Iron-Legion/documentation
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs(fleet): add PegaProx users table to admin cheat sheet

Browse Source 
- Document 3 admin accounts: pegaprox, artemis, friday
- Add connected clusters table (ID, host, status)
- Clean up PegaProx section into Users/Clusters/API subsections
This commit is contained in:
F.R.I.D.A.Y.
2026-05-31 22:16:06 -04:00
parent 8df3127ff2
commit 794ed411e0
1 changed files with 27 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
fleet/admin-cheat-sheet.md
View File

@@ -70,12 +70,27 @@ Maintainer: F.R.I.D.A.Y. (Hermes Agent)
| **Deploy mode** | Docker Swarm — `host` publish mode | | **Deploy mode** | Docker Swarm — `host` publish mode |
| **Network** | `traefik-public` overlay | | **Network** | `traefik-public` overlay |
| **SSL** | Self-signed cert (`CN=PegaProx`, auto-generated) | | **SSL** | Self-signed cert (`CN=PegaProx`, auto-generated) |
| **Default user** | `pegaprox` (password change required on first login) | | **Default user** | `pegaprox` (password changed by user) |
| **Cluster IDs** | MK33=`726eb477`, MK34=`df6f5e5d`, MK39=`9711704b` | | **Cluster IDs** | MK33=`726eb477`, MK34=`df6f5e5d`, MK39=`9711704b` |
**Admin password must be changed on first login.** ### PegaProx Users
| Username | Display Name | Role | Auth | Notes |
|----------|-------------|------|------|-------|
| `pegaprox` | PegaProx Admin | admin | local | Original default account; password changed |
| `artemis` | Artemis | admin | local | Fleet automation / Discord gateway |
| `friday` | F.R.I.D.A.Y. | admin | local | Hermes portable agent |
### Connected Clusters
| Cluster | ID | Host | Status | Nodes Online |
|---------|-----|------|--------|-------------|
| MK33 | `726eb477` | `192.168.7.33` | running | TBD |
| MK34 | `df6f5e5d` | `192.168.7.34` | running | TBD |
| MK39 | `9711704b` | `192.168.7.39` | running | TBD |
### API Notes
**API notes:**
- Add cluster: `host` field must be **bare IP only** (no `:8006` — PegaProx appends port internally) - Add cluster: `host` field must be **bare IP only** (no `:8006` — PegaProx appends port internally)
- CSRF protection requires `X-Requested-With: XMLHttpRequest` on state-changing API calls - CSRF protection requires `X-Requested-With: XMLHttpRequest` on state-changing API calls
- Exempt paths: `/api/auth/login`, `/api/auth/setup`, `/api/health` - Exempt paths: `/api/auth/login`, `/api/auth/setup`, `/api/health`
@@ -84,12 +99,12 @@ Maintainer: F.R.I.D.A.Y. (Hermes Agent)
## iVentoy PXE Configuration ## iVentoy PXE Configuration
- Server: shield.ai.home -- 192.168.10.15/27 - Server: shield.ai.home 192.168.10.15/27
- WebUI: http://192.168.27.205:26000 - WebUI: http://192.168.27.205:26000
- Subnet: 192.168.10.0/27 - Subnet: 192.168.10.0/27
- Pool: 192.168.10.20 to 192.168.10.30 - Pool: 192.168.10.20 to 192.168.10.30
- MAC Filter: Permit mode - MAC Filter: Permit mode
- Edition: **iVentoy Free** (Pro upgrade pending -- private repo link awaited) - Edition: **iVentoy Free** (Pro upgrade pending private repo link awaited)
### Registered ISOs ### Registered ISOs
@@ -116,9 +131,9 @@ Post-Install: Remove MAC from whitelist. Node boots local disk, gets production
### ISO Remastering Notes ### ISO Remastering Notes
All Proxmox auto-install ISOs are **remastered** with: All Proxmox auto-install ISOs are **remastered** with:
1. **Embedded answer URL** -- each ISO points to `http://192.168.10.15:8080/pve/answers/mkNN.toml` (server URL hardcoded; node IP assigned by DHCP) 1. **Embedded answer URL** each ISO points to `http://192.168.10.15:8080/pve/answers/mkNN.toml` (server URL hardcoded; node IP assigned by DHCP)
2. **UEFI gfxmode locked** -- strict `1024x768` (fallback `640x480` removed) 2. **UEFI gfxmode locked** strict `1024x768` (fallback `640x480` removed)
3. **Per-ISO answer files** -- `mk33.toml`, `mk34.toml`, `mk39.toml`, `mk42.toml` in `/opt/iventoy/user/answers/` 3. **Per-ISO answer files** `mk33.toml`, `mk34.toml`, `mk39.toml`, `mk42.toml` in `/opt/iventoy/user/answers/`
> iVentoy Free does NOT support per-MAC ISO binding. Remastered ISOs achieve per-node provisioning via embedded answer URLs. > iVentoy Free does NOT support per-MAC ISO binding. Remastered ISOs achieve per-node provisioning via embedded answer URLs.
@@ -126,7 +141,7 @@ All Proxmox auto-install ISOs are **remastered** with:
## DNS Records ## DNS Records
### CNAME to traefik.ai.home -- A: 192.168.7.7 ### CNAME to traefik.ai.home A: 192.168.7.7
- artemis.ai.home - artemis.ai.home
- hermes.ai.home - hermes.ai.home
@@ -170,8 +185,8 @@ All Proxmox auto-install ISOs are **remastered** with:
+---> nebuchadnezzar via jarvis user +---> nebuchadnezzar via jarvis user
Key Files: Key Files:
- ~/.ssh/id_ed25519 -- bobby@cinnamint - ~/.ssh/id_ed25519 bobby@cinnamint
- ~/.ssh/artemis_key -- MK7 jump-host - ~/.ssh/artemis_key MK7 jump-host
--- ---
@@ -201,6 +216,6 @@ Key Files:
- Mission Control is separate physical machine. - Mission Control is separate physical machine.
- All *.ai.home resolve via Technitium DNS. - All *.ai.home resolve via Technitium DNS.
- PegaProx deployed on MK7 Swarm in `host` mode (not routed through Traefik). - PegaProx deployed on MK7 Swarm in `host` mode (not routed through Traefik).
- iVentoy Pro upgrade pending -- private repo link awaited from vendor. - iVentoy Pro upgrade pending private repo link awaited from vendor.
Last updated: 2026-05-31 by F.R.I.D.A.Y. Last updated: 2026-05-31 by F.R.I.D.A.Y.