diff --git a/fleet/admin-cheat-sheet.md b/fleet/admin-cheat-sheet.md index 0a3efc6..89af9cf 100644 --- a/fleet/admin-cheat-sheet.md +++ b/fleet/admin-cheat-sheet.md @@ -70,12 +70,27 @@ Maintainer: F.R.I.D.A.Y. (Hermes Agent) | **Deploy mode** | Docker Swarm — `host` publish mode | | **Network** | `traefik-public` overlay | | **SSL** | Self-signed cert (`CN=PegaProx`, auto-generated) | -| **Default user** | `pegaprox` (password change required on first login) | +| **Default user** | `pegaprox` (password changed by user) | | **Cluster IDs** | MK33=`726eb477`, MK34=`df6f5e5d`, MK39=`9711704b` | -**Admin password must be changed on first login.** +### PegaProx Users + +| Username | Display Name | Role | Auth | Notes | +|----------|-------------|------|------|-------| +| `pegaprox` | PegaProx Admin | admin | local | Original default account; password changed | +| `artemis` | Artemis | admin | local | Fleet automation / Discord gateway | +| `friday` | F.R.I.D.A.Y. | admin | local | Hermes portable agent | + +### Connected Clusters + +| Cluster | ID | Host | Status | Nodes Online | +|---------|-----|------|--------|-------------| +| MK33 | `726eb477` | `192.168.7.33` | running | TBD | +| MK34 | `df6f5e5d` | `192.168.7.34` | running | TBD | +| MK39 | `9711704b` | `192.168.7.39` | running | TBD | + +### API Notes -**API notes:** - Add cluster: `host` field must be **bare IP only** (no `:8006` — PegaProx appends port internally) - CSRF protection requires `X-Requested-With: XMLHttpRequest` on state-changing API calls - Exempt paths: `/api/auth/login`, `/api/auth/setup`, `/api/health` @@ -84,12 +99,12 @@ Maintainer: F.R.I.D.A.Y. (Hermes Agent) ## iVentoy PXE Configuration -- Server: shield.ai.home -- 192.168.10.15/27 +- Server: shield.ai.home — 192.168.10.15/27 - WebUI: http://192.168.27.205:26000 - Subnet: 192.168.10.0/27 - Pool: 192.168.10.20 to 192.168.10.30 - MAC Filter: Permit mode -- Edition: **iVentoy Free** (Pro upgrade pending -- private repo link awaited) +- Edition: **iVentoy Free** (Pro upgrade pending — private repo link awaited) ### Registered ISOs @@ -116,9 +131,9 @@ Post-Install: Remove MAC from whitelist. Node boots local disk, gets production ### ISO Remastering Notes All Proxmox auto-install ISOs are **remastered** with: -1. **Embedded answer URL** -- each ISO points to `http://192.168.10.15:8080/pve/answers/mkNN.toml` (server URL hardcoded; node IP assigned by DHCP) -2. **UEFI gfxmode locked** -- strict `1024x768` (fallback `640x480` removed) -3. **Per-ISO answer files** -- `mk33.toml`, `mk34.toml`, `mk39.toml`, `mk42.toml` in `/opt/iventoy/user/answers/` +1. **Embedded answer URL** — each ISO points to `http://192.168.10.15:8080/pve/answers/mkNN.toml` (server URL hardcoded; node IP assigned by DHCP) +2. **UEFI gfxmode locked** — strict `1024x768` (fallback `640x480` removed) +3. **Per-ISO answer files** — `mk33.toml`, `mk34.toml`, `mk39.toml`, `mk42.toml` in `/opt/iventoy/user/answers/` > iVentoy Free does NOT support per-MAC ISO binding. Remastered ISOs achieve per-node provisioning via embedded answer URLs. @@ -126,7 +141,7 @@ All Proxmox auto-install ISOs are **remastered** with: ## DNS Records -### CNAME to traefik.ai.home -- A: 192.168.7.7 +### CNAME to traefik.ai.home — A: 192.168.7.7 - artemis.ai.home - hermes.ai.home @@ -170,8 +185,8 @@ All Proxmox auto-install ISOs are **remastered** with: +---> nebuchadnezzar via jarvis user Key Files: -- ~/.ssh/id_ed25519 -- bobby@cinnamint -- ~/.ssh/artemis_key -- MK7 jump-host +- ~/.ssh/id_ed25519 — bobby@cinnamint +- ~/.ssh/artemis_key — MK7 jump-host --- @@ -201,6 +216,6 @@ Key Files: - Mission Control is separate physical machine. - All *.ai.home resolve via Technitium DNS. - PegaProx deployed on MK7 Swarm in `host` mode (not routed through Traefik). -- iVentoy Pro upgrade pending -- private repo link awaited from vendor. +- iVentoy Pro upgrade pending — private repo link awaited from vendor. Last updated: 2026-05-31 by F.R.I.D.A.Y.