azcomputerguru/claudetools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
295126ee6c4abe2588f94de0e022eabdbb1c925d
claudetools/.claude/machines/guru-kali.md
Mike-Swanson e8b19a87f3 sync: auto-sync from GURU-KALI at 2026-05-25 05:02:02 
Author: Mike Swanson
Machine: GURU-KALI
Timestamp: 2026-05-25 05:02:02
2026-05-25 05:02:03 -07:00

143 lines
6.7 KiB
Markdown
Raw Blame History

# Machine: GURU-KALI
**Hostname:** GURU-KALI
**Last Updated:** 2026-05-25
---
## Hardware Specs
| Spec | Value |
|------|-------|
| Model | Lenovo Legion Pro 5 16IRX9 (laptop) |
| CPU | Intel Core i9-14900HX (24 cores / 32 threads) |
| Memory | 31 GiB + 31 GiB swap |
| GPU | NVIDIA RTX 4070 Mobile/Max-Q (8 GB VRAM) + Intel UHD iGPU |
| Storage | 906 GB NVMe (~831 GB free) |
---
## Software
| Spec | Value |
|------|-------|
| OS | Kali GNU/Linux Rolling, kernel 6.19.14+kali-amd64 |
| Python | 3.13.12 |
| Node.js | v24.15.0 / npm 11.12.1 |
| Go | installed |
| Rust | 1.95.0 (rustc + cargo via rustup, `~/.cargo`) — added 2026-05-24 |
| Git | 2.53.0 |
| sops | 3.13.1 (`~/.local/bin/sops`) |
| psql | 18.3 |
| mysql/mariadb client | 11.8.6 |
| nmap | 7.99 (Kali security tooling) |
| GuruRMM build dev libs | libgtk-3-dev, libayatana-appindicator3-dev, libxdo-dev, libssl-dev, pkg-config (for agent + tray builds) — added 2026-05-24 |
| NVIDIA driver | nvidia-open 595.71.05 (open kernel modules + CUDA, DKMS) — built/signed for kernel 6.19 via the NVIDIA CUDA debian13 repo; nouveau blacklisted; **ACTIVE AFTER REBOOT**. Added 2026-05-25. |
| jq | 1.8.1 (added 2026-05-24, needed by hooks) |
| gh / docker / age / op / grepai / ollama | NOT installed |
---
## Ollama Models
None — Ollama not installed. If installed, `qwen3:8b` (5.2 GB) fits the 8 GB VRAM
fully (mirrors DESKTOP-0O8A1RL prose model); qwen3.6 / codestral / qwen3:14b would
split to CPU. GPU acceleration is available via nvidia-open 595.71.05 (CUDA) once the
pending reboot activates the driver. See `.claude/OLLAMA.md`.
---
## Claude Code Environment
- **Working Directory:** /home/guru/claudetools
- **User:** guru
- **Shell:** zsh (interactive); bash for scripts
- **Git:** Configured for Gitea (git.azcomputerguru.com)
- **Identity:** mike (identity.json configured)
- **Vault:** /home/guru/vault (SOPS + age, decryption verified working)
- **Age key:** `~/.config/sops/age/keys.txt` (mode 600), recipient #1
`age1qz7ct84m50u06h97artqddkj3c8se2yu4nxu59clq8rhj945jc0s5excpr`
- **Privileges:** guru in `sudo` group; **passwordless sudo enabled**
(`/etc/sudoers.d/guru-nopasswd`, 2026-05-24) — Claude can run privileged ops.
- **GuruRMM clone:** `/home/guru/gururmm` (canonical server-side path) — builds
agent + tray locally with cargo; also an enrolled managed agent (id `a73ba38e`,
systemd `gururmm-agent.service`).
---
## Network
| Interface | Address |
|-----------|---------|
| Wi-Fi (wlan0) | 10.2.209.225/16 (gw 10.2.0.1) — NOT company LAN |
| Tailscale | 100.75.148.91 (joined 2026-05-24, mike@) |
Field/mobile laptop on wifi; Tailscale now bridges to internal services. pfSense-2
advertises subnet `172.16.0.0/22` into the tailnet and this node runs with
`--accept-routes`, so company LAN host `172.16.3.30` is reachable via `tailscale0`.
Verified 2026-05-24: coord API `172.16.3.30:8001` -> HTTP 200, remote Ollama
`100.92.127.64:11434` -> HTTP 200 (5 models). (D2TESTNAS also advertises
192.168.0.0/24 + 192.168.100.0/24.)
---
## Capabilities
- [x] Git operations (over public internet)
- [x] SOPS vault decryption (verified)
- [x] Claude Code CLI
- [x] Security tooling (Kali — nmap, etc.)
- [x] DB clients present (psql, mariadb) — usable only when on-LAN
- [x] coord API / DB reachable (via Tailscale subnet route 172.16.0.0/22)
- [x] Tailscale (100.75.148.91)
- [x] Tier 0 remote Ollama reachable over Tailscale (100.92.127.64)
- [x] Rust toolchain (1.95.0) + GuruRMM agent/tray build deps (GTK/appindicator/openssl)
- [x] Passwordless sudo (guru)
- [x] Enrolled GuruRMM managed agent (id a73ba38e, systemd service)
- [ ] Ollama LOCAL (not installed — would add offline Tier 0)
- [ ] GrepAI semantic search (not installed)
- [ ] 1Password CLI (op not installed)
- [~] NVIDIA CUDA compute — nvidia-open 595.71.05 installed (DKMS built on kernel 6.19); ACTIVE after reboot
- [ ] Docker
---
## Notes
- **Strongest raw hardware in the fleet** for AI inference (i9-14900HX, 31 GB RAM,
RTX 4070 8 GB). NVIDIA driver now installed (see 2026-05-25 note) — GPU/CUDA compute
available after the pending reboot.
- **Field/mobile laptop.** On wifi off the company LAN, but Tailscale (added
2026-05-24) bridges to internal services, so coord API/DB and remote Ollama work.
A local Ollama would still add value for *offline* use (away from any network).
- Onboarding (`LINUX_PC_ONBOARDING.md`) status: /sync OK, vault OK, identity OK,
Tailscale OK; PENDING — local Ollama (optional), GrepAI, 1Password CLI.
- 2026-05-24: chose Tailscale-only for now; local Ollama + NVIDIA driver deferred.
- 2026-05-24: set up as the **GuruRMM Linux dev/test box** — Rust + GTK build env,
`gururmm` cloned, enrolled agent runs the new Linux tray (Unix-socket IPC + GTK)
build. See gururmm PR #13 (`feat/linux-tray-ipc`). The systemd unit was patched
locally with `RuntimeDirectory=gururmm`; service runs an unsigned local build
until the PR merges and the pipeline ships a signed agent.
- **2026-05-24: screen lock on timeout INTENTIONALLY DISABLED (user request).**
xfce4-screensaver `/lock/enabled=false` + `/lock/saver-activation/enabled=false`
(+ `/lock/sleep-activation=false`); xfce4-power-manager `lock-screen-suspend-hibernate=false`.
Screen may still blank/screensave on idle but does NOT prompt for a password. Do NOT
re-enable. Persisted in `~/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-screensaver.xml`
(machine-local, not in the repo).
- **2026-05-24: idle-suspend (sleep) DISABLED on AC *and* battery (user request).**
xfce4-power-manager `inactivity-on-ac=0`, `inactivity-on-battery=0` (+ sleep-mode actions 0).
Why both: it was sleeping while plugged in because the ACPI AC-adapter state goes **stale** on
this Legion + kernel 6.19 (the EC doesn't reliably send AC plug/unplug events, esp. across S3
resume), so the OS intermittently thought it was on battery and applied the 10-min battery
suspend. `udevadm trigger --action=change /sys/class/power_supply/ADP0` forces a re-read
(online flips back to 1). Disabling idle-suspend on both states makes the flaky detection
harmless. Do NOT re-enable. Persisted in `xfce4-power-manager.xml` (machine-local). Proper
upstream fix = Lenovo BIOS/EC update.
- **2026-05-25: NVIDIA driver installed — nvidia-open 595.71.05** (open kernel modules + CUDA),
via the NVIDIA CUDA `debian13` repo (cuda-keyring) since Kali only packages 550 (too old for
kernel 6.19). DKMS module built + signed for `6.19.14+kali-amd64`; nouveau blacklisted
(`/etc/modprobe.d/nvidia.conf`) + initramfs rebuilt. **Requires one reboot to activate** (swap
the dGPU off nouveau). Hybrid graphics: Intel i915 stays the display, NVIDIA dGPU for
CUDA/offload. Secure Boot off. Verify post-reboot: `nvidia-smi` (expect RTX 4070 Mobile, driver
595.71.05). Unblocks the local-Ollama-on-GPU option.
Reference in New Issue View Git Blame Copy Permalink