. No other changes.
• GURU-BEAST-ROG — NSSM 2.24-101 installed via winget. Windows service ClaudeToolsDiscordBot created (auto-start, auto-restart, LocalSystem account). Discord bot bot.log now also captured by NSSM as stdout.log / stderr.log (10 MB rotation) — note: the bot's own internal logs/bot.log still writes too, so there are two log files going forward (NSSM-captured is in addition to bot-internal).

Memory files synced from origin (not edited locally this session)

• feedback_syncro_appointment_owner.md — Howard's Kittle #32263 rule
• feedback_clear_recyclebin_system_context.md — Howard's ASSISTMAN-PC RMM finding

---

Pending / Incomplete Tasks

Apple Developer Program enrollment

• Update D&B record name from "COMPUTER GURU" to "Arizona Computer Guru LLC". Submit at https://iupdate.dnb.com (free, 5–15 business days) or call D&B Customer Service at 1-800-234-3867 for paid expedited update (24–72 h, ~$50–$200). DUNS 005661506.
• Gather Apple verification packet (in parallel with D&B):
  • Government photo ID — driver's license (both sides) or passport
  • Employment verification — self-signed letter on Arizona Computer Guru LLC letterhead confirming Mike Swanson is President with binding authority. (Offered to draft, declined this turn.)
  • Articles of Organization — pull from https://ecorp.azcc.gov entity record → Documents tab
• Upload verification packet at https://developer.apple.com/contact/file-upload/ once D&B name change is confirmed.
• After Apple approves enrollment:
  • Capture Team ID (10-char) into the vault entry
  • Generate Developer ID Application + Developer ID Installer certs from developer.apple.com
  • Export both as .p12, vault them, update p12_location fields
  • Create App Store Connect API key for notarytool, store .p8 in vault
  • Document the macOS sign + notarize pipeline at projects/msp-tools/guru-rmm/docs/macos-signing.md

GuruRMM macOS agent (gated on Apple Dev)

• Build Rust agent for aarch64-apple-darwin + x86_64-apple-darwin
• Server route /install/<site>/macos returning shell installer or signed .pkg
• LaunchDaemon manifest (macOS analog of the existing systemd unit)
• Code sign + notarize the binary (gated on Developer ID certs)
• Sylvia (Kittle Main Office, WEST-MEADOW-9025) is the blocked user — once installer is ready, deploy first there

Cloudflare bot challenge breaking install one-liners

• Add Cloudflare WAF skip rule for (http.request.uri.path matches "^/install/") on the GuruRMM endpoint per Howard's 2026-05-07 note. Recommended over UA-flag workaround.

IMC1 SQL consolidation (Howard's items, partially addressed by your e03e991 commit — verify)

• Confirm e03e991 "IMC1: Memory allocation approval + AD/WSUS clarification" covers all four of Howard's asks: SQLEXPRESS 12 GB cap, WID 512 MB cap, AIMSQL 256 MB cap, AIMSQL consolidation path, WID consolidation path, Server 2016 EOL migration scope. If gaps remain, flag back to Howard.

Cascades (Howard's items, in flight on the MSP-app side)

• SDM phone activation — Howard verifying 2026-05-08 (next-day) with the new devices@cascadestucson.com Cloud Device Administrator account. ~30 more phones to roll once verified.
• ALIS SSO — blocked on Medtelligent enabling the Entra SSO app on the Cascades tenant; vaulted at clients/cascades-tucson/alis-sso-app-registration.sops.yaml. Three values ready to paste once they act.

Discord bot service watch items

• Confirm bot continues to work as LocalSystem across vault/identity-path-dependent code paths. If anything fails under SYSTEM, switch service to run under .\guru with a vaulted password.
• Consider adding .gitignore entry for .claude/scheduled_tasks.lock to eliminate the recurring rebase conflict noise (still a carry-forward from the May 1 session).

Stamback Septic

• Confirm Syncro prepay block shows 3.5 hrs on customer page next time you're in there. Registry-wipe backups on Joe's laptop at C:\Windows\Temp\onedrive_cleanup_backup\ — leave ~30 days, then clear.

---

Reference Information

Radio-show

• Local repo: c:\Users\guru\ClaudeTools\projects\radio-show\audio-processor\
• Local server file: projects/radio-show/audio-processor/server/main.py
• Local archive: projects/radio-show/audio-processor/archive-data/
• Jupiter URLs:
  • Search index: http://172.16.3.20:8765/
  • Episode page: http://172.16.3.20:8765/episode/{id}
  • Audio stream: http://172.16.3.20:8765/api/audio/{id} (HTTP 206 with Range header)
  • QA list: http://172.16.3.20:8765/api/qa
• DB on Jupiter: /mnt/user/appdata/radio-archive/data/archive.db (572 episodes per local snapshot; FTS5 over segments + qa_pairs)

Apple Developer Program

• Vault entry: infrastructure/apple-developer-program.sops.yaml
• Enrollment ID: HH5UA87LAH
• Enrollment status URL: https://developer.apple.com/enroll/
• Verification upload URL: https://developer.apple.com/contact/file-upload/
• DUNS lookup (Apple-routed): https://developer.apple.com/enroll/duns-lookup/
• D&B iUpdate portal (free record correction): https://iupdate.dnb.com
• D&B Customer Service (expedited): 1-800-234-3867
• AZ corp filing portal: https://ecorp.azcc.gov

Discord bot

• Repo: projects/discord-bot/
• Service: ClaudeToolsDiscordBot (NSSM)
• Logs:
  • Bot's internal: projects/discord-bot/logs/bot.log
  • NSSM-captured: projects/discord-bot/logs/stdout.log + stderr.log (10 MB rotation)
• Manage: Start-Service / Stop-Service ClaudeToolsDiscordBot, or nssm edit ClaudeToolsDiscordBot for the GUI editor.

Commits during this session

SHA	Repo	Author	Subject
4f8f5f7	vault	Mike Swanson	infrastructure: vault Apple Developer Program enrollment (HH5UA87LAH)
78706ca	vault	Mike Swanson	infrastructure/apple-developer-program: DUNS 005661506 + Apple verification packet pending
2f95f65 (discarded)	ClaudeTools	Mike Swanson	sync: auto-sync from GURU-BEAST-ROG (held redundant feedback_appointment_owner_first.md; dropped via reset)

No ClaudeTools-repo commits landed this session beyond the discarded sync commit. Vault is local-only ahead of next /sync.