azcomputerguru/claudetools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3328a247427c82afad52cee25ee3efaf2b791f1d
claudetools/credentials.md
Howard Enos 02e690c6bb Add Sombra Residential LLC client + Server2013 docs 
- New clients/sombra-residential/CONTEXT.md (server stub, GuruRMM agent, EOL flag)
- credentials.md: pointer to vault for Administrator password
2026-04-30 14:27:30 -07:00

24 KiB
Raw Blame History

Credentials & Authorization Reference

Last Updated: 2026-03-24 Purpose: Centralized credentials for Claude Code context recovery Project: ClaudeTools MSP Work Tracking System Backend: 1Password (vaults: Infrastructure, Clients, Projects, MSP Tools)

How to Read Secrets

# Single field
op read "op://VaultName/ItemTitle/field_name"

# Full item
op item get "ItemTitle" --vault VaultName

# With service account (no biometric)
export OP_SERVICE_ACCOUNT_TOKEN="op://Infrastructure/Service Account Auth Token: Agentic_Cli/credential"

Infrastructure - SSH Access

GuruRMM Server (172.16.3.30)

  • Host: 172.16.3.30
  • Hostname: gururmm / gururmm-build
  • User: op://Infrastructure/GuruRMM Server/username
  • SSH Password: op://Infrastructure/GuruRMM Server/password
  • Sudo Password: op://Infrastructure/GuruRMM Server/password
  • SSH Port: 22
  • Role: Production server hosting ClaudeTools database and API, GuruRMM system, cross-platform builds
  • Services:
    • MariaDB 10.6.22 (Port 3306)
    • PostgreSQL 14 (Port 5432)
    • ClaudeTools API (Port 8001)
    • GuruRMM API (Port 3001)
    • Nginx reverse proxy (Port 80/443)
  • ClaudeTools Database:
    • Database: claudetools
    • User: op://Infrastructure/GuruRMM Server/Databases.MariaDB User
    • Password: op://Infrastructure/GuruRMM Server/Databases.MariaDB Password
  • GuruRMM Database (PostgreSQL):
    • Database: gururmm
    • User: op://Infrastructure/GuruRMM Server/Databases.PostgreSQL User
    • Password: op://Infrastructure/GuruRMM Server/Databases.PostgreSQL Password
    • Connection: postgres://[user]:[pass]@172.16.3.30:5432/gururmm
  • GuruRMM API Access:
    • Base URL: http://172.16.3.30:3001
    • Production URL: https://rmm-api.azcomputerguru.com
    • Admin Email: op://Infrastructure/GuruRMM Server/GuruRMM API.Admin Email
    • Admin Password: op://Infrastructure/GuruRMM Server/GuruRMM API.Admin Password
    • JWT Secret: op://Infrastructure/GuruRMM Server/GuruRMM API.JWT Secret
  • OS: Ubuntu 22.04 LTS
  • SSH Keys: guru@wsl, guru@gururmm-build (ed25519)

Jupiter (Unraid Primary - 172.16.3.20)

  • Host: 172.16.3.20
  • User: op://Infrastructure/Jupiter (Unraid Primary)/username
  • SSH Port: 22
  • Password: op://Infrastructure/Jupiter (Unraid Primary)/password
  • WebUI Password: op://Infrastructure/Jupiter (Unraid Primary)/password
  • Role: Primary container host, Gitea server, NPM, GuruRMM, Seafile
  • Services:
    • Gitea (Port 3000, SSH 2222)
    • Docker containers
    • NPM (Nginx Proxy Manager) - Ports 1880 (HTTP), 18443 (HTTPS), 7818 (admin)
    • GuruRMM API (Port 3001)
    • Seafile Pro (Port 8082)
  • iDRAC (Dell Remote Management):
    • IP: 172.16.1.73 (DHCP)
    • User: op://Infrastructure/Jupiter (Unraid Primary)/iDRAC.iDRAC User
    • Password: op://Infrastructure/Jupiter (Unraid Primary)/iDRAC.iDRAC Password
    • IPMI Key: op://Infrastructure/Jupiter (Unraid Primary)/iDRAC.IPMI Key
    • Web UI: https://172.16.1.73/
  • SSH Keys: claude-code@localadmin (ed25519), root@GuruSync (ed25519), guru@wsl (ed25519), guru@gururmm-build (ed25519)

IX Server (Hosting - 172.16.3.10)

  • Host: ix.azcomputerguru.com
  • Internal IP: 172.16.3.10
  • External IP: 72.194.62.5
  • User: op://Infrastructure/IX Server/username
  • SSH Port: 22
  • Password: op://Infrastructure/IX Server/password
  • OS: Rocky Linux (WHM/cPanel)
  • Role: Primary cPanel hosting server for client websites (80+ accounts)
  • Services:
    • WHM (Web Host Manager) - Port 2087
    • cPanel - Port 2083
    • Apache/LiteSpeed web server
    • MariaDB (multiple client databases)
    • PHP-FPM
  • Access Methods:
  • VPN Required: Yes (for external SSH access)
  • Hosted Sites: 40+ WordPress sites

WebSvr (Legacy Hosting - websvr.acghosting.com)

  • Host: websvr.acghosting.com
  • External IP: 162.248.93.81
  • User: op://Infrastructure/WebSvr (Legacy Hosting)/username
  • SSH Port: 22
  • Password: op://Infrastructure/WebSvr (Legacy Hosting)/password
  • OS: CentOS 7 (WHM/cPanel)
  • Role: Legacy cPanel hosting server, DNS management for ACG Hosting domains
  • API Token: op://Infrastructure/WebSvr (Legacy Hosting)/API.API Token
  • Status: Active - DNS management, some legacy sites

pfSense Firewall (172.16.0.1)

  • Host: 172.16.0.1
  • SSH Port: 2248
  • User: op://Infrastructure/pfSense Firewall/username
  • Password: op://Infrastructure/pfSense Firewall/password
  • OS: FreeBSD (pfSense 2.8.1)
  • Role: Primary network firewall, VPN gateway, Tailscale gateway
  • Services:
    • Firewall rules
    • VPN server
    • Tailscale subnet router
    • DHCP server
  • Tailscale:
    • Tailscale IP: 100.79.69.82 (pfsense-1) / 100.119.153.74 (pfsense-2)
    • Subnet Routes: 172.16.0.0/22
  • Web UI: https://172.16.0.1
  • Status: CRITICAL PRODUCTION - Network gateway
  • Network:
    • LAN Subnet: 172.16.0.0/16
    • OpenVPN: 192.168.6.0/24
    • WAN (Fiber): 98.181.90.163/31
    • Public IPs: 72.194.62.2-10, 70.175.28.51-57

Saturn - DECOMMISSIONED

  • Host: formerly 172.16.3.21 (IP reused by Uranus 2026-04)
  • User: op://Infrastructure/Saturn (DECOMMISSIONED)/username
  • Password: op://Infrastructure/Saturn (DECOMMISSIONED)/password
  • OS: Unraid 6.x
  • Status: DECOMMISSIONED - Migration to Jupiter complete (Seafile migrated 2025-12-27)

Uranus (Unraid Secondary - 172.16.3.21)

  • Host: 172.16.3.21
  • Hostname: Uranus
  • User: root
  • Password: bash D:/vault/scripts/vault.sh get-field infrastructure/uranus-unraid.sops.yaml credentials.password
  • OS: Unraid 7.2.4 (kernel 6.12.54)
  • Hardware: Dell PowerEdge R730xd
  • CPU: Intel Xeon E5-2630 v3 @ 2.40GHz, 32 threads
  • RAM: 7.7 GiB (LOW — upgrade planned before Windows build VM deploys)
  • Array: 6+ x 12 TB + 16 TB drives (~75 TB raw)
  • Role: Additional storage, Pavon Archive (SMB share Storage), future Windows build VM
  • History: Formerly 'Pavon' server at 172.16.1.33 (client-side). Renamed and re-IP'd April 2026 when moved into ACG infrastructure.
  • OwnCloud integration: external storage mount ID 6 on cloud.acghosting.com — SMB Storage share mounted as /Archive for user pavon.

OwnCloud VM (172.16.3.22)

  • Host: 172.16.3.22
  • Hostname: cloud.acghosting.com
  • User: op://Infrastructure/OwnCloud VM/username
  • Password: op://Infrastructure/OwnCloud VM/password
  • OS: Rocky Linux 9.6
  • Role: OwnCloud file synchronization server

VMware Workstation Pro (192.168.3.24)

  • Host: 192.168.3.24
  • User: op://Infrastructure/VMware Workstation/username
  • Password: op://Infrastructure/VMware Workstation/password

HP iLO (172.16.9.125)

  • Host: 172.16.9.125
  • User: op://Infrastructure/HP iLO/username
  • Password: op://Infrastructure/HP iLO/password

External/Client Servers

GoDaddy VPS (208.109.235.224) - Grabb & Durando

  • Host: 208.109.235.224
  • User: root
  • Auth: SSH key (id_ed25519)
  • OS: CloudLinux 9.6
  • Status: OFFLINE - migration complete
  • Database Credentials: op://Clients/GoDaddy VPS - Grabb & Durando (OFFLINE)/Database.*

Neptune Exchange Server (67.206.163.124)

  • Hostname: neptune.acghosting.com
  • Public IP: 67.206.163.124
  • Internal IP: 172.16.3.11 (requires Dataforth VPN)
  • Admin User: op://Clients/Neptune Exchange Server/username
  • Admin Password: op://Clients/Neptune Exchange Server/password
  • Exchange Version: Exchange Server 2016
  • OWA URL: https://neptune.acghosting.com/owa/
  • Status: Active
  • Notes: Requires VPN access (OpenVPN to Dataforth network)

Dataforth Infrastructure

ESXi Host (192.168.0.122)

  • Host: 192.168.0.122
  • User: op://Clients/Dataforth ESXi 122/username
  • Password: op://Clients/Dataforth ESXi 122/password
  • Web UI: https://192.168.0.122
  • SSH User: op://Clients/Dataforth ESXi 122/SSH.SSH User
  • SSH Password: op://Clients/Dataforth ESXi 122/SSH.SSH Password
  • VMs: AD1, AD2, FILES-D1, PBX

ESXi Host (192.168.0.124)

  • Host: 192.168.0.124
  • User: op://Clients/Dataforth ESXi 124/username
  • Password: op://Clients/Dataforth ESXi 124/password

PBX (192.168.100.2)

  • Host: 192.168.100.2
  • Hostname: pbx.intranet.dataforth.com
  • User: op://Clients/Dataforth PBX/username
  • Password: op://Clients/Dataforth PBX/password
  • OS: Debian 12 (Sangoma FreePBX 17)
  • Network: VLAN100 (192.168.100.0/24)
  • SIP Trunk: FirstDigital (66.7.123.215, PJSIP)
  • Extensions: 201-343 range (~35 endpoints)

AD2 (Production Server - 192.168.0.6)

  • Host: 192.168.0.6
  • Hostname: AD2.intranet.dataforth.com
  • Domain: INTRANET
  • User: op://Clients/Dataforth AD2/username
  • Password: op://Clients/Dataforth AD2/password
  • OS: Windows Server 2022
  • Role: Production server, Secondary Domain Controller
  • Service Account:
  • Notes: SMB1 disabled for security (after crypto attack). WinRM port 5985, SSH port 22.

AD1 (Primary Domain Controller - 192.168.0.27)

  • IP: 192.168.0.27
  • Hostname: AD1.intranet.dataforth.com
  • User: op://Clients/Dataforth AD1/username
  • Password: op://Clients/Dataforth AD1/password
  • Role: Primary DC, NPS/RADIUS server
  • NPS Ports: 1812/1813 (auth/accounting)

D2TESTNAS (SMB1 Proxy - 192.168.0.9)

  • Host: 192.168.0.9
  • SSH User: op://Clients/Dataforth D2TESTNAS/username
  • SSH Password: op://Clients/Dataforth D2TESTNAS/password
  • Web User: op://Clients/Dataforth D2TESTNAS/Web.Web User
  • Web Password: op://Clients/Dataforth D2TESTNAS/Web.Web Password
  • Engineer Access: op://Clients/Dataforth D2TESTNAS/SMB.Engineer User / op://Clients/Dataforth D2TESTNAS/SMB.Engineer Password
  • Role: SMB1 proxy/bridge for DOS 6.22 machines
  • Shares: \D2TESTNAS\test (T:), \D2TESTNAS\datasheets (X:)

Dataforth DOS Machines (TS-XX)

  • Network: 192.168.0.0/24
  • OS: MS-DOS 6.22
  • Count: ~30 machines for QC testing
  • Credentials: None (local DOS machines, NULL SMB passwords)
  • Network Drives: T: = \D2TESTNAS\test, X: = \D2TESTNAS\datasheets

UDM (UniFi Dream Machine - 192.168.0.254)

  • IP: 192.168.0.254
  • SSH User: op://Clients/Dataforth UDM/username
  • SSH Password: op://Clients/Dataforth UDM/password
  • Web User: op://Clients/Dataforth UDM/Web.Web User
  • Web Password: op://Clients/Dataforth UDM/Web.Web Password
  • Notes: 2FA push enabled. OpenVPN 192.168.6.0/24.

Services - Web Applications

Gitea (Git Server)

  • URL: https://git.azcomputerguru.com/
  • SSH: ssh://git@172.16.3.20:2222
  • Username: op://Infrastructure/Gitea/username
  • Password: op://Infrastructure/Gitea/password
  • API Token: op://Infrastructure/Gitea/API.API Token
  • Repository: azcomputerguru/ClaudeTools, azcomputerguru/claude-projects

NPM (Nginx Proxy Manager)

  • Admin URL: http://172.16.3.20:7818
  • User: op://Infrastructure/NPM (Nginx Proxy Manager)/username
  • Password: op://Infrastructure/NPM (Nginx Proxy Manager)/password
  • Cloudflare API Token: op://Infrastructure/NPM (Nginx Proxy Manager)/Cloudflare.Cloudflare API Token
  • Proxy Hosts:
    • emby.azcomputerguru.com -> 172.16.2.99:8096
    • git.azcomputerguru.com -> 172.16.3.20:3000
    • plexrequest.azcomputerguru.com -> 172.16.3.31:5055
    • rmm-api.azcomputerguru.com -> 172.16.3.20:3001
    • unifi.azcomputerguru.com -> 172.16.3.28:8443
    • sync.azcomputerguru.com -> 172.16.3.20:8082

ClaudeTools API (Production)

  • URL: http://172.16.3.30:8001
  • Docs: http://172.16.3.30:8001/api/docs
  • Database: op://Projects/ClaudeTools Database/*
  • Auth: JWT tokens (POST /api/auth/token)
  • JWT Secret: op://Projects/ClaudeTools API Auth/credential
  • Test User: op://Projects/ClaudeTools API Auth/Test Email / op://Projects/ClaudeTools API Auth/Test Password

Seafile Pro (File Sync)

  • URL: https://sync.azcomputerguru.com
  • Username: op://Infrastructure/Seafile Pro/username
  • Password: op://Infrastructure/Seafile Pro/password
  • Database: op://Infrastructure/Seafile Pro/Database.*
  • Microsoft Graph API: op://Infrastructure/Seafile Pro/Microsoft Graph.*
  • Storage: 11.8TB

Cloudflare

  • API Token (Full DNS): op://Infrastructure/Cloudflare/API Token Full DNS
  • API Token (Legacy): op://Infrastructure/Cloudflare/API Token Legacy
  • Domain: azcomputerguru.com

Matomo Analytics

  • URL: https://analytics.azcomputerguru.com
  • Username: op://Infrastructure/Matomo Analytics/username
  • Password: op://Infrastructure/Matomo Analytics/password
  • Database: op://Infrastructure/Matomo Analytics/Database.*
  • Site IDs: 1=azcomputerguru.com, 2=community forum, 3=radio show

Projects - ClaudeTools

Database (MariaDB)

  • Host: 172.16.3.30
  • Port: 3306
  • Database: claudetools
  • User: op://Projects/ClaudeTools Database/username
  • Password: op://Projects/ClaudeTools Database/password
  • Connection String: op://Projects/ClaudeTools Database/Connection String
  • Tables: 38 tables (fully migrated)
  • Encryption: AES-256-GCM for credentials table

Encryption Keys

  • Method: AES-256-GCM (Fernet)
  • Key: op://Projects/ClaudeTools Encryption Key/credential
  • Key Storage: Environment variable ENCRYPTION_KEY
  • Warning: DO NOT COMMIT TO GIT

API Authentication

  • Method: JWT tokens
  • JWT Secret: op://Projects/ClaudeTools API Auth/credential
  • Token Endpoint: POST /api/auth/token
  • Test User: op://Projects/ClaudeTools API Auth/Test Email
  • Test Password: op://Projects/ClaudeTools API Auth/Test Password

Projects - GuruRMM

Dashboard/API Login

Database (PostgreSQL)

  • Host: 172.16.3.30
  • Port: 5432
  • Database: gururmm
  • User: op://Projects/GuruRMM Database/username
  • Password: op://Projects/GuruRMM Database/password
  • Connection: op://Projects/GuruRMM Database/Connection String

API Server

Microsoft Entra ID (SSO)

CI/CD (Build Automation)

  • Webhook URL: http://172.16.3.30/webhook/build
  • Webhook Secret: op://Projects/GuruRMM CI-CD/credential
  • Build Script: /opt/gururmm/build-agents.sh
  • Deploy Path: /var/www/gururmm/downloads/

Clients & Sites

Glaztech Industries (GLAZ)

  • Site Code: DARK-GROVE-7839
  • API Key: op://Projects/GuruRMM Glaztech Site/credential

AZ Computer Guru (Internal)

  • Site Code: SWIFT-CLOUD-6910

Projects - GuruConnect

Database (PostgreSQL)

  • Host: localhost (172.16.3.30)
  • Port: 5432
  • Database: guruconnect
  • User: op://Projects/GuruConnect Database/username
  • Password: op://Projects/GuruConnect Database/password
  • DATABASE_URL: op://Projects/GuruConnect Database/DATABASE_URL

Client - MVAN Inc

Microsoft 365 Tenant 1

  • Tenant: mvan.onmicrosoft.com
  • Admin User: op://Clients/MVAN M365/username
  • Password: op://Clients/MVAN M365/password

Client - BG Builders LLC

Microsoft 365 Tenant

  • Tenant ID: ededa4fb-f6eb-4398-851d-5eb3e11fab27
  • onmicrosoft.com: sonorangreenllc.onmicrosoft.com
  • Admin User: op://Clients/BG Builders M365/username
  • Password: op://Clients/BG Builders M365/password
  • Cloudflare Zone ID: op://Clients/BG Builders M365/Cloudflare Zone ID
  • Licenses: 8x Business Standard, 4x Exchange Online Plan 1, 1x Basic

Email Security (Configured 2025-12-19)

Record Status Details
SPF OK v=spf1 include:spf.protection.outlook.com -all
DMARC OK v=DMARC1; p=reject; rua=mailto:sysadmin@bgbuildersllc.com
DKIM OK selector1/selector2 CNAMEs configured
MX OK bgbuildersllc-com.mail.protection.outlook.com

Client - CW Concrete LLC

Microsoft 365 Tenant

  • Tenant ID: dfee2224-93cd-4291-9b09-6c6ce9bb8711
  • Default Domain: NETORGFT11452752.onmicrosoft.com
  • Notes: De-federated from GoDaddy 2025-12

Client - Dataforth

Microsoft 365

  • Tenant ID: 7dfa3ce8-c496-4b51-ab8d-bd3dcd78b584
  • Admin: op://Clients/Dataforth M365/username / op://Clients/Dataforth M365/password
  • Entra App (Claude-Code-M365):
    • App ID: op://Clients/Dataforth M365/Entra App.App ID
    • Client Secret: op://Clients/Dataforth M365/Entra App.Client Secret
    • Expires: 2027-12-22

NPS RADIUS Configuration

  • Server: 192.168.0.27 (AD1)
  • Port: 1812/UDP (auth), 1813/UDP (accounting)
  • Shared Secret: op://Clients/Dataforth M365/NPS RADIUS.Shared Secret
  • RADIUS Client: unifi (192.168.0.254)

Client - Valley Wide Plastering (VWP)

UDM

  • IP: 172.16.9.1
  • User: op://Clients/VWP UDM/username
  • Password: op://Clients/VWP UDM/password

VWP-DC1

  • IP: 172.16.9.2
  • Hostname: VWP-DC1.VWP.US
  • User: op://Clients/VWP DC1/username
  • Password: op://Clients/VWP DC1/password
  • NPS RADIUS Shared Secret: op://Clients/VWP DC1/NPS.Shared Secret

Citrix XenServer

  • Management IP: 192.168.0.104
  • User: op://Clients/VWP XenServer/username
  • Password: op://Clients/VWP XenServer/password
  • iDRAC IP: 192.168.3.30
  • iDRAC User/Pass: op://Clients/VWP XenServer/iDRAC.*

QuickBooks Server iDRAC

  • iDRAC IP: 192.168.3.189
  • User: op://Clients/VWP QuickBooks Server iDRAC/username
  • Password: op://Clients/VWP QuickBooks Server iDRAC/password

Client - Khalsa

UCG

  • IP: 172.16.50.1
  • User: op://Clients/Khalsa UCG/username
  • Password: op://Clients/Khalsa UCG/password

Switch

  • User: op://Clients/Khalsa Switch/username
  • Password: op://Clients/Khalsa Switch/password

Accountant Machine (172.16.50.168)

  • User: op://Clients/Khalsa Accountant Machine/username
  • Password: op://Clients/Khalsa Accountant Machine/password
  • Local Admin: op://Clients/Khalsa Accountant Machine/Local Admin User / op://Clients/Khalsa Accountant Machine/Local Admin Password

Client - Scileppi Law Firm

RS2212+ (Primary NAS)

  • IP: 172.16.1.59
  • User: op://Clients/Scileppi RS2212+/username
  • Password: op://Clients/Scileppi RS2212+/password
  • Storage: 25TB total, 6.9TB used
  • User Accounts: op://Clients/Scileppi RS2212+/Users.*

DS214se / Unraid (POWERED OFF)

  • Credentials in op://Clients/Scileppi DS214se (POWERED OFF)/* and op://Clients/Scileppi Unraid (POWERED OFF)/*

Client - heieck.org

Microsoft 365 Migration

  • Tenant: heieckorg.onmicrosoft.com
  • Mailbox passwords: op://Clients/heieck.org M365/*

Client - Sombra Residential LLC

Server2013 (primary server)

  • Hostname: Server2013
  • OS: Windows Server 2012 (build 9200) — name is just a label; EOL 2023-10-10
  • Remote access: ScreenConnect (ACG SC instance)
  • Administrator password: SOPS clients/sombra-residential/server2013.sops.yaml (field credentials.password)
  • sysadmin password: TBD — pending capture
  • GuruRMM: Sombra Residential LLC / main office, agent 5383e9c1-56e1-4389-9c89-1991a77bbc3a
  • Full context: clients/sombra-residential/CONTEXT.md

MSP Tools

Syncro (PSA/RMM)

Autotask (PSA)

  • API Zone: webservices5.autotask.net
  • API Username: op://MSP Tools/Autotask/API Username
  • API Password: op://MSP Tools/Autotask/API Password
  • Integration Code: op://MSP Tools/Autotask/credential

CIPP (M365 Management)

  • URL: https://cippcanvb.azurewebsites.net
  • Tenant ID: ce61461e-81a0-4c84-bb4a-7b354a9a356d
  • App ID: op://MSP Tools/CIPP/OAuth.App ID
  • Client Secret: op://MSP Tools/CIPP/OAuth.Client Secret
  • Scope: op://MSP Tools/CIPP/OAuth.Scope

Claude-MSP-Access (Multi-Tenant Graph API)

  • Tenant ID: ce61461e-81a0-4c84-bb4a-7b354a9a356d
  • App ID: op://MSP Tools/Claude-MSP-Access (Graph API)/App ID
  • Client Secret: op://MSP Tools/Claude-MSP-Access (Graph API)/credential

ACG-MSP-Access (Google Workspace)

  • Service Account: op://MSP Tools/ACG-MSP-Access (Google Workspace)/Service Account Email
  • Key File: temp/acg-msp-access-8f72339997e5.json
  • Onboarded Tenants: lonestarelectrical.net

VPN Access

Peaceful Spirit VPN (L2TP/IPSec)

  • Server IP: 98.190.129.150
  • Username: op://Clients/Peaceful Spirit VPN/username
  • Password: op://Clients/Peaceful Spirit VPN/password
  • Pre-Shared Key: op://Clients/Peaceful Spirit VPN/VPN.Pre-Shared Key
  • Remote Network: 192.168.0.0/24

Tailscale Network

Tailscale IP Hostname Owner OS Notes
100.79.69.82 pfsense-1 mike@ freebsd Gateway
100.125.36.6 acg-m-l5090 mike@ windows Workstation
100.92.230.111 acg-tech-01l mike@ windows Tech laptop
100.96.135.117 acg-tech-02l mike@ windows Tech laptop
100.113.45.7 acg-tech03l howard@ windows Tech laptop
100.77.166.22 desktop-hjfjtep mike@ windows Desktop
100.101.145.100 guru-legion9 mike@ windows Laptop
100.119.194.51 guru-surface8 howard@ windows Surface
100.66.103.110 magus-desktop rob@ windows Desktop
100.66.167.120 magus-pc rob@ windows Workstation

SSH Public Keys

guru@wsl (Windows/WSL)

  • Key Type: ssh-ed25519
  • Public Key: AAAAC3NzaC1lZDI1NTE5AAAAIAWY+SdqMHJP5JOe3qpWENQZhXJA4tzI2d7ZVNAwA/1u guru@wsl
  • Sudo Password: op://Infrastructure/GuruRMM Server/password (same as SSH)
  • Authorized on: GuruRMM build server, IX server, Jupiter, Saturn

azcomputerguru@local (Mac)

  • Key Type: ssh-ed25519
  • Public Key: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDrGbr4EwvQ4P3ZtyZW3ZKkuDQOMbqyAQUul2+JE4K4S azcomputerguru@local
  • Authorized on: GuruRMM build server, IX server, AD2, D2TESTNAS

claude-code@localadmin (Windows)

  • Key Type: ssh-ed25519
  • Public Key: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIABnQjolTxDtfqOwdDjamK1oyFPiQnaNT/tAgsIHH1Zo
  • Authorized On: pfSense

1Password Service Account

  • Item: op://Infrastructure/Service Account Auth Token: Agentic_Cli/credential
  • Vaults Accessible: Infrastructure, Clients, Projects, MSP Tools (Read & Write)
  • Usage: Set OP_SERVICE_ACCOUNT_TOKEN env var for non-interactive CLI access

Context Recovery Usage

When a new Claude session starts or context is lost:

  1. Read this file first - Get all infrastructure details and op:// paths
  2. Use op read to fetch actual credentials as needed
  3. Check session-logs/ - Find recent work and decisions
  4. Read SESSION_STATE.md - Get project status and phase

Quick credential fetch:

# Set service account token first
export OP_SERVICE_ACCOUNT_TOKEN=$(op read "op://Infrastructure/Service Account Auth Token: Agentic_Cli/credential")

# Then read any credential
op read "op://Infrastructure/IX Server/password"
op read "op://Projects/ClaudeTools Database/password"
op read "op://Clients/Dataforth AD2/password"

Security Notes

  • Secrets are stored in 1Password - op:// references are safe to commit to private repos
  • Never commit resolved .env files - only .env.tpl with op:// references
  • ClaudeTools encrypts credentials in database with AES-256-GCM
  • Service account token should be set as environment variable, not committed
  • Rotate on exposure - update in 1Password, re-inject everywhere
Reference in New Issue View Git Blame Copy Permalink