azcomputerguru/claudetools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3faf09c1110afe6fc4eeb33ee2af84c82cb12a00
claudetools/credentials.md
Mike Swanson 3faf09c111 feat: Complete DOS update system with test data routing fix 
Implemented comprehensive DOS 6.22 update system for ~30 test stations with
critical fix for test data database import routing.

## Major Changes

### DOS Batch Files (7 files)
- NWTOC.BAT: Download updates from network to DOS machines
- CTONW.BAT v1.2: Upload with separate ProdSW/LOGS routing (CRITICAL FIX)
- UPDATE.BAT: Full system backup to network
- STAGE.BAT: System file staging for safe updates
- REBOOT.BAT: Apply staged updates on reboot
- CHECKUPD.BAT: Check for available updates
- DEPLOY.BAT: One-time deployment installer for DOS machines

### CTONW v1.2 Critical Fix
Fixed test data routing to match AD2 sync script expectations:
- Software distribution: C:\ATE\*.EXE -> T:\TS-4R\ProdSW\ (bidirectional)
- Test data logging: C:\ATE\8BDATA\*.DAT -> T:\TS-4R\LOGS\8BLOG\ (upload only)
- Subdirectory mapping: 8BDATA->8BLOG, DSCDATA->DSCLOG, HVDATA->HVLOG, etc.
- Test data now correctly imported to AD2 database via Sync-FromNAS.ps1

### Deployment Infrastructure
- copy-to-ad2.ps1: Automated deployment to AD2 server
- DOS_DEPLOYMENT_GUIDE.md: Complete deployment documentation
- DEPLOYMENT_GUIDE.md: Technical workflow documentation
- credentials.md: Centralized credentials (AD2, NAS, Gitea)

### Analysis & Documentation (15 files)
- CTONW_ANALYSIS.md: Comprehensive compliance analysis
- CTONW_V1.2_CHANGELOG.md: Detailed v1.2 changes
- NWTOC_ANALYSIS.md: Download workflow analysis
- DOS_BATCH_ANALYSIS.md: DOS 6.22 compatibility guide
- UPDATE_WORKFLOW.md: Backup system workflow
- BEHAVIORAL_RULES_INTEGRATION_SUMMARY.md: C: drive integration

### Session Logs
- session-logs/2026-01-19-session.md: Complete session documentation

### Conversation Reorganization
- Cleaned up 156 imported conversation files
- Organized into sessions-by-date structure
- Created metadata index and large files guide

## Technical Details

### AD2 → NAS → DOS Sync Flow
1. Admin copies files to AD2: \192.168.0.6\C$\Shares\test\
2. Sync-FromNAS.ps1 runs every 15 minutes (AD2 → NAS)
3. DOS machines access via T: drive (\D2TESTNAS\test)
4. NWTOC downloads updates, CTONW uploads test data
5. Sync imports test data to AD2 database

### DOS 6.22 Compatibility
- No %COMPUTERNAME%, uses %MACHINE% variable
- No IF /I, uses multiple case-specific checks
- Proper ERRORLEVEL checking (highest values first)
- XCOPY /S for subdirectory support
- ASCII markers ([OK], [ERROR], [WARNING]) instead of emojis

### File Locations
- AD2: C:\Shares\test\COMMON\ProdSW\ (deployed)
- NAS: T:\COMMON\ProdSW\ (synced)
- DOS: C:\BAT\ (installed)
- Logs: T:\TS-4R\LOGS\8BLOG\ (test data for database import)

## Deployment Status

 All 7 batch files deployed to AD2 (both COMMON and _COMMON)
 Pending sync to NAS (within 15 minutes)
 Pending pilot deployment on TS-4R
📋 Ready for rollout to ~30 DOS machines

## Breaking Changes

CTONW v1.1 → v1.2: Test data now uploads to LOGS folder instead of ProdSW.
Existing machines must download v1.2 via NWTOC for proper database import.

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-01-19 12:49:54 -07:00

279 lines
9.0 KiB
Markdown
Raw Blame History

# Credentials & Authorization Reference
**Last Updated:** 2026-01-19
**Purpose:** Centralized credentials for Claude Code context recovery
**Project:** ClaudeTools MSP Work Tracking System
---
## Infrastructure - SSH Access
### GuruRMM Server (172.16.3.30)
- **Host:** 172.16.3.30
- **User:** guru
- **SSH Port:** 22
- **Role:** Production server hosting ClaudeTools database and API
- **Services:**
- MariaDB 10.6.22 (Port 3306)
- ClaudeTools API (Port 8001)
- Nginx reverse proxy (Port 80/443)
- **Database:**
- Database: claudetools
- User: claudetools
- Password: CT_e8fcd5a3952030a79ed6debae6c954ed
- **Notes:** Primary ClaudeTools infrastructure, systemd service auto-starts API
### Jupiter (Unraid Primary - 172.16.3.20)
- **Host:** 172.16.3.20
- **User:** root
- **SSH Port:** 22
- **Password:** Th1nk3r^99##
- **Role:** Primary container host, Gitea server
- **Services:**
- Gitea (Port 3000, SSH 2222)
- Docker containers
- **Notes:** Used for code repository management and version control
---
## Dataforth Infrastructure
### AD2 (Production Server - 192.168.0.6)
- **Host:** 192.168.0.6
- **Domain:** INTRANET
- **User:** INTRANET\sysadmin
- **Password:** Paper123!@#
- **OS:** Windows Server 2022
- **Local Path:** C:\Shares\test
- **Share Access:** \\192.168.0.6\C$ (admin share, requires credentials)
- **Role:** Production server for Dataforth DOS machines
- **Services:**
- Active Directory Domain Controller
- File Server (SMB3)
- Scheduled sync task (Sync-FromNAS.ps1 every 15 min)
- **Network:** 192.168.0.0/24
- **Connection Method (PowerShell):**
```powershell
$pass = ConvertTo-SecureString 'Paper123!@#' -AsPlainText -Force
$cred = New-Object System.Management.Automation.PSCredential('INTRANET\sysadmin', $pass)
New-PSDrive -Name Z -PSProvider FileSystem -Root '\\192.168.0.6\C$' -Credential $cred
# Access: Z:\Shares\test\
```
- **Software Update Locations:**
- Common (all machines): C:\Shares\test\COMMON\ProdSW\ and C:\Shares\test\_COMMON\ProdSW\
- Station-specific: C:\Shares\test\TS-XX\ProdSW\
- System files: C:\Shares\test\COMMON\DOS\
- **Notes:**
- SMB1 disabled for security (after crypto attack)
- Sync mechanism moved from NAS to AD2 due to WINS crashes
- Files sync to NAS within 15 minutes after placement
- DOS machines pull from NAS (not directly from AD2)
### D2TESTNAS (SMB1 Proxy - 192.168.0.9)
- **Host:** 192.168.0.9
- **HTTP:** http://192.168.0.9/
- **User (Web):** admin
- **Password (Web):** Paper123!@#-nas
- **SSH User:** root
- **SSH Auth:** ed25519 key (passwordless)
- **Role:** SMB1 proxy/bridge for DOS 6.22 machines
- **OS:** Linux (NAS appliance)
- **Share:** \\D2TESTNAS\test (maps to /data/test)
- **Services:**
- SMB1 server (for DOS machine compatibility)
- SSH server (Port 22)
- **Notes:**
- Bridges DOS machines (SMB1) with AD2 (SMB3)
- Previous sync location (moved to AD2)
- Network path: /data/test/
### Dataforth DOS Machines (TS-XX)
- **Network:** 192.168.0.0/24
- **OS:** MS-DOS 6.22
- **Count:** ~30 machines for QC testing
- **Naming:** TS-01 through TS-30
- **Network Share:** T: drive (maps to \\D2TESTNAS\test)
- **Machine Variable:** %MACHINE% (set in AUTOEXEC.BAT)
- **Backup Location:** T:\%MACHINE%\BACKUP\
- **Update Path:** T:\COMMON\
- **Credentials:** None (local DOS machines)
- **Notes:**
- SMB1 protocol required
- DOS 6.22 limitations: no %COMPUTERNAME%, no IF /I
- Network stack: MS Client 3.0, Netware VLM client
- Update workflow: AD2 → D2TESTNAS → DOS machines
### AD2-NAS Sync System
- **Script:** C:\Shares\test\scripts\Sync-FromNAS.ps1
- **Runs:** Every 15 minutes (Windows Scheduled Task)
- **User:** INTRANET\sysadmin
- **Direction:** Bidirectional
- **Tools:** PuTTY (plink.exe, pscp.exe)
- **Log:** C:\Shares\test\scripts\sync-from-nas.log
- **Status:** C:\Shares\test\_SYNC_STATUS.txt (monitored by DattoRMM)
- **Last Verified:** 2026-01-19 12:09 PM (running successfully)
- **PULL (NAS → AD2):**
- Test results: /data/test/TS-XX/LOGS/*.DAT → C:\Shares\test\TS-XX\LOGS\
- Reports: /data/test/TS-XX/Reports/*.TXT → C:\Shares\test\TS-XX\Reports\
- Files deleted from NAS after successful sync
- DAT files imported to database automatically
- **PUSH (AD2 → NAS):**
- Common updates: C:\Shares\test\COMMON\ProdSW\ → /data/test/COMMON/ProdSW/
- Station updates: C:\Shares\test\TS-XX\ProdSW\ → /data/test/TS-XX/ProdSW/
- Root utility: C:\Shares\test\UPDATE.BAT → /data/test/UPDATE.BAT
- One-shot tasks: C:\Shares\test\TS-XX\TODO.BAT → /data/test/TS-XX/TODO.BAT
- **Notes:**
- Moved from NAS to AD2 in January 2026
- Reason: WINS crashes and SSH lockups on NAS
- NAS script (/root/sync-to-ad2.sh) is DEPRECATED
---
## Services - Web Applications
### Gitea (Git Server)
- **URL:** https://git.azcomputerguru.com/
- **Web Port:** 3000
- **SSH:** ssh://git@172.16.3.20:2222
- **User:** mike@azcomputerguru.com
- **API Token:** (Generate via web UI as needed)
- **Repository:** azcomputerguru/ClaudeTools
- **Role:** Source code version control, project sync
- **Notes:** SSH key authentication required (ed25519)
### ClaudeTools API (Production)
- **URL:** http://172.16.3.30:8001
- **Docs:** http://172.16.3.30:8001/api/docs
- **Database:** 172.16.3.30:3306/claudetools
- **Auth:** JWT tokens (POST /api/auth/token)
- **Test User:**
- Email: test@example.com
- Password: testpassword123
- **Role:** Primary MSP work tracking API
- **Endpoints:** 95+ endpoints across 17 entities
- **Notes:** Systemd service, auto-starts on boot
---
## Projects - ClaudeTools
### Database (MariaDB)
- **Host:** 172.16.3.30
- **Port:** 3306
- **Database:** claudetools
- **User:** claudetools
- **Password:** CT_e8fcd5a3952030a79ed6debae6c954ed
- **Connection String:**
```
mysql+pymysql://claudetools:CT_e8fcd5a3952030a79ed6debae6c954ed@172.16.3.30:3306/claudetools?charset=utf8mb4
```
- **Tables:** 38 tables (fully migrated)
- **Encryption:** AES-256-GCM for credentials table
- **Backup:** Daily automated backups
### API Authentication
- **Method:** JWT tokens
- **Password Hashing:** Argon2
- **Token Endpoint:** POST /api/auth/token
- **Token Format:** Bearer token in Authorization header
- **Example:**
```bash
curl -X POST http://172.16.3.30:8001/api/auth/token \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "username=test@example.com&password=testpassword123"
```
### Encryption Keys
- **Method:** AES-256-GCM (Fernet)
- **Key Storage:** Environment variable ENCRYPTION_KEY
- **Usage:** Credentials table password encryption
- **Notes:** Never commit encryption key to git
---
## Projects - Dataforth DOS
### Update Workflow
- **Admin Deposits:** \\AD2\test\COMMON\ (on AD2)
- **Sync Mechanism:** AD2 scheduled task (location TBD)
- **DOS Pull:** T:\COMMON\ (from D2TESTNAS)
- **Backup Target:** T:\%MACHINE%\BACKUP\
### Key Files
- **UPDATE.BAT:** Machine backup utility (runs on DOS)
- **NWTOC.BAT:** Network to Computer updates
- **CTONW.BAT:** Computer to Network uploads
- **STAGE.BAT:** System file staging for reboot
- **REBOOT.BAT:** Auto-generated, applies staged updates
- **AUTOEXEC.BAT:** DOS startup, sets %MACHINE% variable
- **CONFIG.SYS:** DOS system configuration
- **STARTNET.BAT:** Network stack initialization
### Folder Structure
```
\\AD2\test\
├── COMMON\ # Shared updates for all machines
│ ├── DOS\ # System files (AUTOEXEC.NEW, CONFIG.NEW)
│ ├── ProdSW\ # Production software updates
│ └── NewSW\ # New software distributions
└── TS-XX\ # Individual machine folders
└── Backup\ # Machine-specific backups
```
---
## Connection Testing
### Test Database Connection
```bash
mysql -h 172.16.3.30 -u claudetools -p claudetools
# Password: CT_e8fcd5a3952030a79ed6debae6c954ed
```
### Test API Connectivity
```bash
curl http://172.16.3.30:8001/api/health
```
### Test Gitea SSH
```bash
ssh -p 2222 git@172.16.3.20
# Should return: "Hi there! You've successfully authenticated..."
```
### Test AD2 Access (from Dataforth network)
```cmd
net use T: \\192.168.0.6\test /user:INTRANET\sysadmin Paper123!@#
```
### Test NAS Access (from Dataforth network)
```cmd
net use T: \\192.168.0.9\test
```
---
## Security Notes
- **Never commit this file to public repositories**
- **Credentials are stored unredacted for context recovery**
- **ClaudeTools encrypts credentials in database with AES-256-GCM**
- **JWT tokens expire after configured duration**
- **SSH keys required for Gitea access (ed25519)**
- **Dataforth network is isolated (192.168.0.0/24)**
- **AD2 has SMB1 disabled for security (post crypto-attack)**
- **All production credentials should be rotated regularly**
---
## Context Recovery Usage
When a new Claude session starts or context is lost:
1. **Read this file first** - Get all credentials and infrastructure details
2. **Check session-logs/** - Find recent work and decisions
3. **Read SESSION_STATE.md** - Get project status and phase
4. **Read .claude/claude.md** - Get project overview
This ensures full context recovery without asking user for information already documented.
Reference in New Issue View Git Blame Copy Permalink