azcomputerguru/claudetools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a78fb96f95e664323fdca058f70e59bd0b44dc35
claudetools/clients/internal-infrastructure/session-logs/2026-03-16-ix-account-cleanup.md
Mike Swanson a78fb96f95 Session log: Cloudflare Tunnel for azcomputerguru + Cox BGP diagnosis 
Diagnosed azcomputerguru.com 521 errors: Cox's BGP route to specific
Cloudflare origin-pull prefixes (162.158.0.0/16, 172.64.0.0/13,
173.245.48.0/20, 141.101.64.0/18) is broken from 72.194.62.0/29.
Confirmed by TCP probe matrix from pfSense WAN, traceroute latency
comparison, and state-table showing 0 inbound CF connections while
direct-internet traffic still reached origin.

Deployed Cloudflare Tunnel 'acg-origin' on Jupiter Unraid as a
Docker container. Routes 4 proxied hostnames (azcomputerguru.com,
analytics., community., radio.) through the tunnel with HTTPS
backend to IX 172.16.3.10:443 with per-ingress SNI matching. All
4 hostnames return 200 OK through CF edge after the cutover.

Repo hygiene:
- Merged clients/ix-server/ into clients/internal-infrastructure/
  (IX is internal infra, not a paying-client account). Git detected
  the session-log files as renames so history is preserved. Updated
  4 stale path references in 2 files.
- Moved cox-bgp ticket draft out of projects/dataforth-dos/ (wrong
  project) to clients/internal-infrastructure/vendor-tickets/.
- Relocated tunnel-setup helper scripts from
  projects/dataforth-dos/datasheet-pipeline/implementation/ to
  clients/internal-infrastructure/scripts/cloudflared-tunnel-setup/.
  Deleted superseded/abandoned login attempts. Sanitized hardcoded
  Jupiter/pfSense SSH passwords to pull from SOPS vault at runtime;
  Cloudflare token reads from env var (tokens still in 1Password,
  vault entry is metadata-only).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-13 10:30:51 -07:00

86 lines
4.2 KiB
Markdown
Raw Blame History

# IX Server Account Cleanup - 2026-03-16
## Summary
Performed audit of all 82 cPanel accounts on IX (172.16.3.10). Identified 21 accounts whose DNS had migrated to other hosts. After verifying backups existed, removed accounts. User intervened to restore accounts with active non-HTTP services (mail, DNS). Final result: 14 accounts removed, 7 restored and kept.
## Backups Location
All accounts have backups in multiple locations:
- **Automated daily backups:** `/home/backup/2026-03-16/accounts/[user].tar.gz`
- **Automated weekly backups:** `/home/backup/weekly/` (4 weeks retention)
- **Automated monthly backups:** `/home/backup/monthly/` (1 month retention)
- **Manual pre-removal backups:** `/backup/migrated-accounts-2026-03-16/cpmove-[user].tar.gz` (created for: cascades, dpainc, glaztech, janneirvine, jefffurr, jparkinsonaz, rsi, ultraper)
**To restore any account:**
```bash
/scripts/restorepkg /home/backup/2026-03-16/accounts/[username].tar.gz
```
Note: Some accounts required `--force` flag due to stale userdata files.
## Accounts REMOVED (14 total)
| Account | Domain | Mail Routing | Reason Safe to Remove |
|---------|--------|-------------|----------------------|
| blush | blushpermanentmakeup.com | Local (no mailboxes) | No MX, no active mail |
| dpainc | dpa-inc.com | Remote (O365) | Mail on O365, domain expired |
| drkataz | drkataz.com | Remote (Google) | Mail on Google |
| fabry | justso.co | Local (no mailboxes) | No MX, no active mail |
| janneirvine | janneirvine.com | Unknown | No MX, no backup in automated system |
| jefffurr | jefffurrier.com | Local (1 mailbox: jeff) | No MX record - mail migrated |
| rsi | restorativesolutionsintl.org | Remote | No MX |
| rwc | royalweedcontrol.com | Remote | No MX |
| saguaroconveyor | saguaroconveyor.com | Remote (GoDaddy) | Mail on GoDaddy |
| sparcora | sparcoracing.com | Local (5 mailboxes: info, orders, paypal, tim, jeff) | No MX record - mail migrated |
| sundanzer | sundanzer.com | Remote (Google) | Mail on Google |
| tmm | tucsonmountainmotors.com | Local (no mailboxes) | No MX |
| tonystech | northwesttucsonpool.com | Local (no mailboxes) | No MX |
| tucsonsafety | tucsonsafety.com | Remote (emailservice.io) | External mail |
| ultraper | ultraperformance.com | Local (2 mailboxes: store, jeff) | MX points to GoDaddy - mail migrated |
## Accounts RESTORED and KEPT (7 total)
| Account | Domain(s) | Reason Kept |
|---------|-----------|-------------|
| acg | acghosting.com, gurushow.com, tucsoncomputer.repair, azcomputer.guru | Infrastructure account - 8+ mailboxes, NS1/NS2 infrastructure DNS zones |
| cascades | cascadestucson.com, resident.cascadestucson.com | Active LOCAL mail routing with populated mailboxes |
| glaztech | glaztech.com | DNS-only account - no web but DNS managed on IX |
| rarengineer | rarengineer.com | MX points to mail.rarengineer.com which may resolve to IX |
| rrspc | rrspc.com | Active LOCAL mail routing, MX points to mail.rrspc.com on IX |
| thegirlsestate | thegirlsestatesales.com | Mail service account (MX to emailservice.io but account needed) |
## ACG Infrastructure DNS Zones
The acg account contains critical infrastructure zones that must not be removed:
- `acghosting.com.db`
- `ns1.acghosting.com.db`
- `ns2.acghosting.com.db`
- `fsusa.acghosting.com.db`
- `websvr.acghosting.com.db`
## Other Work Done During This Session
### Error Log Rotation
- ~8.5GB of error logs truncated across all accounts
### Inactive Plugin Removal
- 60 inactive plugins removed (~430MB freed) across 19 accounts
### WordPress nav-menu.php Fix
Fixed `register_nav_menus('')` fatal error on 4 sites:
- cryoweave (was causing 500 error)
- phxpropane
- rednourlaw
- tonystech (proactive fix)
Fix: Removed `add_action('init', 'register_nav_menus');` from theme functions.php
### Remaining Issues (not addressed)
- 5 critically outdated WordPress sites (security risk)
- WP_DEBUG enabled on 2 production sites
- No page/object caching on 38+ sites
- WP_CRON not disabled on all 53 WP sites
- Post revision cleanup needed on 14 sites
- Spam comment cleanup needed on 5 sites
- Large disk usage accounts need investigation
## Lesson Learned
Always check for non-HTTP services (mail, DNS-only, forwarding) before removing cPanel accounts. DNS migration does not mean all services have migrated.
Reference in New Issue View Git Blame Copy Permalink