Files

Mike Swanson b79c47acb9 sync: Auto-sync from ACG-M-L5090 at 2026-01-26 16:45:54

Synced files:
- Complete claude-projects import (5 catalog files)
- Client directory with 12 clients
- Project directory with 12 projects
- Credentials updated (100+ sets)
- Session logs consolidated
- Agent coordination rules updated
- Task management integration

Major work completed:
- Exhaustive cataloging of claude-projects
- All session logs analyzed (38 files)
- All credentials extracted and organized
- Client infrastructure documented
- Problem solutions cataloged (70+)

Machine: ACG-M-L5090
Timestamp: 2026-01-26 16:45:54

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

2026-02-01 16:23:47 -07:00

46 KiB

Raw Blame History

Credentials & Authorization Reference

Last Updated: 2026-01-26 Purpose: Centralized credentials for Claude Code context recovery Project: ClaudeTools MSP Work Tracking System

Infrastructure - SSH Access

GuruRMM Server (172.16.3.30)

Host: 172.16.3.30
Hostname: gururmm / gururmm-build
User: guru
SSH Password: Gptf*77ttb123!@#-rmm (note: special chars cause sudo issues, use heredoc)
Sudo Password: Gptf*77ttb123!@#-rmm
SSH Port: 22
Role: Production server hosting ClaudeTools database and API, GuruRMM system, cross-platform builds
Services:
- MariaDB 10.6.22 (Port 3306)
- PostgreSQL 14 (Port 5432)
- ClaudeTools API (Port 8001)
- GuruRMM API (Port 3001)
- Nginx reverse proxy (Port 80/443)
ClaudeTools Database:
- Database: claudetools
- User: claudetools
- Password: CT_e8fcd5a3952030a79ed6debae6c954ed
GuruRMM Database (PostgreSQL):
- Database: gururmm
- User: gururmm
- Password: 43617ebf7eb242e814ca9988cc4df5ad
- Connection: postgres://gururmm:43617ebf7eb242e814ca9988cc4df5ad@172.16.3.30:5432/gururmm
GuruRMM API Access:
- Base URL: http://172.16.3.30:3001
- Production URL: https://rmm-api.azcomputerguru.com
- Admin Email: claude-api@azcomputerguru.com
- Admin Password: ClaudeAPI2026!@#
- Admin User ID: 4d754f36-0763-4f35-9aa2-0b98bbcdb309
- JWT Secret: ZNzGxghru2XUdBVlaf2G2L1YUBVcl5xH0lr/Gpf/QmE=
OS: Ubuntu 22.04 LTS
SSH Keys: guru@wsl, guru@gururmm-build (ed25519)
Notes: Primary ClaudeTools infrastructure, systemd service auto-starts API. GuruRMM admin user created 2026-01-22 for API integration. Build server for cross-platform GuruRMM builds.

Jupiter (Unraid Primary - 172.16.3.20)

Host: 172.16.3.20
User: root
SSH Port: 22
Password: Th1nk3r^99##
WebUI Password: Th1nk3r^99##
Role: Primary container host, Gitea server, NPM, GuruRMM, Seafile
Services:
- Gitea (Port 3000, SSH 2222)
- Docker containers
- NPM (Nginx Proxy Manager) - Ports 1880 (HTTP), 18443 (HTTPS), 7818 (admin)
- GuruRMM API (Port 3001)
- Seafile Pro (Port 8082)
iDRAC (Dell Remote Management):
- IP: 172.16.1.73 (DHCP)
- User: root
- Password: Window123!@#-idrac
- IPMI Key: 0000000000000000000000000000000000000000 (all zeros)
- SSH: Enabled (port 22) - cipher compatibility issues
- Web UI: https://172.16.1.73/
SSH Keys: claude-code@localadmin (ed25519), root@GuruSync (ed25519), guru@wsl (ed25519), guru@gururmm-build (ed25519)
Notes: Used for code repository management and version control. Primary infrastructure server.

IX Server (Hosting - 172.16.3.10)

Host: ix.azcomputerguru.com
Internal IP: 172.16.3.10
External IP: 72.194.62.5
User: root
SSH Port: 22
Password: Gptf*77ttb!@#!@#
SSH Key: guru@wsl key added to authorized_keys
OS: Rocky Linux (WHM/cPanel)
Role: Primary cPanel hosting server for client websites (80+ accounts)
Services:
- WHM (Web Host Manager) - Port 2087
- cPanel - Port 2083
- Apache/LiteSpeed web server
- MariaDB (multiple client databases)
- PHP-FPM
Access Methods:
- SSH (external): ssh root@ix.azcomputerguru.com
- SSH (internal): ssh root@172.16.3.10
- WHM: https://ix.azcomputerguru.com:2087
- cPanel: https://ix.azcomputerguru.com:2083
VPN Required: Yes (for external SSH access)
Hosted Sites: 40+ WordPress sites (arizonahatters.com, peacefulspirit.com, etc.)
Notes:
- Critical performance issues documented 2026-01-13
- Requires VPN for SSH access
- See clients/internal-infrastructure/ix-server-issues-2026-01-13.md for maintenance details
- 80+ cPanel accounts hosted
Critical Sites Maintained (2026-01-13):
- acepickupparts.com (PHP 256MB, database cleaned)
- arizonahatters.com (PHP 256MB, Wordfence bloat cleaned)
- peacefulspirit.com (database bloat cleaned 310MB→0.67MB)

WebSvr (Legacy Hosting - websvr.acghosting.com)

Host: websvr.acghosting.com
External IP: 162.248.93.81
User: root
SSH Port: 22
Password: r3tr0gradE99#
OS: CentOS 7 (WHM/cPanel)
Role: Legacy cPanel hosting server, DNS management for ACG Hosting domains
Services:
- WHM (Web Host Manager)
- cPanel
- Apache/LiteSpeed web server
- MariaDB
- DNS Zone Management
API Token: 8ZPYVM6R0RGOHII7EFF533MX6EQ17M7O (Full access)
DNS Management: Authoritative for ACG Hosting nameservers (grabbanddurando.com zone, etc.)
Status: Active - DNS management, some legacy sites
Notes:
- Used for DNS zone editing for client domains
- Migration source to IX server
- See clients/grabb-durando/website-migration/README.md for DNS management examples

pfSense Firewall (172.16.0.1)

Host: 172.16.0.1
SSH Port: 2248
User: admin
Password: r3tr0gradE99!!
SSH Key: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICrv2u99Y/KecA4GtJ3xi/8ExzkjdPsCHLDdaFPBkGAg claude-code@localadmin
OS: FreeBSD (pfSense 2.8.1)
Role: Primary network firewall, VPN gateway, Tailscale gateway
Services:
- Firewall rules
- VPN server
- Tailscale subnet router
- DHCP server
Tailscale:
- Tailscale IP: 100.79.69.82 (pfsense-1) / 100.119.153.74 (pfsense-2)
- Subnet Routes: 172.16.0.0/22 (advertised to Tailscale network)
- Hostname: pfsense-1 / pfsense-2
Web UI: https://172.16.0.1
Status: CRITICAL PRODUCTION - Network gateway
Network:
- LAN Subnet: 172.16.0.0/16
- OpenVPN: 192.168.6.0/24
- WAN (Fiber): 98.181.90.163/31
- Public IPs: 72.194.62.2-10, 70.175.28.51-57
Notes:
- Primary network security appliance
- Routes traffic for entire 172.16.0.0/16 network
- Tailscale exit node for remote access
- Migrated to Intel N100 hardware 2025-12-25

Saturn (172.16.3.21) - DECOMMISSIONED

Host: 172.16.3.21
User: root
SSH Port: 22
Password: r3tr0gradE99
OS: Unraid 6.x
Role: Secondary Unraid server (decommissioned)
Status: DECOMMISSIONED - Migration to Jupiter complete (Seafile migrated 2025-12-27)
Notes:
- All services migrated to Jupiter in 2025
- May be powered off
- Documented for historical reference

OwnCloud VM (172.16.3.22)

Host: 172.16.3.22
Hostname: cloud.acghosting.com
User: root
SSH Port: 22
Password: Paper123!@#-unifi!
OS: Rocky Linux 9.6
Role: OwnCloud file synchronization server
Services:
- Apache web server
- MariaDB
- PHP-FPM
- Redis
- OwnCloud application
- Datto RMM agents
Storage: SMB mount from Jupiter (Unraid shares - /mnt/user/OwnCloud)
Status: Active
Notes:
- Jupiter has SSH key auth configured
- File sync service for team collaboration
- Data stored on Jupiter NAS backend

External/Client Servers

GoDaddy VPS (208.109.235.224) - Grabb & Durando

Host: 208.109.235.224
Hostname: 224.235.109.208.host.secureserver.net
User: root
SSH Port: 22
Auth: SSH key (id_ed25519)
OS: CloudLinux 9.6
cPanel: v126.0 (build 11)
Role: data.grabbanddurando.com hosting (MIGRATION COMPLETE - old server)
Status: OFFLINE - 99% disk space used (1.6GB free) - migration complete
Client: Grabb & Durando Law Firm
Application: Custom PHP calendar/user management system
Database Credentials (on GoDaddy):
- Database: grabblaw_gdapp
- User: grabblaw_gdapp
- Password: e8o8glFDZD
- cPanel User: grabbanddurando
Migration Target: ix.azcomputerguru.com (COMPLETE)
Migration Status: Complete - old server can be decommissioned
Notes:
- MIGRATION COMPLETE - data sync performed 2025-12-12
- SSH key authentication (passwordless)
- See clients/grabb-durando/website-migration/README.md for migration details
- Keep active for 1 week after successful migration (retention period expired)

Neptune Exchange Server (67.206.163.124)

Hostname: neptune.acghosting.com
Public IP: 67.206.163.124
Internal IP: 172.16.3.11 (requires Dataforth VPN)
Domain: ACG
Admin User: ACG\administrator
Admin Password: Gptf*77ttb##
Exchange Version: Exchange Server 2016
OWA URL: https://neptune.acghosting.com/owa/
PowerShell URL: https://neptune.acghosting.com/PowerShell/
Authentication: Basic Auth
ActiveSync: Enabled (BasicAuthEnabled: True)
Status: Active
Client: heieck.org (migration to M365 complete 2026-01-14)
Notes:
- Requires VPN access (OpenVPN to Dataforth network)
- UDM firewall rules required for OpenVPN→Dataforth access
- iptables rules on UDM: 192.168.6.0/24 ↔ 172.16.0.0/22

Dataforth Infrastructure

AD2 (Production Server - 192.168.0.6)

Host: 192.168.0.6
Hostname: AD2.intranet.dataforth.com
Domain: INTRANET
User: INTRANET\sysadmin
Password: Paper123!@#
OS: Windows Server 2022
Local Path: C:\Shares\test
Share Access: \192.168.0.6\C$ (admin share, requires credentials)
Role: Production server for Dataforth DOS machines, Secondary Domain Controller
Services:
- Active Directory Domain Controller (Secondary)
- File Server (SMB3)
- Scheduled sync task (Sync-FromNAS.ps1 every 15 min)
- WinRM (PowerShell Remoting) on port 5985
- OpenSSH Server on port 22
Network: 192.168.0.0/24
Automation Access:
- Service Account: INTRANET\ClaudeTools-ReadOnly
- Service Password: vG!UCAD>=#gIk}1A3=:{+DV3
- Service UPN: ClaudeTools-ReadOnly@dataforth.local
- Permissions: Read-only AD access, Remote Management Users group
- Scripts Location: C:\ClaudeTools\Scripts\
- Logs Location: C:\ClaudeTools\Logs\Transcripts\
SSH Key (sysadmin account):
- Key Type: ED25519
- Fingerprint: SHA256:JsiEDAJ/fD19d6W7B5iuV78f8dLKZbLTrMor7b9CXSQ
- Public Key: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHpk0bdronDasfx5RYjky4N4xIeUJF5xIJdX08rb3+Ui sysadmin@AD2-automation
- Private Key Location: C:\Users\sysadmin.ssh\id_ed25519
WinRM Configuration:
- TrustedHosts: 172.16.,192.168.,10.* (LAN/VPN access)
- Listener: HTTP on port 5985
- Transcript Logging: Enabled (all remote sessions logged)
- Module Logging: Enabled
- Script Block Logging: Enabled

Connection Method (SMB Share):

$pass = ConvertTo-SecureString 'Paper123!@#' -AsPlainText -Force
$cred = New-Object System.Management.Automation.PSCredential('INTRANET\sysadmin', $pass)
New-PSDrive -Name Z -PSProvider FileSystem -Root '\\192.168.0.6\C$' -Credential $cred
# Access: Z:\Shares\test\

Connection Method (WinRM - Admin):

$password = ConvertTo-SecureString 'Paper123!@#' -AsPlainText -Force
$cred = New-Object System.Management.Automation.PSCredential('INTRANET\sysadmin', $password)
Enter-PSSession -ComputerName 192.168.0.6 -Credential $cred

Connection Method (WinRM - Read-Only):

$password = ConvertTo-SecureString 'vG!UCAD>=#gIk}1A3=:{+DV3' -AsPlainText -Force
$cred = New-Object System.Management.Automation.PSCredential('INTRANET\ClaudeTools-ReadOnly', $password)
Enter-PSSession -ComputerName 192.168.0.6 -Credential $cred

Connection Method (SSH):

ssh INTRANET\\sysadmin@192.168.0.6
# Password: Paper123!@#
# Or with key: ssh -i path/to/id_ed25519 INTRANET\\sysadmin@192.168.0.6

Software Update Locations:
- Common (all machines): C:\Shares\test\COMMON\ProdSW\ and C:\Shares\test_COMMON\ProdSW\
- Station-specific: C:\Shares\test\TS-XX\ProdSW\
- System files: C:\Shares\test\COMMON\DOS\
Notes:
- SMB1 disabled for security (after crypto attack)
- Sync mechanism moved from NAS to AD2 due to WINS crashes
- Files sync to NAS within 15 minutes after placement
- DOS machines pull from NAS (not directly from AD2)

AD1 (Primary Domain Controller - 192.168.0.27)

IP: 192.168.0.27
Hostname: AD1.intranet.dataforth.com
User: INTRANET\sysadmin
Password: Paper123!@#
Role: Primary DC, NPS/RADIUS server
NPS Ports: 1812/1813 (auth/accounting)
Services:
- Active Directory Domain Controller (Primary)
- NPS/RADIUS Server
Access Methods: RDP, WinRM

D2TESTNAS (SMB1 Proxy - 192.168.0.9)

Host: 192.168.0.9
NetBIOS Name: D2TESTNAS
MAC: 28:C6:8E:34:4B:5E / 5F
HTTP: http://192.168.0.9/
User (Web): admin
Password (Web): Paper123!@#-nas
SSH User: root
SSH Auth: ed25519 key (passwordless) + password: Paper123!@#-nas
SSH Key: ed25519 from ~/.ssh/id_ed25519 (WSL)
Role: SMB1 proxy/bridge for DOS 6.22 machines
OS: Netgear ReadyNAS RN10400 (Linux NAS appliance)
Share: \D2TESTNAS\test (maps to /data/test)
Shares:
- \D2TESTNAS\test (guest writable, maps to T:)
- \D2TESTNAS\datasheets (guest writable, maps to X:)
Services:
- SMB1 server (for DOS machine compatibility - CORE protocol)
- SSH server (Port 22)
- WINS Server: Enabled (192.168.0.9)
SMB Configuration:
- Protocol: CORE (oldest, for DOS compatibility)
- Workgroup: INTRANET
- WINS support: yes
- Null passwords: enabled
- Guest access: enabled
SMB Users: ts-1 through ts-50 (NULL passwords - smbpasswd -n ts-XX)
Engineer Access: engineer / Engineer1!
Notes:
- Bridges DOS machines (SMB1) with AD2 (SMB3)
- Previous sync location (moved to AD2)
- Network path: /data/test/
- Sync credentials in /root/.ad2creds

Dataforth DOS Machines (TS-XX)

Network: 192.168.0.0/24
OS: MS-DOS 6.22
Count: ~30 machines for QC testing
Naming: TS-01 through TS-30
Network Share: T: drive (maps to \D2TESTNAS\test)
Machine Variable: %MACHINE% (set in AUTOEXEC.BAT from C:\NET\SYSTEM.INI)
Backup Location: T:%MACHINE%\BACKUP\
Update Path: T:\COMMON\
Credentials: None (local DOS machines)
Network Drives:
- T: = \D2TESTNAS\test
- X: = \D2TESTNAS\datasheets
Boot Sequence:
1. C:\AUTOEXEC.BAT
2. C:\STARTNET.BAT (mount drives)
3. T:\TS-XX\NWTOC.BAT (download updates)
4. C:\ATE\MENU.BAT (test menu)
Central Management: T:\UPDATE.BAT (v2.0)
- Commands: STATUS, UPDATE, DOS
- Auto-detection from C:\NET\SYSTEM.INI
Machines Tested Working:
- TS-27: Working, full config copied
- TS-8L: Working, 717 logs + 2966 reports moved
- TS-8R: Working, 821 logs + 3780 reports moved
Notes:
- SMB1 protocol required
- DOS 6.22 limitations: no %COMPUTERNAME%, no IF /I
- Network stack: MS Client 3.0, Netware VLM client
- Update workflow: AD2 → D2TESTNAS → DOS machines
- Startup sequence: AUTOEXEC.BAT → STARTNET.BAT → MENUX.EXE
- MENUX menu provides test module selection interface
- Test Equipment: Keithley 2010, Fluke 8842A, HP 33220A, KEPCO DPS, BK Precision 1651A, Rigol MSO2102A

UDM (UniFi Dream Machine - 192.168.0.254)

Service: Gateway/firewall
IP: 192.168.0.254
SSH User: root
SSH Password: Paper123!@#-unifi
SSH Key: claude-code key added
Web User: azcomputerguru
Web Password: Paper123!@#-unifi
2FA: Push notification enabled
Role: Gateway/firewall, OpenVPN server
OpenVPN: 192.168.6.0/24 network
Isolated Network: 172.16.0.0/22 (Dataforth internal)
MongoDB: 127.0.0.1:27117/ace (UniFi controller)
Access Methods: SSH, Web (2FA)
Notes:
- OpenVPN access requires iptables rules for Dataforth network access
- WINS configured in DHCP pointing to D2TESTNAS (192.168.0.9)
- DNS servers: 192.168.0.27, 192.168.0.6, 192.168.1.254

AD2-NAS Sync System

Script: C:\Shares\test\scripts\Sync-FromNAS.ps1
Runs: Every 15 minutes (Windows Scheduled Task)
User: INTRANET\sysadmin
Direction: Bidirectional
Tools: PuTTY (plink.exe, pscp.exe)
Log: C:\Shares\test\scripts\sync-from-nas.log
Status: C:\Shares\test_SYNC_STATUS.txt (monitored by DattoRMM)
Last Verified: 2026-01-15 (running successfully)
PULL (NAS → AD2):
- Test results: /data/test/TS-XX/LOGS/*.DAT → C:\Shares\test\TS-XX\LOGS\
- Reports: /data/test/TS-XX/Reports/*.TXT → C:\Shares\test\TS-XX\Reports\
- Files deleted from NAS after successful sync
- DAT files imported to database automatically
PUSH (AD2 → NAS):
- Common updates: C:\Shares\test\COMMON\ProdSW\ → /data/test/COMMON/ProdSW/
- Station updates: C:\Shares\test\TS-XX\ProdSW\ → /data/test/TS-XX/ProdSW/
- Root utility: C:\Shares\test\UPDATE.BAT → /data/test/UPDATE.BAT
- One-shot tasks: C:\Shares\test\TS-XX\TODO.BAT → /data/test/TS-XX/TODO.BAT
Notes:
- Moved from NAS to AD2 in January 2026
- Reason: WINS crashes and SSH lockups on NAS
- NAS script (/root/sync-to-ad2.sh) is DEPRECATED
- UPDATE.BAT sync added 2026-01-15

Services - Web Applications

Gitea (Git Server)

URL: https://git.azcomputerguru.com/
Web Port: 3000
SSH: ssh://git@172.16.3.20:2222 OR ssh://git@git.azcomputerguru.com:2222
Username: azcomputerguru
Email: mike@azcomputerguru.com
Password: Gptf*77ttb123!@#-git OR Window123!@#-git
SSH Key: claude-code (ed25519) - CONFIGURED AND WORKING
SSH Fingerprint: SHA256:E+dhx8dYK+pWyqFUcAVAeJtaQEI3cOiIs7eac1w3Dnk
API Token: 9b1da4b79a38ef782268341d25a4b6880572063f
Repository: azcomputerguru/ClaudeTools, azcomputerguru/claude-projects
Role: Source code version control, project sync
Docker Container: gitea (on Jupiter server)
Notes:
- Web login: azcomputerguru / Gptf*77ttb123!@#-git
- SSH access: ssh -T -p 2222 git@172.16.3.20 (verified working 2026-01-19)
- Git remote: ssh://git@172.16.3.20:2222/azcomputerguru/ClaudeTools.git
- Password reset: docker exec -u git gitea gitea admin user change-password --username azcomputerguru --password 'NEW_PASSWORD'
- SSH key added: 2026-01-19 15:09 (claude-code)

NPM (Nginx Proxy Manager)

Admin URL: http://172.16.3.20:7818
HTTP Port: 1880
HTTPS Port: 18443
User: mike@azcomputerguru.com OR admin@azcomputerguru.com
Password: r3tr0gradE99! OR Window123!@#
Cloudflare API Token: U1UTbBOWA4a69eWEBiqIbYh0etCGzrpTU4XaKp7w
Database: SQLite at /mnt/user/appdata/npm/database.sqlite
Container: npm on Jupiter
Proxy Hosts:
- ID 1: emby.azcomputerguru.com → 172.16.2.99:8096 (SSL: npm-1)
- ID 2: git.azcomputerguru.com → 172.16.3.20:3000 (SSL: npm-2)
- ID 4: plexrequest.azcomputerguru.com → 172.16.3.31:5055 (SSL: npm-4)
- ID 5: rmm-api.azcomputerguru.com → 172.16.3.20:3001 (SSL: npm-6)
- unifi.azcomputerguru.com → 172.16.3.28:8443 (SSL: npm-5)
- ID 8: sync.azcomputerguru.com → 172.16.3.20:8082 (SSL: npm-8)

ClaudeTools API (Production)

URL: http://172.16.3.30:8001
Docs: http://172.16.3.30:8001/api/docs
Database: 172.16.3.30:3306/claudetools
Auth: JWT tokens (POST /api/auth/token)
Test User:
- Email: test@example.com
- Password: testpassword123
Role: Primary MSP work tracking API
Endpoints: 95+ endpoints across 17 entities
Notes: Systemd service, auto-starts on boot

Seafile Pro (File Sync)

URL: https://sync.azcomputerguru.com
Internal: 172.16.3.20:8082
Admin Email: mike@azcomputerguru.com
Admin Password: r3tr0gradE99#
Database User: seafile
Database Password: 64f2db5e-6831-48ed-a243-d4066fe428f9
Database Root: db_dev
Databases: ccnet_db, seafile_db, seahub_db
Containers: seafile, seafile-mysql, seafile-memcached, seafile-elasticsearch
Docker Compose: /mnt/user0/SeaFile/DockerCompose/docker-compose.yml
Data Path: /mnt/user0/SeaFile/seafile-data/
Storage: 11.8TB
Location: Jupiter (migrated from Saturn 2025-12-27)
Elasticsearch: 7.17.26 (upgraded for kernel 6.12 compatibility)
Microsoft Graph API (Email):
- Tenant ID: ce61461e-81a0-4c84-bb4a-7b354a9a356d
- Client ID: 15b0fafb-ab51-4cc9-adc7-f6334c805c22
- Client Secret: rRN8Q~FPfSL8O24iZthi_LVJTjGOCZG.DnxGHaSk
- Sender Email: noreply@azcomputerguru.com
- Usage: Seafile email notifications via Graph API

Cloudflare

Service: DNS and CDN
API Token (Full DNS): DRRGkHS33pxAUjQfRDzDeVPtt6wwUU6FwtXqOzNj
API Token (Legacy/Limited): U1UTbBOWA4a69eWEBiqIbYh0etCGzrpTU4XaKp7w
Permissions: Zone:Read, Zone:Edit, DNS:Read, DNS:Edit
Used for: DNS management, WHM plugin, cf-dns CLI
Domain: azcomputerguru.com
Notes: New full-access token added 2025-12-19
Access Methods: API

Projects - ClaudeTools

Database (MariaDB)

Host: 172.16.3.30
Port: 3306
Database: claudetools
User: claudetools
Password: CT_e8fcd5a3952030a79ed6debae6c954ed

Connection String:

mysql+pymysql://claudetools:CT_e8fcd5a3952030a79ed6debae6c954ed@172.16.3.30:3306/claudetools?charset=utf8mb4

Tables: 38 tables (fully migrated)
Encryption: AES-256-GCM for credentials table
Backup: Daily automated backups

Encryption Keys

Method: AES-256-GCM (Fernet)
Key: 319134ddb79fa44a6751b383cb0a7940da0de0818bd6bbb1a9c20a6a87d2d30c
File Location: C:\Users\MikeSwanson\claude-projects\shared-data.encryption-key
Generated: 2026-01-15
Key Storage: Environment variable ENCRYPTION_KEY
Usage: Credentials table password encryption, AES-256-GCM encryption for credentials in database
Warning: DO NOT COMMIT TO GIT
Notes: Never commit encryption key to git

API Authentication

Method: JWT tokens
Password Hashing: Argon2
Token Endpoint: POST /api/auth/token
Token Format: Bearer token in Authorization header
JWT Secret: NdwgH6jsGR1WfPdUwR3u9i1NwNx3QthhLHBsRCfFxcg=

Example:

curl -X POST http://172.16.3.30:8001/api/auth/token \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "username=test@example.com&password=testpassword123"

Projects - GuruRMM

Service: GuruRMM dashboard login
Email: admin@azcomputerguru.com
Password: GuruRMM2025
Role: admin
Access Methods: Web

Database (PostgreSQL)

Service: GuruRMM database
Host: gururmm-db container (172.16.3.20) OR 172.16.3.30 (build server)
Port: 5432 (default)
Database: gururmm
User: gururmm
Password: 43617ebf7eb242e814ca9988cc4df5ad
Connection: postgres://gururmm:43617ebf7eb242e814ca9988cc4df5ad@172.16.3.30:5432/gururmm
Access Methods: PostgreSQL protocol

API Server

External URL: https://rmm-api.azcomputerguru.com
Internal URL: http://172.16.3.20:3001 OR http://172.16.3.30:3001
JWT Secret: ZNzGxghru2XUdBVlaf2G2L1YUBVcl5xH0lr/Gpf/QmE=
Access Methods: HTTPS, HTTP (internal)

Microsoft Entra ID (SSO)

Service: GuruRMM SSO via Entra
App Name: GuruRMM Dashboard
App ID (Client ID): 18a15f5d-7ab8-46f4-8566-d7b5436b84b6
Object ID: 34c80aa8-385a-4bea-af85-f8bf67decc8f
Client Secret: gOz8Q~J.oz7KnUIEpzmHOyJ6GEzYNecGRl-Pbc9w
Secret Expires: 2026-12-21
Sign-in Audience: Multi-tenant (any Azure AD org)
Redirect URIs: https://rmm.azcomputerguru.com/auth/callback, http://localhost:5173/auth/callback
API Permissions: openid, email, profile
Created: 2025-12-21
Access Methods: OAuth 2.0

CI/CD (Build Automation)

Webhook URL: http://172.16.3.30/webhook/build
Webhook Secret: gururmm-build-secret
Build Script: /opt/gururmm/build-agents.sh
Build Log: /var/log/gururmm-build.log
Gitea Webhook ID: 1
Trigger: Push to main branch
Builds: Linux (x86_64) and Windows (x86_64) agents
Deploy Path: /var/www/gururmm/downloads/
GuruConnect Static Files: /home/guru/guru-connect/server/static/
GuruConnect Binary: /home/guru/guru-connect/target/release/guruconnect-server
Access Methods: Webhook

Build Server SSH Key (for Gitea)

Key Name: gururmm-build-server
Key Type: ssh-ed25519
Public Key: AAAAC3NzaC1lZDI1NTE5AAAAIKSqf2/phEXUK8vd5GhMIDTEGSk0LvYk92sRdNiRrjKi guru@gururmm-build
Added to: Gitea (azcomputerguru account)
Access Methods: SSH key authentication

Clients & Sites

Glaztech Industries (GLAZ)

Client ID: d857708c-5713-4ee5-a314-679f86d2f9f9
Site: SLC - Salt Lake City
Site ID: 290bd2ea-4af5-49c6-8863-c6d58c5a55de
Site Code: DARK-GROVE-7839
API Key: grmm_Qw64eawPBjnMdwN5UmDGWoPlqwvjM7lI
Created: 2025-12-18
Access Methods: API

AZ Computer Guru (Internal)

Site Code: SWIFT-CLOUD-6910

Projects - GuruConnect

Database (PostgreSQL on build server)

Service: GuruConnect database
Host: localhost (172.16.3.30)
Port: 5432
Database: guruconnect
User: guruconnect
Password: gc_a7f82d1e4b9c3f60
DATABASE_URL: postgres://guruconnect:gc_a7f82d1e4b9c3f60@localhost:5432/guruconnect
Created: 2025-12-28
Access Methods: PostgreSQL protocol

Projects - Dataforth DOS

Update Workflow

Admin Deposits: \AD2\test\COMMON\ (on AD2)
Sync Mechanism: AD2 scheduled task (C:\Shares\test\scripts\Sync-FromNAS.ps1)
DOS Pull: T:\COMMON\ (from D2TESTNAS)
Backup Target: T:%MACHINE%\BACKUP\

Key Files

UPDATE.BAT: Machine backup utility (runs on DOS) - v2.0 on T:\UPDATE.BAT
NWTOC.BAT: Network to Computer updates
CTONW.BAT: Computer to Network uploads
STAGE.BAT: System file staging for reboot
REBOOT.BAT: Auto-generated, applies staged updates
AUTOEXEC.BAT: DOS startup, sets %MACHINE% variable
CONFIG.SYS: DOS system configuration
STARTNET.BAT: Network stack initialization

Folder Structure

\\AD2\test\
├── COMMON\              # Shared updates for all machines
│   ├── DOS\            # System files (AUTOEXEC.NEW, CONFIG.NEW)
│   ├── ProdSW\         # Production software updates
│   └── NewSW\          # New software distributions
└── TS-XX\              # Individual machine folders
    └── Backup\         # Machine-specific backups

Client - MVAN Inc

Microsoft 365 Tenant 1

Service: M365 tenant
Tenant: mvan.onmicrosoft.com
Admin User: sysadmin@mvaninc.com
Password: r3tr0gradE99#
Notes: Global admin, project to merge/trust with T2
Access Methods: Web (M365 portal)

Client - BG Builders LLC

Microsoft 365 Tenant

Service: M365 tenant
Tenant: bgbuildersllc.com
CIPP Name: sonorangreenllc.com
Tenant ID: ededa4fb-f6eb-4398-851d-5eb3e11fab27
onmicrosoft.com: sonorangreenllc.onmicrosoft.com
Admin User: sysadmin@bgbuildersllc.com
Password: Window123!@#-bgb
Added: 2025-12-19
Licenses:
- 8x Microsoft 365 Business Standard
- 4x Exchange Online Plan 1
- 1x Microsoft 365 Basic
Security Gap: No advanced security features (no conditional access, Intune, or Defender)
Recommendation: Upgrade to Business Premium
Access Methods: Web (M365 portal)

Email Security (Configured 2025-12-19)

Record	Status	Details
SPF	✅	`v=spf1 include:spf.protection.outlook.com -all`
DMARC	✅	`v=DMARC1; p=reject; rua=mailto:sysadmin@bgbuildersllc.com`
DKIM selector1	✅	CNAME to selector1-bgbuildersllc-com._domainkey.sonorangreenllc.onmicrosoft.com
DKIM selector2	✅	CNAME to selector2-bgbuildersllc-com._domainkey.sonorangreenllc.onmicrosoft.com
MX	✅	bgbuildersllc-com.mail.protection.outlook.com

Security Investigation (2025-12-22) - RESOLVED

Compromised User: Shelly@bgbuildersllc.com (Shelly Dooley)
Symptoms: Suspicious sent items reported by user
Findings:
- Gmail OAuth app with EAS.AccessAsUser.All (REMOVED)
- "P2P Server" app registration backdoor (DELETED by admin)
- No malicious mailbox rules or forwarding
- Sign-in logs unavailable (no Entra P1 license)
Remediation:
- Password reset: 5ecwyHv6&dP7 (must change on login)
- All sessions revoked
- Gmail OAuth consent removed
- P2P Server backdoor deleted
Status: RESOLVED

Cloudflare

Zone ID: 156b997e3f7113ddbd9145f04aadb2df
Nameservers: amir.ns.cloudflare.com, mckinley.ns.cloudflare.com
A Records: 3.33.130.190, 15.197.148.33 (proxied) - GoDaddy Website Builder

Client - Sonoran Green LLC

Status

Active - Related entity to BG Builders LLC (same M365 tenant)

Microsoft 365

Tenant: Shared with BG Builders LLC (ededa4fb-f6eb-4398-851d-5eb3e11fab27)
onmicrosoft.com: sonorangreenllc.onmicrosoft.com

DNS Configuration

Current Status

Nameservers: Still on GoDaddy (not migrated to Cloudflare)
A Record: 172.16.10.200 (private IP - problematic)
Email Records: Properly configured for M365

Needed Records (Not Yet Applied)

DMARC: v=DMARC1; p=reject; rua=mailto:sysadmin@bgbuildersllc.com
DKIM selector1: CNAME to selector1-sonorangreenllc-com._domainkey.sonorangreenllc.onmicrosoft.com
DKIM selector2: CNAME to selector2-sonorangreenllc-com._domainkey.sonorangreenllc.onmicrosoft.com

Client - CW Concrete LLC

Microsoft 365 Tenant

Service: M365 tenant
Tenant: cwconcretellc.com
CIPP Name: cwconcretellc.com
Tenant ID: dfee2224-93cd-4291-9b09-6c6ce9bb8711
Default Domain: NETORGFT11452752.onmicrosoft.com
Notes: De-federated from GoDaddy 2025-12, domain needs re-verification
Licenses:
- 2x Microsoft 365 Business Standard
- 2x Exchange Online Essentials
Security Gap: No advanced security features
Recommendation: Upgrade to Business Premium for Intune, conditional access, Defender
Access Methods: Web (M365 portal)

Security Investigation (2025-12-22) - RESOLVED

Findings:
- Graph Command Line Tools OAuth consent with high privileges (REMOVED)
- "test" backdoor app registration with multi-tenant access (DELETED)
- Apple Internet Accounts OAuth (left - likely iOS device)
- No malicious mailbox rules or forwarding
Remediation:
- All sessions revoked for all 4 users
- Backdoor apps removed
Status: RESOLVED

Client - Dataforth

Network

Subnet: 192.168.0.0/24
Domain: INTRANET (intranet.dataforth.com)

Microsoft 365

Tenant Information

Tenant ID: 7dfa3ce8-c496-4b51-ab8d-bd3dcd78b584
Admin: sysadmin@dataforth.com / Paper123!@# (synced with AD)

Entra App Registration (Claude-Code-M365)

Purpose: Silent Graph API access for automation
App ID: 7a8c0b2e-57fb-4d79-9b5a-4b88d21b1f29
Client Secret: tXo8Q~ZNG9zoBpbK9HwJTkzx.YEigZ9AynoSrca3
Created: 2025-12-22
Expires: 2027-12-22
Permissions: Calendars.ReadWrite, Contacts.ReadWrite, User.ReadWrite.All, Mail.ReadWrite, Directory.ReadWrite.All, Group.ReadWrite.All, Sites.ReadWrite.All, Files.ReadWrite.All, Reports.Read.All, AuditLog.Read.All, Application.ReadWrite.All, Device.ReadWrite.All, SecurityEvents.Read.All, IdentityRiskEvent.Read.All, Policy.Read.All, RoleManagement.ReadWrite.Directory

NPS RADIUS Configuration

Server: 192.168.0.27 (AD1)
Port: 1812/UDP (auth), 1813/UDP (accounting)
Shared Secret: Gptf*77ttb!@#!@#
RADIUS Client: unifi (192.168.0.254)
Network Policy: Unifi - allows Domain Users 24/7
Auth Methods: All (PAP, CHAP, MS-CHAP, MS-CHAPv2, EAP)
AuthAttributeRequired: False (required for UniFi OpenVPN)

OpenVPN Routes (Split Tunnel)

192.168.0.0/24
192.168.1.0/24
192.168.4.0/24
192.168.100.0/24
192.168.200.0/24
192.168.201.0/24

Client - Valley Wide Plastering (VWP)

Network

Subnet: 172.16.9.0/24

UDM (UniFi Dream Machine)

IP: 172.16.9.1
SSH User: root
SSH Password: Gptf*77ttb123!@#-vwp
Role: Gateway/firewall, VPN server, RADIUS client
Access Methods: SSH, Web

VWP-DC1 (Domain Controller)

IP: 172.16.9.2
Hostname: VWP-DC1.VWP.US
Domain: VWP.US (NetBIOS: VWP)
SSH: sysadmin / r3tr0gradE99#
Role: Primary DC, NPS/RADIUS server
Added: 2025-12-22
Access Methods: RDP, WinRM

NPS RADIUS Configuration

RADIUS Server: 172.16.9.2
RADIUS Ports: 1812 (auth), 1813 (accounting)
Clients: UDM (172.16.9.1), VWP-Subnet (172.16.9.0/24)
Shared Secret: Gptf*77ttb123!@#-radius
Policy: "VPN-Access" - allows all authenticated users (24/7)
Auth Methods: All (PAP, CHAP, MS-CHAP, MS-CHAPv2, EAP)
User Dial-in: All VWP_Users set to Allow
AuthAttributeRequired: Disabled on clients
Tested: 2025-12-22, user cguerrero authenticated successfully
Access Methods: RADIUS protocol
AD Structure:
- Users OU: OU=VWP_Users,DC=VWP,DC=US
- Users with VPN Access (27 total): Darv, marreola, farias, smontigo, truiz, Tcapio, bgraffin, cguerrero, tsmith, tfetters, owner, cougar, Receptionist, Isacc, Traci, Payroll, Estimating, ARBilling, orders2, guru, sdooley, jguerrero, kshoemaker, rose, rguerrero, jrguerrero, Acctpay

Client - Khalsa

Network

Subnet: 172.16.50.0/24

UCG (UniFi Cloud Gateway)

IP: 172.16.50.1
SSH User: azcomputerguru
SSH Password: Paper123!@#-camden (reset 2025-12-22)
Notes: Gateway/firewall, VPN server, SSH key added but not working
Access Methods: SSH, Web

Switch

User: 8WfY8
Password: tI3evTNBZMlnngtBc
Access Methods: Web

Accountant Machine

IP: 172.16.50.168
User: accountant
Password: Paper123!@#-accountant
Local Admin: localadmin / r3tr0gradE99!
Added: 2025-12-22
Notes: VPN routing issue, RDP enabled
Access Methods: RDP

Client - Scileppi Law Firm

DS214se (Source NAS - Migration Source - POWERED OFF)

Service: Legacy NAS (source)
IP: 172.16.1.54
SSH User: admin
Password: Th1nk3r^99
Storage: 1.8TB (1.6TB used)
Data: User home folders (admin, Andrew Ross, Chris Scileppi, Samantha Nunez, etc.)
Status: Powered off after migration 2025-12-27
Access Methods: SSH, Web

Unraid (Source - Migration - POWERED OFF)

Service: Legacy Unraid (source)
IP: 172.16.1.21
SSH User: root
Password: Th1nk3r^99
Role: Data source for migration to RS2212+
Data: /mnt/user/Scileppi (5.2TB)
- Active: 1.4TB
- Archived: 451GB
- Billing: 17MB
- Closed: 3.0TB
Status: Powered off after migration 2025-12-27
Access Methods: SSH, Web

RS2212+ (Destination NAS)

Service: Primary NAS (destination)
IP: 172.16.1.59
Hostname: SL-SERVER
SSH User: sysadmin
Password: Gptf*77ttb123!@#-sl-server
SSH Key: claude-code@localadmin added to authorized_keys
Storage: 25TB total, 6.9TB used (28%)
Data Share: /volume1/Data (7.9TB - Active, Closed, Archived, Billing, MOTIONS BANK)
Notes: Migration and consolidation complete 2025-12-29
Access Methods: SSH (key + password), Web, SMB

RS2212+ User Accounts (Created 2025-12-29)

Username	Full Name	Password	Notes
chris	Chris Scileppi	Scileppi2025!	Owner
andrew	Andrew Ross	Scileppi2025!	Staff
sylvia	Sylvia	Scileppi2025!	Staff
rose	Rose	Scileppi2025!	Staff
(TBD)	5th user	-	Name pending

Migration/Consolidation Status - COMPLETE

Completed: 2025-12-29
Final Structure:
- Active: 2.5TB (merged Unraid + DS214se Open Cases)
- Closed: 4.9TB (merged Unraid + DS214se Closed Cases)
- Archived: 451GB
- MOTIONS BANK: 21MB
- Billing: 17MB
Recycle Bin: Emptied (recovered 413GB)
Permissions: Group "users" with 775 on /volume1/Data

Client - heieck.org

Microsoft 365 Migration

Microsoft 365 Tenant: heieckorg.onmicrosoft.com
Admin User: sysadmin@heieck.org
Mailboxes:
- sheila@heieck.org (0.66 GB, 10,490 items)
- jjh@heieck.org (2.39 GB, 31,463 items)
- Passwords: Gptf*77ttb## (Exchange)

Azure Storage (PST Import)

Storage Account: heieckimport
Resource Group: heieckimport_group
Location: East US
Container: pstimport
SAS Token: (expired 2026-01-22)
Uploaded Files: sheila.pst, jjh.pst (3.05 GB total)

DNS Configuration (IX Server)

heieck.org zone:

MX: 0 heieck-org.mail.protection.outlook.com
TXT (SPF): v=spf1 include:spf.protection.outlook.com -all
TXT (Verification): MS=ms31330906
CNAME (autodiscover): autodiscover.outlook.com

Client Sites - WHM/cPanel

IX Server (ix.azcomputerguru.com)

Service: cPanel/WHM hosting server
SSH Host: ix.azcomputerguru.com
Internal IP: 172.16.3.10 (VPN required)
SSH User: root
SSH Password: Gptf*77ttb!@#!@#
SSH Key: guru@wsl key added to authorized_keys
Role: cPanel/WHM server hosting client sites
Access Methods: SSH, cPanel/WHM web

data.grabbanddurando.com

Service: Client website (Grabb & Durando Law)
Server: IX (ix.azcomputerguru.com)
cPanel Account: grabblaw
Site Path: /home/grabblaw/public_html/data_grabbanddurando
Site Admin User: admin
Site Admin Password: GND-Paper123!@#-datasite
Database: grabblaw_gdapp_data
DB User: grabblaw_gddata
DB Password: GrabbData2025
Config File: /home/grabblaw/public_html/data_grabbanddurando/connection.php
Backups: /home/grabblaw/public_html/data_grabbanddurando/backups_mariadb_fix/
Access Methods: Web (admin), MySQL, SSH (via IX root)

MSP Tools

Syncro (PSA/RMM) - AZ Computer Guru

Service: PSA/RMM platform
API Key: T259810e5c9917386b-52c2aeea7cdb5ff41c6685a73cebbeb3
Subdomain: computerguru
API Base URL: https://computerguru.syncromsp.com/api/v1
API Docs: https://api-docs.syncromsp.com/
Account: AZ Computer Guru MSP
Added: 2025-12-18
Customers: 5,064 (29 duplicates found)
Access Methods: API

Autotask (PSA) - AZ Computer Guru

Service: PSA platform
API Username: dguyqap2nucge6r@azcomputerguru.com
API Password: z*6G4fT#oM~8@9Hxy$2Y7K$ma
API Integration Code: HYTYYZ6LA5HB5XK7IGNA7OAHQLH
Integration Name: ClaudeAPI
API Zone: webservices5.autotask.net
API Docs: https://autotask.net/help/developerhelp/Content/APIs/REST/REST_API_Home.htm
Account: AZ Computer Guru MSP
Added: 2025-12-18
Notes: New API user "Claude API"
Companies: 5,499 (19 exact duplicates, 30+ near-duplicates)
Access Methods: REST API

CIPP (CyberDrain Improved Partner Portal)

Service: M365 management portal
URL: https://cippcanvb.azurewebsites.net
Tenant ID: ce61461e-81a0-4c84-bb4a-7b354a9a356d
API Client Name: ClaudeCipp2 (working)
App ID (Client ID): 420cb849-542d-4374-9cb2-3d8ae0e1835b
Client Secret: MOn8Q~~otmxJPLvmL~~_aCVTV8Va4t4~SrYrukGbJT
Scope: api://420cb849-542d-4374-9cb2-3d8ae0e1835b/.default
CIPP-SAM App ID: 91b9102d-bafd-43f8-b17a-f99479149b07
IP Range: 0.0.0.0/0 (all IPs allowed)
Auth Method: OAuth 2.0 Client Credentials
Updated: 2025-12-23
Notes: Working API client
Access Methods: REST API (OAuth 2.0)

CIPP API Usage (Bash)

# Get token
ACCESS_TOKEN=$(curl -s -X POST "https://login.microsoftonline.com/ce61461e-81a0-4c84-bb4a-7b354a9a356d/oauth2/v2.0/token" \
  -d "client_id=420cb849-542d-4374-9cb2-3d8ae0e1835b" \
  -d "client_secret=MOn8Q~otmxJPLvmL~_aCVTV8Va4t4~SrYrukGbJT" \
  -d "scope=api://420cb849-542d-4374-9cb2-3d8ae0e1835b/.default" \
  -d "grant_type=client_credentials" | python3 -c "import sys, json; print(json.load(sys.stdin).get('access_token', ''))")

# Query endpoints (use tenant domain or tenant ID as TenantFilter)
curl -s "https://cippcanvb.azurewebsites.net/api/ListLicenses?TenantFilter=sonorangreenllc.com" \
  -H "Authorization: Bearer ${ACCESS_TOKEN}"

Old CIPP API Client (DO NOT USE)

App ID: d545a836-7118-44f6-8852-d9dd64fb7bb9
Status: Authenticated but all endpoints returned 403

Claude-MSP-Access (Multi-Tenant Graph API)

Service: Direct Graph API access for M365 investigations
Tenant ID: ce61461e-81a0-4c84-bb4a-7b354a9a356d
App ID (Client ID): fabb3421-8b34-484b-bc17-e46de9703418
Client Secret: ~~QJ8Q~~NyQSs4OcGqHZyPrA2CVnq9KBfKiimntbMO
Secret Expires: 2026-12 (24 months)
Sign-in Audience: Multi-tenant (any Entra ID org)
Purpose: Direct Graph API access for M365 investigations and remediation
Admin Consent URL: https://login.microsoftonline.com/common/adminconsent?client_id=fabb3421-8b34-484b-bc17-e46de9703418&redirect_uri=https://login.microsoftonline.com/common/oauth2/nativeclient
Permissions: User.ReadWrite.All, Directory.ReadWrite.All, Mail.ReadWrite, MailboxSettings.ReadWrite, AuditLog.Read.All, Application.ReadWrite.All, DelegatedPermissionGrant.ReadWrite.All, Group.ReadWrite.All, SecurityEvents.ReadWrite.All, AppRoleAssignment.ReadWrite.All, UserAuthenticationMethod.ReadWrite.All
Created: 2025-12-29
Access Methods: Graph API (OAuth 2.0)

Usage (Python)

import requests

tenant_id = "CUSTOMER_TENANT_ID"  # or use 'common' after consent
client_id = "fabb3421-8b34-484b-bc17-e46de9703418"
client_secret = "~QJ8Q~NyQSs4OcGqHZyPrA2CVnq9KBfKiimntbMO"

# Get token
token_resp = requests.post(
    f"https://login.microsoftonline.com/{tenant_id}/oauth2/v2.0/token",
    data={
        "client_id": client_id,
        "client_secret": client_secret,
        "scope": "https://graph.microsoft.com/.default",
        "grant_type": "client_credentials"
    }
)
access_token = token_resp.json()["access_token"]

# Query Graph API
headers = {"Authorization": f"Bearer {access_token}"}
users = requests.get("https://graph.microsoft.com/v1.0/users", headers=headers)

Tailscale Network

Tailscale IP	Hostname	Owner	OS	Notes
100.79.69.82	pfsense-1	mike@	freebsd	Gateway (alternate: 100.119.153.74 pfsense-2)
100.125.36.6	acg-m-l5090	mike@	windows	Workstation
100.92.230.111	acg-tech-01l	mike@	windows	Tech laptop
100.96.135.117	acg-tech-02l	mike@	windows	Tech laptop
100.113.45.7	acg-tech03l	howard@	windows	Tech laptop
100.77.166.22	desktop-hjfjtep	mike@	windows	Desktop
100.101.145.100	guru-legion9	mike@	windows	Laptop
100.119.194.51	guru-surface8	howard@	windows	Surface
100.66.103.110	magus-desktop	rob@	windows	Desktop
100.66.167.120	magus-pc	rob@	windows	Workstation

SSH Public Keys

guru@wsl (Windows/WSL)

User: guru
Sudo Password: Window123!@#-wsl
Key Type: ssh-ed25519
Public Key: AAAAC3NzaC1lZDI1NTE5AAAAIAWY+SdqMHJP5JOe3qpWENQZhXJA4tzI2d7ZVNAwA/1u guru@wsl
Usage: WSL SSH authentication
Authorized on: GuruRMM build server, IX server, Jupiter, Saturn

azcomputerguru@local (Mac)

User: azcomputerguru
Key Type: ssh-ed25519
Public Key: AAAAC3NzaC1lZDI1NTE5AAAAIDrGbr4EwvQ4P3ZtyZW3ZKkuDQOMbqyAQUul2+JE4K4S azcomputerguru@local
Usage: Mac SSH authentication
Authorized on: GuruRMM build server, IX server

claude-code@localadmin (Windows)

Key Type: ssh-ed25519
Public Key: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIABnQjolTxDtfqOwdDjamK1oyFPiQnaNT/tAgsIHH1Zo
Authorized On: pfSense

VPN Access

Peaceful Spirit VPN (L2TP/IPSec)

Server IP: 98.190.129.150
Tunnel Type: L2TP/IPSec
Pre-Shared Key (PSK): z5zkNBds2V9eIkdey09Zm6Khil3DAZs8
Username: pst-admin
Password: 24Hearts$
Connection Name: Peaceful Spirit VPN
Purpose: Remote access to Peaceful Spirit Country Club network
Authentication: MS-CHAPv2 with PSK
Split Tunneling: Enabled (only CC traffic uses VPN)
Setup Script: D:\ClaudeTools\Create-PeacefulSpiritVPN.ps1
Quick Setup: D:\ClaudeTools\VPN_QUICK_SETUP.md

Network Configuration (UniFi Router at CC):

Remote Network: 192.168.0.0/24
DNS Server: 192.168.0.2
Gateway: 192.168.0.10

Complete Setup (Run as Administrator):

# Step 1: Create VPN connection with split tunneling
Add-VpnConnection -Name "Peaceful Spirit VPN" -ServerAddress "98.190.129.150" -TunnelType L2tp -L2tpPsk "z5zkNBds2V9eIkdey09Zm6Khil3DAZs8" -AuthenticationMethod MsChapv2 -EncryptionLevel Required -AllUserConnection -RememberCredential -SplitTunneling $true

# Step 2: Add route for CC network (192.168.0.0/24)
Add-VpnConnectionRoute -ConnectionName "Peaceful Spirit VPN" -DestinationPrefix "192.168.0.0/24" -AllUserConnection

# Step 3: Configure DNS server
Set-DnsClientServerAddress -InterfaceAlias "Peaceful Spirit VPN" -ServerAddresses "192.168.0.2"

# Step 4: Save credentials for pre-login access
rasdial "Peaceful Spirit VPN" "pst-admin" "24Hearts$"
rasdial "Peaceful Spirit VPN" /disconnect

# Step 5: Enable pre-login VPN
Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" -Name "UseRasCredentials" -Value 1 -Type DWord

Quick Connect:

rasdial "Peaceful Spirit VPN"

Disconnect:

rasdial "Peaceful Spirit VPN" /disconnect

Connection Testing

Test Database Connection

mysql -h 172.16.3.30 -u claudetools -p claudetools
# Password: CT_e8fcd5a3952030a79ed6debae6c954ed

Test API Connectivity

curl http://172.16.3.30:8001/api/health

Test Gitea SSH

ssh -p 2222 git@172.16.3.20
# Should return: "Hi there! You've successfully authenticated..."

Test AD2 Access (from Dataforth network)

net use T: \\192.168.0.6\test /user:INTRANET\sysadmin Paper123!@#

Test NAS Access (from Dataforth network)

net use T: \\192.168.0.9\test

Security Notes

Never commit this file to public repositories
Credentials are stored unredacted for context recovery
ClaudeTools encrypts credentials in database with AES-256-GCM
JWT tokens expire after configured duration
SSH keys required for Gitea access (ed25519)
Dataforth network is isolated (192.168.0.0/24)
AD2 has SMB1 disabled for security (post crypto-attack)
All production credentials should be rotated regularly

Context Recovery Usage

When a new Claude session starts or context is lost:

Read this file first - Get all credentials and infrastructure details
Check session-logs/ - Find recent work and decisions
Read SESSION_STATE.md - Get project status and phase
Read .claude/claude.md - Get project overview

This ensures full context recovery without asking user for information already documented.

46 KiB Raw Blame History

Credentials & Authorization Reference

Infrastructure - SSH Access

GuruRMM Server (172.16.3.30)

Jupiter (Unraid Primary - 172.16.3.20)

IX Server (Hosting - 172.16.3.10)

WebSvr (Legacy Hosting - websvr.acghosting.com)

pfSense Firewall (172.16.0.1)

Saturn (172.16.3.21) - DECOMMISSIONED

OwnCloud VM (172.16.3.22)

External/Client Servers

GoDaddy VPS (208.109.235.224) - Grabb & Durando

Neptune Exchange Server (67.206.163.124)

Dataforth Infrastructure

AD2 (Production Server - 192.168.0.6)

AD1 (Primary Domain Controller - 192.168.0.27)

D2TESTNAS (SMB1 Proxy - 192.168.0.9)

Dataforth DOS Machines (TS-XX)

UDM (UniFi Dream Machine - 192.168.0.254)

AD2-NAS Sync System

Services - Web Applications

Gitea (Git Server)

NPM (Nginx Proxy Manager)

ClaudeTools API (Production)

Seafile Pro (File Sync)

Cloudflare

Projects - ClaudeTools

Database (MariaDB)

Encryption Keys

API Authentication

Projects - GuruRMM

Dashboard/API Login

Database (PostgreSQL)

API Server

Microsoft Entra ID (SSO)

CI/CD (Build Automation)

Build Server SSH Key (for Gitea)

Clients & Sites

Glaztech Industries (GLAZ)

AZ Computer Guru (Internal)

Projects - GuruConnect

Database (PostgreSQL on build server)

Projects - Dataforth DOS

Update Workflow

Key Files

Folder Structure

Client - MVAN Inc

Microsoft 365 Tenant 1

Client - BG Builders LLC

Microsoft 365 Tenant

Email Security (Configured 2025-12-19)

Security Investigation (2025-12-22) - RESOLVED

Cloudflare

Client - Sonoran Green LLC

Status

Company Information

Microsoft 365

DNS Configuration

Current Status

Needed Records (Not Yet Applied)

Client - CW Concrete LLC

Microsoft 365 Tenant

Security Investigation (2025-12-22) - RESOLVED

Client - Dataforth

Network

Microsoft 365

Tenant Information

Entra App Registration (Claude-Code-M365)

NPS RADIUS Configuration

OpenVPN Routes (Split Tunnel)

Client - Valley Wide Plastering (VWP)

Network

UDM (UniFi Dream Machine)

VWP-DC1 (Domain Controller)

NPS RADIUS Configuration

Client - Khalsa

Network

UCG (UniFi Cloud Gateway)

Switch

Accountant Machine

46 KiB

Raw Blame History