claudetools/wiki/clients/pavon.md

type, name, display_name, last_compiled, compiled_by, sources, backlinks

type	name	display_name	last_compiled	compiled_by	sources	backlinks
client	pavon	Pavon	2026-05-24	DESKTOP-0O8A1RL/claude-main	clients/pavon/session-logs/2026-04-12-session.md clients/pavon/session-logs/2026-04-29-session.md clients/pavon/PROJECT_STATE.md clients/pavon/infrastructure-analysis.md clients/pavon/final-setup-summary.md clients/pavon/owncloud-archive-scan-completion.md	wiki/systems/jupiter.md wiki/systems/uranus.md

Pavon

Profile

• Contract type: Former / archived client (break-fix / project). [WARNING: Confirm whether any active relationship remains — last recorded work 2026-04-29, but context implies this is archive-only infrastructure management, not an ongoing MSP contract.]
• Key contacts: [unverified — no contact name or email documented in session logs]
• Billing rate: [unverified — not recorded]
• Syncro customer ID: [unverified — not recorded]
• GuruRMM enrollment: None recorded

Business Overview

Pavon is a client with video surveillance infrastructure across at least two properties: "Raiders" and "Curves." They operate GeoVision NVR (network video recorder) systems at each site. ACG's relationship with Pavon appears to be infrastructure management of the video archive rather than a full MSP engagement. Work has consisted of archive lifecycle management and OwnCloud integration.

OwnCloud is the source of truth for all footage, not a backup. NVR units at the client sites use the OwnCloud Desktop sync client (virtual file placeholders) to upload footage and save local NVR disk. NVRs have no direct SMB access to ACG infrastructure — they reach OwnCloud only via WebDAV. Pavon users do not use OwnCloud directly; footage retrieval goes through the NVR interface.

Retention policy: 3 years. Footage older than 3 years may be deleted.

Infrastructure

Servers & Services

Host	IP	Role	OS	Notes
Pavon Unraid	172.16.1.33	Archive/backup server (client-side)	Unraid 6.x	121TB total, 37TB used as of 2026-04-12 after cleanup
OwnCloud VM	172.16.3.22	OwnCloud 10.x + MariaDB 10.5.29	Rocky Linux 9.6/9.7	Hosted on Jupiter (KVM guest); cloud.acghosting.com
Jupiter (Unraid Primary)	172.16.3.20	Hypervisor for OwnCloud VM; NFS host for OwnCloud data dir	Unraid (Slackware-based)	Primary ACG infrastructure server
Uranus (Unraid Secondary)	172.16.3.21	SMB share host for /Archive external storage	Unraid	Hosts Storage share (35TB camera archive)

Note on Uranus vs. Pavon Unraid: The 2026-04-12 session documented the archive as being on the Pavon Unraid server (172.16.1.33). The 2026-04-29 session shows the OwnCloud external storage mount (Storage 6, /Archive) pointing to Uranus (172.16.3.21) as the SMB host. [WARNING: Reconcile whether the 35TB archive was migrated from 172.16.1.33 to 172.16.3.21 between these sessions, or whether the April 12 session had a misidentified host. The April 29 session's reference to Uranus appears authoritative — it was discovered as already-configured state, not a change made during that session.]

Storage Layout

OwnCloud VM data directory: /owncloud (NFS-mounted from Jupiter: 172.16.3.20:/mnt/user/OwnCloud)

• Filesystem state (as of 2026-04-29): 932 GB total, 677 GB used, 248 GB free — 74% full [WARNING: approaching capacity]
• OwnCloud data root: /owncloud on VM
• Pavon user home files (storage numeric_id 78, home::pavon):
  • /owncloud/pavon/files/Curves/ — 188,920 files (Curves property NVR footage, 2025–2026)
  • /owncloud/pavon/files/Raiders/ — 48,978 files (Raiders property NVR footage, 2025–2026)
  • Total: ~237K files
• Version junk (to clean): 30 GB in /owncloud/pavon/files_versions/ (1,326 version files) — occ versions:cleanup pavon will reclaim immediately [deferred]
• External storage (Storage 6, /Archive): SMB Personal to Uranus (172.16.3.21), share Storage, SMB user owncloud. ~35TB camera archive (May–Oct 2023). filesystem_check_changes already set to 0.

Pavon Unraid server (172.16.1.33) — state as of 2026-04-12:

• Total: 121TB; Used: 37TB (31%); Free: 84TB (69%) — after 25TB cleanup
• Archive share path: /mnt/user/Storage/
• Camera folders: cam02, cam04, cam06, cam07, cam08, cam10, cam11, cam12, cam13, cam14, cam16

Camera Systems

Historical archive (May–Oct 2023, ~35TB on Uranus/Storage):

• Old Raiders configuration, cameras cam02–cam16, .avi (lowercase) extension

Current (2025–2026, in OwnCloud local storage):

• Raiders: Cam01–07 + Cam17–23 (in /Cameras and /Cameras2 subfolders), .Avi extension, 442GB
• Curves: Cam17–43 + Aud25 (in /Data-F), .Avi extension, 4.5TB

File age distribution for pavon (as of 2026-04-29):

• 2024: 1 file (oldest from 2024-12-21)
• 2025: 162,898 files
• 2026: 74,719 files
• Older than 365 days: 256 files

Email & Identity

• No M365 or email infrastructure documented for this client.

Network

• Pavon Unraid (172.16.1.33) is on a different subnet (172.16.1.x) from ACG infrastructure (172.16.3.x). Both on the same 172.16.0.0/16 LAN, all 1Gbps.
• NVR units at Curves and Raiders reach OwnCloud via WebDAV over the internet or LAN [unverified — network path not fully documented].

OwnCloud VM Details

• OS: Rocky Linux 9.6 (noted as 9.7 in one document — 9.6 per April 29 session which is more recent)
• OwnCloud path: /var/www/owncloud/
• occ command: sudo -u apache php /var/www/owncloud/occ ...
• Apache config: /etc/httpd/conf.d/owncloud.conf
• MariaDB: 10.5.29, local socket auth as root
• Web user: apache
• Cron: Apache crontab at /var/spool/cron/apache — hardened with flock -n /tmp/oc-cron.lock on 2026-04-29 to prevent stacking spiral
• OwnCloud users: 10 total (Martell, anaise, bst, jburger, mara, minrec, pavon, rohrbach, sysadmin, themarcgroup)
• URL: http://cloud.acghosting.com or http://172.16.3.22

Access

• Pavon Unraid SSH: ssh root@172.16.1.33
• Pavon Unraid WebGUI: http://172.16.1.33
• OwnCloud VM SSH: ssh root@172.16.3.22 (ed25519 key; host key fingerprint: SHA256:Yy4oFv5HudmKjNJ4IZgHcuSSmeBvUg+ZJta6iLasdqU)
• OwnCloud WebGUI: http://cloud.acghosting.com
• OwnCloud pavon user: pavon / Password44$ [WARNING: plaintext in session log — vault this]
• Jupiter Unraid WebGUI: http://172.16.3.20 (VM management via VMs → OwnCloud → VNC)
• Vault path (infrastructure):
  • infrastructure/jupiter-unraid-primary.sops.yaml — Jupiter root credentials
  • infrastructure/owncloud-vm.sops.yaml — OwnCloud VM root credentials

[WARNING] Credential drift: SOPS has r3tr0gradE99!! for OwnCloud VM root (confirmed working as of 2026-04-29). 1Password has stale value Paper123!@#-unifi! (does NOT work). Reconcile 1Password item h6usgzxxn26kvckxz5dhssxdai before next session.

Pavon Unraid root password: r3tr0gradE99! (from session log — vault status unverified).

Patterns & Known Issues

• OwnCloud cron stacking spiral: Without the flock -n wrapper, each 15-minute cron tick fires a new occ system:cron process regardless of whether the prior one finished. Combined with an inefficient MariaDB query against oc_filecache (full table scan of 257K rows in storage 78 due to missing (storage, name) index + collation mismatch + mid-string LIKE wildcard), this caused 75–126 stale cron processes and load average of 80 on 2026-04-29. Fix applied: /var/spool/cron/apache now uses flock -n /tmp/oc-cron.lock. Backup: /root/apache-crontab.backup-20260428-pre-flock. Do not remove the flock wrapper.
• Do not kill the OwnCloud VM: NVRs at Curves and Raiders depend on it being reachable to upload footage and to rehydrate virtual file placeholders. Taking the VM offline breaks active recording workflows.
• files_versions cannot be group-restricted in OwnCloud Community: app:enable --groups is rejected. Per-user versioning disable is not possible. Only workaround: occ versions:cleanup pavon to purge accumulated versions (30 GB waiting). A dangling group versioning_users was created during the failed attempt — harmless, can be deleted with occ group:delete versioning_users.
• OwnCloud file cache corruption: Can occur when multiple occ files:scan processes run concurrently (database lock contention). Fix: kill all scan processes, restart httpd and php-fpm, run a fresh scan. Files are physically intact; only the cache index is lost.
• GeoVision NVR has no age-based file routing: Cannot configure NVRs to move old files to a different folder. Migration to /Archive must be done from the OwnCloud VM or Uranus side.
• OwnCloud data dir at 74% capacity: /owncloud (NFS from Jupiter) was 677/932 GB used as of 2026-04-29. The 30 GB version cleanup and a migration cron for files older than 90 days (to /Archive on Uranus) were both deferred. This needs attention before capacity becomes critical.
• Nextcloud migration: OwnCloud Community is no longer actively developed. Migration to Nextcloud was discussed in April 2026 — fresh install preferred. No urgency as of last session, but worth planning in the 3–6 month window.

Active Work / Deferred Tasks

All items below were deferred per client request after the 2026-04-29 stabilization. System is stable (cron flock in place). None are emergencies.

#	Task	Notes
1	Clean 30 GB of pavon version files	occ versions:cleanup pavon + occ trashbin:cleanup pavon — instant reclaim
2	Set up daily versions cleanup cron	0 3 * * * → occ versions:cleanup pavon && occ trashbin:cleanup pavon
3	Build monthly migration cron (internal → /Archive)	Files older than 90 days; open question: OwnCloud API vs host-level CIFS move (CIFS may break file-ID invariant for SMB Personal backend)
4	Build 3-year retention pruning cron on /Archive	find /Archive -type f -mtime +1095 -delete then occ files:scan pavon/Archive
5	Reconcile 1Password OwnCloud VM password	SOPS is correct (r3tr0gradE99!!); update 1Password item h6usgzxxn26kvckxz5dhssxdai
6	Delete dangling versioning_users group	occ group:delete versioning_users — harmless if left
7	Vault pavon OwnCloud user password	Password44$ is plaintext in session log
8	Nextcloud migration planning	3–6 month horizon; fresh install, Rocky Linux 9.x, same SMB external storage config

History Highlights

• 2026-04-12 — Major archive cleanup: 184,124 files (25TB, Dec 2022–Mar 2023) deleted from Pavon Unraid (172.16.1.33). 84TB freed (69% capacity). Remaining 35TB (May–Oct 2023) mounted as external storage in OwnCloud via SMB. File cache corruption resolved during setup via full rescan (142,867 files re-indexed). All 11 camera folders in /Archive verified accessible.
• 2026-04-29 — OwnCloud VM cron stacking spiral diagnosed on Jupiter (load avg 80, 75–126 stale cron processes). Root cause: missing flock wrapper + inefficient MariaDB filecache query pattern for camera filenames. Killed stale processes, load dropped from 80 to 5. Wrapped apache crontab with flock -n. Architecture clarified: OwnCloud is source of truth; NVRs use WebDAV virtual file sync; Pavon never touches OwnCloud directly. Credential drift between SOPS and 1Password discovered. External storage /Archive confirmed pointing to Uranus (172.16.3.21). All follow-up work deferred per user request.

Backlinks

• wiki/systems/jupiter.md — OwnCloud VM hosted on Jupiter; OwnCloud data dir NFS from Jupiter
• wiki/systems/uranus.md — /Archive SMB share host